Software
www.skarnet.org

s6-networking

What is it ?

s6-networking is a suite of small networking utilities for Unix systems. It includes command-line client and server management, TCP access control, privilege escalation across UNIX domain sockets, IDENT protocol management and clock synchronization. Optionally, it also includes command-line TLS/SSL tools for secure communications.

If the underlying skalibs has been compiled with IPv6 support, s6-networking is IPv6-ready.

The s6- prefix is slightly misleading, and probably a naming mistake. This package is not, stricto sensu, a part of the s6 ecosystem, and it is nowhere near a requirement for a s6-based installation. However, it provides useful networking utilities often used with s6, so keeping the prefix makes some kind of sense; you can see s6-networking, as well as its dependency s6-dns, as extensions to the s6 ecosystem.

Installation

Requirements

• A POSIX-compliant system with a standard C development environment
• GNU make, version 3.81 or later
• skalibs version 2.14.5.0 or later. It's a build-time requirement. It's also a run-time requirement if you link against the shared version of the skalibs library.
• (Optional, but recommended) execline version 2.9.7.1 or later. It's a build-time and run-time requirement.
• s6 version 2.13.2.1 or later. It's a build-time and run-time requirement.
• s6-dns version 2.4.1.1 or later. It's a build-time requirement. It's also a run-time requirement if you link against the shared version of the s6-dns libraries.
• If you want to build the secure communication tools:
  • Either BearSSL version 0.6 or later.
  • Or LibreSSL version 4.1.0 or later.
  • Or OpenSSL version 3.5.0 or later and LibreTLS version 3.8.1 or later.
  The chosen library is a build-time requirement, and also a run-time requirement if you link against its shared version.

Licensing

s6-networking is free software. It is available under the ISC license.

Download

• The current released version of s6-networking is 2.7.2.0. You can access its checksum here.
• Alternatively, you can checkout a copy of the s6-networking git repository:

   git clone git://git.skarnet.org/s6-networking 

• There's also a GitHub mirror of the s6-networking git repository.

Compilation

• See the enclosed INSTALL file for installation details.

Upgrade notes

• This page lists the differences to be aware of between the previous versions of s6-networking and the current one.

Reference

Commands

All these commands exit 111 if they encounter a temporary error or hardware error, and 100 if they encounter a permanent error - such as a misuse. Short-lived commands exit 0 on success. Other exit codes are documented in the relevant page.

System clock synchronization

• The s6-clockadd program
• The s6-clockview program
• The s6-sntpclock program
• The s6-taiclock program
• The s6-taiclockd program

UCSPI TCP implementation

• The s6-tcpclient program
• The s6-tcpserver program
• The s6-tcpserver-socketbinder program
• The s6-tcpserverd program

UCSPI tools for secure communication (TLS protocol) over TCP

• An overview of the TLS-related programs
• The s6-tlsclient program
• The s6-tlsserver program
• The s6-tlsc program
• The s6-tlsd program
• The s6-ucspitlsc program
• The s6-ucspitlsd program
• The s6-tlsc-io program
• The s6-tlsd-io program

TCP access control

• The s6-tcpserver-access program

PROXY protocol implementation

• The proxy-server program

IDENT protocol implementation

• The s6-ident-client program

Miscellaneous utilities

• The s6-getservbyname program

Libraries

• The stls library
• The sbearssl library
• The s6net library, containing:
  • The ident library interface

s6-networking manual pages

• flexibeast is providing the s6-networking documentation as a set of man pages.

s6-networking discussion

• s6-networking is discussed on the skaware mailing-list.

Similar work

• ucspi-tcp is the original inspiration for s6-networking. It works, but is unfortunately unmaintained by the author. s6-networking follows the same design principles.
• ipsvd is a similar program suite.