Expand description
natmap โ iptables NAT rule management for static VMs and Docker containers.
Control daemon for iptables forwarding and DNAT rules via a Unix socket API.
This crate provides a daemon that acts as the central authority for all iptables NAT rules. It handles:
- Static DNAT/SNAT/hairpin rules for VMs with persistent configuration
- Dynamic Docker port mappings that auto-discover published ports at container start and allow host-port remapping without restarting containers
- Crash recovery by persisting state to disk and flushing stale rules on restart
- Port conflict prevention via a TCP pre-bind allocator
The daemon exposes an HTTP API over a Unix socket. CLI commands in the
parent crate communicate with it through cli::run_cli.
Modulesยง
- api
- cli
- CLI argument parsing for the
natmapsubcommands. - command
- CLI command implementations that communicate with the natmap daemon.
- completions
- consts
- daemon
- Natmap daemon โ HTTP API server over Unix socket.
- docker
- Docker client helpers for discovering and inspecting container port mappings.
- install
- Systemd installation support for the natmap daemon.
- iptables
- iptables rule management for DNAT, SNAT, hairpin, and Docker mappings.
- models
- Data models for the natmap daemon and its API.
- policy_
route - utils
- HTTP client helpers for communicating with the natmap daemon over its Unix socket.