github-starred/frp
2
0
Fork 0
mirror of https://github.com/fatedier/frp.git synced 2026-05-15 16:15:49 -06:00
Code Issues 40 Projects Packages Wiki Activity Actions 1

[GH-ISSUE #332] 新版0.10.0 http类型不可以加密,压缩 #244

New issue
Closed
opened 2026-05-05 12:02:30 -06:00 by gitea-mirror · 19 comments
gitea-mirror commented 2026-05-05 12:02:30 -06:00
Owner
Copy link

Originally created by @newcastlecy on GitHub (May 24, 2017).
Original GitHub issue: https://github.com/fatedier/frp/issues/332

Type tcp / http
use_encryption = true
use_compression = true
客户端可以telnet端口通,不可以访问http网页,
use_encryption = false
use_compression = false
客户端访问http网页正常

0.9.3 http类型可以加密,压缩

Originally created by @newcastlecy on GitHub (May 24, 2017). Original GitHub issue: https://github.com/fatedier/frp/issues/332 Type tcp / http use_encryption = true use_compression = true 客户端可以telnet端口通,不可以访问http网页, use_encryption = false use_compression = false 客户端访问http网页正常 0.9.3 http类型可以加密,压缩
gitea-mirror 2026-05-05 12:02:30 -06:00
  • closed this issue
  • added the
    bug
         label
gitea-mirror commented 2026-05-05 12:02:36 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (May 24, 2017):

请按照 issue 模版提交问题,方便查看。

<!-- gh-comment-id:303636703 --> @fatedier commented on GitHub (May 24, 2017): 请按照 issue 模版提交问题,方便查看。
gitea-mirror commented 2026-05-05 12:02:38 -06:00
Author
Owner
Copy link

@newcastlecy commented on GitHub (May 24, 2017):

#服务端配置:
[common]
bind_port = 7000
dashboard_port = 7500
dashboard_user = admin
dashboard_pwd = admin
vhost_http_port = 8888
tcp_mux = true
authentication_timeout = 900
privilege_token = xxxxxxxx
subdomain_host = a.b.c
max_pool_count = 50
log_file = /dev/null

#客户端配置:
[http]
privilege_mode = true
type = http
local_ip = 127.0.0.1
local_port = 80
#use_encryption = true
#use_compression = true
subdomain = xyz
log_file = /dev/null

[ssh]
privilege_mode = true
remote_port = 22222
type = tcp
local_ip = 127.0.0.1
local_port = 22
use_encryption = true
use_compression = true
log_file = /dev/null

[http2]
privilege_mode = true
remote_port = 8080
type = tcp
local_ip = 127.0.0.1
local_port = 80
#use_encryption = true
#use_compression = true
log_file = /dev/null

若 [http] [http2]开启use_encryption use_compression选项 ,则
http://xyz.a.b.c:8888http://a.b.c:8080 不可以打开网页,但是 8888 8080 端口是通的
去掉use_encryption use_compression选项,2个页面打开均正常
[ssh] 可以正常使用use_encryption use_compression选项

<!-- gh-comment-id:303639549 --> @newcastlecy commented on GitHub (May 24, 2017): #服务端配置: [common] bind_port = 7000 dashboard_port = 7500 dashboard_user = admin dashboard_pwd = admin vhost_http_port = 8888 tcp_mux = true authentication_timeout = 900 privilege_token = xxxxxxxx subdomain_host = a.b.c max_pool_count = 50 log_file = /dev/null #客户端配置: [http] privilege_mode = true type = http local_ip = 127.0.0.1 local_port = 80 #use_encryption = true #use_compression = true subdomain = xyz log_file = /dev/null [ssh] privilege_mode = true remote_port = 22222 type = tcp local_ip = 127.0.0.1 local_port = 22 use_encryption = true use_compression = true log_file = /dev/null [http2] privilege_mode = true remote_port = 8080 type = tcp local_ip = 127.0.0.1 local_port = 80 #use_encryption = true #use_compression = true log_file = /dev/null 若 [http] [http2]开启use_encryption use_compression选项 ,则 http://xyz.a.b.c:8888 与http://a.b.c:8080 不可以打开网页,但是 8888 8080 端口是通的 去掉use_encryption use_compression选项,2个页面打开均正常 [ssh] 可以正常使用use_encryption use_compression选项
gitea-mirror commented 2026-05-05 12:02:39 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (May 24, 2017):

