w2
/
systemd-netns
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

initial commit

Browse Source
main
rrr-marble 4 years ago
commit 4faa39f3a9
5 changed files with 79 additions and 0 deletions
Show Stats Download Patch File Download Diff File

12
dns4netns@.service
Unescape View File

@ -0,0 +1,12 @@
[Unit]
Description=DoH DNS server inside %I netns
BindsTo=systemd-netns@%i.service propnetnsup@%i.service
After=systemd-netns@%i.service propnetnsup@%i.service
JoinsNamespaceOf=systemd-netns@%i.service
[Service]
Type=exec
ExecStart=/usr/bin/ip netns exec %I doh-client -conf /etc/dns-over-https/doh-client.conf -verbose
PrivateNetwork=true
PrivateTmp=true

18
propnetnsup@.service
Unescape View File

@ -0,0 +1,18 @@
[Unit]
Description=Prop %I netns up with addresses and such
BindsTo=systemd-netns@%i.service
Requires=systemd-netns@%i.service sys-subsystem-net-devices-ens0.device
After=systemd-netns@%i.service sys-subsystem-net-devices-ens0.device
[Service]
Type=oneshot
RemainAfterExit=true
ExecStart=/usr/bin/ip link set dev ens0 netns %I
ExecStart=/usr/bin/ip netns exec %I ip address add 10.0.0.11 dev ens0
ExecStart=/usr/bin/ip netns exec %I ip link set dev ens0 up
ExecStart=/usr/bin/ip netns exec %I ip -6 route add default dev ens0
ExecStart=/usr/bin/ip netns exec %I ip route add default dev ens0
PrivateTmp = true

14
ss2netns.service
Unescape View File

@ -0,0 +1,14 @@
[Unit]
Description=Turn shadowsocks proxy into network namespace
BindsTo=systemd-netns@shadowed.service
After=systemd-netns@shadowed.service
Wants=dns4netns@shadowed.service propnetnsup@shadowed.service
Before=dns4netns@shadowed.service propnetnsup@shadowed.service
PropagatesStopTo=systemd-netns@shadowed.service dns4netns@shadowed.service propnetnsup@shadowed.service
PropagatesReloadTo=dns4netns@shadowed.service propnetnsup@shadowed.service
[Service]
Type=exec
ExecStart=/usr/bin/ssservice local --log-without-time --protocol tun --tun-interface-name ens0 --config /etc/shadowsocks/config.json
PrivateTmp = true

19
systemd-netns@.service
Unescape View File

@ -0,0 +1,19 @@
[Unit]
Description=Named network namespace %i
JoinsNamespaceOf=systemd-netns@%i.service
After=syslog.target network.target tor.service
[Service]
Type=oneshot
RemainAfterExit=true
PrivateNetwork=true
# Start process
ExecStartPre=-/usr/bin/ip netns delete %I
ExecStart=/usr/bin/ip netns add %I
ExecStart=/usr/bin/ip netns exec %I ip link set lo up
ExecStart=/usr/bin/umount /run/netns/%I
ExecStart=/usr/bin/mount --bind /proc/self/ns/net /run/netns/%I
# Stop process
ExecStop=/usr/bin/ip netns delete %I

16
tor2netns.service
Unescape View File

@ -0,0 +1,16 @@
[Unit]
Description=Turn tor socks proxy into network namespace
#Description=SOCKSPort unix:/run/tor/socks WorldWritable is requred
AssertPathExists=/run/tor/socks
BindsTo=tor.service systemd-netns@tored.service
After=tor.service systemd-netns@tored.service
Wants=dns4netns@tored.service propnetnsup@tored.service
Before=dns4netns@tored.service propnetnsup@tored.service
PropagatesStopTo=systemd-netns@tored.service
PropagatesReloadTo=dns4netns@tored.service
[Service]
Type=exec
ExecStart=/usr/bin/tun2socks --device ens0 --proxy /run/tor/socks
PrivateTmp = true
Write Preview
Loading…
Cancel
Save