frp内网穿透

frp 是一个可用于内网穿透的高性能的反向代理应用，支持 tcp, udp 协议，为 http 和 https 应用协议提供了额外的能力，且尝试性支持了点对点穿透。

frp可以做些什么:

1. 通过ssh访问公司内网机器
2. 访问部署于内网的web服务
3. 转发DNS查询请求
4. 对外提供简单文件访问服务
5. 为本地的http服务启用https服务
6. 安装暴露内网服务
7. 点对点内网穿透

服务器配置

[common]
bind_addr = 0.0.0.0	#服务器地址或者域名
bind_port = 7000    #服务端口
bind_udp_port = 7001	#UDP端口
kcp_bind_port = 7000	#KCP协议UDP端口
vhost_http_port = 80	#http端口
vhost_https_port = 443	   #https端口
dashboard_addr = 0.0.0.0	#dashboard服务地址
dashboard_port = 7500	#dashboard访问端口
dashboard_user = admin	#dashboard登录用户
dashboard_pwd = admin	#dashboard登录密码
log_file = ./frps.log	#日志文件保存路径
log_level = info	#日志类型
log_max_days = 3	#日志保留时间
token = 12345678	#身份验证令牌
allow_ports = 2000-3000,3001,3003,4000-50000	#只允许frpc绑定你列出的端口，如果你没有设置，就不会有任何限制
max_pool_count = 5	#在每个代理pool_count将变更为max_pool_count如果他们超过最大值
max_ports_per_client = 0	#最大端口可用于为每个客户端，默认值为0表示没有限制

客户端配置

[common]
server_addr = 0.0.0.0	#服务器ip地址或者域名
server_port = 7000	#服务器端口
log_file = ./frpc.log	#日志文件保存目录
log_level = info	#日志文件类型

log_max_days = 3	#日志文件保持时间

token = 12345678	#身份验证令牌
pool_count = 5	#连接数,默认为0
tcp_mux = true	#默认为true，它必须与frps相同
user = your_name	#代理名

login_fail_exit = true	#首次登录失败时退出程序，否则连续重新登录到frps,默认为true
protocol = tcp	#用于连接服务器的通信协议,现在它支持tcp和kcp以及websocket，默认是tcp
tls_enable = true	#如果tls_enable是真实的，FRPC将连接用TLS

[ssh] #代理名称
type = tcp	#TCP | udp | http | https | stcp | xtcp，默认为tcp
local_ip = 127.0.0.1
local_port = 22
use_encryption = false	#是否加密,默认true
use_compression = false	#是否 压缩,默认true
remote_port = 6001	
group = test_group
group_key = 123456
health_check_type = tcp
health_check_timeout_s = 3
health_check_max_failed = 3
health_check_interval_s = 10

http及https配置

[web01]
type = http
local_ip = 127.0.0.1
local_port = 80
use_encryption = false
use_compression = true
# http username and password are safety certification for http protocol
# if not set, you can access this custom_domains without certification
http_user = admin
http_pwd = admin
# if domain for frps is frps.com, then you can access [web01] proxy by URL http://test.frps.com
subdomain = web01
custom_domains = web02.yourdomain.com
# locations is only available for http type
locations = /,/pic
host_header_rewrite = example.com
# params with prefix "header_" will be used to update http request headers
header_X-From-Where = frp
health_check_type = http
# frpc will send a GET http request '/status' to local http service
# http service is alive when it return 2xx http response code
health_check_url = /status
health_check_interval_s = 10
health_check_max_failed = 3
health_check_timeout_s = 3

[web02]
type = https
local_ip = 127.0.0.1
local_port = 8000
use_encryption = false
use_compression = false
subdomain = web01
custom_domains = web02.yourdomain.com
# if not empty, frpc will use proxy protocol to transfer connection info to your local service
# v1 or v2 or empty
proxy_protocol_version = v2

关注公众号『窗外天空』

获取更多建站运营运维新知！
互联网创业、前沿技术......