npc内网穿透

备注：使用npc工具做内网穿透需要一台带公网的服务器作为服务端，在带公网IP的服务器为服务端，安装nps服务。在内网服务器安装npc客户端
安装使用地址：https://ehang-io.github.io/nps/#/
下载地址：https://github.com/ehang-io/nps/releases

服务端：
1、环境：

[root@node1 nps]# cat /etc/redhat-release 
CentOS Linux release 7.6.1810 (Core) 
[root@node1 nps]# ifconfig
ens33: flags=4163  mtu 1500
        inet 192.168.197.128  netmask 255.255.255.0  broadcast 192.168.197.255
        inet6 fe80::ee5:4c6d:f973:c929  prefixlen 64  scopeid 0x20
        ether 00:0c:29:9c:a8:80  txqueuelen 1000  (Ethernet)
        RX packets 21282  bytes 19274859 (18.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 8936  bytes 3000202 (2.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
1
2
3
4
5
6
7
8
9
10
11

2、下载服务端压缩包并解压（带公网IP的服务器）

[root@node1 nps]# mkdir /opt/nps
[root@node1 nps]# tar xf  linux_amd64_server.tar.gz
[root@node1 nps]# ls
conf  linux_amd64_server.tar.gz  nps  web
1
2
3
4

3、编辑配置文件（主要修改#web中的参数，其他都不变）

[root@node1 nps]# cat conf/nps.conf 
appname = nps
#Boot mode(dev|pro)
runmode = dev

#HTTP(S) proxy port, no startup if empty
http_proxy_ip=0.0.0.0
http_proxy_port=80
https_proxy_port=443
https_just_proxy=true
#default https certificate setting
https_default_cert_file=conf/server.pem
https_default_key_file=conf/server.key

##bridge
bridge_type=tcp
bridge_port=8024
bridge_ip=0.0.0.0

# Public password, which clients can use to connect to the server
# After the connection, the server will be able to open relevant ports and parse related domain names according to its own configuration file.
public_vkey=123

#Traffic data persistence interval(minute)
#Ignorance means no persistence
#flow_store_interval=1

# log level LevelEmergency->0  LevelAlert->1 LevelCritical->2 LevelError->3 LevelWarning->4 LevelNotice->5 LevelInformational->6 LevelDebug->7
log_level=7
#log_path=nps.log

#Whether to restrict IP access, true or false or ignore
#ip_limit=true

#p2p
#p2p_ip=127.0.0.1
#p2p_port=6000

#web
web_host=a.o.com
web_username=admin
web_password=123456
web_port = 8080
web_ip=0.0.0.0
web_base_url=
web_open_ssl=false
web_cert_file=conf/server.pem
web_key_file=conf/server.key
# if web under proxy use sub path. like http://host/nps need this.
#web_base_url=/nps

#Web API unauthenticated IP address(the len of auth_crypt_key must be 16)
#Remove comments if needed
#auth_key=test
auth_crypt_key =1234567812345678

#allow_ports=9001-9009,10001,11000-12000

#Web management multi-user login
allow_user_login=false
allow_user_register=false
allow_user_change_username=false


#extension
allow_flow_limit=false
allow_rate_limit=false
allow_tunnel_num_limit=false
allow_local_proxy=false
allow_connection_num_limit=false
allow_multi_ip=false
system_info_display=false

#cache
http_cache=false
http_cache_length=100

#get origin ip
http_add_origin_header=false

#pprof debug options
#pprof_ip=0.0.0.0
#pprof_port=9999

#client disconnect timeout
disconnect_timeout=60
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86

4、安装并启动

[root@node1 nps]#  ./nps install
[root@node1 nps]#  ./nps start
1
2

5、web页面访问：
用户名和密码是nps.conf配置文件中指定的web字段中的username和password

6、添加客户端（客户端—>新增）
新增客户端可按需填写，方便自己后续识别

7、添加客户端后展示列表

8、添加隧道模式
备注：客户端id是前面添加的客户端的id号，服务端端口可根据自己需求随意填写，目标是内网的IP+端口号

客户端
1、github中下载客户端压缩包并解压

[root@node2 npc]# pwd
/opt/npc
[root@node2 npc]# ls
conf  linux_amd64_client.tar.gz  npc
1
2
3
4

2、启动
备注启动命令就是浏览器中配置的客户端

[root@node2 npc]# ./npc -server=192.168.197.128:8024 -vkey=12345 -type=tcp 
2022/08/29 16:27:00.050 [I] [npc.go:231]  the version of client is 0.26.10, the core version of client is 0.26.0
2022/08/29 16:27:00.053 [I] [client.go:72]  Successful connection with server 192.168.197.128:8024
1
2
3

测试连接
直接通过服务端的ip连接到内网服务器中



以上只是通过tcp隧道直接连接到内网服务器，npc还可以通过udp等其他方式连接内网服务器