Changelog for 0.9.1:
HTTP, TCP servers and the fileserver all gain a new flag to specify a list of IPs and / or CIDRs which may access the control and data plane of the server end of the tunnel.
IP allowed lists, aka IP whitelists are an often-requested security feature by corporate users however, they do not replace authentication and are not bullet-proof. Beware of IP spoofing for the source address of packets.
The default allow list is
0.0.0.0/0 which corresponds to any valid IP address.
Read the blog post / tutorial: Restrict your tunnels with IP allow lists
inlets fileserver --allowed-ips 192.168.0.0/24 inlets tcp server --allowed-ips 0.0.0.0/0 inlets http server --allowed-ips 192.168.0.1 \ --allowed-ips 192.168.0.2
If you are using a reverse proxy or container network in front of inlets, then you may need to implement your list there instead of via the inlets binary.
Generated by Derek