← All open source projects

frp

fatedier/frp

frp is a fast reverse proxy for exposing local services behind NAT or a firewall through an external server.

GitHub · 107,163 stars
Forks 15,061
Author fatedier
Language Go
License Apache-2.0
Synced 2026-06-07

What it is

frp is a fast reverse proxy. It is used when a service runs inside a local network or behind NAT, but needs outside access through TCP, UDP, HTTP, or HTTPS. The setup has two parts: frps runs on a machine with a public address, while frpc runs near the internal service.

The project supports many modes: SSH forwarding, access to internal web services by domain, several SSH services sharing a port, private access, P2P mode, monitoring, port restrictions, TLS, health checks, and more.

How it appeared and why it stuck

Many developers and administrators face the same task: a service exists inside a network, but a router, provider, or corporate network blocks direct inbound access. frp became popular because it solves that without heavy network infrastructure.

It is written in Go and distributed as standalone executables. That makes it convenient for servers, home labs, temporary demos, test environments, and internal tools.

What is inside

The repository contains the server and client, TOML configuration documentation, examples for different protocols, status dashboards, authentication, monitoring, and notes about the future v2 architecture.

The client and server model

This example shows the basic model: the public server listens on a port, and the client describes which local service should be forwarded.

Language: Plain text 
# frps.toml
bindPort = 7000

# frpc.toml
serverAddr = "203.0.113.10"
serverPort = 7000

[[proxies]]
name = "ssh"
type = "tcp"
localIP = "127.0.0.1"
localPort = 22
remotePort = 6000

Where it helps

frp helps with access to a home server, webhook debugging, showing a local service, reaching an internal panel, or creating a temporary tunnel to a test environment. Authentication should be configured carefully and unnecessary ports should not be exposed.

For permanent public infrastructure, frp does not always replace a full network architecture. Load balancers, VPNs, access rules, observability, and audit may still be needed.

Strengths and limits

The strength is a clear model and rich features without a heavy platform. Server, client, and configuration cover many practical tasks.

The limitation is that security remains the owner’s responsibility. A service exposed to the outside must be protected as carefully as any other public entry point.