frp+nginx内网穿透

  • A+
所属分类:linux技术
摘要

背景:自己有台内网Linux主机,希望被外网访问(ssh、http、https);找一台可以访问s主机的电脑验证:
便宜好用的国外VPS推荐

frp+nginx内网穿透

背景:自己有台内网Linux主机,希望被外网访问(ssh、http、https);

准备工作

  1. 内网Linux主机-c,可以访问c主机和外网的主机-s(windows/linux)
  2. 官网下载nginx到s:https://nginx.org/en/download.html
  3. github上下载windows版frp到s:https://github.com/fatedier/frp/releases
  4. github上下载linux版frp到c:https://github.com/fatedier/frp/releases

s端配置步骤

  1. 配置nginx:
#443端口https请求反向代理 server { 	#监听端口 	listen       443 ssl; 	server_name  localhost; 	 	#ssl自签证书请参考我另一篇文章 https://www.cnblogs.com/zhoux123/p/14753126.html 	ssl_certificate      server.crt; 	ssl_certificate_key  server.key; 	 	ssl_session_cache    shared:SSL:1m; 	ssl_session_timeout  5m; 	 	ssl_ciphers  HIGH:!aNULL:!MD5; 	ssl_prefer_server_ciphers  on; 	 	location / { 		#反向代理地址 		proxy_pass http://localhost:8088; 	} }
  1. 配置frps.ini
[common] #日志输出路径:默认控制台 #log_file = ./frps.log  #日志输出等级:trace, debug, info, warn, error(默认info) #log_level = trace  #s端和c端建立连接绑定的端口,默认7000 bind_port = 7000  #此端口上的http请求将会转发到c端 vhost_http_port = 8088
  1. 启动nginx服务
  2. 启动c端frps服务:./frps -c ./frps.ini,日志如下
2021/05/11 22:35:24 [I] [service.go:192] frps tcp listen on 0.0.0.0:7000 2021/05/11 22:35:24 [I] [service.go:235] http service listen on 0.0.0.0:8088 2021/05/11 22:35:24 [I] [root.go:209] frps started successfully

c端配置步骤

  1. 配置frpc.ini
[common] #日志输出路径:默认控制台 #log_file = ./frpc.log #日志输出等级:trace, debug, info, warn, error(默认info) #log_level = trace #s端地址 server_addr = 192.168.137.1 #s端和c端建立连接绑定的端口,默认7000 server_port = 7000  [ssh] type = tcp local_ip = 127.0.0.1 #默认22端口,termux为8022 local_port = 8022 remote_port = 6000  [http] type = http #s端的http请求将会转发到此端口 local_port = 8080 #s端地址,可同时设置多个,英文逗号隔开 custom_domains = localhost,127.0.0.1,192.168.137.1
  1. 启动c端frpc服务:./frpc -c ./frpc.ini,日志如下:
2021/05/11 22:41:43 [I] [service.go:304] [02c28f30442a89bd] login to server success, get run id [02c28f30442a89bd], server udp port [0] 2021/05/11 22:41:43 [I] [proxy_manager.go:144] [02c28f30442a89bd] proxy added: [ssh http] 2021/05/11 22:41:43 [I] [control.go:180] [02c28f30442a89bd] [http] start proxy success 2021/05/11 22:41:43 [I] [control.go:180] [02c28f30442a89bd] [ssh] start proxy success

验证

找一台可以访问s主机的电脑验证:

  1. 验证ssh:ssh root@192.168.137.1 -p 7000
  2. 验证http:http://192.168.137.1:8088
  3. 验证https:https://192.168.137.1https://192.168.137.1:443

尊重原创,转载请标明出处,谢谢

便宜好用的国外VPS推荐