Merge 5d8710561958ecbbbf4d0c07c1e34b40781d6976 into f3a71bc08f0e606ff407638a34ddf09ecffe2364

see also:

https://github.com/fatedier/frp/issues/1823
https://github.com/fatedier/frp/issues/3703

.golangci.yml

@@ -86,12 +86,8 @@ linters-settings:
     severity: "low"
     confidence: "low"
     excludes:
-    - G102
-    - G112
-    - G306
     - G401
     - G402
-    - G404
     - G501
 
 issues:

Release.md

@@ -1 +1,7 @@
 ### Features
+
+* Show tcpmux proxies on the frps dashboard.
+
+### Fixes
+
+* When an HTTP proxy request times out, it returns 504 instead of 404 now.

assets/frps/static/index.html

@@ -4,7 +4,7 @@
 <head>
     <meta charset="utf-8">
     <title>frps dashboard</title>
-  <script type="module" crossorigin src="./index-Q42Pu2_S.js"></script>
+  <script type="module" crossorigin src="./index-82-40HIG.js"></script>
   <link rel="stylesheet" crossorigin href="./index-rzPDshRD.css">
 </head>
 

client/admin_api.go

@@ -253,7 +253,7 @@ func (svr *Service) apiPutConfig(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if err := os.WriteFile(svr.configFilePath, body, 0o644); err != nil {
+	if err := os.WriteFile(svr.configFilePath, body, 0o600); err != nil {
 		res.Code = 500
 		res.Msg = fmt.Sprintf("write content to frpc config file error: %v", err)
 		log.Warnf("%s", res.Msg)

client/connector.go

@@ -24,7 +24,7 @@ import (
 	"sync"
 	"time"
 
-	libdial "github.com/fatedier/golib/net/dial"
+	libnet "github.com/fatedier/golib/net"
 	fmux "github.com/hashicorp/yamux"
 	quic "github.com/quic-go/quic-go"
 	"github.com/samber/lo"
@@ -169,44 +169,44 @@ func (c *defaultConnectorImpl) realConnect() (net.Conn, error) {
 		}
 	}
 
-	proxyType, addr, auth, err := libdial.ParseProxyURL(c.cfg.Transport.ProxyURL)
+	proxyType, addr, auth, err := libnet.ParseProxyURL(c.cfg.Transport.ProxyURL)
 	if err != nil {
 		xl.Errorf("fail to parse proxy url")
 		return nil, err
 	}
-	dialOptions := []libdial.DialOption{}
+	dialOptions := []libnet.DialOption{}
 	protocol := c.cfg.Transport.Protocol
 	switch protocol {
 	case "websocket":
 		protocol = "tcp"
-		dialOptions = append(dialOptions, libdial.WithAfterHook(libdial.AfterHook{Hook: netpkg.DialHookWebsocket(protocol, "")}))
-		dialOptions = append(dialOptions, libdial.WithAfterHook(libdial.AfterHook{
+		dialOptions = append(dialOptions, libnet.WithAfterHook(libnet.AfterHook{Hook: netpkg.DialHookWebsocket(protocol, "")}))
+		dialOptions = append(dialOptions, libnet.WithAfterHook(libnet.AfterHook{
 			Hook: netpkg.DialHookCustomTLSHeadByte(tlsConfig != nil, lo.FromPtr(c.cfg.Transport.TLS.DisableCustomTLSFirstByte)),
 		}))
-		dialOptions = append(dialOptions, libdial.WithTLSConfig(tlsConfig))
+		dialOptions = append(dialOptions, libnet.WithTLSConfig(tlsConfig))
 	case "wss":
 		protocol = "tcp"
-		dialOptions = append(dialOptions, libdial.WithTLSConfigAndPriority(100, tlsConfig))
+		dialOptions = append(dialOptions, libnet.WithTLSConfigAndPriority(100, tlsConfig))
 		// Make sure that if it is wss, the websocket hook is executed after the tls hook.
-		dialOptions = append(dialOptions, libdial.WithAfterHook(libdial.AfterHook{Hook: netpkg.DialHookWebsocket(protocol, tlsConfig.ServerName), Priority: 110}))
+		dialOptions = append(dialOptions, libnet.WithAfterHook(libnet.AfterHook{Hook: netpkg.DialHookWebsocket(protocol, tlsConfig.ServerName), Priority: 110}))
 	default:
-		dialOptions = append(dialOptions, libdial.WithAfterHook(libdial.AfterHook{
+		dialOptions = append(dialOptions, libnet.WithAfterHook(libnet.AfterHook{
 			Hook: netpkg.DialHookCustomTLSHeadByte(tlsConfig != nil, lo.FromPtr(c.cfg.Transport.TLS.DisableCustomTLSFirstByte)),
 		}))
-		dialOptions = append(dialOptions, libdial.WithTLSConfig(tlsConfig))
+		dialOptions = append(dialOptions, libnet.WithTLSConfig(tlsConfig))
 	}
 
 	if c.cfg.Transport.ConnectServerLocalIP != "" {
-		dialOptions = append(dialOptions, libdial.WithLocalAddr(c.cfg.Transport.ConnectServerLocalIP))
+		dialOptions = append(dialOptions, libnet.WithLocalAddr(c.cfg.Transport.ConnectServerLocalIP))
 	}
 	dialOptions = append(dialOptions,
-		libdial.WithProtocol(protocol),
-		libdial.WithTimeout(time.Duration(c.cfg.Transport.DialServerTimeout)*time.Second),
-		libdial.WithKeepAlive(time.Duration(c.cfg.Transport.DialServerKeepAlive)*time.Second),
-		libdial.WithProxy(proxyType, addr),
-		libdial.WithProxyAuth(auth),
+		libnet.WithProtocol(protocol),
+		libnet.WithTimeout(time.Duration(c.cfg.Transport.DialServerTimeout)*time.Second),
+		libnet.WithKeepAlive(time.Duration(c.cfg.Transport.DialServerKeepAlive)*time.Second),
+		libnet.WithProxy(proxyType, addr),
+		libnet.WithProxyAuth(auth),
 	)
-	conn, err := libdial.DialContext(
+	conn, err := libnet.DialContext(
 		c.ctx,
 		net.JoinHostPort(c.cfg.ServerAddr, strconv.Itoa(c.cfg.ServerPort)),
 		dialOptions...,

client/proxy/proxy.go

@@ -25,7 +25,7 @@ import (
 	"time"
 
 	libio "github.com/fatedier/golib/io"
-	libdial "github.com/fatedier/golib/net/dial"
+	libnet "github.com/fatedier/golib/net"
 	pp "github.com/pires/go-proxyproto"
 	"golang.org/x/time/rate"
 
@@ -197,9 +197,9 @@ func (pxy *BaseProxy) HandleTCPWorkConnection(workConn net.Conn, m *msg.StartWor
 		return
 	}
 
-	localConn, err := libdial.Dial(
+	localConn, err := libnet.Dial(
 		net.JoinHostPort(baseCfg.LocalIP, strconv.Itoa(baseCfg.LocalPort)),
-		libdial.WithTimeout(10*time.Second),
+		libnet.WithTimeout(10*time.Second),
 	)
 	if err != nil {
 		workConn.Close()

client/proxy/xtcp.go

@@ -28,6 +28,7 @@ import (
 	v1 "github.com/fatedier/frp/pkg/config/v1"
 	"github.com/fatedier/frp/pkg/msg"
 	"github.com/fatedier/frp/pkg/nathole"
+	"github.com/fatedier/frp/pkg/nathole/upnp"
 	"github.com/fatedier/frp/pkg/transport"
 	netpkg "github.com/fatedier/frp/pkg/util/net"
 )
@@ -53,6 +54,23 @@ func NewXTCPProxy(baseProxy *BaseProxy, cfg v1.ProxyConfigurer) Proxy {
 	}
 }
 
+func (pxy *XTCPProxy) makeRouterToNatThisHole(remoteGetAddrs []string, localIps []string, localAddr net.Addr) {
+
+	xl := pxy.xl
+	if !pxy.cfg.AllowToUseUPNP {
+		xl.Tracef("makeRouterToNatThisHole: upnp disabled")
+		return
+	}
+
+	description := pxy.cfg.UPNPPortMappingDescription
+	if description == "" {
+		description = upnp.DEFAULT_UPNP_PROGRAM_DESCRIPTION
+	}
+
+	upnp.AskForMapping(xl, remoteGetAddrs, localIps, localAddr, description)
+
+}
+
 func (pxy *XTCPProxy) InWorkConn(conn net.Conn, startWorkConnMsg *msg.StartWorkConn) {
 	xl := pxy.xl
 	defer conn.Close()
@@ -64,7 +82,7 @@ func (pxy *XTCPProxy) InWorkConn(conn net.Conn, startWorkConnMsg *msg.StartWorkC
 	}
 
 	xl.Tracef("nathole prepare start")
-	prepareResult, err := nathole.Prepare([]string{pxy.clientCfg.NatHoleSTUNServer})
+	prepareResult, err := nathole.Prepare([]string{pxy.clientCfg.NatHoleSTUNServer}, pxy.makeRouterToNatThisHole)
 	if err != nil {
 		xl.Warnf("nathole prepare error: %v", err)
 		return

client/visitor/xtcp.go

@@ -32,6 +32,7 @@ import (
 	v1 "github.com/fatedier/frp/pkg/config/v1"
 	"github.com/fatedier/frp/pkg/msg"
 	"github.com/fatedier/frp/pkg/nathole"
+	"github.com/fatedier/frp/pkg/nathole/upnp"
 	"github.com/fatedier/frp/pkg/transport"
 	netpkg "github.com/fatedier/frp/pkg/util/net"
 	"github.com/fatedier/frp/pkg/util/util"
@@ -261,6 +262,23 @@ func (sv *XTCPVisitor) getTunnelConn() (net.Conn, error) {
 	return nil, err
 }
 
+func (sv *XTCPVisitor) makeRouterToNatThisHole(remoteGetAddrs []string, localIps []string, localAddr net.Addr) {
+
+	xl := xlog.FromContextSafe(sv.ctx)
+	if !sv.cfg.AllowToUseUPNP {
+		xl.Tracef("makeRouterToNatThisHole: upnp disabled")
+		return
+	}
+
+	description := sv.cfg.UPNPPortMappingDescription
+	if description == "" {
+		description = upnp.DEFAULT_UPNP_PROGRAM_DESCRIPTION
+	}
+
+	upnp.AskForMapping(xl, remoteGetAddrs, localIps, localAddr, description)
+
+}
+
 // 0. PreCheck
 // 1. Prepare
 // 2. ExchangeInfo
@@ -275,7 +293,7 @@ func (sv *XTCPVisitor) makeNatHole() {
 	}
 
 	xl.Tracef("nathole prepare start")
-	prepareResult, err := nathole.Prepare([]string{sv.clientCfg.NatHoleSTUNServer})
+	prepareResult, err := nathole.Prepare([]string{sv.clientCfg.NatHoleSTUNServer}, sv.makeRouterToNatThisHole)
 	if err != nil {
 		xl.Warnf("nathole prepare error: %v", err)
 		return

conf/frpc_full_example.toml

@@ -336,6 +336,9 @@ localPort = 22
 # If not empty, only visitors from specified users can connect.
 # Otherwise, visitors from same user can connect. '*' means allow all users.
 allowUsers = ["user1", "user2"]
+# allow to use upnp to map this port
+allowToUseUPNP = false
+upnpPortMappingDescription = "helper-port-mapping"
 
