Typical flow
```go theme={null} import m "github.com/superradcompany/microsandbox/sdk/go" // Preset — public internet only sb, err := m.CreateSandbox(ctx, "worker", m.WithImage("alpine"), m.WithNetwork(m.NetworkPolicy.PublicOnly()), ) // Or a custom first-match-wins firewall sb, err = m.CreateSandbox(ctx, "ci-runner", m.WithImage("python:3.12"), m.WithNetwork(&m.NetworkConfig{ DefaultEgress: m.PolicyActionDeny, DefaultIngress: m.PolicyActionAllow, Rules: []m.PolicyRule{ { Action: m.PolicyActionAllow, Direction: m.PolicyDirectionEgress, Destination: "api.example.com", Protocol: m.PolicyProtocolTCP, Port: "443", }, }, }), ) ``` ## Functions #### m.WithNetwork() ```go theme={null} func WithNetwork(net *NetworkConfig) SandboxOption ```Parameters
Returns
Parameters
portsmap\[uint16]uint16Returns
Parameters
portsmap\[uint16]uint16Returns
Parameters
bindings...PortBindingReturns
Returns
Policy: "public-only".Returns
Policy: "none".Returns
Policy: "allow-all".Returns
Policy: "non-local".Used by WithNetwork() · returned by NetworkPolicy
The full network stack configuration passed via [`WithNetwork`](#m-withnetwork). | Field | Type | Description | | ------------------- | ---------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Policy | [`NetworkPolicyPreset`](#networkpolicypreset) | Preset name. Mutually exclusive with custom rules for canned configs; set via [`NetworkPolicy`](#networkpolicy). When set alongside `Rules`, preset rules come first and custom rules follow | | Rules | `[]`[`PolicyRule`](#policyrule) | Ordered custom rules (first match wins) | | DefaultEgress | [`PolicyAction`](#policyaction) | Fall-through action for outbound when no rule matches. Defaults to `"deny"` | | DefaultIngress | [`PolicyAction`](#policyaction) | Fall-through action for inbound when no rule matches. Defaults to `"allow"` | | DenyDomains | `[]string` | Exact domain names to refuse DNS resolution for | | DenyDomainSuffixes | `[]string` | Domain suffixes (e.g. `.ads`) to block, including the apex and any subdomain | | DNS | [`*DNSConfig`](#dnsconfig) | In-VM DNS proxy settings | | DNSRebindProtection | `*bool` | Legacy convenience for `DNS.RebindProtection`. When `DNS` is also set, the nested value wins | | TLS | [`*TLSConfig`](#tlsconfig) | Transparent TLS interception proxy settings | | Ports | `map[uint16]uint16` | Host to guest TCP port mappings bound to `127.0.0.1` | | PortBindings | `[]`[`PortBinding`](#portbinding) | Host to guest mappings with explicit bind addresses | | IPv4Pool | `string` | Pool used to derive per-sandbox `/30` guest subnets. Defaults to `172.16.0.0/12` | | IPv6Pool | `string` | Pool used to derive per-sandbox `/64` guest prefixes. Defaults to `fd42:6d73:62::/48` | | MaxConnections | `*uint` | Cap on concurrent network connections from the sandbox | | OnSecretViolation | [`ViolationAction`](/sdk/go/secrets#violationaction) | Sandbox-wide action when a secret is sent to a disallowed host. Per-secret overrides via `SecretEntry.OnViolation` | | TrustHostCAs | `*bool` | Ship the host's extra CA bundles into the guest. Opt-in for corporate MITM proxies whose gateway CA is unknown to the guest's stock bundle | ### PolicyRuleUsed by NetworkConfig.Rules
A single firewall rule. Ingress rules carrying ICMP protocols are rejected at sandbox creation, since the host has no inbound ICMP path; use `PolicyDirectionEgress` for ICMP. | Field | Type | Description | | ----------- | --------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------- | | Action | [`PolicyAction`](#policyaction) | `allow` or `deny` | | Direction | [`PolicyDirection`](#policydirection) | Direction this rule considers. `PolicyDirectionAny` matches in either | | Destination | `string` | Target filter: a [destination group](#destination-groups), domain, domain suffix (prefixed with `.`), CIDR (`10.0.0.0/8`), exact IP, or `"*"` | | Protocol | [`PolicyProtocol`](#policyprotocol) | Legacy single-protocol field. The empty string means any. Prefer `Protocols` when matching multiple | | Protocols | `[]`[`PolicyProtocol`](#policyprotocol) | Protocol set. Empty means any | | Port | `string` | Single port (`"443"`) or range (`"8000-9000"`) | | Ports | `[]string` | Several port values at once | ### DNSConfigUsed by NetworkConfig.DNS
In-VM DNS proxy configuration. | Field | Type | Description | | ---------------- | ---------- | ------------------------------------------------------------------------------------ | | RebindProtection | `*bool` | Block DNS responses resolving to private IPs. Defaults to `true` when unset | | Nameservers | `[]string` | Upstream resolvers (e.g. `"1.1.1.1:53"`). Replaces `/etc/resolv.conf` when non-empty | | QueryTimeoutMs | `*uint64` | Per-DNS-query timeout in milliseconds | ### TLSConfigUsed by NetworkConfig.TLS
