开源社区

FRP内网穿透

Linux · 12月24日 · 2020年

准备工作:

  1. 1台具有固定公网IP的服务器(我选择的是阿里云的服务器)
  2. 至少1台内网机器(看你实际需要穿透的数量)

frps

  1. 在公网机器上下载frp软件,地址https://github.com/fatedier/frp/releases 并且解压到任意目录(我这里解压到/srv/下面)
  2. 修改配置,我的配置主要如下:
# vim frps.ini

[common]
bind_port = 7000
vhost_http_port = 8080
vhost_http_port = 80
vhost_https_port = 443
bind_udp_port = 7001
admin_port = 7400
admin_user = admin
admin_pwd = admin
max_pool_count = 5
dashboard_port = 7500
dashboard_pwd = admin
max_pool_count = 100
token = 123456
  1. 启动frps
#到/srv/下面执行
nohup ./frps -c ./frps.ini &
  1. 监控脚本(优化方面,防止意外原导致frps进程掉线)
# vim autostatus.sh
# chmod +x autostatus.sh

#!/bin/bash
frps=`ps -ef | grep frps | wc -l`
if [ "${frps}" -eq "1" ];then
        cd /srv/frps && nohup ./frps -c ./frps.ini &
fi

frpc

  1. 在内网机器上下载frp软件,地址https://github.com/fatedier/frp/releases 并且解压到任意目录(我这里解压到/srv/下面)
  2. 修改配置,我的配置主要如下:
# vim frpc.ini

[common]
server_addr = aliyun ip 
server_port = 7000
token = 123456
pool_count = 100
login_fail_exit = false
use_compression = true
use_encryption = true

[k8s-master]
type = tcp
local_ip = 192.168.0.150
local_port = 22
remote_port = 1500
custom_domains = k8s-master.cn
use_compression = true
use_encryption = true

[物理机-远程桌面]
type = tcp
local_ip = 192.168.0.100
local_port = 3389
remote_port = 1000
custom_domains = acer.cn
use_compression = true
use_encryption = true

[nextcloud]
type = http
local_ip = 192.168.0.151
local_port = 30093
custom_domains = nextcloud.k8s.fit
use_compression = true
use_encryption = true

[blog]
type = http
local_port = 8080
custom_domains = blog.k8s.fit
use_compression = true
use_encryption = true

 

  1. 连接frps
./frpc -c ./frpc.ini > /tmp/frpc.log 2>&1 &
  1. 监控脚本(优化方面,防止意外原因导致frpc进程掉线)
# vim autostatus.sh
# chmod +x autostatus.sh

#!/bin/bash
frpc=`ps -ef | grep frpc | wc -l`
if [ "${frpc}" -eq "1" ];then
        cd /srv/frpc && ./frpc -c ./frpc.ini > /tmp/frpc.log 2>&1 &
fi
  1. 使用systemd管理(我这里模拟了frpc,frps同理)
cat <&lt; EOF >> /etc/systemd/system/frpc.service
[Unit]
Description=frp service


[Service]

ExecStart=/srv/frpc/frpc -c /srv/frpc/frpc.ini
Restart=always
# Restart service after 10 seconds if the dotnet service crashes:
RestartSec=10
KillSignal=SIGINT
SyslogIdentifier=frp-service
User=root

[Install]
WantedBy=multi-user.target
EOF
  1. 开机自启动
systemctl start frpc && systemctl enable frpc && systemctl status frpc &&amp; systemctl list-unit-files | grep frpc

总结

有上面简单几条配置即可完成内网穿透,没有数量的限制,想怎么穿透就怎么穿透!

注意:如果穿透http协议或者https协议一定要提前做好域名的备案工作,否则80端口无法正常通信!

参考配置链接:

https://github.com/fatedier/frp/blob/master/README_zh.md

https://www.zeekling.cn/articles/2019/08/11/1565501357107.html

https://github.com/happinesslijian/Happiness-blog/blob/master/%E5%8D%9A%E5%AE%A2%E6%96%87%E7%AB%A0/frp-%E5%86%85%E7%BD%91%E7%A9%BF%E9%80%8F.md

0 条回应