frp内网穿透toml配置 Github:https://github.com/fatedier/frpfrpc_full_example.toml# This configuration file is for reference only. Please do not use this configuration directly to run the program as it may have various issues. # your proxy name will be changed to {user}.{proxy} user = "your_name" # A literal address or host name for IPv6 must be enclosed # in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80" # For single serverAddr field, no need square brackets, like serverAddr = "::". serverAddr = "0.0.0.0" serverPort = 7000 # STUN server to help penetrate NAT hole. # natHoleStunServer = "stun.easyvoip.com:3478" # Decide if exit program when first login failed, otherwise continuous relogin to frps # default is true loginFailExit = true # console or real logFile path like ./frpc.log log.to = "./frpc.log" # trace, debug, info, warn, error log.level = "info" log.maxDays = 3 # disable log colors when log.to is console, default is false log.disablePrintColor = false auth.method = "token" # auth.additionalScopes specifies additional scopes to include authentication information. # Optional values are HeartBeats, NewWorkConns. # auth.additionalScopes = ["HeartBeats", "NewWorkConns"] # auth token auth.token = "12345678" # oidc.clientID specifies the client ID to use to get a token in OIDC authentication. # auth.oidc.clientID = "" # oidc.clientSecret specifies the client secret to use to get a token in OIDC authentication. # auth.oidc.clientSecret = "" # oidc.audience specifies the audience of the token in OIDC authentication. # auth.oidc.audience = "" # oidc.scope specifies the permissions of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "". # auth.oidc.scope = "" # oidc.tokenEndpointURL specifies the URL which implements OIDC Token Endpoint. # It will be used to get an OIDC token. # auth.oidc.tokenEndpointURL = "" # oidc.additionalEndpointParams specifies additional parameters to be sent to the OIDC Token Endpoint. # For example, if you want to specify the "audience" parameter, you can set as follow. # frp will add "audience=<value>" "var1=<value>" to the additional parameters. # auth.oidc.additionalEndpointParams.audience = "https://dev.auth.com/api/v2/" # auth.oidc.additionalEndpointParams.var1 = "foobar" # Set admin address for control frpc's action by http api such as reload webServer.addr = "127.0.0.1" webServer.port = 7400 webServer.user = "admin" webServer.password = "admin" # Admin assets directory. By default, these assets are bundled with frpc. # webServer.assetsDir = "./static" # Enable golang pprof handlers in admin listener. webServer.pprofEnable = false # The maximum amount of time a dial to server will wait for a connect to complete. Default value is 10 seconds. # transport.dialServerTimeout = 10 # dialServerKeepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps. # If negative, keep-alive probes are disabled. # transport.dialServerKeepalive = 7200 # connections will be established in advance, default value is zero transport.poolCount = 5 # If tcp stream multiplexing is used, default is true, it must be same with frps # transport.tcpMux = true # Specify keep alive interval for tcp mux. # only valid if tcpMux is enabled. # transport.tcpMuxKeepaliveInterval = 30 # Communication protocol used to connect to server # supports tcp, kcp, quic, websocket and wss now, default is tcp transport.protocol = "tcp" # set client binding ip when connect server, default is empty. # only when protocol = tcp or websocket, the value will be used. transport.connectServerLocalIP = "0.0.0.0" # if you want to connect frps by http proxy or socks5 proxy or ntlm proxy, you can set proxyURL here or in global environment variables # it only works when protocol is tcp # transport.proxyURL = "http://user:passwd@192.168.1.128:8080" # transport.proxyURL = "socks5://user:passwd@192.168.1.128:1080" # transport.proxyURL = "ntlm://user:passwd@192.168.1.128:2080" # quic protocol options # transport.quic.keepalivePeriod = 10 # transport.quic.maxIdleTimeout = 30 # transport.quic.maxIncomingStreams = 100000 # If