http://www.cppblog.com/mydriverc/archive/2010/03/14/109670.html
先理解主被動的聯結方式:
FTP協議有兩種工作方式:PORT方式和PASV方式,中文意思為主動式和被動式。
Port模式:ftp server:tcp
21 <------client:dynamic ftp server:tcp 20 ------>client:dynamic
Pasv模式:ftp server:tcp 21 <----client:dynamic ftp server:tcp dynamic <----client:dynamic
PORT(主動)方式的串連過程是:用戶端向伺服器的FTP連接埠(預設是21)發送串連請求,伺服器接受串連,建立一條命令鏈路。當需要傳送資料時,用戶端在命令鏈路上用PORT命令告訴伺服器:“我開啟了XXXX連接埠,你過來串連我”。於是伺服器從20連接埠向用戶端的XXXX連接埠發送串連請求,建立一條資料鏈路來傳送資料。
PASV(被動)方式的串連過程是:用戶端向伺服器的FTP連接埠(預設是21)發送串連請求,伺服器接受串連,建立一條命令鏈路。當需要傳送資料時,伺服器在命令鏈路上用PASV命令告訴用戶端:“我開啟了XXXX連接埠,你過來串連我”。於是用戶端向伺服器的XXXX連接埠發送串連請求,建立一條資料鏈路來傳送資料。
#allow all ftp incoming connections
iptables -A INPUT -p tcp --dport 21 -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp --sport 21 -m state --state NEW,ESTABLISHED -j ACCEPT
# Enable active ftp transfers
iptables -A INPUT -p tcp --dport 20 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -p tcp --sport 20 -m state --state ESTABLISHED -j ACCEPT
# Enable passive ftp transfers
iptables -A INPUT -p tcp --sport 1024:65535 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp --sport 1024:65535 --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
