frp内网穿透

下载地址:https://github.com/fatedier/frp/releases
解压后目录结构如下:
`_YJ4LZ_PQ04PWT.png
client客户端:frpc,放在需要穿透的内网机器上
server服务端:frps,放在有公网IP的机器上
frpc.ini客户端配置
frps.ini服务端配置
一般只需要上面4个文件

实现简单的内网穿透

服务端

  1. /etc/frp/frps.ini
[common]
#监听的IP和端口
bind_addr = 0.0.0.0
bind_port = 7000
vhost_http_port = 80
vhost_https_port = 443
# 控制台IP端口账号密码
dashboard_addr = 0.0.0.0
dashboard_port = 7500
dashboard_user = username
dashboard_pwd = password
  1. 将frps放入/usr/bin/
  2. 将systemd文件夹中的frps.service放入/etc/systemd/system/
  3. 启动frps
systemctl start frps
  1. 查看frps状态
systemctl status frps
  1. 开机启动frps
systemctl enable frps

16444749511.jpg

客户端

  1. 编辑/etc/frp/frpc.ini
[common]
#外网-服务器端ip
server_addr = 10.10.10.10
#外网-服务器端监听的端口(必须与Frps.ini中的配置一致)
server_port = 7000

[tcp]
privilege_mode = true
type = tcp
#客户端IP,填127.0.0.1即可
local_ip = 127.0.0.1
#客户端需要映射的端口,如22端口
local_port = 22
#连接时使用的端口,如2222.远程连接客户端使用10.10.10.10:2222即可映射到本地的127.0.0.1:22进行ssh连接
remote_port = 2222
use_encryption = true
use_compression = true

[https]
privilege_mode = true
type = https
local_ip = 127.0.0.1
local_port = 443
#通过访问https://you.domain.com即可访问到127.0.0.1:443
custom_domains = you.domain.com
use_encryption = true
use_compression = true

[http]
privilege_mode = true
type = http
local_ip = 127.0.0.1
local_port = 80
#通过访问http://you.domain.com即可访问到127.0.0.1:80
custom_domains = you.domain.com
use_encryption = true
use_compression = true
  1. 将frpc放入/usr/bin/
    将systemd文件夹中的frpc.service放入/etc/systemd/system/
  2. 启动frpc
systemctl start frps

身份认证插件

  1. frps.ini中加入
[plugin.auth-manager]
#认证服务器的IP端口
addr = 127.0.0.1:3300
path = /handler
ops = Login,NewProxy,NewWorkConn,NewUserConn,Ping
  1. frpc.ini的common模块中加入
user = test
meta_token = jA0(bK0~aJ1!cI5@mA5@oA7@aD1!lA

配合java认证插件:

https://gitee.com/ilusymon/user-auth

server_plugin的格式:

https://github.com/fatedier/frp/blob/4bfc89d988baa67517d229bb82ebed831df01f98/doc/server_plugin.md

Q.E.D.


一蓑烟雨任平生