Skip to content
Permalink
master
Go to file
seven contributors

Users who have contributed to this file

 @fatedier  @IanSmith123  @Hyduan  @ericlarssen  @xcffl  @renmu123  @bighamx
1030 lines (715 sloc) 31.5 KB

frp

 Build Status

README | Chinese documents

FRP is a high-performance reverse proxy application that can be used for intranet penetration. It supports TCP and UDP protocols, provides additional capabilities for HTTP and HTTPS application protocols, and tentatively supports point-to-point penetration.

catalog

Development status

FRP is still in the development stage and has not been fully tested and verified, so it is not recommended for production environment.

The master branch is used to release stable versions, and the dev branch is used for development. You can try to download the latest release version for testing.

The current interaction protocol may change at any time, and backward compatibility is not guaranteed. When upgrading the new version, it is necessary to pay attention to the announcement and upgrade the server and client at the same time.

framework

 architecture

Examples of use

According to the corresponding operating system and architecture, from Release Page to download the latest version of the program.

take frps and frps.ini Put it on the machine with public IP.

take frpc and frpc.ini Put it on the machine in the Intranet environment.

Accessing intranet machine through SSH

  1. Modify the frps.ini file. Here, the most simplified configuration is used, and the port on which the FRP server receives client traffic is set
 # frps.ini
 [common]
 bind_ port = 7000
  1. Start FRPs:

./frps -c ./frps.ini

  1. Modify the frpc.ini file and assume that the public IP address of the server where FRPs is located is x.x.x.x
 # frpc.ini
 [common]
 server_ addr = x.x.x.x server_ port = 7000 [ssh]
 type = tcp local_ ip = 127.0.0.1 local_ port = 22 remote_ port = 6000

be careful, local_ port (client listening) and remote_ port (server side exposure) is used to access both ends of the FRP system, server_ port The server is used to communicate with the client.

  1. Start FRPC:

./frpc -c ./frpc.ini

  1. Access the intranet machine through SSH, assuming that the user name is test:

ssh -oPort=6000 test@x.x.x.x

Deployment of domain name access through the Intranet

Sometimes we want others to access or test the web services we built locally through the domain name. However, because the local machine does not have a public IP address, it is impossible to resolve the domain name to the local machine. This function can be realized through FRP. The following example is HTTP service. The configuration method of the HTTPS service is the same, Vhost_ http_ Port with Vhost_ https_ Set port and type to HTTPS.

  1. Modify the frps.ini file and set the HTTP access port to 8080
 # frps.ini
 [common]
 bind_ port = 7000 vhost_ http_ port = 8080
  1. Start FRPs:

./frps -c ./frps.ini

  1. Modify the frpc.ini file, assuming that the IP address of the server where FRPs is located is x.x.x.x, local_ Port is the port corresponding to the web service on the local machine, and is bound with a custom domain name www.yourdomain.com :
 # frpc.ini
 [common]
 server_ addr = x.x.x.x server_ port = 7000 [web]
 type = http local_ port = 80 custom_ domains = www.yourdomain.com
  1. Start FRPC:

./frpc -c ./frpc.ini

  1. take www.yourdomain.com The domain name a record of is resolved to IP x.x.x.x If the server already has a corresponding domain name, you can also resolve the CNAME record to the original domain name of the server.

  2. Access via browser http://www.yourdomain.com:8080 You can access the web service on the intranet machine.

Forward DNS query request

UDP protocol is usually used in DNS query request. FRP supports the penetration of UDP service in Intranet, and the configuration mode is basically the same as TCP.

  1. Modify the frps.ini file:
 # frps.ini
 [common]
 bind_ port = 7000
  1. Start FRPs:

./frps -c ./frps.ini

  1. The file will be forwarded to the server where the server is located, and the file will be forwarded to the server 8.8.8.8 UDP 53 port of:
 # frpc.ini
 [common]
 server_ addr = x.x.x.x server_ port = 7000 [dns]
 type = udp local_ ip = 8.8.8.8 local_ port = 53 remote_ port = 6000
  1. Start FRPC:

./frpc -c ./frpc.ini

  1. Test whether UDP packet forwarding is successful through dig, and expected to return www.google.com Domain name resolution results:

dig @x.x.x.x -p 6000 www.google.com

Forward UNIX domain socket

Access UNIX domain socket of Intranet through TCP port (for example, communicating with docker daemon).

