背景/网络结构
路由器有两层,外层路由器有公网 IP 123.123.123.123(此处以假举例)和私有 IP 192.168.11.1,内层路由器也是外层路由器的客户端,有公网 IP192.168.11.2和私有 IP 192.168.1.1,内层路由器的客户端是一台安装了 FileZilla Server 的 Windows 7 Enterprise 电脑,是内层路由器的客户端,IP 为 ,192.168.1.48所有 IP 都是静态的。
几个月来,我一直使用互联网另一端的 Windows 远程桌面连接到 Win7 机器。因此,我认为两个路由器上的端口转发规则都是正确的。
从互联网的另一端,FTP 连接也很好。我已经
- 将 FileZilla Server FTP 端口设置为 21
- 将 FileZilla Server 隐式 FTP over TLS 端口设置为 990
- 将 FileZilla Server 被动模式自定义端口范围设置为 50000-65000
- 在 Windows 防火墙入站规则中允许这些端口
- 将这些端口(TCP)转发到
192.168.1.48内部路由器的IP - 将这些端口 (TCP) 转发到
192.168.11.2外部路由器的IP
问题
下面是 FileZilla FTP 服务器日志。服务器上线后,它会192.168.11.1每隔大约 30 秒就收到一次(虚拟)连接。我认为这是不正常的。
当服务器忙于接收这些连接时,来自互联网另一端的正常登录和文件传输正常工作。但这些(虚拟)连接永远不会192.168.11.1停止,即使在 FTP 用户登录后也是如此。只有在服务器离线后才会停止。
Creating listen socket on port 21...
Creating listen socket on port 990...
Server online
(000696)11/05/2017 11:18:45 - (not logged in) (192.168.11.1)> Connected on port 21, sending welcome message...
(000696)11/05/2017 11:18:45 - (not logged in) (192.168.11.1)> 220-FileZilla Server 0.9.60 beta
(000696)11/05/2017 11:18:45 - (not logged in) (192.168.11.1)> 220-written by Tim Kosse ([email protected])
(000696)11/05/2017 11:18:45 - (not logged in) (192.168.11.1)> 220 Please visit https://filezilla-project.org/
(000696)11/05/2017 11:18:45 - (not logged in) (192.168.11.1)> disconnected.
(000697)11/05/2017 11:19:10 - (not logged in) (192.168.11.1)> Connected on port 21, sending welcome message...
(000697)11/05/2017 11:19:10 - (not logged in) (192.168.11.1)> 220-FileZilla Server 0.9.60 beta
(000697)11/05/2017 11:19:10 - (not logged in) (192.168.11.1)> 220-written by Tim Kosse ([email protected])
(000697)11/05/2017 11:19:10 - (not logged in) (192.168.11.1)> 220 Please visit https://filezilla-project.org/
(000697)11/05/2017 11:19:10 - (not logged in) (192.168.11.1)> disconnected.
(000698)11/05/2017 11:19:34 - (not logged in) (192.168.11.1)> Connected on port 21, sending welcome message...
(000698)11/05/2017 11:19:34 - (not logged in) (192.168.11.1)> 220-FileZilla Server 0.9.60 beta
(000698)11/05/2017 11:19:34 - (not logged in) (192.168.11.1)> 220-written by Tim Kosse ([email protected])
(000698)11/05/2017 11:19:34 - (not logged in) (192.168.11.1)> 220 Please visit https://filezilla-project.org/
(000698)11/05/2017 11:19:34 - (not logged in) (192.168.11.1)> disconnected.
(000699)11/05/2017 11:19:58 - (not logged in) (192.168.11.1)> Connected on port 21, sending welcome message...
(000699)11/05/2017 11:19:58 - (not logged in) (192.168.11.1)> 220-FileZilla Server 0.9.60 beta
(000699)11/05/2017 11:19:58 - (not logged in) (192.168.11.1)> 220-written by Tim Kosse ([email protected])
(000699)11/05/2017 11:19:58 - (not logged in) (192.168.11.1)> 220 Please visit https://filezilla-project.org/
(000699)11/05/2017 11:19:58 - (not logged in) (192.168.11.1)> disconnected.
(000700)11/05/2017 11:20:23 - (not logged in) (192.168.11.1)> Connected on port 21, sending welcome message...
(000700)11/05/2017 11:20:23 - (not logged in) (192.168.11.1)> 220-FileZilla Server 0.9.60 beta
(000700)11/05/2017 11:20:23 - (not logged in) (192.168.11.1)> 220-written by Tim Kosse ([email protected])
(000700)11/05/2017 11:20:23 - (not logged in) (192.168.11.1)> 220 Please visit https://filezilla-project.org/
(000700)11/05/2017 11:20:23 - (not logged in) (192.168.11.1)> disconnected.
(000701)11/05/2017 11:20:52 - (not logged in) (192.168.11.1)> Connected on port 21, sending welcome message...
(000701)11/05/2017 11:20:52 - (not logged in) (192.168.11.1)> 220-FileZilla Server 0.9.60 beta
(000701)11/05/2017 11:20:52 - (not logged in) (192.168.11.1)> 220-written by Tim Kosse ([email protected])
(000701)11/05/2017 11:20:52 - (not logged in) (192.168.11.1)> 220 Please visit https://filezilla-project.org/
(000701)11/05/2017 11:20:52 - (not logged in) (192.168.11.1)> disconnected.
Server is going offline...
Server offline.