内网穿透 frp ngrok

内网穿透

内网穿透工具、frp、ngrok

Posted by Sun8min on May 11, 2019

内网穿透

内网ip,外网并不能直接访问,所以用公网ip的服务器,与内网ip的机器建立连接, 服务器转发流量,外网就可以访问内网机器。

frp

frp 需要有公网IP的服务器,需要配置服务端与客户端

配置文件

服务端:frps.ini 例:

[common]
bind_port = 7000
vhost_http_port = 80
vhost_https_port = 443
subdomain_host = sun8min.com

客户端:frpc.ini 例:

假设本地服务端口为 8092, 并且想用域名www.sun8min.com访问

[common]
server_addr = 118.126.91.55
server_port = 7000
tls_enable = true

[web]
type = http
local_port = 8092
subdomain = www

[https2http]
type = https
subdomain = www

plugin = https2http
plugin_local_addr = 127.0.0.1:8092

#HTTPS 证书相关的配置
plugin_crt_path = ../../ssl/www.sun8min.com/Apache/2_www.sun8min.com.crt
plugin_key_path = ../../ssl/www.sun8min.com/Apache/3_www.sun8min.com.key

启动命令

服务端例:

cd /opt/frp && ./frps -c ./frps.ini

客户端例:

cd /Volumes/mac_data/soft/frp-0.26.0/frp_0.26.0_darwin_amd64 && ./frpc -c ./frpc.ini

其他

frps可以运行在docker上,并且使用nginx来转发到frps

/opt/docker_files/nginx/conf配置nginx的配置文件nginx.conf

events {
}
http {
    server
    {
        listen 80;
        server_name www.sun8min.com;
        location / {
            return 307 https://$server_name$request_uri;
        }
    }
    server
    {
        listen 443 ssl;
        server_name www.sun8min.com;
        ssl_certificate ./ssl/www.sun8min.com/Nginx/1_www.sun8min.com_bundle.crt;
        ssl_certificate_key ./ssl/www.sun8min.com/Nginx/2_www.sun8min.com.key;
        location / {
            proxy_ssl_server_name on;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Host $host;
            proxy_pass https://www.sun8min.com:1443; #通过域名访问frp服务
        }
    }
}

因为想用域名www.sun8min.com访问,所以需要在/opt/docker_files/nginx/conf/ssl/www.sun8min.com/Nginx目录下放置证书

然后创建并运行nginx容器与frps容器

## nginx容器
docker run -dit --name nginx -p 80:80 -p 443:443 -v /opt/docker_files/nginx/www:/www -v /opt/docker_files/nginx/conf:/etc/nginx -v /opt/docker_files/nginx/conf/nginx.conf:/etc/nginx/nginx.conf -v /opt/docker_files/nginx/logs:/wwwlogs nginx
## frps容器
docker run -dit --name frps -v /opt/docker_files/frp:/opt/frp -p 180:80 -p 1443:443 -p 7000:7000 ubuntu bash -c "cd /opt/frp && ./frps -c ./frps.ini"

ngrok

ngrok 官方提供了公网IP的服务器,只需配置客户端

启动命令

客户端:假设本地服务端口为 9600

## 启动,对9600端口进行内网穿透
cd /Volumes/mac_data/soft/ngrok-2.3.25 && ./ngrok http 9600
CATALOG
    FEATURED TAGS
    Hello World Git MYSQL Database Tool WebSite Web Security CSRF DDOS SQL注入 XSS 中间人攻击 Docker Markdown Maven Build Tool 内网穿透 frp ngrok Bash Shell Redis NoSQL 设计模式
    FRIENDS