A, ftp Introduction
ftp (File Transfer Protocol File Transfer Protocol) is an application layer protocol TCP / IP protocol used for file transfer, including ftp server (or server) and ftp client.
ftp client and server create a network connection, request the login server, the login is successful, you can transfer files, including open files and upload files contained both.
ftp protocol is very old, some people say technology is too far behind, insecurity, this argument I am not in the comments. However, ftp application scenario is still very wide, it is an indisputable fact.
In the Linux system, ftp client and ftp server that comes with the operating system, but not necessarily installed by default.
Second, the installation package ftp
In CentOS7, ftp using yum to install the package, including an ftp server and ftp client. If you have installed, will again perform yum upgrade package to the latest version.
1, install ftp server
yum -y install vsftpd
2, install ftp client
yum -y install ftp
Third, configure the ftp server
ftp transfer mode passive mode and an active type two, the default is the passive mode, the active mode is rarely application scenario, for convenience of expression, described in what follows only the passive mode, the active mode is also described herein.
1, closed SELINUX
Modify / etc / selinux / config file, the value of the parameter to SELINUX disabled.
SELINUX =disabled
Linux system restart or execute setenforce 0the changes to take effect immediately.
2, the configuration parameter data port ftp
ftp data port also called high port in /etc/vsftpd/vsftpd.conf configuration file, specified by two parameters pasv_max_port pasv_min_port and, if the file does not these two parameters, added to the list manually.
pasv_min_port=5000 # 高端口范围的最小值。
pasv_max_port=5500 # 高端口范围的最大值。
3, the opening of the firewall
There are two ways to open the firewall:
1) open the ftp service.
firewall-cmd --zone=public --add-service=ftp --permanent
2) opening port ftp service required, control port 21, a data port range is 5000-5500, which is configured on a file in /etc/vsftpd/vsftpd.conf pasv_min_port and pasv_max_port parameters.
firewall-cmd --zone=public --add-port=21/tcp --permanent
firewall-cmd --zone=public --add-port=5000-5500/tcp --permanent
Restart the firewall:
systemctl restart firewalld.service
4, start the vsftpd service
Service name ftp server is vsftpd, related to operations are as follows:
systemctl start vsftpd # 启动服务。
systemctl stop vsftpd # 停止服务。
systemctl restart vsftpd # 重启服务。
systemctl status vsftpd # 查看服务状态。
systemctl enable vsftpd # 启用开机自动动vsftpd服务。
systemctl disable vsftpd # 禁用开机自动动vsftpd服务。
5, the cloud platform access policy configuration
If you purchased a cloud server, you need to log cloud server provider management platform open access policy (or security group), opened 21 ports of high and access policies.
Different cloud server provider management platform different operating methods, specific methods of operation read the operating manual, or Baidu, or cloud server provider's customer service consulting.
If the cloud service ftp server does not establish a data session, enter in Baidu "passive mode FTP data session can not be established problem" solution to the problem can be found, the current Ali cloud server on the existence of this problem.
Fourth, active and passive mode
ftp has two modes, namely, port mode (active mode) and pasv mode (passive mode).
1, active mode
Customers made 21 port command to the server's end, said: I want to lose transfer files, I have opened up their own 20-port, you initiate a TCP connection to my 20 port, we have to transfer files. After the server knows that it will take the initiative to launch 20-port connection to the client, the connection after a successful start transferring files.
In the active mode, ftp requested by the client TCP connections; when transmitting data, TCP connection is initiated by a server.
2, passive mode
The client to the server port 21 commanding said: I want to transfer files. After the server knows to open a free high port and tells the client, I have opened up a certain port, you connect to this port I initiate TCP, and then we use this port to transfer files.
In passive mode, either ftp command, or the transmission of data, a TCP connection is initiated by the client to the server.
3, from the active mode to the passive mode
A long time ago, each computer has an ip address, ftp only active mode, and later appeared to share Internet access technology, it will have the following problems.
Internet sharing is more computers to share one public ip to use the internet, such as a public network ip LAN port is 210.33.25.108, when network users (192.168.1.100) to access external network ftp server, if the active mode , 192.168.1.100 ftp server told me I needed a file and open up the port after 20, due to share Internet access, 192.168.1.100 when the gateway ip has been converted into 210.33.25.108, so ftp server revenue the news is 210.33.25.108 need a file and opened 20 ports, ftp server will attempt to connect 210.33.25.108 port 20, so that certainly will not succeed.
In active mode, the two ftp port is relatively fixed, if the command port is n, then the data port is the n-1, that is to say by default, the command port is 21, the data port is 20, if you put ftp port services into a 521, then the data port is 520, so it is convenient to configure the firewall, you only need to open two ports on it. However, you can not use active mode in a shared online environment.
In passive mode, the default command port 21, the data port are assigned randomly. However, passive mode data port can range configuration, the firewall may be configured port range.
V. Copyright
C Language Technology Network original article, reproduced please indicate the source link to the article, the author and original.
Source: C Language Technology Network (www.freecplus.net)
Author: Ethics code Agriculture
If the article typos, or content errors, or other suggestions and comments, please correct me message, thank you very much! ! !