You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
42 lines
983 B
42 lines
983 B
[Unit]
|
|
Description=Replies with peer's IP on port 7878
|
|
After=network.target
|
|
|
|
[Service]
|
|
# Change it to OFF|ERROR|WARN|INFO|DEBUG|TRACE
|
|
Environment="RUST_LOG=INFO"
|
|
|
|
ExecStart=/usr/local/bin/myip
|
|
Environment="RUST_LOG_STYLE=SYSTEMD"
|
|
|
|
ProtectProc=invisible
|
|
DynamicUser=true
|
|
NoNewPrivileges=true
|
|
MemoryDenyWriteExecute=true
|
|
LockPersonality=true
|
|
RestrictRealtime=true
|
|
RestrictSUIDSGID=true
|
|
RemoveIPC=true
|
|
SystemCallFilter=@network-io @basic-io @signal @file-system @process @io-event
|
|
SystemCallFilter=mprotect brk uname sched_getaffinity getrandom ioctl
|
|
SystemCallFilter=~@mount
|
|
ProtectSystem=strict
|
|
ProtectHome=true
|
|
RuntimeDirectory=myip
|
|
PrivateTmp=true
|
|
PrivateDevices=true
|
|
PrivateUsers=true
|
|
ProtectHostname=true
|
|
ProtectClock=true
|
|
ProtectKernelTunables=true
|
|
ProtectKernelModules=true
|
|
ProtectKernelLogs=true
|
|
ProtectControlGroups=true
|
|
SystemCallArchitectures=native
|
|
RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
|
|
|
|
CapabilityBoundingSet=
|
|
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target |