You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 
cthuang 97309d81ab Release 2022.1.2 7 months ago
.github/workflows TUN-5012: Use patched go-sumtype 12 months ago
.mac_resources AUTH-2712 mac package build script and better config file handling when started as a service 2 years ago
.teamcity TUN-5164: Update README and clean up references to Argo Tunnel (using Cloudflare Tunnel instead) 11 months ago
carrier Fix typos 9 months ago
certutil Fix typos 9 months ago
cfapi TUN-5482: Refactor tunnelstore client related packages for more coherent package 8 months ago
cmd/cloudflared TUN-5551: Show whether the binary was built for FIPS compliance 8 months ago
component-tests TUN-5600: Add coverage to component tests for various transports 7 months ago
config TUN-4359: Warn about unused keys in 'tunnel ingress validate' 1 year ago
connection TUN-5623: Configure quic max datagram frame size to 1350 bytes for none Windows platforms 7 months ago
datagramsession TUN-5623: Configure quic max datagram frame size to 1350 bytes for none Windows platforms 7 months ago
edgediscovery TUN-5138: Switch to QUIC on auto protocol based on threshold 10 months ago
fips TUN-3905: Cannot run go mod vendor in cloudflared due to fips 1 year ago
h2mux TUN-5551: Reintroduce FIPS compliance for linux amd64 now as separate binaries 8 months ago
hello TUN-5164: Update README and clean up references to Argo Tunnel (using Cloudflare Tunnel instead) 11 months ago
ingress TUN-5481: Create abstraction for Origin UDP Connection 8 months ago
ipaccess TUN-4017: Add support for using cloudflared as a full socks proxy. 1 year ago
logger TUN-4067: Reformat code for consistent import order, grouping, and fix formatting. Added goimports target to the Makefile to make this easier in the future. 1 year ago
metrics TUN-5551: Show whether the binary was built for FIPS compliance 8 months ago
origin TUN-5623: Configure quic max datagram frame size to 1350 bytes for none Windows platforms 7 months ago
overwatch AUTH-2169 make access login page more generic 2 years ago
quic TUN-5623: Configure quic max datagram frame size to 1350 bytes for none Windows platforms 7 months ago
retry TUN-3863: Consolidate header handling logic in the connection package; move headers definitions from h2mux to packages that manage them; cleanup header conversions 1 year ago
signal TUN-1562: Refactor connectedSignal to be safe to close multiple times 4 years ago
socks Fix typos 9 months ago
ssh_server_tests Fix typos 9 months ago
sshgen TUN-5551: Reintroduce FIPS compliance for linux amd64 now as separate binaries 8 months ago
tlsconfig TUN-5612: Make tls min/max version public visible 8 months ago
token TUN-5551: Reintroduce FIPS compliance for linux amd64 now as separate binaries 8 months ago
tunneldns Fix typos 9 months ago
tunnelrpc TUN-5494: Send a RPC with terminate reason to edge if the session is closed locally 8 months ago
tunnelstate TUN-5368: Log connection issues with LogLevel that depends on tunnel state 9 months ago
validation TUN-5164: Update README and clean up references to Argo Tunnel (using Cloudflare Tunnel instead) 11 months ago
vendor TUN-5623: Configure quic max datagram frame size to 1350 bytes for none Windows platforms 7 months ago
watcher TUN-5551: Reintroduce FIPS compliance for linux amd64 now as separate binaries 8 months ago
websocket Revert "TUN-5184: Make sure outstanding websocket write is finished, and no more writes after shutdown" 10 months ago
.docker-images AUTH-2871: fix rpm builds 2 years ago
.dockerignore TUN-5129: Use go 1.17 and copy .git folder to docker build to compute version 11 months ago
.gitignore TUN-4761: Added a build-all-packages target to cfsetup 1 year ago
CHANGES.md TUN-5584: Changes for release 2021.12.2 8 months ago
Dockerfile TUN-5129: Use go 1.17 and copy .git folder to docker build to compute version 11 months ago
LICENSE TUN-595: Add License/Readme files to cloudflared 4 years ago
Makefile TUN-5551: Internally published debian artifacts are now named just cloudflared even though they are FIPS compliant 7 months ago
README.md TUN-5164: Update README and clean up references to Argo Tunnel (using Cloudflare Tunnel instead) 11 months ago
RELEASE_NOTES Release 2022.1.2 7 months ago
build-packages-fips.sh TUN-5551: Reintroduce FIPS compliance for linux amd64 now as separate binaries 8 months ago
build-packages.sh TUN-5551: Reintroduce FIPS compliance for linux amd64 now as separate binaries 8 months ago
cfsetup.yaml TUN-5650: Fix pynacl version to 1.4.0 and pygithub version to 1.55 so release doesn't break unexpectedly 7 months ago
check-fips.sh TUN-5551: Reintroduce FIPS compliance for linux amd64 now as separate binaries 8 months ago
cloudflared.wxs TUN-4911: Append Environment variable to Path instead of overwriting it 1 year ago
cloudflared_man_template AUTH-2644: Change install location and add man page 2 years ago
dev.Dockerfile TUN-5631: Build everything with go 1.17.5 7 months ago
fmt-check.sh TUN-4067: Reformat code for consistent import order, grouping, and fix formatting. Added goimports target to the Makefile to make this easier in the future. 1 year ago
github_message.py AUTH-3148 fixed cloudflared copy and match all the files in the checksum upload 2 years ago
github_release.py Fix typos 9 months ago
go.mod TUN-5623: Configure quic max datagram frame size to 1350 bytes for none Windows platforms 7 months ago
go.sum TUN-5623: Configure quic max datagram frame size to 1350 bytes for none Windows platforms 7 months ago
jet.yaml TUN-5164: Update README and clean up references to Argo Tunnel (using Cloudflare Tunnel instead) 11 months ago
postinst.sh AUTH-2858: Set file to disable autoupdate 2 years ago
postrm.sh AUTH-2858: Set file to disable autoupdate 2 years ago
wix.json AUTH-2712 mac package build script and better config file handling when started as a service 2 years ago

