🕳 bore is a simple CLI tool for making tunnels to localhost
11.3k
Stars
514
Forks
15
Open issues
21
Contributors
AI Analysis
Bore is a lightweight CLI tool for exposing local TCP ports to the public internet through a remote server, bypassing NAT firewalls. It is designed as a minimal alternative to localtunnel and ngrok, built in ~400 lines of safe async Rust. Best suited for developers needing quick, friction-free local tunneling without complex configuration or heavy dependencies.
Inferred from signals mentioned in the README (tests, CI, type safety) — not a review of the actual code.
AI's overall editorial judgment — not an average of the bars above, can weigh other factors too.
bore: a minimal Rust TCP tunnel for exposing localhost ports through NAT
bore is a focused CLI tool that creates TCP tunnels from a local machine to a remote server, bypassing NAT firewalls. It targets developers who need quick, self-hostable localhost exposure without ngrok's account requirements or localtunnel's JavaScript overhead. Its value proposition is radical simplicity: ~400 lines of async Rust, a single binary for client and server, and a public endpoint at bore.pub. With 11K+ stars and packages in Homebrew, AUR, and Gentoo, it has clear developer adoption among the self-hosting and homelabber communities.
Created in April 2022 by Eric Zhang, bore emerged during a period of developer fatigue with ngrok's pricing and registration walls. It gained rapid early traction by being extremely easy to self-host and architecturally transparent.
bore spiked in stars quickly after launch, likely driven by Hacker News and Reddit exposure in 2022. Growth has since plateaued — 15 stars/week as of mid-2026 indicates a mature, stable niche tool rather than an accelerating project. Its packaging across Homebrew, AUR, and crates.io suggests organic long-tail adoption rather than viral growth.
Packaged in Homebrew core, AUR, and Gentoo overlays, indicating meaningful community demand. crates.io listing (bore-cli) provides a verifiable install vector. A public hosted instance (bore.pub) is maintained. Adoption not verified at scale in enterprise or production infrastructure, but casual and hobbyist developer usage appears substantial based on packaging breadth and star count.
Appears to use a client-server TCP proxy model with a dedicated control port (7835). Likely built on Tokio for async I/O. The protocol uses UUID-based connection multiplexing: the server assigns a UUID per inbound connection and the client opens a new TCP stream per UUID. This avoids complex multiplexing libraries. Optional shared-secret authentication is supported. The ~400 LOC claim in the README suggests a deliberately minimal codebase with no HTTP inspection, TLS termination, or dashboard.
not documented in README
Last push was February 2026, approximately 5 months before the evaluation date. Given the project's intentionally minimal scope, infrequent pushes are consistent with completeness rather than abandonment. CI badges are present and appear active. The project appears to be in a maintenance-only phase rather than active feature development, which is appropriate for a tool of this scope.
ADOPT IF: you need a minimal, self-hostable TCP tunnel for development or hobbyist use, want a single binary with no account requirements, and have a server to run the bore server binary on. AVOID IF: you need HTTPS termination, HTTP inspection, team access controls, persistent named URLs, or enterprise-grade reliability — use ngrok or a managed alternative. MONITOR IF: you depend on the bore.pub public instance for anything beyond experimentation, as its long-term operational continuity is not formally guaranteed.
Independent dimensions
Mainstream potential
3/10
Technical importance
6/10
Adoption evidence
5/10
- The bore.pub public server has no documented SLA or organizational backing; it may go offline without notice, affecting users who haven't self-hosted.
- No TLS on the tunnel data channel by default — traffic between client and server is unencrypted, which is a security concern over untrusted networks.
- Project appears to be in maintenance mode with no active feature development; complex use cases (UDP, HTTP-aware routing) will not be addressed.
- Minimal authentication model (single shared secret) may be insufficient for multi-user or team self-hosted deployments.
- Rust ecosystem dependency: users unfamiliar with Cargo may find the source-build installation path less accessible, though binary releases mitigate this.
bore will persist as a stable, minimal utility in the developer toolbox, unlikely to grow significantly but unlikely to be abandoned. It has found a permanent niche as the 'simplest possible self-hosted tunnel.'
Newsletter
Get analyses like this every Monday
Free weekly digest of the most interesting open-source discoveries.
Languages
Information
- Website
- http://bore.pub
- Language
- Rust
- License
- MIT
- Last updated
- 5mo ago
- Created
- 52mo ago
- Analyzed with
- anthropic/claude-haiku-4-5
Stars over time
Contributors over time
Top 100 contributors only — repos with more will plateau at 100.
Open issues
Top contributors
Recent releases
Similar repos
localtunnel/localtunnel
localtunnel exposes local development servers to the public internet via secure...
| Repository | Stars | Week Δ | Language | Score | Updated |
|---|---|---|---|---|---|
|
|
11.3k | +13 | Rust | 8/10 | 5mo ago |
|
|
1.7k | — | Go | 8/10 | 6d ago |
|
|
4.6k | — | PHP | 7/10 | 22h ago |
|
|
22.4k | — | JavaScript | 8/10 | 10mo ago |
|
|
3.1k | — | Go | 7/10 | 2d ago |
|
|
6.9k | — | Rust | 8/10 | 5d ago |
ngrok is the dominant commercial solution with HTTPS support, dashboards, authentication, and managed infrastructure. bore is deliberately the opposite: no account, no frills, self-hostable. bore cannot replace ngrok in team or production contexts but wins for solo developers and CI environments where simplicity matters.
localtunnel (22K stars) is older and JavaScript-based. bore is lighter, faster to install as a binary, and self-hostable without Node.js. localtunnel has more ecosystem integrations; bore wins on operational simplicity and performance.
portr targets teams with HTTP inspection and a web UI, making it closer to a self-hosted ngrok. bore is more minimal and lower-level. They serve overlapping but distinct audiences: portr for teams needing observability, bore for individuals needing raw TCP tunneling.
wstunnel wraps tunnels in WebSocket/HTTP, useful for bypassing strict corporate firewalls. bore uses plain TCP, which is simpler but may fail in environments that block non-HTTP egress. Different threat models.
boringtun is a WireGuard VPN implementation, solving a fundamentally different (and broader) problem. Not a direct competitor; VPN-based approaches offer persistent network-level tunneling while bore is lightweight and ephemeral.
