[GH-ISSUE #3255] [Feature Request] 可以由客户端指定代理IP吗？

gitea-mirror commented

2026-05-05 13:41:00 -06:00

Author

Owner

@zyywo commented on GitHub (Jan 18, 2023):

@Becods 按照你的方法还是不行

nginx日志：

nginx-http-1  | 2023/01/18 06:23:22 [error] 7#7: *779 connect() failed (111: Connection refused) while connecting to upstream, client: 42.239.5.17, server: pan.zhangyongyao.com, request: "GET / HTTP/2.0", upstre
am: "http://127.0.0.1:8080/", host: "pan.zhangyongyao.com"

用curl测试是通的

curl -vv http://127.0.0.1:8080
*   Trying 127.0.0.1:8080...
* Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0)
> GET / HTTP/1.1
> Host: 127.0.0.1:8080
> User-Agent: curl/7.74.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Date: Wed, 18 Jan 2023 07:16:12 GMT
< Server: Apache/2.4.54 (Debian)
< Referrer-Policy: no-referrer
< X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
< X-Permitted-Cross-Domain-Policies: none
< X-Robots-Tag: none
< X-XSS-Protection: 1; mode=block
< X-Powered-By: PHP/8.1.14
< Set-Cookie: ocpr26iv4u1c=e3c5f1a8c1502da756b0e973975514f8; path=/; HttpOnly; SameSite=Lax
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate
< Pragma: no-cache
< Set-Cookie: oc_sessionPassphrase=AHFR902f519KUYfVIy60A%2F6eWpzIShVfEST%2BiDg24dsusaQeoNwagVPQ1ufw2zciROLmciVnYfT3DuODl7otMiyG3Y4Q%2Fxt2u8pqlbttJ%2FfwXA4Xbo8NNRyJC8GlLyFW; path=/; HttpOnly; SameSite=Lax
< Set-Cookie: ocpr26iv4u1c=97a969fc5b1f11b0ffacafc21c85db96; path=/; HttpOnly; SameSite=Lax
< Set-Cookie: ocpr26iv4u1c=97a969fc5b1f11b0ffacafc21c85db96; path=/; HttpOnly; SameSite=Lax
< Content-Security-Policy: default-src 'self'; script-src 'self' 'nonce-TkVJT1ZBVXN3a0w5bDlZdi9aY1dSRnRRNFNaSEwyMWFRbzhrcnYydW1GRT06QUhOK0JVRkpqQmkyb0pCNHkvQXVjQ0VGaVVvV2VENHdKdG9jMzViYnFEWT0='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
< Set-Cookie: nc_sameSiteCookielax=true; path=/; httponly;expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax
< Set-Cookie: nc_sameSiteCookiestrict=true; path=/; httponly;expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
< Set-Cookie: ocpr26iv4u1c=97a969fc5b1f11b0ffacafc21c85db96; path=/; HttpOnly; SameSite=Lax
< Location: http://127.0.0.1:8080/login
< Content-Length: 0
< Content-Type: text/html; charset=UTF-8
<
* Connection #0 to host 127.0.0.1 left intact

nginx的设置

server {
        listen 80;
        return 301 https://$host$request_uri;
}

server {
        listen 443 ssl http2;

        server_name pan.zhangyongyao.com;

        ssl_certificate      /etc/letsencrypt/live/pan.zhangyongyao.com/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/pan.zhangyongyao.com/privkey.pem;

        ssl_session_timeout  5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

        location / {
            proxy_set_header Host $http_host;
            proxy_set_header X-Forwarded-Proto https;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass http://127.0.0.1:8080;
        }
}

