Skip to main content
Every sandbox has access to the internet and can be reached by a public URL.

Controlling internet access

You can control whether a sandbox has access to the internet by using the allowInternetAccess parameter when creating a sandbox. By default, internet access is enabled (true), but you can disable it for security-sensitive workloads.
When internet access is disabled, the sandbox cannot make outbound network connections, which provides an additional layer of security for sensitive code execution.
Setting allowInternetAccess to false is equivalent to setting network.denyOut to ['0.0.0.0/0'] (denying all traffic).

Fine-grained network control

For more granular control over network access, you can use the network configuration option to specify allow and deny lists for outbound traffic.

Allow and deny lists

You can specify IP addresses, CIDR blocks, or domain names that the sandbox is allowed to use:

Domain-based filtering

You can allow traffic to specific domains by specifying hostnames in allow out. When using domain-based filtering, you must include ALL_TRAFFIC in deny out to block all other traffic. Domains are not supported in the deny out list.
When any domain is used, the default nameserver 8.8.8.8 is automatically allowed to ensure proper DNS resolution.
You can also use wildcards to allow all subdomains of a domain:
You can combine domain names with IP addresses and CIDR blocks:
Domain-based filtering only works for HTTP traffic on port 80 (via Host header inspection) and TLS traffic on port 443 (via SNI inspection). Traffic on other ports uses CIDR-based filtering only. UDP-based protocols like QUIC/HTTP3 are not supported for domain filtering.

Priority rules

When both allow out and deny out are specified, allow rules always take precedence over deny rules. This means if an IP address is in both lists, it will be allowed.

ALL_TRAFFIC helper

The ALL_TRAFFIC constant represents the CIDR range 0.0.0.0/0, which matches all IP addresses. Use it to easily deny or allow all network traffic:

Per-host request transforms

Per-host request transforms are currently in private beta. If you’d like access, please reach out to us at support@e2b.dev.
You can register per-host rules under network.rules to apply transforms (for example, inject HTTP headers) on outbound requests matching a host. Rules are keyed by host and registering one does not grant egress on its own — the host must still be referenced via allowOut. The transform.headers object is sent on the wire as-is and injected by the egress proxy on matching HTTP/HTTPS requests.
In JavaScript, network.rules accepts either a plain object or a Map:
JavaScript & TypeScript

Selector callbacks for allowOut and denyOut

allowOut and denyOut accept either a static list (as shown above) or a selector callback that receives a context object — { allTraffic, rules } in JavaScript and ctx.all_traffic / ctx.rules in Python. This lets you derive policies from the registered rule hosts without duplicating them, and provides a typed alternative to importing ALL_TRAFFIC.
  • allTraffic (JS) / ctx.all_traffic (Python) is the literal '0.0.0.0/0'.
  • rules is a Map (Python Mapping) view of network.rules.
The selector form (({ allTraffic }) => [allTraffic] / lambda ctx: [ctx.all_traffic]) is the recommended way to express “everything”. The ALL_TRAFFIC constant is still exported for backward compatibility.

Updating network settings on a running sandbox

You can update the network configuration of an already running sandbox using updateNetwork (JavaScript) or update_network (Python). This replaces the current egress rules with the provided configuration without restarting the sandbox.
updateNetwork / update_network replaces the current egress configuration — it does not merge with the existing rules. Calling it with an empty object (updateNetwork({}) / update_network({})) clears all allowOut / denyOut / per-host rules set at create time.
The create-only options allowPublicTraffic and maskRequestHost cannot be changed after the sandbox is created.

Sandbox public URL

Every sandbox has a public URL that can be used to access running services inside the sandbox.
The code above will print something like this:
The first leftmost part of the host is the port number we passed to the method.

Restricting public access to sandbox URLs

By default, sandbox URLs are publicly accessible. You can restrict access to require authentication using the allowPublicTraffic option:
When allowPublicTraffic is set to false, all requests to the sandbox’s public URLs must include the e2b-traffic-access-token header with the value from sandbox.trafficAccessToken.

Connecting to a server running inside the sandbox

You can start a server inside the sandbox and connect to it using the approach above. In this example we will start a simple HTTP server that listens on port 3000 and responds with the content of the directory where the server is started.
This output will look like this:

Masking request host headers

You can customize the Host header that gets sent to services running inside the sandbox using the maskRequestHost option. This is useful when your application expects a specific host format.
The ${PORT} variable in the mask will be automatically replaced with the actual port number of the requested service.