Shulou(Shulou.com)06/01 Report--

After opening the vsftpd port, it is found that you can log in with the client tool, but you can't browse files and create new files. At this time, I looked at the protocol of ftp and found that ftp has active mode and passive mode. Opening port 21 on the server side is to let the client in, but there is no port to go out, and the port is still open on the server side. Finally, you have to add the corresponding module of ftp. The whole operation is a bit complicated. Write it down today and make a deeper impression on yourself later.

1. Install vsftpd softwar

Yum install vsftpd-y

two。 Open anonymous access and passive mode ports

Vim / etc/vsftpd/vsftpd.conf

Anonymous_enable=YES-enable anonymous user access

Anon_upload_enable=YES-anonymous user name allows you to upload files

Anon_mkdir_write_enable=YES-anonymous users can create files

Anon_other_write_enable=YES-Anonymous users can rename files

Pasv_enable=YES-turn on passive mode

Pasv_min_port=30000-the smallest port in passive mode

Pasv_max_port=31000-maximum port in passive mode

3. Load ftp module

Vim / etc/modprobe.d/vsftpd.conf

Alias ip_conntrack ip_conntrack_ftp ip_nat_ftp-load the ftp module

Vim / etc/rc.local

/ sbin/modprobe ip_conntract-- boot load module

/ sbin/modprobe ip_conntrack_ftp

/ sbin/modprobe ip_nat_ftp

4. Port filtering

Vim / etc/sysconfig/iptables

-An INPUT-p tcp-m multiport-- dport 20JEI 21-m state-- state NEW-j ACCEPT-- Open Port 20LJ 21

-An INPUT-p tcp-m state-- state NEW-m tcp-- dport 21-j ACCEPT-- Open 21 active port

-An INPUT-p tcp-- dport 30000 ACCEPT 31000-j ACCEPT-Open passive port

5. Landing test

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.