jool_siit.service

This unit is provided by:

• https://packages.debian.org/unstable/jool-tools

Options

• [Install]
  • WantedBy=multi-user.target
• [Service]
  • CapabilityBoundingSet=CAP_SYS_MODULE CAP_NET_ADMIN
  • ExecStart=/usr/bin/jool_siit file handle /etc/jool/jool_siit.conf
  • ExecStartPre=/sbin/modprobe jool_siit
  • ExecStop=/usr/bin/jool_siit -f /etc/jool/jool_siit.conf instance remove
  • InaccessiblePaths=/tmp /dev
  • LockPersonality
    Introduced in systemd 235
    =yes
  • MemoryDenyWriteExecute
    Introduced in systemd 231
    =yes
  • NoNewPrivileges
    Introduced in systemd 239
    =yes
  • ProtectControlGroups
    Introduced in systemd 232
    =yes
  • ProtectHome
    Introduced in systemd 214
    =yes
  • ProtectKernelModules
    Introduced in systemd 232
    =no
  • ProtectKernelTunables
    Introduced in systemd 232
    =yes
  • ProtectSystem
    Introduced in systemd 214
    =strict
  • RemainAfterExit=yes
  • RestrictAddressFamilies=AF_NETLINK
  • RestrictNamespaces
    Introduced in systemd 233
    =yes
  • RestrictRealtime
    Introduced in systemd 231
    =yes
  • SystemCallArchitectures=native
  • Type=oneshot
• [Unit]
  • After=network.target
  • ConditionPathExists=/etc/jool/jool_siit.conf
  • Description=Stateless IP/ICMP Translator
  • Documentation=https://jool.mx/en/documentation.html

Additionnal notes

Nothing here.