- Github: https://github.com/fatedier/frp
- Document: EN, 中文
- Introduction: frps is a fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
- Advantage:compared with teamviewer, frp does not request you to install any application on your device (laptop, pc etc.), only you need to do is
ssh -oPort=xxxx username@x.x.x.x
. Compared with ngrox, open-sourcengrox 1.x
version may cause very serious memory leaks, improvedngrox 2.x
version is not open-source any more.
This blog mainly tells how to communicate with your computer in LAN by SSH, based on frp 0.9.1
Server
Modify
frps_min.ini
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15[common]
bind_addr = 0.0.0.0
bind_port = 7000
vhost_http_port = 80
vhost_https_port = 443
dashboard_port = 7500
privilege_mode = true
privilege_token = xxxxxx
privilege_allow_ports = 2000-3000,4000-50000
[ssh]
type = tcp
auth_token = xxxxx
bind_addr = 0.0.0.0
listen_port = 6000You should make the tokens complex enough, to ensure the safety. Notice one
listen_port
corresponds to one local machine behind a NAT of firewall. so if you want to add a newer proxy, you should add the below codes:1
2
3
4
5[new_ssh]
type = tcp
auth_token = xxxxx
bind_addr = 0.0.0.0
listen_port = 6001However it could be quite inconvenient, cause we have to operate it each time we want to add a new proxy, so privilege mode is coming out, which allows you to modify configuration in your local machine, without changing server setting. And definition of
privilege_allow_ports
could prevent abuse of ports in privilege mode.Start frps in background
1
nohup ./frps -c ./frps_min.ini &
Sometimes it needs root permission, then you have to command
sudo -s
to enter root user at first.
Client
modify
frpc_min.ini
1
2
3
4
5
6
7
8
9
10
11
12[common]
server_addr = x.x.x.x
server_port = 7000
auth_token = xxxxx
privilege_token = xxxxx
[ssh]
privilege_mode = true
type = tcp
local_ip = 127.0.0.1
local_port = 22
remote_port = xxxxNotice I enable privilege mode here. The
auth_token
andprivilege_token
should be the samle as which in server.start frpc in the backgroud
1
nohup ./frpc -c ./frpc_min.ini
User
1 | ssh -oPort=xxxx username@x.x.x.x |
Here oPort
is the remote_port
in frpc_min.ini
, username
is the name of local machine behind the NAT.
Restart and stop
restart (or reload): ./frps -c ./frps_min.ini --reload
stop: use ps -ef | grep frp
to get frps or frpc pid, then kill -9 $(pid)