Frp
Frp is a fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
frp mainly consists of two components: client (frpc) and server (frps). Usually, the server is deployed on a machine with a public IP address, and the client is deployed on a machine where the intranet service that needs to be penetrated is located.
Since intranet services lack public IP addresses, they cannot be directly accessed by users outside the LAN. Users access frps on the server, and frp is responsible for routing the request to the corresponding intranet machine based on the requested port or other information to achieve communication.
How to use?
Download the latest version software from it GitHub release page.
The compress files including Frps and Frpc, s means server and c means client.
Frps
usually we will build the Frp server in a linux system device.
when you download frp software and unzip it, you can edit frps.tmol
to modify the config file.
Default config of frps:
bindPort = 7000
It means frp server will listen port 7000 of the device that run it.
For server security and convenience, we'd better set up a token and web panel to monitor its operation.
Here is a example config file:
bindPort = 7000
bindAddr = 0.0.0.0
auth.token = "abc"
vhostHTTPPort = 8080
vhostHTTPSPort = 8443
webServer.addr = "0.0.0.0"
webServer.port = 7500
webServer.user = "admin"
webServer.password = "admin"
you can type this command to deploy the frp server.
/frps -c ./frps.toml
Frpc
Download Frp software and unzip it. Then edit frpc.tmol
to modify the config file.
Here is a example to proxy SSH, Please change serverAddr
in actual use.
serverAddr = "x.x.x.x"
serverPort = 7000
webServer.port = 7400
auth.token = "abc"
webServer.user = "admin"
webServer.password = "admin"
[[proxies]]
name = "ssh"
type = "tcp"
localIP = "127.0.0.1"
localPort = 22
remotePort = 6000
you can type this command to run the frp client.
./frpc -c ./frpc.toml
When the connect built, you can connect to the Intranet device through SSH by remote port that you set in frp client config file.
Client proxies Config example:
serverAddr
、 serverPort
and auth.token
(if have) are required.
SSH
[[proxies]]
name = "ssh"
type = "tcp"
localIP = "127.0.0.1"
localPort = 22
remotePort = 6000
Remote Desktop
[[proxies]]
name = "rdp"
type = "tcp"
localIP = "127.0.0.1"
localPort = 3389
remotePort = 3389
Web
[[proxies]]
name = "web"
type = "http"
localPort = 80
customDomains = ["www.yourdomain.com"]
Http2Https
[[proxies]]
name = "test_htts2http"
type = "https"
customDomains = ["test.yourdomain.com"]
[proxies.plugin]
type = "https2http"
localAddr = "127.0.0.1:80"
# HTTPS Cert config
crtPath = "./server.crt"
keyPath = "./server.key"
hostHeaderRewrite = "127.0.0.1"
requestHeaders.set.x-from-where = "frp"
1 条评论
这篇文章写得深入浅出,让我这个小白也看懂了!