rldp-http-proxy listens on 0.0.0.0 by default (not localhost how described in documentation) and cant be changed.

[rwxr-xr-x]

Documentation:

rldp-http-proxy -p 8080 -c 3333 -C ton-global.config.json       Runs a local HTTP->RLDP proxy that accepts HTTP proxy queries at localhost:8080
...
Your entry proxy will be available by HTTP on localhost port 8080.

$ ./rldp-http-proxy -C global.config.json -p 8080 -c 3333
...

$ ss -lntp
...
LISTEN 0 8192 0.0.0.0:8080 0.0.0.0:* users:(("rldp-http-proxy",pid=37880,fd=6))
...

Is this by design and should be managed by firewall?

[hikariatama]

0.0.0.0 - listen to all network interfaces 127.0.0.1 - listen only to local network

0.0.0.0 includes 127.0.0.1, even tho is not the same. I'd say it's the typo in docs. AFAIK the proxy is designed to be set up on a remote computer in order to connect to it from local one in future. Probably that's why it's 0.0.0.0 and not 127.0.0.1 aka localhost

[rwxr-xr-x]

I know how it works. The issue in the fact it listens on 0.0.0.0 without options to magane it (some filtering for example or when have more than one IP on server or disabling access from outside).

[hikariatama]

I know how it works. The issue in the fact it listens on 0.0.0.0 without options to magane it (some filtering for example or when have more than one IP on server or disabling access from outside).

Ig as for now we should manage it ourselves with a firewall, but it's a nice option to be added. E.g as argument "accept only local connections"

[rwxr-xr-x]

better make it up to user, choosing IP address, -l <address>:<port>

[hikariatama]

better make it up to user, choosing IP address, -l <address>:<port>

This can make it harder for newcomers. I'd say, we need both options, where accept only local connections defaults ip address to 127.0.0.1