Cloudflare/WARP Connector: Difference between revisions

From Chorke Wiki
Jump to navigation Jump to search
← Older edit
VisualWikitext
 
(31 intermediate revisions by the same user not shown)
Line 2: Line 2:
{|
{|
| valign="top" |
| valign="top" |
<syntaxhighlight lang="bash">
cat << EXE | sudo bash
systemctl daemon-reload
systemctl enable  warp-svc.service
systemctl start  warp-svc.service
systemctl status  warp-svc.service
EXE
</syntaxhighlight>


| valign="top" |
| valign="top" |
<syntaxhighlight lang="bash">
cat << EXE | sudo bash
systemctl daemon-reload
systemctl disable warp-svc.service
systemctl stop    warp-svc.service
systemctl status  warp-svc.service
EXE
</syntaxhighlight>


| valign="top" |
| valign="top" |
<syntaxhighlight lang="bash">
warp-cli registration delete
warp-cli connector new eyJhIjoiNW…
warp-cli registration show
warp-cli settings
warp-cli connect
warp-cli status
</syntaxhighlight>
|-
| colspan="3" |
----
|-
| colspan="3" |
<syntaxhighlight lang="bash">
echo "$(cat <<EOF | jq -s '.[0] * .[1]' /var/lib/cloudflare-warp/conf.json -
{
  "tunnel": "shahed-aa-chorke-com-warp"
}
EOF
)" | sudo tee /var/lib/cloudflare-warp/conf.json > /dev/null
          cat /var/lib/cloudflare-warp/conf.json | jq -r .tunnel
</syntaxhighlight>
|-
| colspan="3" |
----
|-
| colspan="3" |
<syntaxhighlight lang="bash">
cat <<EOF | jq -r .| sudo tee /var/lib/cloudflare-warp/tunnel-info.json > /dev/null
{
  "tunnel": "shahed-aa-chorke-com-warp"
}
EOF
cat /var/lib/cloudflare-warp/tunnel-info.json|jq -r .tunnel
</syntaxhighlight>


|-
|-
Line 12: Line 66:
|-
|-
| valign="top" |
| valign="top" |
<syntaxhighlight lang="bash">
sudo cat /var/lib/cloudflare-warp/reg.json    |jq -r
    cat /var/lib/cloudflare-warp/settings.json|jq -r
    cat /var/lib/cloudflare-warp/conf.json    |jq -r
</syntaxhighlight>


| valign="top" |
| valign="top" |
Line 17: Line 76:
| valign="top" |
| valign="top" |


|}
==WARP Client » Usage==
{|
| valign="top" |
<syntaxhighlight lang="bash">
warp-cli disconnect
warp-cli connect
warp-cli status
</syntaxhighlight>
| valign="top" |
<syntaxhighlight lang="bash">
telnet 10.19.83.68 5432
telnet 10.19.83.68 3306
telnet 10.19.83.68 22
</syntaxhighlight>
| valign="top" |
<syntaxhighlight lang="bash">
nmap 10.19.83.68 --reason -Pn -p22,3306,5432
nmap 10.19.83.68 --reason -Pn --top 20
tail -n100 -f /var/log/kern.log
</syntaxhighlight>
|}
==WARP Client » Exclude==
{|class="wikitable"
|-
| colspan="3"| Settings » 0Trust » WARP Client » Device settings » Profile settings » Default » Configure »
|-
| colspan="3"| Split Tunnels » Exclude IPs and domains » Manage » Manage Split Tunnels
|-
!scope="col"| Name    !!scope="col"| Network            !!scope="col"              | Exclude
|-
| Network » OpenVPN  || <code>10.20.30.0/24</code>    ||style='text-align:center'| ✅
|-
| Network » Hetzner  || <code>10.20.31.0/24</code>    ||style='text-align:center'| ✅
|-
| Network » Docker    || <code>10.20.13.0/24</code>    ||style='text-align:center'| ✅
|-
| Network » Home      || <code>10.19.83.0/24</code>    ||style='text-align:center'| ✅
|-
| Network » LXD      || <code>10.20.0.0/24</code>      ||style='text-align:center'| ✅
|}
|}


