因此,我在 Ubuntu 10.10 服务器上安装了 ProFTP。使用 FileZilla,我可以连接并进行身份验证,但无法获取目录列表。以下是返回给我的最后几行:
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/home/todolist" is the current directory
Command: TYPE I
Response: 200 Type set to I
Command: PASV
Error: Disconnected from server: ECONNABORTED - Connection aborted
Error: Failed to retrieve directory listing
我没有在配置中更改任何内容,所以我应该更改/设置什么才能正确使用 FTP?
我的配置:
#
# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#
# Includes DSO modules
Include /etc/proftpd/modules.conf
# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6 on
# If set on you can experience a longer connection delay in many cases.
IdentLookups off
ServerName "Chigstuff FTP"
ServerType standalone
DeferWelcome off
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200
DisplayLogin welcome.msg
DisplayChdir .message true
ListOptions "-l"
DenyFilter \*.*/
# Use this to jail all users in their homes
# DefaultRoot ~
# Users require a valid shell listed in /etc/shells to login.
# Use this directive to release that constrain.
# RequireValidShell off
# Port 21 is the standard FTP port.
Port 21
# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but
# feel free to use a more narrow range.
# PassivePorts 49152 65534
# If your host was NATted, this option is useful in order to
# allow passive tranfers to work. You have to use your public
# address and opening the passive ports used on your firewall as well.
# MasqueradeAddress 1.2.3.4
# This is useful for masquerading address with dynamic IPs:
# refresh any configured MasqueradeAddress directives every 8 hours
<IfModule mod_dynmasq.c>
# DynMasqRefresh 28800
</IfModule>
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30
# Set the user and group that the server normally runs at.
User proftpd
Group nogroup
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
# Normally, we want files to be overwriteable.
AllowOverwrite on
# Uncomment this if you are using NIS or LDAP via NSS to retrieve passwords:
# PersistentPasswd off
# This is required to use both PAM-based authentication and local passwords
# AuthOrder mod_auth_pam.c* mod_auth_unix.c
# Be warned: use of this directive impacts CPU average load!
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads. That is not needed for uploads rates.
#
# UseSendFile off
TransferLog /var/log/proftpd/xferlog
SystemLog /var/log/proftpd/proftpd.log
<IfModule mod_quotatab.c>
QuotaEngine off
</IfModule>
<IfModule mod_ratio.c>
Ratios off
</IfModule>
# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default.
<IfModule mod_delay.c>
DelayEngine on
</IfModule>
<IfModule mod_ctrls.c>
ControlsEngine off
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controls.log
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpd.sock
</IfModule>
<IfModule mod_ctrls_admin.c>
AdminControlsEngine off
</IfModule>
#
# Alternative authentication frameworks
#
#Include /etc/proftpd/ldap.conf
#Include /etc/proftpd/sql.conf
#
# This is used for FTPS connections
#
#Include /etc/proftpd/tls.conf
# A basic anonymous configuration, no upload directories.
# <Anonymous ~ftp>
# User ftp
# Group nogroup
# # We want clients to be able to login with "anonymous" as well as "ftp"
# UserAlias anonymous ftp
# # Cosmetic changes, all files belongs to ftp user
# DirFakeUser on ftp
# DirFakeGroup on ftp
#
# RequireValidShell off
#
# # Limit the maximum number of anonymous logins
# MaxClients 10
#
# # We want 'welcome.msg' displayed at login, and '.message' displayed
# # in each newly chdired directory.
# DisplayLogin welcome.msg
# DisplayChdir .message
#
# # Limit WRITE everywhere in the anonymous chroot
# <Directory *>
# <Limit WRITE>
# DenyAll
# </Limit>
# </Directory>
#
# # Uncomment this if you're brave.
# # <Directory incoming>
# # # Umask 022 is a good standard umask to prevent new files and dirs
# # # (second parm) from being group and world writable.
# # Umask 022 022
# # <Limit READ WRITE>
# # DenyAll
# # </Limit>
# # <Limit STOR>
# # AllowAll
# # </Limit>
# # </Directory>
#
# </Anonymous>
答案1
要了解主动 FTP 与被动 FTP,请执行以下操作:关联。
答案2
您要么忘记打开/转发防火墙上的被动端口,要么没有在配置中启用它们。
在您的配置中取消注释此行:
# PassivePorts 49152 65534
进行中:
PassivePorts 49152 65534
然后在防火墙中打开以下端口:20,21以及 范围49152-65534。
确保在此之后重新启动 ProFTP 服务。
答案3
当我通过 ftp.myserver.com 通过 Windows FileZilla 和 linux konqueror 连接到我的服务器时出现以下错误:
Error: Disconnected from server: ECONNABORTED - Connection aborted
Error: Failed to retrieve directory listing
以下是我所做的事情,导致了这个问题
我发现问题出在我的 Netgear wifi 中继器上。它被别人重置为出厂默认设置,导致之前让 Filezilla 和 ftp 正常工作的特殊设置失效。Netgear wifi 中继器用作多台计算机的路由器,阻止了 filezilla 使用的部分命令,但不是全部。这种现象导致了奇怪的行为,我的连接会在几分钟内部分工作,然后崩溃并出现上述错误。
概括 Netgear 路由器很差劲,断电可能会导致它们意外重置到最高安全级别。
解决 要进行诊断,请通过使用备用互联网连接(备用路由)来隔离可能设置了过高安全级别的中继器/路由器,使用麦当劳或朋友家或邻居的 wifi 上的连接。(我在 Android 手机上使用网络共享)。当我这样做时,我与服务器的连接正常工作,我可以回溯并使用排除法来找出哪个设备存在问题。解决方案是进入我的 netgear 无线中继器并将限制设置更改为 wearker 安全级别,一切正常。
发生这种情况的其他可能原因
另外,我在 Windows 机器上运行了“ZoneAlarm”软件,该软件拒绝使用 filezilla。如果您有任何第三方安全软件,您可能需要尝试暂时将其关闭,看看是否是它阻止了您。
您的路由器可能因硬件故障或无线干扰而出现偶发错误。当无线路由器老化时,有时会随机断开连接,请登录 192.168.1.1 进行检查。
FTP 需要打开端口 443。尝试在防火墙上启用服务器的端口 443。登录到 192.168.1.1(您的路由器),然后查看您的 IP 地址的 TCP 和 UDP“端口范围转发”。看看是否有帮助。
答案4
对我来说,这是由于使用 IPv6 造成的。恢复到 IPv4 解决了这个问题。因此,在您的实例中,如果您还没有这样做,请尝试在 FTP 客户端连接中指定 IPv4 地址以测试这是否是原因。