frp+nginx内网穿透
Posted zhoux123
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了frp+nginx内网穿透相关的知识,希望对你有一定的参考价值。
frp+nginx内网穿透
背景:自己有台内网Linux主机,希望被外网访问(ssh、http、https);
准备工作
- 内网Linux主机-c,可以访问c主机和外网的主机-s(windows/linux)
- 官网下载nginx到s:https://nginx.org/en/download.html
- github上下载windows版frp到s:https://github.com/fatedier/frp/releases
- github上下载linux版frp到c:https://github.com/fatedier/frp/releases
s端配置步骤
- 配置nginx:
#443端口https请求反向代理
server {
#监听端口
listen 443 ssl;
server_name localhost;
#ssl自签证书请参考我另一篇文章 https://www.cnblogs.com/zhoux123/p/14753126.html
ssl_certificate server.crt;
ssl_certificate_key server.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
#反向代理地址
proxy_pass http://localhost:8088;
}
}
- 配置
frps.ini:
[common]
#日志输出路径:默认控制台
#log_file = ./frps.log
#日志输出等级:trace, debug, info, warn, error(默认info)
#log_level = trace
#s端和c端建立连接绑定的端口,默认7000
bind_port = 7000
#此端口上的http请求将会转发到c端
vhost_http_port = 8088
- 启动nginx服务
- 启动c端frps服务:
./frps -c ./frps.ini,日志如下
2021/05/11 22:35:24 [I] [service.go:192] frps tcp listen on 0.0.0.0:7000
2021/05/11 22:35:24 [I] [service.go:235] http service listen on 0.0.0.0:8088
2021/05/11 22:35:24 [I] [root.go:209] frps started successfully
c端配置步骤
- 配置
frpc.ini:
[common]
#日志输出路径:默认控制台
#log_file = ./frpc.log
#日志输出等级:trace, debug, info, warn, error(默认info)
#log_level = trace
#s端地址
server_addr = 192.168.137.1
#s端和c端建立连接绑定的端口,默认7000
server_port = 7000
[ssh]
type = tcp
local_ip = 127.0.0.1
#默认22端口,termux为8022
local_port = 8022
remote_port = 6000
[http]
type = http
#s端的http请求将会转发到此端口
local_port = 8080
#s端地址,可同时设置多个,英文逗号隔开
custom_domains = localhost,127.0.0.1,192.168.137.1
- 启动c端frpc服务:
./frpc -c ./frpc.ini,日志如下:
2021/05/11 22:41:43 [I] [service.go:304] [02c28f30442a89bd] login to server success, get run id [02c28f30442a89bd], server udp port [0]
2021/05/11 22:41:43 [I] [proxy_manager.go:144] [02c28f30442a89bd] proxy added: [ssh http]
2021/05/11 22:41:43 [I] [control.go:180] [02c28f30442a89bd] [http] start proxy success
2021/05/11 22:41:43 [I] [control.go:180] [02c28f30442a89bd] [ssh] start proxy success
验证
找一台可以访问s主机的电脑验证:
- 验证ssh:
ssh root@192.168.137.1 -p 7000 - 验证http:
http://192.168.137.1:8088 - 验证https:
https://192.168.137.1或https://192.168.137.1:443
尊重原创,转载请标明出处,谢谢
以上是关于frp+nginx内网穿透的主要内容,如果未能解决你的问题,请参考以下文章