tls.enable is true, frpc will connect frps by tls. # Since v0.50.0, the default value has been changed to true, and tls is enabled by default. transport.tls.enable = true # transport.tls.certFile = "client.crt" # transport.tls.keyFile = "client.key" # transport.tls.trustedCaFile = "ca.crt" # transport.tls.serverName = "example.com" # If the disableCustomTLSFirstByte is set to false, frpc will establish a connection with frps using the # first custom byte when tls is enabled. # Since v0.50.0, the default value has been changed to true, and the first custom byte is disabled by default. # transport.tls.disableCustomTLSFirstByte = true # Heartbeat configure, it's not recommended to modify the default value. # The default value of heartbeatInterval is 10 and heartbeatTimeout is 90. Set negative value # to disable it. # transport.heartbeatInterval = 30 # transport.heartbeatTimeout = 90 # Specify a dns server, so frpc will use this instead of default one # dnsServer = "8.8.8.8" # Proxy names you want to start. # Default is empty, means all proxies. # start = ["ssh", "dns"] # Specify udp packet size, unit is byte. If not set, the default value is 1500. # This parameter should be same between client and server. # It affects the udp and sudp proxy. udpPacketSize = 1500 # Additional metadatas for client. metadatas.var1 = "abc" metadatas.var2 = "123" # Include other config files for proxies. # includes = ["./confd/*.ini"] [[proxies]] # 'ssh' is the unique proxy name # If global user is not empty, it will be changed to {user}.{proxy} such as 'your_name.ssh' name = "ssh" type = "tcp" localIP = "127.0.0.1" localPort = 22 # Limit bandwidth for this proxy, unit is KB and MB transport.bandwidthLimit = "1MB" # Where to limit bandwidth, can be 'client' or 'server', default is 'client' transport.bandwidthLimitMode = "client" # If true, traffic of this proxy will be encrypted, default is false transport.useEncryption = false # If true, traffic will be compressed transport.useCompression = false # Remote port listen by frps remotePort = 6001 # frps will load balancing connections for proxies in same group loadBalancer.group = "test_group" # group should have same group key loadBalancer.groupKey = "123456" # Enable health check for the backend service, it supports 'tcp' and 'http' now. # frpc will connect local service's port to detect it's healthy status healthCheck.type = "tcp" # Health check connection timeout healthCheck.timeoutSeconds = 3 # If continuous failed in 3 times, the proxy will be removed from frps healthCheck.maxFailed = 3 # Every 10 seconds will do a health check healthCheck.intervalSeconds = 10 # Additional meta info for each proxy. It will be passed to the server-side plugin for use. metadatas.var1 = "abc" metadatas.var2 = "123" # You can add some extra information to the proxy through annotations. # These annotations will be displayed on the frps dashboard. [proxies.annotations] key1 = "value1" "prefix/key2" = "value2" [[proxies]] name = "ssh_random" type = "tcp" localIP = "192.168.31.100" localPort = 22 # If remotePort is 0, frps will assign a random port for you remotePort = 0 [[proxies]] name = "dns" type = "udp" localIP = "114.114.114.114" localPort = 53 remotePort = 6002 # Resolve your domain names to [serverAddr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02 [[proxies]] name = "web01" type = "http" localIP = "127.0.0.1" localPort = 80 # http username and password are safety certification for http protocol # if not set, you can access this customDomains without certification httpUser = "admin" httpPassword = "admin" # if domain for frps is frps.com, then you can access [web01] proxy by URL http://web01.frps.com subdomain = "web01" customDomains = ["web01.yourdomain.com"] # locations is only available for http type locations = ["/", "/pic"] # route requests to this service if http basic auto user is abc # routeByHTTPUser = abc hostHeaderRewrite = "example.com" requestHeaders.set.x-from-where = "frp" responseHeaders.set.foo = "bar" healthCheck.type = "http" # frpc will send a GET http