LinuxCommandLibrary

frps

Expose local services behind NAT to public

TLDR

Start the service, using the default configuration file (assumed to be frps.ini in the current directory)

$ frps
copy

Start the service, using the newer TOML configuration file
$ frps [[-c|--config]] [path/to/frps.toml]
copy

Start the service, using a specified configuration file
$ frps [[-c|--config]] [path/to/file]
copy

Check if the configuration file is valid
$ frps verify [[-c|--config]] [path/to/file]
copy

Print autocompletion setup script for Bash, fish, PowerShell, or Zsh
$ frps completion [bash|fish|powershell|zsh]
copy

Display version
$ frps [[-v|--version]]
copy

SYNOPSIS

frps [options] Typically: frps -c frps.ini

PARAMETERS

-h, --help
    print help and exit

-v, --version
    print version info

-c, --config_file
    path to config file (default: frps.ini)

-a, --bind-addr
    server bind IP (default: 0.0.0.0)

-p, --bind-port
    server proxy port (default: 7000)

--bind-addr-vhost
    vhost proxy bind IP (default: 0.0.0.0)

--vhost-http-port
    HTTP vhost port (default: 80)

--vhost-https-port
    HTTPS vhost port (default: 443)

--vhost-tls-port
    vhost TLS port

--dashboard-addr
    dashboard bind IP (default: 0.0.0.0)

--dashboard-port
    dashboard port (default: 7500)

--dashboard-user
    dashboard username

--dashboard-pwd
    dashboard password

--log-level
    log level: trace/debug/info/warn/error (default: info)

--log-file
    log file path

--log-max-days
    max log retention days (default: 0)

--token
    client auth token

--auth.method
    auth method: token,oidc

--max-pool-count
    max connection pool size (default: 5)

--heartbeat-ms
    heartbeat interval (default: 10000)

--allow-ports
    comma-separated allowed ports

--disable-log-color
    disable colored logs

--http-tls-addr
    TLS HTTP proxy addr

--http-tls-port
    TLS HTTP proxy port

DESCRIPTION

frps is the server component of FRP (Fast Reverse Proxy), an open-source, high-performance reverse proxy tool written in Go. It enables exposure of local services behind NAT, firewalls, or IPv6-only networks to the public internet by tunneling traffic from frpc clients.

Key features include support for TCP, UDP, HTTP(S), STCP (point-to-point), XTCP (multiplexed), WebSocket, load balancing across multiple proxies, bandwidth limiting, client authentication via tokens/OIDC, health checks, and a web dashboard for monitoring. frps listens on specified ports for client registrations and proxies inbound connections accordingly.

Typically deployed on a VPS or public server, frps is lightweight (binary <20MB), handles thousands of connections, and integrates with systemd for daemonization. Configuration is flexible via INI/TOML files or command-line flags, with defaults favoring simplicity. Ideal for remote access to SSH, web apps, databases, or game servers without VPNs or port forwarding.

Security emphasizes encryption (TLS), IP whitelisting, and auth methods to prevent unauthorized access.

CAVEATS

Command-line flags override config; run as non-root with firewall rules. Config file required for advanced setups. Not a standard man-page tool—check GitHub docs for latest flags.

CONFIGURATION FILE

Uses frps.ini or frps.toml for full settings like [common], [vhost], [proxy] sections. See docs for examples.

DASHBOARD

Access http://<dashboard-addr>:<dashboard-port> for stats, proxy list, traffic graphs.

DEPLOYMENT

Use systemd: create /etc/systemd/system/frps.service with ExecStart=/usr/bin/frps -c /etc/frp/frps.ini.

HISTORY

Developed by fatedier (forked from snowdream86) starting 2015. v0.1.0 in 2016; reached v0.60+ by 2024 with Go modules, QUIC support, and OIDC auth. Over 80k GitHub stars, widely used for tunneling.

SEE ALSO

frpc(1), nginx(8), haproxy(1), systemctl(1)

Copied to clipboard