Tunnelmole, an ngrok alternative (open source)

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Proxy Ngrok Tunnel Firewall Security

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • awesome-tunneling

    List of ngrok/Cloudflare Tunnel alternatives and other tunneling software and services. Focus on self-hosting.

    • I maintain a list of similar tools here:

    https://github.com/anderspitman/awesome-tunneling

    I'm not sure there's a single class of software that's been implemented more times than ngrok-style tunneling. I keep finding more and more.

    Honestly it's a really fun exercise. Fairly challenging, but well within the reach of a single developer. I'm currently working on my 4th incarnation.

  • sish

    HTTP(S)/WS(S)/TCP Tunnels to localhost using only SSH.

    • sish uses ssh tunneling that you can read about in their docs: https://ssi.sh/

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • Ockam

    Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at massive scale.

    • disclosure: I work at Ockam.

    The Portals for Mac app is an example of the type of thing you could build using the open source stack of protocols. The README (linked by parent) links out to all of the relevant parts of the protocol documentation to explain how these work together. The NAT Traversal (https://github.com/build-trust/ockam/blob/develop/examples/a...) part of the README is probably the best explanation of why the free relay you get via Ockam Orchestrator is a useful part of this demo.

    As for why would anyone trust this: The protocols are designed so you absolutely don't have to trust the relay. Trust is pushed out to the edges that you control and so you're not susceptible to a MITM attack if something like a relay is compromised. The protocol design for all of this is open and documented, and was independently audited by (IMO) some of the best in the business, Trail of Bits: https://docs.ockam.io/reference/protocols.

  • frp

    A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

    • I've been self-hosting https://github.com/fatedier/frp on my little box, and it feels insane to think of the times where I didn't have it set up. There are many choices in the space as others pointed out, but frp's capabilities and lightweight packaging blows all other setups out of the water. I placed mine behind nginx with Let's Encrypt for SSL support. Hella fresh!

  • tunnlr

    Open source ngrok alternative

    • Cool!

    There seem to be a lot of projects in this space -- including my own tool (https://github.com/gerwim/tunnlr). Still working on it though! ;-)

  • gsocket

    Connect like there is no firewall. Securely.

    • Interesting. Reminds me of https://github.com/hackerschoice/gsocket

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts