You're viewing documentation for the legacy version of Firezone, now End-of-Life. View the latest docs here.

Network Access Control: Egress Rules

Firezone supports egress filtering controls to explicitly DROP or ACCEPT packets via the kernel's netfilter system. By default, all traffic is allowed.

The Allowlist and Denylist support both IPv4 and IPv6 CIDRs and IP addresses. When adding a rule, you may optionally scope it to a user which applies the rule to all their devices.

firewall rules