开源内网穿透工具FRP配置SSH和网站访问,构建本地私有云NAS,非常详细的配置细节,复刻即可成功

7512

简介:

FRP 是一个可用于内网穿透的高性能的反向代理应用,支持 tcp, udp 协议,为 http 和 https
应用协议提供了额外的能力,且尝试性支持了点对点穿透。名称其实就是使用了 Fast Reverse Proxy 的首字母缩写。

需求:

有一台链接了家里路由器的微服务器,可以访问外网,但是人在外面,无法通过外网链接到服务器,也没办法访问内网服务器上部署的私有云网盘。需要打通外网访问内网路由器。

原理介绍:

  • 需要一台外网的云服务器,有固定IP
  • 需要一个域名,二级域名也可以,能解析到固定IP,配置http访问的时候需要用到

需要在云服务器上部署服务端,即frps,在内网服务器部署客户端,frpc。
我的服务器都是centos操作系统的,不同系统请在github上下载对应版本。然后配通接口即可。

注意:frp下载下来就包含客户端和服务端版本

在这里插入图片描述

配置内容:

服务器端:

准备放开1个代理接口,1个http接口,1个https接口,按需来配,这里我不用https,所以没有配置,就开放了2个端口。
注意:需要云服务器配置放开这些端口

<span class="token punctuation">[</span><span class="token attribute"><span class="token class-name">common</span></span><span class="token punctuation">]</span> bind_port <span class="token operator">=</span> <span class="token number">8001</span> #绑定的代理端口 vhost_http_port <span class="token operator">=</span> <span class="token number">8002</span> #http端口 auth_token <span class="token operator">=</span> <span class="token number">123</span> #客户端一致的密码 log_file <span class="token operator">=</span> <span class="token punctuation">.</span><span class="token operator">/</span>frps<span class="token punctuation">.</span>log #日志,方面查看错误 
<span class="token punctuation">[</span><span class="token attribute"><span class="token class-name">common</span></span><span class="token punctuation">]</span> bind_port <span class="token operator">=</span> <span class="token number">8001</span> #绑定的代理端口 vhost_http_port <span class="token operator">=</span> <span class="token number">8002</span> #http端口 auth_token <span class="token operator">=</span> <span class="token number">123</span> #客户端一致的密码 log_file <span class="token operator">=</span> <span class="token punctuation">.</span><span class="token operator">/</span>frps<span class="token punctuation">.</span>log #日志,方面查看错误 
[common] bind_port = 8001 #绑定的代理端口 vhost_http_port = 8002 #http端口 auth_token = 123 #客户端一致的密码 log_file = ./frps.log #日志,方面查看错误

在这里插入图片描述

客户端:

common配置绑定server的端口
x.x.x.x是指服务器的IP
frp.yourdomainname.com是需要填你自己以及绑好的域名

ssh是配置ssh远程链接的,请把本地服务器8003端口放开,22端口也要放开
web01是你的网站,对应的5000端口也要放开

<span class="token punctuation">[</span><span class="token attribute"><span class="token class-name">common</span></span><span class="token punctuation">]</span> server_addr <span class="token operator">=</span> <span class="token class-name">x<span class="token punctuation">.</span>x<span class="token punctuation">.</span>x<span class="token punctuation">.</span>x</span> server_port <span class="token operator">=</span> <span class="token number">8001</span> auth_token <span class="token operator">=</span> <span class="token number">123</span> #需要和服务器一样 process_keepalive_interval <span class="token operator">=</span> <span class="token number">60</span> #进程保护,间隔多久检测 restart_delay <span class="token operator">=</span> <span class="token number">1</span> #重启时间 log_file <span class="token operator">=</span> <span class="token punctuation">.</span><span class="token operator">/</span>frpc<span class="token punctuation">.</span>log <span class="token punctuation">[</span>ssh<span class="token punctuation">]</span> type <span class="token operator">=</span> <span class="token class-name">tcp</span> local_ip <span class="token operator">=</span> <span class="token number">127.0</span><span class="token number">.0</span><span class="token number">.1</span> local_port <span class="token operator">=</span> <span class="token number">22</span> remote_port <span class="token operator">=</span> <span class="token number">8003</span> #需要开放这个端口 <span class="token punctuation">[</span><span class="token attribute"><span class="token class-name">web01</span></span><span class="token punctuation">]</span> type <span class="token operator">=</span> <span class="token class-name">http</span> local_ip <span class="token operator">=</span> <span class="token number">0.0</span><span class="token number">.0</span><span class="token number">.0</span> local_port <span class="token operator">=</span> <span class="token number">5000</span> use_encryption <span class="token operator">=</span> <span class="token class-name">false</span> use_compression <span class="token operator">=</span> <span class="token boolean">true</span> header_X<span class="token operator">-</span>From<span class="token operator">-</span>Where <span class="token operator">=</span> <span class="token class-name">frp</span> custom_domains <span class="token operator">=</span> frp<span class="token punctuation">.</span>yourdomainname<span class="token punctuation">.</span>com 
<span class="token punctuation">[</span><span class="token attribute"><span class="token class-name">common</span></span><span class="token punctuation">]</span> server_addr <span class="token operator">=</span> <span class="token class-name">x<span class="token punctuation">.</span>x<span class="token punctuation">.</span>x<span class="token punctuation">.</span>x</span> server_port <span class="token operator">=</span> <span class="token number">8001</span> auth_token <span class="token operator">=</span> <span class="token number">123</span> #需要和服务器一样 process_keepalive_interval <span class="token operator">=</span> <span class="token number">60</span> #进程保护,间隔多久检测 restart_delay <span class="token operator">=</span> <span class="token number">1</span> #重启时间 log_file <span class="token operator">=</span> <span class="token punctuation">.</span><span class="token operator">/</span>frpc<span class="token punctuation">.</span>log <span class="token punctuation">[</span>ssh<span class="token punctuation">]</span> type <span class="token operator">=</span> <span class="token class-name">tcp</span> local_ip <span class="token operator">=</span> <span class="token number">127.0</span><span class="token number">.0</span><span class="token number">.1</span> local_port <span class="token operator">=</span> <span class="token number">22</span> remote_port <span class="token operator">=</span> <span class="token number">8003</span> #需要开放这个端口 <span class="token punctuation">[</span><span class="token attribute"><span class="token class-name">web01</span></span><span class="token punctuation">]</span> type <span class="token operator">=</span> <span class="token class-name">http</span> local_ip <span class="token operator">=</span> <span class="token number">0.0</span><span class="token number">.0</span><span class="token number">.0</span> local_port <span class="token operator">=</span> <span class="token number">5000</span> use_encryption <span class="token operator">=</span> <span class="token class-name">false</span> use_compression <span class="token operator">=</span> <span class="token boolean">true</span> header_X<span class="token operator">-</span>From<span class="token operator">-</span>Where <span class="token operator">=</span> <span class="token class-name">frp</span> custom_domains <span class="token operator">=</span> frp<span class="token punctuation">.</span>yourdomainname<span class="token punctuation">.</span>com 
[common] server_addr = x.x.x.x server_port = 8001 auth_token = 123 #需要和服务器一样 process_keepalive_interval = 60 #进程保护,间隔多久检测 restart_delay = 1 #重启时间 log_file = ./frpc.log [ssh] type = tcp local_ip = 127.0.0.1 local_port = 22 remote_port = 8003 #需要开放这个端口 [web01] type = http local_ip = 0.0.0.0 local_port = 5000 use_encryption = false use_compression = true header_X-From-Where = frp custom_domains = frp.yourdomainname.com

在这里插入图片描述

说明下数据走的流程,ssh连到云服务器ip后走8001访问绑定的客户端,找到对应8003这个服务,然后走22这个端口
http同理,通过域名找到对应的服务端口访问

测试连接是否成功

ssh root@x<span class="token punctuation">.</span>x<span class="token punctuation">.</span>x<span class="token punctuation">.</span>x <span class="token operator">-</span>p <span class="token number">8003</span> 
ssh root@x<span class="token punctuation">.</span>x<span class="token punctuation">.</span>x<span class="token punctuation">.</span>x <span class="token operator">-</span>p <span class="token number">8003</span> 
ssh root@x.x.x.x -p 8003

部署centos代码:

下载:如果没法连到github下载,可以本地先通过地址下载再传上去

<span class="token class-name">wget</span> https<span class="token punctuation">:</span><span class="token operator">/</span><span class="token operator">/</span>github<span class="token punctuation">.</span>com<span class="token operator">/</span>fatedier<span class="token operator">/</span>frp<span class="token operator">/</span>releases<span class="token operator">/</span>download<span class="token operator">/</span>v0<span class="token punctuation">.</span><span class="token number">32.1</span><span class="token operator">/</span>frp_0<span class="token punctuation">.</span><span class="token number">32</span><span class="token punctuation">.</span>1_linux_amd64<span class="token punctuation">.</span>tar<span class="token punctuation">.</span>gz 
<span class="token class-name">wget</span> https<span class="token punctuation">:</span><span class="token operator">/</span><span class="token operator">/</span>github<span class="token punctuation">.</span>com<span class="token operator">/</span>fatedier<span class="token operator">/</span>frp<span class="token operator">/</span>releases<span class="token operator">/</span>download<span class="token operator">/</span>v0<span class="token punctuation">.</span><span class="token number">32.1</span><span class="token operator">/</span>frp_0<span class="token punctuation">.</span><span class="token number">32</span><span class="token punctuation">.</span>1_linux_amd64<span class="token punctuation">.</span>tar<span class="token punctuation">.</span>gz 
wget https://github.com/fatedier/frp/releases/download/v0.32.1/frp_0.32.1_linux_amd64.tar.gz

解压:

tar <span class="token operator">-</span>xvf frp_0<span class="token punctuation">.</span><span class="token number">32</span><span class="token punctuation">.</span>1_linux_amd64<span class="token punctuation">.</span>tar<span class="token punctuation">.</span>gz 
tar <span class="token operator">-</span>xvf frp_0<span class="token punctuation">.</span><span class="token number">32</span><span class="token punctuation">.</span>1_linux_amd64<span class="token punctuation">.</span>tar<span class="token punctuation">.</span>gz 
tar -xvf frp_0.32.1_linux_amd64.tar.gz

根据以上配置内容在配置好

在路径/usr/local创建文件夹frp,所有内容移植到此目录

添加执行权限: 确保 /usr/local/frp/frps 文件有执行权限。如果是客户端对应要执行frpc

chmod <span class="token operator">+</span>x <span class="token operator">/</span>usr<span class="token operator">/</span>local<span class="token operator">/</span>frp<span class="token operator">/</span>frps 
chmod <span class="token operator">+</span>x <span class="token operator">/</span>usr<span class="token operator">/</span>local<span class="token operator">/</span>frp<span class="token operator">/</span>frps 
chmod +x /usr/local/frp/frps

配置systemctl来控制运行
vim打开文件 vim /usr/lib/systemd/system/frp.service 写入以下内容,注意上文的路径和此处有关。这里是启动的服务端,客户端类似,注意修改运行程序