在你 New issue 的时候不要删除里面的模版内容,按照模版内容填写相关信息。

另外你的问题无法复现。

<!-- gh-comment-id:303641121 --> @fatedier commented on GitHub (May 24, 2017): 在你 New issue 的时候不要删除里面的模版内容,按照模版内容填写相关信息。 另外你的问题无法复现。
gitea-mirror commented 2026-05-05 12:02:40 -06:00
Author
Owner
Copy link

@newcastlecy commented on GitHub (May 24, 2017):

客户端配置:为路由器 100%复现以上

<!-- gh-comment-id:303755066 --> @newcastlecy commented on GitHub (May 24, 2017): 客户端配置:为路由器 100%复现以上
gitea-mirror commented 2026-05-05 12:02:43 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (May 24, 2017):

你没有按照模版内容填写相关信息,所以缺少系统信息等内容,我也没有环境去复现,很难排查问题。

<!-- gh-comment-id:303758477 --> @fatedier commented on GitHub (May 24, 2017): 你没有按照模版内容填写相关信息,所以缺少系统信息等内容,我也没有环境去复现,很难排查问题。
gitea-mirror commented 2026-05-05 12:02:44 -06:00
Author
Owner
Copy link

@rampageX commented on GitHub (May 25, 2017):

我这里也有这个问题。同样是运行在路由器上,映射到路由器的 Web 设置页面,端口是 8889。
路由器型号: ASUS RT-AC68P
操作系统: Tomato/Linux asus 2.6.36.4brcmarm #19 SMP PREEMPT Wed Apr 19 16:20:58 CEST 2017 armv7l GNU/Linux

配置文件 frpc.ini:

# [common] is integral section
[common]
# A literal address or host name for IPv6 must be enclosed
# in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80"
server_addr = test.com
server_port = 2000
# console or real logFile path like ./frpc.log
log_file = ./frpc.log
# debug, info, warn, error
log_level = info
log_max_days = 3
# for authentication
auth_token = tester
# for privilege mode
privilege_token = 88888888

[HTTP]
# tcp | http, default is tcp
privilege_mode = true
type = tcp
local_ip = 192.168.2.1
local_port = 8889
remote_port = 2009
# true or false, if true, messages between frps and frpc will be encrypted, default is false
use_encryption = false
# default is false
use_gzip = false
# connections will be established in advance, default value is zero
pool_count = 0

What version of frp are you using (./frpc -v or ./frps -v)?
0.10.0

What operating system and processor architecture are you using (go env)?

GOARCH="arm"
GOBIN=""
GOEXE=""
GOHOSTARCH="arm"
GOHOSTOS="linux"
GOOS="linux"
GOPATH="/mnt/data/compile/go"
GORACE=""
GOROOT="/mmc/usr/go"
GOTOOLDIR="/mmc/usr/go/pkg/tool/linux_arm"
GCCGO="gccgo"
GOARM=""
CC="gcc"
GOGCCFLAGS="-fPIC -marm -fmessage-length=0 -fdebug-prefix-map=/mmc/tmp/go-build138096640=/tmp/go-build -gno-record-gcc-switches"
CXX="g++"
CGO_ENABLED="0"
PKG_CONFIG="pkg-config"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"

Steps to reproduce the issue:

  1. 在 HTTP 段,设置 use_encryption = true
  2. 重启 frpc,浏览器不能打开路由器上的设置界面;
  3. 在 HTTP 段,设置 use_encryption = false
  4. 重启 frpc,浏览器可以打开路由器上的设置界面;

Describe the results you received:
当 use_encryption = true 是,可以跳出 Web 设置页面的用户名密码输入界面,证明端口转发成功,但是输入用户名密码后,浏览器只能显示出页面的标题,整个内容是空的,浏览器一直显示加载中;附上 Chrome F12 网络调试信息:

连接失败时:
e-on

连接成功时:
e-off

Describe the results you expected:
开启加密任然可以连接。

Additional information you deem important (e.g. issue happens only occasionally):

Can you point out what caused this issue (optional)

