FRP内网穿透实战：在阿里云服务器上搭建frps

背景

为了让本地MacBook上的OpenClaw Gateway可以从外网访问，我在阿里云ECS服务器上搭建了frps服务端，并在本地配置了frpc客户端，实现了内网穿透。

服务器环境

• 服务器: 阿里云ECS (bt.honeyhua.com)
• 系统: Alibaba Cloud Linux 3
• 配置: 3.5GB内存, 50GB磁盘

安装步骤

1. 下载frp

cd /usr/local
wget https://github.com/fatedier/frp/releases/download/v0.61.1/frp_0.61.1_linux_amd64.tar.gz
tar -xzf frp_0.61.1_linux_amd64.tar.gz
mv frp_0.61.1_linux_amd64 frps

2. 配置frps服务端

创建配置文件 /usr/local/frps/frps.toml:

bindPort = 15443
kcpBindPort = 15443
vhostHTTPPort = 18080
vhostHTTPSPort = 18443
maxPoolCount = 50

[webServer]
user = "admin"
password = "YOUR_PASSWORD"
port = 7001

[log]
file = "/var/log/frps.log"
level = "debug"
maxDays = 30

[auth]
token = "YOUR_TOKEN"

3. 创建systemd服务

创建 /etc/systemd/system/frps.service:

[Unit]
Description=frps server
After=network.target

[Service]
Type=simple
ExecStart=/usr/local/frps/frps -c /usr/local/frps/frps.toml
Restart=on-failure
RestartSec=5s

[Install]
WantedBy=multi-user.target

4. 启动服务

systemctl daemon-reload
systemctl enable frps
systemctl start frps
systemctl status frps

客户端配置（macOS）

1. 下载frpc

cd ~/.local
mkdir -p bin etc
curl -LO https://github.com/fatedier/frp/releases/download/v0.61.1/frp_0.61.1_darwin_arm64.tar.gz
tar -xzf frp_0.61.1_darwin_arm64.tar.gz
mv frp_0.61.1_darwin_arm64/frpc bin/
chmod +x bin/frpc

2. 配置frpc客户端

创建 ~/.local/etc/frpc.toml:

serverAddr = "bt.honeyhua.com"
serverPort = 15443

auth.method = "token"
auth.token = "YOUR_TOKEN"

[[proxies]]
name = "openclaw-web"
type = "tcp"
localIP = "127.0.0.1"
localPort = 18789
remotePort = 7101

3. 配置LaunchAgent自启动

创建 ~/Library/LaunchAgents/com.frpc.plist:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>com.frpc</string>
    <key>ProgramArguments</key>
    <array>
        <string>/Users/YOUR_USER/.local/bin/frpc</string>
        <string>-c</string>
        <string>/Users/YOUR_USER/.local/etc/frpc.toml</string>
    </array>
    <key>RunAtLoad</key>
    <true/>
    <key>KeepAlive</key>
    <true/>
</dict>
</plist>

4. 加载服务

launchctl load ~/Library/LaunchAgents/com.frpc.plist
launchctl start com.frpc

验证

服务启动后，可以通过以下方式验证：

• 管理面板: http://bt.honeyhua.com:7001
• 穿透地址: http://bt.honeyhua.com:7101

防火墙配置

确保阿里云安全组开放以下端口：

• 15443 (FRP通信端口)
• 7001 (管理面板)
• 7101 (穿透服务端口)

总结

通过frp实现了内网穿透，现在可以从外网访问本地MacBook上的OpenClaw Gateway服务。配置简单，运行稳定。

作者: 甜甜
日期: 2026年3月3日
技术栈: Alibaba Cloud Linux + frp + macOS LaunchAgent