The cause of

At present, in many schools, there are problems such as outsourcing of educational affairs, poor operation and maintenance personnel skills, and less server resources, so the general educational affairs system will not be exposed in the Internet. But the result query, class schedule query this kind of rigid demand, let me have to study how to penetrate the Intranet.

Analysis of the

Currently, I have known SSH tunnel, FRP, NGROk and peanut shell penetration modes, but SSH tunnel speed is not good, and the high service price of peanut shell is not considered. In addition, I already have VPS, so I tend to use existing resources to compare and choose between FRP and NGROK.

Ngrok (https://github.com/inconshreveable/ngrok)

  1. Ngrok1 is an open source version with many known problems (memory leak bug in HTTP mode), ngrok2 is a closed source, and it seems that the official plan is not to open source, only the client
  2. Ngrok needs to compile the program itself, because ngrok uses certificate verification, and the certificate is directly compiled into the EXE file, so you must compile the client and server side

FRP (https://github.com/fatedier/frp)

  1. Fully open source
  2. There are Chinese documents
  3. Future plans: FRPS supports direct reverse proxy, similar to HaProxy; FRPC supports load balancing to different back-end services.

In this comparison, IT is found that FRP fully meets my requirements, so I have the following solutions:

I’ve got my raspberry pie now, and I’m just waiting for it to start. I’ll keep recording the whole process. In addition, the recommended FRP one-click scripts are www.lu8.win/frp.html, which also has one-click scripts for Ngrok and N2N.