Frps服务端全配置文件 frps_full_example.toml
[collapse status=“false” title=“frps服务端配置文件原文”]

# This configuration file is for reference only. Please do not use this configuration directly to run the program as it may have various issues.

# your proxy name will be changed to {user}.{proxy}
user = "your_name"

# A literal address or host name for IPv6 must be enclosed
# in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80"
# For single serverAddr field, no need square brackets, like serverAddr = "::".
serverAddr = "0.0.0.0"
serverPort = 7000

# STUN server to help penetrate NAT hole.
# natHoleStunServer = "stun.easyvoip.com:3478"

# Decide if exit program when first login failed, otherwise continuous relogin to frps
# default is true
loginFailExit = true

# console or real logFile path like ./frpc.log
log.to = "./frpc.log"
# trace, debug, info, warn, error
log.level = "info"
log.maxDays = 3
# disable log colors when log.to is console, default is false
log.disablePrintColor = false

auth.method = "token"
# auth.additionalScopes specifies additional scopes to include authentication information.
# Optional values are HeartBeats, NewWorkConns.
# auth.additionalScopes = ["HeartBeats", "NewWorkConns"]

# auth token
auth.token = "12345678"

# oidc.clientID specifies the client ID to use to get a token in OIDC authentication.
# auth.oidc.clientID = ""
# oidc.clientSecret specifies the client secret to use to get a token in OIDC authentication.
# auth.oidc.clientSecret = ""
# oidc.audience specifies the audience of the token in OIDC authentication.
# auth.oidc.audience = ""
# oidc.scope specifies the permissions of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "".
# auth.oidc.scope = ""
# oidc.tokenEndpointURL specifies the URL which implements OIDC Token Endpoint.
# It will be used to get an OIDC token.
# auth.oidc.tokenEndpointURL = ""

# oidc.additionalEndpointParams specifies additional parameters to be sent to the OIDC Token Endpoint.
# For example, if you want to specify the "audience" parameter, you can set as follow.
# frp will add "audience=<value>" "var1=<value>" to the additional parameters.
# auth.oidc.additionalEndpointParams.audience = "https://dev.auth.com/api/v2/"
# auth.oidc.additionalEndpointParams.var1 = "foobar"

# Set admin address for control frpc's action by http api such as reload
webServer.addr = "127.0.0.1"
webServer.port = 7400
webServer.user = "admin"
webServer.password = "admin"
# Admin assets directory. By default, these assets are bundled with frpc.
# webServer.assetsDir = "./static"

# Enable golang pprof handlers in admin listener.
webServer.pprofEnable = false

# The maximum amount of time a dial to server will wait for a connect to complete. Default value is 10 seconds.
# transport.dialServerTimeout = 10

# dialServerKeepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps.
# If negative, keep-alive probes are disabled.
# transport.dialServerKeepalive = 7200

# connections will be established in advance, default value is zero
transport.poolCount = 5

# If tcp stream multiplexing is used, default is true, it must be same with frps
# transport.tcpMux = true

# Specify keep alive interval for tcp mux.
# only valid if tcpMux is enabled.
# transport.tcpMuxKeepaliveInterval = 60

# Communication protocol used to connect to server
# supports tcp, kcp, quic, websocket and wss now, default is tcp
transport.protocol = "tcp"

# set client binding ip when connect server, default is empty.
# only when protocol = tcp or websocket, the value will be used.
transport.connectServerLocalIP = "0.0.0.0"

# if you want to connect frps by http proxy or socks5 proxy or ntlm proxy, you can set proxyURL here or in global environment variables
# it only works when protocol is tcp
# transport.proxyURL = "http://user:passwd@192.168.1.128:8080"
# transport.proxyURL = "socks5://user:passwd@192.168.1.128:1080"
# transport.proxyURL = "ntlm://user:passwd@192.168.1.128:2080"