<!-- gh-comment-id:304005528 --> @rampageX commented on GitHub (May 25, 2017): 我这里也有这个问题。同样是运行在路由器上,映射到路由器的 Web 设置页面,端口是 8889。 路由器型号: ASUS RT-AC68P 操作系统: Tomato/Linux asus 2.6.36.4brcmarm #19 SMP PREEMPT Wed Apr 19 16:20:58 CEST 2017 armv7l GNU/Linux 配置文件 frpc.ini: ``` # [common] is integral section [common] # A literal address or host name for IPv6 must be enclosed # in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80" server_addr = test.com server_port = 2000 # console or real logFile path like ./frpc.log log_file = ./frpc.log # debug, info, warn, error log_level = info log_max_days = 3 # for authentication auth_token = tester # for privilege mode privilege_token = 88888888 [HTTP] # tcp | http, default is tcp privilege_mode = true type = tcp local_ip = 192.168.2.1 local_port = 8889 remote_port = 2009 # true or false, if true, messages between frps and frpc will be encrypted, default is false use_encryption = false # default is false use_gzip = false # connections will be established in advance, default value is zero pool_count = 0 ``` **What version of frp are you using (./frpc -v or ./frps -v)?** 0.10.0 **What operating system and processor architecture are you using (`go env`)?** > GOARCH="arm" > GOBIN="" > GOEXE="" > GOHOSTARCH="arm" > GOHOSTOS="linux" > GOOS="linux" > GOPATH="/mnt/data/compile/go" > GORACE="" > GOROOT="/mmc/usr/go" > GOTOOLDIR="/mmc/usr/go/pkg/tool/linux_arm" > GCCGO="gccgo" > GOARM="" > CC="gcc" > GOGCCFLAGS="-fPIC -marm -fmessage-length=0 -fdebug-prefix-map=/mmc/tmp/go-build138096640=/tmp/go-build -gno-record-gcc-switches" > CXX="g++" > CGO_ENABLED="0" > PKG_CONFIG="pkg-config" > CGO_CFLAGS="-g -O2" > CGO_CPPFLAGS="" > CGO_CXXFLAGS="-g -O2" > CGO_FFLAGS="-g -O2" > CGO_LDFLAGS="-g -O2" **Steps to reproduce the issue:** 1. 在 HTTP 段,设置 use_encryption = true 2. 重启 frpc,浏览器不能打开路由器上的设置界面; 3. 在 HTTP 段,设置 use_encryption = false 4. 重启 frpc,浏览器可以打开路由器上的设置界面; **Describe the results you received:** 当 use_encryption = true 是,可以跳出 Web 设置页面的用户名密码输入界面,证明端口转发成功,但是输入用户名密码后,浏览器只能显示出页面的标题,整个内容是空的,浏览器一直显示加载中;附上 Chrome F12 网络调试信息: 连接失败时: ![e-on](https://cloud.githubusercontent.com/assets/994081/26451361/60ead3a0-418e-11e7-92f4-2af093481885.jpg) 连接成功时: ![e-off](https://cloud.githubusercontent.com/assets/994081/26451364/67d65964-418e-11e7-97b1-03e0a4b9996b.jpg) **Describe the results you expected:** 开启加密任然可以连接。 **Additional information you deem important (e.g. issue happens only occasionally):** 无 **Can you point out what caused this issue (optional)** 无
gitea-mirror commented 2026-05-05 12:02:46 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (May 25, 2017):

@rampageX 推测和加密的方法有关,0.10.0 版本更新了加密的方法,不同平台的兼容性可能不是很好。不过我没有 arm 的机器,不方便调试。

<!-- gh-comment-id:304036750 --> @fatedier commented on GitHub (May 25, 2017): @rampageX 推测和加密的方法有关,0.10.0 版本更新了加密的方法,不同平台的兼容性可能不是很好。不过我没有 arm 的机器,不方便调试。
gitea-mirror commented 2026-05-05 12:02:48 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (May 25, 2017):

@rampageX 找了一个手机测试了,仍然无法复现这个问题。

<!-- gh-comment-id:304059016 --> @fatedier commented on GitHub (May 25, 2017): @rampageX 找了一个手机测试了,仍然无法复现这个问题。
gitea-mirror commented 2026-05-05 12:02:50 -06:00
Author
Owner
Copy link

@rampageX commented on GitHub (May 25, 2017):

@fatedier 同一台路由器上同样版本的 frpc ,用 tcp 类型来转发 ssh 端口,启用加密也是可以的,是否可以排除与硬件/平台无关?

