Skip to content

Add support for allowed IP ACLs
Compare
Choose a tag to compare
@alexellis alexellis released this 15 Oct 11:09
· 36 commits to master since this release
0.9.1
fd17a28

Changelog for 0.9.1:

HTTP, TCP servers and the fileserver all gain a new flag to specify a list of IPs and / or CIDRs which may access the control and data plane of the server end of the tunnel.

IP allowed lists, aka IP whitelists are an often-requested security feature by corporate users however, they do not replace authentication and are not bullet-proof. Beware of IP spoofing for the source address of packets.

The default allow list is 0.0.0.0/0 which corresponds to any valid IP address.

Container image: ghcr.io/inlets/inlets-pro:0.9.1

Read the blog post / tutorial: Restrict your tunnels with IP allow lists

Example usage:

inlets fileserver --allowed-ips 192.168.0.0/24

inlets tcp server --allowed-ips 0.0.0.0/0

inlets http server --allowed-ips 192.168.0.1 \
  --allowed-ips 192.168.0.2

If you are using a reverse proxy or container network in front of inlets, then you may need to implement your list there instead of via the inlets binary.

Generated by Derek

Assets 18
Loading