当前位置:网站首页>FRP intranet penetration, reverse proxy
FRP intranet penetration, reverse proxy
2022-07-04 05:47:00 【GoCoding】
frp It is a high performance reverse proxy application focusing on Intranet penetration , Support TCP、UDP、HTTP、HTTPS Other protocols . You can make intranet services secure 、 Convenient way through the public network IP Node transfer is exposed to the public network .
This article will expose the intranet Web Service as an example , practice frp Installation and deployment of . More scenarios , so frp Example .
install
frp Mainly by client (frpc) and Server side (frps) form , The server is usually deployed in a network with a public network IP On the machine , The client is usually deployed on the machine where the intranet service needs to be penetrated .
Can be in Github Of Release Page to download the latest version of the client and server binary files .
Article public network 、 Intranet machines are Linux x86_64, So I chose frp_0.39.0_linux_amd64.tar.gz. decompression :
$ tar xzvf frp_0.39.0_linux_amd64.tar.gz
frp_0.39.0_linux_amd64/
frp_0.39.0_linux_amd64/frps
frp_0.39.0_linux_amd64/frps_full.ini
frp_0.39.0_linux_amd64/systemd/
frp_0.39.0_linux_amd64/systemd/[email protected]
frp_0.39.0_linux_amd64/systemd/[email protected]
frp_0.39.0_linux_amd64/systemd/frpc.service
frp_0.39.0_linux_amd64/systemd/frps.service
frp_0.39.0_linux_amd64/LICENSE
frp_0.39.0_linux_amd64/frpc.ini
frp_0.39.0_linux_amd64/frpc_full.ini
frp_0.39.0_linux_amd64/frps.ini
frp_0.39.0_linux_amd64/frpc
Public network
Copy frps File into the public network machine , Assume that IP by x.x.x.x:
scp frps* [email protected]:
modify frps.ini file , Set listening HTTP The request port is 8080:
cat <<-EOF > ~/frps.ini
[common]
bind_port = 7000
vhost_http_port = 8080
EOF
install supervisor Deployment , The backstage runs for a long time :
# install supervisor
sudo apt install supervisor -y
# Add the configuration
sudo -i
cat <<-EOF >> /etc/supervisor/supervisord.conf
[program:frps]
directory=/home/ubuntu
command=/home/ubuntu/frps -c /home/ubuntu/frps.ini
priority=999
autostart=true
autorestart=true
startsecs=10
startretries=3
stdout_logfile=/var/log/frps_out.log
stdout_logfile_maxbytes=1MB
stdout_logfile_backups=10
stdout_capture_maxbytes=1MB
stderr_logfile=/var/log/frps_err.log
stderr_logfile_maxbytes=1MB
stderr_logfile_backups=10
stderr_capture_maxbytes=1MB
environment=
nocleanup=false
EOF
exit
# Update service
sudo supervisorctl update all
# View service
sudo supervisorctl status all
Intranet
Copy frpc File into intranet machine , Assume that IP by 192.168.1.100:
scp frpc* [email protected]:
modify frpc.ini file , hypothesis frps Of the server IP by x.x.x.x,local_port On the local machine Web The port the service listens on , Bind custom domain name as custom_domains.
cat <<-EOF > ~/frpc.ini
[common]
server_addr = x.x.x.x
server_port = 7000
[web]
type = http
local_port = 8000
custom_domains = www.yourdomain.com
EOF
take www.yourdomain.com Domain name of A The record resolves to IP x.x.x.x.
If the server already has a corresponding domain name , Can also be CNAME The record resolves to the original domain name of the server . Or you can modify HTTP Requested Host Field to achieve the same effect .
Simple operation service , To test :
# function HTTP service
python3 -m http.server 8000
# function frpc service
./frpc -c ./frpc.ini
# Access test
curl http://www.yourdomain.com:8080/
With systemd Deployment , The backstage runs for a long time :
# Copy files
sudo cp frpc /usr/bin/frpc
sudo mkdir -p /etc/frp
sudo cp frpc.ini /etc/frp/frpc.ini
# Add the configuration (frp Given systemd To configure )
sudo -i
cat <<-EOF > /etc/systemd/system/frpc.service
[Unit]
Description=Frp Client Service
After=network.target
[Service]
Type=simple
User=nobody
Restart=on-failure
RestartSec=5s
ExecStart=/usr/bin/frpc -c /etc/frp/frpc.ini
ExecReload=/usr/bin/frpc reload -c /etc/frp/frpc.ini
LimitNOFILE=1048576
[Install]
WantedBy=multi-user.target
EOF
exit
# Overload configuration
sudo systemctl daemon-reload
# Boot up
sudo systemctl enable frpc.service
# Start the service
sudo systemctl start frpc.service
# Check the status
sudo systemctl status frpc.service
GoCoding Personal experience sharing , We can pay attention to the official account !
边栏推荐
- VB.net GIF(制作、拆解——优化代码,类库——5)
- Flask
- Nexus 6p从8.0降级6.0+root
- Arc135 C (the proof is not very clear)
- 复合非线性反馈控制(二)
- 如何获取el-tree中所有节点的父节点
- Zzulioj:1201: mode problem
- SQL performance optimization skills
- Design and implementation of redis 7.0 multi part AOF
- LM small programmable controller software (based on CoDeSys) note XXI: error 3703
猜你喜欢
(4) Canal multi instance use
Halcon图片标定,使得后续图片处理过后变成与模板图片一样
光模块字母含义及参数简称大全
Introduction To AMBA 简单理解
Flask
Uninstall Google drive hard drive - you must exit the program to uninstall
724. 寻找数组的中心下标
![[QT] create mycombobox click event](/img/5a/ed17567a71f6737891fc7a8273df0a.png)
[QT] create mycombobox click event
How to configure static IP for Kali virtual machine
Ping port artifact psping
随机推荐
Detectron:训练自己的数据集——将自己的数据格式转换成COCO格式
BUU-Crypto-[HDCTF2019]basic rsa
Introduction to AMBA
Basic concept of bus
js arguments参数使用和详解
VB. Net GIF (making and disassembling - optimizing code, class library - 5)
1480. 一维数组的动态和
JS arguments parameter usage and explanation
gslb(global server load balance)技术的一点理解
C # character similarity comparison general class
[excel] PivotChart
BeanFactoryPostProcessor 与 BeanPostProcessor 相关子类概述
BUU-Reverse-easyre
BUU-Real-[PHP]XXE
Compound nonlinear feedback control (2)
LM small programmable controller software (based on CoDeSys) note 22: error 4268/4052
BUU-Crypto-[GUET-CTF2019]BabyRSA
Configure cross compilation tool chain and environment variables
Flink1.13 basic SQL syntax (II) join operation
BUU-Crypto-[GXYCTF2019]CheckIn