frp v0.48 releases: fast reverse proxy for exposing a local server behind a NAT or firewall to the internet

by do son · Published · Updated

frp is a fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet. Now, it supports tcp, udp, HTTP, and https protocols when requests can be forwarded by domains to backward web services.

What can I do with frp?

  • Expose any http and https service behind a NAT or firewall to the internet by a server with a public IP address(Name-based Virtual Host Support).
  • Expose any tcp or udp service behind a NAT or firewall to the internet by a server with the public IP address.

Architecture

Changelog v0.48

New

  • The httpconnect type in tcpmux now supports authentication through the parameters http_user and http_pwd.

Improved

  • The web framework has been upgraded to vue3 + element-plus, and the dashboard has added some information display and supports dark mode.
  • The e2e testing has been switched to ginkgo v2.

Download

For some services, if the direct exposure to the public network will be a security risk.

Use a proxy of type stcp (secret tcp) to prevent anyone from having access to the service they want to penetrate, but the visitor also needs to run another frpc.

The following example will create an ssh service proxy that only has access to it.

Normal start frps.

Start frpc, forward network ssh service, configuration is as follows, do not need to specify the remote port:

# frpc.ini
[common]
server_addr = x.x.x.x
server_port = 7000

[secret_ssh]
type = stcp
sk = abcdefg
local_ip = 127.0.0.1
local_port = 22

In the machine to visit this service to start another frpc, the configuration is as follows:

# frpc.ini
[common]
server_addr = x.x.x.x
server_port = 7000

[secret_ssh_vistor]
type = stcp
role = vistor
server_name = secret_ssh
sk = abcdefg
bind_addr = 127.0.0.1
bind_port = 6000

Through ssh visit the network machine, assuming the username test:

ssh -oPort=6000 test@127.0.0.1

Example Usage

Firstly, download the latest programs from Release page according to your os and arch.

Put frps and frps.ini to your server with public IP.

Put frpc and frpc.ini to your server in LAN.

Access your computer in LAN by SSH

  1. Modify frps.ini:
    # frps.ini
    [common]
    bind_port = 7000
  2. Start frps:
    ./frps -c ./frps.ini
  3. Modify frpc.ini, server_addr is your frps’s server IP:# frpc.ini
    [common]
    server_addr = x.x.x.x
    server_port = 7000[ssh]
    type = tcp
    local_ip = 127.0.0.1
    local_port = 22
    remote_port = 6000
  4. Start frpc:
    ./frpc -c ./frpc.ini
  5. Connect to the server in LAN by ssh assuming that username is tested:
    ssh -oPort=6000 test@x.x.x.x

More info and tutorial, visit here.

Copyright 2017 fatedier

Tags: proxy