Whitelist TCP Traffic

Traefik Traefik v2
, ,
1

Is there a way to whitelist TCP traffic akin to ACLs in HAProxy?

Trying to do something like this:

 [tcp.routers]
      [tcp.routers.kubeapi]
        entrypoints = ["https"]
        rule = "HostSNI(`kubernetes`)"
        middlewares = ["kube_whitelist"]
        service = "kubeapi"
      [tcp.routers.kubeapi.tls]
        passthrough = true
      [tcp.services]
        [tcp.services.kubeapi.LoadBalancer]
          [[tcp.services.kubeapi.LoadBalancer.servers]]
            address = "kubernetes.default:443"

    [tcp.middlewares]
      [tcp.middlewares.kube_whitelist.ipWhiteList]
        sourceRange = ["1.2.3.4/32"]
1 Like
2

Hello @acaire,

Today there is no tcp middleware available in traefik v2.

3

Thought as much, thanks all the same!

4

Hello,
There is a hope that one day we can configure some of the available middleware for TCP ?
Like whitelist, basicauth, ForwardAuth.
Or this is impossible by design?
Best regards,

Brice

5

I'd love to see middleware added to TCP (what's possible anyway). What I'm after most is IP Whitelisting for TCP services.

1 Like
6

Also looking for this feature!