diff options
| -rw-r--r-- | etc/netns/ns0/nftables.conf | 2 | ||||
| -rw-r--r-- | etc/systemd/system/sshd-ns0.service | 19 | ||||
| -rw-r--r-- | home/xyz/.config/myconf/sye | 3 |
3 files changed, 22 insertions, 2 deletions
diff --git a/etc/netns/ns0/nftables.conf b/etc/netns/ns0/nftables.conf index 2d6a6e48..5d287bd9 100644 --- a/etc/netns/ns0/nftables.conf +++ b/etc/netns/ns0/nftables.conf @@ -27,7 +27,7 @@ table inet my_table { ip protocol icmp accept meta l4proto ipv6-icmp accept - #tcp dport ssh accept + tcp dport ssh accept #tcp dport qbt-nox accept tcp dport qbt accept udp dport qbt accept diff --git a/etc/systemd/system/sshd-ns0.service b/etc/systemd/system/sshd-ns0.service new file mode 100644 index 00000000..d66b8932 --- /dev/null +++ b/etc/systemd/system/sshd-ns0.service @@ -0,0 +1,19 @@ +# modified from /usr/lib/systemd/system/sshd.service + +[Unit] +After=network.target sshdgenkeys.service +Before=ssh-access.target +Description=OpenSSH Daemon +Documentation=man:sshd(8) man:sshd_config(5) +Wants=sshdgenkeys.service ssh-access.target +After=ns0.service + +[Service] +Type=notify-reload +ExecStart=/usr/bin/sshd -D +KillMode=process +Restart=always +NetworkNamespacePath=/run/netns/ns0 + +[Install] +WantedBy=multi-user.target diff --git a/home/xyz/.config/myconf/sye b/home/xyz/.config/myconf/sye index 862772f9..52c84f3f 100644 --- a/home/xyz/.config/myconf/sye +++ b/home/xyz/.config/myconf/sye @@ -9,6 +9,7 @@ ns0.service enabled disabled opendkim.service enabled disabled opendmarc.service enabled disabled postfix.service enabled disabled +sshd-ns0.service enabled disabled sshd.service enabled disabled systemd-network-generator.service enabled enabled systemd-networkd-wait-online.service enabled enabled @@ -22,4 +23,4 @@ acme.sh.timer enabled disabled paccache.timer enabled disabled pacman-filesdb-refresh.timer enabled disabled -22 unit files listed. +23 unit files listed. |