Spaces:
Runtime error
Runtime error
| # [common] is integral section | |
| [common] | |
| # A literal address or host name for IPv6 must be enclosed | |
| # in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80" | |
| # For single "server_addr" field, no need square brackets, like "server_addr = ::". | |
| server_addr = 0.0.0.0 | |
| server_port = 7000 | |
| # STUN server to help penetrate NAT hole. | |
| # nat_hole_stun_server = stun.easyvoip.com:3478 | |
| # The maximum amount of time a dial to server will wait for a connect to complete. Default value is 10 seconds. | |
| # dial_server_timeout = 10 | |
| # dial_server_keepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps. | |
| # If negative, keep-alive probes are disabled. | |
| # dial_server_keepalive = 7200 | |
| # if you want to connect frps by http proxy or socks5 proxy or ntlm proxy, you can set http_proxy here or in global environment variables | |
| # it only works when protocol is tcp | |
| # http_proxy = http://user:passwd@192.168.1.128:8080 | |
| # http_proxy = socks5://user:passwd@192.168.1.128:1080 | |
| # http_proxy = ntlm://user:passwd@192.168.1.128:2080 | |
| # console or real logFile path like ./frpc.log | |
| log_file = ./frpc.log | |
| # trace, debug, info, warn, error | |
| log_level = info | |
| log_max_days = 3 | |
| # disable log colors when log_file is console, default is false | |
| disable_log_color = false | |
| # for authentication, should be same as your frps.ini | |
| # authenticate_heartbeats specifies whether to include authentication token in heartbeats sent to frps. By default, this value is false. | |
| authenticate_heartbeats = false | |
| # authenticate_new_work_conns specifies whether to include authentication token in new work connections sent to frps. By default, this value is false. | |
| authenticate_new_work_conns = false | |
| # auth token | |
| token = 12345678 | |
| authentication_method = | |
| # oidc_client_id specifies the client ID to use to get a token in OIDC authentication if AuthenticationMethod == "oidc". | |
| # By default, this value is "". | |
| oidc_client_id = | |
| # oidc_client_secret specifies the client secret to use to get a token in OIDC authentication if AuthenticationMethod == "oidc". | |
| # By default, this value is "". | |
| oidc_client_secret = | |
| # oidc_audience specifies the audience of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "". | |
| oidc_audience = | |
| # oidc_scope specifies the permisssions of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "". | |
| oidc_scope = | |
| # oidc_token_endpoint_url specifies the URL which implements OIDC Token Endpoint. | |
| # It will be used to get an OIDC token if AuthenticationMethod == "oidc". By default, this value is "". | |
| oidc_token_endpoint_url = | |
| # oidc_additional_xxx specifies additional parameters to be sent to the OIDC Token Endpoint. | |
| # For example, if you want to specify the "audience" parameter, you can set as follow. | |
| # frp will add "audience=<value>" "var1=<value>" to the additional parameters. | |
| # oidc_additional_audience = https://dev.auth.com/api/v2/ | |
| # oidc_additional_var1 = foobar | |
| # set admin address for control frpc's action by http api such as reload | |
| admin_addr = 127.0.0.1 | |
| admin_port = 7400 | |
| admin_user = admin | |
| admin_pwd = admin | |
| # Admin assets directory. By default, these assets are bundled with frpc. | |
| # assets_dir = ./static | |
| # connections will be established in advance, default value is zero | |
| pool_count = 5 | |
| # if tcp stream multiplexing is used, default is true, it must be same with frps | |
| # tcp_mux = true | |
| # specify keep alive interval for tcp mux. | |
| # only valid if tcp_mux is true. | |
| # tcp_mux_keepalive_interval = 60 | |
| # your proxy name will be changed to {user}.{proxy} | |
| user = your_name | |
| # decide if exit program when first login failed, otherwise continuous relogin to frps | |
| # default is true | |
| login_fail_exit = true | |
| # communication protocol used to connect to server | |
| # supports tcp, kcp, quic, websocket and wss now, default is tcp | |
| protocol = tcp | |
| # set client binding ip when connect server, default is empty. | |
| # only when protocol = tcp or websocket, the value will be used. | |
| connect_server_local_ip = 0.0.0.0 | |
| # quic protocol options | |
| # quic_keepalive_period = 10 | |
| # quic_max_idle_timeout = 30 | |
| # quic_max_incoming_streams = 100000 | |
| # If tls_enable is true, frpc will connect frps by tls. | |
| # Since v0.50.0, the default value has been changed to true, and tls is enabled by default. | |
| tls_enable = true | |
| # tls_cert_file = client.crt | |
| # tls_key_file = client.key | |
| # tls_trusted_ca_file = ca.crt | |
| # tls_server_name = example.com | |
| # specify a dns server, so frpc will use this instead of default one | |
| # dns_server = 8.8.8.8 | |
| # proxy names you want to start separated by ',' | |
| # default is empty, means all proxies | |
| # start = ssh,dns | |
| # heartbeat configure, it's not recommended to modify the default value | |
| # The default value of heartbeat_interval is 10 and heartbeat_timeout is 90. Set negative value | |
| # to disable it. | |
| # heartbeat_interval = 30 | |
| # heartbeat_timeout = 90 | |
| # additional meta info for client | |
| meta_var1 = 123 | |
| meta_var2 = 234 | |
| # specify udp packet size, unit is byte. If not set, the default value is 1500. | |
| # This parameter should be same between client and server. | |
| # It affects the udp and sudp proxy. | |
| udp_packet_size = 1500 | |
| # include other config files for proxies. | |
| # includes = ./confd/*.ini | |
| # If the disable_custom_tls_first_byte is set to false, frpc will establish a connection with frps using the | |
| # first custom byte when tls is enabled. | |
| # Since v0.50.0, the default value has been changed to true, and the first custom byte is disabled by default. | |
| disable_custom_tls_first_byte = true | |
| # Enable golang pprof handlers in admin listener. | |
| # Admin port must be set first. | |
| pprof_enable = false | |
| # 'ssh' is the unique proxy name | |
| # if user in [common] section is not empty, it will be changed to {user}.{proxy} such as 'your_name.ssh' | |
| [ssh] | |
| # tcp | udp | http | https | stcp | xtcp, default is tcp | |
| type = tcp | |
| local_ip = 127.0.0.1 | |
| local_port = 22 | |
| # limit bandwidth for this proxy, unit is KB and MB | |
| bandwidth_limit = 1MB | |
| # where to limit bandwidth, can be 'client' or 'server', default is 'client' | |
| bandwidth_limit_mode = client | |
| # true or false, if true, messages between frps and frpc will be encrypted, default is false | |
| use_encryption = false | |
| # if true, message will be compressed | |
| use_compression = false | |
| # remote port listen by frps | |
| remote_port = 6001 | |
| # frps will load balancing connections for proxies in same group | |
| group = test_group | |
| # group should have same group key | |
| group_key = 123456 | |
| # enable health check for the backend service, it support 'tcp' and 'http' now | |
| # frpc will connect local service's port to detect it's healthy status | |
| health_check_type = tcp | |
| # health check connection timeout | |
| health_check_timeout_s = 3 | |
| # if continuous failed in 3 times, the proxy will be removed from frps | |
| health_check_max_failed = 3 | |
| # every 10 seconds will do a health check | |
| health_check_interval_s = 10 | |
| # additional meta info for each proxy | |
| meta_var1 = 123 | |
| meta_var2 = 234 | |
| [ssh_random] | |
| type = tcp | |
| local_ip = 127.0.0.1 | |
| local_port = 22 | |
| # if remote_port is 0, frps will assign a random port for you | |
| remote_port = 0 | |
| # if you want to expose multiple ports, add 'range:' prefix to the section name | |
| # frpc will generate multiple proxies such as 'tcp_port_6010', 'tcp_port_6011' and so on. | |
| [range:tcp_port] | |
| type = tcp | |
| local_ip = 127.0.0.1 | |
| local_port = 6010-6020,6022,6024-6028 | |
| remote_port = 6010-6020,6022,6024-6028 | |
| use_encryption = false | |
| use_compression = false | |
| [dns] | |
| type = udp | |
| local_ip = 114.114.114.114 | |
| local_port = 53 | |
| remote_port = 6002 | |
| use_encryption = false | |
| use_compression = false | |
| [range:udp_port] | |
| type = udp | |
| local_ip = 127.0.0.1 | |
| local_port = 6010-6020 | |
| remote_port = 6010-6020 | |
| use_encryption = false | |
| use_compression = false | |
| # Resolve your domain names to [server_addr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02 | |
| [web01] | |
| type = http | |
| local_ip = 127.0.0.1 | |
| local_port = 80 | |
| use_encryption = false | |
| use_compression = true | |
| # http username and password are safety certification for http protocol | |
| # if not set, you can access this custom_domains without certification | |
| http_user = admin | |
| http_pwd = admin | |
| # if domain for frps is frps.com, then you can access [web01] proxy by URL http://web01.frps.com | |
| subdomain = web01 | |
| custom_domains = web01.yourdomain.com | |
| # locations is only available for http type | |
| locations = /,/pic | |
| # route requests to this service if http basic auto user is abc | |
| # route_by_http_user = abc | |
| host_header_rewrite = example.com | |
| # params with prefix "header_" will be used to update http request headers | |
| header_X-From-Where = frp | |
| health_check_type = http | |
| # frpc will send a GET http request '/status' to local http service | |
