Skip to main content
PUT
/
sandboxes
/
{sandboxID}
/
network
cURL
curl --request PUT \
  --url https://api.e2b.app/sandboxes/{sandboxID}/network \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "allowOut": [
    "<string>"
  ],
  "denyOut": [
    "<string>"
  ],
  "egressProxy": {
    "address": "<string>",
    "username": "<string>",
    "password": "<string>"
  },
  "rules": {},
  "allow_internet_access": true
}
'
{
  "code": 123,
  "message": "<string>"
}

Authorizations

X-API-Key
string
header
required

Path Parameters

sandboxID
string
required

Body

application/json

Network configuration update for a running sandbox. Replaces the current egress rules with the provided configuration. Omitting a field clears it.

allowOut
string[]

List of allowed destinations for egress traffic. Each entry can be a CIDR block (e.g. "8.8.8.8/32"), a bare IP address (e.g. "8.8.8.8"), or a domain name (e.g. "example.com", "*.example.com"). Allowed entries always take precedence over denied entries.

denyOut
string[]

List of denied CIDR blocks or IP addresses for egress traffic. Domain names are not supported for deny rules.

egressProxy
object

SOCKS5 proxy for sandbox egress. Outbound TCP is tunneled through the proxy after allow/deny filtering; the sandbox is unaware. Domain-matched flows use remote DNS (ATYP=domain).

rules
object

Per-domain transform rules. Replaces all existing rules when provided.

allow_internet_access
boolean

Allow sandbox to access the internet. When set to false, it behaves the same as specifying denyOut to 0.0.0.0/0 in the network config.

Response

Successfully updated the sandbox network configuration