 # frpc role visitor -> frps -> frpc role server
 [[visitors]]
@@ -368,3 +371,5 @@ maxRetriesAnHour = 8
 minRetryInterval = 90
 # fallbackTo = "stcp_visitor"
 # fallbackTimeoutMs = 500
+allowToUseUPNP = false
+upnpPortMappingDescription = "helper-port-mapping"

go.mod

@@ -5,7 +5,7 @@ go 1.22
 require (
 	github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5
 	github.com/coreos/go-oidc/v3 v3.10.0
-	github.com/fatedier/golib v0.4.3
+	github.com/fatedier/golib v0.5.0
 	github.com/google/uuid v1.6.0
 	github.com/gorilla/mux v1.8.1
 	github.com/gorilla/websocket v1.5.0
@@ -46,7 +46,9 @@ require (
 	github.com/golang/snappy v0.0.4 // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 // indirect
+	github.com/huin/goupnp v1.3.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
+	github.com/jackpal/gateway v1.0.14 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.6 // indirect
 	github.com/klauspost/reedsolomon v1.12.0 // indirect
 	github.com/kr/text v0.2.0 // indirect
@@ -60,6 +62,7 @@ require (
 	github.com/prometheus/common v0.48.0 // indirect
 	github.com/prometheus/procfs v0.12.0 // indirect
 	github.com/rogpeppe/go-internal v1.11.0 // indirect
+	github.com/stretchr/objx v0.5.0 // indirect
 	github.com/templexxx/cpu v0.1.0 // indirect
 	github.com/templexxx/xorsimd v0.4.2 // indirect
 	github.com/tidwall/match v1.1.1 // indirect

go.sum

@@ -24,8 +24,8 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
-github.com/fatedier/golib v0.4.3 h1:eOcDBZauYqoNKwnJY9xWWa1pu7ff/JPZBizXeZOtj7k=
-github.com/fatedier/golib v0.4.3/go.mod h1:W6kIYkIFxHsTzbgqg5piCxIiDo4LzwgTY6R5W8l9NFQ=
+github.com/fatedier/golib v0.5.0 h1:hNcH7hgfIFqVWbP+YojCCAj4eO94pPf4dEF8lmq2jWs=
+github.com/fatedier/golib v0.5.0/go.mod h1:W6kIYkIFxHsTzbgqg5piCxIiDo4LzwgTY6R5W8l9NFQ=
 github.com/fatedier/yamux v0.0.0-20230628132301-7aca4898904d h1:ynk1ra0RUqDWQfvFi5KtMiSobkVQ3cNc0ODb8CfIETo=
 github.com/fatedier/yamux v0.0.0-20230628132301-7aca4898904d/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ=
 github.com/go-jose/go-jose/v4 v4.0.1 h1:QVEPDE3OluqXBQZDcnNvQrInro2h0e4eqNbnZSWqS6U=
@@ -66,9 +66,13 @@ github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
 github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
 github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
 github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
+github.com/huin/goupnp v1.3.0 h1:UvLUlWDNpoUdYzb2TCn+MuTWtcjXKSza2n6CBdQ0xXc=
+github.com/huin/goupnp v1.3.0/go.mod h1:gnGPsThkYa7bFi/KWmEysQRf48l2dvR5bxr2OFckNX8=
 github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
+github.com/jackpal/gateway v1.0.14 h1:6ZfIuFvnvWrS59hHbvZGR/R33ojV2LASBODomt7zlJU=
+github.com/jackpal/gateway v1.0.14/go.mod h1:6c8LjW+FVESFmwxaXySkt7fU98Yv806ADS3OY6Cvh2U=
 github.com/klauspost/cpuid/v2 v2.2.6 h1:ndNyv040zDGIDh8thGkXYjnFtiN02M1PVVF+JE/48xc=
 github.com/klauspost/cpuid/v2 v2.2.6/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws=
 github.com/klauspost/reedsolomon v1.12.0 h1:I5FEp3xSwVCcEh3F5A7dofEfhXdF/bWhQWPH+XwBFno=
@@ -127,6 +131,7 @@ github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
 github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
@@ -194,6 +199,7 @@ golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=

pkg/config/v1/common.go

@@ -134,3 +134,8 @@ type HTTPHeader struct {
 	Name  string `json:"name"`
 	Value string `json:"value"`
 }
+
+type XTCPConfigUPNPMixin struct {
+	AllowToUseUPNP             bool   `json:"allowToUseUPNP,omitempty"`
+	UPNPPortMappingDescription string `json:"upnpPortMappingDescription,omitempty"`
+}

pkg/config/v1/proxy.go

@@ -411,6 +411,8 @@ type XTCPProxyConfig struct {
 
 	Secretkey  string   `json:"secretKey,omitempty"`
 	AllowUsers []string `json:"allowUsers,omitempty"`
+
+	XTCPConfigUPNPMixin
 }
 
 func (c *XTCPProxyConfig) MarshalToMsg(m *msg.NewProxy) {

pkg/config/v1/visitor.go

@@ -153,6 +153,8 @@ type XTCPVisitorConfig struct {
 	MinRetryInterval  int    `json:"minRetryInterval,omitempty"`
 	FallbackTo        string `json:"fallbackTo,omitempty"`
 	FallbackTimeoutMs int    `json:"fallbackTimeoutMs,omitempty"`
+
+	XTCPConfigUPNPMixin
 }
 
 func (c *XTCPVisitorConfig) Complete(g *ClientCommonConfig) {

pkg/nathole/nathole.go

@@ -107,8 +107,12 @@ func PreCheck(
 	return nil
 }
 
+type OnGetMyRemoteAddress func(remoteGetAddrs []string, localIps []string, localAddr net.Addr)
+
 // Prepare is used to do some preparation work before penetration.
-func Prepare(stunServers []string) (*PrepareResult, error) {
+func Prepare(stunServers []string,
+	callback OnGetMyRemoteAddress,
+) (*PrepareResult, error) {
 	// discover for Nat type
 	addrs, localAddr, err := Discover(stunServers, "")
 	if err != nil {
@@ -119,6 +123,11 @@ func Prepare(stunServers []string) (*PrepareResult, error) {
 	}
 
 	localIPs, _ := ListLocalIPsForNatHole(10)
+
+	if callback != nil {
+		callback(addrs, localIPs, localAddr)
+	}
+
 	natFeature, err := ClassifyNATFeature(addrs, localIPs)
 	if err != nil {
 		return nil, fmt.Errorf("classify nat feature error: %v", err)

