background
As a programmer, you have some dusty computers at home, and it would be great if you could turn them into servers that are not only well configured, but can also be used for testing. But how can LAN devices be accessed from the Internet? This is achieved by Intranet penetration.
Intranet penetration is also called NAT penetration, and there are many commonly used tools, such as NGROK, peanut shell, FRP, etc., because I use FRP, which is also the topic of this article.
NAT is the technique of rewriting IP packets as they pass through a router or firewall. Because the number of public IP addresses is limited, the country cannot assign one public IP address to each device. Therefore, multiple computers can only share one public IP address for external communication. In this way, network translation is required.
Basic Implementation Principles
FRP is divided into server and client. The former runs on a server with a public IP address, and the latter runs on a device in a LAN. By default, the server opens port 7000 and then the client connects to the server.
At the same time, the client can enable the port for SSH and map it to a port on the server. In this way, when the terminal accesses the port on the server, the port is automatically forwarded to the client.
In addition to SSH ports, FRP also supports Web ports to receive HTTP access.
Install and use
At present, one public network server and one Intranet server are required. Linux system has been installed on my Intranet server to facilitate the testing of various tools.
Server installation and configuration
Wget https://github.com/fatedier/frp/releases/download/v0.33.0/frp_0.33.0_linux_amd64.tar.gz tar ZXVF Frp_0. 33.0 _linux_amd64. Tar. Gz CD frp_0. 33.0 _linux_amd64 /Copy the codeThe configuration file of the frps.ini server is bound to port 7000 by default. If a cloud server is deployed, enable port 7000.
[common]
bind_port = 7000
Copy the codeStart the FRP service using the FPRS binary file.
./frps -c ./frps.ini
Copy the codeIf the following message is displayed, the installation is successful.
2020/05/15 22:16:29 [I] [service.go:178] frps tcp listen on 0.0.0.0:7000
2020/05/15 22:16:29 [I] [root.go:209] start frps success
2020/05/15 22:16:38 [I] [service.go:432] [e3c5096bd4291972] client login info: ip [14.114.230.168:44422] version [0.24.1] hostname [] os [linux] arch [amd64]
2020/05/15 22:16:38 [I] [tcp.go:63] [e3c5096bd4291972] [ssh] tcp proxy listen port [7001]
2020/05/15 22:16:38 [I] [control.go:445] [e3c5096bd4291972] new proxy [ssh] success
Copy the codeClient installation and configuration
Take out your own stupid computer and download the FRP in the same way.
Wget https://github.com/fatedier/frp/releases/download/v0.33.0/frp_0.33.0_linux_amd64.tar.gz tar ZXVF Frp_0. 33.0 _linux_amd64. Tar. Gz CD frp_0. 33.0 _linux_amd64 /Copy the codeThe configuration file of the client is frpc.ini.
[common]
server_addr = 127.0.0.1
server_port = 7000
[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22
remote_port = 6000
Copy the codeCommon indicates the common configuration
- Server_addr indicates the PUBLIC network server IP address
- Server_port Port 7000 configured for the public network server
SSH is used for terminal command line access
- Type Connection type. The default value is TCP
- Local_ip local IP
- Local_port Specifies the SSH port number. The default value is 22
- Remote_port Mapping server port. Access to this port is forwarded to port 22 of the client by default
Start the client process
./frpc -c ./frpc.ini
Copy the codeIf the following message is displayed, the server is successfully connected
2020/05/15 22:34:49 [I] [service.go:282] [9bc650122a538aab] login to server success, get run id [9bc650122a538aab], server udp port [0]
2020/05/15 22:34:49 [I] [proxy_manager.go:144] [9bc650122a538aab] proxy added: [ssh]
2020/05/15 22:34:49 [I] [control.go:179] [9bc650122a538aab] [ssh] start proxy success
Copy the codetest
After the startup is complete, you can connect to the Intranet server through SSH.
ssh -p 6000 [email protected]
Copy the codeOriginal link: pingyeaa.com/2020/05/13/…
My name is Ping Ye. There is an open source project “Go Home” focusing on the growth of Gopher technology.
Thank you for watching, if you feel the article is helpful to you, welcome to pay attention to the public account “Ping ye”, focus on Go language and technology principle.
