无论是在服务器端还是在客户机端，均需要安装 frp、并启动相关的服务。其中：

• frps.init 是服务器配置文件
• frpc.init 是客户端配置文件

服务器配置

• 下载 frp

  1 2	cd ~ wget https://github.com/fatedier/frp/releases/download/v0.21.0/frp_0.21.0_linux_amd64.tar.gz

• 解压

  1 2	tar -xzvf frp_0.21.0_linux_amd64.tar.gz cd frp_0.21.0_linux_amd64/

• 配置服务器，使用 7000 作为监听端口

  1 2 3 4 5 6

  vim frps.ini [common] #bind_addr = 127.0.0.1 bind_port = 7000 token = *********

• 增加允许访问的端口。这个是需要通过 7000 的端口转发去访问的客户机端口，可以配置多个。比如我们在客户机的 frpc.init 增加了3个可以访问的端口，那么我们就需要告诉服务器，需要开放 6011、6035、6066 这3个端口的远程访问权限：

  1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22

  [common] server_addr = 114.67.109.5 server_port = 7000 token = ********* [sshlocal] type = tcp local_ip = 127.0.0.1 local_port = 22 remote_port = 6011 [ssh135] type = tcp local_ip = 192.168.1.135 local_port = 22 remote_port = 6035 [ssh166] type = tcp local_ip = 192.168.1.166 local_port = 22 remote_port = 6066

  开放端口使用命令 FirewallD：

  1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22

  ## 增加远程访问 端口 # 1.FirewallD防火墙开放8787端口 firewall-cmd --zone=public --add-port=6011/tcp --permanent firewall-cmd --zone=public --add-port=6035/tcp --permanent firewall-cmd --zone=public --add-port=6066/tcp --permanent firewall-cmd --zone=public --add-port=6088/tcp --permanent firewall-cmd --zone=public --add-port=6099/tcp --permanent firewall-cmd --zone=public --add-port=7066/tcp --permanent firewall-cmd --zone=public --add-port=7099/tcp --permanent # 2.重启防火墙 systemctl restart firewalld.service ## CentOS6 使用以下命令 ## 开放 8899 端口 /sbin/iptables -I INPUT -p tcp --dport 8899 -j ACCEPT ## 然后保存 /etc/rc.d/init.d/iptables save ## 查看打开的端口 /etc/init.d/iptables status

• 开启后台服务，通过 nohup 实现不间断的运行服务，记得在服务器是启动 frps 服务：

  1	nohup ./frps -c frps.ini &

客户端配置

• 下载、解压“：

  1 2 3 4 5

  cd ~ wget https://github.com/fatedier/frp/releases/download/v0.21.0/frp_0.21.0_linux_amd64.tar.gz tar -xzvf frp_0.21.0_linux_amd64.tar.gz cd frp_0.21.0_linux_amd64/

• 配置客户机，客户端的配置文件在 frpc.init：

  1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45

  [common] server_addr = xxx.xxx.xxx.xxx ## 这里是填写服务器的固定 IP server_port = 7000 ## 这里需要跟服务器端监听的端口一致，默认 7000 [sshlocal] type = tcp local_ip = 127.0.0.1 ## 本机 local_port = 22 remote_port = 6011 [ssh135] type = tcp local_ip = 192.168.1.135 ## 配置的本地内网服务器 local_port = 22 remote_port = 6035 [ssh166] type = tcp local_ip = 192.168.1.166 local_port = 22 remote_port = 6066 [ssh188] type = tcp local_ip = 192.168.1.188 local_port = 22 remote_port = 6088 [ssh199] type = tcp local_ip = 192.168.1.199 local_port = 22 remote_port = 6099 [ssh166_rstudio] ## 配置的本地内网服务器, Rstudio type = tcp local_ip = 192.168.1.166 local_port = 8787 remote_port = 7066 [ssh199_rstudio] type = tcp local_ip = 192.168.1.199 local_port = 8787 remote_port = 7099

• 客户机开启后台服务命令，配置文件是 frpc.init

  1	nohup ./frpc -c frpc.ini &

  提示连接成功：

  1 2 3 4 5 6 7 8 9 10 11 12

  2019/10/08 20:11:19 [I] [proxy_manager.go:300] proxy removed: [] 2019/10/08 20:11:19 [I] [proxy_manager.go:310] proxy added: [ssh199 ssh166_rstudio ssh199_rstudio sshlocal ssh135 ssh166 ssh188] 2019/10/08 20:11:19 [I] [proxy_manager.go:333] visitor removed: [] 2019/10/08 20:11:19 [I] [proxy_manager.go:342] visitor added: [] 2019/10/08 20:11:19 [I] [control.go:246] [60429e396343771b] login to server success, get run id [60429e396343771b], server udp port [0] 2019/10/08 20:11:19 [I] [control.go:169] [60429e396343771b] [ssh135] start proxy success 2019/10/08 20:11:19 [I] [control.go:169] [60429e396343771b] [ssh166] start proxy success 2019/10/08 20:11:19 [I] [control.go:169] [60429e396343771b] [ssh188] start proxy success 2019/10/08 20:11:19 [I] [control.go:169] [60429e396343771b] [ssh199] start proxy success 2019/10/08 20:11:19 [I] [control.go:169] [60429e396343771b] [ssh166_rstudio] start proxy success 2019/10/08 20:11:19 [I] [control.go:169] [60429e396343771b] [ssh199_rstudio] start proxy success 2019/10/08 20:11:19 [I] [control.go:169] [60429e396343771b] [sshlocal] start proxy success

  并且我们可以在服务器端看到端口已经开启转发功能：

  1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

  [root@JD ~]# netstat -ntlp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 24860/mysqld tcp 0 0 127.0.0.1:1234 0.0.0.0:* LISTEN 2817/ifrit-agent tcp 0 0 0.0.0.0:8787 0.0.0.0:* LISTEN 25292/rserver tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 11953/sshd tcp6 0 0 :::6088 :::* LISTEN 22623/./frps tcp6 0 0 :::6066 :::* LISTEN 22623/./frps tcp6 0 0 :::6099 :::* LISTEN 22623/./frps tcp6 0 0 :::6035 :::* LISTEN 22623/./frps tcp6 0 0 :::22 :::* LISTEN 11953/sshd tcp6 0 0 :::7000 :::* LISTEN 22623/./frps tcp6 0 0 :::7066 :::* LISTEN 22623/./frps tcp6 0 0 :::6011 :::* LISTEN 22623/./frps tcp6 0 0 :::7099 :::* LISTEN 22623/./frps

使用 ssh 连接

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12

ssh -p 6066 fl@xxx.xxx.xxx.xxx
''$'\n''            '   boost_1_70_0.tar.bz2   Documents              log      Pictures          Templates   Videos
 anaconda2              clion-2019.2           Downloads              Music    Public            test.pdf
 anaconda3              CLionProjects          Dropbox                myData   R                 test.Rmd
 antigen.zsh            data                   libraries              mydeck  'R 入门教程.pdf'   texmf
 bin                    Desktop               'Linux 入门教程.html'   myLog    tarball           tmp
 Boost                  disk                  'Linux 入门教程.pdf'    opt      temp              tmp_disk

RSA key fingerprint is ×××××××××××××××××××××××××××××××××××××××××
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[XXX.XXX.XXX.XXX]:6066' (RSA) to the list of known hosts.
Last login: Tue Oct  8 20:03:19 2019 from 192.168.1.111

总结

其实网上有很多类似的教程，但是如果一味的照搬他们的方法，其实是不能实现连接的。这里面的小技巧是要记得使用 firewall 开放端口的远程访问权限，才能进行转发。