pkg/nathole/upnp/upnp.go

@@ -0,0 +1,173 @@
+package upnp
+
+import (
+	"context"
+
+	"errors"
+	"github.com/fatedier/frp/pkg/util/xlog"
+	"golang.org/x/sync/errgroup"
+	"net"
+	"net/netip"
+	"time"
+
+	"github.com/huin/goupnp/dcps/internetgateway2"
+	"github.com/jackpal/gateway"
+)
+
+const DEFAULT_UPNP_PROGRAM_DESCRIPTION = "helper-port-mapping"
+
+type RouterClient interface {
+	AddPortMapping(
+		NewRemoteHost string,
+		NewExternalPort uint16,
+		NewProtocol string,
+		NewInternalPort uint16,
+		NewInternalClient string,
+		NewEnabled bool,
+		NewPortMappingDescription string,
+		NewLeaseDuration uint32,
+	) (err error)
+
+	GetExternalIPAddress() (
+		NewExternalIPAddress string,
+		err error,
+	)
+}
+
+func PickRouterClient(ctx context.Context) (RouterClient, error) {
+	tasks, _ := errgroup.WithContext(ctx)
+	// Request each type of client in parallel, and return what is found.
+	var ip1Clients []*internetgateway2.WANIPConnection1
+	tasks.Go(func() error {
+		var err error
+		ip1Clients, _, err = internetgateway2.NewWANIPConnection1Clients()
+		return err
+	})
+	var ip2Clients []*internetgateway2.WANIPConnection2
+	tasks.Go(func() error {
+		var err error
+		ip2Clients, _, err = internetgateway2.NewWANIPConnection2Clients()
+		return err
+	})
+	var ppp1Clients []*internetgateway2.WANPPPConnection1
+	tasks.Go(func() error {
+		var err error
+		ppp1Clients, _, err = internetgateway2.NewWANPPPConnection1Clients()
+		return err
+	})
+
+	if err := tasks.Wait(); err != nil {
+		return nil, err
+	}
+
+	// Trivial handling for where we find exactly one device to talk to, you
+	// might want to provide more flexible handling than this if multiple
+	// devices are found.
+	switch {
+	case len(ip2Clients) == 1:
+		return ip2Clients[0], nil
+	case len(ip1Clients) == 1:
+		return ip1Clients[0], nil
+	case len(ppp1Clients) == 1:
+		return ppp1Clients[0], nil
+	default:
+		return nil, errors.New("multiple or no services found")
+	}
+}
+
+func UPNP_ForwardPort(ctx context.Context,
+	NewRemoteHost string,
+	NewExternalPort uint16,
+	NewProtocol string,
+	NewInternalPort uint16,
+	NewInternalClient string,
+	NewPortMappingDescription string,
+	NewLeaseDuration uint32,
+) error {
+	client, err := PickRouterClient(ctx)
+	if err != nil {
+		return err
+	}
+
+	return client.AddPortMapping(
+		NewRemoteHost,
+		// External port number to expose to Internet:
+		NewExternalPort,
+		// Forward TCP (this could be "UDP" if we wanted that instead).
+		NewProtocol,
+		// Internal port number on the LAN to forward to.
+		// Some routers might not support this being different to the external
+		// port number.
+		NewInternalPort,
+		// Internal address on the LAN we want to forward to.
+		NewInternalClient,
+		// Enabled:
+		true,
+		// Informational description for the client requesting the port forwarding.
+		NewPortMappingDescription,
+		// How long should the port forward last for in seconds.
+		// If you want to keep it open for longer and potentially across router
+		// resets, you might want to periodically request before this elapses.
+		NewLeaseDuration,
+	)
+}
+
+func AskForMapping(xl *xlog.Logger, remoteGetAddrs []string, localIps []string, localAddr net.Addr, description string) {
+
+	xl.Tracef("makeRouterToNatThisHole: %v, localIps %v, localAddr=%v", remoteGetAddrs, localIps, localAddr.String())
+
+	targetAddr := remoteGetAddrs[0]
+	remoteAddrPort, err := netip.ParseAddrPort(targetAddr)
+	if err != nil {
+		xl.Errorf("netip.ParseAddrPort error: %v. parse: %v", err, targetAddr)
+		return
+	}
+
+	localAddrStr := localAddr.String()
+	localAddrPort, err := netip.ParseAddrPort(localAddrStr)
+	if err != nil {
+		xl.Errorf("netip.ParseAddrPort local error: %v. parse: %v", err, localAddrStr)
+
+		return
+	}
+
+	targetForwardTo := ""
+	if len(localIps) == 1 {
+		targetForwardTo = localIps[0]
+	} else {
+		targetForwardToIp, err := gateway.DiscoverInterface()
+		if err != nil {
+			xl.Warnf("load Default interface error:%v", err)
+		} else {
+			targetForwardTo = targetForwardToIp.String()
+		}
+	}
+
+	if targetForwardTo == "" && len(localIps) > 1 {
+		targetForwardTo = localIps[0]
+	}
+
+	ctx, _ := context.WithTimeout(context.Background(), 50*time.Millisecond)
+
+	xl.Infof("UPNP_ForwardPort: remoteAddrPort=%v, localAddrPort=%v, targetForwardToLocal=%v", remoteAddrPort, localAddrPort, targetForwardTo)
+	err = UPNP_ForwardPort(
+		ctx,
+		/*NewRemoteHost*/ remoteAddrPort.Addr().String(),
+		/*NewExternalPort*/ remoteAddrPort.Port(),
+		/*NewProtocol*/ "UDP",
+
+		/*NewInternalPort*/
+		localAddrPort.Port(),
+		/*NewInternalClient*/ targetForwardTo,
+		/*NewPortMappingDescription*/ description,
+		/*NewLeaseDuration*/ 360,
+	)
+	if err != nil {
+		xl.Warnf("UPNP_ForwardPort error: %v.", err)
+
+		return
+	}
+
+	xl.Tracef("UPNP_ForwardPort done")
+
+}

pkg/plugin/client/http2https.go

@@ -19,11 +19,15 @@ package plugin
 import (
 	"crypto/tls"
 	"io"
+	stdlog "log"
 	"net"
 	"net/http"
 	"net/http/httputil"
 
+	"github.com/fatedier/golib/pool"
+
 	v1 "github.com/fatedier/frp/pkg/config/v1"
+	"github.com/fatedier/frp/pkg/util/log"
 	netpkg "github.com/fatedier/frp/pkg/util/net"
 )
 
