[Unit]
Description=Replies with peer's IP on port 7878
After=network.target

[Service]
# Change it to OFF|ERROR|WARN|INFO|DEBUG|TRACE
Environment="RUST_LOG=INFO" 

ExecStart=/usr/local/bin/myip
Environment="RUST_LOG_STYLE=SYSTEMD"

ProtectProc=invisible
DynamicUser=true
NoNewPrivileges=true
MemoryDenyWriteExecute=true
LockPersonality=true
RestrictRealtime=true
RestrictSUIDSGID=true
RemoveIPC=true
SystemCallFilter=@network-io @basic-io @signal @file-system @process @io-event mprotect brk uname sched_getaffinity
SystemCallFilter=~@mount
ProtectSystem=strict
ProtectHome=true
RuntimeDirectory=myip
PrivateTmp=true
PrivateDevices=true
PrivateUsers=true
ProtectHostname=true
ProtectClock=true
ProtectKernelTunables=true
ProtectKernelModules=true
ProtectKernelLogs=true
ProtectControlGroups=true
SystemCallArchitectures=native
RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6

CapabilityBoundingSet=


[Install]
WantedBy=multi-user.target