Frp

Frp is a fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

frp mainly consists of two components: client (frpc) and server (frps). Usually, the server is deployed on a machine with a public IP address, and the client is deployed on a machine where the intranet service that needs to be penetrated is located.

Since intranet services lack public IP addresses, they cannot be directly accessed by users outside the LAN. Users access frps on the server, and frp is responsible for routing the request to the corresponding intranet machine based on the requested port or other information to achieve communication.

How to use?

Download the latest version software from it GitHub release page.

Please be aware of the different platforms when downloading software.

The compress files including Frps and Frpc, s means server and c means client.

Frps

usually we will build the Frp server in a linux system device.

when you download frp software and unzip it, you can edit frps.tmol to modify the config file.

Default config of frps:

bindPort = 7000

It means frp server will listen port 7000 of the device that run it.

For server security and convenience, we'd better set up a token and web panel to monitor its operation.

Here is a example config file:

bindPort = 7000
bindAddr = 0.0.0.0
auth.token = "abc"
vhostHTTPPort = 8080
vhostHTTPSPort = 8443
webServer.addr = "0.0.0.0"
webServer.port = 7500
webServer.user = "admin"
webServer.password = "admin"

you can type this command to deploy the frp server.

/frps -c ./frps.toml

Frpc

Download Frp software and unzip it. Then edit frpc.tmolto modify the config file.

Here is a example to proxy SSH, Please change serverAddr in actual use.

serverAddr = "x.x.x.x"
serverPort = 7000
webServer.port = 7400
auth.token = "abc"
webServer.user = "admin"
webServer.password = "admin"

[[proxies]]
name = "ssh"
type = "tcp"
localIP = "127.0.0.1"
localPort = 22
remotePort = 6000

you can type this command to run the frp client.

./frpc -c ./frpc.toml

When the connect built, you can connect to the Intranet device through SSH by remote port that you set in frp client config file.

Client proxies Config example:

serverAddr serverPort and auth.token (if have) are required.

SSH

[[proxies]]
name = "ssh"
type = "tcp"
localIP = "127.0.0.1"
localPort = 22
remotePort = 6000

Remote Desktop

[[proxies]]
name = "rdp"
type = "tcp"
localIP = "127.0.0.1"
localPort = 3389
remotePort = 3389

Web

[[proxies]]
name = "web"
type = "http"
localPort = 80
customDomains = ["www.yourdomain.com"]

Http2Https

[[proxies]]
name = "test_htts2http"
type = "https"
customDomains = ["test.yourdomain.com"]

[proxies.plugin]
type = "https2http"
localAddr = "127.0.0.1:80"

# HTTPS Cert config
crtPath = "./server.crt"
keyPath = "./server.key"
hostHeaderRewrite = "127.0.0.1"
requestHeaders.set.x-from-where = "frp"
最后修改:2024 年 02 月 15 日
如果觉得我的文章对你有用,请随意赞赏