README.md

Cloudflare Tunnel client

Contains the command-line client for Cloudflare Tunnel, a tunneling daemon that proxies traffic from the Cloudflare network to your origins. This daemon sits between Cloudflare network and your origin (e.g. a webserver). Cloudflare attracts client requests and sends them to you via this daemon, without requiring you to poke holes on your firewall --- your origin can remain as closed as possible. Extensive documentation can be found in the Cloudflare Tunnel section of the Cloudflare Docs. All usages related with proxying to your origins are available under cloudflared tunnel help.

You can also use cloudflared to access Tunnel origins (that are protected with cloudflared tunnel) for TCP traffic at Layer 4 (i.e., not HTTP/websocket), which is relevant for use cases such as SSH, RDP, etc. Such usages are available under cloudflared access help.

You can instead use WARP client to access private origins behind Tunnels for Layer 4 traffic without requiring cloudflared access commands on the client side.

Before you get started

Before you use Cloudflare Tunnel, you'll need to complete a few steps in the Cloudflare dashboard: you need to add a website to your Cloudflare account. Note that today it is possible to use Tunnel without a website (e.g. for private routing), but for legacy reasons this requirement is still necessary:

  1. Add a website to Cloudflare
  2. Change your domain nameservers to Cloudflare

Installing cloudflared

Downloads are available as standalone binaries, a Docker image, and Debian, RPM, and Homebrew packages. You can also find releases here on the cloudflared GitHub repository.

User documentation for Cloudflare Tunnel can be found at https://developers.cloudflare.com/cloudflare-one/connections/connect-apps

Creating Tunnels and routing traffic

Once installed, you can authenticate cloudflared into your Cloudflare account and begin creating Tunnels to serve traffic to your origins.

TryCloudflare

Want to test Cloudflare Tunnel before adding a website to Cloudflare? You can do so with TryCloudflare using the documentation available here.

Deprecated versions

Cloudflare currently supports versions of cloudflared 2020.5.1 and later. Breaking changes unrelated to feature availability may be introduced that will impact versions released prior to 2020.5.1. You can read more about upgrading cloudflared in our developer documentation.

Version(s) Deprecation status
2020.5.1 and later Supported
Versions prior to 2020.5.1 No longer supported