Cloudflare Tunnel and proxy issue

Hi,

I just registred a Domain with Cloudflare to use my home proxy server which is installed on my Raspberry PI 3B under Ubuntu 20.04 and which is running on port 8080:

I just add under “CF Zero Trust” a Tunnel, which connected successfully to my Raspbery:

A public Hostname Page has been added as well like in the Screenshot:

If I am submit a CURL query from the localy: [email protected]:/# curl -x http://localhost:8080 http://example.com -v
I get the correct response:

If I am submit a CURL query from the outside: curl -x http://p.[mydomain].uk:8080 http://example.com -v
I DON’T GET a correct response! I get some thing with:
HTTP/1.1 409 Conflict
and
error code: 1001

like here in the screenshot:

What can be the reason and how cloud I solve that issue ?

What happens if you try making the proxy request with HTTPS instead of HTTP?

curl -x https://<your proxy domain> http://example.com -v

I get:

Sorry, I meant without the port as well

I get this result:

You need to figure out why the request is being blocked by Cloudflare. You can check the firewall logs and adjust as needed.

Localy, there is no Firewall running.

And on Cloudflare side, there no Firewall rules and no logs

I would check the logs of the proxy service as you need to figure out what is actually returning the 403 response.

I have tried doing the same. It does not work. I suspect Cloudflare does not support the proxy use case but Cloudflare should clarify that.
Why I think so? Because it is opinionated about what you can/cannot expose publicly without its Cloudflare authentication. For example TCP cannot be publicly exposed without authentication.

Is example.com a domain you own and is registered on Cloudflare and is configured to point to your tunnel?

If it is you just curl for example.com and your tunnel would be pointed to localhost:8080

If you don’t own example.com then you need to look at Warp to Tunnel.

That’s not accurate. To expose arbitrary TCP you need to use the cloudflared client, but authentication is not required. The reason the reason the client is required is because this is an HTTP proxy. The only opinion the edge has s “Is this an HTTP request destined for a domain I have a route to?”

Hey,

thanks for your reply.
example.com Domain is some external traget domain which I want curl through the CF tunnel.
On my local network is squid proxy server installed.

My goal is to curl a website curl through the CF tunnel over my residential ip from a remote server.

Cloudflare tunnel is probably not the appropriate tool for what you are trying to accomplish.