Skip to main content
See Networking for conceptual overview and TLS Interception for TLS proxy details.

NetworkPolicy presets

Static methods that return pre-configured policies.

NetworkPolicy::allow_all()

fn allow_all() -> NetworkPolicy
Unrestricted network access, including to private addresses and the host machine.

NetworkPolicy::none()

fn none() -> NetworkPolicy
Deny all traffic. No network interface is created - the guest is fully offline. exec and fs still work since they use the host-guest channel, not the network.

NetworkPolicy::public_only()

fn public_only() -> NetworkPolicy
Block private address ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 127.0.0.0/8, 169.254.0.0/16) and cloud metadata endpoints. Allow everything else. This is the default policy.

NetworkBuilder

Builder for configuring the sandbox’s network stack. Used in SandboxBuilder::network(|n| n...).

block_domain()

fn block_domain(self, domain: impl Into<String>) -> Self
Block DNS lookups for an exact domain. The guest receives NXDOMAIN for this domain. Can be called multiple times. Parameters
NameTypeDescription
domainimpl Into<String>Domain to block (e.g. "malware.example.com")

block_domain_suffix()

fn block_domain_suffix(self, suffix: impl Into<String>) -> Self
Block DNS lookups for all subdomains matching a suffix. For example, .tracking.com blocks a.tracking.com, b.c.tracking.com, etc. Parameters
NameTypeDescription
suffiximpl Into<String>Domain suffix (e.g. ".tracking.com")

dns_rebind_protection()

fn dns_rebind_protection(self, enabled: bool) -> Self
When enabled, DNS responses that resolve to private IP addresses are blocked. This prevents DNS rebinding attacks where an attacker-controlled domain resolves to an internal service. Default: true. Parameters
NameTypeDescription
enabledboolEnable or disable

max_connections()

fn max_connections(self, max: usize) -> Self
Limit the maximum number of concurrent network connections from the sandbox. Parameters
NameTypeDescription
maxusizeMaximum concurrent connections

on_secret_violation()

fn on_secret_violation(self, action: ViolationAction) -> Self
Set the action taken when a secret placeholder is detected in traffic destined for a host not in the secret’s allow list. Parameters
NameTypeDescription
actionViolationActionResponse to a violation

policy()

fn policy(self, policy: NetworkPolicy) -> Self
Set the network access policy. Overrides the default public_only policy. Parameters
NameTypeDescription
policyNetworkPolicyNetwork access policy

tls()

fn tls(self, f: impl FnOnce(TlsBuilder) -> TlsBuilder) -> Self
Configure TLS interception. The closure receives a TlsBuilder for setting bypass domains, intercepted ports, CA certificates, and upstream verification. Parameters
NameTypeDescription
fTlsBuilderConfigure TLS interception.

TlsBuilder

Builder for TLS interception settings. Used in NetworkBuilder::tls(|t| t...).

block_quic()

fn block_quic(self, block: bool) -> Self
Block QUIC/HTTP3 (UDP) traffic on intercepted ports, forcing clients to fall back to TCP/TLS where interception is possible. Default: true. Parameters
NameTypeDescription
blockboolEnable or disable

bypass()

fn bypass(self, pattern: impl Into<String>) -> Self
Skip TLS interception for connections to this domain. Traffic passes through as an opaque TCP stream. Supports *.suffix wildcards. Use for domains that use certificate pinning. Parameters
NameTypeDescription
patternimpl Into<String>Domain or wildcard (e.g. "*.pinned-api.com")

intercept_ca_cert()

fn intercept_ca_cert(self, path: impl Into<PathBuf>) -> Self
Provide a custom CA certificate for TLS interception. By default, microsandbox generates an ephemeral CA and installs it in the guest’s trust store. Use this to provide a stable CA across sandbox restarts. Parameters
NameTypeDescription
pathimpl Into<PathBuf>Path to PEM-encoded CA certificate

intercept_ca_key()

fn intercept_ca_key(self, path: impl Into<PathBuf>) -> Self
Provide the private key for the custom interception CA certificate. Parameters
NameTypeDescription
pathimpl Into<PathBuf>Path to PEM-encoded CA private key

intercepted_ports()

fn intercepted_ports(self, ports: Vec<u16>) -> Self
Set the TCP ports where TLS interception is active. Default: [443]. Add additional ports if services use non-standard HTTPS ports. Parameters
NameTypeDescription
portsVec<u16>List of TCP ports

upstream_ca_cert()

fn upstream_ca_cert(self, path: impl Into<PathBuf>) -> Self
Trust an additional CA certificate when verifying upstream servers. Use this when connecting to servers with self-signed or private PKI certificates. Can be called multiple times to add several CAs. Parameters
NameTypeDescription
pathimpl Into<PathBuf>Path to PEM-encoded CA certificate

verify_upstream()

fn verify_upstream(self, verify: bool) -> Self
Control whether the TLS proxy verifies the upstream server’s certificate. When true, connections to servers with invalid or self-signed certificates are rejected. When false, all server certificates are accepted. Default: true. Parameters
NameTypeDescription
verifyboolEnable or disable

Types

Action

ValueDescription
AllowPermit the traffic
DenyDrop the traffic silently

Destination

VariantDescription
AnyMatch any address
Cidr(IpNetwork)Match a CIDR range (e.g. 10.0.0.0/8)
Domain(String)Match an exact domain
DomainSuffix(String)Match a domain suffix
Group(DestinationGroup)Match a predefined address group

DestinationGroup

ValueDescription
LinkLocal169.254.0.0/16, fe80::/10
Loopback127.0.0.0/8, ::1
MetadataCloud metadata endpoints (169.254.169.254)
Multicast224.0.0.0/4, ff00::/8
Private10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16

Direction

ValueDescription
InboundTraffic entering the sandbox (via published ports)
OutboundTraffic leaving the sandbox

NetworkPolicy

A network access policy consisting of a default action and an ordered list of rules evaluated first-match-wins.
FieldTypeDescription
default_actionActionAction when no rule matches
rulesVec<Rule>Ordered list of rules

PortRange

MethodDescription
PortRange::range(start, end)Match a range of ports (inclusive)
PortRange::single(port)Match a single port

Protocol

ValueDescription
Icmpv4ICMPv4 traffic
Icmpv6ICMPv6 traffic
TcpTCP traffic
UdpUDP traffic

Rule

A single network policy rule.
FieldTypeDescription
actionActionWhat to do when this rule matches
destinationDestinationTarget address filter
directionDirectionTraffic direction
portsOption<PortRange>Port filter (None matches all)
protocolOption<Protocol>Protocol filter (None matches all)
Convenience constructors:
MethodDescription
Rule::allow_outbound(destination)Create an outbound allow rule
Rule::deny_outbound(destination)Create an outbound deny rule

ViolationAction

Action taken when a secret placeholder is sent to a disallowed host.
ValueDescription
BlockSilently drop the request. The guest sees a connection reset. This is the default.
BlockAndLogDrop the request and emit a warning log on the host side.
BlockAndTerminateDrop the request, log an error, and shut down the entire sandbox.