On macos, need to try other os’. I have several services routed through an nginx reverse proxy. This proxy has, for example, the port 4567. On tailscale, I serve local port 4567 over https on remote port 443. I then enable tailscale funnel on port 443. Accessing, per say, https:// device.tailnet:443/nextcloud gives me the nextcloud landing page nginx is pointing to. This behavior is expected. Whats not expected is that I can also access the local nextcloud port over the funnel with http:// device.tailnet.ts.net:852/nextcloud. Also what is not expected, I can access a jellyfin server not being routed through nginx, http:// device.tailnet.ts.net:8096/jellyfin. As it turns out, I can access every single port on the mac through http via the funnel url! This is interesting as it allows me to use every port through tailscale funnel, but also there is no control over it. Every single port, without ssl, is exposed to the internet. Disabling then re-enabling the funnel fixed the issue, but I am not sure as to what caused it in the first place.
When you can see all the ports, you’re accessing it over Tailscale, not over Funnel. Turn off your Tailscale client to see what Funnel is actually permitting. To lock down intra-tailnet access, you can define ACLs in your Tailnet.