Dynamic Firewall - Configure Bypass of IPs

Hi everyone,

I am having trouble with my Pritunl setup. Some of our clients are behind an environment that uses outbound load balancer links. I haven’t been able to find an option in the interface or the documentation to bypass specific IPs.

We use SSO login, and I am considering creating a plugin using the sso_authenticate hook to implement logic based on source IPs, adding the load balancer IPs there.

However, I wanted to check if there is an alternative or cleaner way to configure IP bypasses within the Dynamic Firewall?

Any help or guidance would be greatly appreciated.

Best regards,
Lucas

You can add the IP addresses to the <server_id>_df and <server_id>_df6 ipset. This controls what IPv4 and IPv6 addresses can access the server. It should remain in the ipset until the server is restarted.