LNMP build the server, in the use of FTP, reported the following error: After checking, is the FTP active mode passive mode problem
Tool: XFTP5, remove the passive mode (other clients can check the corresponding passive mode to the active mode setting method on the Internet)
One more thing: Shut down the local firewall!!! For this reason. I looked for a long, asked a lot of small partners, can not, and finally shut down the local firewall. OK
Supplemental Learning: FTP FTP Active mode and passive mode comparison
FTP is a TCP-only service and does not support UDP. The difference is that FTP uses 2 ports, a data port and a command port (also called a control port). Typically, the two ports are 21 (command port) and 20 (data port). But the FTP works differently, the data port is not always 20. This is the biggest difference between active and passive FTP.
(i) Active FTP
The active FTP is this: the client connects to the FTP server's command port from an arbitrary non-privileged port N (n>1024), which is Port 21. The client then starts listening on port n+1 and sends the FTP command "Port n+1" to the FTP server. The server then connects to the client-specified data port (n+1) from its own data port (20). For firewalls in front of the FTP server, the following traffic must be allowed to support active mode ftp:1. Any port greater than 1024 to the FTP server's 21 port. (client-initiated connection)
2. The FTP server is 21 ports to a port greater than 1024. (server responds to client's control port)
3. The FTP server is 20 ports to a port greater than 1024. (Server-side initialization data is connected to the client's data port) 4. 20 ports greater than 1024 ports to the FTP server (the client sends an ACK response to the server's data port) (ii) Passive FTP
In order to solve the problem that the server initiates the connection to the customer, people have developed a different way of FTP connection. This is called passive, or PASV, which is enabled when the client notifies the server that it is in passive mode. In passive mode FTP, both the command connection and the data connection are initiated by the client, which resolves the problem that the in-direction connection of the data port from the server to the client is filtered out by the firewall. When an FTP connection is turned on, the client opens two arbitrary non-privileged local ports (N > 1024 and n+1). The first port connects to the server's port 21, but unlike proactive FTP, the client does not submit the Port command and allows the server to back up its data port, but instead submits the PASV command. The result of this is that the server will open an arbitrary non-privileged port (P > 1024) and send the port p command to the client. The client then initiates a connection from the local port n+1 to the server's port p to transmit the data.
For server-side firewalls, the following traffic must be allowed to support passive ftp:1. From any port greater than 1024 to the server's 21 port (client initiated connection)
2.21 Port of the server to any port greater than 1024 (the server responds to the connection to the client's control port)
3. From any port greater than 1024 to the server (client-initiated data connection to any ports specified by the server) 4. The server's greater than 1024 ports to a remote port greater than 1024 (the server sends an ACK response and data to the client's data port) above about active and passive FTP interpretation, can be summarized as follows two points: 1, active ftp:
Command connection: Client >1024 Port-> Server 21 Port
Data connection: Client >1024 port <-server 20 port
2. Passive ftp:
Command connection: Client >1024 Port-> Server 21 Port
Data connection: Client >1024 Port-> Server >1024 port (iii) advantages and disadvantages of active and Passive ftp: Active FTP is advantageous to the management of FTP server, but it is disadvantageous to the management of clients. Because the FTP server attempts to establish a connection to the client's high-level random port, the port is likely to be blocked by the client's firewall. Passive FTP is advantageous to the management of FTP client, but it is disadvantageous to server side management. Because the client is going to establish two connections to the server, one of them is connected to a high-level random port, and the port is likely to be blocked by the server-side firewall.
"Linux" FTP Active Passive mode
