基本设置:两台计算机,一台运行 proftpd,一台尝试通过 filezilla 连接。两台计算机都使用 Linux(服务器上使用 xubuntu,客户端上使用 kubuntu)。两台计算机目前都位于住宅(即动态 IP)连接的路由器后面;客户端是一台笔记本电脑,我打算把它带离家庭网络,因此我需要它在外部工作。我已将路由器设置为允许将特定端口转发到每台计算机,并在可能的情况下将这些数字插入 proftpd(通过 gadmin,仔细检查配置文件)和 filezilla。
尝试使用内部 IP 通过主动模式进行连接:
Status: Connecting to 192.168.1.139:8085...
Status: Connection established, waiting for welcome message...
Response: 220 Crossroads FTP
Command: USER <redacted>
Response: 331 Password required for <redacted>
Command: PASS *******
Response: 230 Anonymous access granted, restrictions apply
Command: OPTS UTF8 ON
Response: 200 UTF8 set to on
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is the current directory
Command: TYPE I
Response: 200 Type set to I
Command: PORT 192,168,1,52,153,140
Response: 200 PORT command successful
Command: LIST
Response: 150 Opening ASCII mode data connection for file list
Response: 226 Transfer complete
Status: Directory listing successful
但是,尝试通过域名进行连接会导致问题;在主动模式下,根据服务器日志,PORT 是最后收到的命令,而在被动模式下,则是 PASV 命令。这让我相信我被重定向到了一个坏端口?
活性样本:
Status: Resolving address of <url>
Status: Connecting to <ip:port>
Status: Connection established, waiting for welcome message...
Response: 220 Crossroads FTP
Command: USER <redacted>
Response: 331 Password required for <redacted>
Command: PASS *******
Response: 230 Anonymous access granted, restrictions apply
Command: OPTS UTF8 ON
Response: 200 UTF8 set to on
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is the current directory
Command: TYPE I
Response: 200 Type set to I
Command: PORT 174,111,127,27,153,139
Response: 200 PORT command successful
Command: LIST
Error: Connection timed out
Error: Failed to retrieve directory listing
被动样本:
Status: Resolving address of ftp.bonsaiwebdesigns.com
Status: Connecting to 174.111.127.27:8085...
Status: Connection established, waiting for welcome message...
Response: 220 Crossroads FTP
Command: USER yamikuronue
Response: 331 Password required for yamikuronue
Command: PASS *******
Response: 230 Anonymous access granted, restrictions apply
Command: OPTS UTF8 ON
Response: 200 UTF8 set to on
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is the current directory
Command: TYPE I
Response: 200 Type set to I
Command: PASV
Response: 227 Entering Passive Mode (64,95,64,197,101,88).
Command: LIST
Error: Connection timed out
Error: Failed to retrieve directory listing
在这两种情况下,日志文件都以“PORT”或“PASV”结尾 - 没有收到过“LIST”命令的记录。就在那上面,我可以看到通过内部 IP 主动连接的尝试,其中确实包含一个 LIST 命令。
我的配置文件包括“PassivePorts 20001-26999”(这是我为 ftp 服务器设置的端口转发)和“Port 8085”(也转发到同一台机器)。我还设置了一个 MasqueradeAddress 以防止它报告其内部 IP,这是我之前遇到的一个问题。
我想问的是,是否需要更改某个地方的其他设置才能使此设置正常工作?
答案1
所以我想我已经解决了。其他人建议删除 MasqueradeAddress。当我这样做时,Filezilla 告诉我服务器给了我一个假 IP,所以它会回到服务器自己的地址。这有效。
什么鬼?有人能给我解释一下吗?