Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow for multiple listen interfaces #195

Closed
firefart opened this issue Oct 25, 2023 · 3 comments
Closed

Allow for multiple listen interfaces #195

firefart opened this issue Oct 25, 2023 · 3 comments

Comments

@firefart
Copy link

Currently the listen option only allows one ip to listen on. Would it be possible to also separate them by comma and start multiple instances of ThreadedTCPServer? This would allow to listen on multiple interfaces, for example localhost and some specific docker interfaces. Currently it's only possible to listen on 0.0.0.0 and work around this issue with allowlists but I would prefer px not to be reachable from outside at all (without a need for a local firewall).

@genotrance
Copy link
Owner

Seems feasible but I'm wondering how to resolve the behavior with --gateway + --allow which achieve the same thing but with filtering done once connected at the app level instead of at the IP level.

If --listen has multiple entries, --allow will still make it possible to restrict access to specific subnets on that interface. Also, --gateway is more resilient to host IP changes whereas explicit --listen values will need to be changed if host IP changes. You could call it more secure and inconvenient - just how "more secure" typically ends up being.

@genotrance
Copy link
Owner

This is fixed in v0.9.0 still in development - see branch.

@genotrance
Copy link
Owner

v0.9.0 has been released.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants