> ## Documentation Index > Fetch the complete documentation index at: https://e2b.mintlify.site/llms.txt > Use this file to discover all available pages before exploring further. # Update sandbox network > Update the network configuration for a running sandbox. Replaces the current egress rules with the provided configuration. Omitting field clears it. ## OpenAPI ````yaml /openapi-public.yml put /sandboxes/{sandboxID}/network openapi: 3.1.0 info: title: E2B API version: 0.1.0 description: >- Complete E2B developer API. Platform endpoints are served on api.e2b.app. Sandbox endpoints (envd) are served on the shared sandbox host (sandbox.e2b.app); target a specific sandbox with the E2b-Sandbox-Id and E2b-Sandbox-Port headers. servers: - url: https://api.e2b.app description: E2B Platform API security: [] tags: - name: Sandboxes - name: Templates - name: Tags - name: Volumes - name: Envd - name: Filesystem - name: Process - name: Teams paths: /sandboxes/{sandboxID}/network: servers: - url: https://api.e2b.app description: E2B Platform API put: tags: - Sandboxes summary: Update sandbox network description: >- Update the network configuration for a running sandbox. Replaces the current egress rules with the provided configuration. Omitting field clears it. operationId: putSandboxNetwork parameters: - $ref: '#/components/parameters/sandboxID' requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/SandboxNetworkUpdateConfig' responses: '204': description: Successfully updated the sandbox network configuration '401': $ref: '#/components/responses/401' '404': $ref: '#/components/responses/404' '409': $ref: '#/components/responses/409' '500': $ref: '#/components/responses/500' security: - ApiKeyAuth: [] components: parameters: sandboxID: name: sandboxID in: path required: true schema: type: string schemas: SandboxNetworkUpdateConfig: type: object description: >- Network configuration update for a running sandbox. Replaces the current egress rules with the provided configuration. Omitting a field clears it. properties: allowOut: type: array description: >- List of allowed destinations for egress traffic. Each entry can be a CIDR block (e.g. "8.8.8.8/32"), a bare IP address (e.g. "8.8.8.8"), or a domain name (e.g. "example.com", "*.example.com"). Allowed entries always take precedence over denied entries. items: type: string denyOut: type: array description: >- List of denied CIDR blocks or IP addresses for egress traffic. Domain names are not supported for deny rules. items: type: string egressProxy: $ref: '#/components/schemas/SandboxEgressProxyConfig' rules: type: object description: >- Per-domain transform rules. Replaces all existing rules when provided. additionalProperties: type: array items: $ref: '#/components/schemas/SandboxNetworkRule' allow_internet_access: type: boolean description: >- Allow sandbox to access the internet. When set to false, it behaves the same as specifying denyOut to 0.0.0.0/0 in the network config. SandboxEgressProxyConfig: type: object nullable: true description: >- SOCKS5 proxy for sandbox egress. Outbound TCP is tunneled through the proxy after allow/deny filtering; the sandbox is unaware. Domain-matched flows use remote DNS (ATYP=domain). required: - address properties: address: type: string description: >- SOCKS5 proxy address in host:port format (e.g. "proxy.example.com:1080"). username: type: string maxLength: 255 description: Optional SOCKS5 username (RFC 1929), max 255 bytes. password: type: string maxLength: 255 description: Optional SOCKS5 password (RFC 1929), max 255 bytes. SandboxNetworkRule: type: object description: Transform rule applied to egress requests matching a domain pattern. properties: transform: $ref: '#/components/schemas/SandboxNetworkTransform' Error: required: - code - message properties: code: type: integer format: int32 description: Error code message: type: string description: Error type: object SandboxNetworkTransform: type: object description: Transformations applied to matching egress requests before forwarding. properties: headers: type: object description: > HTTP headers to inject or override in matching requests. An existing header with the same name is replaced. Values are plain strings; secret resolution happens client-side before sending to the API. additionalProperties: type: string responses: '401': description: Authentication error content: application/json: schema: $ref: '#/components/schemas/Error' '404': description: Not found content: application/json: schema: $ref: '#/components/schemas/Error' '409': description: Conflict content: application/json: schema: $ref: '#/components/schemas/Error' '500': description: Server error content: application/json: schema: $ref: '#/components/schemas/Error' securitySchemes: ApiKeyAuth: type: apiKey in: header name: X-API-Key ````