内网访问之frp

2019-07-06 0 条评论 879 次阅读 0 人点赞
frp

如果有自己的云服务器,可以通过frp这个内网穿透软件实现内网访问,类似shadowsocks跟v2ray的原理,但是不同的是,frp是一个反向代理软件,通过访问服务端,iptabes数据发送到客户端。

frp包含frps(服务端)和frpc(客户端),都包含在下载到的文件夹里,用到哪个配置哪个启动哪个的服务就可以了。通过nginx的反向代理可以免端口好的子域名访问iptabes

开机启动
centos7

vim /lib/systemd/system/frps.service

添加如下内容:

    [Unit]
    Description=fraps service
    After=network.target syslog.target
    Wants=network.target

    [Service]
    Type=simple
    ExecStart=/PATH/TO/FRPC/frps -c /PATH/TO/FRPC/frps.ini         #启动服务的命令(此处写你的frps的实际安装目录)

    [Install]iptabesntedBy=multi-user.target
LEDE

vim /etc/init.d/frpc

添加如下内容:

#!/bin/sh /etc/rc.common

 START=90
 STOP=90
 SERVICE=frpc
 USE_PROCD=1
 PROC="/PATH/TO/FRPC/frpc -c /PATH/TO/FRPC/frpc.ini"             # frpc的目录地址

  start_service()

   {
        procd_open_instance
        procd_set_param command $PROC
        procd_set_param respawn
        procd_close_instance

   }

  service_triggers()
   {
        procd_add_reload_trigger "rpcd"
   }
配置文件
frps
[common]
bind_port = 7000    与客户端通讯绑定的端口号

token = 12345678       通讯密钥

subdomain_host = frps.com     域名

vhost_http_port = 80           访问客户端web服务端口号
vhost_https_port = 443

dashboard_port = 7500                frp连接状态的查看面板的相关设置:端口号,用户名,密码
dashboard_user = admin
dashboard_pwd = admin

log_file = ./frps.log       日志文件的相关设置:地址、类型、保存时间,日志类型:trace, debug, info, warn, error
log_level = info
log_max_days = 3

########################不常用#################################

bind_udp_port = 7001
kcp_bind_port = 7000
vhost_http_timeout = 60
heartbeat_timeout = 90
allow_ports = 2000-3000,3001,3003,4000-50000
max_pool_count = 5
max_ports_per_client = 0
tcp_mux = true
frpc
[common]
server_addr = 0.0.0.0   服务器IP地址
server_port = 7000   服务器绑定的端口号

token = 12345678    通讯时候的认证密码

log_file = ./frpc.log   日志文件的相关配置,同上
log_level = info
log_max_days = 3

login_fail_exit = true  同服务端连接失败后,true表示连接失败后退出,建议改为flase,失败重连
protocol = tcp      传输协议
tls_enable = true   开启https连接

####### 不常用 ######
pool_count = 5

tcp_mux = true

dns_server = 8.8.8.8

# proxy names you want to start divided by ','
# default is empty, means all proxies
# start = ssh,dns
######## 示例 ########
[ssh]
# tcp | udp | http | https | stcp | xtcp, default is tcp
type = tcp
local_ip = 127.0.0.1
local_port = 22 
use_encryption = false      # true or false, if true, messages between frps and frpc will be encrypted, default is false
use_compression = false     # if true, message will be compressed   
remote_port = 6001      # remote port listen by frps    
group = test_group      # frps will load balancing connections for proxies in same group
group_key = 123456        # group should have same group key
health_check_timeout_s = 3          # health check connection timeout
health_check_max_failed = 3         # if continuous failed in 3 times, the proxy will be removed from frps  
health_check_interval_s = 10        # every 10 seconds will do a health check

[dns]
type = udp
local_ip = 114.114.114.114
local_port = 53
remote_port = 6002
use_encryption = false
use_compression = false


[web01]
type = http
local_ip = 127.0.0.1
local_port = 80
use_encryption = false
use_compression = true

http_user = admin       frp提供的web页面访问认证
http_pwd = admin

subdomain = web01       这里的subdomain同服务器端subdomian连接为一个完整的子域名,等同于下面custom_domains
custom_domains = web02.yourdomain.com

[web02]
type = https
local_ip = 127.0.0.1
local_port = 8000
use_encryption = false
use_compression = false
subdomain = web01
custom_domains = web02.yourdomain.com

once

这个人太懒什么东西都没留下

文章评论(0)