==Playground==
==Playground==
{|
{|
| valign="top" |
<syntaxhighlight lang="bash">
sudo systemctl disable --now warp-svc
sudo systemctl enable  --now warp-svc
systemctl status warp-svc
</syntaxhighlight>
| valign="top" |
<syntaxhighlight lang="bash">
sudo systemctl disable --now warp-svc
sudo rm -rf /var/lib/cloudflare-warp/
sudo systemctl enable  --now warp-svc
</syntaxhighlight>
| valign="top" |
<syntaxhighlight lang="bash">
sudo ls -lah /var/lib/cloudflare-warp/
warp-cli connector new eyJhIjoiNW…
warp-cli connect
</syntaxhighlight>
|-
| colspan="3" |
----
|-
| valign="top" |
| valign="top" |
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
Line 37: Line 166:
| valign="top" |
| valign="top" |
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
 
    cat /var/lib/cloudflare-warp/cfwarp_snapshots_collection.txt
sudo cat /var/lib/cloudflare-warp/reg.json | jq -r
ls  -alh /var/lib/cloudflare-warp/crash_reports/
</syntaxhighlight>
</syntaxhighlight>


Line 85: Line 216:
| valign="top" |
| valign="top" |
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
cat     /var/lib/cloudflare-warp/settings.json|jq -r
    cat /var/lib/cloudflare-warp/settings.json|jq -r
cat     /var/lib/cloudflare-warp/conf.json|jq -r
    cat /var/lib/cloudflare-warp/conf.json|jq -r
ls -alh /var/lib/cloudflare-warp/
ls -alh /var/lib/cloudflare-warp/
</syntaxhighlight>
</syntaxhighlight>
|-
| colspan="3" |
----
|-
| valign="top" |
<syntaxhighlight lang="bash">
warp-cli settings
warp-cli certs
warp-cli vnet
</syntaxhighlight>
| valign="top" |
<syntaxhighlight lang="bash">
curl https://www.cloudflare.com/cdn-cgi/trace/
# warp=plus
# gateway=off
</syntaxhighlight>
| valign="top" |
'''Families mode off:''' <code>warp-cli dns families off</code>
'''Malware protection:''' <code>warp-cli dns families malware</code>
'''Malware and adult content:''' <code>warp-cli dns families full</code>
|-
| colspan="3" |
----
|-
| valign="top" |
<syntaxhighlight lang="bash">
cat /proc/sys/net/ipv4/ip_forward
sysctl net.ipv4.ip_forward
</syntaxhighlight>
| valign="top" |
<syntaxhighlight lang="bash">
sudo sysctl -w net.ipv4.ip_forward=0
sudo sysctl -w net.ipv4.ip_forward=1
</syntaxhighlight>
| valign="top" |
<syntaxhighlight lang="bash">
cat /etc/sysctl.conf
sudo sysctl -p
</syntaxhighlight>
|-
| colspan="3" |
----
|-
| valign="top" |
<syntaxhighlight lang="bash">
# shahed-ab » avoid conflict own ip
sudo warp-cli add-exclude 10.20.40.2
# hetzner-aa » avoid conflict own ip
sudo warp-cli add-exclude 10.20.41.1
</syntaxhighlight>
| valign="top" |
| valign="top" |


|}
|}
Line 103: Line 296:
* [https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/use-cases/smb/ Cloudflare » Zero Trust » SMB]
* [https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/use-cases/smb/ Cloudflare » Zero Trust » SMB]
* [https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/use-cases/ssh/ Cloudflare » Zero Trust » SSH]
* [https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/use-cases/ssh/ Cloudflare » Zero Trust » SSH]
* [[Cloudflare/Argo Tunnel|Cloudflare » Argo Tunnel]]
* [https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/ Cloudflare » Tunnel]
* [[Cloudflare]]
* [https://www.cloudflare.com/learning/access-management/what-is-ssh/ Cloudflare » SSH]


|valign="top"|
|valign="top"|
Line 110: Line 303:
* [https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/ Cloudflare » Zero Trust » Devices » WARP]
* [https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/ Cloudflare » Zero Trust » Devices » WARP]
* [https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/private-net/warp-connector/ Cloudflare » WARP Connector]
* [https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/private-net/warp-connector/ Cloudflare » WARP Connector]
* [https://play.google.com/store/apps/details?id=com.cloudflare.cloudflareoneagent&hl=en_US&gl=US Cloudflare » WARP » Android]
* [https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/ Cloudflare » Split Tunnels]
* [https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/split-tunnels/ Cloudflare » Split Tunnels]
* [https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/ Cloudflare » Tunnel]
* [https://apps.apple.com/us/app/cloudflare-one-agent/id6443476492 Cloudflare » WARP » iOS]
* [https://www.cloudflare.com/learning/access-management/what-is-ssh/ Cloudflare » SSH]
 
|valign="top"|
 
|-
|colspan="3"|
----
|-
|valign="top"|
* [https://chorke.cloudflareaccess.com Cloudflare » Access » Chorke]
* [[Cloudflare/Argo Tunnel|Cloudflare » Argo Tunnel]]
* [[Cloudflare/WARP Host|Cloudflare » WARP Host]]
* [[Cloudflare]]
 
|valign="top"|


|valign="top"|
|valign="top"|
Line 146: Line 353:
|valign="top"|
|valign="top"|
* [https://serverfault.com/questions/901364/ CIDR » Restrict access to single IP]
* [https://serverfault.com/questions/901364/ CIDR » Restrict access to single IP]
* [[SSH/Public Key Authentication|SSH » Public Key Authentication]]
* [[SSH Port Forwarding|SSH » Port Forwarding]]
* [https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=32&cip=10.20.40.1&ctype=ipv4&x=Calculate CIDR » 10.20.40.1/32]
* [https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=32&cip=10.20.40.1&ctype=ipv4&x=Calculate CIDR » 10.20.40.1/32]
* [https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=24&cip=10.20.40.1&ctype=ipv4&x=Calculate CIDR » 10.20.40.1/24]
* [https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=24&cip=10.20.40.1&ctype=ipv4&x=Calculate CIDR » 10.20.40.1/24]
* [https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=32&cip=10.19.83.1&ctype=ipv4&x=Calculate CIDR » 10.19.83.1/32]
* [https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=32&cip=10.19.83.1&ctype=ipv4&x=Calculate CIDR » 10.19.83.1/32]
* [https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=24&cip=10.19.83.1&ctype=ipv4&x=Calculate CIDR » 10.19.83.1/24]
* [https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=24&cip=10.19.83.1&ctype=ipv4&x=Calculate CIDR » 10.19.83.1/24]
* [[Linux User Creation]]


|}
|}

Latest revision as of 04:48, 17 February 2025

WARP Client

cat << EXE | sudo bash
systemctl daemon-reload
systemctl enable  warp-svc.service
systemctl start   warp-svc.service
systemctl status  warp-svc.service
EXE

cat << EXE | sudo bash
systemctl daemon-reload
systemctl disable warp-svc.service
systemctl stop    warp-svc.service
systemctl status  warp-svc.service
EXE

warp-cli registration delete
warp-cli connector new eyJhIjoiNW…
warp-cli registration show
warp-cli settings
warp-cli connect
warp-cli status

echo "$(cat <<EOF | jq -s '.[0] * .[1]' /var/lib/cloudflare-warp/conf.json -
{
  "tunnel": "shahed-aa-chorke-com-warp"
}
EOF
)" | sudo tee /var/lib/cloudflare-warp/conf.json > /dev/null
          cat /var/lib/cloudflare-warp/conf.json | jq -r .tunnel

cat <<EOF | jq -r .| sudo tee /var/lib/cloudflare-warp/tunnel-info.json > /dev/null
{
  "tunnel": "shahed-aa-chorke-com-warp"
}
EOF

cat /var/lib/cloudflare-warp/tunnel-info.json|jq -r .tunnel

sudo cat /var/lib/cloudflare-warp/reg.json     |jq -r
     cat /var/lib/cloudflare-warp/settings.json|jq -r
     cat /var/lib/cloudflare-warp/conf.json    |jq -r

