FTP Overview:
File Transfer protocol Files Transfer Protocol, the FTP service is divided into two roles of server and client.
Transfer mode for FTP server:
Active mode: The server actively connects the client to establish the data link
Passive mode: The FTP server waits for the client to establish a data link
VSFTP Port number:
Command Channel port:
Data Channel port:
VSFTP Supported Accounts:
Configuration file for Vsftp:
/etc/vsftpd/vsftpd.conf #主配置文件
/etc/vsftpd/ftpusers #黑名单
/etc/vsftpd/user_list #白/blacklist (default blacklist)
Note :/var/ftp/ The default shared directory, permissions cannot be changed.
How the Vsftp works:
The specific working procedure for the FTP service is as follows.
① when the FTP client makes a request, the system dynamically assigns a port (such as 1032).
② if the FTP server hears the request on port 21, port 1032 of the FTP client and port 21 of the FTP server
An FTP session connection is established between the
③ when data needs to be transferred, the FTP client then dynamically opens a 2nd port on port 20 connected to the FTP server
(such as 1033), so that data can be transmitted between the two ports. When the data transfer is complete, the two ports
is automatically turned off.
④ when the FTP client disconnects from the FTP server, the dynamically allocated port on the client is automatically freed.
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/2E/E0/wKiom1OdGDXSmggsAAFVEo2JqBw932.jpg "title=" Picture 2.jpg "alt=" Wkiom1odgdxsmggsaafveo2jqbw932.jpg "/>
Vsftp Common configuration and meaning description.
Anonymous |
Anonymous_enable=yes |
Enable anonymous Access |
anon_umask=022 |
Permission mask for files uploaded by anonymous users |
Anon_root=/var/ftp |
Anonymous user's FTP root directory |
Anon_upload_enable=yes |
Allow uploading of files |
Anon_mkdir_write_enable=yes |
Allow Directory creation |
Anon_other_write_enable=yes |
Open Other write rights |
Anon_max_rate=0 |
Limit the maximum transfer rate in bytes |
Local user |
Local_enable=yes |
Whether to enable Local system users |
local_umask=022 |
Permission mask for files uploaded by local Users |
Local_root=/var/ftp |
To set the FTP root directory for Local Users |
Chroot_local_user=yes |
Whether to imprison the user in the home directory |
Local_max_rate=0 |
Limit Maximum transfer rate (Bytes/sec) |
          global configuration |
|
listen_address=192.168.4.1 |
Set the Listening IP address |
Listen_port=21 |
Set the port number for listening to the FTP service |
Write_enable=yes |
Whether Write permission is enabled |
Download_enable=yes |
Whether to allow file download |
Dirmessage_enable=yes |
The contents of the. message file (if present) when the user switches into the directory. |
Xferlog_enable=yes |
Enable Xferlog logging, default logging to/var/log/xferlog file |
Xferlog_std_format=yes |
Enable standard Xferlog log format, if disabled, will use VSFTPD's own log format |
Connect_from_port_20=yes |
Allow server active mode (data connection is established from Port 20) |
Pasv_enable=yes |
Allow Passive mode connection |
pasv_max_port=24600 |
Set the server maximum port number for passive mode |
pasv_min_port=24500 |
Set the server minimum port number for passive mode |
Pam_service_name=vsftpd |
Set the Pam file location for user authentication (the corresponding file name in the/etc/pam.d/directory) |
|
Userlist_enable=yes |
Whether to enable the User_list user list file |
Userlist_deny=yes |
Whether to prohibit user accounts in the user_list list file |
Max_clients=0 |
Maximum number of clients allowed to connect at the same time (0 is unlimited) |
Max_per_ip=0 |
For clients from the same IP address, the maximum number of concurrent connections (0 is unrestricted) is allowed. |
Tcp_wrappers=yes |
Whether to enable Tcp_wrappers host access control (the application of TCP wrappers will be explained in the subsequent course) |
Vsftp start-up and shutdown and join boot start:
Start:
[Email protected] ~]# service vsftpd Restart
Shut down:
[[email protected] ~]# service vsftpd Stop
Boot start:
[email protected] ~]# chkconfig dhcpd on
This article from "Dragon" blog, reproduced please contact the author!