This commit is contained in:
yuyulei 2020-11-23 11:38:21 +08:00 committed by GitHub
parent a85bd9a4d9
commit 127a31ea6a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 53 additions and 31 deletions

View File

@ -295,7 +295,7 @@ func (ctl *Control) msgHandler() {
}() }()
defer ctl.msgHandlerShutdown.Done() defer ctl.msgHandlerShutdown.Done()
hbSend := time.NewTicker(time.Duration(ctl.clientCfg.HeartBeatInterval) * time.Second) hbSend := time.NewTicker(time.Duration(ctl.clientCfg.HeartbeatInterval) * time.Second)
defer hbSend.Stop() defer hbSend.Stop()
hbCheck := time.NewTicker(time.Second) hbCheck := time.NewTicker(time.Second)
defer hbCheck.Stop() defer hbCheck.Stop()
@ -314,7 +314,7 @@ func (ctl *Control) msgHandler() {
} }
ctl.sendCh <- pingMsg ctl.sendCh <- pingMsg
case <-hbCheck.C: case <-hbCheck.C:
if time.Since(ctl.lastPong) > time.Duration(ctl.clientCfg.HeartBeatTimeout)*time.Second { if time.Since(ctl.lastPong) > time.Duration(ctl.clientCfg.HeartbeatTimeout)*time.Second {
xl.Warn("heartbeat timeout") xl.Warn("heartbeat timeout")
// let reader() stop // let reader() stop
ctl.conn.Close() ctl.conn.Close()

View File

@ -23,15 +23,30 @@ log_max_days = 3
disable_log_color = false disable_log_color = false
# for authentication, should be same as your frps.ini # for authentication, should be same as your frps.ini
# AuthenticateHeartBeats specifies whether to include authentication token in heartbeats sent to frps. By default, this value is false. # authenticate_heartbeats specifies whether to include authentication token in heartbeats sent to frps. By default, this value is false.
authenticate_heartbeats = false authenticate_heartbeats = false
# AuthenticateNewWorkConns specifies whether to include authentication token in new work connections sent to frps. By default, this value is false. # authenticate_new_work_conns specifies whether to include authentication token in new work connections sent to frps. By default, this value is false.
authenticate_new_work_conns = false authenticate_new_work_conns = false
# auth token # auth token
token = 12345678 token = 12345678
# oidc_client_id specifies the client ID to use to get a token in OIDC authentication if AuthenticationMethod == "oidc".
# By default, this value is "".
oidc_client_id =
# oidc_client_secret specifies the client secret to use to get a token in OIDC authentication if AuthenticationMethod == "oidc".
# By default, this value is "".
oidc_client_secret =
# oidc_audience specifies the audience of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "".
oidc_audience =
# oidc_token_endpoint_url specifies the URL which implements OIDC Token Endpoint.
# It will be used to get an OIDC token if AuthenticationMethod == "oidc". By default, this value is "".
oidc_token_endpoint_url =
# set admin address for control frpc's action by http api such as reload # set admin address for control frpc's action by http api such as reload
admin_addr = 127.0.0.1 admin_addr = 127.0.0.1
admin_port = 7400 admin_port = 7400

View File

@ -23,7 +23,7 @@ vhost_https_port = 443
# response header timeout(seconds) for vhost http server, default is 60s # response header timeout(seconds) for vhost http server, default is 60s
# vhost_http_timeout = 60 # vhost_http_timeout = 60
# TcpMuxHttpConnectPort specifies the port that the server listens for TCP # tcpmux_httpconnect_port specifies the port that the server listens for TCP
# HTTP CONNECT requests. If the value is 0, the server will not multiplex TCP # HTTP CONNECT requests. If the value is 0, the server will not multiplex TCP
# requests on one single port. If it's not - it will listen on this value for # requests on one single port. If it's not - it will listen on this value for
# HTTP CONNECT requests. By default, this value is 0. # HTTP CONNECT requests. By default, this value is 0.
@ -44,6 +44,7 @@ enable_prometheus = true
# dashboard assets directory(only for debug mode) # dashboard assets directory(only for debug mode)
# assets_dir = ./static # assets_dir = ./static
# console or real logFile path like ./frps.log # console or real logFile path like ./frps.log
log_file = ./frps.log log_file = ./frps.log
@ -58,12 +59,12 @@ disable_log_color = false
# DetailedErrorsToClient defines whether to send the specific error (with debug info) to frpc. By default, this value is true. # DetailedErrorsToClient defines whether to send the specific error (with debug info) to frpc. By default, this value is true.
detailed_errors_to_client = true detailed_errors_to_client = true
# AuthenticationMethod specifies what authentication method to use authenticate frpc with frps. # authentication_method specifies what authentication method to use authenticate frpc with frps.
# If "token" is specified - token will be read into login message. # If "token" is specified - token will be read into login message.
# If "oidc" is specified - OIDC (Open ID Connect) token will be issued using OIDC settings. By default, this value is "token". # If "oidc" is specified - OIDC (Open ID Connect) token will be issued using OIDC settings. By default, this value is "token".
authentication_method = token authentication_method = token
# AuthenticateHeartBeats specifies whether to include authentication token in heartbeats sent to frps. By default, this value is false. # authenticate_heartbeats specifies whether to include authentication token in heartbeats sent to frps. By default, this value is false.
authenticate_heartbeats = false authenticate_heartbeats = false
# AuthenticateNewWorkConns specifies whether to include authentication token in new work connections sent to frps. By default, this value is false. # AuthenticateNewWorkConns specifies whether to include authentication token in new work connections sent to frps. By default, this value is false.
@ -72,25 +73,31 @@ authenticate_new_work_conns = false
# auth token # auth token
token = 12345678 token = 12345678
# OidcClientId specifies the client ID to use to get a token in OIDC authentication if AuthenticationMethod == "oidc". # oidc_issuer specifies the issuer to verify OIDC tokens with.
# By default, this value is "". # By default, this value is "".
oidc_client_id = oidc_issuer =
# OidcClientSecret specifies the client secret to use to get a token in OIDC authentication if AuthenticationMethod == "oidc". # oidc_audience specifies the audience OIDC tokens should contain when validated.
# By default, this value is "". # By default, this value is "".
oidc_client_secret = oidc_audience =
# OidcAudience specifies the audience of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "". # oidc_skip_expiry_check specifies whether to skip checking if the OIDC token is expired.
oidc_audience = # By default, this value is false.
oidc_skip_expiry_check = false
# OidcTokenEndpointUrl specifies the URL which implements OIDC Token Endpoint.
# It will be used to get an OIDC token if AuthenticationMethod == "oidc". By default, this value is "". # oidc_skip_issuer_check specifies whether to skip checking if the OIDC token's issuer claim matches the issuer specified in OidcIssuer.
oidc_token_endpoint_url = # By default, this value is false.
oidc_skip_issuer_check = false
# heartbeat configure, it's not recommended to modify the default value # heartbeat configure, it's not recommended to modify the default value
# the default value of heartbeat_timeout is 90 # the default value of heartbeat_timeout is 90
# heartbeat_timeout = 90 # heartbeat_timeout = 90
# user_conn_timeout configure, it's not recommended to modify the default value
# the default value of user_conn_timeout is 10
# user_conn_timeout = 10
# only allow frpc to bind ports you list, if you set nothing, there won't be any limit # only allow frpc to bind ports you list, if you set nothing, there won't be any limit
allow_ports = 2000-3000,3001,3003,4000-50000 allow_ports = 2000-3000,3001,3003,4000-50000
@ -100,7 +107,7 @@ max_pool_count = 5
# max ports can be used for each client, default value is 0 means no limit # max ports can be used for each client, default value is 0 means no limit
max_ports_per_client = 0 max_ports_per_client = 0
# TlsOnly specifies whether to only accept TLS-encrypted connections. By default, the value is false. # tls_only specifies whether to only accept TLS-encrypted connections. By default, the value is false.
tls_only = false tls_only = false
# tls_cert_file = server.crt # tls_cert_file = server.crt

View File

@ -121,11 +121,11 @@ type ClientCommonConf struct {
// HeartBeatInterval specifies at what interval heartbeats are sent to the // HeartBeatInterval specifies at what interval heartbeats are sent to the
// server, in seconds. It is not recommended to change this value. By // server, in seconds. It is not recommended to change this value. By
// default, this value is 30. // default, this value is 30.
HeartBeatInterval int64 `json:"heartbeat_interval"` HeartbeatInterval int64 `json:"heartbeat_interval"`
// HeartBeatTimeout specifies the maximum allowed heartbeat response delay // HeartBeatTimeout specifies the maximum allowed heartbeat response delay
// before the connection is terminated, in seconds. It is not recommended // before the connection is terminated, in seconds. It is not recommended
// to change this value. By default, this value is 90. // to change this value. By default, this value is 90.
HeartBeatTimeout int64 `json:"heartbeat_timeout"` HeartbeatTimeout int64 `json:"heartbeat_timeout"`
// Client meta info // Client meta info
Metas map[string]string `json:"metas"` Metas map[string]string `json:"metas"`
// UDPPacketSize specifies the udp packet size // UDPPacketSize specifies the udp packet size
@ -160,8 +160,8 @@ func GetDefaultClientConf() ClientCommonConf {
TLSCertFile: "", TLSCertFile: "",
TLSKeyFile: "", TLSKeyFile: "",
TLSTrustedCaFile: "", TLSTrustedCaFile: "",
HeartBeatInterval: 30, HeartbeatInterval: 30,
HeartBeatTimeout: 90, HeartbeatTimeout: 90,
Metas: make(map[string]string), Metas: make(map[string]string),
UDPPacketSize: 1500, UDPPacketSize: 1500,
} }
@ -312,7 +312,7 @@ func UnmarshalClientConfFromIni(content string) (cfg ClientCommonConf, err error
err = fmt.Errorf("Parse conf error: invalid heartbeat_timeout") err = fmt.Errorf("Parse conf error: invalid heartbeat_timeout")
return return
} }
cfg.HeartBeatTimeout = v cfg.HeartbeatTimeout = v
} }
if tmpStr, ok = conf.Get("common", "heartbeat_interval"); ok { if tmpStr, ok = conf.Get("common", "heartbeat_interval"); ok {
@ -320,7 +320,7 @@ func UnmarshalClientConfFromIni(content string) (cfg ClientCommonConf, err error
err = fmt.Errorf("Parse conf error: invalid heartbeat_interval") err = fmt.Errorf("Parse conf error: invalid heartbeat_interval")
return return
} }
cfg.HeartBeatInterval = v cfg.HeartbeatInterval = v
} }
for k, v := range conf.Section("common") { for k, v := range conf.Section("common") {
if strings.HasPrefix(k, "meta_") { if strings.HasPrefix(k, "meta_") {
@ -338,12 +338,12 @@ func UnmarshalClientConfFromIni(content string) (cfg ClientCommonConf, err error
} }
func (cfg *ClientCommonConf) Check() (err error) { func (cfg *ClientCommonConf) Check() (err error) {
if cfg.HeartBeatInterval <= 0 { if cfg.HeartbeatInterval <= 0 {
err = fmt.Errorf("Parse conf error: invalid heartbeat_interval") err = fmt.Errorf("Parse conf error: invalid heartbeat_interval")
return return
} }
if cfg.HeartBeatTimeout < cfg.HeartBeatInterval { if cfg.HeartbeatTimeout < cfg.HeartbeatInterval {
err = fmt.Errorf("Parse conf error: invalid heartbeat_timeout, heartbeat_timeout is less than heartbeat_interval") err = fmt.Errorf("Parse conf error: invalid heartbeat_timeout, heartbeat_timeout is less than heartbeat_interval")
return return
} }

View File

@ -83,7 +83,7 @@ type ServerCommonConf struct {
// AssetsDir specifies the local directory that the dashboard will load // AssetsDir specifies the local directory that the dashboard will load
// resources from. If this value is "", assets will be loaded from the // resources from. If this value is "", assets will be loaded from the
// bundled executable using statik. By default, this value is "". // bundled executable using statik. By default, this value is "".
AssetsDir string `json:"asserts_dir"` AssetsDir string `json:"assets_dir"`
// LogFile specifies a file where logs will be written to. This value will // LogFile specifies a file where logs will be written to. This value will
// only be used if LogWay is set appropriately. By default, this value is // only be used if LogWay is set appropriately. By default, this value is
// "console". // "console".
@ -154,7 +154,7 @@ type ServerCommonConf struct {
// HeartBeatTimeout specifies the maximum time to wait for a heartbeat // HeartBeatTimeout specifies the maximum time to wait for a heartbeat
// before terminating the connection. It is not recommended to change this // before terminating the connection. It is not recommended to change this
// value. By default, this value is 90. // value. By default, this value is 90.
HeartBeatTimeout int64 `json:"heart_beat_timeout"` HeartbeatTimeout int64 `json:"heartbeat_timeout"`
// UserConnTimeout specifies the maximum time to wait for a work // UserConnTimeout specifies the maximum time to wait for a work
// connection. By default, this value is 10. // connection. By default, this value is 10.
UserConnTimeout int64 `json:"user_conn_timeout"` UserConnTimeout int64 `json:"user_conn_timeout"`
@ -199,7 +199,7 @@ func GetDefaultServerConf() ServerCommonConf {
TLSCertFile: "", TLSCertFile: "",
TLSKeyFile: "", TLSKeyFile: "",
TLSTrustedCaFile: "", TLSTrustedCaFile: "",
HeartBeatTimeout: 90, HeartbeatTimeout: 90,
UserConnTimeout: 10, UserConnTimeout: 10,
Custom404Page: "", Custom404Page: "",
HTTPPlugins: make(map[string]plugin.HTTPPluginOptions), HTTPPlugins: make(map[string]plugin.HTTPPluginOptions),
@ -421,7 +421,7 @@ func UnmarshalServerConfFromIni(content string) (cfg ServerCommonConf, err error
err = fmt.Errorf("Parse conf error: heartbeat_timeout is incorrect") err = fmt.Errorf("Parse conf error: heartbeat_timeout is incorrect")
return return
} }
cfg.HeartBeatTimeout = v cfg.HeartbeatTimeout = v
} }
if tmpStr, ok = conf.Get("common", "tls_only"); ok && tmpStr == "true" { if tmpStr, ok = conf.Get("common", "tls_only"); ok && tmpStr == "true" {

View File

@ -408,7 +408,7 @@ func (ctl *Control) manager() {
for { for {
select { select {
case <-heartbeat.C: case <-heartbeat.C:
if time.Since(ctl.lastPing) > time.Duration(ctl.serverCfg.HeartBeatTimeout)*time.Second { if time.Since(ctl.lastPing) > time.Duration(ctl.serverCfg.HeartbeatTimeout)*time.Second {
xl.Warn("heartbeat timeout") xl.Warn("heartbeat timeout")
return return
} }

View File

@ -74,7 +74,7 @@ func (svr *Service) APIServerInfo(w http.ResponseWriter, r *http.Request) {
SubdomainHost: svr.cfg.SubDomainHost, SubdomainHost: svr.cfg.SubDomainHost,
MaxPoolCount: svr.cfg.MaxPoolCount, MaxPoolCount: svr.cfg.MaxPoolCount,
MaxPortsPerClient: svr.cfg.MaxPortsPerClient, MaxPortsPerClient: svr.cfg.MaxPortsPerClient,
HeartBeatTimeout: svr.cfg.HeartBeatTimeout, HeartBeatTimeout: svr.cfg.HeartbeatTimeout,
TotalTrafficIn: serverStats.TotalTrafficIn, TotalTrafficIn: serverStats.TotalTrafficIn,
TotalTrafficOut: serverStats.TotalTrafficOut, TotalTrafficOut: serverStats.TotalTrafficOut,