frp内网穿透
下载地址:https://github.com/fatedier/frp/releases
解压后目录结构如下:
client客户端:frpc,放在需要穿透的内网机器上
server服务端:frps,放在有公网IP的机器上
frpc.ini客户端配置
frps.ini服务端配置
一般只需要上面4个文件
实现简单的内网穿透
服务端
- /etc/frp/frps.ini
[common]
#监听的IP和端口
bind_addr = 0.0.0.0
bind_port = 7000
vhost_http_port = 80
vhost_https_port = 443
# 控制台IP端口账号密码
dashboard_addr = 0.0.0.0
dashboard_port = 7500
dashboard_user = username
dashboard_pwd = password
- 将frps放入/usr/bin/
- 将systemd文件夹中的frps.service放入/etc/systemd/system/
- 启动frps
systemctl start frps
- 查看frps状态
systemctl status frps
- 开机启动frps
systemctl enable frps
客户端
- 编辑/etc/frp/frpc.ini
[common]
#外网-服务器端ip
server_addr = 10.10.10.10
#外网-服务器端监听的端口(必须与Frps.ini中的配置一致)
server_port = 7000
[tcp]
privilege_mode = true
type = tcp
#客户端IP,填127.0.0.1即可
local_ip = 127.0.0.1
#客户端需要映射的端口,如22端口
local_port = 22
#连接时使用的端口,如2222.远程连接客户端使用10.10.10.10:2222即可映射到本地的127.0.0.1:22进行ssh连接
remote_port = 2222
use_encryption = true
use_compression = true
[https]
privilege_mode = true
type = https
local_ip = 127.0.0.1
local_port = 443
#通过访问https://you.domain.com即可访问到127.0.0.1:443
custom_domains = you.domain.com
use_encryption = true
use_compression = true
[http]
privilege_mode = true
type = http
local_ip = 127.0.0.1
local_port = 80
#通过访问http://you.domain.com即可访问到127.0.0.1:80
custom_domains = you.domain.com
use_encryption = true
use_compression = true
- 将frpc放入/usr/bin/
将systemd文件夹中的frpc.service放入/etc/systemd/system/ - 启动frpc
systemctl start frps
身份认证插件
- frps.ini中加入
[plugin.auth-manager]
#认证服务器的IP端口
addr = 127.0.0.1:3300
path = /handler
ops = Login,NewProxy,NewWorkConn,NewUserConn,Ping
- frpc.ini的common模块中加入
user = test
meta_token = jA0(bK0~aJ1!cI5@mA5@oA7@aD1!lA
配合java认证插件:
https://gitee.com/ilusymon/user-auth
server_plugin的格式:
https://github.com/fatedier/frp/blob/4bfc89d988baa67517d229bb82ebed831df01f98/doc/server_plugin.md