Skip to content

Instantly share code, notes, and snippets.

@Hansimov

Hansimov/frp-proxy.md

Last active July 11, 2023 06:04
Show Gist options
  • Save Hansimov/2c7f5b161c5d00ecdd29597dd17333f2 to your computer and use it in GitHub Desktop.
Save Hansimov/2c7f5b161c5d00ecdd29597dd17333f2 to your computer and use it in GitHub Desktop.
Download ZIP
Use FRP proxy to forward network traffic
Raw
frp-proxy.md

Background

  • Machine PRIVATE has limited access to public network.
  • Machine PUBLIC has full access to publick network.

Target

  • Enable PRIVATE to visit public network with same access with PUBLIC.

Solution

Download related version of FRP, both in PRIVATE and PUBLIC:

For Linux, use:

wget https://github.com/fatedier/frp/releases/download/v0.48.0/frp_0.48.0_linux_amd64.tar.gz
tar xvf frp_0.48.0_linux_amd64.tar.gz

For Windows, download:

Use PUBLIC as Client and PRIVATE as Server.

  • Note: Do not confuse the meanings of 'server' and 'client' here with conventions.

Use ifconfig to get IP.

Set frpc.ini in PUBLIC (Client):

[common]
server_addr = 10.*.*.215  ; IP of PRIVATE (Server)
server_port = 9999        ; Port of FRP connection

[http_proxy]
type = tcp
remote_port = 11111            ; Port of localhost in PRIVATE (Server)
local_ip = proxy-*.<corp>.com  ; [Optional] IP which has full access to public network
local_port = 912               ; [Optional] Port related to above IP
; plugin = http_proxy          ; If no above local settings, this line should be added to make it work

Run in PUBLIC:

# Windows
.\frpc.exe -c frpc.ini

# Linux
./frpc -c frpc.ini

Set frps.ini in PRIVATE (Server):

[common]
bind_port = 9999 ; Port of FRP connection, same to PUBLIC

Run in PRIVATE:

# Windows
.\frps.exe -c frps.ini

# Linux
./frps -c frps.ini

Now PRIVATE has same access to network of PUBLIC.

You can use localhost:11111 (or http://localhost:11111 in some case) as proxy in PRIVATE to visit network.

curl --proxy "127.0.0.1:11111" http://ifconfig.me
# Should output the Public IP of PUBLIC

Possible issues

You may encounter some issues with frpc in PUBLIC like:

DialTcpByHttpProxy error, StatusCode [503]

Just check your proxy in env:

env | grep proxy

And unset them (unset in bash and unsetenv in csh):

# tsh:
unsetenv http_proxy
unsetenv https_proxy
unsetenv no_proxy


# bash:
unset http_proxy
unset https_proxy
unset no_proxy

And rerun ./frpc -c frpc.ini will work.

References

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment