Shulou(Shulou.com)06/02 Report--

Knowledge of active mode and passive mode of FTP.

When using FTP, there is no problem with the connection if all ports between the client machine and the FTP server are open.

If there is a firewall between the client and the server, if the fire protection policy is not configured and the appropriate connection mode is adopted, the login will be successful, but the List list will not be available.

To avoid this problem, you must first understand how FTP works.

1.FTP 's PORT (active mode) and PASV (passive mode) (1) PORT (active mode) PORT is called active mode in Chinese. How it works: the FTP client connects to port 21 of the FTP server, sends a user name and password to log in, and when the client wants to list list or read data after a successful login, the client randomly opens a port (more than 1024) and sends PORT commands to the FTP server. Tell the server client to take active mode and open the port After receiving the PORT active mode command and port number, the FTP server connects through port 20 of the server and the open port of the client to send data, as shown in the following figure:

(2) PASV (passive mode) PASV is the abbreviation of Passive and becomes passive mode in Chinese. The working principle: FTP client connects to port 21 of FTP server, sends username and password to log in, and sends PASV command to FTP server when logging in successfully or reading data. The server randomly opens a port (above 1024) locally, and then tells the client the open port. The client then connects to the open port of the server for data transmission, as shown in the following figure:

two。 From the comparison of the two modes above, we can see that the difference between active mode and passive mode is briefly summarized as follows: active mode is the port through which the "server" connects to the "client"; passive mode is the port through which the "client" connects to the "server". Active mode requires that the client must open the port to the server, and many clients are in the firewall, so it is difficult to open the port to the FTP server. Passive mode only requires the server to open the port to the client to connect. 3. Network settings of different working modes the problem I encountered in the actual project is that the client and server of FTP are in different networks, there are at least four firewalls between the two networks, the server only opens port 21, and the client machine does not open any port. The passive mode of the FTP client connection, resulting in a successful login of the client, but unable to LIST the list and read the data. Obviously, it is because the server side does not open the random port in passive mode. Because in passive mode, the open ports on the server side are random, but if the firewall is not all open, the solution is to open random ports between 50000 and 60000 in the passive mode of ftp server configuration (range in ftp server software settings, you can set port segments on any 1024), and then set rules in the firewall to open the port between 50000 and 60000 on the server side. In the active mode, the FTP software of the client sets the port segment open in the active mode, and the corresponding port segment is opened in the firewall of the client. 4. How to set the working mode? One might ask how the FTP server sets the working mode. FTP servers generally support both active and passive modes, and the mode of connection is determined by FTP client software.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.