WARP Tunnel Include-only mode (warp-cli)

I'd like to set up my WARP tunnel to tunnel only specific IP ranges. In the docs (https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/) it lists how to do this with a split-tunnel configuration, but it doesn't show how to do it using warp-cli. I can't do this through the Zero Trust dashboard because the device I'm trying to do this on is not enrolled in an organization. I've been able to fool the WARP client into include-only mode by stopping warp-svc, editing /var/lib/cloudflare-warp/settings.json, and restarting warp-svc, but that's not a very robust way as any configuration issues cause it to reset to factory configuration, tunneling all traffic and cutting off my SSH access to the server. Is there an official way to do this through the CLI? I'm able to add and remove IP ranges just fine, but I can't find a way to change it from Exclude-only to Include-only mode. Thanks!
3 Replies
micromashor
micromashorOP3mo ago
Update: it looks like include-only mode is not really supported. If I fool the running daemon into include-only mode and then attempt to add or remove IP ranges, I get Not yet implemented.. Seems this is a feature CF still needs to add
Chaika
Chaika3mo ago
yea I think only supported via Zero Trust. Same on Windows and other platforms, the UI of normal warp only lets you exclude not include.
. I can't do this through the Zero Trust dashboard because the device I'm trying to do this on is not enrolled in an organization.
Zero Trust Accounts are free, could always make one (or a second one) and enroll it just for this
micromashor
micromashorOP3mo ago
I looked into that and that's probably what I'll end up doing
Want results from more Discord servers?
Add your server