As a developer, there are many scenarios that need to use intranet penetration. For example, when we access some large platforms to make third-party applications, we need to let the WeChat platform access the locally provided tools when developing WeChat official account tools locally. Interface. In addition, there are many other scenarios that will also be used, such as: exposing the NAS or server at home to the public network, so that it can be accessed anytime and anywhere when outside.
When it comes to intranet traditions, the first thing TJ thinks of is the earliest well-known software in China: Peanut Shell. But today I am not going to recommend it, but a better open source project: frp! The project has already harvested 69.9 K Stars and has been greatly recognized on GitHub!
Download and install
frp currently provides supported versions of most operating systems, through this link: github.com/fatedier/fr ... You can download the installation that suits your use.
Taking the Windows package as an example, you can get these contents after decompression:
frps is a server program, and frpc is a client program. ini file is the corresponding configuration file.
The first blog.didispace.com/tj-opensour… , please indicate the source for reprinting
Expose intranet services
There are many methods of intranet penetration. Here is a common example.
For example: I want to expose a server that only I can access. Then you can configure it like this:
Configure frps.ini and start the server frps
[common]
bind_port = 7000
Deploy frpc on the machine that needs to be exposed to the external network, the configuration is as follows:
[common]
server_addr = x.x.x.x
server_port = 7000
[secret_ssh]
type = stcp
# 只有 sk 一致的用户才能访问到此服务
sk = abcdefg
local_ip = 127.0.0.1
local_port = 22
Deploy frpc on the machine that wants to access the intranet service, the configuration is as follows:
[common]
server_addr = x.x.x.x
server_port = 7000
[secret_ssh_visitor]
type = stcp
# stcp 的访问者
role = visitor
# 要访问的 stcp 代理的名字
server_name = secret_ssh
sk = abcdefg
# 绑定本地端口用于访问 SSH 服务
bind_addr = 127.0.0.1
bind_port = 6000
After starting frpc, you can access the intranet machine through SSH
ssh -oPort=6000 test@127.0.0.1
other support
In addition to the above gameplay, frp has many ways to play, such as:
- Customize the domain name to access the web service of the intranet
- Forward DNS lookup requests
- Forwarding Unix Domain Sockets
- Provide simple file access services externally
- Enable HTTPS for local HTTP service
- Peer-to-peer intranet penetration
The space is limited, so I won’t say much about how to configure it here. Readers who need it can directly view the official documents, which have detailed server-side client-side configuration cases.
Finally, here are the relevant links:
Open source address: github.com/fatedier/fr… Documentation address: gofrp.org/docs/
Welcome to pay attention to my official account: Programmer DD. Learn cutting-edge industry news at the first time, share in-depth technical dry goods, and obtain high-quality learning resources