What is Cloudflare-WARP ?
Cloudflare WARP is a client that helps protect corporate devices by securely sending their traffic to Cloudflare’s global network. It works in conjunction with Cloudflare Gateway, which applies advanced web filtering. The WARP client also enables the implementation of Zero Trust policies that verify a device’s health before it connects to corporate applications.
By downloading and deploying the WARP client on devices, organizations can enhance the protection provided by Cloudflare Zero Trust, regardless of the users’ location.
Here are the key features and benefits of the WARP client:
1. Enforcing security policies anywhere: With the WARP client deployed in Gateway with WARP mode, security policies can be enforced regardless of the location.
2. Enforcing HTTP filtering and user-based policies: Installing the WARP client enables Gateway features such as Anti-Virus scanning, HTTP filtering, Browser Isolation, and identity-based policies.
3. Providing application-specific insights: By installing WARP on corporate devices, organizations gain visibility into the application and user level, making it easier to discover, analyze, and take action against any unauthorized or shadow IT being used.
4. Building rich device posture rules: The WARP client offers advanced Zero Trust protection by allowing the creation of device posture rules. These rules can check a device’s location, disk encryption status, operating system version, and more, enabling the development of robust Zero Trust policies.
the point cloudflare-warp can hide your ISP address and make your network privated, you also can unblock and remove ads from any website.
Installation
Usually, you can easily install packages in Linux using a package manager like “yum or dnf if you’re using Fedora.” However, some people encounter difficulties because yum on Fedora cannot find a package called “cloudflare-warp.” According to the official website, you can install it by downloading the RPM package file from their site.
- go to this page and chosee for CentOS 8 , right in download then copy link address.
2. open your terminal and enter command:
sudo rpm -ivh https://pkg.cloudflareclient.com/uploads/cloudflare_warp_2023_3_398_1_x86_64_e9b71b3326.rpminput your user password then enter, wait till install complete.
3. Using warp-cli
$ warp-cli --help
CLI to the WARP service daemon
Usage: warp-cli [OPTIONS] <COMMAND>
Commands:
register Register with the WARP API, replacing any existing registration (Must be run before first connection!)
teams-enroll Enroll with Cloudflare for Teams
delete Delete current registration
rotate-keys Generate a new key-pair, keeping the current registration
status Ask the daemon to send the current status
warp-stats Retrieve the stats for the current WARP connection
warp-dns-stats Retrieve the DNS stats for the current WARP connection
settings Retrieve the current application settings
connect Connect to WARP whenever possible [aliases: enable-always-on]
disconnect Disconnect from WARP [aliases: disable-always-on]
disable-wifi Automatically disable WARP on Wi-Fi networks (disabled for Zero Trust customers)
enable-wifi Allow WARP on Wi-Fi networks (disabled for Zero Trust customers)
disable-ethernet Automatically disable WARP on ethernet networks (disabled for Zero Trust customers)
enable-ethernet Allow WARP on ethernet networks (disabled for Zero Trust customers)
add-trusted-ssid Add a trusted Wi-Fi network for which WARP will be automatically disconnected
remove-trusted-ssid Remove a trusted Wi-Fi network
exclude-private-ips Exclude private IP ranges from tunnel
enable-dns-log Enable DNS logging (Use with the -l option)
disable-dns-log Disable DNS logging
account Display the account associated with the current registration
devices Display the list of devices associated with the current registration
network Display the current network information
get-virtual-networks List the available virtual networks
set-virtual-network Set the currently connected virtual network via the id from get-virtual-networks
set-mode Set the mode
set-families-mode Set the families mode
set-license Attach the current registration to a different account using a license key
set-gateway Force the app to use the specified Gateway ID for DNS queries
clear-gateway Clear the Gateway ID
set-custom-endpoint Force the client to connect to the specified IP:PORT endpoint (Zero Trust customers must run this command as a privileged user)
clear-custom-endpoint Remove the custom endpoint setting
add-excluded-route Add an excluded IP
remove-excluded-route Remove an excluded IP
get-excluded-routes Get the list of excluded routes
get-included-routes Get the list of included routes
get-excluded-hosts Get the list of excluded hosts
get-included-hosts Get the list of included hosts
add-excluded-host Add an excluded host
remove-excluded-host Remove an excluded host
add-fallback-domain Add a domain that should be resolved with the fallback resolver instead of WARP's
remove-fallback-domain Stop a domain from being resolved with the fallback resolver
get-fallback-domains Get the list of domains that go to the fallback resolver
restore-fallback-domains Restore the list of fallback resolver domains to its default value
get-device-posture Get the current device posture
override Temporarily override MDM policies that require the client to stay enabled
set-proxy-port Set the listening port for WARP proxy (127.0.0.1:{port})
is-mode-switch-allowed Outputs true if Teams users should be able to change connection mode, or false if not
reset-settings Restore settings to default
get-organization Get the name of the Teams organization currently in settings
access-reauth Force refresh authentication with Cloudflare Access
get-support-url Get the support url for the current Teams organization
get-pause-end Retrieve the pause end time
get-override-end Retrieve the admin override end time
disable-connectivity-checks Disable the runtime connectivity checks
enable-connectivity-checks Enable the runtime connectivity checks
dump-excluded-routes Get split tunnel routing dump. For include-only mode, this shows routes NOT included
get-alternate-network Get the name of the currently detected alternate network, if any
get-dex-data Get the most recently uploaded DEX data. Returns the most recent test for each dex metric
help Print this message or the help of the given subcommand(s)
Options:
-l, --listen Listen for status changes and DNS logs (if enabled)
--accept-tos Accept the Terms of Service agreement
-v, --verbose... Enable verbose output. Multiple "v"s adds more verbosity
-h, --help Print help
-V, --version Print versionas you see , for first time you must register by enter the command :
$ warp-cli registersee your account status:
$ warp-cli account
Account type: Free
Device ID: <device_id>
Public key: <public key >
Account ID: <account ID>
License: <license code>see your status connectivity:
$ warp-cli status
Status update: Disconnected.
Successthe default setting for connectivity with WIFI are disabled by warp. you can enable it manualy with command:
$ warp-cli enable-wifithen, connect to warp:
$ warp-cli connect
Status update: Connected
Successif you see error and can’t connected with message : Status update: Unable to connect. Reason: Connectivity check failed due to DNS Lookup Failed
go to the resolve.conf file, that is located in “/etc/systemd/” , open with root mode using your favorit IDE or using Nano for more simply:
$ sudo nano /etc/systemd/resolved.confyou’il see like this:
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# Entries in this file show the compile time defaults. Local configuration
# should be created by either modifying this file, or by creating "drop-ins" in
# the resolved.conf.d/ subdirectory. The latter is generally recommended.
# Defaults can be restored by simply deleting this file and all drop-ins.
#
# Use 'systemd-analyze cat-config systemd/resolved.conf' to display the full config.
#
# See resolved.conf(5) for details.
[Resolve]
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google: 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
#DNS=
#FallbackDNS=
#Domains=
#DNSSEC=no
#DNSOverTLS=no
#MulticastDNS=no
#LLMNR=resolve
#Cache=yes
#CacheFromLocalhost=no
#DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=look in last line in section:
#ResolveUnicastSingleLabel=uncomment that!, and add ‘yes’ value like this:
ResolveUnicastSingleLabel=yessave, then try to connect again by run
$ warp-cli connect4. using WARP-GUI
in your app menu search app named : Warp Cloudflare
open it, and click toggle switch to connect it!, you’il see like this:
after connect success, you will see like this and cloud icon at your taskbar
Now you can use it , and enjoy surfing without annoying ads and blocked website :), if you have problem with limited allocated data for free user , you can use this warp-up project by SoftCreatR
$ git clone https://github.com/SoftCreatR/warp-up
$ cd warp-up
$ bash warp-up.shor go to this page if you need more docs : https://github.com/SoftCreatR/warp-up#usage
thanks for reading . even if nothing person read this,
I just hope that someday it will be of use to myself.
i’m in TG , come here and let’s talk anything:
REFERENCE:
