1. 概述
ngrok
开源的内网穿透工具有很多,例如ngrok、frp、lanproxy、goproxy、nps等。
-
fatedier/frp
frp is a fast reverse proxy to help you expose a local server behind a NAT or firewall to the Internet. As of now, it supports TCP and UDP, as well as HTTP and HTTPS protocols, where requests can be forwarded to internal services by domain name.
Frp also has aP2P connect mode. -
inconshreveable/ngrok
ngrok is a reverse proxy that creates a secure tunnel from a public endpoint to a locally running web service. ngrok captures and analyzes all traffic over the tunnel for later inspection and replay. -
snail007/goproxy
The GoProxy is a high-performance http proxy, https proxy, socks5 proxy, ss proxy, websocket proxies, tcp proxies, udp proxies, game shield, game proxies
其中,Frp的使用方法可以参考我之前的文章《Frp - 内网穿透工具使用介绍》,更深入的用法,可以阅读官方文档。
Ngrok的商业化工作做得不错。可以在不部署公网服务的情况下,免费使用NAT穿透功能。
有两家基于Ngrok的商业应用,本文重点介绍第一家:
参考:内网穿透工具比较(ngrok,frp,lanproxy,goproxy,nps)
2. Setup与Http服务代理介绍
2.1. Setup
注册并登录ngrok官网,可以看到ngrok dashboard页面。
通过Dashboard,可以下载不同Desktop的运行程序,可以查看自己Authtoken,可以查看已创建的Tunnel
image.png
image.png
2.2. 启动需要Nat外被远程访问的Http服务
- Python2启动方式,For Test
$ python -m SimpleHTTPServer 8001
Serving HTTP on 0.0.0.0 port 8001 ...
10.210.10.183 - - [09/Apr/2021 09:36:15] "GET / HTTP/1.1" 200 -
- Python3启动方式,For Test
$ python -m http.server 8001
Serving HTTP on 0.0.0.0 port 8001 ...
10.210.10.183 - - [09/Apr/2021 09:36:15] "GET / HTTP/1.1" 200 -
2.3. 启动Ngrok服务,本机需要能够访问到Ngrok官方服务,否则,可以借用http_proxy或者其他proxy
$ ./ngrok http 8001
ngrok by @inconshreveable (Ctrl+C to quit) Session Status online
Account shuzhang (Plan: Free)
Version 2.3.39
Region United States (us)
Web Interface http://127.0.0.1:4040
Forwarding http://3a2dbc150775.ngrok.io -> http://localhost:8001
Forwarding https://3a2dbc150775.ngrok.io -> http://localhost:8001
Connections ttl opn rt1 rt5 p50 p90
0 0 0.00 0.00 0.00 0.00
2.4. 本地打开Console页面(http://127.0.0.1:4040/status),可以查看Tunnel状态
image.png
2.5. 关键一步,调用http请求http://3a2dbc150775.ngrok.io,结果OK
image.png
3. 其他用法
3.1. ngrok help,查看推荐用法
$ ./ngrok help
...
ngrok http 80 # secure public URL for port 80 web server
ngrok http -subdomain=baz 8080 # port 8080 available at baz.ngrok.io
ngrok http foo.dev:80 # tunnel to host:port instead of localhost
ngrok http https://localhost # expose a local https server
ngrok tcp 22 # tunnel arbitrary TCP traffic to port 22
ngrok tls -hostname=foo.com 443 # TLS traffic for foo.com to port 443
ngrok start foo bar baz # start tunnels from the configuration file
...
3.2. 编写ngrok.yml,同时启动一组Tunnel
3.2.1. 编写ngrok.yml
$ cat ~/.ngrok2/ngrok.yml
authtoken: 1quWLs7sdwwz4xxxxxxxxxxxxxHX_osfdsdfd56scfwrwerQH1Jt
http_proxy: "http://10.xxx.yyy.zzz:8000"
web_addr: 0.0.0.0:4040
tunnels:
test-http:
addr: 127.0.0.1:8001
proto: http
inspect: true
bind_tls: both
test-ssh:
addr: 127.0.0.1:22
proto: tcp
3.2.2. 启动所有所有Tunnel,也可以启动部分
$ ./ngrok start --all
ngrok by @inconshreveable (Ctrl+C to quit)
Session Status online
Account shuzhang (Plan: Free)
Version 2.3.38
Region United States (us)
Web Interface http://0.0.0.0:4040
Forwarding http://84dc8148b639.ngrok.io -> http://127.0.0.1:8001
Forwarding https://84dc8148b639.ngrok.io -> http://127.0.0.1:8001
Connections ttl opn rt1 rt5 p50 p90
7 0 0.00 0.01 0.00 0.00
HTTP Requests
-------------
GET / 200 OK
GET / 200 OK
GET / 200 OK
网友评论