balki/nnss
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: balki:v0.1.0
Branches Tags
balki:main
balki:v0.4.0 balki:v0.3.0 balki:v0.2.0 balki:v0.1.0
...
compare: balki:v0.2.0
Branches Tags
balki:main
balki:v0.4.0 balki:v0.3.0 balki:v0.2.0 balki:v0.1.0

5 Commits
v0.1.0 ... v0.2.0

Author SHA1 Message Date
Balakrishnan Balasubramanian
e1c8128d02 Support direct socks proxy without ssh 2025-02-27 11:05:11 -05:00
Balakrishnan Balasubramanian
b61950cc40 add network-online Requires 2025-02-26 21:18:53 -05:00
Balakrishnan Balasubramanian
ab295438b9 remove leftover files 2025-01-31 22:24:49 -05:00
Balakrishnan Balasubramanian
1aeb38e1ef fix namespace path in README.md 2025-01-31 22:21:40 -05:00
Balakrishnan Balasubramanian
b1926a4640 Add install instructions to README 2025-01-31 00:27:18 -05:00
7 changed files with 50 additions and 37 deletions
Expand all files Collapse all files

22
.SRCINFO
View File

@ -1,22 +0,0 @@
pkgbase = nnss
pkgdesc = Network Namespace setup using SSH SOCKS proxy
pkgver = 0.1.0
pkgrel = 2
url = https://gitea.balki.me/balki/nnss
arch = any
license = MIT
depends = tun2socks
source = nnss-ssh@.service
source = nnss-tunsocks@.service
source = ssh_config
source = tunsocks.sh
source = README.md
source = tmpfiles.conf
sha256sums = 59abec374b4430510f40fa2184863c5978f638047f5740ed2bf86a5ec6f92dff
sha256sums = af660f552d439bc9134a0d0774fed3a765448abfebee39a586c05df56e9ff32d
sha256sums = cb57dd0be323adc05d70d6b28ed7d79261c5c7215586e604138a164ae88aeeca
sha256sums = f35c22bb12d020428787828107ee379dd147e485edfdac687fed92d73d81d418
sha256sums = 20272994a3f3235ae79b24c4ab7c78a21aeadfd5ca03df98a6b099aac6a623a4
sha256sums = 654a3615be4eb635957a4ab33e733a1c6655225f6ff34ec8a58f6dabc9ac0d70
pkgname = nnss

3
.gitignore vendored
View File

@ -1,3 +0,0 @@
nnss*pkg.tar.zst
src/
pkg/

30
README.md
View File

@ -2,19 +2,25 @@
Create network namespace where all¹ network requests go via ssh connection. Create network namespace where all¹ network requests go via ssh connection.
## Installing
1. Install from [AUR][2].
2. Download and install pre-built archlinux package: [link][3].
3. For other linux, copy the files to appropriate path as done [here][4].
## Creating new namespace ## Creating new namespace
1. Create a simple ssh config at `/etc/nnss/<namespace_name>/config`. This will be 1. Create a simple ssh config at `/etc/nnss/<namespace_name>/config`. This will
included with [other settings][0]. be included with [other settings][0].
2. Create the ssh private key at `/etc/nnss/<namespace_name>/privatekey` 2. Copy your ssh private key to `/etc/nnss/<namespace_name>/privatekey`
3. [Edit][1] your service file to include below properties 3. [Edit][1] your application's service file to include below properties
```systemd ```systemd
[Unit] [Unit]
Requires=nnss-tunsocks@<namespace_name>.service Requires=nnssA@<namespace_name>.service
After=nnss-tunsocks@<namespace_name>.service After=nnssA@<namespace_name>.service
[Service] [Service]
NetworkNamespacePath=/run/netns/<namespace_name> NetworkNamespacePath=/run/netns/<namespace_name>ns
``` ```
### Example ### Example
@ -34,7 +40,12 @@ Port 8822 # If the ssh server is not on default port 22
## Testing namespace ## Testing namespace
```bash ```bash
sudo systemd-run --property=NetworkNamespacePath=/run/netns/vps1ns --property=User=$USER --property=Requires=nnss-tunsocks@vps1.service --property=After=nnss-tunsocks@vps1.service --shell sudo systemd-run \
--property=NetworkNamespacePath=/run/netns/vps1ns \
--property=User=$USER \
--property=Requires=nnssA@vps1.service \
--property=After=nnssA@vps1.service \
--shell
[sudo] password for balki: [sudo] password for balki:
Running as unit: run-p233279-i233579.service Running as unit: run-p233279-i233579.service
Press ^] three times within 1s to disconnect TTY. Press ^] three times within 1s to disconnect TTY.
@ -72,3 +83,6 @@ DNS by default still goes via host.
[0]: ./ssh_config [0]: ./ssh_config
[1]: https://wiki.archlinux.org/title/Systemd#Editing_provided_units [1]: https://wiki.archlinux.org/title/Systemd#Editing_provided_units
[2]: https://aur.archlinux.org/packages/nnss
[3]: https://gitea.balki.me/balki-aur/-/packages/arch/nnss/0.1.0-1
[4]: https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=nnss#n14

3
nnss-ssh@.service
View File

@ -1,6 +1,7 @@
[Unit] [Unit]
Description=Create SSH connection to %I Description=Create SSH connection to %I
After=network.target Requires=network-online.target
After=network-online.target
StopWhenUnneeded=yes StopWhenUnneeded=yes
[Service] [Service]

2
nnss-tunsocks@.service → nnssA@.service
View File

@ -9,7 +9,7 @@ StopWhenUnneeded=yes
Type=notify Type=notify
NotifyAccess=all NotifyAccess=all
RuntimeDirectory=nnss-tunsocks%i RuntimeDirectory=nnssA%i
ExecStart=/usr/lib/nnss/tunsocks.sh "%i" setup ExecStart=/usr/lib/nnss/tunsocks.sh "%i" setup
ExecStop=/usr/lib/nnss/tunsocks.sh "%i" cleanup ExecStop=/usr/lib/nnss/tunsocks.sh "%i" cleanup

17
nnssB@.service Normal file
View File

@ -0,0 +1,17 @@
[Unit]
Description=Create network namespace and tun device to %I
StopWhenUnneeded=yes
[Service]
Type=notify
NotifyAccess=all
RuntimeDirectory=nnssB%i
# Add SOCKS_PROXY environment variable to below file. E.g.
# SOCKS_PROXY=socks5://127.0.0.1:9050
EnvironmentFile=/etc/nnss/env_%i
ExecStart=/usr/lib/nnss/tunsocks.sh "%i" use_env setup
ExecStop=/usr/lib/nnss/tunsocks.sh "%i" use_env cleanup

10
tunsocks.sh
View File

@ -7,13 +7,19 @@ pidfile=${RUNTIME_DIRECTORY:-/tmp}/tunsocks.pid
nsname="$1" nsname="$1"
device="tun${nsname}" device="tun${nsname}"
ns="${nsname}ns" ns="${nsname}ns"
socketpath="/run/nnss-${nsname}/sock"
if [ "$2" = use_env ];then
proxy="$SOCKS_PROXY"
shift
else
proxy="socks5:///run/nnss-${nsname}/sock"
fi
setup() setup()
{ {
ip tuntap add mode tun dev "$device" ip tuntap add mode tun dev "$device"
/usr/bin/tun2socks -device "$device" -proxy "socks5://$socketpath" & /usr/bin/tun2socks -device "$device" -proxy "$proxy" &
echo "$!" > "$pidfile" echo "$!" > "$pidfile"
sleep 5 sleep 5