You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently the listen option only allows one ip to listen on. Would it be possible to also separate them by comma and start multiple instances of ThreadedTCPServer? This would allow to listen on multiple interfaces, for example localhost and some specific docker interfaces. Currently it's only possible to listen on 0.0.0.0 and work around this issue with allowlists but I would prefer px not to be reachable from outside at all (without a need for a local firewall).
The text was updated successfully, but these errors were encountered:
Seems feasible but I'm wondering how to resolve the behavior with --gateway + --allow which achieve the same thing but with filtering done once connected at the app level instead of at the IP level.
If --listen has multiple entries, --allow will still make it possible to restrict access to specific subnets on that interface. Also, --gateway is more resilient to host IP changes whereas explicit --listen values will need to be changed if host IP changes. You could call it more secure and inconvenient - just how "more secure" typically ends up being.
Currently the
listen
option only allows one ip to listen on. Would it be possible to also separate them by comma and start multiple instances ofThreadedTCPServer
? This would allow to listen on multiple interfaces, for example localhost and some specific docker interfaces. Currently it's only possible to listen on 0.0.0.0 and work around this issue with allowlists but I would prefer px not to be reachable from outside at all (without a need for a local firewall).The text was updated successfully, but these errors were encountered: