一、安装
1、源码地址
https://github.com/fatedier/frp
2、中文文档
https://github.com/fatedier/frp/blob/master/README_zh.md
3、安装部署
#所有发布版本下载地址
https://github.com/fatedier/frp/releases
#安装命令(服务端和客户端都执行)
wget https://github.com/fatedier/frp/releases/download/v0.29.0/frp_0.29.0_linux_amd64.tar.gz
tar -xvf frp_0.29.0_linux_amd64.tar.gz -C /usr/local/
cd /usr/local/
mv frp_0.29.0_linux_amd64 frp
cd frp
#在服务端删除frpc和frpc.ini两个文件
rm -f frpc frpc.ini
#在服务端删除frps和frps.ini两个文件
rm -f frps frps.ini
二、配置文件
1、客户端修改frps.ini文件
#添加内容如下所示
[common]
bind_addr = 0.0.0.0
bind_port = 10000
bind_udp_port = 10001
vhost_http_port = 10003
vhost_https_port = 443
#kcp_bind_port = 10000
token = Abc#123&2wsx #和客户端token一致辞
authentication_timeout = 900
max_pool_count = 20
##日志记录
log_file = /var/log/frps.log
log_level = info
log_max_days = 3
##端口白名单
allow_ports = 10001,10048,10058,10076,10078,11110,11222,11112,11122,11123
##dashboard滥测面板
dashboard_port = 10002
dashboard_user = admin
dashboard_pwd = admin#123@zbc
2、客户端修改frpc.ini文件
#添加内容如下所示
[common]
#server_addr = 101.65.43.134
server_addr = asdf.test.com #此域名解释到服务端
server_port = 10000
#protocol = kcp
##指定需要使用的协议类型,默认类型为 TCP
tls_enable = true
token = Abc#123&2wsx #和服务端token一致辞
pool_count = 1
##日志记录
log_file = /var/log/frpc.log
log_level = info
log_max_days = 3
##配置客户端热加载
admin_addr = 127.0.0.1
admin_port = 7400
admin_user = admin
admin_pwd = admin
##织语客户端外网连接
[range:ccwork_tcp]
type = tcp
local_ip = 192.168.63.140
local_port = 10001,10048,10058,10076,10078,11110,11222,11112,11122,11123
remote_port = 10001,10048,10058,10076,10078,11110,11222,11112,11122,11123
use_encryption = true
use_compression = true
三、设置成systemd服务
1、服务端frps服务
vi /etc/systemd/system/frps.service
#添加内容如下所示
[Unit]
Description=FRP Server Daemon
[Service]
Type=simple
ExecStartPre=-/sbin/setcap cap_net_bind_service=+ep /usr/local/frp/frps
ExecStart=/usr/local/frp/frps -c /usr/local/frp/frps.ini
Restart=always
RestartSec=20s
User=nobody
PermissionsStartOnly=true
[Install]
WantedBy=multi-user.target
2、客户端frpc服务
vi /etc/systemd/system/frpc.service
#添加内容如下所示
[Unit]
Description=FRP Client Daemon
[Service]
Type=simple
ExecStartPre=-/sbin/setcap cap_net_bind_service=+ep /usr/local/frp/frpc
ExecStart=/usr/local/frp/frpc -c /usr/local/frp/frpc.ini
Restart=always
RestartSec=20s
User=nobody
PermissionsStartOnly=true
[Install]
WantedBy=multi-user.target
3、管理服务
#服务端
systemctl daemon-reload
systemctl enable frps
systemctl start frps
systemctl restart frps
systemctl stop frps
systemctl status frps
#客户端
systemctl daemon-reload
systemctl enable frpc
systemctl start frpc
systemctl restart frpc
systemctl stop frpc
systemctl status frpc
四、云厂商防火墙开放下列端口
443,10000-10003,10001,10048,10058,10076,10078,11110,11222,11112,11122,11123
五、服务端主机本地开放端口(或者关闭本地防火墙)
443,10000-10003,10001,10048,10058,10076,10078,11110,11222,11112,11122,11123
#执行命令
systemctl start firewalld
systemctl enable firewalld
firewall-cmd –zone=public –add-port=443/tcp –permanent
firewall-cmd –zone=public –add-port=10000-10003/tcp –permanent
firewall-cmd –zone=public –add-port=10048/tcp –permanent
firewall-cmd –zone=public –add-port=10058/tcp –permanent
firewall-cmd –zone=public –add-port=10076/tcp –permanent
firewall-cmd –zone=public –add-port=10078/tcp –permanent
firewall-cmd –zone=public –add-port=11110/tcp –permanent
firewall-cmd –zone=public –add-port=11222/tcp –permanent
firewall-cmd –zone=public –add-port=11112/tcp –permanent
firewall-cmd –zone=public –add-port=11122/tcp –permanent
firewall-cmd –zone=public –add-port=11123/tcp –permanent
firewall-cmd –reload