rename example configuration file name (#3721)

2024-11-01 22:31:29 +08:00 · 2023-10-24 10:42:51 +08:00 · 2023-10-24 10:42:51 +08:00 · a6478aeac8
commit a6478aeac8
parent 806b55c292
7 changed files with 527 additions and 513 deletions
--- a/README.md
+++ b/README.md
@ -459,9 +459,11 @@ Read the full example configuration files to find out even more features not des
 Examples use TOML format, but you can still use YAML or JSON.
-[Full configuration file for frps (Server)](./conf/frps.toml)
+These configuration files is for reference only. Please do not use this configuration directly to run the program as it may have various issues.
-[Full configuration file for frpc (Client)](./conf/frpc.toml)
+[Full configuration file for frps (Server)](./conf/frps_full_example.toml)
 [Full configuration file for frpc (Client)](./conf/frpc_full_example.toml)
 ### Using Environment Variables
--- a/conf/frpc.toml
+++ b/conf/frpc.toml
@ -1,361 +1,9 @@
-# This configuration file is for reference only. Please do not use this configuration directly to run the program as it may have various issues.
+serverAddr = "127.0.0.1"
 # your proxy name will be changed to {user}.{proxy}
 user = "your_name"
 # A literal address or host name for IPv6 must be enclosed
 # in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80"
 # For single serverAddr field, no need square brackets, like serverAddr = "::".
 serverAddr = "0.0.0.0"
 serverPort = 7000
 # STUN server to help penetrate NAT hole.
 # natHoleStunServer = "stun.easyvoip.com:3478"
 # Decide if exit program when first login failed, otherwise continuous relogin to frps
 # default is true
 loginFailExit = true
 # console or real logFile path like ./frpc.log
 log.to = "./frpc.log"
 # trace, debug, info, warn, error
 log.level = "info"
 log.maxDays = 3
 # disable log colors when log.to is console, default is false
 log.disablePrintColor = false
 auth.method = "token"
 # auth.additionalScopes specifies additional scopes to include authentication information.
 # Optional values are HeartBeats, NewWorkConns.
 # auth.additionalScopes = ["HeartBeats", "NewWorkConns"]
 # auth token
 auth.token = "12345678"
 # oidc.clientID specifies the client ID to use to get a token in OIDC authentication.
 # auth.oidc.clientID = ""
 # oidc.clientSecret specifies the client secret to use to get a token in OIDC authentication.
 # auth.oidc.clientSecret = ""
 # oidc.audience specifies the audience of the token in OIDC authentication.
 # auth.oidc.audience = ""
 # oidc.scope specifies the permisssions of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "".
 # auth.oidc.scope = ""
 # oidc.tokenEndpointURL specifies the URL which implements OIDC Token Endpoint.
 # It will be used to get an OIDC token.
 # auth.oidc.tokenEndpointURL = ""
 # oidc.additionalEndpointParams specifies additional parameters to be sent to the OIDC Token Endpoint.
 # For example, if you want to specify the "audience" parameter, you can set as follow.
 # frp will add "audience=<value>" "var1=<value>" to the additional parameters.
 # auth.oidc.additionalEndpointParams.audience = "https://dev.auth.com/api/v2/"
 # auth.oidc.additionalEndpointParams.var1 = "foobar"
 # Set admin address for control frpc's action by http api such as reload
 webServer.addr = "127.0.0.1"
 webServer.port = 7400
 webServer.user = "admin"
 webServer.password = "admin"
 # Admin assets directory. By default, these assets are bundled with frpc.
 # webServer.assetsDir = "./static"
 # Enable golang pprof handlers in admin listener.
 webServer.pprofEnable = false
 # The maximum amount of time a dial to server will wait for a connect to complete. Default value is 10 seconds.
 # transport.dialServerTimeout = 10
 # dialServerKeepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps.
 # If negative, keep-alive probes are disabled.
 # transport.dialServerKeepalive = 7200
 # connections will be established in advance, default value is zero
 transport.poolCount = 5
 # If tcp stream multiplexing is used, default is true, it must be same with frps
 # transport.tcpMux = true
 # Specify keep alive interval for tcp mux.
 # only valid if tcpMux is enabled.
 # transport.tcpMuxKeepaliveInterval = 60
 # Communication protocol used to connect to server
 # supports tcp, kcp, quic, websocket and wss now, default is tcp
 transport.protocol = "tcp"
 # set client binding ip when connect server, default is empty.
 # only when protocol = tcp or websocket, the value will be used.
 transport.connectServerLocalIP = "0.0.0.0"
 # if you want to connect frps by http proxy or socks5 proxy or ntlm proxy, you can set proxyURL here or in global environment variables
