File frp.changes of Package frp
-------------------------------------------------------------------
Thu Sep 25 16:15:18 UTC 2025 - Martin Hauke <mardnh@gmx.de>
- Update to version 0.65.0
Features
* Add NAT traversal configuration options for XTCP proxies and
visitors. Support disabling assisted addresses to avoid using
slow VPN connections during NAT hole punching.
* Enhanced OIDC client configuration with support for custom TLS
certificate verification and proxy settings. Added
trustedCaFile, insecureSkipVerify, and proxyURL options for
OIDC token endpoint connections.
* Added detailed Prometheus metrics with proxy_counts_detailed
metric that includes both proxy type and proxy name labels,
enabling monitoring of individual proxy connections instead of
just aggregate counts.
-------------------------------------------------------------------
Sat Sep 13 06:58:52 UTC 2025 - Martin Hauke <mardnh@gmx.de>
- Update to version 0.64.0
Features
* Support tokenSource for loading authentication tokens from
files.
Fixes
* Fix SSH tunnel gateway incorrectly binding to proxyBindAddr
instead of bindAddr, which caused external connections to
fail when proxyBindAddr was set to 127.0.0.1.
- Update to version 0.63.0
Features
* Support for YAML merge functionality (anchors and references
with dot-prefixed fields) in strict configuration mode without
requiring --strict-config=false parameter.
* Support for proxy protocol in UDP proxies to preserve real
client IP addresses.
-------------------------------------------------------------------
Fri Apr 18 09:57:49 UTC 2025 - Martin Hauke <mardnh@gmx.de>
- Update to version 0.62.0
Features
* Virtual Network (VirtualNet): Introduce experimental virtual
network capabilities (Alpha). This allows creating a TUN device
managed by frp, enabling Layer 3 connectivity between different
clients within the frp network. Requires root/admin privileges
and is currently supported on Linux and macOS. Configuration
is done via the virtualNet section and the virtual_net plugin.
Enable with feature gate VirtualNet. Note: As an Alpha feature,
configuration details may change in future releases.
- Update to version 0.61.2
Features
* Support metadatas and annotations in frpc proxy commands.
Fixes
* Properly release resources in service.Close() to prevent
resource leaks when used as a library.
- Update to version 0.61.1
Features
* tzdata is installed by default in the container image, and the
time zone can be set using the TZ environment variable.
* The quic-bind-port command line parameter is supported in frps,
which specifies the port for accepting frpc connections using
the QUIC protocol.
* The vhost HTTP proxy of frps supports the h2c protocol.
- Update to version 0.61.0
Features
* The frpc visitor command-line parameter adds the --server-user
option to specify the username of the server-side proxy to
connect to.
* Support multiple frpc instances with different subjects when
using oidc authentication.
- Update to version 0.60.0
Features
* Added a new plugin tls2raw: Enables TLS termination and
forwarding of decrypted raw traffic to local service.
* Added a default timeout of 30 seconds for the frpc subcommands
to prevent commands from being stuck for a long time due to
network issues.
Fixes
* Fixed the issue that when loginFailExit = false, the frpc stop
command cannot be stopped correctly if the server is not
successfully connected after startup.
- Update to version 0.59.0
Features
* Added a new plugin "http2http" which allows forwarding HTTP
requests to another HTTP server, supporting options like local
address binding, host header rewrite, and custom request headers.
* Added enableHTTP2 option to control whether to enable HTTP/2 in
plugin https2http and https2https, default is true.
Changes
* Plugin https2http & https2https: return 421 Misdirected Request
if host not match sni.
- Update to version 0.58.1
Fixes
* Fixed an issue where HTTP/2 was not enabled for https2http and
https2https plugins.
* Fixed the issue where the default values of INI configuration
parameters are inconsistent with other configuration formats.
Changes
* Updated the default value of transport.tcpMuxKeepaliveInterval
from 60 to 30.
- Update to version 0.58.0
Features
* Show tcpmux proxies on the frps dashboard.
* http proxy can modify the response header. For example,
responseHeaders.set.foo = "bar" will add a new header foo: bar
to the response.
Fixes
* When an HTTP proxy request times out, it returns 504 instead
of 404 now.
- Update to version 0.57.0
Features
* https2http and https2https plugin now supports X-Forwared-For
header.
Fixes
* X-Forwared-For header is now correctly set in the request to
the backend server for proxy type http
- Update to version 0.56.0
Features
* Support range ports mapping in TOML/YAML/JSON configuration
file by using go template syntax.
* Health check supports custom request headers.
Fixes
* Fix the issue of incorrect interval time for rotating the log
by day.
* Disable quic-go's ECN support by default. It may cause issues
on certain operating systems.
- Update to version 0.55.0
Features
* Proxy supports configuring annotations, which will be displayed
in the frps dashboard.
Changes
* Removed dependencies on the forked version of kcp-go and beego
log, kcp-go now uses the upstream version, and golib/log
replaces beego log.
- Update to version 0.54.0
Features
* The Refresh and ClearOfflineProxies buttons have been added to
the Dashboard of frps.
Fixes
* The host/domain matching in the routing rules has been changed
to be case-insensitive.
- Update to version 0.53.2
Fixes
* frpc has a certain chance to panic when login: close of closed
channel.
- Update to version 0.53.0
Features
* The new command line parameter --strict_config has been added
to enable strict configuration validation mode. It will throw
an error for unknown fields instead of ignoring them. In future
versions, we will set the default value of this parameter to
true to avoid misconfigurations.
