diff --git a/Dockerfile b/Dockerfile
index dedc1c8..a370fd8 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -4,4 +4,5 @@ RUN apk update && apk add socat
 
 EXPOSE 2375
 
-CMD socat TCP-LISTEN:2375,reuseaddr,fork UNIX-CLIENT:/var/run/docker.sock
+COPY run.sh /
+ENTRYPOINT ["/run.sh"]
diff --git a/readme.md b/readme.md
index 9453f7c..96e5642 100644
--- a/readme.md
+++ b/readme.md
@@ -1,4 +1,6 @@
 Makes the Docker Remote API available via port 2375.
 
 Start with:
-`docker run -p 2375:2375 -v /var/run/docker.sock:/var/run/docker.sock jarkt/docker-remote-api`
+`docker run -d -p 2375:2375 --name docker_remote_api -v /var/run/docker.sock:/var/run/docker.sock vhanda/docker-remote-api ALLOWED_IP`
+
+Where `ALLOWED_IP` is the only IP which can connect to this machine.
diff --git a/run.sh b/run.sh
new file mode 100755
index 0000000..bdccd0a
--- /dev/null
+++ b/run.sh
@@ -0,0 +1,12 @@
+#!/usr/bin/env sh
+
+if [ -z "$1" ]; then
+    echo "First parameter must be the allowed IP"
+    exit 1
+fi
+
+set -eu
+ALLOWED_IP=$1
+
+echo "Starting Docker Remote API for IP $ALLOWED_IP"
+socat TCP-LISTEN:2375,reuseaddr,fork,range=${ALLOWED_IP}/32 UNIX-CLIENT:/var/run/docker.sock