本文介绍如何使用FRP实现内网穿透,并结合NoMachine实现高效的远程桌面控制方案。

FRP内网穿透

什么是FRP

Info

FRP (Fast Reverse Proxy) 是一个可用于内网穿透的高性能反向代理应用,支持TCP、UDP、HTTP、HTTPS等多种协议。使用FRP可以将内网服务暴露到公网,实现远程访问内网资源。

部署架构

image-20250531223637908

服务端配置 (frps)

在具有公网IP的服务器上部署frps服务端:

  1. 下载并解压frp
wget https://github.com/fatedier/frp/releases/download/v0.61.2/frp_0.61.2_linux_amd64.tar.gz
tar -zxvf frp_0.61.2_linux_amd64.tar.gz
cd frp_0.61.2_linux_amd64
  1. 编辑/etc/frp/frps.toml配置文件
# frps.toml
bindPort = 7000
kcpBindPort = 7001
quicBindPort = 7002

auth.token = "hello_frps"

# 仪表板配置
webServer.addr = "0.0.0.0"
webServer.port = 7500
webServer.user = "admin"
webServer.password = "yourfrpspassword"

# 虚拟主机配置
vhostHTTPPort = 8080
vhostHTTPSPort = 8081

# 日志配置
log.to = "/var/log/frp/frps.log"
log.level = "info"
log.maxDays = 3
  1. 启动frps服务

Tip

建议将frps配置为系统服务,以便开机自启动。可以使用systemd创建服务文件。

编辑 /etc/systemd/system/frps.service

[Unit]
Description=frp server
After=network.target

[Service]
Type=simple
ExecStart=/usr/local/bin/frps -c /etc/frp/frps.toml
Restart=on-failure
RestartSec=5s
LimitNOFILE=65535

[Install]
WantedBy=multi-user.target

systemctl enable frps
systemctl start frps
systemctl status frps

客户端配置 (frpc)

在内网设备上配置frpc客户端:

  1. 下载并解压frp(与服务端相同)
curl -s https://api.github.com/repos/fatedier/frp/releases/latest | grep -oP '"tag_name": "\K(.*)(?=")'
mkdir -p ~/frpc_install && cd ~/frpc_install && wget https://github.com/fatedier/frp/releases/download/v0.62.0/frp_0.62.0_linux_amd64.tar.gz
tar -xzf ~/frpc_install/frp_0.62.0_linux_amd64.tar.gz -C ~/frpc_install
sudo mkdir -p /usr/local/bin && sudo cp ~/frpc_install/frp_0.62.0_linux_amd64/frpc /usr/local/bin/ && sudo chmod +x /usr/local/bin/frpc
frpc --version
  1. 编辑frpc.toml配置文件

frpc配置 
loginFailExit = false
udpPacketSize = 1500
serverAddr = "frps_server_ip"
serverPort = 7000
user = ""

[auth]
method = "token"
token = "hello_frps"

[log]
to = "/var/log/frp/frpc.log"
level = "info"
maxDays = 3
disablePrintColor = false

[transport]
dialServerTimeout = 10
dialServerKeepalive = 7200
poolCount = 0
tcpMux = true
tcpMuxKeepaliveInterval = 30
protocol = "tcp"
connectServerLocalIP = ""
proxyURL = ""
heartbeatInterval = 30
heartbeatTimeout = 90

[transport.tls]
enable = true
certFile = ""
keyFile = ""
trustedCaFile = ""
serverName = ""
disableCustomTLSFirstByte = true

[metadatas]
token = ""

[webServer]
addr = "127.0.0.1"
port = 57400
user = ""
password = ""
pprofEnable = false

[[proxies]]
name = "vscode"
type = "tcp"
localIP = "192.168.5.3"
localPort = 8088
remotePort = 8088

[proxies.transport]
useEncryption = false
useCompression = false

[[proxies]]
name = "nomachine"
type = "tcp"
localIP = "192.168.5.3"
localPort = 4000
remotePort = 4000

[proxies.transport]
useEncryption = false
useCompression = false

  1. 启动frpc客户端
[Unit]
Description=frpc service
After=network.target

[Service]
Type=simple
User=nh
ExecStart=/usr/local/bin/frpc -c /etc/frp/frpc.toml
Restart=on-failure
RestartSec=5s

[Install]
WantedBy=multi-user.target

NoMachine远程桌面

NoMachine简介

Info

NoMachine是一款高性能的远程桌面软件,支持Windows、macOS、Linux等多种操作系统。相比传统的VNC或RDP,NoMachine提供更流畅的图形界面体验和更低的延迟。

Tip

对于分辨率调整,例如VGA-1,很可能无法调整到1080p分辨率

调整分辨率 /user/NX/etc/server.cfg

调整 DisplayServer=1的相关配置,使用x11 Virtual DisplayServer

分辨率更多样

参考