Cloudflare Tunnel (fixed broken by http block firewall rule)
youd need to access the machine a different way and check the logs
30 Replies
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
depends how you installed cloudflared
if you installed a service,
sudo journalctl -u cloudflared -f and then reproduce the issue and it should appearUnknown User•3y ago
Message Not Public
Sign In & Join Server To View
yes so try doing that while the log tail is open and see if it logs any errors
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
Ctrl+C
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
Thats weird then
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
normally you want to set the IP to localhost (127.0.0.1)
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
Is there anything in your browsers console or network log in devtools when you try accessing SSH? Have you tried connecting from SSH CLI (
cloudflared access ssh-config, add the config and then ssh to it)
And as weird as it sounds, have you checked Cloudflare's Firewall logsUnknown User•3y ago
Message Not Public
Sign In & Join Server To View
Errors or just warnings?
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
Does it tell you why and is it definitely the right domain?
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
Alright
Had one like this before, someone changed a rule to make it more strict and it broke all their SSH
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
They didn't realise it applied to SSH but those are done over HTTPS so the same settings take effect
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
¯\_(ツ)_/¯
thats controlled by your browser, and may be different for websockets, impossible to know for sure
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
this is why blocking based on http version is not actually as smart as it seems, because browsers use older versions for all kinds of strange reasons we cant fathom
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
it looks like chrome may prefer http 1.1 for websockets
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
no idea why, but there you are
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
no problem, anytime