2017-05-25 00:10:58 +07:00
|
|
|
# [common] is integral section
|
|
|
|
[common]
|
|
|
|
# A literal address or host name for IPv6 must be enclosed
|
|
|
|
# in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80"
|
2021-03-10 19:19:58 +07:00
|
|
|
# For single "bind_addr" field, no need square brackets, like "bind_addr = ::".
|
2017-05-25 00:10:58 +07:00
|
|
|
bind_addr = 0.0.0.0
|
|
|
|
bind_port = 7000
|
|
|
|
|
2022-12-12 10:04:10 +07:00
|
|
|
# udp port used for kcp protocol, it can be same with 'bind_port'.
|
|
|
|
# if not set, kcp is disabled in frps.
|
2017-06-14 00:23:34 +07:00
|
|
|
kcp_bind_port = 7000
|
|
|
|
|
2022-12-12 10:04:10 +07:00
|
|
|
# udp port used for quic protocol.
|
|
|
|
# if not set, quic is disabled in frps.
|
|
|
|
# quic_bind_port = 7002
|
2022-12-18 17:43:42 +07:00
|
|
|
# quic protocol options
|
|
|
|
# quic_keepalive_period = 10
|
|
|
|
# quic_max_idle_timeout = 30
|
|
|
|
# quic_max_incoming_streams = 100000
|
2022-12-12 10:04:10 +07:00
|
|
|
|
2017-07-05 00:40:01 +07:00
|
|
|
# specify which address proxy will listen for, default value is same with bind_addr
|
|
|
|
# proxy_bind_addr = 127.0.0.1
|
|
|
|
|
2017-05-25 00:10:58 +07:00
|
|
|
# if you want to support virtual host, you must set the http port for listening (optional)
|
2018-05-06 03:27:30 +07:00
|
|
|
# Note: http port and https port can be same with bind_port
|
2017-05-25 00:10:58 +07:00
|
|
|
vhost_http_port = 80
|
|
|
|
vhost_https_port = 443
|
|
|
|
|
2018-08-08 10:18:38 +07:00
|
|
|
# response header timeout(seconds) for vhost http server, default is 60s
|
|
|
|
# vhost_http_timeout = 60
|
|
|
|
|
2020-11-23 10:38:21 +07:00
|
|
|
# tcpmux_httpconnect_port specifies the port that the server listens for TCP
|
2020-03-11 13:13:16 +07:00
|
|
|
# HTTP CONNECT requests. If the value is 0, the server will not multiplex TCP
|
|
|
|
# requests on one single port. If it's not - it will listen on this value for
|
|
|
|
# HTTP CONNECT requests. By default, this value is 0.
|
|
|
|
# tcpmux_httpconnect_port = 1337
|
|
|
|
|
2022-05-26 22:57:30 +07:00
|
|
|
# If tcpmux_passthrough is true, frps won't do any update on traffic.
|
|
|
|
# tcpmux_passthrough = false
|
|
|
|
|
2017-11-28 14:56:34 +07:00
|
|
|
# set dashboard_addr and dashboard_port to view dashboard of frps
|
|
|
|
# dashboard_addr's default value is same with bind_addr
|
|
|
|
# dashboard is available only if dashboard_port is set
|
|
|
|
dashboard_addr = 0.0.0.0
|
2017-05-25 00:10:58 +07:00
|
|
|
dashboard_port = 7500
|
|
|
|
|
2021-08-02 12:07:28 +07:00
|
|
|
# dashboard user and passwd for basic auth protect
|
2017-05-25 00:10:58 +07:00
|
|
|
dashboard_user = admin
|
2018-05-06 03:08:36 +07:00
|
|
|
dashboard_pwd = admin
|
2017-05-25 00:10:58 +07:00
|
|
|
|
2022-06-27 09:08:02 +07:00
|
|
|
# dashboard TLS mode
|
|
|
|
dashboard_tls_mode = false
|
|
|
|
# dashboard_tls_cert_file = server.crt
|
|
|
|
# dashboard_tls_key_file = server.key
|
|
|
|
|
2020-03-11 12:20:26 +07:00
|
|
|
# enable_prometheus will export prometheus metrics on {dashboard_addr}:{dashboard_port} in /metrics api.
|
|
|
|
enable_prometheus = true
|
|
|
|
|
2017-05-25 00:10:58 +07:00
|
|
|
# dashboard assets directory(only for debug mode)
|
|
|
|
# assets_dir = ./static
|
2020-11-23 10:38:21 +07:00
|
|
|
|
2017-05-25 00:10:58 +07:00
|
|
|
# console or real logFile path like ./frps.log
|
|
|
|
log_file = ./frps.log
|
|
|
|
|
|
|
|
# trace, debug, info, warn, error
|
|
|
|
log_level = info
|
|
|
|
|
|
|
|
log_max_days = 3
|
|
|
|
|
2019-08-11 23:47:35 +07:00
|
|
|
# disable log colors when log_file is console, default is false
|
|
|
|
disable_log_color = false
|
|
|
|
|
2020-03-11 13:13:16 +07:00
|
|
|
# DetailedErrorsToClient defines whether to send the specific error (with debug info) to frpc. By default, this value is true.
|
|
|
|
detailed_errors_to_client = true
|
|
|
|
|
2020-11-23 10:38:21 +07:00
|
|
|
# authentication_method specifies what authentication method to use authenticate frpc with frps.
|
2020-03-11 13:13:16 +07:00
|
|
|
# If "token" is specified - token will be read into login message.
|
|
|
|
# If "oidc" is specified - OIDC (Open ID Connect) token will be issued using OIDC settings. By default, this value is "token".
|
|
|
|
authentication_method = token
|
|
|
|
|
2020-11-23 10:38:21 +07:00
|
|
|
# authenticate_heartbeats specifies whether to include authentication token in heartbeats sent to frps. By default, this value is false.
|
2020-03-11 13:13:16 +07:00
|
|
|
authenticate_heartbeats = false
|
|
|
|
|
|
|
|
# AuthenticateNewWorkConns specifies whether to include authentication token in new work connections sent to frps. By default, this value is false.
|
|
|
|
authenticate_new_work_conns = false
|
|
|
|
|
2018-04-10 16:46:49 +07:00
|
|
|
# auth token
|
|
|
|
token = 12345678
|
2017-05-25 00:10:58 +07:00
|
|
|
|
2020-11-23 10:38:21 +07:00
|
|
|
# oidc_issuer specifies the issuer to verify OIDC tokens with.
|
2020-03-11 13:13:16 +07:00
|
|
|
# By default, this value is "".
|
2020-11-23 10:38:21 +07:00
|
|
|
oidc_issuer =
|
2020-03-11 13:13:16 +07:00
|
|
|
|
2020-11-23 10:38:21 +07:00
|
|
|
# oidc_audience specifies the audience OIDC tokens should contain when validated.
|
2020-03-11 13:13:16 +07:00
|
|
|
# By default, this value is "".
|
2020-11-23 10:38:21 +07:00
|
|
|
oidc_audience =
|
|
|
|
|
|
|
|
# oidc_skip_expiry_check specifies whether to skip checking if the OIDC token is expired.
|
|
|
|
# By default, this value is false.
|
|
|
|
oidc_skip_expiry_check = false
|
2020-03-11 13:13:16 +07:00
|
|
|
|
2020-11-23 10:38:21 +07:00
|
|
|
# oidc_skip_issuer_check specifies whether to skip checking if the OIDC token's issuer claim matches the issuer specified in OidcIssuer.
