diff --git a/README.md b/README.md index 488cde71e69..ccc6f356f7f 100644 --- a/README.md +++ b/README.md @@ -31,6 +31,7 @@ frp is a fast reverse proxy to help you expose a local server behind a NAT or fi * [Hot-Reload frpc configuration](#hot-reload-frpc-configuration) * [Get proxy status from client](#get-proxy-status-from-client) * [Port White List](#port-white-list) + * [Port Reuse](#port-reuse) * [TCP Stream Multiplexing](#tcp-stream-multiplexing) * [Support KCP Protocol](#support-kcp-protocol) * [Connection Pool](#connection-pool) @@ -413,6 +414,12 @@ allow_ports = 2000-3000,3001,3003,4000-50000 `allow_ports` consists of a specific port or a range of ports divided by `,`. +### Port Reuse + +Now `vhost_http_port` and `vhost_https_port` in frps can be same with `bind_port`. frps will detect connection's protocol and handle it accordingly. + +We would like to try to allow multiple proxies bind a same remote port with different protocols in the future. + ### TCP Stream Multiplexing frp support tcp stream multiplexing since v0.10.0 like HTTP2 Multiplexing. All user requests to same frpc can use only one tcp connection. diff --git a/README_zh.md b/README_zh.md index 7556060995a..a4f95feef66 100644 --- a/README_zh.md +++ b/README_zh.md @@ -29,6 +29,7 @@ frp 是一个可用于内网穿透的高性能的反向代理应用,支持 tcp * [客户端热加载配置文件](#客户端热加载配置文件) * [客户端查看代理状态](#客户端查看代理状态) * [端口白名单](#端口白名单) + * [端口复用](#端口复用) * [TCP 多路复用](#tcp-多路复用) * [底层通信可选 kcp 协议](#底层通信可选-kcp-协议) * [连接池](#连接池) @@ -438,6 +439,14 @@ allow_ports = 2000-3000,3001,3003,4000-50000 `allow_ports` 可以配置允许使用的某个指定端口或者是一个范围内的所有端口,以 `,` 分隔,指定的范围以 `-` 分隔。 +### 端口复用 + +目前 frps 中的 `vhost_http_port` 和 `vhost_https_port` 支持配置成和 `bind_port` 为同一个端口,frps 会对连接的协议进行分析,之后进行不同的处理。 + +例如在某些限制较严格的网络环境中,可以将 `bind_port` 和 `vhost_https_port` 都设置为 443。 + +后续会尝试允许多个 proxy 绑定同一个远端端口的不同协议。 + ### TCP 多路复用 从 v0.10.0 版本开始,客户端和服务器端之间的连接支持多路复用,不再需要为每一个用户请求创建一个连接,使连接建立的延迟降低,并且避免了大量文件描述符的占用,使 frp 可以承载更高的并发数。 diff --git a/doc/quick_start_en.md b/doc/quick_start_en.md deleted file mode 100644 index 162ca182677..00000000000 --- a/doc/quick_start_en.md +++ /dev/null @@ -1,135 +0,0 @@ -# Quick Start - -frp is easier to use compared with other similar projects. - -We will use two simple demo to demonstrate how to use frp. - -1. How to create a connection to **server A**'s **ssh port** by **server B** with **public IP address** x.x.x.x(replace to the real IP address of your server). -2. How to visit web service in **server A**'s **8000 port** and **8001 port** by **web01.yourdomain.com** and **web02.yourdomain.com** through **server B** with public ID address. - -### Download SourceCode - -`go get github.com/fatedier/frp` is recommended, then the code will be copied to the directory `$GOPATH/src/github.com/fatedier/frp`. - -Or you can use `git clone https://github.com/fatedier/frp.git $GOPATH/src/github.com/fatedier/frp`. - -If you want to try it quickly, download the compiled program and configuration files from [https://github.com/fatedier/frp/releases](https://github.com/fatedier/frp/releases). - -### Compile - -Enter the root directory and execute `make`, then wait until finished. - -**bin** include