robin/netnsd
1
0
Fork 0
mirror of https://codeberg.org/icewind/netnsd.git synced 2026-06-03 09:04:07 +02:00
Code Issues Projects Releases Packages Wiki Activity
A declarative manager for Linux network namespaces.
30 commits 1 branch 1 tag 455 KiB
  • Rust 93.3%
  • Nix 6.7%
Find a file
Robin Appelman 6ecb4b384d cargo update
2026-02-13 23:25:16 +01:00
.forgejo/workflows basic netns management 2025-10-30 18:16:28 +01:00
nix nix module: add package to environment 2025-11-14 19:31:31 +01:00
src make managing namespaces more resilient against inconsitent states 2026-02-13 23:23:45 +01:00
.envrc basic netns management 2025-10-30 18:16:28 +01:00
.gitignore basic netns management 2025-10-30 18:16:28 +01:00
Cargo.lock cargo update 2026-02-13 23:25:16 +01:00
Cargo.toml cargo update 2026-02-13 23:25:16 +01:00
config.sample.toml support reverse forwarding 2025-11-10 22:19:40 +01:00
flake.lock flake update 2025-12-03 02:10:18 +01:00
flake.nix flake update 2025-12-03 02:10:18 +01:00
netnsd.service add systemd service example 2025-11-01 17:26:53 +01:00
README.md support reverse forwarding 2025-11-10 22:19:40 +01:00

README.md

netnsd

A declarative manager for Linux network namespaces.

Features

  • Fully declarative configuration
  • Hot reloading of configuration
  • Port forwarding into the namespace

Usage

Daemon

netnsd daemon [--config <config.toml>]

Start the netnsd daemon, applying the configured namespace configuration and running any proxies.

See the systemd service example for an example of how to run the daemon with systemd.

You can tell the daemon to reload the configuration with pkill -sighup netnsd.

Note that, to minimize interruption of anything using the namespaces, stopping the daemon will not remove the created namespaces.

Up

netnsd up [--config <config.toml>]

Applying the configured namespace and exit.

Down

netnsd down

Remove all namespaces created by netnsd and exit.

Configuration

By default netnsd will look for it's configuration in /etc/netnsd/netnsd. You can specify a different configuration path with the --config option.

# You can define any number of namespaces to create
[[namespace]]
# name of the namespace to create
name = "test"

# You can define any number of port forwards to setup into the namespace
[[namespace.forward]]
# port, address or socket outside the namespace to listen on
# when only a port is specified it will listen on 0.0.0.0
source = 8091
# port or address inside the namespace to forward to
# when only a port is specified it will forward to 127.0.0.1
target = 80

[[namespace.forward]]
# listening on a unix socket instead of a tcp port
source = "/run/test/https"
# forward to a specific address instead of 127.0.0.1
target = "127.0.0.2:443"

# Another namespace
[[namespace]]
name = "test2"

[[namespace.forward]]
# listening on a specific address instead of 0.0.0.0
source = "127.0.0.1:9091"
target = 80

[[namespace.forward]]
# forward from inside the namespace to outside instead
reverse = true
source = 80
target = 80