The deployment steps of FRPs are the same as above.

  1. Start, FRPC enabled unix_ domain_ socket Plug ins are configured as follows:
 # frpc.ini
 [common]
 server_ addr = x.x.x.x server_ port = 7000 [unix_ domain_ socket]
 type = tcp remote_ port = 6000 plugin = unix_ domain_ socket plugin_ unix_ path = /var/run/docker.sock
  1. View docker version information through curl command

curl http://x.x.x.x:6000/version

Provide a simple file access service

adopt static_ file A plug-in provides a simple file access based on HTTP.

The steps of FRPs deployment are the same as above.

  1. Start FRPC, enable static_ file Plug ins are configured as follows:
 # frpc.ini
 [common]
 server_ addr = x.x.x.x server_ port = 7000 [test_ static_ file]
 type = tcp remote_ port = 6000 plugin = static_ file # Directory of files to be exposed
 plugin_ local_ path = /tmp/file # The prefix that will be removed from the access URL is the file path to be accessed
 plugin_ strip_ prefix = static plugin_ http_ user = abc plugin_ http_ passwd = abc
  1. Access via browser http://x.x.x.x:6000/static/ To view the /tmp/file Directory, you will be asked to enter the user name and password that has been set.

Enable HTTPS for local HTTP services

adopt https2http The plug-in can convert HTTP to local services.

  1. Enable FRPC, enable https2http Plug ins are configured as follows:
 # frpc.ini
 [common]
 server_ addr = x.x.x.x server_ port = 7000 [test_ htts2http]
 type = https custom_ domains = test.yourdomain.com plugin = https2http plugin_ local_ addr = 127.0.0.1:80 # Configuration related to HTTPS certificate
 plugin_ crt_ path = ./server.crt plugin_ key_ path = ./server.key plugin_ host_ header_ rewrite = 127.0.0.1 plugin_ header_ X-From-Where = frp
  1. Access via browser https://test.yourdomain.com That's fine.

Secure exposure of intranet services

For some services, if they are directly exposed to the public network, there will be security risks.

use stcp(secret tcp) A proxy of type can avoid allowing anyone to access the service to be penetrated, but the visitor also needs to run another FRPC.

The following example will create an SSH service proxy that only you can access.

The deployment steps of FRPs are the same as above.

  1. Start FRPC and forward the SSH service in the intranet. The configuration is as follows. You do not need to specify a remote port:
 # frpc.ini
 [common]
 server_ addr = x.x.x.x server_ port = 7000 [secret_ ssh]
 type = stcp # Only SK consistent users can access this service
 sk = abcdefg local_ ip = 127.0.0.1 local_ port = 22
  1. Start another FRPC on the machine where you want to access the service. The configuration is as follows:
 # frpc.ini
 [common]
 server_ addr = x.x.x.x server_ port = 7000 [secret_ ssh_ visitor]
 type = stcp # Visitors to STCP
 role = visitor # The name of the STCP proxy to access
 server_ name = secret_ ssh sk = abcdefg # Bind the local port to access the SSH service
 bind_ addr = 127.0.0.1 bind_ port = 6000
  1. Access the intranet machine through SSH, assuming that the user name is test:

ssh -oPort=6000 test@127.0.0.1

Point to point intranet penetration

FRP provides a new type of proxy xtcp It is used to deal with scenarios where a large amount of data is expected to be transmitted and the traffic does not pass through the server.

Use the same way stcp Similarly, frpcs need to be deployed on both sides to establish a direct connection.

At present, it is in the initial stage of development, and can not penetrate all types of NAT devices, so the penetration success rate is low. You can try when penetration fails stcp The way.

