LandJail
Note
Agent Firewall requires the AI Governance Add-On. As of Coder v2.32, deployments without the add-on will not be able to access Agent Firewall.
landjail is Agent Firewall's alternative jail type that uses Landlock V4 for network isolation.
Overview
Agent Firewall uses Landlock V4 to enforce network restrictions:
- All
bindsyscalls are forbidden - All
connectsyscalls are forbidden except to the port that is used by http proxy
This provides network isolation without requiring network namespace capabilities or special Docker permissions.