request '/status' to local http service # http service is alive when it return 2xx http response code healthCheck.path = "/status" healthCheck.intervalSeconds = 10 healthCheck.maxFailed = 3 healthCheck.timeoutSeconds = 3 # set health check headers healthCheck.httpHeaders=[ { name = "x-from-where", value = "frp" } ] [[proxies]] name = "web02" type = "https" localIP = "127.0.0.1" localPort = 8000 subdomain = "web02" customDomains = ["web02.yourdomain.com"] # if not empty, frpc will use proxy protocol to transfer connection info to your local service # v1 or v2 or empty transport.proxyProtocolVersion = "v2" [[proxies]] name = "tcpmuxhttpconnect" type = "tcpmux" multiplexer = "httpconnect" localIP = "127.0.0.1" localPort = 10701 customDomains = ["tunnel1"] # routeByHTTPUser = "user1" [[proxies]] name = "plugin_unix_domain_socket" type = "tcp" remotePort = 6003 # if plugin is defined, localIP and localPort is useless # plugin will handle connections got from frps [proxies.plugin] type = "unix_domain_socket" unixPath = "/var/run/docker.sock" [[proxies]] name = "plugin_http_proxy" type = "tcp" remotePort = 6004 [proxies.plugin] type = "http_proxy" httpUser = "abc" httpPassword = "abc" [[proxies]] name = "plugin_socks5" type = "tcp" remotePort = 6005 [proxies.plugin] type = "socks5" username = "abc" password = "abc" [[proxies]] name = "plugin_static_file" type = "tcp" remotePort = 6006 [proxies.plugin] type = "static_file" localPath = "/var/www/blog" stripPrefix = "static" httpUser = "abc" httpPassword = "abc" [[proxies]] name = "plugin_https2http" type = "https" customDomains = ["test.yourdomain.com"] [proxies.plugin] type = "https2http" localAddr = "127.0.0.1:80" crtPath = "./server.crt" keyPath = "./server.key" hostHeaderRewrite = "127.0.0.1" requestHeaders.set.x-from-where = "frp" [[proxies]] name = "plugin_https2https" type = "https" customDomains = ["test.yourdomain.com"] [proxies.plugin] type = "https2https" localAddr = "127.0.0.1:443" crtPath = "./server.crt" keyPath = "./server.key" hostHeaderRewrite = "127.0.0.1" requestHeaders.set.x-from-where = "frp" [[proxies]] name = "plugin_http2https" type = "http" customDomains = ["test.yourdomain.com"] [proxies.plugin] type = "http2https" localAddr = "127.0.0.1:443" hostHeaderRewrite = "127.0.0.1" requestHeaders.set.x-from-where = "frp" [[proxies]] name = "plugin_http2http" type = "tcp" remotePort = 6007 [proxies.plugin] type = "http2http" localAddr = "127.0.0.1:80" hostHeaderRewrite = "127.0.0.1" requestHeaders.set.x-from-where = "frp" [[proxies]] name = "plugin_tls2raw" type = "tcp" remotePort = 6008 [proxies.plugin] type = "tls2raw" localAddr = "127.0.0.1:80" crtPath = "./server.crt" keyPath = "./server.key" [[proxies]] name = "secret_tcp" # If the type is secret tcp, remotePort is useless # Who want to connect local port should deploy another frpc with stcp proxy and role is visitor type = "stcp" # secretKey is used for authentication for visitors secretKey = "abcdefg" localIP = "127.0.0.1" localPort = 22 # If not empty, only visitors from specified users can connect. # Otherwise, visitors from same user can connect. '*' means allow all users. allowUsers = ["*"] [[proxies]] name = "p2p_tcp" type = "xtcp" secretKey = "abcdefg" localIP = "127.0.0.1" localPort = 22 # If not empty, only visitors from specified users can connect. # Otherwise, visitors from same user can connect. '*' means allow all users. allowUsers = ["user1", "user2"] # frpc role visitor -> frps -> frpc role server [[visitors]] name = "secret_tcp_visitor" type = "stcp" # the server name you want to visitor serverName = "secret_tcp" secretKey = "abcdefg" # connect this address to visitor stcp server bindAddr = "127.0.0.1" # bindPort can be less than 0, it means don't bind to the port and only receive connections redirected from # other visitors. (This is not supported for SUDP now) bindPort = 9000 [[visitors]] name = "p2p_tcp_visitor" type = "xtcp" # if the server user is not set, it defaults to the current user serverUser = "user1" serverName = "p2p_tcp" secretKey = "abcdefg" bindAddr = "127.0.0.1" # bindPort can be less than 0, it means don't bind to the port and only receive connections redirected from # other visitors. (This is not supported for SUDP now) bindPort = 9001 # when automatic tunnel persistence is required, set it to true keepTunnelOpen = false # effective when keepTunnelOpen is set to true, the number of attempts to punch through per hour maxRetriesAnHour = 8 minRetryInterval = 90 # fallbackTo = "stcp_visitor" # fallbackTimeoutMs = 500frps_full_example.toml# This configuration file is for reference only. Please do not use this configuration directly to run the program as it may have various issues. # A literal address or host name for IPv6 must be enclosed # in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80" # For single "bindAddr" field, no need square brackets, like `bindAddr = "::"`. bindAddr = "0.0.0.0" bindPort = 7000 # udp port used for kcp protocol, it can be same with 'bindPort'. # if not set, kcp is disabled in frps. kcpBindPort = 7000 # udp port used for quic protocol. # if not set, quic is disabled in frps. # quicBindPort = 7002 # Specify which address proxy will listen for, default value is same with bindAddr # proxyBindAddr = "127.0.0.1" # quic protocol options # transport.quic.keepalivePeriod = 10 # transport.quic.maxIdleTimeout = 30 # transport.quic.maxIncomingStreams = 100000 # Heartbeat configure, it's not recommended to modify the default value # The default value of heartbeatTimeout is 90. Set negative value to disable it. # transport.heartbeatTimeout = 90 # Pool count in each proxy will keep no more than maxPoolCount. transport.maxPoolCount = 5 # If tcp stream multiplexing is used, default is true # transport.tcpMux = true # Specify keep alive interval for tcp mux. # only valid if tcpMux is true. # transport.tcpMuxKeepaliveInterval = 30 # tcpKeepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps. # If negative, keep-alive probes are disabled. # transport.tcpKeepalive = 7200 # transport.tls.force specifies whether to only accept TLS-encrypted connections. By default, the value is false. transport.tls.force = false # transport.tls.certFile = "server.crt" # transport.tls.keyFile = "server.key" # transport.tls.trustedCaFile = "ca.crt" # If you want to support virtual host, you must set the http port for listening (optional) # Note: http port and https port can be same with bindPort vhostHTTPPort = 80 vhostHTTPSPort = 443 # Response header timeout(seconds) for vhost http server, default is 60s # vhostHTTPTimeout = 60 # tcpmuxHTTPConnectPort specifies the port that the server listens for TCP # HTTP CONNECT requests. If the value is 0, the server will not multiplex TCP # requests on one single port. If it's not - it will listen on this value for # HTTP CONNECT requests. By default, this value is 0. # tcpmuxHTTPConnectPort = 1337 # If tcpmuxPassthrough is true, frps won't do any update on traffic. # tcpmuxPassthrough = false # Configure the web server to enable the dashboard for frps. # dashboard is available only if webServer.port is set. webServer.addr = "127.0.0.1" webServer.port = 7500 webServer.user = "admin" webServer.password = "admin" # webServer.tls.certFile = "server.crt" # webServer.tls.keyFile = "server.key" # dashboard assets directory(only for debug mode) # webServer.assetsDir = "./static" # Enable golang pprof handlers in dashboard listener. # Dashboard port must be set first webServer.pprofEnable = false # enablePrometheus will export prometheus metrics on webServer in /metrics api. enablePrometheus = true # console or real logFile path like ./frps.log log.to = "./frps.log" # trace, debug, info, warn, error log.level = "info" log.maxDays = 3 # disable log colors when log.to is console, default is false log.disablePrintColor = false # DetailedErrorsToClient defines whether to send the specific error (with debug info) to frpc. By default, this value is true. detailedErrorsToClient = true # auth.method specifies what authentication method to use authenticate frpc with frps. # If "token" is specified - token will be read into login message. # If "oidc" is specified - OIDC (Open ID Connect) token will be issued using OIDC settings. By default, this value is "token". auth.method = "token" # auth.additionalScopes specifies additional scopes to include authentication information. # Optional values are HeartBeats, NewWorkConns. # auth.additionalScopes = ["HeartBeats", "NewWorkConns"] # auth token auth.token = "12345678" # oidc issuer specifies the issuer to verify OIDC tokens with. auth.oidc.issuer = "" # oidc audience specifies the audience OIDC tokens should contain when validated. auth.oidc.audience = "" # oidc skipExpiryCheck specifies whether to skip checking if the OIDC token is expired. auth.oidc.skipExpiryCheck = false # oidc skipIssuerCheck specifies whether to skip checking if the OIDC token's issuer claim matches the issuer specified in OidcIssuer. auth.oidc.skipIssuerCheck = false # userConnTimeout specifies the maximum time to wait for a work connection. # userConnTimeout = 10 # Only allow frpc to bind ports you list. By default, there won't be any limit. allowPorts = [ { start = 2000, end = 3000 }, { single = 3001 }, { single = 3003 }, { start = 4000, end = 50000 } ] # Max ports can be used for each client, default value is 0 means no limit maxPortsPerClient = 0 # If subDomainHost is not empty, you can set subdomain when type is http or https in frpc's configure file # When subdomain is test, the host used by routing is test.frps.com subDomainHost = "frps.com" # custom 404 page for HTTP requests # custom404Page = "/path/to/404.html" # specify udp packet size, unit is byte. If not set, the default value is 1500. # This parameter should be same between client and server. # It affects the udp and sudp proxy. udpPacketSize = 1500 # Retention time for NAT hole punching strategy data. natholeAnalysisDataReserveHours = 168 # ssh tunnel gateway # If you want to enable this feature, the bindPort parameter is required, while others are optional. # By default, this feature is disabled. It will be enabled if bindPort is greater than 0. # sshTunnelGateway.bindPort = 2200 # sshTunnelGateway.privateKeyFile = "/home/frp-user/.ssh/id_rsa" # sshTunnelGateway.autoGenPrivateKeyPath = "" # sshTunnelGateway.authorizedKeysFile = "/home/frp-user/.ssh/authorized_keys" [[httpPlugins]] name = "user-manager" addr = "127.0.0.1:9000" path = "/handler" ops = ["Login"] [[httpPlugins]] name = "port-manager" addr = "127.0.0.1:9001" path = "/handler" ops = ["NewProxy"]

x-ui安装 - 支持多协议多用户的 xray 面板 Github:https://github.com/vaxilu/x-uix-ui支持多协议多用户的 xray 面板功能介绍系统状态监控支持多用户多协议，网页可视化操作支持的协议：vmess、vless、trojan、shadowsocks、dokodemo-door、socks、http支持配置更多传输配置流量统计，限制流量，限制到期时间可自定义 xray 配置模板支持 https 访问面板（自备域名 + ssl 证书）支持一键SSL证书申请且自动续签更多高级配置项，详见面板安装&升级bash <(curl -Ls https://raw.githubusercontent.com/vaxilu/x-ui/master/install.sh)手动安装&升级首先从 https://github.com/vaxilu/x-ui/releases 下载最新的压缩包，一般选择 amd64架构然后将这个压缩包上传到服务器的 /root/目录下，并使用 root用户登录服务器如果你的服务器 cpu 架构不是 amd64，自行将命令中的 amd64替换为其他架构cd /root/ rm x-ui/ /usr/local/x-ui/ /usr/bin/x-ui -rf tar zxvf x-ui-linux-amd64.tar.gz chmod +x x-ui/x-ui x-ui/bin/xray-linux-* x-ui/x-ui.sh cp x-ui/x-ui.sh /usr/bin/x-ui cp -f x-ui/x-ui.service /etc/systemd/system/ mv x-ui/ /usr/local/ systemctl daemon-reload systemctl enable x-ui systemctl restart x-ui

CasaOS安装 Github:https://github.com/IceWhaleTech/CasaOSCasaOS官网：http://casaos.io安装命令curl -fsSL https://get.casaos.io | sudo bash OR wget -qO- https://get.casaos.io | sudo bash升级命令wget -qO- https://get.casaos.io/update | sudo bash OR curl -fsSL https://get.casaos.io/update | sudo bash卸载命令#v0.3.3 or newer casaos-uninstall #Before v0.3.3 curl -fsSL https://get.icewhale.io/casaos-uninstall.sh | sudo bash

CentOS查看内存占用 使用free命令查看内存占用：free -h　这会显示内存的总量、使用量以及可用量等信息。其中，“-h”参数用于以人类可读的格式显示结果。使用top命令查看内存占用：top　在top命令的输出中，第一行会显示内存的总量、使用量、空闲量等信息。按下“m”键可以按照内存使用量进行排序。使用ps命令查看内存占用：ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%mem　这会显示进程的PID、PPID、命令、内存占用百分比和CPU占用百分比等信息。按照内存占用百分比进行排序，可以找出消耗内存较多的进程。使用htop命令查看内存占用：htop　htop是一个交互式的系统监视器，其界面更加友好，显示更加详细。在htop界面中，可以直观地查看内存占用情况，并按需排序。