<span class="token punctuation">[</span><span class="token attribute"><span class="token class-name">Unit</span></span><span class="token punctuation">]</span> Description<span class="token operator">=</span>The nginx HTTP <span class="token keyword">and</span> reverse proxy <span class="token class-name">server</span> After<span class="token operator">=</span>network<span class="token punctuation">.</span>target remote<span class="token operator">-</span>fs<span class="token punctuation">.</span>target nss<span class="token operator">-</span>lookup<span class="token punctuation">.</span>target <span class="token punctuation">[</span>Service<span class="token punctuation">]</span> Type<span class="token operator">=</span><span class="token class-name">simple</span> ExecStart<span class="token operator">=</span><span class="token operator">/</span>usr<span class="token operator">/</span>local<span class="token operator">/</span>frp<span class="token operator">/</span>frps <span class="token operator">-</span>c <span class="token operator">/</span>usr<span class="token operator">/</span>local<span class="token operator">/</span>frp<span class="token operator">/</span><span class="token class-name">frps<span class="token punctuation">.</span>ini</span> KillSignal<span class="token operator">=</span><span class="token class-name">SIGQUIT</span> TimeoutStopSec<span class="token operator">=</span><span class="token number">5</span> KillMode<span class="token operator">=</span><span class="token class-name">process</span> PrivateTmp<span class="token operator">=</span><span class="token class-name">true</span> StandardOutput<span class="token operator">=</span><span class="token class-name">syslog</span> StandardError<span class="token operator">=</span>inherit <span class="token punctuation">[</span>Install<span class="token punctuation">]</span> WantedBy<span class="token operator">=</span>multi<span class="token operator">-</span>user<span class="token punctuation">.</span>target 
<span class="token punctuation">[</span><span class="token attribute"><span class="token class-name">Unit</span></span><span class="token punctuation">]</span> Description<span class="token operator">=</span>The nginx HTTP <span class="token keyword">and</span> reverse proxy <span class="token class-name">server</span> After<span class="token operator">=</span>network<span class="token punctuation">.</span>target remote<span class="token operator">-</span>fs<span class="token punctuation">.</span>target nss<span class="token operator">-</span>lookup<span class="token punctuation">.</span>target <span class="token punctuation">[</span>Service<span class="token punctuation">]</span> Type<span class="token operator">=</span><span class="token class-name">simple</span> ExecStart<span class="token operator">=</span><span class="token operator">/</span>usr<span class="token operator">/</span>local<span class="token operator">/</span>frp<span class="token operator">/</span>frps <span class="token operator">-</span>c <span class="token operator">/</span>usr<span class="token operator">/</span>local<span class="token operator">/</span>frp<span class="token operator">/</span><span class="token class-name">frps<span class="token punctuation">.</span>ini</span> KillSignal<span class="token operator">=</span><span class="token class-name">SIGQUIT</span> TimeoutStopSec<span class="token operator">=</span><span class="token number">5</span> KillMode<span class="token operator">=</span><span class="token class-name">process</span> PrivateTmp<span class="token operator">=</span><span class="token class-name">true</span> StandardOutput<span class="token operator">=</span><span class="token class-name">syslog</span> StandardError<span class="token operator">=</span>inherit <span class="token punctuation">[</span>Install<span class="token punctuation">]</span> WantedBy<span class="token operator">=</span>multi<span class="token operator">-</span>user<span class="token punctuation">.</span>target 
[Unit] Description=The nginx HTTP and reverse proxy server After=network.target remote-fs.target nss-lookup.target [Service] Type=simple ExecStart=/usr/local/frp/frps -c /usr/local/frp/frps.ini KillSignal=SIGQUIT TimeoutStopSec=5 KillMode=process PrivateTmp=true StandardOutput=syslog StandardError=inherit [Install] WantedBy=multi-user.target

重新加载服务的配置文件

systemctl daemon<span class="token operator">-</span>reload 
systemctl daemon<span class="token operator">-</span>reload 
systemctl daemon-reload

用 systemctl 套装来控制FRP
启动,停止,重启,查看状态,设置开机自启,关闭开机自启

systemctl start frp systemctl stop frp systemctl restart frp systemctl status frp systemctl enable frp systemctl disable frp 
systemctl start frp systemctl stop frp systemctl restart frp systemctl status frp systemctl enable frp systemctl disable frp 
systemctl start frp systemctl stop frp systemctl restart frp systemctl status frp systemctl enable frp systemctl disable frp

执行即可完成!

PS:注意服务器和客户端都需要这样操作一遍,注意执行主体,服务器端是对应frps,客户端对应frpc

原文链接:https://blog.csdn.net/zuiyuewentian/article/details/135604005

© 版权声明
声明📢本站内容均来自互联网,归原创作者所有,如有侵权必删除。 本站文章皆由CC-4.0协议发布,如无来源则为原创,转载请注明出处。
THE END
云计算
喜欢就支持一下吧
点赞12 分享
相关推荐
吞天雀AI助手-陌上烟雨遥
幻灯片-陌上烟雨遥

Nginx+Keepalived实现站点高可用

SSL证书怎么部署,SSL证书需要怎么安装你知道吗?

nas存储选购方案(新手入坑NAS推荐)

Linux-网关/路由-route

宝塔面板一键部署

Ubuntu Server 部署Springboot项目

深度学习环境配置(Ubuntu+Anaconda)

如何正确配置nginx作为Tine20 Docker容器的反向代理(与Apache2一起运行)?

Ubuntu 修改网络配置与DNS通过命令方式

Python实现阿里云DDNS动态域名解析

docker部署jar的两种方式

硬盘装满了?NAS重度患者的2个选择

一文搞懂“如何通过群晖+DNSPod DDNS搭建私有云服务?”

安装宝塔,使用宝塔自动部署

QNAP威联通20周年庆典,更新的系统,更好的产品,更好的用户体验

绿联NAS升级指南丨老用户切换Pro系统,最新体验到底如何?

铁威马NAS阵列管理工具-TRAID,阵列管理更有弹性

想买个NAS,竟还要考虑操作系统的事?

