Reformat table.

2025-01-18 18:56:24 +00:00 · 2015-11-23 10:11:46 -08:00 · 2015-11-23 10:11:46 -08:00 · 1e4a40e772
commit 1e4a40e772
parent 6e5feaba3a
1 changed files with 17 additions and 23 deletions
--- a/netcon/README.md
+++ b/netcon/README.md
@ -1,21 +1,20 @@
-ZeroTier Network Containers 
+ZeroTier Network Containers
 ======

 ### Functional Overview:

 This system exists as a dynamically-linked library, and a service/IP-stack built into ZeroTier

-If you care about the technicals, 
+If you care about the technicals,

 The intercept is compiled as a shared library and installed in some user-accessible directory. When you want to intercept
-a user application you dynamically link the shared library to the application during runtime. When the application starts, the 
+a user application you dynamically link the shared library to the application during runtime. When the application starts, the
 intercept's global constructor is called which sets up a hidden pipe which is used to communicate remote procedure calls (RPC) to the host Netcon service running in the background.

 When an RPC for a socket() is received by the Netcon service from the intercepted application, the Netcon service will ask the lwIP stack for a new PCB structure (used to represent a connection), if the system permits its allocation, it will be passed to Netcon where a PCB/socket table entry will be created. The table is used for mapping [callbacks from lwIP] and [RPCs from the intercept] to the correct connections.

 Upon the first call to a intercept-overriden system call, a Unix-domain socket is opened between the Netcon service and the application's intercept. This socket provides us the ability to pass file descriptors of newly-created socketpairs to the intercept (used as the read/write buffer). More specifically, after the socketpair creation, one end is kept in a table entry in Netcon and one end is sent to the intercept.

-
 ### Building from Source (and Installing)

 Build zerotier-intercept library:
@ -84,17 +83,17 @@ B) Results will be written to the 'netcon/docker-test/_results/' directory

 Network Containers have been tested with the following:

-	sshd					[ WORKS as of 20151112]
-	ssh						[ WORKS as of 20151112]
-	sftp					[ WORKS as of 20151022]
-	curl					[ WORKS as of 20151021] 
-	apache (debug mode)		[ WORKS as of 20150810]
-	apache (prefork MPM)	[ WORKS as of 20151123] (2.4.6-31.x86-64 on Centos 7), (2.4.16-1.x84-64 on F22), (2.4.17-3.x86-64 on F22)
-	nginx					[ WORKS as of 20151123] Broken on Centos 7, unreliable on Fedora 23
-	nodejs					[ WORKS as of 20151123]
-	java					[ WORKS as of 20151010]
-	MongoDB					[ WORKS as of 20151028]
-	Redis-server			[ WORKS as of 20151123]
+	sshd                     [ WORKS as of 20151112]
+	ssh                      [ WORKS as of 20151112]
+	sftp                     [ WORKS as of 20151022]
+	curl                     [ WORKS as of 20151021]
+	apache (debug mode)      [ WORKS as of 20150810]
+	apache (prefork MPM)     [ WORKS as of 20151123] (2.4.6-31.x86-64 on Centos 7), (2.4.16-1.x84-64 on F22), (2.4.17-3.x86-64 on F22)
+	nginx                    [ WORKS as of 20151123] Broken on Centos 7, unreliable on Fedora 23
+	nodejs                   [ WORKS as of 20151123]
+	java                     [ WORKS as of 20151010]
+	MongoDB                  [ WORKS as of 20151028]
+	Redis-server             [ WORKS as of 20151123]

 Future:

@ -113,17 +112,15 @@ Future:
 20151028 Added MongoDB support:

 	- Added logic (RPC_MAP_REQ) to check whether a given AF_LOCAL socket is mapped to anything
-	inside the service instance. 
-
+	inside the service instance.

 20151027 Added Redis-server support:

 	- Added extra logic to detect socket re-issuing and consequent service-side double mapping.
-	Redis appears to try to set its initial listen socket to IPV6 only, this currently fails. As 
+	Redis appears to try to set its initial listen socket to IPV6 only, this currently fails. As
 	a result, Redis will close the socket and re-open it. The server will now test for closures
 	during mapping and will eliminate any mappings to broken pipes.

-
 20151021 Added Node.js support:

 	- syscall(long number, ...) is now intercepted and re-directs the __NR_accept4 call to our intercepted accept4() function
@ -138,8 +135,5 @@ Future:
 	level == IPPROTO_TCP || (level == SOL_SOCKET && option_name == SO_KEEPALIVE)
 	This might be unnecessary or might need a better workaround

-	- Careful attention should be given to how arguments are passed in the intercepted syscall() function, this differs for 
+	- Careful attention should be given to how arguments are passed in the intercepted syscall() function, this differs for
 	32/64-bit systems
-
- 
-