[Solved] Relay IP Addresses for Firewall Allow Rule

Good Morning, Afternoon, evening! I have Syncthing running on a server at home as a middleman between my other devices that should be synced (Sunk sank??). I have the Syncthing port open to allow clients off of my network to directly connect, however there are some places I need sync where the network is limited in a way that makes it impossible without using the relays. (Blocking most ports other than 443, 80, 123, etc.)

I am using pfBlockerNG at home and have a bunch of lists, some of which appear to be blocking Syncthing relay IPs. When I turn filtering off, Syncthing is working, when I turn it on, Syncthing does not work over relays.

I have not been able to determine which IPs are related to Syncthing’s Relays, so I am curious if there is a list of IPs for the Syncthing relays so that I could allowlist them. Even better if there is a hosts list that I could direct pfBlockerNG to pull from once in a while.

Thanks in advance.

  • Subnet

Edit: Proper terminology.

The current relays in the default/global pool can be found on https://relays.syncthing.net, or https://relays.syncthing.net/endpoint for a more convenient-to-handle (at least for scripts) format.


Wow that is quite a lot! Thank you for pointing me in the right direction, I appreciate it :slight_smile:

1 Like