I’m considering switching to a new Internet Service Provider (aka an ISP). Their service is cheap and fast. But it is optimized to lower their support costs. So they do not do lots of things. I don’t get an IP.v4 address, only an IP.v6 address, and no port forwarding. I.e. they don’t expect the buyers to run services.

Currently, I have a handful of services. These are all private. A little web server, my collection of ebooks, a gateway that lets my Android phone use Apple’s Messages, a time machine server, etc.

I was pleased to realize that’s not a big deal. I have tailscale setup, so I can just let it dig a way out. That said, it doesn’t quite work if I want to occasionally let somebody outside the household access one of these services. And then there is always the worse case situations for which I prefer to have ssh access.

So here is work around. Cloudflare free tunnels.

If you install their software agent which MacOS is easy:

brew install cloudflare/cloudflare/cloudflared

You can then reveal any service by doing:

cloudflared tunnel --url http://localhost:8765

The log that emits will show you a random URL to reach (say https://ashley-approx-adrian-jewelry.trycloudflare.com) and if open that the tunnel will show you what ever the service listening on port 8765 of the localhost offers it.

FYI – you can quickly establish a service to test this with using python’s http.server module. For example, here we stand up a service that will reveal our /tmp directory on port 8765.

python3 -m http.server --directory /tmp 8765

That should get you started


Notice that at no point did you set up an account at Cloudflare.  To build more persistent tunnels you need to do that, but it will remain free.  To get tunnels that use your own domain names you will need to use their free DNS.  Their doc is ok, as are the tutorials out there.

Leave a Reply

Your email address will not be published. Required fields are marked *