Docker版本FRPS,FRPC出問題

[liaobadadi]

Bug Description

1.無法打開ip:7500端口 2.用Windows 版本Client 也連不上服務器FRPS

頁面顯示: 当前无法使用此页面124.222.107.89 未发送任何数据。 ERR_EMPTY_RESPONSE

frpc Version

frps v0.52.1

frps Version

frps v0.52.1

System Architecture

Docker 容器部署fatedier/frps

Configurations

Volumn 映射 -> /etc/frp : /etc/frp 7500端口 橋接出HOST

A literal address or host name for IPv6 must be enclosed

in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80"

For single "bind_addr" field, no need square brackets, like "bind_addr = ::".

bindAddr = "0.0.0.0" bindPort = 7000

udp port used for kcp protocol, it can be same with 'bind_port'.

if not set, kcp is disabled in frps.

kcpBindPort = 7000

udp port used for quic protocol.

if not set, quic is disabled in frps.

quicBindPort = 7002

Specify which address proxy will listen for, default value is same with bind_addr

proxy_bind_addr = "127.0.0.1"

quic protocol options

transport.quic.keepalivePeriod = 10

transport.quic.maxIdleTimeout = 30

transport.quic.maxIncomingStreams = 100000

Heartbeat configure, it's not recommended to modify the default value

The default value of heartbeat_timeout is 90. Set negative value to disable it.

transport.heartbeatTimeout = 90

Pool count in each proxy will keep no more than maxPoolCount.

transport.maxPoolCount = 5

If tcp stream multiplexing is used, default is true

transport.tcpMux = true

Specify keep alive interval for tcp mux.

only valid if tcpMux is true.

transport.tcpMuxKeepaliveInterval = 60

tcpKeepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps.

If negative, keep-alive probes are disabled.

transport.tcpKeepalive = 7200

transport.tls.force specifies whether to only accept TLS-encrypted connections. By default, the value is false.

tls.force = false

transport.tls.certFile = "server.crt"

transport.tls.keyFile = "server.key"

transport.tls.trustedCaFile = "ca.crt"

If you want to support virtual host, you must set the http port for listening (optional)

Note: http port and https port can be same with bind_port

vhostHTTPPort = 80

vhostHTTPSPort = 443

Response header timeout(seconds) for vhost http server, default is 60s

vhostHTTPTimeout = 60

tcpmuxHTTPConnectPort specifies the port that the server listens for TCP

HTTP CONNECT requests. If the value is 0, the server will not multiplex TCP

requests on one single port. If it's not - it will listen on this value for

HTTP CONNECT requests. By default, this value is 0.

tcpmuxHTTPConnectPort = 1337

If tcpmux_passthrough is true, frps won't do any update on traffic.

tcpmuxPassthrough = false

Configure the web server to enable the dashboard for frps.

dashboard is available only if webServer.port is set.

webServer.addr = "127.0.0.1" webServer.port = 7500 webServer.user = "admin" webServer.password = "*fefrgfdefxxxxxxxxxxxxxxxxxxxxxxxxxxx&A"

webServer.tls.certFile = "server.crt"

webServer.tls.keyFile = "server.key"

dashboard assets directory(only for debug mode)

webServer.assetsDir = "./static"

Enable golang pprof handlers in dashboard listener.

Dashboard port must be set first

webServer.pprofEnable = false

enablePrometheus will export prometheus metrics on webServer in /metrics api.

enablePrometheus = true

console or real logFile path like ./frps.log

log.to = "./frps.log"

trace, debug, info, warn, error

log.level = "debug" log.maxDays = 3

disable log colors when log.to is console, default is false

log.disablePrintColor = false

DetailedErrorsToClient defines whether to send the specific error (with debug info) to frpc. By default, this value is true.

detailedErrorsToClient = true

auth.method specifies what authentication method to use authenticate frpc with frps.

If "token" is specified - token will be read into login message.

If "oidc" is specified - OIDC (Open ID Connect) token will be issued using OIDC settings. By default, this value is "token".

auth.method = "token"

auth.additionalScopes specifies additional scopes to include authentication information.

Optional values are HeartBeats, NewWorkConns.

auth.additionalScopes = ["HeartBeats", "NewWorkConns"]

auth token

auth.token = "sHfwefefcvew34gtrfd3Q"

oidc issuer specifies the issuer to verify OIDC tokens with.

auth.oidc.issuer = ""

oidc audience specifies the audience OIDC tokens should contain when validated.

auth.oidc.audience = ""

oidc skipExpiryCheck specifies whether to skip checking if the OIDC token is expired.

auth.oidc.skipExpiryCheck = false

oidc skipIssuerCheck specifies whether to skip checking if the OIDC token's issuer claim matches the issuer specified in OidcIssuer.

auth.oidc.skipIssuerCheck = false

userConnTimeout specifies the maximum time to wait for a work connection.

userConnTimeout = 10

Only allow frpc to bind ports you list. By default, there won't be any limit.

allowPorts = [ { start = 3200, end = 3400 }, { single = 3389 }, { start = 3600, end = 37000 } ]

Max ports can be used for each client, default value is 0 means no limit

maxPortsPerClient = 0

If subDomainHost is not empty, you can set subdomain when type is http or https in frpc's configure file

When subdomain is est, the host used by routing is test.frps.com

subDomainHost = "xxxxxxxx"

custom 404 page for HTTP requests

custom404Page = "/path/to/404.html"

specify udp packet size, unit is byte. If not set, the default value is 1500.

This parameter should be same between client and server.

It affects the udp and sudp proxy.

udpPacketSize = 1500

Retention time for NAT hole punching strategy data.

natholeAnalysisDataReserveHours = 168

[[httpPlugins]]

name = "user-manager"

addr = "127.0.0.1:9000"

path = "/handler"

ops = ["Login"]

[[httpPlugins]]

name = "port-manager"

addr = "127.0.0.1:9001"

path = "/handler"

ops = ["NewProxy"]

Logs

2023/10/19 14:47:54 [I] [root.go:104] frps uses command line arguments for config 2023/10/19 14:47:54 [I] [service.go:200] frps tcp listen on 0.0.0.0:7000 2023/10/19 14:47:54 [I] [root.go:111] frps started successfully

Steps to reproduce

1. 容器化部署FRPS v0.52.1 ,橋接7500，7000，以及必要轉發端口
2. 使用FRPC v0.52.1,連接服務器

3. ...

Affected area

• [ ] Docs
• [X] Installation
• [ ] Performance and Scalability
• [ ] Security
• [ ] User Experience
• [ ] Test and Release
• [ ] Developer Infrastructure
• [ ] Client Plugin
• [ ] Server Plugin
• [ ] Extensions
• [ ] Others

[XYZliang]

一样存在docker版本打不开7500管理页面的问题： webServer.addr = "0.0.0.0" webServer.port = 7500 webServer.user = "admin" webServer.password = "XXXXXXXX" 似乎根本没生效： 2023/10/19 14:27:21 [I] [root.go:102] frps uses config file: /etc/frp/frps.toml 2023/10/19 14:27:21 [I] [service.go:200] frps tcp listen on 0.0.0.0:7000 2023/10/19 14:27:21 [I] [root.go:111] frps started successfully 2023/10/19 14:27:22 [I] [service.go:533] [f55e71bc37c551dc] client login info: ip [39.XXX13:1376] version [0.47.0] hostname [] os [linux] arch [amd64] 2023/10/19 14:27:22 [I] [service.go:533] [6e2fe2641d5fe504] client login info: ip [39.XXX.34.114:1601] version [0.48.0] hostname [] os [linux] arch [amd64] 2023/10/19 14:27:22 [I] [tcp.go:82] [f55e71bc37c551dc] [LuOpenWrt.JDC] tcp proxy listen port [20081] 2023/10/19 14:27:22 [I] [control.go:500] [f55e71bc37c551dc] new proxy [LuOpenWrt.JDC] type [tcp] success 2023/10/19 14:27:22 [I] [tcp.go:82] [f55e71bc37c551dc] [LuOpenWrt.OWssh] tcp proxy listen port [20022] 2023/10/19 14:27:22 [I] [control.go:500] [f55e71bc37c551dc] new proxy [LuOpenWrt.OWssh] type [tcp] success .......其他链接信息

[alexcdever]

我也差不多，我是连启动都启动失败，直到将版本号回滚到0.51.3才能正常跑起来

[wuai1024]

# Set admin address for control frpc's action by http api such as reload
webServer:
  addr: 0.0.0.0
  port: 7500
  user: "admin"
  password: "admin"

[liaobadadi]

# Set admin address for control frpc's action by http api such as reload
webServer:
  addr: 0.0.0.0
  port: 7500
  user: "admin"
  password: "admin"

我改过了，试过0.0.0.0 ，试过127.0.0.1 ，服务器IP 都不行。

[liaobadadi]

我也差不多，我是连启动都启动失败，直到将版本号回滚到0.51.3才能正常跑起来

可能windows 版本的FRPC/FRPS没有太大问题，但是DOCKER 我也回滚到0.51.3才用起来，TOML格式，我也试了很多次，用网络host也不行，用-d 端口：端口也不行，用DOCKER INSPECT 没看到expose的端口，自己用docker build +expose 7500 ，看不到dashboard,是在没辙了。

[fatedier]

监听成功了之后，frps 日志会显示这样一行: Dashboard listen on 0.0.0.0:7500，否则说明配置文件配置错误，或者使用了错误的配置文件。

我自己基本上不用 docker，但是 mac 下测试没问题: docker run -v ./:/etc/frp --rm -it fatedier/frps:v0.52.2 -c /etc/frp/frps.toml

建议不要直接 copy 一大堆配置上去，根据文档只添加必要的内容。

[liaobadadi]

监听成功了之后，frps 日志会显示这样一行: Dashboard listen on 0.0.0.0:7500，否则说明配置文件配置错误，或者使用了错误的配置文件。

我自己基本上不用 docker，但是 mac 下测试没问题: docker run -v ./:/etc/frp --rm -it fatedier/frps:v0.52.2 -c /etc/frp/frps.toml

建议不要直接 copy 一大堆配置上去，根据文档只添加必要的内容。

================================================================== 我又不断尝试：

docker 命令：docker run -v /dkprog/frps:/etc/frp -p 7500:7500 --rm -it fatedier/frps:v0.52.2 Toml；文件 在 容器内、etc/frp/可见 frps.toml frps.toml 如下： bindPort = 7000

webServer.addr = "0.0.0.0" webServer.port = 7500 webServer.user = "admin" webServer.password = "admin"

容器里面看服务7500端口压根没有启动任何服务，感觉还是容器本身的问题：大佬能在LINUX里面测试下？ / # netstat -lpnt Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 :::7000 :::* LISTEN 1/frps

[Crazyokd]

今天我升级docker版本的frps，然后一直连不上，排查发现配置文件使用的老的.ini，但是docker中使用的新的.toml. 详情见我这个issue

[Crazyokd]

7500端口打不开是因为默认使用127.0.0.1，需要配置为0.0.0.0

[github-actions[bot]]

Issues go stale after 30d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.

[bosswnx]

我也遇到了一样的问题，希望能够尽早解决

[Semoz]

监听成功了之后，frps 日志会显示这样一行: Dashboard listen on 0.0.0.0:7500，否则说明配置文件配置错误，或者使用了错误的配置文件。

我自己基本上不用 docker，但是 mac 下测试没问题: docker run -v ./:/etc/frp --rm -it fatedier/frps:v0.52.2 -c /etc/frp/frps.toml

建议不要直接 copy 一大堆配置上去，根据文档只添加必要的内容。

---

说的对，不要增加不必要的配置文件，docker compose测试没有问题

docker-compose.yml

  services:
    frps:
      image: 'fatedier/frps:v0.52.2'
      restart: always
      container_name: frps
      environment:
        TZ: 'Asia/Shanghai'
      ports:
        - 7000-8000:7000-8000
      volumes:
        - '/etc/localtime:/etc/localtime:ro'
        - './conf/frps.toml:/etc/frp/frps.toml'
      command: ["-c", "/etc/frp/frps.toml"]

conf/frps.toml

bindAddr                = "0.0.0.0"             # 服务端监听地址，用于接收 frpc 的连接，默认监听 0.0.0.0。
bindPort                = 7000                  # 服务端监听端口，默认值为 7000。

tls.force               = true                  # 是否只接受启用了 TLS 的客户端连接。

# 允许代理绑定的服务端端口。默认不限制
allowPorts              = [{ start = 7100, end = 8000 }]

# webServer 服务端 Dashboard 配置。
webServer.addr          = "0.0.0.0"             # webServer 监听地址，默认为 127.0.0.1。0.0.0.0 允许所有地址访问。
webServer.port          = 7001                  # webServer 监听端口。
webServer.user          = "admin"               # HTTP BasicAuth 用户名。
webServer.password      = "123456"              # HTTP BasicAuth 密码。

vhostHTTPPort           = 7777                  # HTTP 类型代理监听的端口，启用后才能支持 HTTP 类型的代理。
vhostHTTPSPort          = 7778                  # HTTPS 类型代理监听的端口，启用后才能支持 HTTPS 类型的代理。
tcpmuxHTTPConnectPort   = 7779                  # tcpmux 类型且复用器为 httpconnect 的代理监听的端口。

[NULL-Response]

这可能是个新版本的bug，把webServer.addr改成ifconfig中eth0的ip即可，见https://github.com/fatedier/frp/issues/3861

[github-actions[bot]]

Issues go stale after 21d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.