|
本帖最后由 efnic 于 2019-9-21 12:26 编辑
介绍
frp 是一个可用于内网穿透的高性能的反向代理应用,支持 tcp, udp , http, https, kcp 协议,为 http 和 https 应用协议提供了额外的能力,且尝试性支持了点对点穿透。
地址
项目页:https://github.com/fatedier/frp
下载页:https://github.com/fatedier/frp/releases
必备条件
具备公网IP服务器
有自己的域名
代码高亮,详情查阅:https://www.iyuu.cn/archives/286/
系统环境
服务器:centos 7.2 64位
客户端:小钢炮 Linux beikeyun 4.4.167 #1 SMP Mon May 6 01:01:07 CST 2019 aarch64 GNU/Linux
请根据平台选择正确的frp服务端、客户端,服务端与客户端版本号必须一致。
服务端部署
下载服务端
选择适合自己平台的frp服务端,我的服务器平台是amd64,所以下载这个。
- # 下载frp v0.29.0
- wget https://github.com/fatedier/frp/releases/download/v0.29.0/frp_0.29.0_linux_amd64.tar.gz
- # 解压
- tar zxf ./frp_0.29.0_linux_amd64.tar.gz
- cd ./frp_0.29.0_linux_amd64
复制代码
编辑服务端配置:
代码高亮,详情查阅:https://www.iyuu.cn/archives/286/具体配置含义请查阅:README_zh.md,frps 完整配置文件
frps.ini配置文件:
- [common]
- bind_port = 5005
- dashboard_port = 5004
- dashboard_user = admin
- dashboard_pwd = admin
- vhost_http_port = 5000
- vhost_https_port = 5001
- subdomain_host = frp.iyuu.cn
- token = 123456789
复制代码
frps.service配置文件:
- [Unit]
- Description=Frp Server Service
- After=network.target
- [Service]
- User=root
- Restart=on-failure
- RestartSec=5s
- ExecStart=/usr/local/bin/frps -c /etc/frps.ini
- [Install]
- WantedBy=multi-user.target
复制代码
安装服务
sudo cp ./frps /usr/local/bin/frps
sudo cp ./frps.ini /etc/frps.ini
sudo cp ./systemd/frps.service /usr/lib/systemd/system/frps.service
systemctl enable frps
systemctl start frps
开机启动frps:
systemctl enable frps
启动frps:
systemctl start frps
停止frps:
systemctl stop frps
重启frps:
systemctl restart frps
查看frps状态:
systemctl status frps
删除服务的命令:
systemctl stop frps
sudo rm /usr/local/bin/frps
sudo rm /etc/frps.ini
sudo rm /usr/lib/systemd/system/frps.service
配置nginx实现无端口访问
1、 frp.iyuu.cn做A记录,解析至IP;
2、 *.frp.iyuu.cn做CNAME记录,解析至frp.iyuu.cn;
3、 新建frp.conf配置文件(内容如下),复制到nginx的配置目录/conf/vhost内,不同服务器可能不一样,请确认;
配置nginx反向代理,将来自*.frp.iyuu.cn的80端口请求,分发至frp服务器http请求的监听端口。
- server {
- listen 80;
- server_name *.frp.iyuu.cn;
- location / {
- proxy_pass http://127.0.0.1:5000;
- proxy_set_header Host $host:80;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_hide_header X-Powered-By;
- }
- }
- server {
- listen 80;
- server_name frp.iyuu.cn;
- location / {
- proxy_pass http://127.0.0.1:5004;
- proxy_set_header Host $host:80;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_hide_header X-Powered-By;
- }
- }
复制代码
复制frp.conf命令:
sudo cp ./frp.conf /path/nginx-1.8.1/conf/vhost/
4、 重启nginx
5、 访问测试:http://frp.iyuu.cn
到此,服务端已经部署完毕。如果无法访问,请检查防火墙、安全组,放行相关端口。
客户端部署
选择frp客户端
下载适合自己平台的frpc客户端,下载、解压命令与服务端类似,也可以手动下载解压。
小钢炮是arm64平台,并且内置frpc客户端,只是版本没那么高,可以替换升级一下。
https://github.com/fatedier/frp/ ... _linux_arm64.tar.gz
编辑客户端配置
frpc.ini配置文件,小钢炮内路径/etc/frpc.ini:
- # [common] is integral section
- [common]
- # A literal address or host name for IPv6 must be enclosed
- # in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80"
- server_addr=frp.iyuu.cn
- server_port=5005
- # if you want to connect frps by http proxy or socks5 proxy, you can set http_proxy here or in global environment variables
- # it only works when protocol is tcp
- # http_proxy = http://user:passwd@192.168.1.128:8080
- # http_proxy = socks5://user:passwd@192.168.1.128:1080
- # console or real logFile path like ./frpc.log
- log_file=/var/log/frpc.log
- # trace, debug, info, warn, error
- log_level=info
- log_max_days=3
- # for authentication
- token=123456789
- # set admin address for control frpc's action by http api such as reload
- admin_addr=0.0.0.0
- admin_port=7400
- admin_user=admin
- admin_passwd=admin
- # connections will be established in advance, default value is zero
- pool_count=5
- # if tcp stream multiplexing is used, default is true, it must be same with frps
- tcp_mux=true
- # your proxy name will be changed to {user}.{proxy}
- user=hk
- # decide if exit program when first login failed, otherwise continuous relogin to frps
- # default is true
- login_fail_exit=false
- # communication protocol used to connect to server
- # now it supports tcp and kcp, default is tcp
- protocol=tcp
- # specify a dns server, so frpc will use this instead of default one
- # dns_server = 8.8.8.8
- # proxy names you want to start divided by ','
- # default is empty, means all proxies
- # start = ssh,dns
- # heartbeat configure, it's not recommended to modify the default value
- # the default value of heartbeat_interval is 10 and heartbeat_timeout is 90
- heartbeat_interval=10
- heartbeat_timeout=90
- admin_pwd=570100
- # specify a dns server, so frpc will use this instead of default one
- dns_server=119.29.29.29
- [dashboard_hk]
- type=http
- local_ip=127.0.0.1
- local_port=80
- use_encryption=false
- use_compression=true
- remote_port=
- subdomain=hk
复制代码
配置含义请参考:frpc 完整配置文件,根据需要添加代理设置,然后重启frpc。
访问测试:http://*.frp.iyuu.cn(*替换为您实际的 subdomain参数)。
如何升级frp到最新版本?
服务端frps升级
下载最新版frp文件
停止frps服务:systemctl stop frps
用新版本覆盖旧版本
如果使用systemd的,记得覆盖:cp frps /usr/local/bin/
启动新版本frps:systemctl start frps
客户端frpc升级,与服务端类似。代码高亮,详情查阅:https://www.iyuu.cn/archives/286/
|
本帖子中包含更多资源
您需要 登录 才可以下载或查看,没有账号?立即注册
×
评分
-
查看全部评分
|