 # it only works when protocol is tcp
 # transport.proxyURL = "http://user:passwd@192.168.1.128:8080"
 # transport.proxyURL = "socks5://user:passwd@192.168.1.128:1080"
 # transport.proxyURL = "ntlm://user:passwd@192.168.1.128:2080"
 # quic protocol options
 # transport.quic.keepalivePeriod = 10
 # transport.quic.maxIdleTimeout = 30
 # transport.quic.maxIncomingStreams = 100000
 # If tls.enable is true, frpc will connect frps by tls.
 # Since v0.50.0, the default value has been changed to true, and tls is enabled by default.
 transport.tls.enable = true
 # transport.tls.certFile = "client.crt"
 # transport.tls.keyFile = "client.key"
 # transport.tls.trustedCaFile = "ca.crt"
 # transport.tls.serverName = "example.com"
 # If the disableCustomTLSFirstByte is set to false, frpc will establish a connection with frps using the
 # first custom byte when tls is enabled.
 # Since v0.50.0, the default value has been changed to true, and the first custom byte is disabled by default.
 # transport.tls.disableCustomTLSFirstByte = true
 # Heartbeat configure, it's not recommended to modify the default value.
 # The default value of heartbeatInterval is 10 and heartbeatTimeout is 90. Set negative value
 # to disable it.
 # transport.heartbeatInterval = 30
 # transport.heartbeatTimeout = 90
 # Specify a dns server, so frpc will use this instead of default one
 # dnsServer = "8.8.8.8"
 # Proxy names you want to start.
 # Default is empty, means all proxies.
 # start = ["ssh", "dns"]
 # Specify udp packet size, unit is byte. If not set, the default value is 1500.
 # This parameter should be same between client and server.
 # It affects the udp and sudp proxy.
 udpPacketSize = 1500
 # Additional metadatas for client.
 metadatas.var1 = "abc"
 metadatas.var2 = "123"
 # Include other config files for proxies.
 # includes = ["./confd/*.ini"]
 [[proxies]]
-# 'ssh' is the unique proxy name
+name = "test-tcp"
 # If global user is not empty, it will be changed to {user}.{proxy} such as 'your_name.ssh'
 name = "ssh"
 type = "tcp"
 localIP = "127.0.0.1"
 localPort = 22
-# Limit bandwidth for this proxy, unit is KB and MB
+remotePort = 6000
 transport.bandwidthLimit = "1MB"
 # Where to limit bandwidth, can be 'client' or 'server', default is 'client'
 transport.bandwidthLimitMode = "client"
 # If true, traffic of this proxy will be encrypted, default is false
 transport.useEncryption = false
 # If true, traffic will be compressed
 transport.useCompression = false
 # Remote port listen by frps
 remotePort = 6001
 # frps will load balancing connections for proxies in same group
 loadBalancer.group = "test_group"
 # group should have same group key
 loadBalancer.groupKey = "123456"
 # Enable health check for the backend service, it supports 'tcp' and 'http' now.
 # frpc will connect local service's port to detect it's healthy status
 healthCheck.type = "tcp"
 # Health check connection timeout
 healthCheck.timeoutSeconds = 3
 # If continuous failed in 3 times, the proxy will be removed from frps
 healthCheck.maxFailed = 3
 # every 10 seconds will do a health check
 healthCheck.intervalSeconds = 10
 # additional meta info for each proxy
 metadatas.var1 = "abc"
 metadatas.var2 = "123"
 [[proxies]]
 name = "ssh_random"
 type = "tcp"
 localIP = "192.168.31.100"
 localPort = 22
 # If remotePort is 0, frps will assign a random port for you
 remotePort = 0
 [[proxies]]
 name = "dns"
 type = "udp"
 localIP = "114.114.114.114"
 localPort = 53
 remotePort = 6002
 # Resolve your domain names to [serverAddr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02
 [[proxies]]
 name = "web01"
 type = "http"
 localIP = "127.0.0.1"
 localPort = 80
 # http username and password are safety certification for http protocol
 # if not set, you can access this customDomains without certification
 httpUser = "admin"
 httpPassword = "admin"
 # if domain for frps is frps.com, then you can access [web01] proxy by URL http://web01.frps.com
 subdomain = "web01"
 customDomains = ["web01.yourdomain.com"]
 # locations is only available for http type
 locations = ["/", "/pic"]
 # route requests to this service if http basic auto user is abc
 # routeByHTTPUser = abc
 hostHeaderRewrite = "example.com"
 requestHeaders.set.x-from-where = "frp"
 healthCheck.type = "http"
 # frpc will send a GET http request '/status' to local http service
 # http service is alive when it return 2xx http response code
 healthCheck.path = "/status"
 healthCheck.intervalSeconds = 10
 healthCheck.maxFailed = 3
 healthCheck.timeoutSeconds = 3
 [[proxies]]
 name = "web02"
 type = "https"
 localIP = "127.0.0.1"
 localPort = 8000
 subdomain = "web02"
 customDomains = ["web02.yourdomain.com"]
 # if not empty, frpc will use proxy protocol to transfer connection info to your local service
 # v1 or v2 or empty
 transport.proxyProtocolVersion = "v2"
 [[proxies]]
 name = "tcpmuxhttpconnect"
 type = "tcpmux"
 multiplexer = "httpconnect"
 localIP = "127.0.0.1"
 localPort = 10701
 customDomains = ["tunnel1"]
 # routeByHTTPUser = "user1"
 [[proxies]]
 name = "plugin_unix_domain_socket"
 type = "tcp"
 remotePort = 6003
 # if plugin is defined, localIP and localPort is useless
 # plugin will handle connections got from frps
 [proxies.plugin]
 type = "unix_domain_socket"
 unixPath = "/var/run/docker.sock"
 [[proxies]]
 name = "plugin_http_proxy"
 type = "tcp"
 remotePort = 6004
 [proxies.plugin]
 type = "http_proxy"
 httpUser = "abc"
 httpPassword = "abc"
 [[proxies]]
 name = "plugin_socks5"
 type = "tcp"
 remotePort = 6005
 [proxies.plugin]
 type = "socks5"
 username = "abc"
 password = "abc"
 [[proxies]]
 name = "plugin_static_file"
 type = "tcp"
 remotePort = 6006
 [proxies.plugin]
 type = "static_file"
 localPath = "/var/www/blog"
 stripPrefix = "static"
 httpUser = "abc"
 httpPassword = "abc"
 [[proxies]]
 name = "plugin_https2http"
 type = "https"
 customDomains = ["test.yourdomain.com"]
 [proxies.plugin]
 type = "https2http"
 localAddr = "127.0.0.1:80"
 crtPath = "./server.crt"
 keyPath = "./server.key"
 hostHeaderRewrite = "127.0.0.1"
 requestHeaders.set.x-from-where = "frp"
 [[proxies]]
 name = "plugin_https2https"
 type = "https"
 customDomains = ["test.yourdomain.com"]
 [proxies.plugin]
 type = "https2https"
 localAddr = "127.0.0.1:443"
 crtPath = "./server.crt"
 keyPath = "./server.key"
 hostHeaderRewrite = "127.0.0.1"
 requestHeaders.set.x-from-where = "frp"
 [[proxies]]
 name = "plugin_http2https"
 type = "http"
 customDomains = ["test.yourdomain.com"]
 [proxies.plugin]
 type = "http2https"
 localAddr = "127.0.0.1:443"
 hostHeaderRewrite = "127.0.0.1"
 requestHeaders.set.x-from-where = "frp"
 [[proxies]]
 name = "secret_tcp"
 # If the type is secret tcp, remotePort is useless
 # Who want to connect local port should deploy another frpc with stcp proxy and role is visitor
 type = "stcp"
 # secretKey is used for authentication for visitors
 secretKey = "abcdefg"
 localIP = "127.0.0.1"
 localPort = 22
 # If not empty, only visitors from specified users can connect.
 # Otherwise, visitors from same user can connect. '*' means allow all users.
 allowUsers = ["*"]
 [[proxies]]
 name = "p2p_tcp"
 type = "xtcp"
 secretKey = "abcdefg"
 localIP = "127.0.0.1"
 localPort = 22
 # If not empty, only visitors from specified users can connect.
 # Otherwise, visitors from same user can connect. '*' means allow all users.
 allowUsers = ["user1", "user2"]
 # frpc role visitor -> frps -> frpc role server
 [[visitors]]
 name = "secret_tcp_visitor"
 type = "stcp"
 # the server name you want to visitor
 serverName = "secret_tcp"
 secretKey = "abcdefg"
 # connect this address to visitor stcp server
 bindAddr = "127.0.0.1"
 # bindPort can be less than 0, it means don't bind to the port and only receive connections redirected from
 # other visitors. (This is not supported for SUDP now)
 bindPort = 9000
 [[visitors]]
 name = "p2p_tcp_visitor"
 type = "xtcp"
 # if the server user is not set, it defaults to the current user
 serverUser = "user1"
 serverName = "p2p_tcp"
 secretKey = "abcdefg"
 bindAddr = "127.0.0.1"
 # bindPort can be less than 0, it means don't bind to the port and only receive connections redirected from
 # other visitors. (This is not supported for SUDP now)
 bindPort = 9001
 # when automatic tunnel persistence is required, set it to true
 keepTunnelOpen = false
 # effective when keepTunnelOpen is set to true, the number of attempts to punch through per hour
 maxRetriesAnHour = 8
 minRetryInterval = 90
 # fallbackTo = "stcp_visitor"
 # fallbackTimeoutMs = 500
--- a/conf/frpc_full_example.toml
+++ b/conf/frpc_full_example.toml
@ -0,0 +1,361 @@
 # This configuration file is for reference only. Please do not use this configuration directly to run the program as it may have various issues.
 # your proxy name will be changed to {user}.{proxy}
 user = "your_name"
 # A literal address or host name for IPv6 must be enclosed
 # in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80"
 # For single serverAddr field, no need square brackets, like serverAddr = "::".
 serverAddr = "0.0.0.0"
 serverPort = 7000
 # STUN server to help penetrate NAT hole.
 # natHoleStunServer = "stun.easyvoip.com:3478"
 # Decide if exit program when first login failed, otherwise continuous relogin to frps
 # default is true
 loginFailExit = true
 # console or real logFile path like ./frpc.log
 log.to = "./frpc.log"
 # trace, debug, info, warn, error
 log.level = "info"
 log.maxDays = 3
 # disable log colors when log.to is console, default is false
 log.disablePrintColor = false
 auth.method = "token"
 # auth.additionalScopes specifies additional scopes to include authentication information.
 # Optional values are HeartBeats, NewWorkConns.
 # auth.additionalScopes = ["HeartBeats", "NewWorkConns"]
 # auth token
 auth.token = "12345678"
 # oidc.clientID specifies the client ID to use to get a token in OIDC authentication.
 # auth.oidc.clientID = ""
 # oidc.clientSecret specifies the client secret to use to get a token in OIDC authentication.
 # auth.oidc.clientSecret = ""
 # oidc.audience specifies the audience of the token in OIDC authentication.
 # auth.oidc.audience = ""
 # oidc.scope specifies the permisssions of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "".
 # auth.oidc.scope = ""
 # oidc.tokenEndpointURL specifies the URL which implements OIDC Token Endpoint.
 # It will be used to get an OIDC token.
 # auth.oidc.tokenEndpointURL = ""
 # oidc.additionalEndpointParams specifies additional parameters to be sent to the OIDC Token Endpoint.
 # For example, if you want to specify the "audience" parameter, you can set as follow.
 # frp will add "audience=<value>" "var1=<value>" to the additional parameters.
 # auth.oidc.additionalEndpointParams.audience = "https://dev.auth.com/api/v2/"
 # auth.oidc.additionalEndpointParams.var1 = "foobar"
 # Set admin address for control frpc's action by http api such as reload
 webServer.addr = "127.0.0.1"
 webServer.port = 7400
 webServer.user = "admin"
 webServer.password = "admin"
 # Admin assets directory. By default, these assets are bundled with frpc.
 # webServer.assetsDir = "./static"
 # Enable golang pprof handlers in admin listener.
 webServer.pprofEnable = false
 # The maximum amount of time a dial to server will wait for a connect to complete. Default value is 10 seconds.
 # transport.dialServerTimeout = 10
 # dialServerKeepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps.
 # If negative, keep-alive probes are disabled.
 # transport.dialServerKeepalive = 7200
 # connections will be established in advance, default value is zero
 transport.poolCount = 5
 # If tcp stream multiplexing is used, default is true, it must be same with frps
 # transport.tcpMux = true
 # Specify keep alive interval for tcp mux.
 # only valid if tcpMux is enabled.
 # transport.tcpMuxKeepaliveInterval = 60
 # Communication protocol used to connect to server
 # supports tcp, kcp, quic, websocket and wss now, default is tcp
 transport.protocol = "tcp"
 # set client binding ip when connect server, default is empty.
 # only when protocol = tcp or websocket, the value will be used.
 transport.connectServerLocalIP = "0.0.0.0"
 # if you want to connect frps by http proxy or socks5 proxy or ntlm proxy, you can set proxyURL here or in global environment variables
 # it only works when protocol is tcp
 # transport.proxyURL = "http://user:passwd@192.168.1.128:8080"
 # transport.proxyURL = "socks5://user:passwd@192.168.1.128:1080"
 # transport.proxyURL = "ntlm://user:passwd@192.168.1.128:2080"
 # quic protocol options
 # transport.quic.keepalivePeriod = 10
 # transport.quic.maxIdleTimeout = 30
 # transport.quic.maxIncomingStreams = 100000
 # If tls.enable is true, frpc will connect frps by tls.
 # Since v0.50.0, the default value has been changed to true, and tls is enabled by default.
 transport.tls.enable = true
 # transport.tls.certFile = "client.crt"
 # transport.tls.keyFile = "client.key"
 # transport.tls.trustedCaFile = "ca.crt"
 # transport.tls.serverName = "example.com"
 # If the disableCustomTLSFirstByte is set to false, frpc will establish a connection with frps using the
 # first custom byte when tls is enabled.
 # Since v0.50.0, the default value has been changed to true, and the first custom byte is disabled by default.
 # transport.tls.disableCustomTLSFirstByte = true
 # Heartbeat configure, it's not recommended to modify the default value.
 # The default value of heartbeatInterval is 10 and heartbeatTimeout is 90. Set negative value
 # to disable it.
 # transport.heartbeatInterval = 30
 # transport.heartbeatTimeout = 90
 # Specify a dns server, so frpc will use this instead of default one
 # dnsServer = "8.8.8.8"
 # Proxy names you want to start.
 # Default is empty, means all proxies.
 # start = ["ssh", "dns"]
 # Specify udp packet size, unit is byte. If not set, the default value is 1500.
 # This parameter should be same between client and server.
 # It affects the udp and sudp proxy.
 udpPacketSize = 1500
 # Additional metadatas for client.
 metadatas.var1 = "abc"
 metadatas.var2 = "123"
 # Include other config files for proxies.
 # includes = ["./confd/*.ini"]
 [[proxies]]
 # 'ssh' is the unique proxy name
 # If global user is not empty, it will be changed to {user}.{proxy} such as 'your_name.ssh'
 name = "ssh"
 type = "tcp"
 localIP = "127.0.0.1"
 localPort = 22
 # Limit bandwidth for this proxy, unit is KB and MB
 transport.bandwidthLimit = "1MB"
 # Where to limit bandwidth, can be 'client' or 'server', default is 'client'
 transport.bandwidthLimitMode = "client"
 # If true, traffic of this proxy will be encrypted, default is false
 transport.useEncryption = false
 # If true, traffic will be compressed
 transport.useCompression = false
 # Remote port listen by frps
 remotePort = 6001
 # frps will load balancing connections for proxies in same group
 loadBalancer.group = "test_group"
 # group should have same group key
 loadBalancer.groupKey = "123456"
 # Enable health check for the backend service, it supports 'tcp' and 'http' now.
 # frpc will connect local service's port to detect it's healthy status
 healthCheck.type = "tcp"
 # Health check connection timeout
 healthCheck.timeoutSeconds = 3
 # If continuous failed in 3 times, the proxy will be removed from frps
 healthCheck.maxFailed = 3
 # every 10 seconds will do a health check
 healthCheck.intervalSeconds = 10
 # additional meta info for each proxy
 metadatas.var1 = "abc"
 metadatas.var2 = "123"
 [[proxies]]
 name = "ssh_random"
 type = "tcp"
 localIP = "192.168.31.100"
 localPort = 22
 # If remotePort is 0, frps will assign a random port for you
 remotePort = 0
 [[proxies]]
 name = "dns"
 type = "udp"
 localIP = "114.114.114.114"
 localPort = 53
 remotePort = 6002
 # Resolve your domain names to [serverAddr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02
 [[proxies]]
 name = "web01"
 type = "http"
 localIP = "127.0.0.1"
 localPort = 80
 # http username and password are safety certification for http protocol
 # if not set, you can access this customDomains without certification
 httpUser = "admin"
 httpPassword = "admin"
 # if domain for frps is frps.com, then you can access [web01] proxy by URL http://web01.frps.com
 subdomain = "web01"
 customDomains = ["web01.yourdomain.com"]
 # locations is only available for http type
 locations = ["/", "/pic"]
 # route requests to this service if http basic auto user is abc
 # routeByHTTPUser = abc
 hostHeaderRewrite = "example.com"
 requestHeaders.set.x-from-where = "frp"
 healthCheck.type = "http"
 # frpc will send a GET http request '/status' to local http service
 # http service is alive when it return 2xx http response code
 healthCheck.path = "/status"
 healthCheck.intervalSeconds = 10
 healthCheck.maxFailed = 3
 healthCheck.timeoutSeconds = 3
 [[proxies]]
 name = "web02"
 type = "https"
 localIP = "127.0.0.1"
 localPort = 8000
 subdomain = "web02"
 customDomains = ["web02.yourdomain.com"]
 # if not empty, frpc will use proxy protocol to transfer connection info to your local service
 # v1 or v2 or empty
 transport.proxyProtocolVersion = "v2"
 [[proxies]]
 name = "tcpmuxhttpconnect"
 type = "tcpmux"
 multiplexer = "httpconnect"
 localIP = "127.0.0.1"
 localPort = 10701
 customDomains = ["tunnel1"]
 # routeByHTTPUser = "user1"
 [[proxies]]
 name = "plugin_unix_domain_socket"
 type = "tcp"
 remotePort = 6003
 # if plugin is defined, localIP and localPort is useless
 # plugin will handle connections got from frps
 [proxies.plugin]
 type = "unix_domain_socket"
 unixPath = "/var/run/docker.sock"
 [[proxies]]
 name = "plugin_http_proxy"
 type = "tcp"
 remotePort = 6004
 [proxies.plugin]
 type = "http_proxy"
 httpUser = "abc"
 httpPassword = "abc"
 [[proxies]]
 name = "plugin_socks5"
 type = "tcp"
 remotePort = 6005
 [proxies.plugin]
 type = "socks5"
 username = "abc"
 password = "abc"
 [[proxies]]
 name = "plugin_static_file"
 type = "tcp"
 remotePort = 6006
 [proxies.plugin]
 type = "static_file"
 localPath = "/var/www/blog"
 stripPrefix = "static"
 httpUser = "abc"
 httpPassword = "abc"
 [[proxies]]
 name = "plugin_https2http"
 type = "https"
 customDomains = ["test.yourdomain.com"]
 [proxies.plugin]
 type = "https2http"
 localAddr = "127.0.0.1:80"
 crtPath = "./server.crt"
 keyPath = "./server.key"
 hostHeaderRewrite = "127.0.0.1"
 requestHeaders.set.x-from-where = "frp"
 [[proxies]]
 name = "plugin_https2https"
 type = "https"
 customDomains = ["test.yourdomain.com"]
 [proxies.plugin]
 type = "https2https"
 localAddr = "127.0.0.1:443"
 crtPath = "./server.crt"
 keyPath = "./server.key"
 hostHeaderRewrite = "127.0.0.1"
 requestHeaders.set.x-from-where = "frp"
 [[proxies]]
 name = "plugin_http2https"
 type = "http"
 customDomains = ["test.yourdomain.com"]
 [proxies.plugin]
 type = "http2https"
 localAddr = "127.0.0.1:443"
 hostHeaderRewrite = "127.0.0.1"
 requestHeaders.set.x-from-where = "frp"
 [[proxies]]
 name = "secret_tcp"
 # If the type is secret tcp, remotePort is useless
 # Who want to connect local port should deploy another frpc with stcp proxy and role is visitor
 type = "stcp"
 # secretKey is used for authentication for visitors
 secretKey = "abcdefg"
 localIP = "127.0.0.1"
 localPort = 22
 # If not empty, only visitors from specified users can connect.
 # Otherwise, visitors from same user can connect. '*' means allow all users.
 allowUsers = ["*"]
 [[proxies]]
 name = "p2p_tcp"
 type = "xtcp"
 secretKey = "abcdefg"
 localIP = "127.0.0.1"
 localPort = 22
 # If not empty, only visitors from specified users can connect.
 # Otherwise, visitors from same user can connect. '*' means allow all users.
 allowUsers = ["user1", "user2"]
 # frpc role visitor -> frps -> frpc role server
 [[visitors]]
 name = "secret_tcp_visitor"
 type = "stcp"
 # the server name you want to visitor
 serverName = "secret_tcp"
 secretKey = "abcdefg"
 # connect this address to visitor stcp server
 bindAddr = "127.0.0.1"
 # bindPort can be less than 0, it means don't bind to the port and only receive connections redirected from
 # other visitors. (This is not supported for SUDP now)
 bindPort = 9000
 [[visitors]]
 name = "p2p_tcp_visitor"
 type = "xtcp"
 # if the server user is not set, it defaults to the current user
 serverUser = "user1"
 serverName = "p2p_tcp"
 secretKey = "abcdefg"
 bindAddr = "127.0.0.1"
 # bindPort can be less than 0, it means don't bind to the port and only receive connections redirected from
 # other visitors. (This is not supported for SUDP now)
 bindPort = 9001
 # when automatic tunnel persistence is required, set it to true
 keepTunnelOpen = false
 # effective when keepTunnelOpen is set to true, the number of attempts to punch through per hour
 maxRetriesAnHour = 8
 minRetryInterval = 90
 # fallbackTo = "stcp_visitor"
 # fallbackTimeoutMs = 500
--- a/conf/frps.toml
+++ b/conf/frps.toml
@ -1,156 +1 @@
 # This configuration file is for reference only. Please do not use this configuration directly to run the program as it may have various issues.
 # A literal address or host name for IPv6 must be enclosed
 # in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80"
 # For single "bindAddr" field, no need square brackets, like `bindAddr = "::"`.
 bindAddr = "0.0.0.0"
 bindPort = 7000
 # udp port used for kcp protocol, it can be same with 'bindPort'.
 # if not set, kcp is disabled in frps.
 kcpBindPort = 7000
 # udp port used for quic protocol.
 # if not set, quic is disabled in frps.
 # quicBindPort = 7002
 # Specify which address proxy will listen for, default value is same with bindAddr
 # proxyBindAddr = "127.0.0.1"
 # quic protocol options
 # transport.quic.keepalivePeriod = 10
 # transport.quic.maxIdleTimeout = 30
 # transport.quic.maxIncomingStreams = 100000
 # Heartbeat configure, it's not recommended to modify the default value
 # The default value of heartbeatTimeout is 90. Set negative value to disable it.
 # transport.heartbeatTimeout = 90
 # Pool count in each proxy will keep no more than maxPoolCount.
 transport.maxPoolCount = 5
 # If tcp stream multiplexing is used, default is true
 # transport.tcpMux = true
 # Specify keep alive interval for tcp mux.
 # only valid if tcpMux is true.
 # transport.tcpMuxKeepaliveInterval = 60
 # tcpKeepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps.
 # If negative, keep-alive probes are disabled.
 # transport.tcpKeepalive = 7200
 # transport.tls.force specifies whether to only accept TLS-encrypted connections. By default, the value is false.
 tls.force = false
 # transport.tls.certFile = "server.crt"
 # transport.tls.keyFile = "server.key"
 # transport.tls.trustedCaFile = "ca.crt"
 # If you want to support virtual host, you must set the http port for listening (optional)
 # Note: http port and https port can be same with bindPort
 vhostHTTPPort = 80
 vhostHTTPSPort = 443
 # Response header timeout(seconds) for vhost http server, default is 60s
 # vhostHTTPTimeout = 60
 # tcpmuxHTTPConnectPort specifies the port that the server listens for TCP
 # HTTP CONNECT requests. If the value is 0, the server will not multiplex TCP
 # requests on one single port. If it's not - it will listen on this value for
 # HTTP CONNECT requests. By default, this value is 0.
 # tcpmuxHTTPConnectPort = 1337
 # If tcpmuxPassthrough is true, frps won't do any update on traffic.
 # tcpmuxPassthrough = false
 # Configure the web server to enable the dashboard for frps.
 # dashboard is available only if webServer.port is set.
 webServer.addr = "127.0.0.1"
 webServer.port = 7500
 webServer.user = "admin"
 webServer.password = "admin"
 # webServer.tls.certFile = "server.crt"
 # webServer.tls.keyFile = "server.key"
 # dashboard assets directory(only for debug mode)
 # webServer.assetsDir = "./static"
 # Enable golang pprof handlers in dashboard listener.
 # Dashboard port must be set first
 webServer.pprofEnable = false
 # enablePrometheus will export prometheus metrics on webServer in /metrics api.
 enablePrometheus = true
 # console or real logFile path like ./frps.log
 log.to = "./frps.log"
 # trace, debug, info, warn, error
 log.level = "info"
 log.maxDays = 3
 # disable log colors when log.to is console, default is false
 log.disablePrintColor = false
 # DetailedErrorsToClient defines whether to send the specific error (with debug info) to frpc. By default, this value is true.
 detailedErrorsToClient = true
 # auth.method specifies what authentication method to use authenticate frpc with frps.
 # If "token" is specified - token will be read into login message.
 # If "oidc" is specified - OIDC (Open ID Connect) token will be issued using OIDC settings. By default, this value is "token".
 auth.method = "token"
 # auth.additionalScopes specifies additional scopes to include authentication information.
 # Optional values are HeartBeats, NewWorkConns.
 # auth.additionalScopes = ["HeartBeats", "NewWorkConns"]
 # auth token
 auth.token = "12345678"
 # oidc issuer specifies the issuer to verify OIDC tokens with.
 auth.oidc.issuer = ""
 # oidc audience specifies the audience OIDC tokens should contain when validated.
 auth.oidc.audience = ""
 # oidc skipExpiryCheck specifies whether to skip checking if the OIDC token is expired.
 auth.oidc.skipExpiryCheck = false
 # oidc skipIssuerCheck specifies whether to skip checking if the OIDC token's issuer claim matches the issuer specified in OidcIssuer.
 auth.oidc.skipIssuerCheck = false
 # userConnTimeout specifies the maximum time to wait for a work connection.
 # userConnTimeout = 10
 # Only allow frpc to bind ports you list. By default, there won't be any limit.
 allowPorts = [
  { start = 2000, end = 3000 },
  { single = 3001 },
  { single = 3003 },
  { start = 4000, end = 50000 }
 ]
 # Max ports can be used for each client, default value is 0 means no limit
 maxPortsPerClient = 0
 # If subDomainHost is not empty, you can set subdomain when type is http or https in frpc's configure file
 # When subdomain is est, the host used by routing is test.frps.com
 subDomainHost = "frps.com"
 # custom 404 page for HTTP requests
 # custom404Page = "/path/to/404.html"
 # specify udp packet size, unit is byte. If not set, the default value is 1500.
 # This parameter should be same between client and server.
 # It affects the udp and sudp proxy.
 udpPacketSize = 1500
 # Retention time for NAT hole punching strategy data.
 natholeAnalysisDataReserveHours = 168
 [[httpPlugins]]
 name = "user-manager"
 addr = "127.0.0.1:9000"
 path = "/handler"
 ops = ["Login"]
 [[httpPlugins]]
 name = "port-manager"
 addr = "127.0.0.1:9001"
 path = "/handler"
 ops = ["NewProxy"]
--- a/conf/frps_full_example.toml
+++ b/conf/frps_full_example.toml
@ -0,0 +1,156 @@
 # This configuration file is for reference only. Please do not use this configuration directly to run the program as it may have various issues.
 # A literal address or host name for IPv6 must be enclosed
 # in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80"
 # For single "bindAddr" field, no need square brackets, like `bindAddr = "::"`.
 bindAddr = "0.0.0.0"
 bindPort = 7000
 # udp port used for kcp protocol, it can be same with 'bindPort'.
 # if not set, kcp is disabled in frps.
 kcpBindPort = 7000
 # udp port used for quic protocol.
 # if not set, quic is disabled in frps.
 # quicBindPort = 7002
 # Specify which address proxy will listen for, default value is same with bindAddr
 # proxyBindAddr = "127.0.0.1"
 # quic protocol options
 # transport.quic.keepalivePeriod = 10
 # transport.quic.maxIdleTimeout = 30
 # transport.quic.maxIncomingStreams = 100000
 # Heartbeat configure, it's not recommended to modify the default value
 # The default value of heartbeatTimeout is 90. Set negative value to disable it.
 # transport.heartbeatTimeout = 90
 # Pool count in each proxy will keep no more than maxPoolCount.
 transport.maxPoolCount = 5
 # If tcp stream multiplexing is used, default is true
 # transport.tcpMux = true
 # Specify keep alive interval for tcp mux.
 # only valid if tcpMux is true.
 # transport.tcpMuxKeepaliveInterval = 60
 # tcpKeepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps.
 # If negative, keep-alive probes are disabled.
 # transport.tcpKeepalive = 7200
 # transport.tls.force specifies whether to only accept TLS-encrypted connections. By default, the value is false.
 tls.force = false
 # transport.tls.certFile = "server.crt"
 # transport.tls.keyFile = "server.key"
 # transport.tls.trustedCaFile = "ca.crt"
 # If you want to support virtual host, you must set the http port for listening (optional)
 # Note: http port and https port can be same with bindPort
 vhostHTTPPort = 80
 vhostHTTPSPort = 443
 # Response header timeout(seconds) for vhost http server, default is 60s
 # vhostHTTPTimeout = 60
 # tcpmuxHTTPConnectPort specifies the port that the server listens for TCP
 # HTTP CONNECT requests. If the value is 0, the server will not multiplex TCP
 # requests on one single port. If it's not - it will listen on this value for
 # HTTP CONNECT requests. By default, this value is 0.
 # tcpmuxHTTPConnectPort = 1337
 # If tcpmuxPassthrough is true, frps won't do any update on traffic.
 # tcpmuxPassthrough = false
 # Configure the web server to enable the dashboard for frps.
 # dashboard is available only if webServer.port is set.
 webServer.addr = "127.0.0.1"
 webServer.port = 7500
 webServer.user = "admin"
 webServer.password = "admin"
 # webServer.tls.certFile = "server.crt"
 # webServer.tls.keyFile = "server.key"
 # dashboard assets directory(only for debug mode)
 # webServer.assetsDir = "./static"
 # Enable golang pprof handlers in dashboard listener.
 # Dashboard port must be set first
 webServer.pprofEnable = false
 # enablePrometheus will export prometheus metrics on webServer in /metrics api.
 enablePrometheus = true
 # console or real logFile path like ./frps.log
 log.to = "./frps.log"
 # trace, debug, info, warn, error
 log.level = "info"
 log.maxDays = 3
 # disable log colors when log.to is console, default is false
 log.disablePrintColor = false
 # DetailedErrorsToClient defines whether to send the specific error (with debug info) to frpc. By default, this value is true.
 detailedErrorsToClient = true
 # auth.method specifies what authentication method to use authenticate frpc with frps.
 # If "token" is specified - token will be read into login message.
 # If "oidc" is specified - OIDC (Open ID Connect) token will be issued using OIDC settings. By default, this value is "token".
 auth.method = "token"
 # auth.additionalScopes specifies additional scopes to include authentication information.
 # Optional values are HeartBeats, NewWorkConns.
 # auth.additionalScopes = ["HeartBeats", "NewWorkConns"]
 # auth token
 auth.token = "12345678"
 # oidc issuer specifies the issuer to verify OIDC tokens with.
 auth.oidc.issuer = ""
 # oidc audience specifies the audience OIDC tokens should contain when validated.
 auth.oidc.audience = ""
 # oidc skipExpiryCheck specifies whether to skip checking if the OIDC token is expired.
 auth.oidc.skipExpiryCheck = false
 # oidc skipIssuerCheck specifies whether to skip checking if the OIDC token's issuer claim matches the issuer specified in OidcIssuer.
 auth.oidc.skipIssuerCheck = false
 # userConnTimeout specifies the maximum time to wait for a work connection.
 # userConnTimeout = 10
 # Only allow frpc to bind ports you list. By default, there won't be any limit.
 allowPorts = [
  { start = 2000, end = 3000 },
  { single = 3001 },
  { single = 3003 },
  { start = 4000, end = 50000 }
 ]
 # Max ports can be used for each client, default value is 0 means no limit
 maxPortsPerClient = 0
 # If subDomainHost is not empty, you can set subdomain when type is http or https in frpc's configure file
 # When subdomain is est, the host used by routing is test.frps.com
 subDomainHost = "frps.com"
 # custom 404 page for HTTP requests
 # custom404Page = "/path/to/404.html"
 # specify udp packet size, unit is byte. If not set, the default value is 1500.
 # This parameter should be same between client and server.
 # It affects the udp and sudp proxy.
 udpPacketSize = 1500
 # Retention time for NAT hole punching strategy data.
 natholeAnalysisDataReserveHours = 168
 [[httpPlugins]]
 name = "user-manager"
 addr = "127.0.0.1:9000"
 path = "/handler"
 ops = ["Login"]
 [[httpPlugins]]
 name = "port-manager"
 addr = "127.0.0.1:9001"
 path = "/handler"
 ops = ["NewProxy"]
--- a/package.sh
+++ b/package.sh
@ -46,6 +46,8 @@ for os in $os_all; do
            mv ./frps_${os}_${arch} ${frp_path}/frps
        fi  
        cp ../LICENSE ${frp_path}
        cp -f ../conf/frpc.toml ${frp_path}
        cp -f ../conf/frps.toml ${frp_path}
        # packages
        cd ./packages
--- a/pkg/util/version/version.go
+++ b/pkg/util/version/version.go
@ -19,7 +19,7 @@ import (
 	"strings"
 )
-var version = "0.52.2"
+var version = "0.52.3"
 func Full() string {
 	return version