OK... if you want to know the REAL benefit of doing this...<p>With this method, you effectively turn Cloudflare into a transport, which enables you to get around the limitation of Cloudflare. Say what if you want to transport UDP packets now (for your Wireguard for example)? Cloudflare don't really support that currently, but now it's achievable (albeit, not the best way).<p>The software used, both websocat, and gost is there to convert/proxy (non-Cloudflare specific) WebSocket connections to arbitrary TCP/UDP (supported by gost). You need to install them on both end of your endpoint through, to enable full conversion (App TCP client -> websocat/gost client -> [Cloudflare via Websocket] -> websocat/gost server -> App TCP server).<p>Also, you can use Tor network to do similar things, just with .onion service. Tor only supports TCP proxying (if I remembered it correctly), now you can do UDP too.
Cloudflare tunnels have been a blessing for me, as someone locked behind an apartments router trying to host services without the ability to forward ports. The fact that it's free, is the cherry on top.
I see options in my Cloudflare control panel to tunnel things besides HTTP(S) services (including TCP and SSH) via Cloudflare Tunnel. Am I misunderstanding the blog post?
I wrote something tangentially related, but for single user.<p>"gofwd" is a cross-platform TCP port forwarder with Duo 2FA and Geographic IP integration. Its use case is to help protect services when using a VPN is not possible. Before a connection is forwarded, the remote IP address is geographically checked against city, region (state), and/or country. Distance (in miles) can also be used. If this condition is satisfied, a Duo 2FA request can then be sent to a mobile device. The connection is only forwarded after Duo has verified the user.<p><a href="https://github.com/jftuga/gofwd">https://github.com/jftuga/gofwd</a>
Cloudflare Tunnel is a great service, but if you're looking for selfhosted alternatives I maintain a list here:<p><a href="https://github.com/anderspitman/awesome-tunneling">https://github.com/anderspitman/awesome-tunneling</a>
Hi, I'm the author of Inlets. We've seen a recent rise in users looking to tunnel TCP traffic w/o these kinds of hacks and additional tools.<p>I wrote up a quick guide back in early May - seems relevant to this article as one of the newest users couldn't get Cloudflare to work with TCP how he wanted.<p><a href="https://inlets.dev/blog/2023/05/04/expose-local-tcp-ports.html" rel="nofollow">https://inlets.dev/blog/2023/05/04/expose-local-tcp-ports.ht...</a>
I've been thinking about using a tunnel like this to host a retro computing website. My idea was to run OpenBSD i386 on an AMD K6-III (1999) host, then use the built-in webserver httpd(8) to render and serve a static site. The machine would be tunneled via Wireguard to a VPS, and the VPS could optionally terminate the TLS (and transmit plain HTTP over WG) to free up some CPU cycles. :)
I wrote something similar to be able to run vscode against any remote machine. This was before vscode's own tunnels.<p><a href="https://github.com/efrecon/sshd-cloudflared">https://github.com/efrecon/sshd-cloudflared</a><p>It automatically runs a dockerised sshd to access your directory. The sshd is configured using your github's keys to protect access.