Zero/Argo Tunnels - Restricting cloudflared process outgoing connections

I know it’s possible to implement a positive security model for egress connections via https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/install-and-setup/ports-and-ips

Is it possible to get the equivalent IP range? For example, does https://www.cloudflare.com/ips-v4 include all the IPs used by the daemon process? (I don’t mind if it’s a superset - any superset is better than no restrictions).

You can use these hostnames and ports.

1 Like

Thanks for the prompt help. If you mean the 198.41.* addresses: I thought about that, but nothing on the page confirms they are stable IPs. However, given that they are a subset of what www.cloudflare.com/ips-v4 returns, they are probably OK?..