Classification of other articles

There is no problem in setting up agents in general settings, but today we have to operate websockt.

 Server {
location / {
proxy_ Pass Http://127.0.0.1 : 10086; 
proxy_ Set_ Header Host $host; 
proxy_ Set_ Header X-Real-IP $remote_ Addr; 
proxy_ Set_ Header X-Forwarded-For $proxy_ Add_ X_ Forwarded_ For; 
proxy_ Set_ Header REMOTE-HOST $remote_ Addr; 
proxy_ Http_ Version 1.1; 
proxy_ Read_ Timeout 300s;}}

Nginx -t Once

The following errors will occur:
Nginx: [emerg] unknown "connection_ Upgrade "variable

This is where there is a pit.

It involves a design problem of nginx. End-to-end and Hop-by-hop Headers
I am still talking about it here, so as not to mislead my children.

Map sets up mapping tables for one or more variables in nginx.

Here are a few configurations to add:

 Http {
map $http_ Upgrade $connection_ Upgrade {
default upgrade; close '; 
}

server {
location / { 
proxy_ Set_ Header Upgrade $http_ Upgrade; 
proxy_ Set_ Header Connection $connection_ Upgrade;

In XX month XX, I started raspberry pie 3b, a treasure 300, the list is as follows:

  • Board 199
  • Power 35 (actually I have 5v2a charger and rechargeable treasure).
  • Spicy chicken wireless keyboard 30
  • Acrylic shell 15
  • Fan and fan hot piece about 10 pieces.

Strangely enough, E14, a homemade board I bought, sent RS in England.

Of course, there must be a memory card, I have a 8g, but I still went to the dog east to buy three mulberry 64G Evo, 130 OK, do not care about the appearance of the fan keyboard can not, and then buy a 16G card, 300 within the affirmation can be done.

Back to the subject.

At ordinary times, I have to go to work. When I left home, I bought a bunch of spicy chicken with my family at 300 and put it at home.

As a user who once used ngrok, ngrok is really spicy chicken.

Installation configuration is quite troublesome, after configuration is completed, there are various problems, connection failure, drop line, XXX problem.

Fight to use other people's ngrok free service (here is not advertising), there are also dropped issues, user experience is not good, give up!

But after starting school, I chose to see ngrok. The problem of the server is fine, but there are still many problems to be solved. FRP Up


Domestic conscience software (I just want to blow it), simple configuration, easy to use, easy to deploy, and low resource consumption (I have no money to collect).

The key is to have Chinese document !!! Chinese language!!! Chinese!!! Middle!!!

0x0

Here I use the virtual machine, I am now in the company, sent to the home, if I restart the FRP to drop the line, then there will be no later operation. )

Virtual machine configuration (here is equivalent to raspberry pie).

  • CentOS Linux release 7.4.1708 (Core)
  • Kernel version 3.10.0-693.11.6.el7.x86_ Sixty-four
  • Architecture x86_ Sixty-four
  • Memory 512M
  • CPU2 core

Server configuration
Goose factory Hongkong 1 Yuan machine

  • CentOS Linux release 7.4.1708 (Core)
  • Kernel version 3.10.0-514.21.1.el7.x86_ Sixty-four
  • Architecture x86_ Sixty-four
  • Memory 1G
  • CPU1 core
  • Bandwidth 1M

In their Release Page select the version you want to use.

Here I use it. Frp_ 0.15.1_ Linux_ Amd64. Tar.gz This bag, if you want to use the raspberry sent 3B version, the official arm package is used to be problematic, my pie is archlinux system. The compiled client package is here frpc-0.15.1- Raspberrypi.zip If you want to install archlinuxarm, you can read my article.

The preparations are over.

Of course, all of these operations are done when you can use existing binary files.

0x1

Note: the next operation is operated by root users. Other users should judge the sudo command by themselves.

 WGet --no-check-certificate Https://github.com/fatedier/frp/releases/download/v0.15.1/frp_ 0.15.1_ Linux_ Amd64. Tar.gz

 Tar -xvf frp_ 0.15.1_ Linux_ Amd64. Tar.gz

 CD frp_ 0.15.1_ Linux_ Amd64

ls -al / / same as ll command.

The files after decompression should be the following sauce.

 FRP unzip file list

Client

Delete the following files

 RM FRPs frps_ Full.ini Frps.ini LICENSE

Client retained files
 Client retained files

Server side

Delete the following files

 RM FRPC frpc_ Full.ini Frpc.ini LICENSE

File retained by server
 File retained by server

      • -

Reminder

FRP X A kind of Full.ini The configuration is all permitted by the government. FRP X .ini Based configuration ( Suggested use Or you don't know where you are wrong.

Here X represents the C of the client and the s of the server.

0x2

Here I use Basic configuration file

Server side Need to open Seven thousand Monitoring FRP services, Six thousand Monitor and forward client SSH services

The server open port is executed as follows

Pong friends using iptables

 Iptables -A INPUT -p TCP --dport 7000 -j ACCEPT
iptables -A INPUT -p INPUT 6000

Pong friends using firewalld

 Firewall-cmd --zone=public --add-port=7000/tcp --permanent
firewall-cmd --zone=public --add-port=6000/tcp --permanent
firewall-cmd --reload

0x3

The foundation is ready to start running FRP.

Server side

We perform the following operation and start running the FRPs server.

 ./frps -c. / Frps.ini

The running state is as follows: (1) what security problems are there?
 Open FRPs server

Client

We need to configure the server IP address to penetrate into the external network, so we need to use it. Nano , VI , VIM The editor modifies the configuration file. Server_ Addr

 [common]
server_ Addr = your server ip
server_ Port = 7000

The modification can be saved and the following operation is performed.

 ./frpc -c. / Frpc.ini

Look! ID has been allocated, SSH has successfully surrogate.
 Successful connection

At this point, if you look back at the console of the server, you will also have successful news.

0x4

You can now test whether SSH can successfully connect to the virtual machine.

It can be seen very clearly that there are two online users. Pts/0 The user is executing the commands before us.
 Beautiful

FRP has been successfully run here.

But...

We can't keep the terminal open. Here I share my startup stop script.

The script is not applicable. Write it yourself.

0x?

It's been a long time since the last time this tutorial was published. It's also said that it is necessary to send SSH's password free landing. The login of public keys on several servers is different.

Good night Love you!