tcp-inlet create

ockam tcp-inlet create [OPTIONS]

Create TCP Inlets

Options

  • --at [NODE_NAME] (optional)
    Node on which to start the TCP Inlet

  • --from [SOCKET_ADDRESS] (optional)
    Address on which to accept TCP connections

  • --to [ROUTE] (optional)
    Route to a TCP Outlet or the name of the TCP Outlet service you want to connect to

  • --via [RELAY_NAME] (optional)
    Name of the relay that this TCP Inlet will use to connect to the TCP Outlet

  • --identity [IDENTITY_NAME] (optional)
    Identity to be used to create the secure channel. If not set, the node's identity will be used

  • --authorized [AUTHORIZED] (optional)
    Authorized identifier for secure channel connection

  • --alias [ALIAS] (optional)
    Assign a name to this TCP Inlet

  • --allow [POLICY_EXPRESSION] (optional)
    Policy expression that will be used for access control to the TCP Inlet. If you don't provide it, the policy set for the "tcp-inlet" resource type will be used

  • --connection-wait [WAIT] (optional)
    Time to wait for the outlet to be available

  • --retry-wait [RETRY] (optional)
    Time to wait before retrying to connect to the TCP Outlet

  • --timeout [TIMEOUT] (optional)
    Override the default timeout duration that the command will wait for a response

  • --no-connection-wait (optional)
    Create the TCP Inlet without waiting for the TCP Outlet to connect

  • --udp (optional)
    Enable UDP NAT puncture

  • --no-tcp-fallback (optional)
    Disable fallback to TCP. TCP won't be used to transfer data between the Inlet and the Outlet

  • --privileged (optional)
    Use eBPF and RawSocket to access TCP packets instead of TCP data stream. If OCKAM_PRIVILEGED env variable is set to 1, this argument will be true

  • --tls (optional)
    Enable TLS for the TCP Inlet. Uses the default project TLS certificate provider, /project/default/service/tls_certificate_provider. To specify a different certificate provider, use --tls-certificate-provider. Requires ockam-tls-certificate credential attribute

  • --tls-certificate-provider [ROUTE] (optional)
    Enable TLS for the TCP Inlet using the provided certificate provider. Requires ockam-tls-certificate credential attribute

Examples

# To create a new TCP inlet at the given address using the default node
$ ockam tcp-inlet create --from 127.0.0.1:5000 --to /node/n1/service/outlet

# To create a new TCP inlet at the given address using a specific node
$ ockam tcp-inlet create --at n2 --from 127.0.0.1:5000 --to /node/n1/service/outlet