frp v0.51.3 releases: fast reverse proxy for exposing a local server behind a NAT or firewall to the internet
frp is a fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet. Now, it supports tcp, udp, HTTP, and https protocols when requests can be forwarded by domains to backward web services.
What can I do with frp?
- Expose any http and https service behind a NAT or firewall to the internet by a server with a public IP address(Name-based Virtual Host Support).
- Expose any tcp or udp service behind a NAT or firewall to the internet by a server with the public IP address.
Architecture
For some services, if the direct exposure to the public network will be a security risk.
Use a proxy of type stcp (secret tcp) to prevent anyone from having access to the service they want to penetrate, but the visitor also needs to run another frpc.
The following example will create an ssh service proxy that only has access to it.
Normal start frps.
Start frpc, forward network ssh service, configuration is as follows, do not need to specify the remote port:
# frpc.ini
[common]
server_addr = x.x.x.x
server_port = 7000[secret_ssh]
type = stcp
sk = abcdefg
local_ip = 127.0.0.1
local_port = 22
In the machine to visit this service to start another frpc, the configuration is as follows:
# frpc.ini
[common]
server_addr = x.x.x.x
server_port = 7000[secret_ssh_vistor]
type = stcp
role = vistor
server_name = secret_ssh
sk = abcdefg
bind_addr = 127.0.0.1
bind_port = 6000
Through ssh visit the network machine, assuming the username test:
ssh -oPort=6000 test@127.0.0.1
Example Usage
Firstly, download the latest programs from Release page according to your os and arch.
Put frps and frps.ini to your server with public IP.
Put frpc and frpc.ini to your server in LAN.
Access your computer in LAN by SSH
- Modify frps.ini:
# frps.ini
[common]
bind_port = 7000 - Start frps:
./frps -c ./frps.ini - Modify frpc.ini, server_addr is your frps’s server IP:# frpc.ini
[common]
server_addr = x.x.x.x
server_port = 7000[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22
remote_port = 6000 - Start frpc:
./frpc -c ./frpc.ini - Connect to the server in LAN by ssh assuming that username is tested:
ssh -oPort=6000 test@x.x.x.x
More info and tutorial, visit here.
Copyright 2017 fatedier