github/wangyu-udp2raw
1
0
Fork 0
mirror of https://github.com/wangyu-/udp2raw.git synced 2025-04-24 12:59:34 +08:00
Code Issues Packages Projects Releases Wiki Activity

systemd_example: add server example

Browse Source
This commit is contained in:
Peter Cai 2017-08-19 18:27:37 +08:00 committed by GitHub
parent 19fdaca612
commit 9fee746763
1 changed files with 25 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
doc/systemd_example.md
View File

@ -1,4 +1,6 @@
# systemd service file # systemd service file
### Client
``` ```
[Unit] [Unit]
Description=UDP2RAW service Description=UDP2RAW service
@ -20,7 +22,29 @@ StartLimitBurst=10
WantedBy=multi-user.target WantedBy=multi-user.target
``` ```
Please replace `SERVER_IP`, `SERVER_PORT` and `LOCAL_PORT` with your own parameters and replace the pathes to `iptables` and `udp2raw` according to your own system configuration. ### Server
```
[Unit]
Description=UDP2RAW service
After=network-online.service
[Service]
User=nobody
Type=simple
PermissionsStartOnly=true
CapabilityBoundingSet=CAP_NET_RAW CAP_NET_ADMIN
ExecStartPre=/sbin/iptables -I INPUT -p tcp --dport SERVER_PORT -j DROP
ExecStart=/usr/bin/udp2raw -s -l0.0.0.0:SERVER_PORT -r127.0.0.1:REMOTE_PORT -k PASSWORD --raw-mode faketcp
ExecStopPost=/sbin/iptables -D INPUT -p tcp --dport SERVER_PORT -j DROP
Restart=always
RestartSec=30
StartLimitBurst=10
[Install]
WantedBy=multi-user.target
```
Please replace `SERVER_IP`, `SERVER_PORT`, `REMOTE_PORT` and `LOCAL_PORT` with your own parameters and replace the pathes to `iptables` and `udp2raw` according to your own system configuration.
The above unit will only execute the `iptables` commands as root, and will execute the main `udp2raw` command as `nobody`, with `CapabilityBoundingSet` that grants necessary permissions. The above unit will only execute the `iptables` commands as root, and will execute the main `udp2raw` command as `nobody`, with `CapabilityBoundingSet` that grants necessary permissions.