  1. In addition to the normal configuration, FRPs needs to configure an additional UDP port to support this type of client
 bind_ udp_ port = 7001
  1. Start FRPC and forward the SSH service in the intranet. The configuration is as follows. You do not need to specify a remote port:
 # frpc.ini
 [common]
 server_ addr = x.x.x.x server_ port = 7000 [p2p_ ssh]
 type = xtcp # Only SK consistent users can access this service
 sk = abcdefg local_ ip = 127.0.0.1 local_ port = 22
  1. Start another FRPC on the machine where you want to access the service. The configuration is as follows:
 # frpc.ini
 [common]
 server_ addr = x.x.x.x server_ port = 7000 [p2p_ ssh_ visitor]
 type = xtcp # Visitors to xtcp
 role = visitor # The name of the xtcp proxy to access
 server_ name = p2p_ ssh sk = abcdefg # Bind the local port to access the SSH service
 bind_ addr = 127.0.0.1 bind_ port = 6000
  1. Access the intranet machine through SSH, assuming that the user name is test:

ssh -oPort=6000 test@127.0.0.1

Function description

configuration file

Since FRP currently supports many functions and configuration items, functions not listed in the document can be found in the complete sample configuration file.

FRPs full configuration file

FRPC full configuration file

Render template configuration file

The configuration file supports template rendering using system environment variables, and the template format adopts the standard format of go.

The sample configuration is as follows:

 # frpc.ini
 [common]
 server_ addr = {{ .Envs.FRP_ SERVER_ ADDR }} server_ port = 7000 [ssh]
 type = tcp local_ ip = 127.0.0.1 local_ port = 22 remote_ port = {{ .Envs.FRP_ SSH_ REMOTE_ PORT }}

Start the FRPC program:

 export FRP_ SERVER_ ADDR="x.x.x.x"
export FRP_ SSH_ REMOTE_ PORT="6000"
./frpc -c ./frpc.ini

FRPC will automatically use the environment variables to render the configuration file template. All environment variables need to use the .Envs Is a prefix.

Dashboard

Check the status of FRP and agent statistics through browser.

Note: dashboard has not been optimized for a large number of proxy data presentation. If the dashboard access is slow, please do not enable this function.

You need to specify the port used by the dashboard service in frps.ini

 [common]
 dashboard_ port = 7500 # The user name and password of the dashboard are all admin by default
 dashboard_ user = admin dashboard_ pwd = admin

Open browser through http://[server_ addr]:7500 To access the dashboard interface, the default user name and password is admin

 dashboard

Admin UI

The admin UI can help users query and manage the proxy status and configuration of clients through the browser.

You need to specify the port used by the admin service in frpc.ini

 [common]
 admin_ addr = 127.0.0.1 admin_ port = 7400 admin_ user = admin admin_ pwd = admin

Open browser through http://127.0.0.1:7400 Access the admin UI. The user name and password are default admin

If you want to access the admin UI in the extranet environment, you can map the 7400 port, but you need to pay attention to the security risks.

monitor

FRPs when the dashboard is enabled, the internal monitoring will be enabled by default. The data is stored in the memory and will be cleared after each process restart. The monitoring data can be obtained by sending HTTP requests through the address of the dashboard.

Prometheus is also available as an optional monitoring system.

Prometheus

stay frps.ini Enable dashboard in the enable_ prometheus = true , then through http://{dashboard_ addr}/metrics Monitoring data of Prometheus can be obtained.

Client authentication

At present, FRPC and FRPs support two authentication methods, token and oidc

adopt frpc.ini and frps.ini in [common] Section's authentication_ method The validation method to be used for parameter configuration.

authenticate_ heartbeats = true Authentication information will be attached to each heartbeat packet.

authenticate_ new_ work_ conns = true Authentication information will be attached each time a new working connection is established.

Token

When authentication_ method = token , will enable token based authentication.

Need to be in frpc.ini and frps.ini Of [common] Set the same in section token

OIDC

When authentication_ method = oidc , oidc based authentication will be enabled.

