我在装有 Oracle Virtualbox 的 Windows 计算机上安装了 Debian Squeeze。然后我在 NAT 适配器上对端口 21 进行了端口转发。
在 Debian 中我运行过:
apt-get install proftpd
然后我取消注释 PassivePorts,这样我就可以将端口 49152 到 49155 用作被动端口。然后我取消注释 MasqueradeAddress 并将其设置为 127.0.0.1
然后尝试在 FileZilla 中进行快速连接后,我得到:
Status: Connecting to 127.0.0.1:21...
Status: Connection established, waiting for welcome message...
Response: 220 FTP Server ready.
Command: USER webserver
Response: 331 Password required for webserver
Command: PASS *
Response: 230 User webserver logged in
Command: OPTS UTF8 ON
Response: 200 UTF8 set to on
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is the current directory
Command: TYPE I
Response: 200 Type set to I
Command: PASV
Response: 227 Entering Passive Mode (127,0,0,1,192,3).
Command: MLSD
Error: Connection timed out
Error: Failed to retrieve directory listing
如何修复?这似乎与 VM 有关(目前在同一台机器上运行),因为所有教程都假设它在运行后应该可以工作apt-get。
答案1
您需要PassivePorst在您的proftd.conf-中启用
PassivePorts 35000 40000
启用ip_conntrack_ftp模块
modprobe ip_conntrack_ftp
在您的防火墙中,所有与 ftp/被动 ftp 相关的端口都必须打开 -
iptables -A INPUT -p tcp --sport 21 -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp --dport 21 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp --sport 20 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -p tcp --dport 20 -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp --sport 1024: --dport 35000:40000 -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp --sport 1024: --dport 35000:40000 -m state --state ESTABLISHED,RELATED -j ACCEPT