doc: update

README.md

@@ -31,8 +31,7 @@ frp is a fast reverse proxy to help you expose a local server behind a NAT or fi
     * [Encryption and Compression](#encryption-and-compression)
     * [Hot-Reload frpc configuration](#hot-reload-frpc-configuration)
     * [Get proxy status from client](#get-proxy-status-from-client)
-    * [Privilege Mode](#privilege-mode)
-        * [Port White List](#port-white-list)
+    * [Port White List](#port-white-list)
     * [TCP Stream Multiplexing](#tcp-stream-multiplexing)
     * [Support KCP Protocol](#support-kcp-protocol)
     * [Connection Pool](#connection-pool)
@@ -42,6 +41,7 @@ frp is a fast reverse proxy to help you expose a local server behind a NAT or fi
     * [Custom subdomain names](#custom-subdomain-names)
     * [URL routing](#url-routing)
     * [Connect frps by HTTP PROXY](#connect-frps-by-http-proxy)
+    * [Range ports mapping](#range-ports-mapping)
     * [Plugin](#plugin)
 * [Development Plan](#development-plan)
 * [Contributing](#contributing)
@@ -422,21 +422,17 @@ Then run command `frpc reload -c ./frpc.ini` and wait for about 10 seconds to le
 
 Use `frpc status -c ./frpc.ini` to get status of all proxies. You need to set admin port in frpc's configure file.
 
-### Privilege Mode
+### Port White List
 
-Privilege mode is the default and only mode support in frp since v0.10.0. All proxy configurations are set in client.
-
-#### Port White List
-
-`privilege_allow_ports` in frps.ini is used for preventing abuse of ports:
+`allow_ports` in frps.ini is used for preventing abuse of ports:
 
 ```ini
 # frps.ini
 [common]
-privilege_allow_ports = 2000-3000,3001,3003,4000-50000
+allow_ports = 2000-3000,3001,3003,4000-50000
 ```
 
-`privilege_allow_ports` consists of a specific port or a range of ports divided by `,`.
+`allow_ports` consists of a specific port or a range of ports divided by `,`.
 
 ### TCP Stream Multiplexing
 

README_zh.md

@@ -29,8 +29,7 @@ frp 是一个可用于内网穿透的高性能的反向代理应用，支持 tcp
     * [加密与压缩](#加密与压缩)
     * [客户端热加载配置文件](#客户端热加载配置文件)
     * [客户端查看代理状态](#客户端查看代理状态)
-    * [特权模式](#特权模式)
-        * [端口白名单](#端口白名单)
+    * [端口白名单](#端口白名单)
     * [TCP 多路复用](#tcp-多路复用)
     * [底层通信可选 kcp 协议](#底层通信可选-kcp-协议)
     * [连接池](#连接池)
@@ -450,21 +449,17 @@ admin_port = 7400
 
 frpc 支持通过 `frpc status -c ./frpc.ini` 命令查看代理的状态信息，此功能需要在 frpc 中配置 admin 端口。
 
-### 特权模式
+### 端口白名单
 
-由于从 v0.10.0 版本开始，所有 proxy 都在客户端配置，原先的特权模式是目前唯一支持的模式。
-
-#### 端口白名单
-
-为了防止端口被滥用，可以手动指定允许哪些端口被使用，在 frps.ini 中通过 privilege_allow_ports 来指定：
+为了防止端口被滥用，可以手动指定允许哪些端口被使用，在 frps.ini 中通过 `allow_ports` 来指定：
 
 ```ini
 # frps.ini
 [common]
-privilege_allow_ports = 2000-3000,3001,3003,4000-50000
+allow_ports = 2000-3000,3001,3003,4000-50000
 ```
 
-privilege_allow_ports 可以配置允许使用的某个指定端口或者是一个范围内的所有端口，以 `,` 分隔，指定的范围以 `-` 分隔。
+`allow_ports` 可以配置允许使用的某个指定端口或者是一个范围内的所有端口，以 `,` 分隔，指定的范围以 `-` 分隔。
 
 ### TCP 多路复用
 

conf/frps_full.ini

@@ -47,7 +47,7 @@ token = 12345678
 # heartbeat_timeout = 90
 
 # only allow frpc to bind ports you list, if you set nothing, there won't be any limit
-privilege_allow_ports = 2000-3000,3001,3003,4000-50000
+allow_ports = 2000-3000,3001,3003,4000-50000
 
 # pool_count in each proxy will change to max_pool_count if they exceed the maximum value
 max_pool_count = 5

models/config/server_common.go

@@ -68,40 +68,40 @@ type ServerCommonConf struct {
 	SubDomainHost string `json:"subdomain_host"`
 	TcpMux        bool   `json:"tcp_mux"`
 
-	PrivilegeAllowPorts map[int]struct{}
-	MaxPoolCount        int64 `json:"max_pool_count"`
-	MaxPortsPerClient   int64 `json:"max_ports_per_client"`
-	HeartBeatTimeout    int64 `json:"heart_beat_timeout"`
-	UserConnTimeout     int64 `json:"user_conn_timeout"`
+	AllowPorts        map[int]struct{}
+	MaxPoolCount      int64 `json:"max_pool_count"`
+	MaxPortsPerClient int64 `json:"max_ports_per_client"`
+	HeartBeatTimeout  int64 `json:"heart_beat_timeout"`
+	UserConnTimeout   int64 `json:"user_conn_timeout"`
 }
 
 func GetDefaultServerConf() *ServerCommonConf {
 	return &ServerCommonConf{
-		BindAddr:            "0.0.0.0",
-		BindPort:            7000,
-		BindUdpPort:         0,
-		KcpBindPort:         0,
-		ProxyBindAddr:       "0.0.0.0",
-		VhostHttpPort:       0,
-		VhostHttpsPort:      0,
-		DashboardAddr:       "0.0.0.0",
-		DashboardPort:       0,
-		DashboardUser:       "admin",
-		DashboardPwd:        "admin",
-		AssetsDir:           "",
-		LogFile:             "console",
-		LogWay:              "console",
-		LogLevel:            "info",
-		LogMaxDays:          3,
-		Token:               "",
-		AuthTimeout:         900,
-		SubDomainHost:       "",
-		TcpMux:              true,
-		PrivilegeAllowPorts: make(map[int]struct{}),
-		MaxPoolCount:        5,
-		MaxPortsPerClient:   0,
-		HeartBeatTimeout:    90,
-		UserConnTimeout:     10,
+		BindAddr:          "0.0.0.0",
+		BindPort:          7000,
+		BindUdpPort:       0,
+		KcpBindPort:       0,
+		ProxyBindAddr:     "0.0.0.0",
+		VhostHttpPort:     0,
+		VhostHttpsPort:    0,
+		DashboardAddr:     "0.0.0.0",
+		DashboardPort:     0,
+		DashboardUser:     "admin",
+		DashboardPwd:      "admin",
+		AssetsDir:         "",
+		LogFile:           "console",
+		LogWay:            "console",
+		LogLevel:          "info",
+		LogMaxDays:        3,
+		Token:             "",
+		AuthTimeout:       900,
+		SubDomainHost:     "",
+		TcpMux:            true,
+		AllowPorts:        make(map[int]struct{}),
+		MaxPoolCount:      5,
+		MaxPortsPerClient: 0,
+		HeartBeatTimeout:  90,
+		UserConnTimeout:   10,
 	}
 }
 
@@ -232,16 +232,16 @@ func UnmarshalServerConfFromIni(defaultCfg *ServerCommonConf, content string) (c
 
 	cfg.Token, _ = conf.Get("common", "token")
 
-	if allowPortsStr, ok := conf.Get("common", "privilege_allow_ports"); ok {
+	if allowPortsStr, ok := conf.Get("common", "allow_ports"); ok {
 		// e.g. 1000-2000,2001,2002,3000-4000
 		ports, errRet := util.ParseRangeNumbers(allowPortsStr)
 		if errRet != nil {
-			err = fmt.Errorf("Parse conf error: privilege_allow_ports: %v", errRet)
+			err = fmt.Errorf("Parse conf error: allow_ports: %v", errRet)
 			return
 		}
 
 		for _, port := range ports {
-			cfg.PrivilegeAllowPorts[int(port)] = struct{}{}
+			cfg.AllowPorts[int(port)] = struct{}{}
 		}
 	}
 

server/service.go

@@ -76,8 +76,8 @@ func NewService() (svr *Service, err error) {
 		ctlManager:     NewControlManager(),
 		pxyManager:     NewProxyManager(),
 		visitorManager: NewVisitorManager(),
-		tcpPortManager: NewPortManager("tcp", cfg.ProxyBindAddr, cfg.PrivilegeAllowPorts),
-		udpPortManager: NewPortManager("udp", cfg.ProxyBindAddr, cfg.PrivilegeAllowPorts),
+		tcpPortManager: NewPortManager("tcp", cfg.ProxyBindAddr, cfg.AllowPorts),
+		udpPortManager: NewPortManager("udp", cfg.ProxyBindAddr, cfg.AllowPorts),
 	}
 
 	// Init assets.

tests/conf/auto_test_frps.ini

@@ -5,5 +5,5 @@ vhost_http_port = 10804
 log_file = ./frps.log
 log_level = debug
 token = 123456
-privilege_allow_ports = 10000-20000,20002,30000-50000
+allow_ports = 10000-20000,20002,30000-50000
 subdomain_host = sub.com

tests/func_test.go

@@ -209,7 +209,7 @@ func TestWebSocket(t *testing.T) {
 	assert.Equal(TEST_HTTP_NORMAL_STR, string(msg))
 }
 
-func TestPrivilegeAllowPorts(t *testing.T) {
+func TestAllowPorts(t *testing.T) {
 	assert := assert.New(t)
 	// Port not allowed
 	status, err := getProxyStatus(ProxyTcpPortNotAllowed)