Centos7上安裝部署frp內網穿透工具

 

一、安裝
1、源碼地址
https://github.com/fatedier/frp
2、中文文檔
https://github.com/fatedier/frp/blob/master/README_zh.md
3、安裝部署
#所有發布版本下載地址
https://github.com/fatedier/frp/releases
#安裝命令（服務端和客戶端都執行）
wget https://github.com/fatedier/frp/releases/download/v0.29.0/frp_0.29.0_linux_amd64.tar.gz
tar -xvf frp_0.29.0_linux_amd64.tar.gz -C /usr/local/
cd /usr/local/
mv frp_0.29.0_linux_amd64 frp
cd frp

#在服務端刪除frpc和frpc.ini兩個文件
rm -f frpc frpc.ini

#在服務端刪除frps和frps.ini兩個文件
rm -f frps frps.ini

二、配置文件

1、客戶端修改frps.ini文件

#添加內容如下所示

[common]

bind_addr = 0.0.0.0

bind_port = 10000

bind_udp_port = 10001

vhost_http_port = 10003

vhost_https_port = 443

#kcp_bind_port = 10000

token = Abc#123&2wsx #和客戶端token一致辭

authentication_timeout = 900

max_pool_count = 20

##日志記錄

log_file = /var/log/frps.log

log_level = info

log_max_days = 3

##端口白名單

allow_ports = 10001,10048,10058,10076,10078,11110,11222,11112,11122,11123

##dashboard濫測面板

dashboard_port = 10002

dashboard_user = admin

dashboard_pwd = admin#123@zbc

2、客戶端修改frpc.ini文件

#添加內容如下所示

[common]

#server_addr = 101.65.43.134

server_addr = asdf.test.com #此域名解釋到服務端

server_port = 10000

#protocol = kcp

##指定需要使用的協議類型，默認類型為 TCP

tls_enable = true

token = Abc#123&2wsx #和服務端token一致辭

pool_count = 1

##日志記錄

log_file = /var/log/frpc.log

log_level = info

log_max_days = 3

##配置客戶端熱加載

admin_addr = 127.0.0.1

admin_port = 7400

admin_user = admin

admin_pwd = admin

##織語客戶端外網連接

[range:ccwork_tcp]

type = tcp

local_ip = 192.168.63.140

local_port = 10001,10048,10058,10076,10078,11110,11222,11112,11122,11123

remote_port = 10001,10048,10058,10076,10078,11110,11222,11112,11122,11123

use_encryption = true

use_compression = true

三、設置成systemd服務

1、服務端frps服務

vi /etc/systemd/system/frps.service

#添加內容如下所示

[Unit]

Description=FRP Server Daemon

[Service]

Type=simple

ExecStartPre=-/sbin/setcap cap_net_bind_service=+ep /usr/local/frp/frps

ExecStart=/usr/local/frp/frps -c /usr/local/frp/frps.ini

Restart=always

RestartSec=20s

User=nobody

PermissionsStartOnly=true

[Install]

WantedBy=multi-user.target

2、客戶端frpc服務

vi /etc/systemd/system/frpc.service

#添加內容如下所示

[Unit]

Description=FRP Client Daemon

[Service]

Type=simple

ExecStartPre=-/sbin/setcap cap_net_bind_service=+ep /usr/local/frp/frpc

ExecStart=/usr/local/frp/frpc -c /usr/local/frp/frpc.ini

Restart=always

RestartSec=20s

User=nobody

PermissionsStartOnly=true

[Install]

WantedBy=multi-user.target

3、管理服務

#服務端

systemctl daemon-reload

systemctl enable frps

systemctl start frps

systemctl restart frps

systemctl stop frps

systemctl status frps

#客戶端

systemctl daemon-reload

systemctl enable frpc

systemctl start frpc

systemctl restart frpc

systemctl stop frpc

systemctl status frpc

四、雲廠商防火牆開放下列端口

443,10000-10003,10001,10048,10058,10076,10078,11110,11222,11112,11122,11123

五、服務端主機本地開放端口（或者關閉本地防火牆）

443,10000-10003,10001,10048,10058,10076,10078,11110,11222,11112,11122,11123

#執行命令

systemctl start firewalld

systemctl enable firewalld

firewall-cmd –zone=public –add-port=443/tcp –permanent

firewall-cmd –zone=public –add-port=10000-10003/tcp –permanent

firewall-cmd –zone=public –add-port=10048/tcp –permanent

firewall-cmd –zone=public –add-port=10058/tcp –permanent

firewall-cmd –zone=public –add-port=10076/tcp –permanent

firewall-cmd –zone=public –add-port=10078/tcp –permanent

firewall-cmd –zone=public –add-port=11110/tcp –permanent

firewall-cmd –zone=public –add-port=11222/tcp –permanent

firewall-cmd –zone=public –add-port=11112/tcp –permanent

firewall-cmd –zone=public –add-port=11122/tcp –permanent

firewall-cmd –zone=public –add-port=11123/tcp –permanent

firewall-cmd –reload