frp 是一个高性能的反向代理应用,可以帮助您轻松地进行内网穿透,对外网提供服务,支持 tcp, http, https 等协议类型,并且 web 服务支持根据域名进行路由转发。
git项目地址:https://github.com/fatedier/frp
1. 安装frp服务器端
可运行的程序可以从这里下载 https://github.com/fatedier/frp/releases, 以下以当前最新版本0.34.1的linux amd64为例在Ubuntu 20.04上安装
1
2
|
wget https://github.com/fatedier/frp/releases/download/v0.34.1/frp_0.34.1_linux_arm64.tar.gz
tar -zvxf frp_0.34.1_linux_arm64.tar.gz
|
解压缩后可以看到以下目录结构
1
2
3
4
5
6
7
8
9
10
11
12
13
|
frp_0.34.1_linux_amd64
├── frpc
├── frpc_full.ini
├── frpc.ini
├── frps
├── frps_full.ini
├── frps.ini
├── LICENSE
└── systemd
├── frpc.service
├── frpc@.service
├── frps.service
└── frps@.service
|
安装步骤:
1
2
3
4
|
copy frp_0.34.1_linux_amd64/frpc /usr/bin/
copy frp_0.34.1_linux_amd64/frps /usr/bin/
copy frp_0.34.1_linux_amd64/*.ini /etc/fpr/ #目录/etc/fpr/不存在的话需要创建
copy frp_0.34.1_linux_amd64/systemd/* /etc/systemd/system
|
配置服务器端参数
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
[common]
bind_port = 10100 #frp监听的端口,用作服务端和客户端通信
vhost_http_port = 10101 #服务端通过此端口接监听和接收公网用户的http请求,如果使用nginx转发,需转发到此端口
token = XXXXXX #client端需要相同的token才能连接
#以下为dashboard端口,通过dashboard可以监控frp状态
dashboard_port = 10109
dashboard_user = admin
dashboard_pwd = XXXXXX
#以下为log设置
log_file = /var/log/frps.log
log_level = debug
log_max_days = 3
|
更多参数及含义可以参考frps_full.ini文件
启动/停止/重启/状态/开机自启动:
1
2
3
4
5
|
systemctl start frps
systemctl stop frps
systemctl restart frps
systemctl status frps
systemctl enable frps
|
2. 配置Nginx转发(可选)
如果对应的服务端已被Nginx占用,可以通过配置nginx转发来完成。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
server {
listen 80;
server_name dsphoto.youdomain.com dsfile.youdomian.com frp.yourdomian.com;
location / {
proxy_pass http://127.0.0.1:10101;
proxy_set_header Host $host:80;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
}
if ($http_user_agent ~* "360Spider|JikeSpider|Spider|spider|bot|Bot|2345Explorer|curl|wget|webZI
P|qihoobot|Baiduspider|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google
|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spid
er|MSNBot|ia_archiver|Tomato Bot|NSPlayer|bingbot") {
return 403;
}
}
|
frp客户端安装
frp客户端安装设置可以参考服务端安装。过程基本相同。不同的是:
客户端使用frpc,对应的配置文件也是frpc.ini,启动的服务是 frpc.
客户端配置文件如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
[common]
server_addr = frp.yourdomain.com
server_port = 10100
token = XXXXXX #和服务器端一致
log_file = /tmp/frpc.log
log_level = info
log_max_days = 3
tcp_mux = true
protocol = tcp
login_fail_exit = false
user = admin
#DS photo 配置
[DSphoto]
type = http
local_ip = 192.168.68.200 #内网的群晖的IP
local_port = 80
custom_domains = dsphoto.yourdomain.com
#DS file 配置, DS file 需要下面的 [DSfile]和[DSM]才能登录
[DSfile]
type = http
local_ip = 192.168.68.200 #内网的群晖的IP
local_port = 5000
custom_domains = dsfile.yourdomain.com
[DSM]
type = tcp
local_ip = 192.168.68.200 #内网的群晖的IP
local_port = 5000
remote_port = 5000
#需要远程桌面访问的内网电脑
[MSTC]
type = tcp
local_ip = 192.168.68.168
local_port = 3389
remote_port = 3389
|
###客户端访问
