[关闭]
@cyysu 2017-10-06T08:16:44.000000Z 字数 11867 阅读 2070

内网穿透-frp

  • 时间:2017年10月6日
  • 作者:Kali
  • 邮箱:cyysu.github.io@gmail.com
  • 版本:3.0
  • 描述:内网穿透工具系列之frp

内网映射

简介

  1. frp 是一个高性能的反向代理应用,可以帮助您轻松地进行内网穿透,对外网提供服务,支持 tcp, http, https 等协议类型,并且 web 服务支持根据域名进行路由转发。

搭建

  1. # 切换到需要安装的目录
  2. mj@DZ:~$ cd /usr/local
  4. # 安装依赖
  5. mj@DZ:/usr/local$ sudo apt-get install bison ed gawk gcc libc6-dev make
  6. [sudo] mj 的密码: 
  7. 正在读取软件包列表... 完成
  8. 正在分析软件包的依赖关系树       
  9. 正在读取状态信息... 完成       
  10. bison 已经是最新版 (2:3.0.4.dfsg-1)。
  11. ed 已经是最新版 (1.10-2)。
  12. gawk 已经是最新版 (1:4.1.3+dfsg-0.1)。
  13. gcc 已经是最新版 (4:5.3.1-1ubuntu1)。
  14. make 已经是最新版 (4.1-6)。
  15. libc6-dev 已经是最新版 (2.23-0ubuntu9)。
  16. 下列软件包是自动安装的并且现在不需要了:
  17.   binutils-arm-linux-gnueabi cpp-5-arm-linux-gnueabi cpp-arm-linux-gnueabi
  18.   gcc-5-arm-linux-gnueabi-base gcc-5-cross-base gyp libasan2-armel-cross
  19.   libatomic1-armel-cross libc6-armel-cross libc6-armhf-armel-cross
  20.   libc6-armhf-cross libc6-dev-armel-cross libc6-dev-armhf-armel-cross
  21.   libc6-dev-armhf-cross libgcc-5-dev-armel-cross libgcc1-armel-cross
  22.   libgomp1-armel-cross libhfasan2-armel-cross libhfatomic1-armel-cross
  23.   libhfgcc-5-dev-armel-cross libhfgcc1-armel-cross libhfgomp1-armel-cross
  24.   libhfstdc++6-armel-cross libhfubsan0-armel-cross libjs-inherits
  25.   libjs-node-uuid libjs-underscore libstdc++6-armel-cross
  26.   libubsan0-armel-cross libuv1 libuv1-dev libxfce4util-bin libxfce4util-common
  27.   libxfce4util7 libxfconf-0-2 linux-headers-4.10.0-32
  28.   linux-headers-4.10.0-32-generic linux-headers-4.8.0-36
  29.   linux-headers-4.8.0-36-generic linux-image-4.10.0-32-generic
  30.   linux-image-4.8.0-36-generic linux-image-extra-4.10.0-32-generic
  31.   linux-image-extra-4.8.0-36-generic linux-libc-dev-armel-cross
  32.   linux-libc-dev-armhf-cross xfconf
  33. 使用'sudo apt autoremove'来卸载它(它们)。
  34. 升级了 0 个软件包,新安装了 0 个软件包,要卸载 0 个软件包,有 117 个软件包未被升级。
  35. mj@DZ:/usr/local$ 
  37. # 打开下面网址 选择自己需要的版本下载
  38. http://www.golangtc.com/static/go/
  40. # 或者用下面网址进行直接下载go1.9版本
  41. mj@DZ:/usr/local$ sudo  wget https://www.golangtc.com/static/go/1.9/go1.9.linux-amd64.tar.gz
  42. --2017-10-06 15:12:51--  https://www.golangtc.com/static/go/1.9/go1.9.linux-amd64.tar.gz
  43. 正在解析主机 www.golangtc.com (www.golangtc.com)... 47.91.167.48
  44. 正在连接 www.golangtc.com (www.golangtc.com)|47.91.167.48|:443... 已连接。
  45. 已发出 HTTP 请求,正在等待回应... 200 OK
  46. 长度: 102601309 (98M) [application/x-gzip]
  47. 正在保存至: go1.9.linux-amd64.tar.gz
  49. # 解压go软件
  50. mj@DZ:/usr/local$ tar xf go1.9.linux-amd64.tar.gz
  51. mj@DZ:/usr/local$ sudo cp go/bin/go /usr/bin/
  53. # 设置go环境变量
  54. mj@DZ:/usr/local$ vim ~/.bashrc
  55. # 写入下面的内容
  56. export GOROOT=/usr/local/go
  57. export GOBIN=/usr/local/go/bin
  58. export GOPATH=/usr/local/gopath
  59. export PATH=$PATH:$GOBIN
  60. # 使环境变量生效
  61. mj@DZ:/usr/local$ source ~/.bashrc 
  63. # 查看go版本
  64. mj@DZ:/usr/local$ go version
  65. go version go1.9 linux/amd64
  68. # 下载frp
  69. mj@DZ:/usr/local$ go get github.com/fatedier/frp 
  71. # 当下载完之后,就会在gopath中垂涎如下的目录以及文件
  72. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp$ pwd
  73. /usr/local/gopath/src/github.com/fatedier/frp
  74. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp$ ls
  75. assets  client  conf  Dockerfile         frpc_linux_arm  Godeps   Makefile      models      README.md     server  utils   web
  76. bin     cmd     doc   Dockerfile_alpine  frps_linux_arm  LICENSE  Makefile.bak  package.sh  README_zh.md  tests   vendor
  77. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp$ 
  79. # 修改交叉编译的makefile
  80. # 这里编译默认是编译本地架构类型的执行文件
  81. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp$ make
  82. go fmt ./assets/...
  83. go fmt ./client/...
  84. go fmt ./cmd/...
  85. go fmt ./models/...
  86. go fmt ./server/...
  87. go fmt ./utils/...
  88. go build -o bin/frps ./cmd/frps
  89. go build -o bin/frpc ./cmd/frpc
  91. # 如果编译其他类型 那么执行一下操作
  92. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp$ mv  Makefile Makefile.bak
  93. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp$ mv  Makefile.cross-compiles Makefile
  94. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp$ cat Makefile
  95. export PATH := $(GOPATH)/bin:$(PATH)
  96. export GO15VENDOREXPERIMENT := 1
  97. LDFLAGS := -s -w
  99. all: build
  101. build: app
  103. app:
  104.     env CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -ldflags "$(LDFLAGS)" -o ./frpc_darwin_amd64 ./cmd/frpc
  105. 	env CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -ldflags "$(LDFLAGS)" -o ./frps_darwin_amd64 ./cmd/frps
  106.     env CGO_ENABLED=0 GOOS=linux GOARCH=386 go build -ldflags "$(LDFLAGS)" -o ./frpc_linux_386 ./cmd/frpc
  107. 	env CGO_ENABLED=0 GOOS=linux GOARCH=386 go build -ldflags "$(LDFLAGS)" -o ./frps_linux_386 ./cmd/frps
  108.     env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "$(LDFLAGS)" -o ./frpc_linux_amd64 ./cmd/frpc
  109. 	env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "$(LDFLAGS)" -o ./frps_linux_amd64 ./cmd/frps
  110.     env CGO_ENABLED=0 GOOS=linux GOARCH=arm go build -ldflags "$(LDFLAGS)" -o ./frpc_linux_arm ./cmd/frpc
  111. 	env CGO_ENABLED=0 GOOS=linux GOARCH=arm go build -ldflags "$(LDFLAGS)" -o ./frps_linux_arm ./cmd/frps
  112.     env CGO_ENABLED=0 GOOS=windows GOARCH=386 go build -ldflags "$(LDFLAGS)" -o ./frpc_windows_386.exe ./cmd/frpc
  113. 	env CGO_ENABLED=0 GOOS=windows GOARCH=386 go build -ldflags "$(LDFLAGS)" -o ./frps_windows_386.exe ./cmd/frps
  114.     env CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -ldflags "$(LDFLAGS)" -o ./frpc_windows_amd64.exe ./cmd/frpc
  115. 	env CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -ldflags "$(LDFLAGS)" -o ./frps_windows_amd64.exe ./cmd/frps
  116.     env CGO_ENABLED=0 GOOS=linux GOARCH=mips64 go build -ldflags "$(LDFLAGS)" -o ./frpc_linux_mips64 ./cmd/frpc
  117. 	env CGO_ENABLED=0 GOOS=linux GOARCH=mips64 go build -ldflags "$(LDFLAGS)" -o ./frps_linux_mips64 ./cmd/frps
  118.     env CGO_ENABLED=0 GOOS=linux GOARCH=mips64le go build -ldflags "$(LDFLAGS)" -o ./frpc_linux_mips64le ./cmd/frpc
  119. 	env CGO_ENABLED=0 GOOS=linux GOARCH=mips64le go build -ldflags "$(LDFLAGS)" -o ./frps_linux_mips64le ./cmd/frps
  120.     env CGO_ENABLED=0 GOOS=linux GOARCH=mips go build -ldflags "$(LDFLAGS)" -o ./frpc_linux_mips ./cmd/frpc
  121. 	env CGO_ENABLED=0 GOOS=linux GOARCH=mips go build -ldflags "$(LDFLAGS)" -o ./frps_linux_mips ./cmd/frps
  122.     env CGO_ENABLED=0 GOOS=linux GOARCH=mipsle go build -ldflags "$(LDFLAGS)" -o ./frpc_linux_mipsle ./cmd/frpc
  123. 	env CGO_ENABLED=0 GOOS=linux GOARCH=mipsle go build -ldflags "$(LDFLAGS)" -o ./frps_linux_mipsle ./cmd/frps
  125. PC:
  126.     env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "$(LDFLAGS)" -o ./frpc_linux_amd64 ./cmd/frpc
  127. 	env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "$(LDFLAGS)" -o ./frps_linux_amd64 ./cmd/frps
  129. ARM:
  130.     env CGO_ENABLED=0 GOOS=linux GOARCH=arm go build -ldflags "$(LDFLAGS)" -o ./frpc_linux_arm ./cmd/frpc
  131. 	env CGO_ENABLED=0 GOOS=linux GOARCH=arm go build -ldflags "$(LDFLAGS)" -o ./frps_linux_arm ./cmd/frps
  133. # 接下来就可以编译了
  135. # 编译PC平台
  136. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp$ make PC
  137. env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "-s -w" -o ./frpc_linux_amd64 ./cmd/frpc
  138. env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "-s -w" -o ./frps_linux_amd64 ./cmd/frps
  139. # 编译ARM平台
  140. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp$ make ARM
  141. env CGO_ENABLED=0 GOOS=linux GOARCH=arm go build -ldflags "-s -w" -o ./frpc_linux_arm ./cmd/frpc
  142. env CGO_ENABLED=0 GOOS=linux GOARCH=arm go build -ldflags "-s -w" -o ./frps_linux_arm ./cmd/frps
  143. # 查看编译出来的文件
  144. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp$ ls
  145. assets  client  conf  Dockerfile         frpc_linux_amd64  frps_linux_amd64  Godeps   Makefile      models      README.md     server  utils   web
  146. bin     cmd     doc   Dockerfile_alpine  frpc_linux_arm    frps_linux_arm    LICENSE  Makefile.bak  package.sh  README_zh.md  tests   vendor
  147. # 查看文件类型
  148. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp$ file frpc_linux_arm 
  149. frpc_linux_arm: ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV), statically linked, stripped
  150. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp$ file frpc_linux_amd64 
  151. frpc_linux_amd64: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, stripped
  152. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp$ file frps_linux_amd64 
  153. frps_linux_amd64: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, stripped
  154. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp$ file frps_linux_arm 
  155. frps_linux_arm: ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV), statically linked, stripped
  156. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp$

