文章目录

之前写过一篇无公网IP通过ZeroTier方便实现内网穿透的文章，由于ZeroTier服务受网络环境影响，速度太慢，于是决定通过frp来替代它。

frp内网穿透是通过一个带有公网IP的服务器进行中转，对被控主机实现反向代理，用户通过访问frps（中转服务器）来实现对frpc（被控主机）的远程访问。

frp流程图如下：

frp项目地址：https://github.com/fatedier/frp

本实验环境以阿里云服务器作为中转机，中转服务器使用Centos7.6，被控主机使用Centos7.6，用户使用Windows10
由于网络原因，文中链接已经替换成了本地链接，如不放心，请自行去GitHub下载

frps中转服务器配置 {#title-0}

1、下载frp

在一台有公网IP的主机上配置frps，我这里以阿里云Centos7.x主机为例
wget https://down.whsir.com/downloads/frp_0.27.0_linux_amd64.tar.gz tar xf frp_0.27.0_linux_amd64.tar.gz mv frp_0.27.0_linux_amd64 /usr/local cd /usr/local/frp_0.27.0_linux_amd64 rm -f frpc*

|-----------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | 1 2 3 4 5 | wget https://down.whsir.com/downloads/frp_0.27.0_linux_amd64.tar.gz tar xf frp_0.27.0_linux_amd64.tar.gz mv frp_0.27.0_linux_amd64 /usr/local cd /usr/local/frp_0.27.0_linux_amd64 rm -f frpc* |

2、配置frps

这里使用最基础的配置
vi frps.ini

|---|-------------| | 1 | vi frps.ini |

[common] bind_port = 7000 dashboard_user = whsir dashboard_pwd = blog.whsir.com dashboard_port = 8000

|-------------|---------------------------------------------------------------------------------------------------------| | 1 2 3 4 5 6 | [common] bind_port = 7000 dashboard_user = whsir dashboard_pwd = blog.whsir.com dashboard_port = 8000 |

3、启动frps

配置启动服务
vi /etc/systemd/system/frps.service

|---|-------------------------------------| | 1 | vi /etc/systemd/system/frps.service |

[Unit] Description=frps daemon After=syslog.target network.target Wants=network.target [Service] Type=simple ExecStart=/usr/local/frp_0.27.0_linux_amd64/frps -c /usr/local/frp_0.27.0_linux_amd64/frps.ini [Install] WantedBy=multi-user.target

|-------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | 1 2 3 4 5 6 7 8 9 10 11 | [Unit] Description=frps daemon After=syslog.target network.target Wants=network.target [Service] Type=simple ExecStart=/usr/local/frp_0.27.0_linux_amd64/frps -c /usr/local/frp_0.27.0_linux_amd64/frps.ini [Install] WantedBy=multi-user.target |

systemctl enable frps systemctl start frps

|-----|--------------------------------------------| | 1 2 | systemctl enable frps systemctl start frps |

4、访问监控平台

http://公网IP:8000

账号whsir

密码blog.whsir.com

如果访问不了，请使用ss -lnt命令检查端口是否启动，是否因为防火墙原因拦截。

至此frps中转服务器配置完成

frpc内网主机配置 {#title-1}

1、内网主机下载frp
wget https://down.whsir.com/downloads/frp_0.27.0_linux_amd64.tar.gz tar xf frp_0.27.0_linux_amd64.tar.gz mv frp_0.27.0_linux_amd64 /usr/local cd /usr/local/frp_0.27.0_linux_amd64 rm -f frps*

|-----------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | 1 2 3 4 5 | wget https://down.whsir.com/downloads/frp_0.27.0_linux_amd64.tar.gz tar xf frp_0.27.0_linux_amd64.tar.gz mv frp_0.27.0_linux_amd64 /usr/local cd /usr/local/frp_0.27.0_linux_amd64 rm -f frps* |

2、配置frpc

其中x.x.x.x表示frps中转服务器IP地址

ssh字段：local_port = 22示被控（内网）主机的ssh端口，remote_port = 6000表示ssh中转端口

web字段：local_port = 80表示被控（内网）主机的web端口，remote_port = 8081表示web中转端口
vi frpc.ini

|---|-------------| | 1 | vi frpc.ini |

[common] server_addr = x.x.x.x server_port = 7000 [ssh] type = tcp local_ip = 127.0.0.1 local_port = 22 remote_port = 6000 [web] type = tcp local_ip = 127.0.0.1 local_port = 80 remote_port = 8081

|-------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | [common] server_addr = x.x.x.x server_port = 7000 [ssh] type = tcp local_ip = 127.0.0.1 local_port = 22 remote_port = 6000 [web] type = tcp local_ip = 127.0.0.1 local_port = 80 remote_port = 8081 |

3、启动frpc

配置启动服务
vi /etc/systemd/system/frpc.service

|---|-------------------------------------| | 1 | vi /etc/systemd/system/frpc.service |

[Unit] Description=frpc daemon After=syslog.target network.target Wants=network.target [Service] Type=simple ExecStart=/usr/local/frp_0.27.0_linux_amd64/frpc -c /usr/local/frp_0.27.0_linux_amd64/frpc.ini [Install] WantedBy=multi-user.target

|-------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | 1 2 3 4 5 6 7 8 9 10 11 | [Unit] Description=frpc daemon After=syslog.target network.target Wants=network.target [Service] Type=simple ExecStart=/usr/local/frp_0.27.0_linux_amd64/frpc -c /usr/local/frp_0.27.0_linux_amd64/frpc.ini [Install] WantedBy=multi-user.target |

systemctl enable frpc systemctl start frpc

|-----|--------------------------------------------| | 1 2 | systemctl enable frpc systemctl start frpc |

至此frpc被控主机配置完成

此时可通过x.x.x.x:6000连接内网ssh，通过http://x.x.x.x:8081访问内网主机web，访问速度取决于带宽