I understand that I can run a relay and discovery node and not have them join the public pool.
My question is, given that a relay/discovery node is a publicly hosted service and is likely to be port scanned, is there any way to prevent access to the relay/discovery node from anyone on the internet except my devices?