客户端配置

  1. # 我们这里将演示两个平台 ARM平台当做是服务器 Linux平台当做客户端
  2. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp$ cd bin/
  3. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp/bin$ ls
  4. frpc  frpc.ini  frps  static
  5. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp/bin$ 
  6. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp/bin$ cat frpc.ini 
  7. [common]
  8. server_addr = 192.168.88.230
  9. server_port = 7000
  11. [ssh]
  12. type = tcp
  13. local_ip = 10.0.0.78
  14. local_port = 22
  15. remote_port = 6000 #访问服务器的6000端口就是访问内网的22端口

服务端配置

  1. [root@3352-T chen]# ls
  2. frps_linux_arm*     frpc_linux_arm*     frps.ini
  4. [root@3352-T chen]# cat frps.ini 
  5. [common]
  6. bind_addr = 0.0.0.0
  7. bind_port = 7000
  8. vhost_http_port = 80
  9. vhost_https_port = 443
  10. dashboard_user = admin
  11. dashboard_pwd = admin
  12. dashboard_port = 7500
  13. auth_token = 123
  15. [ssh]
  16. bind_addr = 0.0.0.0
  17. listen_port = 6000

服务端运行

  1. [root@3352-T chen]# ./frps_linux_arm -c ./frps.ini 
  2. 1970/01/01 00:46:43 [I] [service.go:83] frps tcp listen on 0.0.0.0:7000
  3. 1970/01/01 00:46:43 [I] [service.go:108] http service listen on 0.0.0.0:80
  4. 1970/01/01 00:46:43 [I] [service.go:124] https service listen on 0.0.0.0:443
  5. 1970/01/01 00:46:43 [I] [service.go:134] Dashboard listen on 0.0.0.0:7500
  6. 1970/01/01 00:46:43 [I] [main.go:112] Start frps success
  7. 1970/01/01 00:46:43 [I] [main.go:114] PrivilegeMode is enabled, you should pay more attention to security issues

客户端运行

  1. mj@DZ:/usr/local/gopath/src/github.com/fatedier/frp/bin$ ./frpc -c ./frpc.ini 
  2. 2017/10/06 15:38:46 [I] [control.go:276] [f1de66317eeb0c11] login to server success, get run id [f1de66317eeb0c11]
  3. 2017/10/06 15:38:46 [I] [control.go:411] [f1de66317eeb0c11] [http_proxy] start proxy success
  4. 2017/10/06 15:38:46 [I] [control.go:411] [f1de66317eeb0c11] [ssh] start proxy success

