Skip to content

Any way to block inbound IP range or IPs via config or API? #1043

Answered by Choraden
CodeMonkeyKevin asked this question in Q&A
Any way to block inbound IP range or IPs via config or API? #1043
@CodeMonkeyKevin CodeMonkeyKevin
Apr 24, 2025 · 1 comment
Answered by Choraden Return to top
Discussion options

CodeMonkeyKevin
Apr 24, 2025

You must be logged in to vote
Answered by Choraden Apr 28, 2025

Hi @CodeMonkeyKevin,

Thank you for your interest.

At the moment Forwarder doesn't expose an option to block specific IPs through CLI or API.
If you need to shut out certain clients right now, the quickest solution is to use the host firewall.
For example on Linux you can use iptables:

iptables -I INPUT -p tcp --dport 3128 -s 203.0.113.0/24  -j DROP

If you’d prefer everything in a single Go binary, you can write a tiny forwarder.RequestModifier that checks req.RemoteAddr and returns an error when the client’s IP matches a deny-list; Forwarder will respond with 403 Forbidden and the request won’t be proxied. I’m happy to share a short example if that would help.

Best,
Hubert

View full answer

Replies: 1 comment

Comment options

Choraden
Apr 28, 2025
Maintainer

You must be logged in to vote
0 replies
Answer selected by Choraden
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
2 participants
@CodeMonkeyKevin @Choraden