Nps(内网穿透)
nps是一款轻量级、高性能、功能强大的内网穿透代理服务器。目前支持tcp、udp流量转发,可支持任何tcp、udp上层协议(访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析等等……),此外还支持内网http代理、内网socks5代理、p2p等,并带有功能强大的web管理端。
安装Nps
安装服务端(公网)
Kubernetes
yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: nps-configmap
namespace: tomato-system
data:
nps.conf: |
appname = nps
#Boot mode(dev|pro)
runmode = dev
#HTTP(S) proxy port, no startup if empty
http_proxy_ip=0.0.0.0
http_proxy_port=50080
https_proxy_port=50443
https_just_proxy=true
#default https certificate setting
https_default_cert_file=conf/server.pem
https_default_key_file=conf/server.key
##bridge
bridge_type=tcp
bridge_port=50024
bridge_ip=0.0.0.0
# Public password, which clients can use to connect to the server
# After the connection, the server will be able to open relevant ports and parse related domain names according to its own configuration file.
public_vkey=123
#Traffic data persistence interval(minute)
#Ignorance means no persistence
#flow_store_interval=1
# log level LevelEmergency->0 LevelAlert->1 LevelCritical->2 LevelError->3 LevelWarning->4 LevelNotice->5 LevelInformational->6 LevelDebug->7
log_level=7
#log_path=nps.log
#Whether to restrict IP access, true or false or ignore
#ip_limit=true
#p2p
#p2p_ip=127.0.0.1
#p2p_port=6000
#web
web_host=10.0.24.15
web_username=xusenhao
web_password=xuSenHao@
web_port = 50000
web_ip=0.0.0.0
web_base_url=
web_open_ssl=false
web_cert_file=conf/tls.crt
web_key_file=conf/tls.key
# if web under proxy use sub path. like http://host/nps need this.
#web_base_url=/nps
#Web API unauthenticated IP address(the len of auth_crypt_key must be 16)
#Remove comments if needed
auth_key=tomato
auth_crypt_key = xusenhao20001123
#allow_ports=9001-9009,10001,11000-12000
#Web management multi-user login
allow_user_login=false
allow_user_register=false
allow_user_change_username=false
#extension
allow_flow_limit=false
allow_rate_limit=false
allow_tunnel_num_limit=false
allow_local_proxy=false
allow_connection_num_limit=false
allow_multi_ip=false
system_info_display=false
#cache
http_cache=false
http_cache_length=100
#get origin ip
http_add_origin_header=false
#pprof debug options
#pprof_ip=0.0.0.0
#pprof_port=9999
#client disconnect timeout
disconnect_timeout=60
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nps
namespace: tomato-system
spec:
replicas: 1
selector:
matchLabels:
name: nps
template:
metadata:
labels:
name: nps
spec:
hostNetwork: true
containers:
- name: nps
image: ffdfgdfg/nps
imagePullPolicy: IfNotPresent
env:
- name: TZ
value: Asia/Shanghai
ports:
- containerPort: 4433
name: https
- containerPort: 8000
name: http
- containerPort: 8080
name: web
- containerPort: 8024
name: communication
volumeMounts:
- mountPath: /conf
name: conf
- mountPath: /conf/nps.conf
name: nps
subPath: nps.conf
volumes:
- name: conf
hostPath:
path: /data/nps/conf
- name: nps
configMap:
name: nps-configmap
items:
- key: nps.conf
path: nps.conf
---
apiVersion: v1
kind: Service
metadata:
name: nps # Service的名称,跟Endpoints名称保持一致
namespace: tomato-system
spec:
type: ClusterIP # Service的类型,需要对外提供服务的话,使用NodePort,如不需要外部访问,只限于内部访问,则使用ClusterIP
ports:
- name: nps # 端口名称,跟Endpoints的端口名称保持一致
port: 50000 #集群內部访问端口
protocol: TCP # 协议类型
sessionAffinity: None
---
apiVersion: v1
kind: Endpoints
metadata:
name: nps # Endpoints的名称,跟Service名称保持一致
namespace: tomato-system
subsets:
- addresses:
- ip: 10.0.24.15 # 需要被代理出去的服务器的IP,即我们上面部署了httpd服务的IP
ports:
- port: 50000 # httpd服务的端口
protocol: TCP # 协议类型,需要跟Service的保持一致
name: nps # 端口名称,跟Service的端口名称保持一致
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nps-ingress-https
namespace: tomato-system
annotations:
kubernetes.io/ingress.class: "nginx"
spec:
tls:
- hosts:
- nps.senhao.top
secretName: tls-secret
rules:
- host: nps.senhao.top
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: nps
port:
number: 50000Docker
bash
docker run -d --name nps --net=host --restart always -v <本机conf目录>:/conf ffdfgdfg/nps安装客服端(内网)
kubernetes
yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: npc
namespace: tomato-system
spec:
replicas: 1
selector:
matchLabels:
name: npc
template:
metadata:
labels:
name: npc
spec:
hostNetwork: true
containers:
- name: npc
image: ffdfgdfg/npc
imagePullPolicy: IfNotPresent
args:
- -server=nps.senhao.top:8024
- -vkey=axig07ag8jsuqrpj
- -type=tcp
env:
- name: TZ
value: Asia/ShanghaiDocker
访问信息
bash
docker run -d --name npc --net=host ffdfgdfg/npc --restart always -server=<ip:port> -vkey=<web界面中显示的密钥> <以及一些其他参数>代理工具
proxifier
下载地址:https://www.proxifier.com/
Windows 注册码: https://github.com/Danz17/Proxifier-Keygen