运行结果

  1. # 这个时候ARM服务器端出现的内容如下
  2. [root@3352-T chen]# ./frps_linux_arm -c ./frps.ini 
  3. 1970/01/01 00:48:12 [I] [service.go:83] frps tcp listen on 0.0.0.0:7000
  4. 1970/01/01 00:48:12 [I] [service.go:108] http service listen on 0.0.0.0:80
  5. 1970/01/01 00:48:12 [I] [service.go:124] https service listen on 0.0.0.0:443
  6. 1970/01/01 00:48:12 [I] [service.go:134] Dashboard listen on 0.0.0.0:7500
  7. 1970/01/01 00:48:12 [I] [main.go:112] Start frps success
  8. 1970/01/01 00:48:12 [I] [main.go:114] PrivilegeMode is enabled, you should pay more attention to security issues
  9. 1970/01/01 00:48:14 [I] [service.go:229] client login info: ip [192.168.88.9:34240] version [0.13.0] hostname [] os [linux] arch [amd64]
  10. 1970/01/01 00:48:14 [I] [proxy.go:170] [f1de66317eeb0c11] [http_proxy] tcp proxy listen port [6800]
  11. 1970/01/01 00:48:14 [I] [control.go:318] [f1de66317eeb0c11] new proxy [http_proxy] success
  12. 1970/01/01 00:48:14 [I] [proxy.go:170] [f1de66317eeb0c11] [ssh] tcp proxy listen port [6000]
  13. 1970/01/01 00:48:14 [I] [control.go:318] [f1de66317eeb0c11] new proxy [ssh] success
  15. # 这里为了测试我们连接到开发板,然后在开发板连接我们的PC
  16. [root@3352-T ~]# ssh root@10.0.0.78
  17. ssh: connect to host 10.0.0.78 port 22: Network is unreachable
  18. [root@3352-T ~]# ifconfig eth0
  19. eth0      Link encap:Ethernet  HWaddr 04:A3:16:EE:D8:53  
  20.           inet addr:192.168.88.230  Bcast:192.168.88.255  Mask:255.255.255.0
  21.           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  22.           RX packets:474 errors:0 dropped:45 overruns:0 frame:0
  23.           TX packets:256 errors:0 dropped:0 overruns:0 carrier:0
  24.           collisions:0 txqueuelen:1000 
  25.           RX bytes:62286 (60.8 KiB)  TX bytes:43098 (42.0 KiB)
  27. #我们发现在88网段是无法连接10网段的任何主机,下面我们通过穿透工具进行连接
  28. [root@3352-T ~]# ssh -oPort=6000 root@192.168.88.230
  29. The authenticity of host '[192.168.88.230]:6000 ([192.168.88.230]:6000)' can't be established.
  30. ECDSA key fingerprint is 03:57:49:bb:9b:89:0e:57:31:fc:b5:ee:b4:4c:57:b7.
  31. Are you sure you want to continue connecting (yes/no)? yes
  32. Failed to add the host to the list of known hosts (/root/.ssh/known_hosts).
  33. root@192.168.88.230's password: 
  34. Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.10.0-35-generic x86_64)
  36.  * Documentation:  https://help.ubuntu.com
  37.  * Management:     https://landscape.canonical.com
  38.  * Support:        https://ubuntu.com/advantage
  40. 80 个可升级软件包。
  41. 1 个安全更新。
  43. Last login: Fri Oct  6 15:59:18 2017 from 10.0.0.78
  44. root@DZ:~# ip a
  45. 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
  46.     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
  47.     inet 127.0.0.1/8 scope host lo
  48.        valid_lft forever preferred_lft forever
  49.     inet6 ::1/128 scope host 
  50.        valid_lft forever preferred_lft forever
  51. 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
  52.     link/ether 00:0c:29:3b:a5:5f brd ff:ff:ff:ff:ff:ff
  53.     inet 10.0.0.78/24 brd 10.0.0.255 scope global ens33
  54.        valid_lft forever preferred_lft forever
  55.     inet6 fe80::20c:29ff:fe3b:a55f/64 scope link 
  56.        valid_lft forever preferred_lft forever
  57. 3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
  58.     link/ether 02:42:ba:da:aa:1c brd ff:ff:ff:ff:ff:ff
  59.     inet 172.17.0.1/16 scope global docker0
  60.        valid_lft forever preferred_lft forever
  61.     inet6 fe80::42:baff:feda:aa1c/64 scope link 
  62.        valid_lft forever preferred_lft forever
  63. 5: veth921922a@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default 
  64.     link/ether de:f8:30:93:03:b1 brd ff:ff:ff:ff:ff:ff link-netnsid 0
  65.     inet6 fe80::dcf8:30ff:fe93:3b1/64 scope link 
  66.        valid_lft forever preferred_lft forever
  67. root@DZ:~# 
  69. # 通过上面我们可以看到我们成功从88网段连接到了我们的10网段,也就是说我们的内网穿透工具起作用了。

Dashboard展示

未连接时状态

连接时状态

连接时展示

打赏

                    支付宝                                                         微信

微信与支付宝支付

添加新批注
在作者公开此批注前,只有你和作者可见。
回复批注