WARP Client » Usage

warp-cli disconnect
warp-cli connect
warp-cli status

telnet 10.19.83.68 5432
telnet 10.19.83.68 3306
telnet 10.19.83.68 22

nmap 10.19.83.68 --reason -Pn -p22,3306,5432
nmap 10.19.83.68 --reason -Pn --top 20
tail -n100 -f /var/log/kern.log

WARP Client » Exclude

Settings » 0Trust » WARP Client » Device settings » Profile settings » Default » Configure »
Split Tunnels » Exclude IPs and domains » Manage » Manage Split Tunnels
Name Network Exclude
Network » OpenVPN 10.20.30.0/24
Network » Hetzner 10.20.31.0/24
Network » Docker 10.20.13.0/24
Network » Home 10.19.83.0/24
Network » LXD 10.20.0.0/24

Playground

sudo systemctl disable --now warp-svc
sudo systemctl enable  --now warp-svc
systemctl status warp-svc

sudo systemctl disable --now warp-svc
sudo rm -rf /var/lib/cloudflare-warp/
sudo systemctl enable  --now warp-svc

sudo ls -lah /var/lib/cloudflare-warp/
warp-cli connector new eyJhIjoiNW…
warp-cli connect

warp-cli registration delete
warp-cli registration show
warp-cli registration new

warp-cli tunnel host remove chorke.org
warp-cli tunnel host add    chorke.org
warp-cli tunnel host list

     cat /var/lib/cloudflare-warp/cfwarp_snapshots_collection.txt
sudo cat /var/lib/cloudflare-warp/reg.json | jq -r
ls  -alh /var/lib/cloudflare-warp/crash_reports/

cat /usr/local/etc/cloudflared/config.yml
ls -lah ~/.cloudflare-warp
ls -lah  ~/cloudflare-warp

sudo cloudflared service uninstall
systemctl  status cloudflared
journalctl -xeu   cloudflared

tail -n100 -f /var/log/cloudflared.log 
sudo systemctl daemon-reload
ps aux|grep cloudflared

ls -alh /etc/systemd/system|grep cloudflared
ls -alh /etc/systemd/system|grep minikube
ls -alh /etc/systemd/system|grep minio

ls -lah /usr/local/etc/cloudflared/
          ls -lah /etc/cloudflared/
            ls -lah ~/.cloudflared/

    cat /var/lib/cloudflare-warp/settings.json|jq -r
    cat /var/lib/cloudflare-warp/conf.json|jq -r
ls -alh /var/lib/cloudflare-warp/

warp-cli settings
warp-cli certs
warp-cli vnet

curl https://www.cloudflare.com/cdn-cgi/trace/
# warp=plus
# gateway=off

Families mode off: warp-cli dns families off
Malware protection: warp-cli dns families malware
Malware and adult content: warp-cli dns families full

cat /proc/sys/net/ipv4/ip_forward
sysctl net.ipv4.ip_forward

sudo sysctl -w net.ipv4.ip_forward=0
sudo sysctl -w net.ipv4.ip_forward=1

cat /etc/sysctl.conf
sudo sysctl -p

# shahed-ab » avoid conflict own ip
sudo warp-cli add-exclude 10.20.40.2

# hetzner-aa » avoid conflict own ip
sudo warp-cli add-exclude 10.20.41.1

References

Retrieved from "https://wiki.chorke.org/index.php?title=Cloudflare/WARP_Connector&oldid=14081"