Go to file
Devin Carr 3b522a27cf TUN-8807: Add support_datagram_v3 to remote feature rollout
Support rolling out the `support_datagram_v3` feature via remote feature rollout (DNS TXT record) with `dv3` key.

Consolidated some of the feature evaluation code into the features module to simplify the lookup of available features at runtime.

Reduced complexity for management logs feature lookup since it's a default feature.

Closes TUN-8807
2025-01-06 09:15:18 -08:00
.github Update semgrep.yml 2024-09-24 21:40:50 -04:00
.mac_resources AUTH-2712 mac package build script and better config file handling when started as a service 2020-06-25 16:44:57 -05:00
.teamcity TUN-8553: Bump go to 1.22.5 and go-boring 1.22.5-1 2024-11-04 01:25:49 -08:00
carrier TUN-7057: Remove dependency github.com/gorilla/mux 2022-12-24 21:05:51 -07:00
cfapi TUN-8281: Run cloudflared query list tunnels/routes endpoint in a paginated way 2024-03-19 16:35:40 +00:00
cfio TUN-6035: Reduce buffer size when proxying data 2022-04-11 14:41:33 +00:00
cmd/cloudflared TUN-8807: Add support_datagram_v3 to remote feature rollout 2025-01-06 09:15:18 -08:00
component-tests TUN-8708: Bump python min version to 3.10 2024-10-31 13:33:24 -07:00
config feat: auto tls sni 2024-04-02 14:56:44 -07:00
connection TUN-8640: Add ICMP support for datagram V3 2024-12-09 07:23:11 -08:00
credentials TUN-7134: Acquire token for cloudflared tail 2023-04-12 09:43:38 -07:00
datagramsession TUN-8692: remove dashes from session id 2024-10-25 05:45:24 -07:00
diagnostic TUN-8724: Add CLI command for diagnostic procedure 2024-12-13 10:07:56 -08:00
edgediscovery chore: Remove h2mux code 2024-10-15 13:10:30 -07:00
features TUN-8807: Add support_datagram_v3 to remote feature rollout 2025-01-06 09:15:18 -08:00
fips RTG-1339 Support post-quantum hybrid key exchange 2022-09-07 19:32:53 +00:00
hello TUN-7590: Remove usages of ioutil 2023-07-17 19:08:38 +00:00
ingress TUN-8640: Refactor ICMPRouter to support new ICMPResponders 2024-11-27 12:46:08 -08:00
internal/test TUN-7125: Add management streaming logs WebSocket protocol 2023-04-05 16:25:16 +00:00
ipaccess TUN-6016: Push local managed tunnels configuration to the edge 2022-05-06 15:43:24 +00:00
logger TUN-8807: Add support_datagram_v3 to remote feature rollout 2025-01-06 09:15:18 -08:00
management remove code that will not be executed 2024-08-07 14:31:49 +00:00
metrics TUN-8792: Make diag/system endpoint always return a JSON 2024-12-11 02:48:41 -08:00
orchestration TUN-8423: Deprecate older legacy tunnel capnp interfaces 2024-05-23 11:17:49 -07:00
overwatch AUTH-2169 make access login page more generic 2020-06-08 11:20:30 -05:00
packet TUN-8640: Refactor ICMPRouter to support new ICMPResponders 2024-11-27 12:46:08 -08:00
proxy TUN-8692: remove dashes from session id 2024-10-25 05:45:24 -07:00
quic TUN-8822: Prevent concurrent usage of ICMPDecoder 2024-12-19 07:19:36 -08:00
retry TUN-8427: Fix BackoffHandler's internally shared clock structure 2024-05-23 09:48:34 -07:00
signal TUN-1562: Refactor connectedSignal to be safe to close multiple times 2019-03-05 15:51:35 -06:00
socks TUN-7590: Remove usages of ioutil 2023-07-17 19:08:38 +00:00
sshgen TUN-8333: Bump go-jose dependency to v4 2024-04-10 09:49:40 -07:00
stream TUN-7545: Add support for full bidirectionally streaming with close signal propagation 2023-07-06 11:54:26 +01:00
supervisor TUN-8807: Add support_datagram_v3 to remote feature rollout 2025-01-06 09:15:18 -08:00
tlsconfig TUN-7590: Remove usages of ioutil 2023-07-17 19:08:38 +00:00
token TUN-8427: Fix BackoffHandler's internally shared clock structure 2024-05-23 09:48:34 -07:00
tracing add: new go-fuzz targets 2024-11-11 20:45:49 +05:30
tunneldns TUN-7590: Remove usages of ioutil 2023-07-17 19:08:38 +00:00
tunnelrpc TUN-8621: Prevent QUIC connection from closing before grace period after unregistering 2024-10-07 10:51:21 -05:00
tunnelstate TUN-8728: implement diag/tunnel endpoint 2024-11-25 10:43:32 -08:00
validation add: new go-fuzz targets 2024-11-11 20:45:49 +05:30
vendor TUN-8688: Correct UDP bind for IPv6 edge connectivity on macOS 2024-10-18 14:38:05 -07:00
watcher TUN-7584: Bump go 1.20.6 2023-07-26 13:52:40 -07:00
websocket TUN-7057: Remove dependency github.com/gorilla/mux 2022-12-24 21:05:51 -07:00
.docker-images TUN-6825: Fix cloudflared:version images require arch hyphens 2022-10-04 15:48:58 +00:00
.dockerignore TUN-5129: Use go 1.17 and copy .git folder to docker build to compute version 2021-09-21 15:50:35 +00:00
.gitignore TUN-8708: Bump python min version to 3.10 2024-10-31 13:33:24 -07:00
CHANGES.md TUN-8818: update changes document to reflect newly added diag subcommand 2024-12-18 04:26:38 -08:00
Dockerfile TUN-8829: add CONTAINER_BUILD to dockerfiles 2024-12-20 08:24:12 -08:00
Dockerfile.amd64 TUN-8829: add CONTAINER_BUILD to dockerfiles 2024-12-20 08:24:12 -08:00
Dockerfile.arm64 TUN-8829: add CONTAINER_BUILD to dockerfiles 2024-12-20 08:24:12 -08:00
LICENSE TUN-5851: Update all references to point to Apache License 2.0 2022-03-08 17:35:31 +00:00
Makefile TUN-8737: update metrics server port selection 2024-11-22 07:23:46 -08:00
README.md Fixed 404 in README.md to TryCloudflare 2024-11-04 23:25:53 +01:00
RELEASE_NOTES Release 2024.12.2 2024-12-19 15:28:18 +00:00
build-packages-fips.sh TUN-8583: change final directory of artifacts 2024-08-05 10:49:20 +01:00
build-packages.sh TUN-8583: change final directory of artifacts 2024-08-05 10:49:20 +01:00
catalog-info.yaml TUN-7599: Onboard cloudflared to Software Dashboard 2023-07-19 13:30:35 +00:00
cfsetup.yaml TUN-8795: update createrepo to createrepo_c to fix the release_pkgs.py script 2024-12-10 08:07:02 -08:00
check-fips.sh TUN-5551: Reintroduce FIPS compliance for linux amd64 now as separate binaries 2021-12-20 21:50:42 +00:00
cloudflared.wxs Remove extraneous `period` from Path Environment Variable (#1009) 2023-12-14 16:32:48 +00:00
cloudflared_man_template AUTH-2644: Change install location and add man page 2020-07-06 19:27:25 +00:00
dev.Dockerfile TUN-8553: Bump go to 1.22.5 and go-boring 1.22.5-1 2024-11-04 01:25:49 -08:00
fmt-check.sh TUN-6917: Bump go to 1.19.3 2022-11-07 09:19:19 -08:00
github_message.py TUN-6823: Update github release message to pull from KV 2022-10-11 15:43:06 +00:00
github_release.py TUN-8694: Rework release script 2024-10-24 09:43:02 -07:00
go.mod TUN-8685: Bump coredns dependency 2024-10-17 13:09:39 -07:00
go.sum TUN-8685: Bump coredns dependency 2024-10-17 13:09:39 -07:00
postinst.sh AUTH-2858: Set file to disable autoupdate 2020-07-10 18:03:07 +00:00
postrm.sh TUN-8290: Remove `|| true` from postrm.sh 2024-03-07 16:22:56 +00:00
release_pkgs.py TUN-8842: Add Ubuntu Noble and 'any' debian distributions to release script 2025-01-06 12:09:13 +00:00
wix.json AUTH-2712 mac package build script and better config file handling when started as a service 2020-06-25 16:44:57 -05:00