Validation process reference Client Credentials Grant

Enable this authentication method, configure frpc.ini and frps.ini As follows:

 # frps.ini
 [common]
 authentication_ method = oidc oidc_ issuer = https://example-oidc-issuer.com/ oidc_ audience = https://oidc-audience.com/.default
 [common]
 authentication_ method = oidc oidc_ client_ id = 98692467-37de-409a-9fac-bb2585826f18 # Replace with OIDC client ID
 oidc_ client_ secret = oidc_ secret oidc_ audience = https://oidc-audience.com/.default oidc_ token_ endpoint_ url = https://example-oidc-endpoint.com/oauth2/v2.0/token

Encryption and compression

The compression function is enabled by default in fry. The compression function is enabled by using the compression agent

 # frpc.ini
 [ssh]
 type = tcp local_ port = 22 remote_ port = 6000 use_ encryption = true use_ compression = true

If the company's intranet firewall identifies and blocks the traffic of external network access, for example, the SSH protocol is prohibited use_ encryption = true To encrypt the communication between FRPC and FRPs will effectively prevent the traffic from being intercepted.

If the length of the transmitted message is long, set the use_ compression = true Compression of the transmission content can effectively reduce the network traffic between FRPC and FRPs, and accelerate the traffic forwarding speed, but it will consume some additional CPU resources.

TLS

Since the version of v0.25.0, encrypted transmission between FRPC and FRPs is supported by TLS protocol. Through the frpc.ini Of common Medium configuration tls_ enable = true To enable this feature, the security is higher.

For port reuse, the first byte of TLS connection established by FRP is 0x17.

Frini [common] in tls_ only Set to true to force FRPs to accept only TLS connections.

Note: after enabling this function, there is no need to set use except xtcp_ encryption。

Client hot load configuration file

When the agent configuration in FRPC is modified, you can use the frpc reload Command to dynamically load the configuration file, which usually completes the agent update in 10 seconds.

Enabling this feature requires enabling the admin port in FRPC to provide API services. The configuration is as follows:

 # frpc.ini
 [common]
 admin_ addr = 127.0.0.1 admin_ port = 7400

After that, execute the restart command:

frpc reload -c ./frpc.ini

After waiting for a period of time, the client will create, update and delete agents according to the new configuration file.

It should be noted that the parameters in [common] can not be modified except start.

Client view agent status

FRPC support through frpc status -c ./frpc.ini Command to view the status information of the agent. This function needs to configure the admin port in FRPC.

Port whitelist

In order to prevent ports from being used manually, frini allow_ ports To specify:

 # frps.ini
 [common]
 allow_ ports = 2000-3000,3001,3003,4000-50000

allow_ ports You can configure a specified port that is allowed to be used or all ports in a range to , The specified range is separated by - separate.

Port multiplexing

In the current FRPs vhost_ http_ port and vhost_ https_ port Support configuration to and bind_ port For the same port, FRPs will analyze the protocol of connection, and then conduct different processing.

For example, in some strictly restricted network environments, the bind_ port and vhost_ https_ port Set to 443.

Subsequent attempts will be made to allow multiple proxies to bind to different protocols on the same remote port.

Speed limit

Agent speed limit

At present, it supports setting the speed limit of proxy level in the proxy configuration of the client to limit the bandwidth occupied by a single proxy.

 # frpc.ini
 [ssh]
 type = tcp local_ port = 22 remote_ port = 6000 bandwidth_ limit = 1MB

Add in agent configuration bandwidth_ limit This feature is enabled for the field and is currently only supported MB and KB Company.

TCP multiplexing

Since the version of v0.10.0, the connection between the client and the server supports multiplexing, and it is no longer necessary to create a connection for each user request, which reduces the delay of connection establishment, avoids the occupation of a large number of file descriptors, and enables FRP to carry a higher number of concurrent transmissions.

This function is enabled by default. If it needs to be turned off, it can be configured in frps.ini and frpc.ini. The configuration item must be consistent on the server and client side

 # In frps.ini and frpc.ini
 [common]
 tcp_ mux = false

Optional KCP protocol for Bottom Communication

However, KCP can significantly improve the efficiency of the underlying transport protocol in the weak network.

