funnel

Quickstart

Get a tunnel running in under two minutes

This guide assumes you have a funnel server running and the client installed. If not, see installation and server deployment.

Connect to a server

Create a context pointing to your server:

funnel context create default --server https://tunnel.example.com

Authenticate

Log in via OAuth (GitHub by default):

funnel login

This opens your browser, completes the OAuth flow, and stores the token in your local config.

Start a tunnel

Expose a local service on port 3000:

funnel http 3000
funnel

  public url  https://abc123.tunnel.example.com
  forwarding  localhost:3000
  tunnel id   abc123

The tunnel is live. Requests to the public URL are forwarded to your local service over QUIC.

Custom subdomain

Pick your own tunnel ID:

funnel http 3000 --id my-app

This gives you https://my-app.tunnel.example.com.

TCP tunnel

TCP tunnels require --enable-tcp-tunnels on the server (see deployment).

Expose a local database or any TCP service:

funnel tcp 5432 --id my-db
funnel tcp

  forwarding  localhost:5432
  tunnel id   my-db
  remote port 15432 (allocated)

The server allocates a port and listens for TCP connections on it. Remote clients connect to tunnel.example.com:15432 and traffic is forwarded to your local port.

You can request a specific port:

funnel tcp 5432 --remote-port 15432

TLS passthrough

Forward TLS traffic without the server terminating it:

funnel tls 8443 --id secure-app

Same as TCP, but signals that the traffic is TLS. The server never sees the plaintext.

Check active tunnels

funnel status

Next steps

Installation

Install the funnel client and server

Contexts

Manage connections to multiple funnel servers

On this page

Connect to a server
Authenticate
Start a tunnel
Custom subdomain
TCP tunnel
TLS passthrough
Check active tunnels
Next steps