Obsolete
/
ipcd
Archived
3
0
Fork 0

readme updated

master
Philippe PITTOLI 2020-01-16 17:30:49 +01:00
parent c302f5df6b
commit 63d2999ccb
1 changed files with 31 additions and 25 deletions

View File

@ -1,15 +1,15 @@
Plumberd is a program to handle networking for all other software. ipcd is a program to handle networking for all other software.
# WARNING # WARNING
Security is TBD. Currently, only TCPd is implemented, which means no communication security. Security is TBD. Currently, only TCPd is implemented, which means no communication security.
# Plumberd functionalities # ipcd functionalities
## firewall ## firewall
`Plumberd` has to filter the connections to local services. `ipcd` has to filter the connections to local services.
```Warning ```Warning
WIP. WIP.
@ -17,7 +17,7 @@ WIP.
## authentication ## authentication
`Plumberd` has to authenticate clients asking for a service. `ipcd` has to authenticate clients asking for a service.
```Warning ```Warning
WIP. WIP.
@ -49,54 +49,60 @@ This program can be used as follow:
```sh ```sh
# with some static rules # with some static rules
plumberd --allow in authd tls:example.com --deny in * * --allow out pong tls:pong.example.com:9000 ipcd --allow in authd tls:example.com --deny in * * --allow out pong tls:pong.example.com:9000
plumberd --redirect authd nextversion-authd ipcd --redirect authd nextversion-authd
``` ```
## usage examples ## usage examples
`plumberd` is requested each time a client is launched when the right environment variable is used. `ipcd` is requested each time a client is launched when the right environment variable is used.
For example, we want to connect to a distant `authd` service: For example, we want to connect to a distant `authd` service:
IPC_NETWORKD="authd tls://user@passwd:example.com:9000/authd" IPC_NETWORK="authd tls://user@passwd:example.com:9000/authd"
```Warning ```Warning
Currently, the plumberd only works with tcp and unix routes. Currently, the ipcd only works with tcp and unix routes.
``` ```
IPC_NETWORKD="pongd tcp://example.com:9000/pongd" IPC_NETWORK="pongd tcp://example.com:9000/pongd"
# Changelog # Changelog
* v0.1: (current) plumberd (redirections), tcpd * v0.1: (current) ipcd (redirections), tcpd
* `plumberd` understands URIs (`tcp://example.com/service` or `unix:///service`) * `ipcd` understands URIs (`tcp://example.com/service` or `unix:///service`)
* `tcp` scheme is understood: `plumberd` contacts the `tcpd` service * `tcp` scheme is understood: `ipcd` contacts the `tcpd` service
* `unix` scheme is understood: `plumberd` performs a redirection * `unix` scheme is understood: `ipcd` performs a redirection
* v0.2: websocketd is up and running, some documentation is available
* websocketd
* IPC services are accessible via WebSockets
* `websocketc` is an example of client for it, not requiring libipc
* documentation
* pongd is a service template, up and running,
# Roadmap # Roadmap
* v0.3: websocket scheme for clients, transparently usable through `ipcd`
* v0.2: webipcd, documentation * v0.4: firewall + redirections
* v0.3: firewall + redirections * v0.5: static configuration: default routes, authentication
* v0.4: static configuration: default routes, authentication * v0.6: tlsd built-in, pre-shared keys
* v0.5: tlsd built-in, pre-shared keys * v0.7: udpd
* v0.6: udpd
* v1.0: TBD * v1.0: TBD
# Plumberd explanations # ipcd explanations
1. client contacts `plumberd` 1. client contacts `ipcd`
1. `plumberd` understand the request from the client then contacts the local service responsible for the communication protocol required 1. `ipcd` understand the request from the client then contacts the local service responsible for the communication protocol required
1. once the distant connection is established (between the two `tlsd` services for example) `plumberd` provides a file descriptor to the client 1. once the distant connection is established (between the two `tlsd` services for example) `ipcd` provides a file descriptor to the client
1. finally, the client can perform requests to the distant service transparently 1. finally, the client can perform requests to the distant service transparently
during the connection: during the connection:
client <-> plumberd <-> tlsd <=> tlsd <-> plumberd <-> service client <-> ipcd <-> tlsd <=> tlsd <-> ipcd <-> service
then: then: