Bug Description

使用默认的full 配置文件，客户端报错 send Login request to plugin error

frpc Version

0.37.1

frps Version

0.37.1

System Architecture

linux/amd64

Configurations

[common] is integral section

[common]

A literal address or host name for IPv6 must be enclosed

in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80"

For single "server_addr" field, no need square brackets, like "server_addr = ::".

server_addr = 18.16.xx.xx server_port = 7000

if you want to connect frps by http proxy or socks5 proxy or ntlm proxy, you can set http_proxy here or in global environment variables

it only works when protocol is tcp

http_proxy = http://user:passwd@192.168.1.128:8080

http_proxy = socks5://user:passwd@192.168.1.128:1080

http_proxy = ntlm://user:passwd@192.168.1.128:2080

console or real logFile path like ./frpc.log

log_file = ./frpc.log

trace, debug, info, warn, error

log_level = debug

log_max_days = 3

disable log colors when log_file is console, default is false

disable_log_color = false

for authentication, should be same as your frps.ini

authenticate_heartbeats specifies whether to include authentication token in heartbeats sent to frps. By default, this value is false.

authenticate_heartbeats = false

authenticate_new_work_conns specifies whether to include authentication token in new work connections sent to frps. By default, this value is false.

authenticate_new_work_conns = false

auth token

token = 12345678

oidc_client_id specifies the client ID to use to get a token in OIDC authentication if AuthenticationMethod == "oidc".

By default, this value is "".

oidc_client_id =

oidc_client_secret specifies the client secret to use to get a token in OIDC authentication if AuthenticationMethod == "oidc".

By default, this value is "".

oidc_client_secret =

oidc_audience specifies the audience of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "".

oidc_audience =

oidc_token_endpoint_url specifies the URL which implements OIDC Token Endpoint.

It will be used to get an OIDC token if AuthenticationMethod == "oidc". By default, this value is "".

oidc_token_endpoint_url =

set admin address for control frpc's action by http api such as reload

admin_addr = 127.0.0.1 admin_port = 7400 admin_user = admin admin_pwd = admin

Admin assets directory. By default, these assets are bundled with frpc.

assets_dir = ./static

connections will be established in advance, default value is zero

pool_count = 5

if tcp stream multiplexing is used, default is true, it must be same with frps

tcp_mux = true

your proxy name will be changed to {user}.{proxy}

user = your_name

decide if exit program when first login failed, otherwise continuous relogin to frps

default is true

login_fail_exit = true

communication protocol used to connect to server

now it supports tcp, kcp and websocket, default is tcp

protocol = tcp

if tls_enable is true, frpc will connect frps by tls

tls_enable = true

tls_cert_file = client.crt

tls_key_file = client.key

tls_trusted_ca_file = ca.crt

tls_server_name = example.com

specify a dns server, so frpc will use this instead of default one

dns_server = 8.8.8.8

proxy names you want to start seperated by ','

default is empty, means all proxies

start = ssh,dns

heartbeat configure, it's not recommended to modify the default value

the default value of heartbeat_interval is 10 and heartbeat_timeout is 90

heartbeat_interval = 30

heartbeat_timeout = 90

additional meta info for client

meta_var1 = 123 meta_var2 = 234

specify udp packet size, unit is byte. If not set, the default value is 1500.

This parameter should be same between client and server.

It affects the udp and sudp proxy.

udp_packet_size = 1500

include other config files for proxies.

includes = ./confd/*.ini

'ssh' is the unique proxy name

if user in [common] section is not empty, it will be changed to {user}.{proxy} such as 'your_name.ssh'

[ssh]

tcp | udp | http | https | stcp | xtcp, default is tcp

type = tcp local_ip = 127.0.0.1 local_port = 22

limit bandwidth for this proxy, unit is KB and MB

bandwidth_limit = 1MB

true or false, if true, messages between frps and frpc will be encrypted, default is false

use_encryption = false

if true, message will be compressed

use_compression = false

remote port listen by frps

remote_port = 6001

frps will load balancing connections for proxies in same group

group = test_group

group should have same group key

group_key = 123456

enable health check for the backend service, it support 'tcp' and 'http' now

frpc will connect local service's port to detect it's healthy status

health_check_type = tcp

health check connection timeout

health_check_timeout_s = 3

if continuous failed in 3 times, the proxy will be removed from frps

health_check_max_failed = 3

every 10 seconds will do a health check

health_check_interval_s = 10

additional meta info for each proxy

meta_var1 = 123 meta_var2 = 234

[ssh_random] type = tcp local_ip = 127.0.0.1 local_port = 22

if remote_port is 0, frps will assign a random port for you

remote_port = 0

if you want to expose multiple ports, add 'range:' prefix to the section name

frpc will generate multiple proxies such as 'tcp_port_6010', 'tcp_port_6011' and so on.

[range:tcp_port] type = tcp local_ip = 127.0.0.1 local_port = 6010-6020,6022,6024-6028 remote_port = 6010-6020,6022,6024-6028 use_encryption = false use_compression = false

[dns] type = udp local_ip = 114.114.114.114 local_port = 53 remote_port = 6002 use_encryption = false use_compression = false

[range:udp_port] type = udp local_ip = 127.0.0.1 local_port = 6010-6020 remote_port = 6010-6020 use_encryption = false use_compression = false

Resolve your domain names to [server_addr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02

[web01] type = http local_ip = 127.0.0.1 local_port = 80 use_encryption = false use_compression = true

http username and password are safety certification for http protocol

if not set, you can access this custom_domains without certification

http_user = admin http_pwd = admin

if domain for frps is frps.com, then you can access [web01] proxy by URL http://test.frps.com

subdomain = web01 custom_domains = web02.yourdomain.com

locations is only available for http type

locations = /,/pic host_header_rewrite = example.com

params with prefix "header_" will be used to update http request headers

header_X-From-Where = frp health_check_type = http

frpc will send a GET http request '/status' to local http service

http service is alive when it return 2xx http response code

health_check_url = /status health_check_interval_s = 10 health_check_max_failed = 3 health_check_timeout_s = 3

[web02] type = https local_ip = 127.0.0.1 local_port = 8000 use_encryption = false use_compression = false subdomain = web01 custom_domains = web02.yourdomain.com

if not empty, frpc will use proxy protocol to transfer connection info to your local service

v1 or v2 or empty

proxy_protocol_version = v2

[plugin_unix_domain_socket] type = tcp remote_port = 6003

if plugin is defined, local_ip and local_port is useless

plugin will handle connections got from frps

plugin = unix_domain_socket

params with prefix "plugin_" that plugin needed

plugin_unix_path = /var/run/docker.sock

[plugin_http_proxy] type = tcp remote_port = 6004 plugin = http_proxy plugin_http_user = abc plugin_http_passwd = abc

[plugin_socks5] type = tcp remote_port = 6005 plugin = socks5 plugin_user = abc plugin_passwd = abc

[plugin_static_file] type = tcp remote_port = 6006 plugin = static_file plugin_local_path = /var/www/blog plugin_strip_prefix = static plugin_http_user = abc plugin_http_passwd = abc

[plugin_https2http] type = https custom_domains = test.yourdomain.com plugin = https2http plugin_local_addr = 127.0.0.1:80 plugin_crt_path = ./server.crt plugin_key_path = ./server.key plugin_host_header_rewrite = 127.0.0.1 plugin_header_X-From-Where = frp

[plugin_https2https] type = https custom_domains = test.yourdomain.com plugin = https2https plugin_local_addr = 127.0.0.1:443 plugin_crt_path = ./server.crt plugin_key_path = ./server.key plugin_host_header_rewrite = 127.0.0.1 plugin_header_X-From-Where = frp

[plugin_http2https] type = http custom_domains = test.yourdomain.com plugin = http2https plugin_local_addr = 127.0.0.1:443 plugin_host_header_rewrite = 127.0.0.1 plugin_header_X-From-Where = frp

[secret_tcp]

If the type is secret tcp, remote_port is useless

Who want to connect local port should deploy another frpc with stcp proxy and role is visitor

type = stcp

sk used for authentication for visitors

sk = abcdefg local_ip = 127.0.0.1 local_port = 22 use_encryption = false use_compression = false

user of frpc should be same in both stcp server and stcp visitor

[secret_tcp_visitor]

frpc role visitor -> frps -> frpc role server

role = visitor type = stcp

the server name you want to visitor

server_name = secret_tcp sk = abcdefg

connect this address to visitor stcp server

bind_addr = 127.0.0.1 bind_port = 9000 use_encryption = false use_compression = false

[p2p_tcp] type = xtcp sk = abcdefg local_ip = 127.0.0.1 local_port = 22 use_encryption = false use_compression = false

[p2p_tcp_visitor] role = visitor type = xtcp server_name = p2p_tcp sk = abcdefg bind_addr = 127.0.0.1 bind_port = 9001 use_encryption = false use_compression = false

[tcpmuxhttpconnect] type = tcpmux multiplexer = httpconnect local_ip = 127.0.0.1 local_port = 10701 custom_domains = tunnel1

Logs

No response

Steps to reproduce

Affected area

[ ] Docs
[ ] Installation
[ ] Performance and Scalability
[ ] Security
[ ] User Experience
[ ] Test and Release
[ ] Developer Infrastructure
[ ] Client Plugin
[ ] Server Plugin
[ ] Extensions
[ ] Others

fatedier / frp

send Login request to plugin error 登录失败 #2572

Bug Description

frpc Version

frps Version

System Architecture

Configurations

[common] is integral section

A literal address or host name for IPv6 must be enclosed

in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80"

For single "server_addr" field, no need square brackets, like "server_addr = ::".

if you want to connect frps by http proxy or socks5 proxy or ntlm proxy, you can set http_proxy here or in global environment variables

it only works when protocol is tcp

http_proxy = http://user:passwd@192.168.1.128:8080

http_proxy = socks5://user:passwd@192.168.1.128:1080

http_proxy = ntlm://user:passwd@192.168.1.128:2080

console or real logFile path like ./frpc.log

trace, debug, info, warn, error

disable log colors when log_file is console, default is false

for authentication, should be same as your frps.ini

authenticate_heartbeats specifies whether to include authentication token in heartbeats sent to frps. By default, this value is false.

authenticate_new_work_conns specifies whether to include authentication token in new work connections sent to frps. By default, this value is false.

auth token

oidc_client_id specifies the client ID to use to get a token in OIDC authentication if AuthenticationMethod == "oidc".

By default, this value is "".

oidc_client_secret specifies the client secret to use to get a token in OIDC authentication if AuthenticationMethod == "oidc".

By default, this value is "".

oidc_audience specifies the audience of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "".

oidc_token_endpoint_url specifies the URL which implements OIDC Token Endpoint.

It will be used to get an OIDC token if AuthenticationMethod == "oidc". By default, this value is "".

set admin address for control frpc's action by http api such as reload

Admin assets directory. By default, these assets are bundled with frpc.

assets_dir = ./static

connections will be established in advance, default value is zero

if tcp stream multiplexing is used, default is true, it must be same with frps

your proxy name will be changed to {user}.{proxy}

decide if exit program when first login failed, otherwise continuous relogin to frps

default is true

communication protocol used to connect to server

now it supports tcp, kcp and websocket, default is tcp

if tls_enable is true, frpc will connect frps by tls

tls_cert_file = client.crt

tls_key_file = client.key

tls_trusted_ca_file = ca.crt

tls_server_name = example.com

specify a dns server, so frpc will use this instead of default one

dns_server = 8.8.8.8

proxy names you want to start seperated by ','

default is empty, means all proxies

start = ssh,dns

heartbeat configure, it's not recommended to modify the default value

the default value of heartbeat_interval is 10 and heartbeat_timeout is 90

heartbeat_interval = 30

heartbeat_timeout = 90

additional meta info for client

specify udp packet size, unit is byte. If not set, the default value is 1500.

This parameter should be same between client and server.

It affects the udp and sudp proxy.

include other config files for proxies.

includes = ./confd/*.ini

'ssh' is the unique proxy name

if user in [common] section is not empty, it will be changed to {user}.{proxy} such as 'your_name.ssh'

tcp | udp | http | https | stcp | xtcp, default is tcp

limit bandwidth for this proxy, unit is KB and MB

true or false, if true, messages between frps and frpc will be encrypted, default is false

if true, message will be compressed

remote port listen by frps

frps will load balancing connections for proxies in same group

group should have same group key

enable health check for the backend service, it support 'tcp' and 'http' now

frpc will connect local service's port to detect it's healthy status

health check connection timeout

if continuous failed in 3 times, the proxy will be removed from frps

every 10 seconds will do a health check

additional meta info for each proxy

if remote_port is 0, frps will assign a random port for you

if you want to expose multiple ports, add 'range:' prefix to the section name

frpc will generate multiple proxies such as 'tcp_port_6010', 'tcp_port_6011' and so on.

Resolve your domain names to [server_addr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02

http username and password are safety certification for http protocol