all executable programs when **conf** include corresponding configuration files. - -### Pre-requirement - -* Go environment. Version of go >= 1.4. -* Godep (if not exist, `go get` will be executed to download godep when compiling) - -### Deploy - -1. Move `./bin/frps` and `./conf/frps.ini` to any directory of **server B**. -2. Move `./bin/frpc` and `./conf/frpc.ini` to any directory of **server A**. -3. Modify all configuration files, details in next paragraph. -4. Execute `nohup ./frps &` or `nohup ./frps -c ./frps.ini &` in **server B**. -5. Execute `nohup ./frpc &` or `nohup ./frpc -c ./frpc.ini &` in **server A**. -6. Use `ssh -oPort=6000 {user}@x.x.x.x` to test if frp is work(replace {user} to real username in **server A**), or visit custom domains by browser. - -## Tcp port forwarding - -### Configuration files - -#### frps.ini - -```ini -[common] -bind_addr = 0.0.0.0 -# for accept connections from frpc -bind_port = 7000 -log_file = ./frps.log -log_level = info - -# ssh is the custom name of proxy and there can be many proxies with unique name in one configure file -[ssh] -auth_token = 123 -bind_addr = 0.0.0.0 -# finally we connect to server A by this port -listen_port = 6000 -``` - -#### frpc.ini - -```ini -[common] -# server address of frps -server_addr = x.x.x.x -server_port = 7000 -log_file = ./frpc.log -log_level = info -# for authentication -auth_token = 123 - -# ssh is proxy name same with configure in frps.ini -[ssh] -# local port which need to be transferred -local_port = 22 -# if use_encryption equals true, messages between frpc and frps will be encrypted, default is false -use_encryption = true -``` - -## Http port forwarding and Custom domains binding - -If you only want to forward port one by one, you just need refer to [Tcp port forwarding](/doc/quick_start_en.md#Tcp-port-forwarding).If you want to visit different web pages deployed in different web servers by **server B**'s **80 port**, you should specify the type as **http**. - -You also need to resolve your **A record** of your custom domain to [server_addr], or resolve your **CNAME record** to [server_addr] if [server_addr] is a domain. - -After that, you can visit your web pages in local server by custom domains. - -### Configuration files - -#### frps.ini - -```ini -[common] -bind_addr = 0.0.0.0 -bind_port = 7000 -# if you want to support vhost, specify one port for http services -vhost_http_port = 80 -log_file = ./frps.log -log_level = info - -[web01] -type = http -auth_token = 123 -# # if proxy type equals http, custom_domains must be set separated by commas -custom_domains = web01.yourdomain.com - -[web02] -type = http -auth_token = 123 -custom_domains = web02.yourdomain.com -``` - -#### frpc.ini - -```ini -[common] -server_addr = x.x.x.x -server_port = 7000 -log_file = ./frpc.log -log_level = info -auth_token = 123 - -# custom domains are set in frps.ini -[web01] -type = http -local_ip = 127.0.0.1 -local_port = 8000 -# encryption is optional, default is false -use_encryption = true - -[web02] -type = http -local_ip = 127.0.0.1 -local_port = 8001 -``` diff --git a/doc/quick_start_zh.md b/doc/quick_start_zh.md deleted file mode 100644 index d26538d9bb0..00000000000 --- a/doc/quick_start_zh.md +++ /dev/null @@ -1,137 +0,0 @@ -# frp 使用文档 - -相比于其他项目而言 frp 更易于部署和使用,这里我们用两个简单的示例来演示 frp 的使用过程。 - -1. 如何通过一台拥有公网IP地址的**服务器B**,访问处于公司内部网络环境中的**服务器A**的**ssh**端口,**服务器B**的IP地址为 x.x.x.x(测试时替换为真实的IP地址)。 -2. 如何利用一台拥有公网IP地址的**服务器B**,使通过 **web01.yourdomain.com** 可以访问内网环境中**服务器A**上**8000端口**的web服务,**web02.yourdomain.com** 可以访问**服务器A**上**8001端口**的web服务。 - -### 下载源码 - -推荐直接使用 `go get github.com/fatedier/frp` 下载源代码安装,执行命令后代码将会拷贝到 `$GOPATH/src/github.com/fatedier/frp` 目录下。 - -或者可以使用 `git clone https://github.com/fatedier/frp.git $GOPATH/src/github.com/fatedier/frp` 拷贝到相应目录下。 - -如果您想快速进行测试,也可以根据您服务器的操作系统及架构直接下载编译好的程序及示例配置文件,[https://github.com/fatedier/frp/releases](https://github.com/fatedier/frp/releases)。 - -### 编译 - -进入下载后的源码根目录,执行 `make` 命令,等待编译完成。 - -编译完成后, **bin** 目录下是编译好的可执行文件,**conf** 目录下是示例配置文件。 - -### 依赖 - -* go 1.4 以上版本 -* godep (如果检查不存在,编译时会通过 `go get` 命令安装) - -### 部署 - -1. 将 ./bin/frps 和 ./conf/frps.ini 拷贝至**服务器B**任意目录。 -2. 将 ./bin/frpc 和 ./conf/frpc.ini 拷贝至**服务器A**任意目录。 -3. 根据要实现的功能修改两边的配置文件,详细内容见后续章节说明。 -4. 在服务器B执行 `nohup ./frps &` 或者 `nohup ./frps -c ./frps.ini &`。 -5. 在服务器A执行 `nohup ./frpc &` 或者 `nohup ./frpc -c ./frpc.ini &`。 -6. 通过 `ssh -oPort=6000 {user}@x.x.x.x` 测试是否能够成功连接**服务器A**({user}替换为**服务器A**上存在的真实用户),或通过浏览器访问自定义域名验证 http 服务是否转发成功。 - -## tcp 端口转发 - -转发 tcp 端口需要按照需求修改 frps 和 frpc 的配置文件。 - -### 配置文件 - -#### frps.ini - -```ini -[common] -bind_addr = 0.0.0.0 -# 用于接收 frpc 连接的端口 -bind_port = 7000 -log_file = ./frps.log -log_level = info - -# ssh 为代理的自定义名称,可以有多个,不能重复,和frpc中名称对应 -[ssh] -auth_token = 123 -bind_addr = 0.0.0.0 -# 最后将通过此端口访问后端服务 -listen_port = 6000 -``` - -#### frpc.ini - -```ini -[common] -# frps 所在服务器绑定的IP地址 -server_addr = x.x.x.x -server_port = 7000 -log_file = ./frpc.log -log_level = info -# 用于身份验证 -auth_token = 123 - -# ssh 需要和 frps.ini 中配置一致 -[ssh] -# 需要转发的本地端口 -local_port = 22 -# 启用加密,frpc与frps之间通信加密,默认为 false -use_encryption = true -``` - -## http 端口转发,自定义域名绑定 - -如果只需要一对一的转发,例如**服务器B**的**80端口**转发**服务器A**的**8000端口**,则只需要配置 [tcp 端口转发](/doc/quick_start_zh.md#tcp-端口转发) 即可,如果需要使**服务器B**的**80端口**可以转发至**多个**web服务端口,则需要指定代理的类型为 http,并且在 frps 的配置文件中配置用于提供 http 转发服务的端口。 - -按照如下的内容修改配置文件后,需要将自定义域名的 **A 记录**解析到 [server_addr],如果 [server_addr] 是域名也可以将自定义域名的 **CNAME 记录**解析到 [server_addr]。 - -之后就可以通过自定义域名访问到本地的多个 web 服务。 - -### 配置文件 - -#### frps.ini - -```ini -[common] -bind_addr = 0.0.0.0 -bind_port = 7000 -# 如果需要支持http类型的代理则需要指定一个端口 -vhost_http_port = 80 -log_file = ./frps.log -log_level = info - -[web01] -# type 默认为 tcp,这里需要特别指定为 http -type = http -auth_token = 123 -# 自定义域名绑定,如果需要同时绑定多个以英文逗号分隔 -custom_domains = web01.yourdomain.com - -[web02] -type = http -auth_token = 123 -custom_domains = web02.yourdomain.com -``` - -#### frpc.ini - -```ini -[common] -server_addr = x.x.x.x -server_port = 7000 -log_file = ./frpc.log -log_level = info -auth_token = 123 - - -# 自定义域名在 frps.ini 中配置,方便做统一管理 -[web01] -type = http -local_ip = 127.0.0.1 -local_port = 8000 -# 可选是否加密 -use_encryption = true - -[web02] -type = http -local_ip = 127.0.0.1 -local_port = 8001 -```