目的:通过公网IP访问内网本地的树莓派服务器
frp介绍文档:https://gofrp.org/docs/examples/ssh/
github包地址:https://github.com/fatedier/frp/releases
公网IP:x.x.x.x x86机器 下载amd64二进制文件 (getconf LONG_BIT命令查看机器)
树莓派本地IP:172.18.78.17 arm32机器 使用arm二进制文件
公网IP机器为server,配置frps.ini文件
[common]
bind_port = 7000
内网IP机器为client,配置frpc.ini文件
[common]
server_addr = x.x.x.x
server_port = 7000
[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22
remote_port = 6000
先启动公网IP机器上的服务(后台运行:nohup ./frps -c frps.ini>/dev/null 2>&1 &)
./frps -c frps.ini
2021/10/20 18:23:31 [I] [root.go:200] frps uses config file: frps.ini
2021/10/20 18:23:31 [I] [service.go:192] frps tcp listen on 0.0.0.0:7000
2021/10/20 18:23:31 [I] [root.go:209] frps started successfully
再启动内网IP机器上的服务(后台运行:nohup ./frpc -c frpc.ini>/dev/null 2>&1 &)
./frpc -c frpc.ini
2021/10/20 18:25:18 [I] [service.go:304] [f7184405256ea933] login to server success, get run id [f7184405256ea933], server udp port [0]
2021/10/20 18:25:18 [I] [proxy_manager.go:144] [f7184405256ea933] proxy added: [ssh]
2021/10/20 18:25:18 [I] [control.go:180] [f7184405256ea933] [ssh] start proxy success
通过其它机器访问公网IP机器固定端口达到访问内网服务器的目的
ssh -oPort=6000 pi@x.x.x.x
输入树莓派的密码后即可连接成功
重新查看安装包文件,这里提供了守护进程文件systemd
frp_0.37.1_linux_arm $ ls
frpc frpc_full.ini frpc.ini frps frps_full.ini frps.ini LICENSE systemd
frp_0.37.1_linux_arm $ cd systemd/
frp_0.37.1_linux_arm/systemd $ ls
frpc.service frpc@.service frps.service frps@.service
查看frpc.service文件
frp_0.37.1_linux_arm/systemd $ vim frpc.service
[Unit]
Description=Frp Client Service
After=network.target
[Service]
Type=simple
User=nobody
Restart=on-failure
RestartSec=5s
ExecStart=/usr/bin/frpc -c /etc/frp/frpc.ini
ExecReload=/usr/bin/frpc reload -c /etc/frp/frpc.ini
LimitNOFILE=1048576
[Install]
WantedBy=multi-user.target
将frpc.service文件copy到/etc/systemd/system
这里根据ExecStart配置项将二进制文件及配置文件copy到对应目录并赋权
(systemctl enable命令相当于激活开机启动)
frp_0.37.1_linux_arm/systemd $ sudo cp frpc.service /etc/systemd/system
frp_0.37.1_linux_arm/systemd $ cd ..
frp_0.37.1_linux_arm $ sudo cp frpc /usr/bin
frp_0.37.1_linux_arm $ sudo mkdir /etc/frp
frp_0.37.1_linux_arm $ sudo cp frpc.ini /etc/frp
frp_0.37.1_linux_arm $ sudo chmod 777 /etc/frp
frp_0.37.1_linux_arm $ sudo systemctl enable frpc
frp_0.37.1_linux_arm $ sudo systemctl start frpc
frp_0.37.1_linux_arm $ sudo systemctl status frpc
查看进程并重启,进程已经自动重启
~ $ ps -ef|grep frpc
nobody 1609 1 0 12:00 ? 00:00:02 /usr/bin/frpc -c /etc/frp/frpc.ini
pi 1806 1581 0 12:49 pts/0 00:00:00 grep --color=auto frpc
~ $ sudo reboot
# 重连后,服务已自动重启
~ $ ps -ef|grep frpc
nobody 1548 1 0 12:50 ? 00:00:00 /usr/bin/frpc -c /etc/frp/frpc.ini
pi 1578 1564 0 12:51 pts/0 00:00:00 grep --color=auto frpc
同理,公网IP地址的机器也可通过配置frps设置守护进程
1 frpc无法启动并报错
$ sudo systemctl status frpc
● frpc.service - Frp Client Service
Loaded: loaded (/etc/systemd/system/frpc.service; enabled; vendor preset: enabled)
Active: activating (auto-restart) (Result: exit-code) since Fri 2021-10-22 11:00:46 CST; 4s ago
Process: 2487 ExecStart=/usr/bin/frpc -c /etc/frp/frpc.ini (code=exited, status=1/FAILURE)
Main PID: 2487 (code=exited, status=1/FAILURE)
$ /usr/bin/frpc -c /etc/frp/frpc.ini
2021/10/22 11:01:34 [W] [service.go:104] login to server failed: EOF
EOF
这是无法注册到服务器的6000端口,
$ telnet x.x.x.x 6000
Trying x.x.x.x...
Connected to x.x.x.x.
frp_0.37.1_linux_arm $ ls
frpc frpc_full.ini frpc.ini frps frps_full.ini frps.ini LICENSE systemd
frp_0.37.1_linux_arm $ vim frpc_full.ini
其中有一行
# if tls_enable is true, frpc will connect frps by tls
tls_enable = true
将该配置放到frpc.ini中
[common]
tls_enable = true
server_addr = 1.116.30.214
server_port = 7000
[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22
remote_port = 6000
重启之后发现可以生效
$ sudo systemctl restart frpc
$ sudo systemctl status frpc
● frpc.service - Frp Client Service
Loaded: loaded (/etc/systemd/system/frpc.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2021-10-22 11:18:15 CST; 5s ago
2 配置后发现重启不生效
解决办法之一:sudo systemctl daemon-reload
重新加载systemd配置