[systemd-devel] udp socket-activation "fake-service"

Reindl Harald h.reindl at thelounge.net
Sat Mar 16 04:52:59 UTC 2019


Hi

for a firewall development setup (nested virtualization) i have running
a tcp service like below on a VM liesting on a complete /24 network
behind a NAT


with "udpsvd" at least something works for "nmap -p 53 -sU -P0 host" on
a single port and always running - is there some way to get a similar
udp service?

"ListenDatagram=53" works only without "Accept=yes" and without a
template-serivce but even then it's finally failing

goal would be listening on at least port 53 or better a ton of ports for
udp to run port-scans and validate the fiewall ruleset without a ton of
persistent running udpsvd-processes

------------------------------------------------

root at client: cat demo-udp-53.service
[Unit]
Description=Demo UDP 53 Server

[Service]
Type=simple
Restart=always
ExecStart=/usr/bin/udpsvd 0 53 "/usr/bin/echo OK"

[Install]
WantedBy=multi-user.target

------------------------------------------------

cat demo-tcp.socket
[Unit]
Description=Demo TCP Server - Activation Socket

[Socket]
Accept=yes
ListenStream=7
ListenStream=19
ListenStream=21
ListenStream=22
ListenStream=23
ListenStream=24
ListenStream=25
ListenStream=26
ListenStream=37
ListenStream=52
ListenStream=53
ListenStream=67
ListenStream=68
ListenStream=79
ListenStream=80

[Install]
WantedBy=sockets.target

------------------------------------------------

cat demo-tcp at .service
[Unit]
Description=Demo TCP Server
Requires=demo-tcp.socket

[Service]
Type=oneshot
Environment="PATH=/usr/bin"
ExecStart=/usr/bin/echo OK

StandardOutput=socket
StandardInput=socket

[Install]
Also=demo-tcp.socket

------------------------------------------------


More information about the systemd-devel mailing list