This article first appeared: https://www.somata.work/2019/FTPExplanation.html
FTP stands for: File Transfer Protocol, is a protocol for file transfer, this paper explains the FTP protocol. If you do not know where the document can query definition of FTP: RFC 959 or presented in a review, while wrong places also hope to put forward, we progress together.
FTP is a protocol, not a service, a lot of people to understand the FTP service, here is incorrect, in fact, use the FTP protocol service, there are many, such as: vsftpd, pure-ftpd, Filezila Server and so on.
I am here mainly on the mode of operation of the FTP, FTP commands and FTP response code does three parts. As well as a capture ftp connection explain the content in the final facilitate understanding.
FTP mode of operation
FTP complete work has two TCP connections, one for commands and data transmission (file transfer). Which is split into two linked mainly to prevent the destruction of the binary file transfer command to connect the terminal to be specified in the command mode data transfer connection, in order to reduce the complexity of application development.
FTP sub-operating mode 主动连接and 被动连接, the main difference between the two is that the connection of the data connection:
- Active connection: server 20 / TCP ports initiate port connection to the client specified.
- Passive connection: The client initiates the connection to the server specified port.
Here people may ask, active mode and passive mode meaning what? Here I will say the following:
- Now most of the users of the network are not really public addresses are converted using NAT internal network address, if the active connection mode server can not connect to port the client open. You can only use passive mode connection, let the client take the initiative to connect to the server port, in order to achieve the purpose of data transmission.
- In fact, the benefits of active connections is that easy to configure firewall rules, by the 20 / TCP server connections active client port, only need to configure the firewall to allow export 20 / TCP connection can be, not passive connections need to open multiple TCP data connection port to listen .
FTP commands
FTP commands There are many, not one by one I explained here, mainly on the following common some commonly used commands:
Access command
| command | Explanation |
|---|---|
| USER | Enter your user name |
| PASS | Enter the user password |
| QUIT | Exit User Login |
| REIN | Re-signed in user |
| ACCT | Some services software does not need to recognize the beginning, began to require user authentication may re-enter after a certain directory |
File Management Command
| command | Explanation |
|---|---|
| CWD | Change the working directory on the service |
| CDUP | Switch to the parent directory (parent directory) |
| HIS | Delete files on the server |
| LIST | List the current directory files (UNIX form) |
| NLST | Lists the files in the current directory (including the file name only) |
| MKD | Create a directory on the server |
| PWD | Displays the current working directory |
| RMD | To delete a directory from the server |
| RNFR | Specify the need to re-order the files. (Need to meet RNTO use) |
| RNTO | It changed its name to the specified command |
Data transmission mode
| command | Explanation |
|---|---|
| TYPE | Custom file types. A (ASCII), E (EBCDIC), I (Image), L (Local byte size) |
| STRU | Organization data type. F (file), R (record structure), P (page structure) |
| MODE | The definition of transmission. S (stream), B (block), C (compressed) |
| PASV | Specify the server to open a passive mode connection |
File transfer command
| command | Explanation |
|---|---|
| RETR | download file |
| BIG | upload files |
| STOU | STOR with similar, but not by the file name of the client control by the server automatically generates a file name, and use the code 250 returns the file name. |
| STAT | Replace the server status |
| TO | Specify the server space to be reserved |
| ABORT | All command before stopping, including file transfer |
| APPE | If the file does not exist, create a file, if the file to be present in the form of a file is appended. |
