frp

View documentation for frpc, the frp client component

$ tldr frpc

$ tldr frps

frps [-c <config_file>] [global_options]
frpc [-c <config_file>] [global_options]

-c, --config_file <file>
    Path to configuration file (default: frps.ini or frpc.ini)

--log-level <level>
    Log level: trace, debug, info, warn, error (default: info)

--log-file <file>
    Log output file path

--log-way <way>
    Log output way: console, file (default: console)

--token <token>
    Access token for authentication

--heartbeats <timeout>
    Heartbeat timeout in seconds (default: 30)

--bind-addr <addr>
    Bind address for frps (default: 0.0.0.0:7000)

--bind-port <port>
    Bind port for frps (default: 7000)

--vhost-http-port <port>
    HTTP virtual host port for frps (default: 80)

--vhost-https-port <port>
    HTTPS virtual host port for frps (default: 443)

--dashboard-port <port>
    Dashboard port (default: 7500)

--dashboard-user <user>
    Dashboard username

--dashboard-pwd <pwd>
    Dashboard password

--version
    Print version information

-h, --help
    Show help message

frp (Fast Reverse Proxy) is a high-performance, open-source tool designed to expose local services behind NAT or firewalls to the internet. It enables intranet penetration by creating secure tunnels between a public-facing server (frps) and a client (frpc).

The server (frps) runs on a machine with a public IP, listening for connections on specified ports. The client (frpc), running on the local machine, connects to the server and forwards traffic for local services (e.g., web servers, SSH, databases) through the tunnel. Supports multiple protocols including TCP, UDP, HTTP, HTTPS, WebSocket, STCP (TCP over proxy), XTCP, SUDP, HTTP2, and P2P modes.

Key features include multiplexing (multiple tunnels over one connection), load balancing, encryption (TLS), authentication (token, OIDC), and dashboard for monitoring. Written in Go, it's lightweight, cross-platform (Linux, Windows, macOS, ARM), and handles high concurrency efficiently. Ideal for remote access, game servers, IoT devices, or temporary public exposure without port forwarding.

Configuration is primarily via INI files (frps.ini, frpc.toml/ini), with command-line flags for global settings. Usage involves deploying frps publicly, configuring proxies in client ini, and starting both.

Not a standard Linux package; download binaries from GitHub. Command-line options limited to globals—detailed setup via config files. Requires network access; firewall rules needed for ports. TLS/encryption configured separately. High traffic may need tuning.

frps: Server, exposes public endpoints.
frpc: Client, tunnels local services.

frpc.ini:
[common]
server_addr = x.x.x.x
server_port = 7000
token = mytoken

[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22
remote_port = 6000

Created by snowdream86 (fatedier) in 2016 as a faster alternative to similar tools. Rewritten in Go v1.0 (2017) for performance. Active development with v0.60+ (2024) adding QUIC, gRPC, enhanced security. Millions of downloads, popular in DevOps and homelabs.

ssh(1), socat(1), nginx(8)