Transparent HTTPS inspection proxy configuration. | Field | Type | Description | | ---------------- | ---------- | ------------------------------------------------------------------------------------------------- | | Bypass | `[]string` | Domain patterns (supports `*.suffix`) to skip MITM. Use for domains with certificate pinning | | VerifyUpstream | `*bool` | Verify upstream server certificates. Defaults to `true`. Set `false` only for self-signed servers | | InterceptedPorts | `[]uint16` | TCP ports where TLS is intercepted. Defaults to `[443]` | | BlockQUIC | `*bool` | Block QUIC on intercepted ports to force TLS fallback | | CACert | `string` | Path to a custom interception CA certificate PEM file | | CAKey | `string` | Path to a custom interception CA private key PEM file | | UpstreamCACerts | `[]string` | Paths to additional CA bundles trusted for upstream verification | ```go theme={null} sb, err := m.CreateSandbox(ctx, "inspect", m.WithImage("python:3.12"), m.WithNetwork(&m.NetworkConfig{ TLS: &m.TLSConfig{ Bypass: []string{"*.googleapis.com"}, InterceptedPorts: []uint16{443}, }, }), ) ``` ### PortBindingUsed by WithPortBindings() · NetworkConfig.PortBindings
A host-to-guest port mapping with an explicit host bind address. `Protocol` defaults to TCP when empty. Use `Bind: "0.0.0.0"` to expose the published port on all IPv4 interfaces. | Field | Type | Description | | --------- | ------------------------------- | ---------------------------------------------------------------- | | Bind | `string` | Host IP address to bind, such as `127.0.0.1`, `0.0.0.0`, or `::` | | HostPort | `uint16` | Port on the host | | GuestPort | `uint16` | Port inside the sandbox | | Protocol | [`PortProtocol`](#portprotocol) | `PortProtocolTCP` or `PortProtocolUDP`. Empty defaults to TCP | ### PortProtocolUsed by PortBinding.Protocol
Identifies the protocol for an exposed sandbox service. | Constant | Value | Description | | ----------------- | ------- | ---------------- | | `PortProtocolTCP` | `"tcp"` | TCP port mapping | | `PortProtocolUDP` | `"udp"` | UDP port mapping | ### PolicyActionUsed by PolicyRule.Action · NetworkConfig.DefaultEgress
The action half of a [`PolicyRule`](#policyrule). | Constant | Value | Description | | ------------------- | --------- | ------------------------- | | `PolicyActionAllow` | `"allow"` | Permit the traffic | | `PolicyActionDeny` | `"deny"` | Drop the traffic silently | ### PolicyDirectionUsed by PolicyRule.Direction
The direction half of a [`PolicyRule`](#policyrule). The Go SDK follows the Python naming (`egress`/`ingress`); the wire format carries these values. | Constant | Value | Description | | ------------------------ | ----------- | -------------------------------- | | `PolicyDirectionEgress` | `"egress"` | Traffic leaving the sandbox | | `PolicyDirectionIngress` | `"ingress"` | Traffic entering the sandbox | | `PolicyDirectionAny` | `"any"` | Rule applies in either direction | ### PolicyProtocolUsed by PolicyRule.Protocol · PolicyRule.Protocols
The protocol half of a [`PolicyRule`](#policyrule). | Constant | Value | Description | | ---------------------- | ---------- | ---------------------------- | | `PolicyProtocolTCP` | `"tcp"` | TCP traffic | | `PolicyProtocolUDP` | `"udp"` | UDP traffic | | `PolicyProtocolICMPv4` | `"icmpv4"` | ICMPv4 traffic (egress only) | | `PolicyProtocolICMPv6` | `"icmpv6"` | ICMPv6 traffic (egress only) | ### NetworkPolicyPresetUsed by NetworkConfig.Policy
Preset names accepted by [`NetworkConfig.Policy`](#networkconfig). Prefer the [`NetworkPolicy`](#networkpolicy) factory, which returns a preconfigured `*NetworkConfig`. | Constant | Value | Description | | ------------------------------- | --------------- | ------------------------------------------------------------------- | | `NetworkPolicyPresetNone` | `"none"` | Fully airgapped | | `NetworkPolicyPresetPublicOnly` | `"public-only"` | Block private + metadata; allow everything else | | `NetworkPolicyPresetAllowAll` | `"allow-all"` | Unrestricted | | `NetworkPolicyPresetNonLocal` | `"non-local"` | Public + private/LAN egress; block loopback / link-local / metadata | ### Destination groupsUsed by PolicyRule.Destination
The `Destination` field on [`PolicyRule`](#policyrule) accepts these well-known group names alongside literal CIDRs and domains. A domain prefixed with `.` becomes a suffix match: `.example.com` matches `api.example.com` but not `example.com`. | Value | Description | | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ | | `"public"` | Every address not in any other group | | `"private"` | Private/RFC 1918 addresses + ULA + CGN (`10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`, `100.64.0.0/10`, `fc00::/7`) | | `"loopback"` | Loopback addresses (`127.0.0.0/8`, `::1`); the **guest's own** loopback, not the host. See [Reaching the host](/networking/overview#reaching-the-host) | | `"link-local"` | Link-local addresses (`169.254.0.0/16`, `fe80::/10`) excluding metadata | | `"metadata"` | Cloud metadata endpoints (`169.254.169.254`) | | `"multicast"` | Multicast addresses (`224.0.0.0/4`, `ff00::/8`) | | `"host"` | The host machine, reached via `host.microsandbox.internal`. The right group for "let the sandbox reach my host's localhost", not `"loopback"` |