wireguard-setup/packer/rootfs/etc/systemd/system/udptunnel.service

[Unit]
Description=udptunnel service
Requires=udptunnel.socket
ConditionPathExists=!/etc/udptunnel/udptunnel_not_to_be_run

[Service]
Type=notify
Restart=always
ExecStart=/usr/local/bin/udptunnel --server --verbose 127.0.0.1:51820
StandardOutput=journal
StandardError=journal
DynamicUser=yes
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
ProtectSystem=strict
ProtectHome=yes
ProtectKernelTunables=yes
ProtectKernelModules=yes
ProtectControlGroups=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictNamespaces=yes
LockPersonality=yes
MemoryDenyWriteExecute=yes
RestrictRealtime=yes
RemoveIPC=yes
SystemCallArchitectures=native

[Install]
WantedBy=multi-user.target
Added udptunnel to circumvent some firewalls 2020-06-19 00:12:25 +02:00			`[Unit]`
			`Description=udptunnel service`
			`Requires=udptunnel.socket`
			`ConditionPathExists=!/etc/udptunnel/udptunnel_not_to_be_run`

			`[Service]`
			`Type=notify`
Restart always 2021-03-28 17:02:47 +02:00			`Restart=always`
Added udptunnel to circumvent some firewalls 2020-06-19 00:12:25 +02:00			`ExecStart=/usr/local/bin/udptunnel --server --verbose 127.0.0.1:51820`
			`StandardOutput=journal`
			`StandardError=journal`
			`DynamicUser=yes`
			`NoNewPrivileges=yes`
			`PrivateTmp=yes`
			`PrivateDevices=yes`
			`ProtectSystem=strict`
			`ProtectHome=yes`
			`ProtectKernelTunables=yes`
			`ProtectKernelModules=yes`
			`ProtectControlGroups=yes`
			`RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6`
			`RestrictNamespaces=yes`
			`LockPersonality=yes`
			`MemoryDenyWriteExecute=yes`
			`RestrictRealtime=yes`
			`RemoveIPC=yes`
			`SystemCallArchitectures=native`

			`[Install]`
			`WantedBy=multi-user.target`