How to use the command "flarectl" (with examples)
Flarectl is the official CLI for Cloudflare, offering a convenient way to manage Cloudflare services and configurations from the command line. It provides a wide range of functionalities, such as managing firewall rules, adding DNS records, retrieving IP ranges, creating new Cloudflare zones, and more.
Use case 1: Block a specific IP
Code:
flarectl firewall rules create --zone="example.com" --value="8.8.8.8" --mode="block" --notes="Block bad actor"
Motivation: Blocking a specific IP can be useful to prevent certain machines or individuals from accessing your website or service. It helps enhancing security and protecting against malicious activities.
Explanation:
--zone: Specifies the domain zone where the firewall rule should be applied.--value: Defines the IP address that needs to be blocked.--mode: Specifies the action to be taken with the IP. In this case, we set it to “block”.--notes: Allows adding any additional notes or descriptions for the firewall rule.
Example output:
Firewall rule created successfully.
Use case 2: Add a DNS record
Code:
flarectl dns create --zone="example.com" --name="app" --type="CNAME" --content="myapp.herokuapp.com" --proxy
Motivation: Adding DNS records is essential for properly directing traffic to desired destinations. By using Flarectl, you can easily create DNS records to configure custom domains, subdomains, and point them to the appropriate services or endpoints.
Explanation:
--zone: Specifies the domain zone where the DNS record should be added.--name: Specifies the name of the DNS record.--type: Defines the type of DNS record. In this case, we set it as “CNAME”.--content: Sets the content of the DNS record, which may be an IP address, domain name, or any other relevant value.--proxy: Indicates whether the DNS record should be proxied through Cloudflare’s network.
Example output:
DNS record created successfully.
Use case 3: List all Cloudflare IPv4/IPv6 ranges
Code:
flarectl ips --ip-type ipv4|ipv6|all
Motivation: Knowing the Cloudflare IPv4/IPv6 ranges can be beneficial for various reasons, such as configuring firewall rules, whitelisting or blacklisting specific IPs, or troubleshooting network connectivity issues.
Explanation:
--ip-type: Specifies the type of IP ranges to be listed. It can be set as “ipv4” to list only IPv4 ranges, “ipv6” to list only IPv6 ranges, or “all” to list both IPv4 and IPv6 ranges.
Example output:
IPv4 Ranges:
- 192.0.2.0/24
- 203.0.113.0/24
...
IPv6 Ranges:
- 2001:db8::/32
- 2001:0db8:1234:5678::/64
...
Use case 4: Create many new Cloudflare zones automatically with names from domains.txt
Code:
for domain in $(cat domains.txt); do flarectl zone info --zone=$domain; done
Motivation: Automating the creation of Cloudflare zones can save time and effort, especially when dealing with a large number of domains. By utilizing a loop and a list of domain names, you can easily create multiple zones without manual intervention.
Explanation:
domains.txt: Represents a file containing a list of domain names, where each name is separated by a new line.--zone: Specifies the name of the zone to be created. By utilizing the loop, each domain name from the file is used as the value for this argument.
Example output:
Zone created for domain: example1.com
Zone created for domain: example2.com
...
Zone created for domain: exampleN.com
Use case 5: List all firewall rules
Code:
flarectl firewall rules list
Motivation: Listing all firewall rules provides an overview of the current configured rules, allowing you to understand how traffic is being filtered and managed. This information can be useful for auditing purposes, rule optimization, or troubleshooting potential conflicts.
Explanation: This command does not require any additional arguments.
Example output:
Firewall Rules:
1. Block IP: 8.8.8.8, Mode: block
2. Allow IP: 203.0.113.2, Mode: challenge
...
