Original link: https://blog.csdn.net/zhangyuan12805/article/details/71425385
The ftp mode is divided into active mode and passive mode. ftp is a tcp connection, so a three-way handshake is required.
1. Configuration of active and passive modes:
Enter vim /etc/vsftpd/vsftpd.conf at the command line:
1> active mode:
pasv_enable=NO (passive mode turned off)
pasv_min_port=3000
pasv_max_port=4000
port_enable=YES (active mode turned on)
connect_from_port_20=YES (that is, by default, FTP PORT active mode uses port 20 ( ftp-data ) for data transmission. YES use , NO is not used.)
2>passive mode:
pasv_enable=YES
pasv_min_port=3000
pasv_max_port=4000
Set in PASV mode, establish the lower and upper bounds of the port range that can be used for data transmission , 0 means any (1024 - 65535 ports). The default value is 0. Set the port range to a relatively high range, such as 3000-4000.
On Linux, if pasv_enable=NO is not configured, the default is passive mode.
2. service vsftpd restart restarts the ftp service;
3. Connect to the ftp server through the command line:
1> active mode: ftp -A 3.3.3.3
Be sure to add -A when connecting to the ftp server in active mode
2> passive mode: you can use ftp 3.3.3.3 directly or use ftp -p 3.3.3.3
4. ftp client: 192.168.168.169 ftp server: 3.3.3.3
1> active mode:
In active mode, in the packet captured in the following figure, in the command connection part (ftp type packet), the port used by the client side is 36439, which is any port greater than 1024, and the port used by the ftp server side is 21:
As shown in the figure below, in active mode, when data is to be transmitted, the ftp client tells the server to contact port 43187 (any port greater than 1024) for data transmission through the 23rd packet through port 21, and listen, and the server uses port 20 to actively communicate with The client side 43187 establishes a data transmission channel and transmits data (the 30th, 32nd, and 34th packets). Here, after the server knows the listening port of the data channel on the client side, it actively establishes a data transmission channel, so it is the active mode.
In active mode, in the data transmission part (FTP-DATA type packet), the port used by ftp-server is 20. By default, FTP PORT uses port 20 for data transmission in active mode , and ftp-client uses port 20. Port 43187 is the listening port for data transmission sent by the client to the server in the previous step.
Summary: Active Mode
passive mode:
In passive mode, in the package captured in the following figure, in the command part (ftp type package), the port used by the client side is 36434, which is any port greater than 1024, and the port used by the ftp server is 21.
In passive mode, the 28th packet in the figure below is a data transmission channel connection request of PASV (passive mode) initiated by the client, so it is passive mode
In the data transmission part of the passive mode (FTP-DATA type packets), the port used by the ftp-server is 3542, which is the port range set in the passive mode in the /etc/vsftpd/vsftpd.conf file (3000 -4000, you can set a port by yourself), the ftp-client side uses port 53001, which is any port greater than 1024.
Summarize:
passive mode
