Baguette
/
ipcd
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Bind two libipc-related processes after the creation of a remote connection. Further explanations in the README.
12 Commits
1 Branch
0 Tags
298 KiB
Crystal 86.9%
Makefile 12.8%
Shell 0.3%
 
 
 
Go to file
Philippe PITTOLI 176d8d1507 Networkd => Plumberd, websocketd working. 2019-11-04 08:56:57 +01:00
src Networkd => Plumberd, websocketd working. 2019-11-04 08:56:57 +01:00
README.md Networkd => Plumberd, websocketd working. 2019-11-04 08:56:57 +01:00
shard.yml Networkd => Plumberd, websocketd working. 2019-11-04 08:56:57 +01:00

README.md

Plumberd is a program to handle networking for all other software.

WARNING

Security is TBD. Currently, only TCPd is implemented, which means no communication security.

Plumberd functionalities

firewall

Plumberd has to filter the connections to local services.

WIP.

authentication

Plumberd has to authenticate clients asking for a service.

WIP.

redirection

Central networking management allows for functionalities such as redirections. For example, a local client asking for the authentication can be authenticated with a distant authentication service.

encapsulation

TBD.  WIP.

Configuration

Configuration is yet to be defined.

  • redirection
  • firewall
  • authentication

Usage

This program can be used as follow:

# with some static rules
plumberd --allow in authd tls:example.com --deny in * * --allow out pong tls:pong.example.com:9000
plumberd --redirect authd nextversion-authd

usage examples

plumberd is requested each time a client is launched when the right environment variable is used. For example, we want to connect to a distant authd service:

IPC_NETWORKD="authd tls://user@passwd:example.com:9000/authd"

Currently, the plumberd only works with tcp and unix routes.

IPC_NETWORKD="pongd tcp://example.com:9000/pongd"

Changelog

  • v0.1: (current) plumberd (redirections), tcpd

    • plumberd understands URIs (tcp://example.com/service or unix:///service)
    • tcp scheme is understood: plumberd contacts the tcpd service
    • unix scheme is understood: plumberd performs a redirection

Roadmap

  • v0.2: webipcd, documentation
  • v0.3: firewall + redirections
  • v0.4: static configuration: default routes, authentication
  • v0.5: tlsd built-in, pre-shared keys
  • v0.6: udpd
  • v1.0: TBD

Plumberd explanations

  1. client contacts plumberd

  2. plumberd understand the request from the client then contacts the local service responsible for the communication protocol required

  3. once the distant connection is established (between the two tlsd services for example) plumberd provides a file descriptor to the client

  4. finally, the client can perform requests to the distant service transparently

    during the connection:

    client <-> plumberd <-> tlsd <=> tlsd <-> plumberd <-> service

    then:

    client <-> tlsd <=> tlsd <-> server