1、frp Introduce

frp It is a high performance reverse proxy application focusing on Intranet penetration , Support TCP、UDP、HTTP、HTTPS Other protocols . You can make intranet services secure 、 Convenient way through the public network IP Node transfer is exposed to the public network .

 frp amd64 Version download address ：

link ：https://pan.baidu.com/s/1dWJAOmzgvKkCs-7lyyOamg   

Extraction code ：kdml 

​
Official documents ：https://gofrp.org/docs/

Official website download address ：

https://github.com/fatedier/frp/releases 

( contain amd64、arm64、mips64el、linux Source package and windows package ）

2、 Experimental environment

Internet host ：centos7.5  x86_64 Hua Wei Yun Public network ip：124.71.168.106

Intranet host ： Galaxy Unicorn V10 Desktop 0710 x86_64  Intranet ip：192.168.1.5（ Both server and desktop versions are ok ）

The network environment ： Intranet hosts can access the Internet

The experiment purpose ： You can access the intranet host through the external host , Achieve intranet penetration , With ssh service 22 Port as an example , Through the external network host, you can ssh To intranet host

​

3、frp Server side （ Internet host ） build

# tar -xvf  frp_0.26.0_linux_amd64.tar.gz      // download frp Install the package and unzip

# cd frp_0.26.0_linux_amd64

# vim  frps.ini        // Modify the server configuration file ,frps finger server End ,frpc finger client End

[common]
# The port bound to the client for communication , Just find a port that is not in use 
bind_port = 7000

#http Access port of , Not http The agreement may not be written , Just find a port that is not in use 
vhost_http_port=6781

#https Access port of （ If necessary ）
vhost_https_port = 6782,, Just find a port that is not in use 

# ./frps  -c  ./frps.ini       // The business environment can be executed in the background , The terminal execution here is for the convenience of reading logs

4、frp client （ Intranet host ） build

# tar -xvf  frp_0.26.0_linux_amd64.tar.gz      // download frp Install the package and unzip

# cd frp_0.26.0_linux_amd64

# vim  frpc.ini        // modify frp Client configuration file ,frps finger server End ,frpc finger client End

[common]
# Internet host address 
server_addr = 124.71.168.106

# The port bound to the server for communication 
server_port = 7000     # Keep consistent with the port used by the server 


[ssh]
type = tcp             # agreement 
local_ip = 127.0.0.1   # Local intranet host ip
local_port = 22        # Local intranet host ssh Actual port 
remote_port = 6000     # The port used for forwarding the external network host of the server , Just find a port that is not in use 


# Here is web and rdp Templates , You can leave it blank if you don't need it 
#[http]
#type = http
#local_port = 1444
#remote = 6001
#custom_domains = www.xxxx.com

#[rdp]
# Part is to connect Windows Remote desktop 
#type = tcp
#local_ip = 127.0.0.1
#local_port = 3389
#remote_port = 3389
#custom_domains = www.xxxxx.cn

#  ./frpc   -c   ./frpc.ini       // The business environment can be executed in the background , The terminal execution here is for the convenience of reading logs

 5、 Connectivity check

When both the server and the client are started , You can go to the external network host of the server to see that the connection between the server and the client is successful

6、 Result test

On the server （ Internet host ） Another terminal ,ssh visit

# ssh [email protected] -p 6000      // To access the Internet host 6000 The port will be forwarded to the intranet host 22 port

  Penetration success ！