One 、frp Intranet through

1,frp brief introduction

frp It is a high performance reverse proxy application focusing on Intranet penetration , Support TCP、UDP、HTTP、HTTPS Other protocols . You can make intranet services secure 、 Convenient way through the public network IP Node transfer is exposed to the public network .

What can you do with intranet penetration ？

• Remote access to Intranet http/https service
• Remote desktop (Windows/Mac)
• Remote files 、 SSH
• Applet development
  With intranet penetration, you can access your home computer from outside 、NAS、 Raspberry pie 、 Remote control devices such as webcam , That's nothing ~

frp It is an open source intranet penetration Application , There are client software and server software , The general working process is as follows ：

The server is running on a public network IP On , such as Linux On , And listen to a port , Wait for the client to connect .
The client runs on the intranet machine that needs to penetrate , For example, on the local computer , After connecting to the server , The server starts listening to the specified port that the client needs to penetrate .
The specified port that the Internet user connects to the server to listen on , Then the server forwards the user data to the intranet client , Achieve intranet penetration

frp working principle

Server operation , Listen to a primary port , Waiting for the client to connect ;
The client connects to the main port of the server , At the same time, tell the server the port to listen on and the forwarding type ;
Server side fork The new process listens to the port specified by the client ;
Internet users connect to the port specified by the client , The server forwards the data to the client through the connection with the client ;
The client process then forwards the data to the local service , So as to realize the ability of exposing services from the intranet .

The original simple explanation
The server and client agree to pass 7000 Port communication , The client tells the server to listen 6000 port ( Client configured remote_port =6000), Then the Internet server will listen for connection requests ： Internet server Ip Address :6000, If so, connect to the client , In this way, the purpose of Intranet penetration can be achieved .

2,frp download

Prepare an Alibaba cloud server , Ready to install frp Server side

Download address ：https://github.com/fatedier/frp/releases

2, decompression

Will download Linux Upload the compressed package to the server and decompress .

tar -xvf frp_0.38.0_linux_amd64.tar.gz 

Directory structure after decompression

Here you can choose to delete the programs and configurations that the client does not have , It can also not be deleted

rm -f frpc*

3, Server configuration

Edit the server configuration file frps.ini

vi frps.ini

[common] #  You have to configure 
bind_port = 7000 #  It's set by myself frp Server port 


#  Just set the above port , Don't worry about the following configuration information , For reference 
token = 123 # Set the password , For the sake of safety 
vhost_http_port = 7080 #  It's set by myself http Access port 
dashboard_port = 7010 #  The server web Management port 
dashboard_user = yang #  The server web Interface user name 
dashboard_pwd = 123456 #  Server side web Interface password 

[ssh] # ssh Reverse proxy ( It's not necessary to set )
listen_port = 6000 #  It's set by myself ssh Access port 

[web] # http Reverse proxy [] You can set the content in the , But the client and server must correspond ( Such as [aaa],[bbb]);
type = http #  For the service type , It can be set to http,https
custom_domains = test1.a.com #  For the domain name to map , Remember the domain name A Record the... To be resolved to the external host IP

[web2] #  ditto ( Multiple can be set )

Start server

./frpc -c ./frpc.ini

#  Background start 
nohup ./frpc -c ./frpc.ini &

4, Client configuration

My client here is my own local computer
Decompress on your local computer Windows Version of frp, Modify the client configuration file frpc.ini

[common]
#  long-range frp Server side ip
server_addr = 39.xxx.xxx.xxx
#  long-range frp Server port 
server_port = 7000

[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22
remote_port = 6000	#  The port to be monitored by the Internet server 

The computer black window starts frp.exe

frpc.exe -c frpc.ini

After the client starts ,Linux The server also displays information