robin/netnsd
1
0
Fork 0
mirror of https://codeberg.org/icewind/netnsd.git synced 2026-06-03 09:04:07 +02:00
Code Issues Projects Releases Packages Wiki Activity
A declarative manager for Linux network namespaces.
35 commits 1 branch 1 tag 455 KiB
  • Rust 93.3%
  • Nix 6.7%
Find a file
Robin Appelman 41258f44bd add reverse option to module
2026-02-14 22:25:52 +01:00
.forgejo/workflows basic netns management 2025-10-30 18:16:28 +01:00
nix add reverse option to module 2026-02-14 22:25:52 +01:00
src cleanup 2026-02-14 22:07:24 +01:00
.envrc basic netns management 2025-10-30 18:16:28 +01:00
.gitignore basic netns management 2025-10-30 18:16:28 +01:00
Cargo.lock add support for moving devices into the namespace 2026-02-14 16:06:49 +01:00
Cargo.toml add support for moving devices into the namespace 2026-02-14 16:06:49 +01:00
config.sample.toml add support for moving devices into the namespace 2026-02-14 16:06:49 +01:00
flake.lock flake update 2025-12-03 02:10:18 +01:00
flake.nix flake update 2025-12-03 02:10:18 +01:00
netnsd.service add systemd service example 2025-11-01 17:26:53 +01:00
README.md add support for moving devices into the namespace 2026-02-14 16:06:49 +01:00

README.md

netnsd

A declarative manager for Linux network namespaces.

Features

  • Fully declarative configuration
  • Hot reloading of configuration
  • Port forwarding into or out of the namespace
  • Moving network devices to the namespace

Usage

Daemon

netnsd daemon [--config <config.toml>]

Start the netnsd daemon, applying the configured namespace configuration and running any proxies.

See the systemd service example for an example of how to run the daemon with systemd.

You can tell the daemon to reload the configuration with pkill -sighup netnsd.

Note that, to minimize interruption of anything using the namespaces, stopping the daemon will not remove the created namespaces.

Up

netnsd up [--config <config.toml>]

Applying the configured namespace and exit.

Down

netnsd down

Remove all namespaces created by netnsd and exit.

Configuration

By default netnsd will look for it's configuration in /etc/netnsd/netnsd. You can specify a different configuration path with the --config option.

# You can define any number of namespaces to create
[[namespace]]
# name of the namespace to create
name = "test"
# move existing devices into the namespace
devices = ["somelink"]

# You can define any number of port forwards to setup into the namespace
[[namespace.forward]]
# port, address or socket outside the namespace to listen on
# when only a port is specified it will listen on 0.0.0.0
source = 8091
# port or address inside the namespace to forward to
# when only a port is specified it will forward to 127.0.0.1
target = 80

[[namespace.forward]]
# listening on a unix socket instead of a tcp port
source = "/run/test/https"
# forward to a specific address instead of 127.0.0.1
target = "127.0.0.2:443"

# Another namespace
[[namespace]]
name = "test2"

[[namespace.forward]]
# listening on a specific address instead of 0.0.0.0
source = "127.0.0.1:9091"
target = 80

[[namespace.forward]]
# forward from inside the namespace to outside instead
reverse = true
source = 80
target = 80