@@ -68,6 +72,8 @@ func NewHTTP2HTTPSPlugin(options v1.ClientPluginOptions) (Plugin, error) {
 			}
 		},
 		Transport:  tr,
+		BufferPool: pool.NewBuffer(32 * 1024),
+		ErrorLog:   stdlog.New(log.NewWriteLogger(log.WarnLevel, 2), "", 0),
 	}
 
 	p.s = &http.Server{

pkg/plugin/client/http_proxy.go

@@ -55,6 +55,7 @@ func NewHTTPProxyPlugin(options v1.ClientPluginOptions) (Plugin, error) {
 
 	hp.s = &http.Server{
 		Handler:           hp,
+		ReadHeaderTimeout: 60 * time.Second,
 	}
 
 	go func() {

pkg/plugin/client/https2http.go

@@ -20,12 +20,17 @@ import (
 	"crypto/tls"
 	"fmt"
 	"io"
+	stdlog "log"
 	"net"
 	"net/http"
 	"net/http/httputil"
+	"time"
+
+	"github.com/fatedier/golib/pool"
 
 	v1 "github.com/fatedier/frp/pkg/config/v1"
 	"github.com/fatedier/frp/pkg/transport"
+	"github.com/fatedier/frp/pkg/util/log"
 	netpkg "github.com/fatedier/frp/pkg/util/net"
 )
 
@@ -63,10 +68,13 @@ func NewHTTPS2HTTPPlugin(options v1.ClientPluginOptions) (Plugin, error) {
 				req.Header.Set(k, v)
 			}
 		},
+		BufferPool: pool.NewBuffer(32 * 1024),
+		ErrorLog:   stdlog.New(log.NewWriteLogger(log.WarnLevel, 2), "", 0),
 	}
 
 	p.s = &http.Server{
 		Handler:           rp,
+		ReadHeaderTimeout: 60 * time.Second,
 	}
 
 	var (

pkg/plugin/client/https2https.go

@@ -20,12 +20,17 @@ import (
 	"crypto/tls"
 	"fmt"
 	"io"
+	stdlog "log"
 	"net"
 	"net/http"
 	"net/http/httputil"
+	"time"
+
+	"github.com/fatedier/golib/pool"
 
 	v1 "github.com/fatedier/frp/pkg/config/v1"
 	"github.com/fatedier/frp/pkg/transport"
+	"github.com/fatedier/frp/pkg/util/log"
 	netpkg "github.com/fatedier/frp/pkg/util/net"
 )
 
@@ -69,10 +74,13 @@ func NewHTTPS2HTTPSPlugin(options v1.ClientPluginOptions) (Plugin, error) {
 			}
 		},
 		Transport:  tr,
+		BufferPool: pool.NewBuffer(32 * 1024),
+		ErrorLog:   stdlog.New(log.NewWriteLogger(log.WarnLevel, 2), "", 0),
 	}
 
 	p.s = &http.Server{
 		Handler:           rp,
+		ReadHeaderTimeout: 60 * time.Second,
 	}
 
 	var (

pkg/plugin/client/static_file.go

@@ -61,6 +61,7 @@ func NewStaticFilePlugin(options v1.ClientPluginOptions) (Plugin, error) {
 	router.PathPrefix(prefix).Handler(netpkg.MakeHTTPGzipHandler(http.StripPrefix(prefix, http.FileServer(http.Dir(opts.LocalPath))))).Methods("GET")
 	sp.s = &http.Server{
 		Handler:           router,
+		ReadHeaderTimeout: 60 * time.Second,
 	}
 	go func() {
 		_ = sp.s.Serve(listener)

pkg/util/log/log.go

@@ -15,11 +15,20 @@
 package log
 
 import (
+	"bytes"
 	"os"
 
 	"github.com/fatedier/golib/log"
 )
 
+var (
+	TraceLevel = log.TraceLevel
+	DebugLevel = log.DebugLevel
+	InfoLevel  = log.InfoLevel
+	WarnLevel  = log.WarnLevel
+	ErrorLevel = log.ErrorLevel
+)
+
 var Logger *log.Logger
 
 func init() {
@@ -77,3 +86,24 @@ func Debugf(format string, v ...interface{}) {
 func Tracef(format string, v ...interface{}) {
 	Logger.Tracef(format, v...)
 }
+
+func Logf(level log.Level, offset int, format string, v ...interface{}) {
+	Logger.Logf(level, offset, format, v...)
+}
+
+type WriteLogger struct {
+	level  log.Level
+	offset int
+}
+
+func NewWriteLogger(level log.Level, offset int) *WriteLogger {
+	return &WriteLogger{
+		level:  level,
+		offset: offset,
+	}
+}
+
+func (w *WriteLogger) Write(p []byte) (n int, err error) {
+	Logger.Log(w.level, w.offset, string(bytes.TrimRight(p, "\n")))
+	return len(p), nil
+}

pkg/util/net/dial.go

@@ -5,11 +5,11 @@ import (
 	"net"
 	"net/url"
 
-	libdial "github.com/fatedier/golib/net/dial"
+	libnet "github.com/fatedier/golib/net"
 	"golang.org/x/net/websocket"
 )
 
-func DialHookCustomTLSHeadByte(enableTLS bool, disableCustomTLSHeadByte bool) libdial.AfterHookFunc {
+func DialHookCustomTLSHeadByte(enableTLS bool, disableCustomTLSHeadByte bool) libnet.AfterHookFunc {
 	return func(ctx context.Context, c net.Conn, addr string) (context.Context, net.Conn, error) {
 		if enableTLS && !disableCustomTLSHeadByte {
 			_, err := c.Write([]byte{byte(FRPTLSHeadByte)})
@@ -21,7 +21,7 @@ func DialHookCustomTLSHeadByte(enableTLS bool, disableCustomTLSHeadByte bool) li
 	}
 }
 
-func DialHookWebsocket(protocol string, host string) libdial.AfterHookFunc {
+func DialHookWebsocket(protocol string, host string) libnet.AfterHookFunc {
 	return func(ctx context.Context, c net.Conn, addr string) (context.Context, net.Conn, error) {
 		if protocol != "wss" {
 			protocol = "ws"

pkg/util/net/websocket.go

@@ -4,6 +4,7 @@ import (
 	"errors"
 	"net"
 	"net/http"
+	"time"
 
