“This is the first day of my participation in the First Challenge 2022. For details: First Challenge 2022.”
preface
Things are like this, recently all kinds of cloud service manufacturers are engaged in activities to sell cloud servers, and then a friend wants to buy a partner with me, just need to give him a network through the port and then AA, I think so good things that we have to do ah, say dry za do ah.
First, the purpose of Intranet penetration is to enable others to request a port on a server with a public IP address to forward the port to a server without a public IP address. The general process is as follows:
The body of the
FRP is used here for Intranet penetration, the principle and some theoretical things are not said, you can go to the official document gofrp.org
The environment used in this article: a server with a public IP address as the server (CentOS 8) and a local server as the client (CentOS 8)
Start the configuration
Download the FRP
The server side and client side download FRP (0.22.0 is used here, now the latest version has reached 0.38.0, if you use other versions, you can change all 22 linked below to the corresponding version number, the configuration is almost the same)
Ini vim frps.ini Add the following information: [common] bind_addr = 0.0.0.0 bind_port = 7000 dashboard_port = 7500 Privilege_token = User-defined token used for client authentication Dashboard_user = admin Dashboard_pwd = admin
For details about server configuration parameters, see gofrp.org/docs/refere…
Nohup./ FRPS -c frps.ini >/dev/null 2>&1 & github.com/fatedier/fr…
Unpack the
After downloading, there will be a zip package to decompress:
Tart - ZXVF frp_0. 22.0 _linux_amd64. Tar. Gz
Ini and frps.ini are client configuration files, and frps.ini is server configuration files. The client does not need frps.ini and FRPS files and can be deleted directly
Configuring a server (server with a public IP address)
Ini vim frps.ini Add the following information
[common]
bind_addr = 0.0. 0. 0
bind_port = 7000
dashboard_port = 7500Privilege_token = User-defined token used for client authentication Dashboard_user = admin Dashboard_pwd = adminCopy the code
For details about server configuration parameters, see gofrp.org/docs/refere…
Starting the server
/ FRPS -c frps.ini >/dev/null 2> &1 &
Copy the code
Configuring the client (local server)
Modify the frpc.ini configuration file vim frpc.ini
Add the following information
[common] server_ADDR = Server public network IP server_port = 7000 Privilege_token = User-defined token, Consistent with server Settings [HTTP] type = TCP local_port = Port that provides services locally, such as 8080 local_IP = 127.0.0.1 remote_port = Port that the server forwards, such as 8081Copy the code
For details about server configuration parameters, see gofrp.org/docs/refere… Note: In this configuration, port 8081 of the server with the public IP address is forwarded to port 8080 of the local server. When someone accesses port 8081 of the public IP address service, the request is actually processed by port 8080 of the local server.
Possible problems
login to server failed: authorization failed
The solution:
1. Check whether the tokens on the client and server are consistent
2. Check whether the client and server both use a privilege_token or a token. If yes, the server uses a token and the client uses a privilege_token, ensure that the client and server are consistent
[W] [control.go:332] [2fdf3d977a8855c9] new proxy [http] error: port unavailable
The solution: vhost_http_port does not need to be written, because the client is already listening on port 10101, and the server is no longer listening