Enable KCP protocol support:

  1. Enable KCP protocol support in frps.ini and specify a UDP port for receiving client requests
 # frps.ini
 [common]
 bind_ port = 7000 # KCP is bound to the UDP port, which can be bound with bind_ Port is the same
 kcp_ bind_ port = 7000
  1. At present, only TCP and KCP are supported. Other agent configurations do not need to be changed:
 # frpc.ini
 [common]
 server_ addr = x.x.x.x # server_ Port is specified as KCP of FRPs_ bind_ port
 server_ port = 7000 protocol = kcp
  1. To use FRP as before, you need to pay attention to opening the port access rights of UDP on the relevant machine.

Connection pool

By default, FRPs only requests FRPC to establish a connection with the back-end service after the user requests to establish a connection. When the connection pool is enabled for the specified agent, FRP will establish a specified number of connections with the back-end service in advance. After receiving the user's request, it will take a connection from the connection pool and associate it with the user's connection, thus avoiding waiting for the connection to be established with the back-end service and transferring control information between FRPC and FRPs.

This function is more suitable for a large number of short connection requests.

  1. First of all, you can set the upper limit of the connection pool that each agent can create in frps.ini to avoid a large amount of resource occupation. If the client setting exceeds this configuration, it will be adjusted to the current value:
 # frps.ini
 [common]
 max_ pool_ count = 5
  1. In frpc.ini, enable connection pooling for clients and specify the number of pre created connections:
 # frpc.ini
 [common]
 pool_ count = 1

load balancing

Multiple proxies of the same type can be added to the same group to achieve load balancing.

Currently, only TCP and HTTP proxy are supported.

 # frpc.ini
 [test1]
 type = tcp local_ port = 8080 remote_ port = 80 group = web group_ key = 123 [test2]
 type = tcp local_ port = 8081 remote_ port = 80 group = web group_ key = 123

When a user connects to port 80 of the FRPs server, FRPs will randomly distribute the received user connections to one of the surviving proxies. The FRPC can still provide services after the other nodes hang up.

TCP type proxy requirements group_ key The same, do permission verification, and remote_ port The same.

HTTP type proxy requirements group_ key, custom_ Domains or subdomains and locations The same.

health examination

By adding health check function to proxy, the service can be removed from FRPs when the service to be reverse proxy fails. With the function of load balancing, it can be used to achieve a highly available architecture and avoid single point of service failure.

Add the health_ check_ type = {type} To enable the health check feature.

type Currently, TCP and HTTP are optional.

If the HTTP request can be considered as normal service only if the HTTP connection can be established.

The TCP sample configuration is as follows:

 # frpc.ini
 [test1]
 type = tcp local_ port = 22 remote_ port = 6000 # Enable health check, type TCP
 health_ check_ type = tcp # The connection establishment timeout is 3 seconds
 health_ check_ timeout_s = 3 # If three consecutive checks fail, the proxy will be removed
 health_ check_ max_ failed = 3 # Take a health check every 10 seconds
 health_ check_ interval_s = 10

The HTTP sample configuration is as follows:

 # frpc.ini
 [web]
 type = http local_ ip = 127.0.0.1 local_ port = 80 custom_ domains = test.yourdomain.com # Enable health check of type http
 health_ check_ type = http # The health check sends the URL of HTTP request, and the back-end service needs to return 2XX HTTP status code
 health_ check_ url = /status health_ check_ interval_s = 10 health_ check_ max_ failed = 3 health_ check_ timeout_s = 3

Modify host header

In general, FRP does not modify any data forwarded. However, some back-end services will display different websites according to the host field in the HTTP request header, such as the virtual host service of nginx. Enabling the modification function of host header can dynamically modify the host field in the HTTP request. This feature is limited to HTTP type proxies.

 # frpc.ini
 [web]
 type = http local_ port = 80 custom_ domains = test.yourdomain.com host_ header_ rewrite = dev.yourdomain.com

The host field in the original HTTP request test.yourdomain.com Forward to the back-end service is replaced with dev.yourdomain.com

Set the header of the HTTP request

about type = http You can set the header parameters that are added dynamically in forwarding.

