The role of frp
1. Use a machine on the intranet or behind a firewall to provide http or https services to the external network environment.
2. For http and https services, it supports domain name-based virtual hosts and custom domain name binding, so that multiple domain names can share a port 80.
3. Use machines on the intranet or behind the firewall to provide TCP and UDP services to the external network environment, such as accessing hosts in the company's intranet environment through SSH at home.
Server configuration
Upload the Linux version of frp to the public server.
unzip
Enter the frp_0.39.1_linux_amd64 directory and modify the frps.ini file
cd frp_0.39.1_linux_amd64/
vi frps.ini
[common]
# frp监听的端口,默认是7000,可以改成其他的
bind_port = 7000
# 授权码,请改成更复杂的
token = 52010 # 这个token之后在客户端会用到
# frp管理后台端口,请按自己需求更改
dashboard_port = 7500
# frp管理后台用户名和密码,请改成自己的
dashboard_user = admin
dashboard_pwd = admin
enable_prometheus = true
# frp日志配置
log_file = /var/log/frps.log
log_level = info
log_max_days = 3
Set up and start frp service
sudo mkdir -p /etc/frp
sudo cp frps.ini /etc/frp
sudo cp frps /usr/bin
sudo cp systemd/frps.service /usr/lib/systemd/system/
sudo systemctl enable frps
sudo systemctl start frps
If the above commands are executed in sequence without any errors, the startup is successful.
Firewall open port
You can also execute the following command to open the port
# 添加监听端口
sudo firewall-cmd --permanent --add-port=7000/tcp
# 添加管理后台端口
sudo firewall-cmd --permanent --add-port=7500/tcp
sudo firewall-cmd --reload
Note: a. If it is ubuntu or centos 6, please use the ufw/iptables tool to release the port;
b. The two ports 7000 and 7500 correspond to bind_port and dashboard_port in the frps.ini configuration respectively.
Verify whether the server starts successfully
Visit: http://server IP :backend management port", enter the username and password to view the connection status, such as: http://yourip:7500, the username and password correspond to dashboard_user and dashboard_pwd in the frps.ini file respectively. After logging in, the interface is as follows :
Client configuration
Unzip frp
First delete the file starting with frps, and then configure it (frps is a server-side file)
Edit frpc.ini
[common]
server_addr = 124.220.180.128 #公网服务器ip
server_port = 7000 #与服务端bind_port一致
[yclj]
type = tcp
local_ip = 127.0.0.1
local_port = 22 # 22是Linux的远程连接端口
remote_port = 6000 # 远程服务器端口(自定义)