robin/netnsd
1
0
Fork 0
mirror of https://codeberg.org/icewind/netnsd.git synced 2026-06-03 09:04:07 +02:00
Code Issues Projects Releases Packages Wiki Activity
A declarative manager for Linux network namespaces.
17 commits 1 branch 1 tag 455 KiB
  • Rust 93.3%
  • Nix 6.7%
Find a file
Robin Appelman 53f5f45865 add systemd service example
2025-11-01 17:26:53 +01:00
.forgejo/workflows basic netns management 2025-10-30 18:16:28 +01:00
nix fix nix package 2025-11-01 16:54:11 +01:00
src up and down commands 2025-11-01 16:50:25 +01:00
.envrc basic netns management 2025-10-30 18:16:28 +01:00
.gitignore basic netns management 2025-10-30 18:16:28 +01:00
Cargo.lock track which namespaces we control 2025-11-01 16:42:34 +01:00
Cargo.toml track which namespaces we control 2025-11-01 16:42:34 +01:00
config.sample.toml document config 2025-11-01 17:21:33 +01:00
flake.lock don't remove namespaces on daemon exit 2025-11-01 15:58:33 +01:00
flake.nix up and down commands 2025-11-01 16:50:25 +01:00
netnsd.service add systemd service example 2025-11-01 17:26:53 +01:00
README.md add systemd service example 2025-11-01 17:26:53 +01:00

README.md

netnsd

A declarative manager for Linux network namespaces.

Features

  • Fully declarative configuration
  • Hot reloading of configuration
  • Port forwarding into the namespace

Usage

Daemon

netnsd daemon [--config <config.toml>]

Start the netnsd daemon, applying the configured namespace configuration and running any proxies.

See the systemd service example for an example of how to run the daemon with systemd.

You can tell the daemon to reload the configuration with pkill -sighup netnsd.

Note that, to minimize interruption of anything using the namespaces, stopping the daemon will not remove the created namespaces.

Up

netnsd up [--config <config.toml>]

Applying the configured namespace and exit.

Down

netnsd down

Remove all namespaces created by netnsd and exit.

Configuration

By default netnsd will look for it's configuration in /etc/netnsd/netnsd. You can specify a different configuration path with the --config option.

# You can define any number of namespaces to create
[[namespace]]
# name of the namespace to create
name = "test"

# You can define any number of port forwards to setup into the namespace
[[namespace.forward]]
# port, address or socket outside the namespace to listen on
# when only a port is specified it will listen on 0.0.0.0
source = 8091
# port or address inside the namespace to forward to
# when only a port is specified it will forward to 127.0.0.1
target = 80

[[namespace.forward]]
# listening on a unix socket instead of a tcp port
source = "/run/test/https"
# forward to a specific address instead of 127.0.0.1
target = "127.0.0.2:443"

# Another namespace
[[namespace]]
name = "test2"

[[namespace.forward]]
# listening on a specific address instead of 0.0.0.0
source = "127.0.0.1:9091"
target = 80