Open zhangjing-GitHub-Code opened 1 year ago
??
@zhangjing-GitHub-Code the way you access termux ssh through cloudflare tunnel is.
sshd
running.passwd
ssh localhost -p 8022
; default ssh port in termux is 8022.pkg install cloudflared
cloudflared login
a url will be given, you login a cloudflare in your phone and go to that page again. click the domain you want to use.cloudflared tunnel create temp-tunnel-name
ls ~/.cloudflared/
=> you should see cert.pem and uuid.json~/.cloudflared/config.yaml
tunnel: uuid
credentials-file: absolute path of that uuid.json (try pwd while on ~/.cloudflared/ to find a pathname)
cloudflared tunnel run
I encountered the same problem and, after some research, I found a solution. Essentially, many Linux distributions include a local resolver that listens on [::1]:53. This resolver is responsible for forwarding DNS queries to the actual DNS server and caching the responses. Cloudflared attempts to query its edge server's IP address by sending a DNS query to the local resolver. However, the Android system does not provide such a local resolver, resulting in a connection get refused when attempting to query DNS from [::1]:53.
To resolve this issue, we need to set up a DNS proxy that listens on port 53. You can do this by executing the following command with root privileges:
sudo cloudflared proxy-dns --port 53
Afterwards, open a new terminal and run the tunnel command:
cloudflared tunnel --url ...
These should resolve the problem. Note that setting up a DNS proxy on port 53 requires root privileges.
I encountered the same problem and, after some research, I found a solution. Essentially, many Linux distributions include a local resolver that listens on [::1]:53. This resolver is responsible for forwarding DNS queries to the actual DNS server and caching the responses. Cloudflared attempts to query its edge server's IP address by sending a DNS query to the local resolver. However, the Android system does not provide such a local resolver, resulting in a connection get refused when attempting to query DNS from [::1]:53.
To resolve this issue, we need to set up a DNS proxy that listens on port 53. You can do this by executing the following command with root privileges:
sudo cloudflared proxy-dns --port 53
Afterwards, open a new terminal and run the tunnel command:
cloudflared tunnel --url ...
These should resolve the problem. Note that setting up a DNS proxy on port 53 requires root privileges.
Making that local DNS server doesn't work on android with termux.
I encountered the same problem and, after some research, I found a solution. Essentially, many Linux distributions include a local resolver that listens on [::1]:53. This resolver is responsible for forwarding DNS queries to the actual DNS server and caching the responses. Cloudflared attempts to query its edge server's IP address by sending a DNS query to the local resolver. However, the Android system does not provide such a local resolver, resulting in a connection get refused when attempting to query DNS from [::1]:53. To resolve this issue, we need to set up a DNS proxy that listens on port 53. You can do this by executing the following command with root privileges:
sudo cloudflared proxy-dns --port 53
Afterwards, open a new terminal and run the tunnel command:cloudflared tunnel --url ...
These should resolve the problem. Note that setting up a DNS proxy on port 53 requires root privileges.Making that local DNS server doesn't work on android with termux.
Do you have root though?
I dont't have root, but are in the process of rooting with magisk.
I dont't have root, but are in the process of rooting with magisk.
Root/sudo is required to bind any port<1024. I am surprised termux team hasn't fix this dns issue by now.
I'm using root
Try this (no root previleges required), I assume pip
is already installed.
pip install udocker
udocker run ikhwanperwira/ucloudflared:latest tunnel --hello-world
To use credential login and make it persistent synchronous between host and container, use -v
volume flag. This will mapping ~
(home host) to /home/nonroot
(home container)
udocker run -v ~:/home/nonroot ikhwanperwira/ucloudflared:latest tunnel --config=/home/nonroot/cf/config.yaml run
Don't forget update credentials path of config.yaml
in credentials-file=/home/nonroot/.cloudflared/<tunnel_id>.json
============================
Inspired from @Liquorice10113 answer, linux cloudflared binary tries to read /etc/hosts
for metric (localhost lookup) and /etc/resolv.conf
to resolve DNS. It's not possible for non-rooted android to listen on port 53 generally port less than 1024. Therefore I isolate cloudflared with docker.
The image was built from this simple Dockerfile
:
# Official Cloudflared image
FROM cloudflare/cloudflared:latest
# You can replace `resolv.conf` with `/data/data/com.termux/files/usr/etc/resolv.conf`
COPY resolv.conf /etc/resolv.conf
# You can replace 'hosts` with `/data/data/com.termux/files/usr/etc/hosts`
COPY hosts /etc/hosts
In my cases, resolv.conf
using Google DNS
nameserver 8.8.8.8
And hosts
:
127.0.0.1 localhost
Then I built the image into specific architecture (linux/arm64) since Android using arm64 with GCP.
docker build --platform linux/arm64 -t ikhwanperwira/ucloudflared:latest . && docker push ikhwanperwira/ucloudflared:latest
Describe the bug (maybe i should ask this in termux...) I use cloudflared on Termux, Android 12 when i run
./cloudflare tunnel --url ...
, it logsIt seems like the cloudflared thinks nameserver is ::1, but $PREFIX/etc/resolv.conf contains:
And nslookup can get correct ip address of api.trycloudflare.com.
To Reproduce Steps to reproduce the behavior:
If it's an issue with Cloudflare Tunnel: but not with account(I logined my account but I use tunnel without account) ~3. Tunnel ID :~ ~4. cloudflared config:~
Expected behavior The program can get api.trycloudflare.com's ip address then create my tunnel.
Environment and versions
Logs and errors up there.
Additional context none