Tunnel Types

TLS tunnels allow you to locally terminate TLS traffic before forwarding it on to the target service.

By default, TunnelBat will automatically generate your certificates. To override this functionality, use the --key and --cert options.

          1
          Usage: tunnelbat tls [options]
        
          3
          TLS tunnels forward TLS traffic to either TCP or TLS targets.
        
          5
          Options:
        
          6
          --allowlist  Allowlist of remote address CIDRs to allow through the tunnel.
        
          7
          --target  The target host and port we are forwarding to.
        
          8
          --targetport  The target port we are forwarding to.
        
          9
          --expire  The duration of time before the tunnel expires. (default 1h)
        
          10
          --cert  The path to a certificate file. (Blank will use autocert)
        
          11
          --key  The path to a private key file for TLS termination. (Blank will use autocert)
        
          12
          --max_concurrent  The maximum number of concurrent connections allowed. (default 100)
        
          13
          --max_connections  Terminate the tunnel after this many connections. (default 0)
        
          14
          --tls  Negotiate TLS with the target (default: false)
        
          15
          --tls-pin-cert  Pin the TLS certificate. (TLS enabled tunnels only)
        
          16
          --tls-skip-verify  Skip TLS certificate verification. (TLS enabled tunnels only)
        
not set

TCP tunnels do not perform TLS termination and simply forward the traffic to your intended target.


          1
          Usage: tunnelbat tcp [options]
        
          3
          TCP tunnels forward TCP traffic.
        
          5
          Options:
        
          6
          --allowlist  Allowlist of remote address CIDRs to allow through the tunnel.
        
          7
          --target  The target host and port we are forwarding to.
        
          8
          --targetport  The target port we are forwarding to.
        
          9
          --expire  The duration of time before the tunnel expires. (default 1h)
        
          10
          --max_concurrent  The maximum number of concurrent connections allowed. (default 100)
        
          11
          --max_connections  Terminate the tunnel after this many connections. (default 0)
        
          12
          --tls  Negotiate TLS with the target (default: false)
        
          13
          --tls-pin-cert  Pin the TLS certificate. (TLS enabled tunnels only)
        
          14
          --tls-skip-verify  Skip TLS certificate verification. (TLS enabled tunnels only)
        
not set