README.md

Cloudflare Tunnel client

Contains the command-line client for Cloudflare Tunnel, a tunneling daemon that proxies traffic from the Cloudflare network to your origins. This daemon sits between Cloudflare network and your origin (e.g. a webserver). Cloudflare attracts client requests and sends them to you via this daemon, without requiring you to poke holes on your firewall --- your origin can remain as closed as possible. Extensive documentation can be found in the Cloudflare Tunnel section of the Cloudflare Docs. All usages related with proxying to your origins are available under cloudflared tunnel help.

You can also use cloudflared to access Tunnel origins (that are protected with cloudflared tunnel) for TCP traffic at Layer 4 (i.e., not HTTP/websocket), which is relevant for use cases such as SSH, RDP, etc. Such usages are available under cloudflared access help.

You can instead use WARP client to access private origins behind Tunnels for Layer 4 traffic without requiring cloudflared access commands on the client side.

Before you get started

Before you use Cloudflare Tunnel, you'll need to complete a few steps in the Cloudflare dashboard: you need to add a website to your Cloudflare account. Note that today it is possible to use Tunnel without a website (e.g. for private routing), but for legacy reasons this requirement is still necessary:

  1. Add a website to Cloudflare
  2. Change your domain nameservers to Cloudflare

Installing cloudflared

Downloads are available as standalone binaries, a Docker image, and Debian, RPM, and Homebrew packages. You can also find releases here on the cloudflared GitHub repository.

User documentation for Cloudflare Tunnel can be found at https://developers.cloudflare.com/cloudflare-one/connections/connect-apps

Creating Tunnels and routing traffic

Once installed, you can authenticate cloudflared into your Cloudflare account and begin creating Tunnels to serve traffic to your origins.

TryCloudflare

Want to test Cloudflare Tunnel before adding a website to Cloudflare? You can do so with TryCloudflare using the documentation available here.

Deprecated versions

Cloudflare currently supports versions of cloudflared that are within one year of the most recent release. Breaking changes unrelated to feature availability may be introduced that will impact versions released more than one year ago. You can read more about upgrading cloudflared in our developer documentation.

For example, as of January 2023 Cloudflare will support cloudflared version 2023.1.1 to cloudflared 2022.1.1.