如何免费快速的部署一个自用免VIP的自动追剧工具!(支持Windows,群晖nas,飞牛nas,软路由,服务器等Docker快速部署)

超详细图解:从 0 搭建一个个人网站,也太简单了吧

Openwrt 作为旁路网关(不是旁路由!!)正确配置方法,性能测试 —— 破解迷思

群晖安装OpenWrt(iStoreOS)构建旁路由配置

群晖套件推荐哪些(2023年9款群晖套件推荐)

套件开发 群晖nas_群晖NAS套件中心无法打开,以及quickconnect远程访问无法登录的解决办法…

群晖docker必装软件(群晖docker使用教程)

【总结】PT入门教程 -以m-team.cc 馒头为例 邀请码分享

群晖虚拟机VMM装OpenWrt软路由宽带跑不满的一些坑

群晖NAS如何设置管理IP及固定IP

NAS | 群晖安装 qBittorrent 套件并优化设置、替换 UI(非 docker 安装) | 醉渔小站

群晖nas同步微云方法(用第三方套件通过Cloud)

联发科x30处理器相当于骁龙多少

骁龙8+处理器怎么样 骁龙8+相当于天玑多少

三星、台积电都被美国人控股?任正非:华为就是要九死一生

天玑92000相当于骁龙多少处理器(天玑920780g)

为什么主流NAS产品的外网访问速度都很慢?

骁龙处理器排名手机处理器排名2023天梯榜

「NAS」黑群晖7.1最新版本合集(DS918+/DS3617xs/DS3622xs,04月22日更新支持7.1.1-42962-Update5)

openwrt系统下修改网关_「超详细教程」在群晖安装openwrt软路由

12代cpu性能天梯图

群晖NAS系统如何配置网口聚合方法教程

换新网络后,群辉NAS如何手动更换为新静态IP-陌上烟雨遥
2429人已阅读
换新网络后,群辉NAS如何手动更换为新静态IP
TOP1
Openwrt 作为旁路网关(不是旁路由!!)正确配置方法,性能测试 —— 破解迷思-陌上烟雨遥
Openwrt 作为旁路网关(不是旁路由!!)正确配置方法,性能测试 —— 破解迷思
2年前2274人已阅读
TOP2
如何查看群晖套件的安装目录及套件位置-陌上烟雨遥
如何查看群晖套件的安装目录及套件位置
2年前2097人已阅读
TOP3
群晖安装OpenWrt(iStoreOS)构建旁路由配置-陌上烟雨遥
群晖安装OpenWrt(iStoreOS)构建旁路由配置
2年前2090人已阅读
TOP4
移动宽带配置IPV6环境,通过外网访问群晖NAS-陌上烟雨遥
移动宽带配置IPV6环境,通过外网访问群晖NAS
2年前1881人已阅读
TOP5
群晖套件推荐哪些(2023年9款群晖套件推荐)-陌上烟雨遥
群晖套件推荐哪些(2023年9款群晖套件推荐)
2年前1694人已阅读
TOP6
黑群晖菜鸟安装教程(一)制作U盘引导及软洗白!-陌上烟雨遥
黑群晖菜鸟安装教程(一)制作U盘引导及软洗白!
2年前1684人已阅读
TOP7
【保姆教程】115网盘终于支持群晖nas啦!手把手教你群晖NAS-docker安装115网盘!-陌上烟雨遥
【保姆教程】115网盘终于支持群晖nas啦!手把手教你群晖NAS-docker安装115网盘!
2年前1571人已阅读
TOP8
群晖NAS搭建DDNS服务操作和步骤(使用dnspod域名解析)-陌上烟雨遥
群晖NAS搭建DDNS服务操作和步骤(使用dnspod域名解析)
2年前1569人已阅读
TOP9
iStoreOS 使用 阿里云 ddns + https-陌上烟雨遥
iStoreOS 使用 阿里云 ddns + https
2年前1503人已阅读
TOP10
热搜标签
nas群晖dockerwordpress软件DDNS路由硬盘存储硬盘docker命令https域名电脑硬盘mysqlfrpseo电脑nas存储frp内网穿透镜像固态硬盘域名服务器nas服务器linux系统阿里OpenWrt域名解析网站服务器linux服务器虚拟机
文章分类
陌上云铁威马路由器读书笔记群晖绿联ugnas极空间新随笔数码资讯教程转载教程学习技术经验心情随笔小米NAS宝塔威联通域名优质教程产品推荐云计算