 	"golang.org/x/net/websocket"
 )
@@ -41,6 +42,7 @@ func NewWebsocketListener(ln net.Listener) (wl *WebsocketListener) {
 	wl.server = &http.Server{
 		Addr:              ln.Addr().String(),
 		Handler:           muxer,
+		ReadHeaderTimeout: 60 * time.Second,
 	}
 
 	go func() {

pkg/util/vhost/http.go

@@ -15,7 +15,6 @@
 package vhost
 
 import (
-	"bytes"
 	"context"
 	"encoding/base64"
 	"errors"
@@ -116,10 +115,16 @@ func NewHTTPReverseProxy(option HTTPReverseProxyOptions, vhostRouter *Routers) *
 				return nil, nil
 			},
 		},
-		BufferPool: newWrapPool(),
-		ErrorLog:   stdlog.New(newWrapLogger(), "", 0),
+		BufferPool: pool.NewBuffer(32 * 1024),
+		ErrorLog:   stdlog.New(log.NewWriteLogger(log.WarnLevel, 2), "", 0),
 		ErrorHandler: func(rw http.ResponseWriter, req *http.Request, err error) {
-			log.Warnf("do http proxy request [host: %s] error: %v", req.Host, err)
+			log.Logf(log.WarnLevel, 1, "do http proxy request [host: %s] error: %v", req.Host, err)
+			if err != nil {
+				if e, ok := err.(net.Error); ok && e.Timeout() {
+					rw.WriteHeader(http.StatusGatewayTimeout)
+					return
+				}
+			}
 			rw.WriteHeader(http.StatusNotFound)
 			_, _ = rw.Write(getNotFoundPageContent())
 		},
@@ -322,20 +327,3 @@ func (rp *HTTPReverseProxy) ServeHTTP(rw http.ResponseWriter, req *http.Request)
 		rp.proxy.ServeHTTP(rw, newreq)
 	}
 }
-
-type wrapPool struct{}
-
-func newWrapPool() *wrapPool { return &wrapPool{} }
-
-func (p *wrapPool) Get() []byte { return pool.GetBuf(32 * 1024) }
-
-func (p *wrapPool) Put(buf []byte) { pool.PutBuf(buf) }
-
-type wrapLogger struct{}
-
-func newWrapLogger() *wrapLogger { return &wrapLogger{} }
-
-func (l *wrapLogger) Write(p []byte) (n int, err error) {
-	log.Warnf("%s", string(bytes.TrimRight(p, "\n")))
-	return len(p), nil
-}

pkg/util/vhost/https_test.go

@@ -12,7 +12,7 @@ import (
 func TestGetHTTPSHostname(t *testing.T) {
 	require := require.New(t)
 
-	l, err := net.Listen("tcp", ":")
+	l, err := net.Listen("tcp", "127.0.0.1:")
 	require.NoError(err)
 	defer l.Close()
 

server/dashboard_api.go

@@ -147,6 +147,7 @@ type TCPMuxOutConf struct {
 	BaseOutConf
 	v1.DomainConfig
 	Multiplexer     string `json:"multiplexer"`
+	RouteByHTTPUser string `json:"routeByHTTPUser"`
 }
 
 type UDPOutConf struct {

server/service.go

@@ -288,10 +288,11 @@ func NewService(cfg *v1.ServerConfig) (*Service, error) {
 		server := &http.Server{
 			Addr:              address,
 			Handler:           rp,
+			ReadHeaderTimeout: 60 * time.Second,
 		}
 		var l net.Listener
 		if httpMuxOn {
-			l = svr.muxer.ListenHttp(1)
+			l = svr.muxer.ListenHTTP(1)
 		} else {
 			l, err = net.Listen("tcp", address)
 			if err != nil {
@@ -308,7 +309,7 @@ func NewService(cfg *v1.ServerConfig) (*Service, error) {
 	if cfg.VhostHTTPSPort > 0 {
 		var l net.Listener
 		if httpsMuxOn {
-			l = svr.muxer.ListenHttps(1)
+			l = svr.muxer.ListenHTTPS(1)
 		} else {
 			address := net.JoinHostPort(cfg.ProxyBindAddr, strconv.Itoa(cfg.VhostHTTPSPort))
 			l, err = net.Listen("tcp", address)

test/e2e/framework/framework.go

@@ -260,7 +260,7 @@ func (f *Framework) SetEnvs(envs []string) {
 
 func (f *Framework) WriteTempFile(name string, content string) string {
 	filePath := filepath.Join(f.TempDirectory, name)
-	err := os.WriteFile(filePath, []byte(content), 0o766)
+	err := os.WriteFile(filePath, []byte(content), 0o600)
 	ExpectNoError(err)
 	return filePath
 }

test/e2e/framework/process.go

@@ -27,7 +27,7 @@ func (f *Framework) RunProcesses(serverTemplates []string, clientTemplates []str
 	currentServerProcesses := make([]*process.Process, 0, len(serverTemplates))
 	for i := range serverTemplates {
 		path := filepath.Join(f.TempDirectory, fmt.Sprintf("frp-e2e-server-%d", i))
-		err = os.WriteFile(path, []byte(outs[i]), 0o666)
+		err = os.WriteFile(path, []byte(outs[i]), 0o600)
 		ExpectNoError(err)
 
 		if TestContext.Debug {
@@ -48,7 +48,7 @@ func (f *Framework) RunProcesses(serverTemplates []string, clientTemplates []str
 	for i := range clientTemplates {
 		index := i + len(serverTemplates)
 		path := filepath.Join(f.TempDirectory, fmt.Sprintf("frp-e2e-client-%d", i))
-		err = os.WriteFile(path, []byte(outs[index]), 0o666)
+		err = os.WriteFile(path, []byte(outs[index]), 0o600)
 		ExpectNoError(err)
 
 		if TestContext.Debug {
@@ -94,7 +94,7 @@ func (f *Framework) RunFrpc(args ...string) (*process.Process, string, error) {
 func (f *Framework) GenerateConfigFile(content string) string {
 	f.configFileIndex++
 	path := filepath.Join(f.TempDirectory, fmt.Sprintf("frp-e2e-config-%d", f.configFileIndex))
-	err := os.WriteFile(path, []byte(content), 0o666)
+	err := os.WriteFile(path, []byte(content), 0o600)
 	ExpectNoError(err)
 	return path
 }

test/e2e/pkg/request/request.go

@@ -12,7 +12,7 @@ import (
 	"strconv"
 	"time"
 
