Menet VS frp

frp is an advanced, feature-rich reverse proxy that supports a variety of protocols and can be self-hosted.

How does it compare to frp, one of the most popular Open Source Cloudflare Tunnel alternative?

https://github.com/fatedier/frp

#!/bin/bash if [[ -z "$LOCAL_PORT" || -z "$REMOTE_PORT" ]]; then echo "❌ Missing required parameters." echo "Please provide: LOCAL_PORT, REMOTE_PORT" exit 1 fi FRP_SERVER= FRP_SERVER_PORT=1000 FRP_VERSION=0.63.0 FRP_PLATFORM=linux_amd64 FRP_DIR="frp_${FRP_VERSION}_${FRP_PLATFORM}" WORKDIR="$WORKSPACE/frpc_clients" mkdir -p "$WORKDIR" FRPC_BINARY="$WORKDIR/frpc" FRPC_CONFIG="$WORKDIR/frpc_${LOCAL_PORT}_${REMOTE_PORT}.ini" FRPC_LOG="$WORKDIR/frpc_${LOCAL_PORT}_${REMOTE_PORT}.log" FRPC_PID="$WORKDIR/frpc_${LOCAL_PORT}_${REMOTE_PORT}.pid" # Download frpc if missing if [[ ! -f "$FRPC_BINARY" ]]; then echo "🔽 Downloading frpc v${FRP_VERSION}..." wget "https://github.com/fatedier/frp/releases/download/v${FRP_VERSION}/${FRP_DIR}.tar.gz" -O /tmp/frp.tar.gz || { echo "❌ Download failed. Please check FRP version or network." exit 1 } tar -xzf /tmp/frp.tar.gz -C /tmp mv /tmp/${FRP_DIR}/frpc "$FRPC_BINARY" chmod +x "$FRPC_BINARY" rm -rf /tmp/${FRP_DIR} /tmp/frp.tar.gz fi echo "⚙️ Writing frpc config for local:$LOCAL_PORT → remote:$REMOTE_PORT" cat > "$FRPC_CONFIG" &1; then echo "⚠️ Tunnel already running with PID $PID" exit 0 else echo "⚠️ Stale PID file found, removing" rm -f "$FRPC_PID" fi fi echo "🚀 Starting FRP tunnel..." export BUILD_ID=dontKillMe nohup "$FRPC_BINARY" -c "$FRPC_CONFIG" > "$FRPC_LOG" 2>&1 & echo $! > "$FRPC_PID" echo "✅ Tunnel running at $FRP_SERVER:$REMOTE_PORT (PID $(cat $FRPC_PID))"

In the previous article, I wrote about a temporary SSH tunneling technique to bypass CGNAT. This method is not suitable for exposing permanent services, at least not without autossh manager. Proper tools for this are rapiz1/rathole or fatedier/frp. I chose Rathole since it's written in Rust and offers better performance and benchmarks.

While frp is a flexible and lightweight reverse proxy solution, Wiredoor focuses on secure service exposure using modern technologies like WireGuard and NGINX as core components. Wiredoor eliminates the need for manual port forwarding or public IPs by creating a VPN-based reverse tunnel, providing better encryption, automatic HTTPS, and easier service publishing.

frp | Github

Another point to make is that the SSH tunnel technique is most suitable for temporarily exposing services for demo purposes. For permanent tunnels, you would need to add autossh to keep the connection alive, but there are better tools for permanent tunnels, such as rapiz1/rathole or fatedier/frp.

According to its Github page, FRP is "a fast reverse proxy that allows you to expose a local server located behind a NAT or firewall to the internet. It currently supports TCP and UDP, as well as HTTP and HTTPS protocols, enabling requests to be forwarded to internal services via domain name."

Over the past couple of months, I've been working on connet. At this point, it is working pretty smoothly (in what I use it for), so I wanted to share it with more people and see what they think.

I know many other similar/reverse proxy solutions exist - like https://github.com/fatedier/frp, https://github.com/rapiz1/rathole, and a bunch more you can find at https://github.com/anderspitman/awesome-tunneling. However, I wanted to try and put my own little peer-to-peer twist on it.

Thanks for checking it out, and sharing any feedback you might have!