* Support SSH reverse tunneling. With this feature, you can
expose your local service without running frpc, only using SSH.
The SSH reverse tunnel agent has many functional limitations
compared to the frpc agent. The currently supported proxy types
are tcp, http, https, tcpmux, and stcp.
* The frpc tcpmux command line parameters have been updated to
support configuring http_user and http_pwd.
* The frpc stcp/sudp/xtcp command line parameters have been
updated to support configuring allow_users.
Fixes
* frpc: Return code 1 when the first login attempt fails and
exits.
* When auth.method is oidc and auth.additionalScopes contains
HeartBeats, if obtaining AccessToken fails, the application
will be unresponsive.
- Update to version 0.52.3
Fixes
* admin_user is not effective in the INI configuration.
- Update to version 0.52.2
Fixes
* Encryption and compression are not displayed correctly in the
dashboard.
- Update to version 0.52.1
Fixes
* transport.tls.disableCustomTLSFirstByte doesn't have any effect
* The Server API did not return the data correctly.
* The Dashboard is unable to display data.
* natHoleStunServer is missing a default value.
- Update to version 0.52.0
Features
* Configuration: We now support TOML, YAML, and JSON for
configuration. Please note that INI is deprecated and will be
removed in future releases. New features will only be available
in TOML, YAML, or JSON. Users wanting these new features should
switch their configuration format accordingly.
Breaking Changes
* Change the way to start the visitor through the command line
from frpc stcp --role=visitor xxx to frpc stcp visitor xxx.
* Modified the semantics of the server_addr in the command line,
no longer including the port. Added the server_port parameter
to configure the port.
* No longer support range ports mapping in TOML/YAML/JSON.
-------------------------------------------------------------------
Sun Jul 9 15:07:02 UTC 2023 - Martin Hauke <mardnh@gmx.de>
- Update to version 0.51.0
Features
* frpc supports connecting to frps via the wss protocol by
enabling the configuration protocol = wss.
* frpc supports stopping the service through the stop command.
Improvements
service.Run supports passing in context.
Fixes
* Fix an issue caused by a bug in yamux that prevents wss from
working properly in certain plugins.
- Update to version 0.50.0
Features
* Added support for allow_users in stcp, sudp, xtcp. By default,
only the same user is allowed to access. Use * to allow access
from any user. The visitor configuration now supports
server_user to connect to proxies of other users.
* Added fallback support to a specified alternative visitor when
xtcp connection fails.
Improvements
* Increased the default value of MaxStreamWindowSize for yamux
to 6MB, improving traffic forwarding rate in high-latency
scenarios.
Fixes
* Fixed an issue where having proxies with the same name would
cause previously working proxies to become ineffective in xtcp.
- Update to version 0.49.0
New
* The frpc has added the nathole discover command for testing the
NAT type of the current network.
* XTCP has been refactored, resulting in a significant
improvement in the success rate of penetration.
* When verifying passwords, use subtle.ConstantTimeCompare and
introduce a certain delay when the password is incorrect.
Fix
* Fix the problem of lagging when opening multiple table entries
in the frps dashboard.
-------------------------------------------------------------------
Wed Mar 8 07:23:00 UTC 2023 - Martin Hauke <mardnh@gmx.de>
- Update to version 0.48.0
New
* The httpconnect type in tcpmux now supports authentication
through the parameters http_user and http_pwd.
Improved
* The web framework has been upgraded to vue3 + element-plus,
and the dashboard has added some information display and
supports dark mode.
* The e2e testing has been switched to ginkgo v2.
- Update to version 0.47.1
New
* Added config bandwidth_limit_mode in frpc, default value is
client which is current behavior. Optional value is server,
to enable bandwidth limit in server. The major aim is to let
server plugin has the ability to modify bandwidth limit for
each proxy.
Improve
* dns_server supports ipv6.
* frpc supports graceful shutdown for protocol quic.
-------------------------------------------------------------------
Sun Jan 15 10:17:08 UTC 2023 - Martin Hauke <mardnh@gmx.de>
- Update to version 0.46.1
Fixes
* Server Plugin sends incorrect op name for NewWorkConn.
* QUIC stream leak.
- Update to version 0.46.0
New
* Add oidc_scope parameter to frpc when authentication_method
is oidc.
* Support quic protocol between frpc and frps.
Improve
* Upgrade oidc and oauth2 package which is forward compatible.
- Update to version 0.45.0
Improve
* Adjust http group load balancing to forward requests to each
frpc proxy round robin. Previous behavior is always forwarding
requests to a single proxy in the case of single concurrency.
- Update to version 0.44.0
New
* Use auto generated certificates if plugin_key_path and
plugin_crt_path are empty for plugin https2https and https2http
* Server dashboard supports TLS configs.
Fix
* xtcp error with IPv6 address.
-------------------------------------------------------------------
Fri May 27 08:45:44 UTC 2022 - Martin Hauke <mardnh@gmx.de>
- Update to version 0.43.0
* Added route_by_http_user in http and tcpmux proxy to support
route to different clients by HTTP basic auth user.
* CONNECT method can be forwarded in http type proxy.
* Added tcpmux_passthrough in tcpmux proxy. If true, CONNECT
request will be forwarded to frpc.
-------------------------------------------------------------------
Mon Apr 25 14:51:11 UTC 2022 - Martin Hauke <mardnh@gmx.de>
- Initial package, version 0.42.0