-	libdial "github.com/fatedier/golib/net/dial"
+	libnet "github.com/fatedier/golib/net"
 
 	httppkg "github.com/fatedier/frp/pkg/util/http"
 	"github.com/fatedier/frp/test/e2e/pkg/rpc"
@@ -160,11 +160,11 @@ func (r *Request) Do() (*Response, error) {
 		if r.protocol != "tcp" {
 			return nil, fmt.Errorf("only tcp protocol is allowed for proxy")
 		}
-		proxyType, proxyAddress, auth, err := libdial.ParseProxyURL(r.proxyURL)
+		proxyType, proxyAddress, auth, err := libnet.ParseProxyURL(r.proxyURL)
 		if err != nil {
 			return nil, fmt.Errorf("parse ProxyURL error: %v", err)
 		}
-		conn, err = libdial.Dial(addr, libdial.WithProxy(proxyType, proxyAddress), libdial.WithProxyAuth(auth))
+		conn, err = libnet.Dial(addr, libnet.WithProxy(proxyType, proxyAddress), libnet.WithProxyAuth(auth))
 		if err != nil {
 			return nil, err
 		}

test/e2e/v1/basic/http.go

@@ -5,6 +5,7 @@ import (
 	"net/http"
 	"net/url"
 	"strconv"
+	"time"
 
 	"github.com/gorilla/websocket"
 	"github.com/onsi/ginkgo/v2"
@@ -385,4 +386,48 @@ var _ = ginkgo.Describe("[Feature: HTTP]", func() {
 		framework.ExpectNoError(err)
 		framework.ExpectEqualValues(consts.TestString, string(msg))
 	})
+
+	ginkgo.It("vhostHTTPTimeout", func() {
+		vhostHTTPPort := f.AllocPort()
+		serverConf := getDefaultServerConf(vhostHTTPPort)
+		serverConf += `
+		vhostHTTPTimeout = 2
+		`
+
+		delayDuration := 0 * time.Second
+		localPort := f.AllocPort()
+		localServer := httpserver.New(
+			httpserver.WithBindPort(localPort),
+			httpserver.WithHandler(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
+				time.Sleep(delayDuration)
+				_, _ = w.Write([]byte(req.Host))
+			})),
+		)
+		f.RunServer("", localServer)
+
+		clientConf := consts.DefaultClientConfig
+		clientConf += fmt.Sprintf(`
+			[[proxies]]
+			name = "test"
+			type = "http"
+			localPort = %d
+			customDomains = ["normal.example.com"]
+			`, localPort)
+
+		f.RunProcesses([]string{serverConf}, []string{clientConf})
+
+		framework.NewRequestExpect(f).Port(vhostHTTPPort).
+			RequestModify(func(r *request.Request) {
+				r.HTTP().HTTPHost("normal.example.com").HTTP().Timeout(time.Second)
+			}).
+			ExpectResp([]byte("normal.example.com")).
+			Ensure()
+
+		delayDuration = 3 * time.Second
+		framework.NewRequestExpect(f).Port(vhostHTTPPort).
+			RequestModify(func(r *request.Request) {
+				r.HTTP().HTTPHost("normal.example.com").HTTP().Timeout(5 * time.Second)
+			}).
+			Ensure(framework.ExpectResponseCode(504))
+	})
 })

web/frps/components.d.ts

@@ -31,6 +31,7 @@ declare module 'vue' {
     ProxiesSTCP: typeof import('./src/components/ProxiesSTCP.vue')['default']
     ProxiesSUDP: typeof import('./src/components/ProxiesSUDP.vue')['default']
     ProxiesTCP: typeof import('./src/components/ProxiesTCP.vue')['default']
+    ProxiesTCPMux: typeof import('./src/components/ProxiesTCPMux.vue')['default']
     ProxiesUDP: typeof import('./src/components/ProxiesUDP.vue')['default']
     ProxyView: typeof import('./src/components/ProxyView.vue')['default']
     ProxyViewExpand: typeof import('./src/components/ProxyViewExpand.vue')['default']

web/frps/src/App.vue

@@ -39,6 +39,7 @@
               <el-menu-item index="/proxies/udp">UDP</el-menu-item>
               <el-menu-item index="/proxies/http">HTTP</el-menu-item>
               <el-menu-item index="/proxies/https">HTTPS</el-menu-item>
+              <el-menu-item index="/proxies/tcpmux">TCPMUX</el-menu-item>
               <el-menu-item index="/proxies/stcp">STCP</el-menu-item>
               <el-menu-item index="/proxies/sudp">SUDP</el-menu-item>
             </el-sub-menu>

web/frps/src/components/ProxiesTCPMux.vue

@@ -0,0 +1,38 @@
+<template>
+  <ProxyView :proxies="proxies" proxyType="tcpmux" @refresh="fetchData" />
+</template>
+
+<script setup lang="ts">
+import { ref } from 'vue'
+import { TCPMuxProxy } from '../utils/proxy.js'
+import ProxyView from './ProxyView.vue'
+
+let proxies = ref<TCPMuxProxy[]>([])
+
+const fetchData = () => {
+  let tcpmuxHTTPConnectPort: number
+  let subdomainHost: string
+  fetch('../api/serverinfo', { credentials: 'include' })
+    .then((res) => {
+      return res.json()
+    })
+    .then((json) => {
+      tcpmuxHTTPConnectPort = json.tcpmuxHTTPConnectPort
+      subdomainHost = json.subdomainHost
+
+      fetch('../api/proxy/tcpmux', { credentials: 'include' })
+        .then((res) => {
+          return res.json()
+        })
+        .then((json) => {
+          proxies.value = []
+          for (let proxyStats of json.proxies) {
+            proxies.value.push(new TCPMuxProxy(proxyStats, tcpmuxHTTPConnectPort, subdomainHost))
+          }
+        })
+    })
+}
+fetchData()
+</script>
+
+<style></style>

