mycelium icon indicating copy to clipboard operation
mycelium copied to clipboard
verified publisher icon threefoldtech

User defined whitelist filter

Open LeeSmet opened this issue 1 year ago • 4 comments

File based whitelist filter which specified allowed remotes (subnet/ip/pub key), which can talk to the local node. Ideally this includes src and dst port as well. By default, non listed addresses cause the packet to get dropped.

LeeSmet avatar Jul 03 '24 13:07 LeeSmet

Isn't this something that can already be solved on the nftables/iptables layer?

flokli avatar Jul 05 '24 09:07 flokli

Isn't this something that can already be solved on the nftables/iptables layer?

maybe to make it work on different OS?

iwanbk avatar Jul 05 '24 10:07 iwanbk

Probably, though there's some small distinctions here. Are we talking about networking traffic destined to the local node, messages in general, forwarding, …

flokli avatar Jul 05 '24 10:07 flokli

This would be for packets destined to the local node yes. Essentially it would sit just before the tun interface for incoming packets

LeeSmet avatar Jul 10 '24 17:07 LeeSmet