 # frpc.ini
 [web]
 type = http local_ port = 80 custom_ domains = test.yourdomain.com host_ header_ rewrite = dev.yourdomain.com header_ X-From-Where = frp

For all the header_ The initial parameters (supporting multiple configuration at the same time) will be added to the HTTP request header. According to the above configuration, it will be added to the header of the request X-From-Where: frp

Get the user's real IP

HTTP X-Forwarded-For

At present, only http This type of request can be supported by the user's proxy X-Forwarded-For To get the user's real IP address, which is enabled by default.

Proxy Protocol

FRP support through Proxy Protocol This function supports all types of TCP as the underlying protocol, and does not support UDP.

Proxy Protocol After the function is enabled, FRPC will first send a segment after establishing a connection with the local service Proxy Protocol The local service can obtain the real IP address of the user by parsing the content. Therefore, not only HTTP service, any TCP service, as long as it supports this protocol, can obtain the user's real IP address.

It should be noted that if this function is to be enabled in the agent configuration, it needs to be supported by local services Proxy Protocol At present, nginx and haproxy can support this protocol very well.

Here, take the type of HTTPS as an example:

 # frpc.ini
 [web]
 type = https local_ port = 443 custom_ domains = test.yourdomain.com # At present, it supports both V1 and V2 proxy protocol.
 proxy_ protocol_ version = v2

Just add a line to the agent configuration proxy_ protocol_ version = v2 This function can be turned on.

The local HTTPS service can be enabled through the configuration of nginx Proxy Protocol And set the result in the X-Real-IP In this header, you can use the X-Real-IP Get the user's real IP.

Protect your web service with a password

Since all clients share the same FRPs HTTP service port, anyone who knows your domain name and URL can access the web services that you deploy on the intranet, but in some scenarios, you need to ensure that only limited users can access it.

FRP supports HTTP basic auth to protect your web services, so that users can access your services through user name and password.

At present, this function is only limited to HTTP type proxy. It needs to add the user name and password settings in the proxy configuration of FRPC.

 # frpc.ini
 [web]
 type = http local_ port = 80 custom_ domains = test.yourdomain.com http_ user = abc http_ pwd = abc

Access via browser http://test.yourdomain.com , you need to enter the configured user name and password to access.

Custom secondary domain name

When many people use a FRPs at the same time, it will be more convenient to use it by customizing the secondary domain name.

By configuring in the FRPs configuration file subdomain_ host To enable this feature. After that, it can not be configured in the HTTP and HTTPS proxy of FRPC custom_ domains , but configure a subdomain Parameter.

You just need to *.{subdomain_ host} Resolve to the server where FRPs is located. After that, users can use the subdomain Specify the secondary domain name required by your own web service through {subdomain}.{subdomain_ host} To access your own web services.

 # frps.ini
 [common]
 subdomain_ host = frps.com

Will pan domain name *.frps.com Resolve to the address of the server where the FRPs is located.

 # frpc.ini
 [web]
 type = http local_ port = 80 subdomain = test

Both FRPC and FRPs are successfully started test.frps.com You can access the intranet web services.

Note: if FRPs is configured subdomain_ host , then custom_ domains Cannot belong to subdomain_ host Sub domain name or pan domain name of.

In the same HTTP or HTTPS proxy custom_ domains and subdomain It can be configured at the same time.

URL routing

FRP supports routing and forwarding to different back-end services according to the URL path of the request.

Through the locations Field specifies the URL prefix that one or more proxies can match (currently only maximum prefix matching is supported, and regular matching is considered later). For example, specify locations = /news , then all URLs are /news The first request is forwarded to the service.

 # frpc.ini
 [web01]
 type = http local_ port = 80 custom_ domains = web.yourdomain.com locations = / [web02]
 type = http local_ port = 81 custom_ domains = web.yourdomain.com locations = /news,/about

After configuration according to the example above, web.yourdomain.com In this domain name /news as well as /about All URL requests prefixed are forwarded to Web02, and the rest are forwarded to web01.

TCP port multiplexing type

FRP supports routing connections received by a single port to different agents, similar to vhost_ http_ port and vhost_ https_ port

At present, only multiplexers are supported httpconnect

When frps.ini Of [common] Set in tcpmux_ httpconnect_ port FRPs will listen on this port to receive HTTP connect requests.

