Closed louisir closed 11 months ago
frps 没有定时退出功能 看起来是 正常停止 ~可能是人为的~
frps 没有定时退出功能 看起来是 正常停止 ~可能是人为的~
只有我自己在用它,我没有人为停止服务。意味着被黑了?
使用最简洁的配置启动frps试一下,若还停止,考虑是系统环境的问题。例如只设置: bindPort = auth.token = "" log.to = "/var/log/frps.log" log.level = "debug" webServer.addr = "" webServer.port =
使用最简洁的配置启动frps试一下,若还停止,考虑是系统环境的问题。例如只设置: bindPort = auth.token = "" log.to = "/var/log/frps.log" log.level = "debug" webServer.addr = "" webServer.port =
谢谢建议,我试试看
使用最简洁的配置启动frps试一下,若还停止,考虑是系统环境的问题。例如只设置: bindPort = auth.token = "" log.to = "/var/log/frps.log" log.level = "debug" webServer.addr = "" webServer.port =
我尝试了,还是不行,昨天晚上10点多,还是停止了。
我找到原因了。是因为certbot.service在renew之前停止了frps.service,然后renew失败了,导致start frps.service没有被执行。
Bug Description
frps在ubuntu服务器上启动一段时间之后自动停止(随机的)。从日志来看,frps的日志记录,每30秒一次心跳,都是正常的;查看frps.service的status,Nov 20 17:14:35 xxx systemd[1]: Stopping frp server...,这里无缘无故的就自动停止了。原因不明。
frpc Version
0.52.3
frps Version
0.52.3
System Architecture
linux/amd64
Configurations
A literal address or host name for IPv6 must be enclosed
in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80"
For single "bind_addr" field, no need square brackets, like "bind_addr = ::".
bindAddr = "0.0.0.0" bindPort = xxx
udp port used for kcp protocol, it can be same with 'bind_port'.
if not set, kcp is disabled in frps.
kcpBindPort = xxx
udp port used for quic protocol.
if not set, quic is disabled in frps.
quicBindPort = 7002
Specify which address proxy will listen for, default value is same with bind_addr
proxy_bind_addr = "127.0.0.1"
quic protocol options
transport.quic.keepalivePeriod = 10
transport.quic.maxIdleTimeout = 30
transport.quic.maxIncomingStreams = 100000
Heartbeat configure, it's not recommended to modify the default value
The default value of heartbeat_timeout is 90. Set negative value to disable it.
transport.heartbeatTimeout = 90
Pool count in each proxy will keep no more than maxPoolCount.
transport.maxPoolCount = 5
If tcp stream multiplexing is used, default is true
transport.tcpMux = true
Specify keep alive interval for tcp mux.
only valid if tcpMux is true.
transport.tcpMuxKeepaliveInterval = 60
tcpKeepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps.
If negative, keep-alive probes are disabled.
transport.tcpKeepalive = 7200
transport.tls.force specifies whether to only accept TLS-encrypted connections. By default, the value is false.
tls.force = true
transport.tls.certFile = "./server.crt"
transport.tls.keyFile = "./server.key"
transport.tls.trustedCaFile = "ca.crt"
If you want to support virtual host, you must set the http port for listening (optional)
Note: http port and https port can be same with bind_port
vhostHTTPPort = 80
vhostHTTPSPort = 443
Response header timeout(seconds) for vhost http server, default is 60s
vhostHTTPTimeout = 60
tcpmuxHTTPConnectPort specifies the port that the server listens for TCP
HTTP CONNECT requests. If the value is 0, the server will not multiplex TCP
requests on one single port. If it's not - it will listen on this value for
HTTP CONNECT requests. By default, this value is 0.
tcpmuxHTTPConnectPort = xxx
If tcpmux_passthrough is true, frps won't do any update on traffic.
tcpmuxPassthrough = false
Configure the web server to enable the dashboard for frps.
dashboard is available only if webServer.port is set.
webServer.addr = "0.0.0.0" webServer.port = xxx webServer.user = "xxx" webServer.password = "xxx" webServer.tls.certFile = "/etc/letsencrypt/live/xxx/fullchain.pem" webServer.tls.keyFile = "/etc/letsencrypt/live/xxx/privkey.pem"
dashboard assets directory(only for debug mode)
webServer.assetsDir = "./static"
Enable golang pprof handlers in dashboard listener.
Dashboard port must be set first
webServer.pprofEnable = false
enablePrometheus will export prometheus metrics on webServer in /metrics api.
enablePrometheus = true
console or real logFile path like ./frps.log
log.to = "xxx/frps.log"
trace, debug, info, warn, error
log.level = "trace" log.maxDays = 3
disable log colors when log.to is console, default is false
log.disablePrintColor = true
DetailedErrorsToClient defines whether to send the specific error (with debug info) to frpc. By default, this value is true.
detailedErrorsToClient = true
auth.method specifies what authentication method to use authenticate frpc with frps.
If "token" is specified - token will be read into login message.
If "oidc" is specified - OIDC (Open ID Connect) token will be issued using OIDC settings. By default, this value is "token".
auth.method = "token"
auth.additionalScopes specifies additional scopes to include authentication information.
Optional values are HeartBeats, NewWorkConns.
auth.additionalScopes = ["HeartBeats", "NewWorkConns"]
auth token
auth.token = "xxx"
oidc issuer specifies the issuer to verify OIDC tokens with.
auth.oidc.issuer = ""
oidc audience specifies the audience OIDC tokens should contain when validated.
auth.oidc.audience = ""
oidc skipExpiryCheck specifies whether to skip checking if the OIDC token is expired.
auth.oidc.skipExpiryCheck = false
oidc skipIssuerCheck specifies whether to skip checking if the OIDC token's issuer claim matches the issuer specified in OidcIssuer.
auth.oidc.skipIssuerCheck = false
userConnTimeout specifies the maximum time to wait for a work connection.
userConnTimeout = 10
Only allow frpc to bind ports you list. By default, there won't be any limit.
allowPorts = [ { start = 2000, end = 3000 }, { single = 3001 }, { single = 3003 }, { start = 4000, end = 50000 } ]
Max ports can be used for each client, default value is 0 means no limit
maxPortsPerClient = 0
If subDomainHost is not empty, you can set subdomain when type is http or https in frpc's configure file
When subdomain is est, the host used by routing is test.frps.com
subDomainHost = ""
custom 404 page for HTTP requests
custom404Page = "/path/to/404.html"
specify udp packet size, unit is byte. If not set, the default value is 1500.
This parameter should be same between client and server.
It affects the udp and sudp proxy.
udpPacketSize = 1500
Retention time for NAT hole punching strategy data.
natholeAnalysisDataReserveHours = 168
[[httpPlugins]]
name = "user-manager"
addr = "127.0.0.1:9000"
path = "/handler"
ops = ["Login"]
[[httpPlugins]]
name = "port-manager"
addr = "127.0.0.1:9001"
path = "/handler"
ops = ["NewProxy"]
Logs
frps.log 2023/11/20 17:12:22 [D] [control.go:535] [137c98a22cb25074] receive heartbeat 2023/11/20 17:12:52 [D] [control.go:535] [137c98a22cb25074] receive heartbeat 2023/11/20 17:13:22 [D] [control.go:535] [137c98a22cb25074] receive heartbeat 2023/11/20 17:13:52 [D] [control.go:535] [137c98a22cb25074] receive heartbeat 2023/11/20 17:14:22 [D] [control.go:535] [137c98a22cb25074] receive heartbeat
sudo systemctl status frps.service: Nov 20 01:24:18 xxx systemd[1]: Started frp server. Nov 20 15:50:03 xxx frps[119268]: 2023/11/20 15:50:03 http: TLS handshake error from 172.232.218.49:60000: read tcp 172.24.107.206:59971->172.232.218.49:60000: read: connection> Nov 20 17:14:35 xxx systemd[1]: Stopping frp server... Nov 20 17:14:35 xxx systemd[1]: frps.service: Deactivated successfully. Nov 20 17:14:35 xxx systemd[1]: Stopped frp server. Nov 20 17:14:35 xxx systemd[1]: frps.service: Consumed 1.094s CPU time.
Steps to reproduce
...
Affected area