| PORT | Specified data port. A total of 6, according to ,segmentation. 4 is a front position IP, as the two port, the port bits * 256 + 1 = 2-bit port open port designation. |
| REST | Similar to HTTP functionality. |
Other commands
| command | Explanation |
|---|---|
| HELP | Help information query server |
| NOOP | Permission state detection server |
| SITE | 此命令用于查询特定于服务器的专有服务 |
| SYST | 查询服务器使用的操作系统 |
FTP应答代码
FTP 客户端是通过应答码来检测服务所表达的意思,除了几个特殊的应答码,大部分应答码后面的内容是给用户查看的。
FTP 应答码的分类:
第一个标志位:
1xx:服务器正在积极响应,但是还未准备完成。
2xx:命令已经正常启动。
3xx:命令被接收,需要等待进一步响应。
4xx:命令错误,无法接收该命令,客户端可以重新尝试命令。
5xx:命令无法被接收,客户端无需再次尝试该命令。
第二标志位:
x0x:有关语法是否正确。
x1x:对信息请求的回复。
x2x:连接状态信息。
x3x:认证和通过信息。
x4x:预留。
x5x:文件系统对于请求的回复。
| 响应代码 | 解释说明 |
|---|---|
| 110 | 重启标志位,后面的提示信息标志服务器状态,提示信息固定 |
| 120 | 服务器准备就绪的时间 |
| 125 | 数据连接已正常开启,开始传输文件 |
| 150 | 文件状态正常,开始开启数据连接 |
| 200 | 命令执行成功 |
| 202 | 命令尚未实现,该站点不支持该命令 |
| 211 | 系统状态,或系统帮助信息 |
| 212 | 目录状态 |
| 213 | 文件状态 |
| 214 | 命令帮助信息 |
| 215 | 该系统类型 |
| 220 | 服务已为新连接的用户就绪 |
| 221 | 服务退出控制连接 |
| 225 | 打开数据连接,未开始数据传输 |
| 226 | 结束数据连接,数据传输已完成 |
| 227 | 进入被动模式(IP 地址、ID 端口) |
| 230 | 用户登入成功 |
| 250 | 请求文件操作完成 |
| 257 | 路径名建立成功 |
| 331 | 用户名正确,需要用户密码 |
| 332 | 需要登入用户 |
| 350 | 请求文件的工作需要得到进一步确认 |
| 421 | 服务不可能,即将关闭控制连接 |
| 425 | 无法打开数据连接 |
| 426 | 连接中止,传输关闭。 |
| 450 | 请求文件尚不可用,文件可能被占用 |
| 451 | 请求操作终止,遇到本地错误 |
| 452 | 请求操作终止,磁盘空间不足 |
| 500 | 命令语法错误,可能包含命令过长的错误 |
| 501 | 命令参数错误 |
| 502 | 命令尚未被执行 |
| 503 | 命令次序错误 |
| 504 | 该命令尚未被完成 |
| 530 | 尚未登入服务器 |
| 532 | 存储文件需要帐号 |
| 550 | 请求的动作尚未执行,文件不可用 |
| 551 | 请求操作终止,不知道的页类型 |
| 552 | 请求操作终止,超出用户配额 |
| 553 | 请求操作终止,文件名不允许 |
FTP command packet capture analysis
This is the data I use the command wireshark capture catch connection.
I did three things here, upload files, download files and directory browsing (2). So here it is actually four times the data transfer is completed, we will be by one view.
Sharp-eyed people should have discovered, the PORT command is sent by the client, the server is connected to the client, which is the active connection mode, need to pay attention here! !
The first paragraph: before the login server configuration
220 (vsFTPd 3.0.3) # 220,表示服务器准备完成,客户端客户发送命令了。 后面跟的是服务器的版本信息。
OPTS UTF8 ON # 表示服务器需要切换到UTF8字符集进行工作。
200 Always in UTF8 mode. #200,表示命令执行成功,后面的提示信息表示已经工作再UTF8模式下了。The second paragraph: User Authentication
USER ftp # 指定用户ftp(匿名用户,anonymous也是匿名用户)
331 Please specify the password. # 331 表示需要输入密码
PASS # 表示输入密码,FTP规定匿名用户可以选择需要输入自己的邮箱,但是这里可以省略不写。
230 Login successful. # 230 表示用户登入成功Third paragraph: directory of the current browser
PORT 192,168,10,103,211,216 # PORT,这里用于指定客户端的IP地址和端口
200 PORT command successful. Consider using PASV. # 表示命令执行成功, 这里是端口连接成功
LIST # 表示列出当前工作目录下的文件
150 Here comes the directory listing. # 150 表示即将开始传输数据。
226 Directory send OK. # 226 表示文件传输成功。PORT command in the first four bits IP address, the port 2, wherein the port should be calculated as: 211 * 256 + 216 = 54232
This is the result of this command returns (in the data connection, the connection to see here is less than the current command)
Content fourth paragraph: Change directory
CWD pub # CWD,表示切换到pub目录下。
250 Directory successfully changed. # 250 表示请求操作执行完成。Fifth paragraph content: once again view the current directory
# 与第三段相同,不过多讲解。
PORT 192,168,10,103,211,217
200 PORT command successful. Consider using PASV.
LIST
150 Here comes the directory listing.
226 Directory send OK.The figure below shows the contents of the return:
Sixth paragraph Content: Upload file
PORT 192,168,10,103,211,218
200 PORT command successful. Consider using PASV.
STOR test.c # STOP 表示上传文件,文件名为 test.c
150 Ok to send data. # 150,表示文件状态正常,开始传输数据。
226 Transfer complete. # 226,表示文件传输完毕。The sixth paragraph of content: Download file
PORT 192,168,10,103,211,219
200 PORT command successful. Consider using PASV.
RETR test.file # RETR 下载文件。
150 Opening BINARY mode data connection for test.file (12 bytes). # 150,表示文件正常,开始传输文件,后面会提示文件名称和文件大小。
226 Transfer complete.The sixth paragraph of content: Exit
QUIT # 退出
221 Goodbye. # 服务退出控制连接This article is "original" original certification of the universe disk, access yuanben.io query] [2MLRYL4K obtain authorization information.