FRPs routes to different back-end agents based on the host in the HTTP connect request.

The configuration is as follows:

 # frps.ini
 [common]
 bind_ port = 7000 tcpmux_ httpconnect_ port = 1337
 # frpc.ini
 [common]
 server_ addr = x.x.x.x server_ port = 7000 [proxy1]
 type = tcpmux multiplexer = httpconnect custom_ domains = test1 [proxy2]
 type = tcpmux multiplexer = httpconnect custom_ domains = test2

If the above request is received through HTTP connect:

 CONNECT test1 HTTP/1.1\r\n\r\n

The connection will be routed to proxy1.

Connect to FRPs through proxy

Proxy can only be used to communicate with proxy in the environment of HTTP.

You can set the HTTP_ PROXY Or through the FRPC configuration file http_ proxy Parameter to use this function.

Only in protocol = tcp It will take effect at.

 # frpc.ini
 [common]
 server_ addr = x.x.x.x server_ port = 7000 http_ proxy = http://user:pwd@192.168.1.128:8080

Range port mapping

Multiple ports can be mapped in the configuration file of FRPC. Currently, only TCP and UDP types are supported.

This function is implemented through range: The client will parse the configuration in the tag and split it into multiple proxies. Each proxy is named with a number as the suffix.

For example, to map the six local ports 6000-6005 and 6007, the main configurations are as follows:

 # frpc.ini
 [range:test_ tcp]
 type = tcp local_ ip = 127.0.0.1 local_ port = 6000-6006,6007 remote_ port = 6000-6006,6007

After the actual connection is successful, eight proxies will be created, named test_ tcp_ 0, test_ tcp_ 1 ... test_ tcp_7

Client plug in

By default, FRPC will only forward requests to the local TCP or UDP port.

The client plug-in mode is to provide more abundant functions on the client side. Currently, the built-in plug-ins include unix_ domain_ socket http_ proxy socks5 static_ file Please refer to Examples of use

adopt plugin Specify the plug-in to be used. The configuration parameters of plug-ins are plugin_ start. After using the plug-in local_ ip and local_ port Configuration is no longer required.

use http_ proxy Examples of plug-ins:

 # frpc.ini
 [http_ proxy]
 type = tcp remote_ port = 6000 plugin = http_ proxy plugin_ http_ user = abc plugin_ http_ passwd = abc

plugin_ http_ user and plugin_ http_ passwd mean http_ proxy Optional configuration parameters for the plug-in.

Server side management plug-in

instructions

from gofrp/plugin Find more in plug-ins.

Development plan

The functions and optimizations planned to be added in subsequent versions will not be ranked in any order. If there are other functions, you are welcome to issues Medium feedback.

  • FRPs records HTTP request log.

Contribute to FRP

FRP is a free and open source project, we welcome anyone to contribute to its development and progress.

  • If there is any problem in the use process, you can use the issues To give feedback.
  • Bug repair can directly submit a pull request to the dev branch.
  • If you want to add a new feature, please create an issue and give a brief description and general implementation method. After the proposal is adopted, you can create a pull request to implement the new feature.
  • Welcome to improve the documentation to help more people use FRP, especially in English.
  • For contribution code, please submit PR to dev branch. Master branch is only used to release stable and available version.
  • If you have any other questions, please feel free to fatedier@gmail.com Communicate together.

Reminder: project related issues are best found in issues In this way, it is convenient for other people with similar problems to quickly find solutions, and it also avoids us from answering some questions repeatedly.

donation

If you feel that FRP is helpful to you, you are welcome to give us some donations to maintain the long-term development of the project.

Knowledge planet

If you want to learn FRP related knowledge and technology, or seek any help, you can pay to join the official community of knowledge planet by scanning the QR code at the bottom of wechat:

 zsxq

Alipay scanning donation

 donate-alipay

Wechat payment donation

 donate-wechatpay

PayPal donation

Recommended by overseas users Paypal To my account fatedier@gmail.com Make a donation.

You can’t perform that action at this time.