rrr-marble
4 years ago
commit
4faa39f3a9
@ -0,0 +1,12 @@
|
||||
[Unit]
|
||||
Description=DoH DNS server inside %I netns
|
||||
BindsTo=systemd-netns@%i.service propnetnsup@%i.service
|
||||
After=systemd-netns@%i.service propnetnsup@%i.service
|
||||
JoinsNamespaceOf=systemd-netns@%i.service
|
||||
|
||||
[Service]
|
||||
Type=exec
|
||||
ExecStart=/usr/bin/ip netns exec %I doh-client -conf /etc/dns-over-https/doh-client.conf -verbose
|
||||
|
||||
PrivateNetwork=true
|
||||
PrivateTmp=true
|
||||
@ -0,0 +1,18 @@
|
||||
[Unit]
|
||||
Description=Prop %I netns up with addresses and such
|
||||
BindsTo=systemd-netns@%i.service
|
||||
Requires=systemd-netns@%i.service sys-subsystem-net-devices-ens0.device
|
||||
After=systemd-netns@%i.service sys-subsystem-net-devices-ens0.device
|
||||
|
||||
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=true
|
||||
ExecStart=/usr/bin/ip link set dev ens0 netns %I
|
||||
ExecStart=/usr/bin/ip netns exec %I ip address add 10.0.0.11 dev ens0
|
||||
ExecStart=/usr/bin/ip netns exec %I ip link set dev ens0 up
|
||||
ExecStart=/usr/bin/ip netns exec %I ip -6 route add default dev ens0
|
||||
ExecStart=/usr/bin/ip netns exec %I ip route add default dev ens0
|
||||
|
||||
PrivateTmp = true
|
||||
@ -0,0 +1,14 @@
|
||||
[Unit]
|
||||
Description=Turn shadowsocks proxy into network namespace
|
||||
BindsTo=systemd-netns@shadowed.service
|
||||
After=systemd-netns@shadowed.service
|
||||
Wants=dns4netns@shadowed.service propnetnsup@shadowed.service
|
||||
Before=dns4netns@shadowed.service propnetnsup@shadowed.service
|
||||
PropagatesStopTo=systemd-netns@shadowed.service dns4netns@shadowed.service propnetnsup@shadowed.service
|
||||
PropagatesReloadTo=dns4netns@shadowed.service propnetnsup@shadowed.service
|
||||
|
||||
|
||||
[Service]
|
||||
Type=exec
|
||||
ExecStart=/usr/bin/ssservice local --log-without-time --protocol tun --tun-interface-name ens0 --config /etc/shadowsocks/config.json
|
||||
PrivateTmp = true
|
||||
@ -0,0 +1,19 @@
|
||||
[Unit]
|
||||
Description=Named network namespace %i
|
||||
JoinsNamespaceOf=systemd-netns@%i.service
|
||||
After=syslog.target network.target tor.service
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=true
|
||||
PrivateNetwork=true
|
||||
|
||||
# Start process
|
||||
ExecStartPre=-/usr/bin/ip netns delete %I
|
||||
ExecStart=/usr/bin/ip netns add %I
|
||||
ExecStart=/usr/bin/ip netns exec %I ip link set lo up
|
||||
ExecStart=/usr/bin/umount /run/netns/%I
|
||||
ExecStart=/usr/bin/mount --bind /proc/self/ns/net /run/netns/%I
|
||||
|
||||
# Stop process
|
||||
ExecStop=/usr/bin/ip netns delete %I
|
||||
@ -0,0 +1,16 @@
|
||||
[Unit]
|
||||
Description=Turn tor socks proxy into network namespace
|
||||
#Description=SOCKSPort unix:/run/tor/socks WorldWritable is requred
|
||||
AssertPathExists=/run/tor/socks
|
||||
BindsTo=tor.service systemd-netns@tored.service
|
||||
After=tor.service systemd-netns@tored.service
|
||||
Wants=dns4netns@tored.service propnetnsup@tored.service
|
||||
Before=dns4netns@tored.service propnetnsup@tored.service
|
||||
PropagatesStopTo=systemd-netns@tored.service
|
||||
PropagatesReloadTo=dns4netns@tored.service
|
||||
|
||||
|
||||
[Service]
|
||||
Type=exec
|
||||
ExecStart=/usr/bin/tun2socks --device ens0 --proxy /run/tor/socks
|
||||
PrivateTmp = true
|
||||
Loading…
Reference in new issue