基于frp内网穿透实现无公网ip的局域网电脑vmware虚拟机ssh,web的外部访问

实验目的:本机的vmware虚拟机里的linux可以在互联网任意一个地方外网访问到它的web和ssh
环境场景:我的电脑安装了vmware虚拟机,虚拟机里边有linux的lanmp环境,家里的路由器拔号上网,但是拔号获得的是非公网IP,属于共享公网IP,没有了公网IP,路由器里端口映射、花生壳、DMZ主机都不合适。
实现方式:内网穿透
frp原理:在互联网上搭建frp服务端,就B,
在虚拟机里搭建frp客户端叫c,
用户访问ftp服务端的ip,
服务器会把用户的请求转发给frp客户端
服务端会把frp客户端的内容转发给用户

优点:简单,非常简单,通过token的行式也比较安全
缺点:暂无
待解决:服务端尝试普通用户运行应用没成功,现是root来运行的

cd /usr/tmp
wget https://www.isres.com/file/frp_0.28.2_linux_amd64.tar.gz
tar -zxvf frp_0.28.2_linux_amd64.tar.gz
mv frp_0.28.2_linux_amd64 /usr/local/frp
cd /usr/local/frp
vim frps.ini

[common]
bind_port = 7000
token = 111223aaa

守护进程

vim check_start.py

#!/usr/bin/python
#coding:utf-8
import os,time
#当前文件路径
current_path = os.getcwd()
log_file = current_path+'/check.log'
def is_runing(process_name):
        try:
                process = len(os.popen('ps aux | grep "' + process_name + '" | grep -v grep').readlines())
                if process > 0:
                        return 1
                else:
                        return 0
        except:
                return 0

def log(message):
        os.popen('echo ['+time.strftime("%Y-%m-%d %H:%M:%S", time.localtime(time.time()))+'] '+message+' >> '+log_file)

proc_tag = '/usr/local/frp/frps -c /usr/local/frp/frps.ini'

if is_runing(proc_tag) == 0:
        print('frps 进程没有运行或已停止!')
        os.popen(''+proc_tag.replace('$','')+' >> /dev/null &')
else:
        print('frps 正常')
        
        
        

chmod +x ./check_start.py

添加一个定时任务

* * * * * python /usr/local/frp/check_start.py


iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 7000 -j ACCEPT
/etc/rc.d/init.d/iptables save
service iptables restart

服务器端架设完成,接下来客户机(拔号后非公网ip下的windows上的一个linux虚拟机)客户端

cd /usr/tmp
wget https://www.isres.com/file/frp_0.28.2_linux_amd64.tar.gz
tar -zxvf frp_0.28.2_linux_amd64.tar.gz
mv frp_0.28.2_linux_amd64 /usr/local/frp
cd /usr/local/frp

vim frpc.ini

[common]
server_addr = 122.xxx.xx1.174
server_port = 7000
token = 111223aaa

[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 80
remote_port = 6001

ERR_UNSAFE_PORT 使用6000端口google浏览器会报这个

守护进程

#!/usr/bin/python
#coding:utf-8
import os,time
#当前文件路径
current_path = os.getcwd()
log_file = current_path+'/check.log'
def is_runing(process_name):
        try:
                process = len(os.popen('ps aux | grep "' + process_name + '" | grep -v grep').readlines())
                if process > 0:
                        return 1
                else:
                        return 0
        except:
                return 0

def log(message):
        os.popen('echo ['+time.strftime("%Y-%m-%d %H:%M:%S", time.localtime(time.time()))+'] '+message+' >> '+log_file)

proc_tag = '/usr/local/frp/frpc -c /usr/local/frp/frpc.ini'

if is_runing(proc_tag) == 0:
        print('frps 进程没有运行或已停止!')
        os.popen(''+proc_tag.replace('$','')+' >> /dev/null &')
else:
        print('frps 正常')
        
        

    
    
    
chmod +x ./check_start.py

添加一个定时任务

* * * * * python /usr/local/frp/check_start.py

多端口穿透配置示例

[common]
server_addr = 122.xxx.xx1.174
server_port = 7000
token = 111223aaa

[http]
type = tcp
local_ip = 127.0.0.1
local_port = 80
remote_port = 80

[https]
type = tcp
local_ip = 127.0.0.1
local_port = 443
remote_port = 443

[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22
remote_port = 8022

WEB内网穿透测试

996.png

转载请注明出处:https://www.isres.com/linux/278.html



发表留言

人生在世,错别字在所难免,无需纠正。

    captcha