Features
| Pricing | Documentation | Contact | Blog
Features
| Pricing | Documentation | Contact | Blog
Client Restrictions in Proxylity are the rules that indicate which sources of IP traffic should be allowed by your Listener(s). Said differently, they are the firewall between the internet at large and your Destinations, and can be very important to configure to prevent abuse.
Proxylity UDP Gateway supports the following types of Client Restrictions:
This restriction allows you to specify individual IP addresses or entire ranges of IP addresses using CIDR notation. This means you can permit or block traffic from specific sources based on their IP address, enhancing your security posture. For example, you can allow all IPs in the range of 192.168.1.0/24, which permits all devices in that subnet, while denying others. You can easily configure this in the settings by listing allowed IPs or CIDRs as needed.
With allowed domain names, you can configure your Listener(s) to permit traffic based on domain names rather than IP addresses. This is particularly useful when dealing with dynamic IP addresses associated with certain domains. When a request comes in, a reverse IP lookup will check if the originating domain is on the allowed list. You can specify multiple domain names and wildcards to allow traffic from a range of subdomains or specific domains.
Client Policy Framework (CPF) DNS records delegate the allowed client rules to DNS records on one or more domain names. By specifying the approriate DNS TXT records you can dynamically control access without modifying settings in Proxylity directly. This is beneficial when managing permissions for services that rely on changing DNS entries.
The format of CPF is simple (and very similar to Sender Policy Records):