無公網IP,使用frp訪問內網群暉上的DS file,DS photo,訪問內網遠程桌面

frp 是一個高性能的反向代理應用,可以幫助您輕鬆地進行內網穿透,對外網提供服務,支持 tcp, http, https 等協議類型,並且 web 服務支持根據域名進行路由轉發。

git項目地址:https://github.com/fatedier/frp

1. 安裝frp服務器端

可運行的程序可以從這裡下載 https://github.com/fatedier/frp/releases, 以下以當前最新版本0.34.1的linux amd64為例在Ubuntu 20.04上安裝

1
2
wget https://github.com/fatedier/frp/releases/download/v0.34.1/frp_0.34.1_linux_arm64.tar.gz
tar -zvxf frp_0.34.1_linux_arm64.tar.gz

解壓縮後可以看到以下目錄結構

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
frp_0.34.1_linux_amd64
├── frpc
├── frpc_full.ini
├── frpc.ini
├── frps
├── frps_full.ini
├── frps.ini
├── LICENSE
└── systemd
    ├── frpc.service
    ├── frpc@.service
    ├── frps.service
    └── frps@.service

安裝步驟:

1
2
3
4
copy frp_0.34.1_linux_amd64/frpc /usr/bin/
copy frp_0.34.1_linux_amd64/frps /usr/bin/
copy frp_0.34.1_linux_amd64/*.ini /etc/fpr/  #目錄/etc/fpr/不存在的話需要創建
copy frp_0.34.1_linux_amd64/systemd/* /etc/systemd/system

配置服務器端參數

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
[common]
bind_port = 10100                #frp監聽的端口,用作服務端和客戶端通信
vhost_http_port = 10101          #服務端通過此端口接監聽和接收公網用戶的http請求,如果使用nginx轉發,需轉發到此端口
token = XXXXXX                   #client端需要相同的token才能連接

#以下為dashboard端口,通過dashboard可以監控frp狀態
dashboard_port = 10109
dashboard_user = admin
dashboard_pwd = XXXXXX

#以下為log設置
log_file = /var/log/frps.log
log_level = debug
log_max_days = 3

更多參數及含義可以參考frps_full.ini文件

dashboard

啟動/停止/重啟/狀態/開機自啟動:

1
2
3
4
5
systemctl start frps
systemctl stop frps
systemctl restart frps
systemctl status frps
systemctl enable frps

2. 配置Nginx轉發(可選)

如果對應的服務端已被Nginx佔用,可以通過配置nginx轉發來完成。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
server {
    listen 80;
    server_name dsphoto.youdomain.com dsfile.youdomian.com frp.yourdomian.com;
    location / {
        proxy_pass http://127.0.0.1:10101; 
        proxy_set_header Host $host:80;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

        proxy_connect_timeout 7d;
        proxy_send_timeout 7d;
        proxy_read_timeout 7d;

    }
    if ($http_user_agent ~* "360Spider|JikeSpider|Spider|spider|bot|Bot|2345Explorer|curl|wget|webZI
P|qihoobot|Baiduspider|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google
|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spid
er|MSNBot|ia_archiver|Tomato Bot|NSPlayer|bingbot") {
        return 403;
    }
}

frp客戶端安裝

frp客戶端安裝設置可以參考服務端安裝。過程基本相同。不同的是: 客戶端使用frpc,對應的配置文件也是frpc.ini,啟動的服務是 frpc.

客戶端配置文件如下:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
[common]
server_addr = frp.yourdomain.com
server_port = 10100
token = XXXXXX    #和服務器端一致
log_file = /tmp/frpc.log
log_level = info
log_max_days = 3
tcp_mux = true
protocol = tcp
login_fail_exit = false
user = admin

#DS photo 配置
[DSphoto]
type = http
local_ip = 192.168.68.200  #內網的群暉的IP
local_port = 80
custom_domains = dsphoto.yourdomain.com

#DS file 配置, DS file 需要下面的 [DSfile]和[DSM]才能登錄
[DSfile]
type = http
local_ip = 192.168.68.200 #內網的群暉的IP
local_port = 5000
custom_domains = dsfile.yourdomain.com

[DSM]
type = tcp
local_ip = 192.168.68.200 #內網的群暉的IP
local_port = 5000
remote_port = 5000

#需要遠程桌面訪問的內網電腦
[MSTC]
type = tcp
local_ip = 192.168.68.168
local_port = 3389
remote_port = 3389

###客戶端訪問

DS file

DS photo

遠程桌面

记录并分享
Built with Hugo
Theme Stack designed by Jimmy