# quic protocol options
# transport.quic.keepalivePeriod = 10
# transport.quic.maxIdleTimeout = 30
# transport.quic.maxIncomingStreams = 100000

# If tls.enable is true, frpc will connect frps by tls.
# Since v0.50.0, the default value has been changed to true, and tls is enabled by default.
transport.tls.enable = true

# transport.tls.certFile = "client.crt"
# transport.tls.keyFile = "client.key"
# transport.tls.trustedCaFile = "ca.crt"
# transport.tls.serverName = "example.com"

# If the disableCustomTLSFirstByte is set to false, frpc will establish a connection with frps using the
# first custom byte when tls is enabled.
# Since v0.50.0, the default value has been changed to true, and the first custom byte is disabled by default.
# transport.tls.disableCustomTLSFirstByte = true

# Heartbeat configure, it's not recommended to modify the default value.
# The default value of heartbeatInterval is 10 and heartbeatTimeout is 90. Set negative value
# to disable it.
# transport.heartbeatInterval = 30
# transport.heartbeatTimeout = 90

# Specify a dns server, so frpc will use this instead of default one
# dnsServer = "8.8.8.8"

# Proxy names you want to start.
# Default is empty, means all proxies.
# start = ["ssh", "dns"]

# Specify udp packet size, unit is byte. If not set, the default value is 1500.
# This parameter should be same between client and server.
# It affects the udp and sudp proxy.
udpPacketSize = 1500

# Additional metadatas for client.
metadatas.var1 = "abc"
metadatas.var2 = "123"

# Include other config files for proxies.
# includes = ["./confd/*.ini"]

[[proxies]]
# 'ssh' is the unique proxy name
# If global user is not empty, it will be changed to {user}.{proxy} such as 'your_name.ssh'
name = "ssh"
type = "tcp"
localIP = "127.0.0.1"
localPort = 22
# Limit bandwidth for this proxy, unit is KB and MB
transport.bandwidthLimit = "1MB"
# Where to limit bandwidth, can be 'client' or 'server', default is 'client'
transport.bandwidthLimitMode = "client"
# If true, traffic of this proxy will be encrypted, default is false
transport.useEncryption = false
# If true, traffic will be compressed
transport.useCompression = false
# Remote port listen by frps
remotePort = 6001
# frps will load balancing connections for proxies in same group
loadBalancer.group = "test_group"
# group should have same group key
loadBalancer.groupKey = "123456"
# Enable health check for the backend service, it supports 'tcp' and 'http' now.
# frpc will connect local service's port to detect it's healthy status
healthCheck.type = "tcp"
# Health check connection timeout
healthCheck.timeoutSeconds = 3
# If continuous failed in 3 times, the proxy will be removed from frps
healthCheck.maxFailed = 3
# Every 10 seconds will do a health check
healthCheck.intervalSeconds = 10
# Additional meta info for each proxy. It will be passed to the server-side plugin for use.
metadatas.var1 = "abc"
metadatas.var2 = "123"
# You can add some extra information to the proxy through annotations.
# These annotations will be displayed on the frps dashboard.
[proxies.annotations]
key1 = "value1"
"prefix/key2" = "value2"

[[proxies]]
name = "ssh_random"
type = "tcp"
localIP = "192.168.31.100"
localPort = 22
# If remotePort is 0, frps will assign a random port for you
remotePort = 0

[[proxies]]
name = "dns"
type = "udp"
localIP = "114.114.114.114"
localPort = 53
remotePort = 6002

# Resolve your domain names to [serverAddr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02
[[proxies]]
name = "web01"
type = "http"
localIP = "127.0.0.1"
localPort = 80
# http username and password are safety certification for http protocol
# if not set, you can access this customDomains without certification
httpUser = "admin"
httpPassword = "admin"
# if domain for frps is frps.com, then you can access [web01] proxy by URL http://web01.frps.com
subdomain = "web01"
customDomains = ["web01.yourdomain.com"]
# locations is only available for http type
locations = ["/", "/pic"]
# route requests to this service if http basic auto user is abc
# routeByHTTPUser = abc
hostHeaderRewrite = "example.com"
requestHeaders.set.x-from-where = "frp"
healthCheck.type = "http"
# frpc will send a GET http request '/status' to local http service
# http service is alive when it return 2xx http response code
healthCheck.path = "/status"
healthCheck.intervalSeconds = 10
healthCheck.maxFailed = 3
healthCheck.timeoutSeconds = 3

[[proxies]]
name = "web02"
type = "https"
localIP = "127.0.0.1"
localPort = 8000
subdomain = "web02"
customDomains = ["web02.yourdomain.com"]
# if not empty, frpc will use proxy protocol to transfer connection info to your local service
# v1 or v2 or empty
transport.proxyProtocolVersion = "v2"

[[proxies]]
name = "tcpmuxhttpconnect"
type = "tcpmux"
multiplexer = "httpconnect"
localIP = "127.0.0.1"
localPort = 10701
customDomains = ["tunnel1"]
# routeByHTTPUser = "user1"

[[proxies]]
name = "plugin_unix_domain_socket"
type = "tcp"
remotePort = 6003
# if plugin is defined, localIP and localPort is useless
# plugin will handle connections got from frps
[proxies.plugin]
type = "unix_domain_socket"
unixPath = "/var/run/docker.sock"

[[proxies]]
name = "plugin_http_proxy"
type = "tcp"
remotePort = 6004
[proxies.plugin]
type = "http_proxy"
httpUser = "abc"
httpPassword = "abc"

[[proxies]]
name = "plugin_socks5"
type = "tcp"
remotePort = 6005
[proxies.plugin]
type = "socks5"
username = "abc"
password = "abc"

[[proxies]]
name = "plugin_static_file"
type = "tcp"
remotePort = 6006
[proxies.plugin]
type = "static_file"
localPath = "/var/www/blog"
stripPrefix = "static"
httpUser = "abc"
httpPassword = "abc"

[[proxies]]
name = "plugin_https2http"
type = "https"
customDomains = ["test.yourdomain.com"]
[proxies.plugin]
type = "https2http"
localAddr = "127.0.0.1:80"
crtPath = "./server.crt"
keyPath = "./server.key"
hostHeaderRewrite = "127.0.0.1"
requestHeaders.set.x-from-where = "frp"

[[proxies]]
name = "plugin_https2https"
type = "https"
customDomains = ["test.yourdomain.com"]
[proxies.plugin]
type = "https2https"
localAddr = "127.0.0.1:443"
crtPath = "./server.crt"
keyPath = "./server.key"
hostHeaderRewrite = "127.0.0.1"
requestHeaders.set.x-from-where = "frp"

[[proxies]]
name = "plugin_http2https"
type = "http"
customDomains = ["test.yourdomain.com"]
[proxies.plugin]
type = "http2https"
localAddr = "127.0.0.1:443"
hostHeaderRewrite = "127.0.0.1"
requestHeaders.set.x-from-where = "frp"

[[proxies]]
name = "secret_tcp"
# If the type is secret tcp, remotePort is useless
# Who want to connect local port should deploy another frpc with stcp proxy and role is visitor
type = "stcp"
# secretKey is used for authentication for visitors
secretKey = "abcdefg"
localIP = "127.0.0.1"
localPort = 22
# If not empty, only visitors from specified users can connect.
# Otherwise, visitors from same user can connect. '*' means allow all users.
allowUsers = ["*"]

[[proxies]]
name = "p2p_tcp"
type = "xtcp"
secretKey = "abcdefg"
localIP = "127.0.0.1"
localPort = 22
# If not empty, only visitors from specified users can connect.
# Otherwise, visitors from same user can connect. '*' means allow all users.
allowUsers = ["user1", "user2"]

# frpc role visitor -> frps -> frpc role server
[[visitors]]
name = "secret_tcp_visitor"
type = "stcp"
# the server name you want to visitor
serverName = "secret_tcp"
secretKey = "abcdefg"
# connect this address to visitor stcp server
bindAddr = "127.0.0.1"
# bindPort can be less than 0, it means don't bind to the port and only receive connections redirected from
# other visitors. (This is not supported for SUDP now)
bindPort = 9000

[[visitors]]
name = "p2p_tcp_visitor"
type = "xtcp"
# if the server user is not set, it defaults to the current user
serverUser = "user1"
serverName = "p2p_tcp"
secretKey = "abcdefg"
bindAddr = "127.0.0.1"
# bindPort can be less than 0, it means don't bind to the port and only receive connections redirected from
# other visitors. (This is not supported for SUDP now)
bindPort = 9001
# when automatic tunnel persistence is required, set it to true
keepTunnelOpen = false
# effective when keepTunnelOpen is set to true, the number of attempts to punch through per hour
maxRetriesAnHour = 8
minRetryInterval = 90
# fallbackTo = "stcp_visitor"
# fallbackTimeoutMs = 500

[/collapse]

[collapse status=“false” title=“frps服务端配置文件中文注释（机翻）“]

# 此配置文件仅供参考，请勿直接使用此配置文件运行程序，因为可能存在各种问题。

# 你的代理名称将更改为 {user}.{proxy}
user = "your_name"

# 对于 IPv6 的文字地址或主机名，必须用方括号括起来，例如 "[::1]:80"、"[ipv6-host]:http" 或 "[ipv6-host%zone]:80"
# 对于单个 serverAddr 字段，无需使用方括号，例如 serverAddr = "::"
serverAddr = "0.0.0.0"
serverPort = 7000

# STUN 服务器用于帮助穿透 NAT 隧道。
# natHoleStunServer = "stun.easyvoip.com:3478"

# 决定在第一次登录失败时是否退出程序，否则将持续重新登录到 frps
# 默认为 true
loginFailExit = true

# 控制台或实际 logFile 路径，例如 ./frpc.log
log.to = "./frpc.log"
# trace、debug、info、warn、error
log.level = "info"
log.maxDays = 3
# 当 log.to 为控制台时，禁用日志颜色，默认为 false
log.disablePrintColor = false

auth.method = "token"
# auth.additionalScopes 指定要包含在身份验证信息中的附加范围。
# 可选值为 HeartBeats、NewWorkConns。
# auth.additionalScopes = ["HeartBeats", "NewWorkConns"]

# 身份验证令牌
auth.token = "12345678"

# oidc.clientID 指定 OIDC 身份验证中用于获取令牌的客户端 ID。
# auth.oidc.clientID = ""
# oidc.clientSecret 指定 OIDC 身份验证中用于获取令牌的客户端密钥。
# auth.oidc.clientSecret = ""
# oidc.audience 指定 OIDC 身份验证中令牌的受众。
# auth.oidc.audience = ""
# auth.oidc.scope 如果 AuthenticationMethod == "oidc"，则指定 OIDC 身份验证中令牌的权限。默认情况下，该值为 ""。
# auth.oidc.scope = ""
# oidc.tokenEndpointURL 指定实现 OIDC 令牌端点的 URL。
# 它将用于获取 OIDC 令牌。
# auth.oidc.tokenEndpointURL = ""

# oidc.additionalEndpointParams 指定要发送到 OIDC 令牌端点的附加参数。
# 例如，如果您想指定 "audience" 参数，可以设置如下。
# frp 将向附加参数添加 "audience=<value>"、"var1=<value>"。
# auth.oidc.additionalEndpointParams.audience = "https://dev.auth.com/api/v2/"
# auth.oidc.additionalEndpointParams.var1 = "foobar"