| # http service is alive when it return 2xx http response code | |
| health_check_url = /status | |
| health_check_interval_s = 10 | |
| health_check_max_failed = 3 | |
| health_check_timeout_s = 3 | |
| [web02] | |
| type = https | |
| local_ip = 127.0.0.1 | |
| local_port = 8000 | |
| use_encryption = false | |
| use_compression = false | |
| subdomain = web02 | |
| custom_domains = web02.yourdomain.com | |
| # if not empty, frpc will use proxy protocol to transfer connection info to your local service | |
| # v1 or v2 or empty | |
| proxy_protocol_version = v2 | |
| [plugin_unix_domain_socket] | |
| type = tcp | |
| remote_port = 6003 | |
| # if plugin is defined, local_ip and local_port is useless | |
| # plugin will handle connections got from frps | |
| plugin = unix_domain_socket | |
| # params with prefix "plugin_" that plugin needed | |
| plugin_unix_path = /var/run/docker.sock | |
| [plugin_http_proxy] | |
| type = tcp | |
| remote_port = 6004 | |
| plugin = http_proxy | |
| plugin_http_user = abc | |
| plugin_http_passwd = abc | |
| [plugin_socks5] | |
| type = tcp | |
| remote_port = 6005 | |
| plugin = socks5 | |
| plugin_user = abc | |
| plugin_passwd = abc | |
| [plugin_static_file] | |
| type = tcp | |
| remote_port = 6006 | |
| plugin = static_file | |
| plugin_local_path = /var/www/blog | |
| plugin_strip_prefix = static | |
| plugin_http_user = abc | |
| plugin_http_passwd = abc | |
| [plugin_https2http] | |
| type = https | |
| custom_domains = test.yourdomain.com | |
| plugin = https2http | |
| plugin_local_addr = 127.0.0.1:80 | |
| plugin_crt_path = ./server.crt | |
| plugin_key_path = ./server.key | |
| plugin_host_header_rewrite = 127.0.0.1 | |
| plugin_header_X-From-Where = frp | |
| [plugin_https2https] | |
| type = https | |
| custom_domains = test.yourdomain.com | |
| plugin = https2https | |
| plugin_local_addr = 127.0.0.1:443 | |
| plugin_crt_path = ./server.crt | |
| plugin_key_path = ./server.key | |
| plugin_host_header_rewrite = 127.0.0.1 | |
| plugin_header_X-From-Where = frp | |
| [plugin_http2https] | |
| type = http | |
| custom_domains = test.yourdomain.com | |
| plugin = http2https | |
| plugin_local_addr = 127.0.0.1:443 | |
| plugin_host_header_rewrite = 127.0.0.1 | |
| plugin_header_X-From-Where = frp | |
| [secret_tcp] | |
| # If the type is secret tcp, remote_port is useless | |
| # Who want to connect local port should deploy another frpc with stcp proxy and role is visitor | |
| type = stcp | |
| # sk used for authentication for visitors | |
| sk = abcdefg | |
| local_ip = 127.0.0.1 | |
| local_port = 22 | |
| use_encryption = false | |
| use_compression = false | |
| # If not empty, only visitors from specified users can connect. | |
| # Otherwise, visitors from same user can connect. '*' means allow all users. | |
| allow_users = * | |
| # user of frpc should be same in both stcp server and stcp visitor | |
| [secret_tcp_visitor] | |
| # frpc role visitor -> frps -> frpc role server | |
| role = visitor | |
| type = stcp | |
| # the server name you want to visitor | |
| server_name = secret_tcp | |
| sk = abcdefg | |
| # connect this address to visitor stcp server | |
| bind_addr = 127.0.0.1 | |
| # bind_port can be less than 0, it means don't bind to the port and only receive connections redirected from | |
| # other visitors. (This is not supported for SUDP now) | |
| bind_port = 9000 | |
| use_encryption = false | |
| use_compression = false | |
| [p2p_tcp] | |
| type = xtcp | |
| sk = abcdefg | |
| local_ip = 127.0.0.1 | |
| local_port = 22 | |
| use_encryption = false | |
| use_compression = false | |
| # If not empty, only visitors from specified users can connect. | |
| # Otherwise, visitors from same user can connect. '*' means allow all users. | |
| allow_users = user1, user2 | |
| [p2p_tcp_visitor] | |
| role = visitor | |
| type = xtcp | |
| # if the server user is not set, it defaults to the current user | |
| server_user = user1 | |
| server_name = p2p_tcp | |
| sk = abcdefg | |
| bind_addr = 127.0.0.1 | |
| # bind_port can be less than 0, it means don't bind to the port and only receive connections redirected from | |
| # other visitors. (This is not supported for SUDP now) | |
| bind_port = 9001 | |
| use_encryption = false | |
| use_compression = false | |
| # when automatic tunnel persistence is required, set it to true | |
| keep_tunnel_open = false | |
| # effective when keep_tunnel_open is set to true, the number of attempts to punch through per hour | |
| max_retries_an_hour = 8 | |
| min_retry_interval = 90 | |
| # fallback_to = stcp_visitor | |
| # fallback_timeout_ms = 500 | |
| [tcpmuxhttpconnect] | |
| type = tcpmux | |
| multiplexer = httpconnect | |
| local_ip = 127.0.0.1 | |
| local_port = 10701 | |
| custom_domains = tunnel1 | |
| # route_by_http_user = user1 | |