explaingit

fatedier/frp

Analysis updated 2026-06-20

106,277GoAudience · ops devopsComplexity · 3/5Setup · moderate

TLDR

frp is a fast reverse proxy written in Go that lets you expose a server running on your home or office network to the internet, bypassing firewalls and NAT, for TCP, UDP, HTTP, and HTTPS traffic.

Mindmap

mindmap
  root((frp))
    What it does
      Expose local servers
      Bypass NAT firewall
      Reverse proxy
    Protocols
      TCP and UDP
      HTTP and HTTPS
      KCP and QUIC
    Use Cases
      Remote SSH access
      Local web sharing
      DNS forwarding
    Features
      Dashboard UI
      Load balancing
      TLS encryption
      P2P mode
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Access your home computer over SSH from anywhere on the internet without opening router ports or changing firewall rules.

USE CASE 2

Expose a local web app or development environment through a public domain name with custom HTTP headers and HTTPS.

USE CASE 3

Share a single public port across multiple internal SSH services using TCP multiplexing and load balancing.

USE CASE 4

Route traffic privately in peer-to-peer mode without relaying it through a public relay server.

What is it built with?

Go

How does it compare?

fatedier/frpkubernetes/kubernetesgin-gonic/gin
Stars106,277122,08888,430
LanguageGoGoGo
Setup difficultymoderatehardeasy
Complexity3/55/52/5
Audienceops devopsops devopsdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · moderate Time to first run · 30min

Requires a public-facing server to run the frps server component, the frpc client runs on the machine you want to expose.

In plain English

frp is a fast reverse proxy written in Go. The README opens with a short definition: it lets you expose a local server that sits behind a NAT or firewall to the internet. It supports TCP and UDP traffic, as well as HTTP and HTTPS, so requests can be forwarded to internal services through a domain name. The project also offers a peer-to-peer connect mode for users who would rather not route all traffic through a public server. A Chinese translation of the README is provided as README_zh.md. The Development Status section explains where the project sits. The master branch holds the latest release, the dev branch holds work in progress, and a planned version 2 will not be compatible with version 1. The author notes that v2 turned out harder than expected, so v1 will continue to be optimized while v2 is worked on during fragmented time. The eventual v2 design is described as a modernized layer-4 and layer-7 proxy in the style of Envoy, intended as a general extensible proxy platform rather than only an intranet-penetration tool. The Features section in the table of contents is long. It lists configuration files, environment variable support, splitting configuration into multiple files, a server dashboard, a client admin UI with dynamic proxy management through a store, a Prometheus-based monitor, token and OIDC authentication, TLS encryption and compression, hot reloading of the client config, query of proxy status, a way to restrict which server ports can be used, port reuse, bandwidth limits, TCP stream multiplexing, KCP and QUIC protocol support, connection pooling, load balancing, service health checks, HTTP host header rewriting, custom HTTP headers, real client IP through X-Forwarded-For or Proxy Protocol, HTTP basic auth, custom subdomains, URL routing, TCP port multiplexing, an outbound proxy for the client, port range mapping, client and server-manage plugins, an SSH tunnel gateway, and a VirtualNet virtual network mode. Example Usage in the table of contents shows the typical use cases the README walks through. They include reaching a LAN computer over SSH, sharing one port across multiple SSH services, exposing internal web services through custom domains, forwarding DNS queries, forwarding Unix domain sockets, exposing a simple HTTP file server, adding HTTPS in front of a local HTTP service, exposing a service privately, and running in P2P mode. Later sections cover feature gates, related projects, contributing, and donations through GitHub Sponsors or PayPal.

Copy-paste prompts

Prompt 1
Set up frp to expose my local SSH server to the internet, show me the frps server config and the frpc client config I need.
Prompt 2
I want to expose a local web app on port 3000 through a public domain with HTTPS using frp, what do both config files look like?
Prompt 3
How do I add HTTP basic authentication in frp to protect a local service I'm exposing publicly?
Prompt 4
Walk me through frp peer-to-peer mode so direct traffic doesn't route through my relay server.

Frequently asked questions

What is frp?

frp is a fast reverse proxy written in Go that lets you expose a server running on your home or office network to the internet, bypassing firewalls and NAT, for TCP, UDP, HTTP, and HTTPS traffic.

What language is frp written in?

Mainly Go. The stack also includes Go.

How hard is frp to set up?

Setup difficulty is rated moderate, with roughly 30min to a first successful run.

Who is frp for?

Mainly ops devops.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Scan in gitsafehub Deploy in gitdeployhub fatedier on gitmyhub

Verify against the repo before relying on details.