# 设置控制 frpc 操作的管理地址，例如重新加载
webServer.addr = "127.0.0.1"
webServer.port = 7400
webServer.user = "admin"
webServer.password = "admin"
# 管理员资源目录。默认情况下，这些资源与 frpc 捆绑在一起。
# webServer.assetsDir = "./static"

# 在管理员侦听器中启用 golang pprof 处理程序。
webServer.pprofEnable = false

# 与服务器建立连接的拨号的最长等待时间。默认值为 10 秒。
# transport.dialServerTimeout = 10

# dialServerKeepalive 指定 frpc 与 frps 之间的活动网络连接的保持活动探测之间的间隔。
# 如果为负数，则禁用保持活动探测。
# transport.dialServerKeepalive = 7200

# 预先建立的连接数，默认值为零
transport.poolCount = 5

# 如果使用了 tcp 流多路复用，默认为 true，它必须与 frps 相同
# transport.tcpMux = true

# 为 tcp mux 指定保持活动间隔。
# 仅在启用 tcpMux 时有效。
# transport.tcpMuxKeepaliveInterval = 60

# 用于连接服务器的通信协议
# 现在支持 tcp、kcp、quic、websocket 和 wss，默认为 tcp
transport.protocol = "tcp"

# 在连接服务器时设置客户端绑定 IP，默认为空。
# 仅当 protocol = tcp 或 websocket 时，才会使用该值。
transport.connectServerLocalIP = "0.0.0.0"

# 如果要通过 HTTP 代理、socks5 代理或 ntlm 代理连接 frps，可以在此处或全局环境变量中设置 proxyURL
# 仅当 protocol 是 tcp 时才有效
# transport.proxyURL = "http://user:passwd@192.168.1.128:8080"
# transport.proxyURL = "socks5://user:passwd@192.168.1.128:1080"
# transport.proxyURL = "ntlm://user:passwd@192.168.1.128:2080"

# quic 协议选项
# transport.quic.keepalivePeriod = 10
# transport.quic.maxIdleTimeout = 30
# transport.quic.maxIncomingStreams = 100000

# 如果 tls.enable 为 true，frpc 将通过 tls 连接 frps。
# 自 v0.50.0 起，默认值已更改为 true，并且默认情况下启用 tls。
transport.tls.enable = true

# transport.tls.certFile = "client.crt"
# transport.tls.keyFile = "client.key"
# transport.tls.trustedCaFile = "ca.crt"
# transport.tls.serverName = "example.com"

# 如果将 disableCustomTLSFirstByte 设置为 false，frpc 将使用启用 tls 时的第一个自定义字节与 frps 建立连接。
# 自 v0.50.0 起，默认值已更改为 true，并且默认情况下禁用第一个自定义字节。
# transport.tls.disableCustomTLSFirstByte = true

# 心跳配置，不建议修改默认值。
# heartbeatInterval 的默认值为 10，heartbeatTimeout 的默认值为 90。将其设置为负值可禁用它。
# transport.heartbeatInterval = 30
# transport.heartbeatTimeout = 90