<!-- gh-comment-id:304059039 --> @rampageX commented on GitHub (May 25, 2017): @fatedier 同一台路由器上同样版本的 frpc ,用 tcp 类型来转发 ssh 端口,启用加密也是可以的,是否可以排除与硬件/平台无关?
gitea-mirror commented 2026-05-05 12:02:50 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (May 25, 2017):

@rampageX 最好能够提供在 linux 系统上可以稳定复现的示例。

<!-- gh-comment-id:304059677 --> @fatedier commented on GitHub (May 25, 2017): @rampageX 最好能够提供在 linux 系统上可以稳定复现的示例。
gitea-mirror commented 2026-05-05 12:02:52 -06:00
Author
Owner
Copy link

@rampageX commented on GitHub (May 26, 2017):

@fatedier
我又反复测试了几种情况:

  1. 分别把 frpc 运行在(与运行 Tomato 的路由器同在一个局域网的)树莓派3 和 Windows 10 上,如果开启加密,仍然打不开路由器的设置界面;
  2. frpc 无论是运行在路由器上,还是树莓派或者 Windows 10上,开启加密,能够访问 Ngnix 架设的 HTTP 服务器,以及另外一台基于原版固件的华硕路由器设置界面(它的认证界面看起来不像基础认证界面,而是华硕自己写的一个认证系统);
  3. 怀疑是 HTTP 基础认证问题,换一台刷了 DD-WRT 的路由器,开启 frpc 加密,输入用户名密码后,不能访问设置界面;
  4. 目前只能认为是 Tomato/DD-WRT 固件自带的 Web 服务器/页面认证与 frpc 的加密有兼容性问题。
<!-- gh-comment-id:304181072 --> @rampageX commented on GitHub (May 26, 2017): @fatedier 我又反复测试了几种情况: 1. 分别把 frpc 运行在(与运行 Tomato 的路由器同在一个局域网的)树莓派3 和 Windows 10 上,如果开启加密,仍然打不开路由器的设置界面; 2. frpc 无论是运行在路由器上,还是树莓派或者 Windows 10上,开启加密,能够访问 Ngnix 架设的 HTTP 服务器,以及另外一台基于原版固件的华硕路由器设置界面(它的认证界面看起来不像基础认证界面,而是华硕自己写的一个认证系统); 3. 怀疑是 HTTP 基础认证问题,换一台刷了 DD-WRT 的路由器,开启 frpc 加密,输入用户名密码后,不能访问设置界面; 4. 目前只能认为是 Tomato/DD-WRT 固件自带的 Web 服务器/页面认证与 frpc 的加密有兼容性问题。
gitea-mirror commented 2026-05-05 12:02:53 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (May 26, 2017):

@rampageX 你的测试结论是 华硕自己写的一个认证系统 开启加密后是正常的,但是如果本身的 web 服务有 HTTP Basic Auth 认证,则开启加密会导致不能访问?

<!-- gh-comment-id:304186218 --> @fatedier commented on GitHub (May 26, 2017): @rampageX 你的测试结论是 **华硕自己写的一个认证系统** 开启加密后是正常的,但是如果本身的 web 服务有 **HTTP Basic Auth 认证**,则开启加密会导致不能访问?
gitea-mirror commented 2026-05-05 12:02:54 -06:00
Author
Owner
Copy link

@rampageX commented on GitHub (May 26, 2017):

@fatedier 是的。

<!-- gh-comment-id:304187793 --> @rampageX commented on GitHub (May 26, 2017): @fatedier 是的。
gitea-mirror commented 2026-05-05 12:02:55 -06:00
Author
Owner
Copy link

@lnzoro commented on GitHub (Jun 2, 2017):

我的也是这个问题,我联合kcptun一起用frp打开压缩,网站打不开,现在只能关闭压缩才能打开网页。

<!-- gh-comment-id:305711900 --> @lnzoro commented on GitHub (Jun 2, 2017): 我的也是这个问题,我联合kcptun一起用frp打开压缩,网站打不开,现在只能关闭压缩才能打开网页。
gitea-mirror commented 2026-05-05 12:02:56 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Jun 5, 2017):

大致上定位到原因了,考虑下怎么修复。

<!-- gh-comment-id:306211555 --> @fatedier commented on GitHub (Jun 5, 2017): 大致上定位到原因了,考虑下怎么修复。
gitea-mirror commented 2026-05-05 12:02:57 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Jun 5, 2017):

@rampageX 感谢你提供的详细的信息,临时编译的版本放在百度网盘上了,可以试试是否解决了你遇到的问题。

https://pan.baidu.com/s/1eRTu3mU
yfwm

<!-- gh-comment-id:306252080 --> @fatedier commented on GitHub (Jun 5, 2017): @rampageX 感谢你提供的详细的信息,临时编译的版本放在百度网盘上了,可以试试是否解决了你遇到的问题。 https://pan.baidu.com/s/1eRTu3mU yfwm
gitea-mirror commented 2026-05-05 12:02:57 -06:00
Author
Owner
Copy link

