frp+nginx内网穿透

编程

nginx内网穿透">
frp+nginx内网穿透

背景:自己有台内网Linux主机,希望被外网访问(ssh、http、https);

准备工作

  1. 内网Linux主机-c,可以访问c主机和外网的主机-s(windows/linux)
  2. 官网下载nginx到s:https://nginx.org/en/download.html
  3. github上下载windows版frp到s:https://github.com/fatedier/frp/releases
  4. github上下载linux版frp到c:https://github.com/fatedier/frp/releases

s端配置步骤

  1. 配置nginx:

#443端口https请求反向代理

server {

#监听端口

listen 443 ssl;

server_name localhost;

#ssl自签证书请参考我另一篇文章 https://www.cnblogs.com/zhoux123/p/14753126.html

ssl_certificate server.crt;

ssl_certificate_key server.key;

ssl_session_cache shared:SSL:1m;

ssl_session_timeout 5m;

ssl_ciphers HIGH:!aNULL:!MD5;

ssl_prefer_server_ciphers on;

location / {

#反向代理地址

proxy_pass http://localhost:8088;

}

}

  1. 配置frps.ini

[common]

#日志输出路径:默认控制台

#log_file = ./frps.log

#日志输出等级:trace, debug, info, warn, error(默认info)

#log_level = trace

#s端和c端建立连接绑定的端口,默认7000

bind_port = 7000

#此端口上的http请求将会转发到c端

vhost_http_port = 8088

  1. 启动nginx服务
  2. 启动c端frps服务:./frps -c ./frps.ini,日志如下

2021/05/11 22:35:24 [I] [service.go:192] frps tcp listen on 0.0.0.0:7000

2021/05/11 22:35:24 [I] [service.go:235] http service listen on 0.0.0.0:8088

2021/05/11 22:35:24 [I] [root.go:209] frps started successfully

c端配置步骤

  1. 配置frpc.ini

[common]

#日志输出路径:默认控制台

#log_file = ./frpc.log

#日志输出等级:trace, debug, info, warn, error(默认info)

#log_level = trace

#s端地址

server_addr = 192.168.137.1

#s端和c端建立连接绑定的端口,默认7000

server_port = 7000

[ssh]

type = tcp

local_ip = 127.0.0.1

#默认22端口,termux为8022

local_port = 8022

remote_port = 6000

[http]

type = http

#s端的http请求将会转发到此端口

local_port = 8080

#s端地址,可同时设置多个,英文逗号隔开

custom_domains = localhost,127.0.0.1,192.168.137.1

  1. 启动c端frpc服务:./frpc -c ./frpc.ini,日志如下:

2021/05/11 22:41:43 [I] [service.go:304] [02c28f30442a89bd] login to server success, get run id [02c28f30442a89bd], server udp port [0]

2021/05/11 22:41:43 [I] [proxy_manager.go:144] [02c28f30442a89bd] proxy added: [ssh http]

2021/05/11 22:41:43 [I] [control.go:180] [02c28f30442a89bd] [http] start proxy success

2021/05/11 22:41:43 [I] [control.go:180] [02c28f30442a89bd] [ssh] start proxy success

验证

找一台可以访问s主机的电脑验证:

  1. 验证ssh:ssh root@192.168.137.1 -p 7000
  2. 验证http:http://192.168.137.1:8088
  3. 验证https:https://192.168.137.1https://192.168.137.1:443

尊重原创,转载请标明出处,谢谢

以上是 frp+nginx内网穿透 的全部内容, 来源链接: utcz.com/z/519670.html

回到顶部