# 指定 DNS 服务器，这样 frpc 将使用该服务器而不是默认服务器
# dnsServer = "8.8.8.8"

# 要启动的代理名称。
# 默认为空，表示所有代理。
# start = ["ssh", "dns"]

# 指定 UDP 数据包大小，单位为字节。如果不设置，默认值为 1500。
# 此参数应与客户端和服务器端相同。
# 它影响 udp 和 sudp 代理。
udpPacketSize = 1500

# 客户端的附加元数据。
metadatas.var1 = "abc"
metadatas.var2 = "123"

# 包含其他代理的配置文件。
# includes = ["./confd/*.ini"]

[[proxies]]
# 'ssh' 是唯一的代理名称
# 如果全局用户不为空，则将其更改为 {user}.{proxy}，例如 'your_name.ssh'
name = "ssh"
type = "tcp"
localIP = "127.0.0.1"
localPort = 22
# 限制此代理的带宽，单位为 KB 和 MB
transport.bandwidthLimit = "1MB"
# 在哪里限制带宽，可以是 'client' 或 'server'，默认为 'client'
transport.bandwidthLimitMode = "client"
# 如果为 true，则此代理的流量将被加密，默认为 false
transport.useEncryption = false
# 如果为 true，则流量将被压缩
transport.useCompression = false
# frps 监听的远程端口
remotePort = 6001
# frps 将为同一组中的代理负载均衡连接
loadBalancer.group = "test_group"
# 组应具有相同的组密钥
loadBalancer.groupKey = "123456"
# 为后端服务启用健康检查，支持 'tcp' 和 'http'。
# frpc 将连接到本地服务的端口以检测其健康状态
healthCheck.type = "tcp"
# 健康检查连接超时时间
healthCheck.timeoutSeconds = 3
# 如果连续失败 3 次，代理将从 frps 中移除
healthCheck.maxFailed = 3
# 每 10 秒进行一次健康检查
healthCheck.intervalSeconds = 10
# 每个代理的附加元信息。它将传递到服务器端插件以供使用。
metadatas.var1 = "abc"
metadatas.var2 = "123"
# 通过注释向代理添加一些额外信息。
# 这些注释将显示在 frps 仪表板上。
[proxies.annotations]
key1 = "value1"
"prefix/key2" = "value2"

[[proxies]]
name = "ssh_random"
type = "tcp"
localIP = "192.168.31.100"
localPort = 22
# 如果 remotePort 为 0，则 frps 将为您分配一个随机端口
remotePort = 0

[[proxies]]
name = "dns"
type = "udp"
localIP = "114.114.114.114"
localPort = 53
remotePort = 6002

# 将您的域名解析为 [serverAddr]，这样您就可以使用 http://web01.yourdomain.com 浏览 web01，http://web02.yourdomain.com 浏览 web02
[[proxies]]
name = "web01"
type = "http"
localIP = "127.0.0.1"
localPort = 80
# http 用户名和密码是用于 http 协议的安全认证
# 如果未设置，您可以在没有认证的情况下访问这些 customDomains
httpUser = "admin"
httpPassword = "admin"
# 如果 frps 的域名为 frps.com，则您可以通过 URL http://web01.frps.com 访问 [web01] 代理
subdomain = "web01"
customDomains = ["web01.yourdomain.com"]
# 仅对 http 类型可用
locations = ["/", "/pic"]
# 如果 http 基本自动用户为 abc，则将请求路由到此服务
# routeByHTTPUser = abc
hostHeaderRewrite = "example.com"
requestHeaders.set.x-from-where = "frp"
healthCheck.type = "http"
# frpc 将向本地 http 服务发送一个 GET http 请求 '/status'
# 仅当返回 2xx http 响应代码时，http 服务才是活动的
healthCheck.path = "/status"
healthCheck.intervalSeconds = 10
healthCheck.maxFailed = 3
healthCheck.timeoutSeconds = 3

[[proxies]]
name = "web02"
type = "https"
localIP = "127.0.0.1"
localPort = 8000
subdomain = "web02"
customDomains = ["web02.yourdomain.com"]
# 如果不为空，frpc 将使用代理协议将连接信息传输给您的本地服务
# v1 或 v2 或为空
transport.proxyProtocolVersion = "v2"

[[proxies]]
name = "tcpmuxhttpconnect"
type = "tcpmux"
multiplexer = "httpconnect"
localIP = "127.0.0.1"
localPort = 10701
customDomains = ["tunnel1"]
# routeByHTTPUser = "user1"

[[proxies]]
name = "plugin_unix_domain_socket"
type = "tcp"
remotePort = 6003
# 如果定义了 plugin，则 localIP 和 localPort 无效
# plugin 将处理从 frps 得到的连接
[proxies.plugin]
type = "unix_domain_socket"
unixPath = "/var/run/docker.sock"

