ZeroTier How to set acl permissions

I modified"C:\ProgramData\ZeroTier\One\networks.d*.local.conf"
The setting can only access port 80, and the zerotier service will not take effect after restarting multiple times

"settings": { /* Other global settings */
    "primaryPort": 80 /* If set, override default port of 9993 and any command line port */

default allocation has been deleted by me

So what you’re writing into networks.d/$NETWORK_ID.local.conf is not a valid $NETWORK_ID.local.conf structure and ZeroTier overwrites it with the proper configuration & format.

The configuration snippet you posted goes in C:\ProgramData\ZeroTier\One\local.conf and would tell the ZeroTier process to use port 80 as its primary communication port. It has no effect on the networks joined by ZeroTier.

It looks like you want to limit traffic on your network to port 80. That can only be done with the Rules Engine on the controller, and not a client side setting.

1 Like

Thank you very much for your answer, but I don’t know how to enter the rule engine, and there is no specific command. I turned over the document and only found writing configuration on the client side
My zerotier is deployed through docker. If I want to enter the rule engine, should I operate it in docker?
Can you give a command to operate the rule engine

Rules engine configuration is on your network configuration at If you’re self hosting a controller, then you’ll have to use the REST API for the controller.

How can I write it correctly? In networks.d/$NETWORK_ID.local.conf$NETWORK_ID.local.conf, I limit this server to only open port 80

ZeroTier flow rules are defined on the network, not on the local node.

You can use your operating system’s firewall if you want to do it locally.

This topic was automatically closed after 30 days. New replies are no longer allowed.