@lnzoro commented on GitHub (Jun 6, 2017):

这个应该可以了。压缩能开网页了

<!-- gh-comment-id:306347877 --> @lnzoro commented on GitHub (Jun 6, 2017): 这个应该可以了。压缩能开网页了
gitea-mirror commented 2026-05-05 12:02:58 -06:00
Author
Owner
Copy link

@newcastlecy commented on GitHub (Jun 6, 2017):

可以了

lnzoro notifications@github.com于2017年6月6日 周二 08:31写道:

这个应该可以了。压缩能开网页了


You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
https://github.com/fatedier/frp/issues/332#issuecomment-306347877, or mute
the thread
https://github.com/notifications/unsubscribe-auth/AC5Fa1_8MFZdjb6b_OIaXWr_1p12dZ_rks5sBJ34gaJpZM4NkrCK
.

--
感谢您在百忙之中阅读我的信件。

<!-- gh-comment-id:306348538 --> @newcastlecy commented on GitHub (Jun 6, 2017): 可以了 lnzoro <notifications@github.com>于2017年6月6日 周二 08:31写道: > 这个应该可以了。压缩能开网页了 > > — > You are receiving this because you authored the thread. > Reply to this email directly, view it on GitHub > <https://github.com/fatedier/frp/issues/332#issuecomment-306347877>, or mute > the thread > <https://github.com/notifications/unsubscribe-auth/AC5Fa1_8MFZdjb6b_OIaXWr_1p12dZ_rks5sBJ34gaJpZM4NkrCK> > . > -- 感谢您在百忙之中阅读我的信件。
gitea-mirror commented 2026-05-05 12:02:59 -06:00
Author
Owner
Copy link

@rampageX commented on GitHub (Jun 6, 2017):

@fatedier OK 啦!感谢!

<!-- gh-comment-id:306360117 --> @rampageX commented on GitHub (Jun 6, 2017): @fatedier OK 啦!感谢!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
dev
new
master
copilot/review-pull-request-5198
v0.68.1
v0.68.0
v0.67.0
v0.66.0
v0.65.0
v0.64.0
v0.63.0
v0.62.1
v0.62.0
v0.61.2
v0.61.1
v0.61.0
v0.60.0
v0.59.0
v0.58.1
v0.58.0
v0.57.0
v0.56.0
v0.55.1
v0.55.0
v0.54.0
v0.53.2
v0.53.1
v0.53.0
v0.52.3
v0.52.2
v0.52.1
v0.52.0
v0.51.3
v0.51.2
v0.51.1
v0.51.0
v0.50.0
v0.49.0
v0.48.0
v0.47.0
v0.46.1
v0.46.0
v0.45.0
v0.44.0
v0.43.0
v0.42.0
v0.41.0
v0.40.0
v0.39.1
v0.39.0
v0.38.0
v0.37.1
v0.37.0
v0.36.2
v0.36.1
v0.36.0
v0.35.1
v0.35.0
v0.34.3
v0.34.2
v0.34.1
v0.34.0
v0.33.0
v0.32.1
v0.32.0
v0.31.2
v0.31.1
v0.31.0
v0.30.0
v0.29.1
v0.29.0
v0.28.2
v0.28.1
v0.28.0
v0.27.1
v0.27.0
v0.26.0
v0.25.3
v0.25.2
v0.25.1
v0.25.0
v0.24.1
v0.24.0
v0.23.3
v0.23.2
v0.23.1
v0.23.0
v0.22.0
v0.21.0
v0.20.0
v0.19.1
v0.19.0
v0.18.0
v0.17.0
v0.16.1
v0.16.0
v0.15.1
v0.15.0
v0.14.1
v0.14.0
v0.13.0
v0.12.0
v0.11.0
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.1
v0.8.0
v0.7.0
v0.6.0
v0.5.0
v0.3.0
v0.2.0
v0.1.0
Labels
Clear labels   
In Progress

   
WIP

   
WaitingForInfo

   
bug

   
doc

   
duplicate

   
easy

   
enhancement

   
future

   
help wanted

   
invalid

   
lifecycle/stale

   
need-issue-template

   
need-usage-help

   
no plan

   
proposal

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
todo
No labels
In Progress
WIP
WaitingForInfo
bug
doc
duplicate
easy
enhancement
future
help wanted
invalid
lifecycle/stale
need-issue-template
need-usage-help
no plan
proposal
pull-request
question
todo
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#244
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?