
Localtunnel: instantly show localhost to the rest of the world - jmduke
http://progrium.com/localtunnel/?
======
trotsky
If there is one thing that I have considered a flaw in computing, it's that
there have been few ways for inexperienced developers and users to use one
simple system which allowed them to circumvent their host based firewall,
their network IDS, their edge based UTM and the OS security assumptions around
localhost being a protected, private interface. The value of a point and click
system to expose these directly to the internet and a domain that serves as a
collection point for them can not be understated.

If a service is bonding only to ::1, and not 0.0.0.0 or your current routable
ip it's explicitly deciding that it shouldn't be accessible from beyond the
local computer. And in a lot of cases, it's right even if it doesn't explain
why exactly. When exactly did we decide local port forwarding was too hard
even for technical people? Or, I dunno, servers?

~~~
mhurron
I don't even know what to think of this.

Are you arguing that it is a good thing for people who have no idea what
they're doing to have a 1 button click to remove all security?

~~~
PeterisP
Can you elaborate on why you equate this localtunnel to "removing all
security" ?

I haven't tried it, but it seems to forward a single port that's running
service X that I want to make available on the net.

Any way whatsoever of fulfilling that need (no matter if it's one button click
or setting up a separate VM for that service) would involve making a hole in
all relevant firewalls and making the (possibly buggy) service X available to
everyone.

Is the user goal of "making service X available to everyone" bad in itself?

~~~
snowwrestler
The issue is, what else is on that machine?

When you allow public connections to a service running on a machine, security
for that entire machine now largely depends on that service. Are you 100% sure
that your copy of Apache or Nginx is patched up to date? That the web app you
just coded up won't allow arbitrary command execution? That the OS has no
local privilege escalation vulnerabilities?

If you are using a web host or VPS, the risk is limited to the code you're
testing. You could lose the whole machine and it's no big deal.

But if you've exposed your personal machine--with all your documents, files,
settings, etc.--then you've got a lot more to lose if a bad guy gets in. Worst
case is a rootkit install that collects all your passwords and sends them out.

------
aroman
Previous discussion:

[https://news.ycombinator.com/item?id=2625101](https://news.ycombinator.com/item?id=2625101)

[https://news.ycombinator.com/item?id=2645659](https://news.ycombinator.com/item?id=2645659)

------
mfkp
Localtunnel is great, but pretty old. This alternative was posted a few weeks
(months?) back and I'm liking it more:
[https://ngrok.com/](https://ngrok.com/)

~~~
progrium
I love ngrok. Written by a friend. We're going to be merging projects.

------
zek
I have tried a variety of different services that provide this but I have
decided that I like the newer [https://ngrok.com/](https://ngrok.com/) service
more. I have had some major difficulties with localtunnel on my mac in the
past.

~~~
inconshreveable
Hi zek, glad you like ngrok! Progrium and I have been talking about combining
efforts recently. I'm going to be extracting out the tunneling component of
ngrok into a library that will be used by both ngrok and a new version of
localtunnel which will have all of the stability (and features like tcp
tunenling and custom hostnames) that you enjoy with ngrok.

You'll still want to use ngrok if you want to do any traffic inspection or
request replays.

Lastly, I have some new features coming up for ngrok including the ability for
it to auto-update without your intervention so that I can push features more
rapidly without bothering everyone to update every other day. I've open
sourced the code to do it as a separate library
([https://github.com/inconshreveable/go-
update](https://github.com/inconshreveable/go-update)), and I'll be writing a
blog post about the techniques necessary to make it work. Stay tuned!

~~~
scottbruin
Hey, quick question: is there a way to make ngrok preserve the Hostname it
passes to my local machine? E.g. we're using virtualhosts and I need the
requests to hit my local host with the correct hostname.

~~~
inconshreveable
Ngrok will pass the same hostname that it received from the public request, so
something like example.ngrok.com. If you use the -subdomain flag, then it will
always be the same hostname. I'm not entirely sure I answered your question,
so if that didn't help, feel free to email me and we'll get it sorted out:
alan at ngrok dot com

------
raviparikh
I've been using Proxylocal for this purpose:
[http://proxylocal.com/](http://proxylocal.com/)

A great use for it is cross-browser web dev. To test out our JS library on IE6
for example I'll use Proxylocal in conjunction with Sauce Labs.

------
thenicepostr
You can roll your own localtunnel too if you want. I was working on a shopify
app earlier this year and needed a consistent URL to test with. I wrote a
tutorial on how to do this here: [https://neil.quora.com/Roll-Your-Own-
LocalTunnel-With-Nginx](https://neil.quora.com/Roll-Your-Own-LocalTunnel-With-
Nginx)