@zyywo commented on GitHub (Jan 18, 2023): @Becods 按照你的方法还是不行 nginx日志： ``` nginx-http-1 | 2023/01/18 06:23:22 [error] 7#7: *779 connect() failed (111: Connection refused) while connecting to upstream, client: 42.239.5.17, server: pan.zhangyongyao.com, request: "GET / HTTP/2.0", upstre am: "http://127.0.0.1:8080/", host: "pan.zhangyongyao.com" ``` 用curl测试是通的 ``` curl -vv http://127.0.0.1:8080 * Trying 127.0.0.1:8080... * Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0) > GET / HTTP/1.1 > Host: 127.0.0.1:8080 > User-Agent: curl/7.74.0 > Accept: */* > * Mark bundle as not supporting multiuse < HTTP/1.1 302 Found < Date: Wed, 18 Jan 2023 07:16:12 GMT < Server: Apache/2.4.54 (Debian) < Referrer-Policy: no-referrer < X-Content-Type-Options: nosniff < X-Frame-Options: SAMEORIGIN < X-Permitted-Cross-Domain-Policies: none < X-Robots-Tag: none < X-XSS-Protection: 1; mode=block < X-Powered-By: PHP/8.1.14 < Set-Cookie: ocpr26iv4u1c=e3c5f1a8c1502da756b0e973975514f8; path=/; HttpOnly; SameSite=Lax < Expires: Thu, 19 Nov 1981 08:52:00 GMT < Cache-Control: no-store, no-cache, must-revalidate < Pragma: no-cache < Set-Cookie: oc_sessionPassphrase=AHFR902f519KUYfVIy60A%2F6eWpzIShVfEST%2BiDg24dsusaQeoNwagVPQ1ufw2zciROLmciVnYfT3DuODl7otMiyG3Y4Q%2Fxt2u8pqlbttJ%2FfwXA4Xbo8NNRyJC8GlLyFW; path=/; HttpOnly; SameSite=Lax < Set-Cookie: ocpr26iv4u1c=97a969fc5b1f11b0ffacafc21c85db96; path=/; HttpOnly; SameSite=Lax < Set-Cookie: ocpr26iv4u1c=97a969fc5b1f11b0ffacafc21c85db96; path=/; HttpOnly; SameSite=Lax < Content-Security-Policy: default-src 'self'; script-src 'self' 'nonce-TkVJT1ZBVXN3a0w5bDlZdi9aY1dSRnRRNFNaSEwyMWFRbzhrcnYydW1GRT06QUhOK0JVRkpqQmkyb0pCNHkvQXVjQ0VGaVVvV2VENHdKdG9jMzViYnFEWT0='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self'; < Set-Cookie: nc_sameSiteCookielax=true; path=/; httponly;expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax < Set-Cookie: nc_sameSiteCookiestrict=true; path=/; httponly;expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict < Set-Cookie: ocpr26iv4u1c=97a969fc5b1f11b0ffacafc21c85db96; path=/; HttpOnly; SameSite=Lax < Location: http://127.0.0.1:8080/login < Content-Length: 0 < Content-Type: text/html; charset=UTF-8 < * Connection #0 to host 127.0.0.1 left intact ``` nginx的设置 ``` server { listen 80; return 301 https://$host$request_uri; } server { listen 443 ssl http2; server_name pan.zhangyongyao.com; ssl_certificate /etc/letsencrypt/live/pan.zhangyongyao.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/pan.zhangyongyao.com/privkey.pem; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; location / { proxy_set_header Host $http_host; proxy_set_header X-Forwarded-Proto https; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://127.0.0.1:8080; } } ```

2026-05-05 13:40:57 -06:00

Originally created by @zyywo on GitHub (Jan 15, 2023).
Original GitHub issue: https://github.com/fatedier/frp/issues/3255

Describe the feature request

我的一台内网主机开启了SSH服务和WEB服务，我想把内网的SSH服务映射到frp服务端的公网IP，WEB服务映射到服务端的127.0.0.1，由frp服务端的nginx代理这个WEB。

Describe alternatives you've considered

No response

Affected area

Docs
Installation
Performance and Scalability
Security
User Experience
Test and Release
Developer Infrastructure
Client Plugin
Server Plugin
Extensions
Others

Originally created by @zyywo on GitHub (Jan 15, 2023). Original GitHub issue: https://github.com/fatedier/frp/issues/3255 ### Describe the feature request 我的一台内网主机开启了SSH服务和WEB服务，我想把内网的SSH服务映射到frp服务端的公网IP，WEB服务映射到服务端的127.0.0.1，由frp服务端的nginx代理这个WEB。 ### Describe alternatives you've considered _No response_ ### Affected area - [ ] Docs - [ ] Installation - [ ] Performance and Scalability - [ ] Security - [X] User Experience - [ ] Test and Release - [ ] Developer Infrastructure - [ ] Client Plugin - [ ] Server Plugin - [ ] Extensions - [ ] Others

gitea-mirror closed this issue

2026-05-05 13:40:58 -06:00

@Becods commented on GitHub (Jan 17, 2023):

frp的多出口暂未实现

但你可以
ssh绑定指定端口并开启防火墙
web绑定指定端口并关闭防火墙
nginx反代127.0.0.1:webport

@Becods commented on GitHub (Jan 17, 2023): frp的多出口暂未实现但你可以 ssh绑定指定端口并开启防火墙 web绑定指定端口并关闭防火墙 nginx反代127.0.0.1:webport

2026-05-05 13:41:01 -06:00

@zyywo commented on GitHub (Jan 19, 2023):

参考Becods的方法搞好了，因为我的nginx部署在docker上所以127.0.0.1需要更换为docker0网口的地址

@zyywo commented on GitHub (Jan 19, 2023): 参考Becods的方法搞好了，因为我的nginx部署在docker上所以127.0.0.1需要更换为docker0网口的地址

Rows
Columns

[GH-ISSUE #3255] [Feature Request] 可以由客户端指定代理IP吗？ #2609

Describe the feature request

Describe alternatives you've considered

Affected area