关于内网穿透的那点事ngrok和frp

内网穿透有很多方案,如vpn/teamviewer/花生壳等

拤了几个K2,刷了老毛的固件,里面内置了些穿透的方案,dnspod的token等,准备研究下ngrok和frp

先解析一个二级域名到vps备用, ngrok.hulupiao.com

一、https://github.com/inconshreveable/ngrok

#安装go
apt install golang-go
git clone https://github.com/inconshreveable/ngrok.git
cd ngrok/
#准备环境变量
export NGROK_DOMAIN="ngrok.hulupiao.com"
#生成证书
openssl genrsa -out rootCA.key 2048
openssl req -x509 -new -nodes -key rootCA.key -subj "/CN=$NGROK_DOMAIN" -days 5000 -out rootCA.pem
openssl genrsa -out server.key 2048
openssl req -new -key server.key -subj "/CN=$NGROK_DOMAIN" -out server.csr
openssl x509 -req -in server.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out server.crt -days 5000

cp rootCA.pem assets/client/tls/ngrokroot.crt
cp server.crt assets/server/tls/snakeoil.crt
cp server.key assets/server/tls/snakeoil.key
#编译服务
GOOS=linux GOARCH=386 make release-server
#运行服务,默认端口为443和80,显然会和ngix的web服务冲突,注意修改端口即可
./bin/ngrokd -domain="$NGROK_DOMAIN" -httpAddr=":8086" -httpsAddr=":8087"

#编译mac客户端
GOOS=darwin GOARCH=386 make release-client
ls ./bin/
#mac客户端生成在bin目录中的darwin目录中,可以scp到客户端机器上来
darwin_amd64  go-bindata  linux_386  ngrok  ngrokd

#编辑客户端配置文件
$ cat ngrok.cfg
server_addr: ngrok.hulupiao.com:4443
trust_host_root_certs: false
#运行客户端
./ngrok -config=ngrok.cfg -proto=http -hostname="ngrok.hulupiao.com:8086" 80
./ngrok -config=ngrok.cfg -proto=https -hostname="ngrok.hulupiao.com:8087" 80

访问 http://ngrok.hulupiao.com:8086
访问 https://ngrok.hulupiao.com:8087
运行ok的情况如下显示

ngrok                                                                    (Ctrl+C to quit)

Tunnel Status                 online
Version                       1.7/1.7
Forwarding                    https://ngrok.hulupiao.com:8087 -> 127.0.0.1:80
Web Interface                 127.0.0.1:4040
# Conn                        1
Avg Conn Time                 0.00ms




HTTP Requests
-------------

GET /yunmao-builder/img/email 200 OK
GET /yunmao-builder/img/allda 200 OK
GET /yunmao-builder/img/l.png 200 OK
GET /yunmao-builder/img/k.png 200 OK
GET /yunmao-builder/img/j.png 200 OK
GET /yunmao-builder/img/i.png 200 OK
GET /yunmao-builder/img/h.png 200 OK
GET /yunmao-builder/img/g.png 200 OK
GET /yunmao-builder/img/f.png 200 OK

二、https://github.com/fatedier/frp
frp的服务相对简单,有编译好的包直接用

#直接下载二进制包
wget https://github.com/fatedier/frp/releases/download/v0.13.0/frp_0.13.0_linux_386.tar.gz
tar zxvf frp_0.13.0_linux_386.tar.gz
cd frp_0.13.0_linux_386/

#修改服务端配置文件
cat frps.ini
[common]
bind_port = 7000
vhost_http_port = 8088
privilege_mode = true
privilege_token = abc
max_pool_count = 50
log_file = ./frps.log
log_level = info
log_max_days = 3
#对服务面板的配置和认证
dashboard_port = 7500
dashboard_user = admin
dashboard_pwd = admin
#启动服务
./frps -c ./frps.ini

#下载苹果client的二进制文件
wget https://github.com/fatedier/frp/releases/download/v0.13.0/frp_0.13.0_darwin_amd64.tar.gz
#k2路由器包地址 https://github.com/fatedier/frp/releases/download/v0.13.0/frp_0.13.0_linux_mipsle.tar.gz
tar xvzf frp_0.13.0_darwin_amd64.tar.gz
cd frp_0.13.0_darwin_amd64

#编辑客户端配置文件
cat frpc.ini
[common]
server_addr = ngrok.hulupiao.com
server_port = 7000
privilege_token = abc
[web]
type = http
remote_port = 6000
local_port = 80
use_gzip = true
custom_domains = ngrok.hulupiao.com
#增加权限认证
http_user = abc
http_pwd = abc
#启动客户端
./frpc -c frpc.ini

访问 http://ngrok.hulupiao.com:8088

发表评论

邮箱地址不会被公开。 必填项已用*标注