~~~
prakster
Which Shopify app? (Just curious)

------
stevejalim
There's also [https://forwardhq.com/](https://forwardhq.com/) which has some
nice features

~~~
yesimahuman
I've been using them instead of localtunnel, and the experience is much nicer.
I had a recent problem where localtunnel just flat out wouldn't work for me,
so I didn't have a choice but to switch.

------
motowilliams
Runscope can do this with the Passageway feature. It also has traffic
inspector, request editor and the ability to do shared requests
[https://www.runscope.com/](https://www.runscope.com/)

------
jandebleser
I've created [http://openport.be](http://openport.be) for the same reason. The
website still needs some work but check out the client code from
[https://github.com/jandebleser/openport-
it](https://github.com/jandebleser/openport-it) (It works on all debian
platforms including rasbian for the raspberry pi). You can share all ports and
share are restarted after a reboot.

------
xal
If you already have a server or vm somewhere you can get the same with:

    
    
      $ sudo echo "GatewayPorts clientspecified" >> /etc/ssh/sshd_config
      $ sudo service ssh restart 
    
    

then from your local computer do:

    
    
      $ ssh -R 0.0.0.0:3000:127.0.0.1:3000 user@your-server
    

After connecting [http://your-server:3000](http://your-server:3000) will be
tunneled to your local box.

------
colbyaley
Hasn't this been out forever?

~~~
ChuckMcM
Yes, two things conspire to seeing it multiple times; First new people join HN
and think "Hmm, this would be interesting to that group" and post it, and
second, some people who count karma say "Hmm, that got some good karma back
<whenever> I'll post it again." There are some automated controls on the
second case and not really any control on the first case.

Both cases provide interesting information, in the first case things that
every new person posts are generally pretty widely interesting. In the second
case it is interesting to see reputation manipulation through gaming. Some
people see a "score" and are compelled to "win."

------
sullrich
Tried to install this on a 10.9 OSX machine but encountering a few issues.
[http://tny.cz/5f6e845c](http://tny.cz/5f6e845c)

~~~
wavesounds
Where did you get 10.9? Is it stable?

~~~
citruspi
He's probably running the developer beta...

And yeah, it's stable. I've been running it since it came out without any
issues.

------
originalsurfmex
+1 for ngrok. It is more recently updated. Some would say it is easier more
flexible for the rest of us. This is a recent blog post about it:
[http://www.elcoderino.com/tag/ngrok/](http://www.elcoderino.com/tag/ngrok/)

~~~
progrium
Luckily, ngrok and localtunnel are merging.

~~~
originalsurfmex
This is particularly great news for me. I live with firewalls both at work and
at home. Now I can reach through into my linux machine over the web using
something like tty.js - Thank you very much for improving the development and
documentation. I am just a hobbyist web developer and I'm sure there are many
others like me who will benefit from the combination of both projects.

------
jtreminio
My tool, PuPHPet [0], can replace the need for this.

If you have a DigitalOcean account, you can have a 100% copy of your dev
environment running on DO within 2 minutes of `$ vagrant up`... and as soon as
you want it removed you would simply `$ vagrant destroy`!

[0] www.puphpet.com

------
veesahni
I recently launched [http://www.ultrahook.com](http://www.ultrahook.com) which
is similar but focused on webhook tunneling only. It provides persistent
hosnames and communicates over HTTP

------
shawnz
Another possible way of doing this: set up a Tor hidden service, and give
people the URL through a gateway service like
[http://onion.to](http://onion.to)

------
wicknicks
Reminds me of showoff:
[https://news.ycombinator.com/item?id=2467107](https://news.ycombinator.com/item?id=2467107)

------
websirs
Nice :), might want to use jQuery smooth scroll for the getting started button

------
retr0h
Everyone likes to re-write everything. What's wrong with pagekite?

~~~
HerraBRE
Haha. :-)

Localtunnel and PageKite overlap, but the focus of the two projects is
actually very different. Localtunnel is just for quick one-off tests. Although
PageKite can do that as well, our (I am the author) real goal was to make
self-hosting easy for folks who don't necessarily have full control over their
networking infrastructure or are using primarily mobile devices.

The two projects started at roughly the same time though, in fact I think
localtunnel predates PageKite by a few months.

~~~
retr0h
I was just trying to give pagekite love. I like it quite a bit :)

------
s00pcan
man ssh

ssh -L/R

What are you doing on this website if you can't do that?