[[proxies]]
name = "plugin_http_proxy"
type = "tcp"
remotePort = 6004
[proxies.plugin]
type = "http_proxy"
httpUser = "abc"
httpPassword = "abc"

[[proxies]]
name = "plugin_socks5"
type = "tcp"
remotePort = 6005
[proxies.plugin]
type = "socks5"
username = "abc"
password = "abc"

[[proxies]]
name = "plugin_static_file"
type = "tcp"
remotePort = 6006
[proxies.plugin]
type = "static_file"
localPath = "/var/www/blog"
stripPrefix = "static"
httpUser = "abc"
httpPassword = "abc"

[[proxies]]
name = "plugin_https2http"
type = "https"
customDomains = ["test.yourdomain.com"]
[proxies.plugin]
type = "https2http"
localAddr = "127.0.0.1:80"
crtPath = "./server.crt"
keyPath = "./server.key"
hostHeaderRewrite = "127.0.0.1"
requestHeaders.set.x-from-where = "frp"

[[proxies]]
name = "plugin_https2https"
type = "https"
customDomains = ["test.yourdomain.com"]
[proxies.plugin]
type = "https2https"
localAddr = "127.0.0.1:443"
crtPath = "./server.crt"
keyPath = "./server.key"
hostHeaderRewrite = "127.0.0.1"
requestHeaders.set.x-from-where = "frp"

[[proxies]]
name = "plugin_http2https"
type = "http"
customDomains = ["test.yourdomain.com"]
[proxies.plugin]
type = "http2https"
localAddr = "127.0.0.1:443"
hostHeaderRewrite = "127.0.0.1"
requestHeaders.set.x-from-where = "frp"

[[proxies]]
name = "secret_tcp"
# 如果类型为 secret tcp，则 remotePort 无效
# 要连接本地端口的人应该使用具有 stcp 代理和角色为 visitor 的另一个 frpc
type = "stcp"
# secretKey 用于访问者的身份验证
secretKey = "abcdefg"
localIP = "127.0.0.1"
localPort = 22
# 如果不为空，则只允许来自指定用户的访问者连接。
# 否则，来自相同用户的访问者可以连接。'*' 表示允许所有用户。
allowUsers = ["*"]

[[proxies]]
name = "p2p_tcp"
type = "xtcp"
secretKey = "abcdefg"
localIP = "127.0.0.1"
localPort = 22
# 如果不为空，则只允许来自指定用户的访问者连接。
# 否则，来自相同用户的访问者可以连接。'*' 表示允许所有用户。
allowUsers = ["user1", "user2"]

# frpc 角色 visitor -> frps -> frpc 角色 server
[[visitors]]
name = "secret_tcp_visitor"
type = "stcp"
# 要访问的服务器名称
serverName = "secret_tcp"
secretKey = "abcdefg"
# 连接此地址以访问 visitor stcp 服务器
bindAddr = "127.0.0.1"
# bindPort 可以小于 0，表示不绑定到端口，仅接收从其他访问者重定向的连接。（目前不支持 SUDP）
bindPort = 9000

[[visitors]]
name = "p2p_tcp_visitor"
type = "xtcp"
# 如果未设置服务器用户，则默认为当前用户
serverUser = "user1"
serverName = "p2p_tcp"
secretKey = "abcdefg"
bindAddr = "127.0.0.1"
# bindPort 可以小于 0，表示不绑定到端口，仅接收从其他访问者重定向的连接。（目前不支持 SUDP）
bindPort = 9001
# 当需要自动隧道持久性时，将其设置为 true
keepTunnelOpen = false
# keepTunnelOpen 设置为 true 时生效，每小时尝试穿透的次数
maxRetriesAnHour = 8
minRetryInterval = 90
# fallbackTo = "stcp_visitor"
# fallbackTimeoutMs = 500

[/collapse]