内网穿透软件
# 一、frp
文档 | frp (gofrp.org) (opens new window)
# 1、下载frp
Release v0.37.1 · fatedier/frp (github.com) (opens new window)
# 2、服务器端修改frps.ini
/mnt/soft/frp/frps.ini
[common]
bind_port = 7000
vhost_http_port = 7080
token = frp.yemey
subdomain_host = frp.gmzx.com
1
2
3
4
5
2
3
4
5
更多配置,可以看目录里面的frps_full.ini 服务器将7000/7100端口添加到安全组里面
# 3、启动frp服务
Fprs服务命令:vi /lib/systemd/system/frps.service
[Unit]
Description=fraps service
After=network.target syslog.target
Wants=network.target
[Service]
Type=simple
ExecStart=/mnt/soft/frp/frps -c /mnt/soft/frp/frps.ini
[Install]
WantedBy=multi-user.target
1
2
3
4
5
6
7
8
9
10
11
12
13
2
3
4
5
6
7
8
9
10
11
12
13
Fprc服务命令: vi /lib/systemd/system/frpc.service
[Unit]
Description=fraps service
After=network.target syslog.target
Wants=network.target
[Service]
Type=simple
ExecStart=/mnt/soft/frp/frpc -c /mnt/soft/frp/frpc.ini
[Install]
WantedBy=multi-user.target
1
2
3
4
5
6
7
8
9
10
11
12
13
2
3
4
5
6
7
8
9
10
11
12
13
systemctl start frps
systemctl enable frps
lsof -i:7000 #查看端口是否启动
1
2
3
4
2
3
4
# 4、创建客户端连接
[common]
server_addr = 120.25.241.30
server_port = 7000
token = frp.yemey
[ssh]
# tcp | udp | http | https | stcp | xtcp, default is tcp
type = tcp
local_ip = 192.168.56.50
local_port = 22
# limit bandwidth for this proxy, unit is KB and MB
bandwidth_limit = 1MB
# true or false, if true, messages between frps and frpc will be encrypted, default is false
use_encryption = false
# if true, message will be compressed
use_compression = false
# remote port listen by frps
remote_port = 7001
[web-frp-wx]
type = http
local_ip = 127.0.0.1
local_port = 80
remote_port = 7002
subdomain = wx
custom_domains = frp.gmzx.com
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
更多配置,可以看目录里面的frpc_full.ini
# 5、绑定域名
# A、添加域名解析
*.frp.gmzx.com 指到 120.25.241.30
# B、修改nginx配置
upstream frp_yemey {
ip_hash;
server yemey67:7080;
}
server {
listen 80;
#listen 443 ssl;
server_name *.frp.gmzx.com;
charset utf-8;
#ssl_certificate /usr/local/nginx/cert_gmzx/4768671__gmzx.com.pem;
#ssl_certificate_key /usr/local/nginx/cert_gmzx/4768671__gmzx.com.key;
location / {
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Headers X-Requested-With;
add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_buffering off;
proxy_pass http://frp_yemey;
}
location ~* \.(jpg|jpeg|png|gif|swf)$ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_pass http://frp_yemey;
expires 3d;
}
location ~* \.(js|css)$ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_pass http://frp_yemey;
expires 7d;
}
location ~* \.flv$ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://frp_yemey;
expires 30d;
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
# 二、ZeroTier
见pigx里面的文档
systemctl restart zerotier-one
zerotier-cli join 8850338390fd1c5b # 加入网络ID
zerotier-cli leave 8850338390fd1c5b # 退出网络ID
1
2
3
4
2
3
4