pub type AllowedIps = Arc<RwLock<LruCache<Ipv4Addr, ()>>>;Expand description
Cache of IPs that the proxy is allowed to connect to. Populated by DNS resolution of allowed domains. When the domain allowlist is active, TCP connections to IPs not in this cache are rejected, closing the bypass where a guest connects directly to a hardcoded IP.
Bounded via LRU so long-lived sandboxes do not accumulate stale IPs indefinitely. Recency is bumped on lookup, so IPs in active use stay warm.
Aliased Typeยง
pub struct AllowedIps { /* private fields */ }