|
|
|
|
# By default, this value is false.
|
|
|
|
oidc_skip_issuer_check = false
|
2020-03-11 13:13:16 +07:00
|
|
|
|
2017-05-25 00:10:58 +07:00
|
|
|
# heartbeat configure, it's not recommended to modify the default value
|
2022-01-13 13:26:07 +07:00
|
|
|
# the default value of heartbeat_timeout is 90. Set negative value to disable it.
|
2017-05-25 00:10:58 +07:00
|
|
|
# heartbeat_timeout = 90
|
|
|
|
|
2020-11-23 10:38:21 +07:00
|
|
|
# user_conn_timeout configure, it's not recommended to modify the default value
|
|
|
|
# the default value of user_conn_timeout is 10
|
|
|
|
# user_conn_timeout = 10
|
|
|
|
|
2017-05-25 00:10:58 +07:00
|
|
|
# only allow frpc to bind ports you list, if you set nothing, there won't be any limit
|
2018-04-24 00:26:05 +07:00
|
|
|
allow_ports = 2000-3000,3001,3003,4000-50000
|
2017-05-25 00:10:58 +07:00
|
|
|
|
|
|
|
# pool_count in each proxy will change to max_pool_count if they exceed the maximum value
|
|
|
|
max_pool_count = 5
|
|
|
|
|
2018-01-26 13:56:55 +07:00
|
|
|
# max ports can be used for each client, default value is 0 means no limit
|
|
|
|
max_ports_per_client = 0
|
|
|
|
|
2020-11-23 10:38:21 +07:00
|
|
|
# tls_only specifies whether to only accept TLS-encrypted connections. By default, the value is false.
|
2020-03-11 13:13:16 +07:00
|
|
|
tls_only = false
|
|
|
|
|
2020-09-18 19:06:09 +07:00
|
|
|
# tls_cert_file = server.crt
|
|
|
|
# tls_key_file = server.key
|
|
|
|
# tls_trusted_ca_file = ca.crt
|
|
|
|
|
2017-05-25 00:10:58 +07:00
|
|
|
# if subdomain_host is not empty, you can set subdomain when type is http or https in frpc's configure file
|
|
|
|
# when subdomain is test, the host used by routing is test.frps.com
|
|
|
|
subdomain_host = frps.com
|
|
|
|
|
|
|
|
# if tcp stream multiplexing is used, default is true
|
2022-03-22 18:29:30 +07:00
|
|
|
# tcp_mux = true
|
|
|
|
|
2022-01-13 13:26:07 +07:00
|
|
|
# specify keep alive interval for tcp mux.
|
|
|
|
# only valid if tcp_mux is true.
|
|
|
|
# tcp_mux_keepalive_interval = 60
|
2019-04-25 11:29:34 +07:00
|
|
|
|
2022-03-22 18:29:30 +07:00
|
|
|
# tcp_keepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps.
|
|
|
|
# If negative, keep-alive probes are disabled.
|
|
|
|
# tcp_keepalive = 7200
|
|
|
|
|
2019-04-25 11:29:34 +07:00
|
|
|
# custom 404 page for HTTP requests
|
|
|
|
# custom_404_page = /path/to/404.html
|
2019-12-20 19:28:28 +07:00
|
|
|
|
2020-05-07 16:47:36 +07:00
|
|
|
# specify udp packet size, unit is byte. If not set, the default value is 1500.
|
|
|
|
# This parameter should be same between client and server.
|
|
|
|
# It affects the udp and sudp proxy.
|
|
|
|
udp_packet_size = 1500
|
|
|
|
|
2022-03-17 10:42:59 +07:00
|
|
|
# Enable golang pprof handlers in dashboard listener.
|
|
|
|
# Dashboard port must be set first
|
|
|
|
pprof_enable = false
|
|
|
|
|
2023-05-29 00:09:53 +07:00
|
|
|
# Retention time for NAT hole punching strategy data.
|
|
|
|
nat_hole_analysis_data_reserve_hours = 168
|
|
|
|
|
2019-12-20 19:28:28 +07:00
|
|
|
[plugin.user-manager]
|
|
|
|
addr = 127.0.0.1:9000
|
|
|
|
path = /handler
|
|
|
|
ops = Login
|
|
|
|
|
|
|
|
[plugin.port-manager]
|
|
|
|
addr = 127.0.0.1:9001
|
|
|
|
path = /handler
|
|
|
|
ops = NewProxy
|