web/frps/src/components/ProxyViewExpand.vue

@@ -1,9 +1,9 @@
 <template>
   <el-form
     label-position="left"
+    label-width="auto"
     inline
     class="proxy-table-expand"
-    v-if="proxyType === 'http' || proxyType === 'https'"
   >
     <el-form-item label="Name">
       <span>{{ row.name }}</span>
@@ -11,6 +11,20 @@
     <el-form-item label="Type">
       <span>{{ row.type }}</span>
     </el-form-item>
+    <el-form-item label="Encryption">
+      <span>{{ row.encryption }}</span>
+    </el-form-item>
+    <el-form-item label="Compression">
+      <span>{{ row.compression }}</span>
+    </el-form-item>
+    <el-form-item label="Last Start">
+      <span>{{ row.lastStartTime }}</span>
+    </el-form-item>
+    <el-form-item label="Last Close">
+      <span>{{ row.lastCloseTime }}</span>
+    </el-form-item>
+
+    <div v-if="proxyType === 'http' || proxyType === 'https'">
       <el-form-item label="Domains">
         <span>{{ row.customDomains }}</span>
       </el-form-item>
@@ -23,42 +37,26 @@
       <el-form-item label="HostRewrite">
         <span>{{ row.hostHeaderRewrite }}</span>
       </el-form-item>
-    <el-form-item label="Encryption">
-      <span>{{ row.encryption }}</span>
+    </div>
+    <div v-else-if="proxyType === 'tcpmux'">
+      <el-form-item label="Multiplexer">
+        <span>{{ row.multiplexer }}</span>
       </el-form-item>
-    <el-form-item label="Compression">
-      <span>{{ row.compression }}</span>
+      <el-form-item label="RouteByHTTPUser">
+        <span>{{ row.routeByHTTPUser }}</span>
       </el-form-item>
-    <el-form-item label="Last Start">
-      <span>{{ row.lastStartTime }}</span>
+      <el-form-item label="Domains">
+        <span>{{ row.customDomains }}</span>
       </el-form-item>
-    <el-form-item label="Last Close">
-      <span>{{ row.lastCloseTime }}</span>
-    </el-form-item>
-  </el-form>
-
-  <el-form label-position="left" inline class="proxy-table-expand" v-else>
-    <el-form-item label="Name">
-      <span>{{ row.name }}</span>
-    </el-form-item>
-    <el-form-item label="Type">
-      <span>{{ row.type }}</span>
+      <el-form-item label="SubDomain">
+        <span>{{ row.subdomain }}</span>
       </el-form-item>
+    </div>
+    <div v-else>
       <el-form-item label="Addr">
         <span>{{ row.addr }}</span>
       </el-form-item>
-    <el-form-item label="Encryption">
-      <span>{{ row.encryption }}</span>
-    </el-form-item>
-    <el-form-item label="Compression">
-      <span>{{ row.compression }}</span>
-    </el-form-item>
-    <el-form-item label="Last Start">
-      <span>{{ row.lastStartTime }}</span>
-    </el-form-item>
-    <el-form-item label="Last Close">
-      <span>{{ row.lastCloseTime }}</span>
-    </el-form-item>
+    </div>
   </el-form>
 
   <div v-if="row.annotations && row.annotations.size > 0">

web/frps/src/components/ServerOverview.vue

@@ -20,10 +20,10 @@
             <el-form-item label="QUIC Bind Port" v-if="data.quicBindPort != 0">
               <span>{{ data.quicBindPort }}</span>
             </el-form-item>
-            <el-form-item label="Http Port" v-if="data.vhostHTTPPort != 0">
+            <el-form-item label="HTTP Port" v-if="data.vhostHTTPPort != 0">
               <span>{{ data.vhostHTTPPort }}</span>
             </el-form-item>
-            <el-form-item label="Https Port" v-if="data.vhostHTTPSPort != 0">
+            <el-form-item label="HTTPS Port" v-if="data.vhostHTTPSPort != 0">
               <span>{{ data.vhostHTTPSPort }}</span>
             </el-form-item>
             <el-form-item

web/frps/src/router/index.ts

@@ -4,6 +4,7 @@ import ProxiesTCP from '../components/ProxiesTCP.vue'
 import ProxiesUDP from '../components/ProxiesUDP.vue'
 import ProxiesHTTP from '../components/ProxiesHTTP.vue'
 import ProxiesHTTPS from '../components/ProxiesHTTPS.vue'
+import ProxiesTCPMux from '../components/ProxiesTCPMux.vue'
 import ProxiesSTCP from '../components/ProxiesSTCP.vue'
 import ProxiesSUDP from '../components/ProxiesSUDP.vue'
 
@@ -35,6 +36,11 @@ const router = createRouter({
       name: 'ProxiesHTTPS',
       component: ProxiesHTTPS,
     },
+    {
+      path: '/proxies/tcpmux',
+      name: 'ProxiesTCPMux',
+      component: ProxiesTCPMux,
+    },
     {
       path: '/proxies/stcp',
       name: 'ProxiesSTCP',

web/frps/src/utils/proxy.ts

@@ -110,6 +110,28 @@ class HTTPSProxy extends BaseProxy {
   }
 }
 
+class TCPMuxProxy extends BaseProxy {
+  multiplexer: string
+  routeByHTTPUser: string
+
+  constructor(proxyStats: any, port: number, subdomainHost: string) {
+    super(proxyStats)
+    this.type = 'tcpmux'
+    this.port = port
+    this.multiplexer = ''
+    this.routeByHTTPUser = ''
+
+    if (proxyStats.conf) {
+      this.customDomains = proxyStats.conf.customDomains || this.customDomains
+      this.multiplexer = proxyStats.conf.multiplexer
+      this.routeByHTTPUser = proxyStats.conf.routeByHTTPUser
+      if (proxyStats.conf.subdomain) {
+        this.subdomain = `${proxyStats.conf.subdomain}.${subdomainHost}`
+      }
+    } 
+  }
+}
+
 class STCPProxy extends BaseProxy {
   constructor(proxyStats: any) {
     super(proxyStats)
@@ -128,6 +150,7 @@ export {
   BaseProxy,
   TCPProxy,
   UDPProxy,
+  TCPMuxProxy,
   HTTPProxy,
   HTTPSProxy,
   STCPProxy,