我想设置一个 FTP 服务器,但是当我尝试连接 filezilla 时出现此错误问题:
Status: Connecting to 41.228.175.x:2121...
Status: Connection established, waiting for welcome message...
Status: Insecure server, it does not support FTP over TLS.
Status: Server does not support non-ASCII characters.
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is the current directory
Command: TYPE I
Response: 200 Switching to Binary mode.
Command: PASV
Response: 227 Entering Passive Mode (41,228,175,x,39,110).
Command: LIST
Response: 425 Failed to establish connection.
Error: Failed to retrieve directory listing
Status: Connection closed by server
Status: Disconnected from server
Status: Connecting to 41.228.175.x:2121...
Status: Connection established, waiting for welcome message...
Status: Insecure server, it does not support FTP over TLS.
Status: Server does not support non-ASCII characters.
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is the current directory
Command: TYPE I
Response: 200 Switching to Binary mode.
Command: PASV
Response: 227 Entering Passive Mode (41,228,175,x,39,107).
Command: LIST
Response: 425 Failed to establish connection.
Error: Failed to retrieve directory listing
Status: Connection closed by server
这是我的vsftpd.conf文件配置:
listen=YES
xferlog_enable=YES
log_ftp_protocol=YES
seccomp_sandbox=NO
listen_port=2121
pasv_enable=YES
port_enable=YES
pasv_address=41.228.175.x
pasv_addr_resolve=YES
pasv_max_port=10100
pasv_min_port=10090
listen_ipv6=NO
session_support=YES
file_open_mode=0755
listen_ipv6=NO
anonymous_enable=NO
userlist_enable=YES
userlist_file=/etc/vsftpd.userlist
userlist_deny=NO
tcp_wrappers=YES
allow_writeable_chroot=YES
user_sub_token=$USER
local_root=/home/$USER/ftp
local_enable=YES
write_enable=YES
local_umask=077
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=NO
chown_username=admin
xferlog_std_format=YES
idle_session_timeout=600
accept_timeout=60
connect_timeout=60
session_support=YES
data_connection_timeout=300
ascii_upload_enable=YES
ascii_download_enable=YES
ftpd_banner=Welcome to blah FTP service.
chroot_local_user=YES
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
userlist_file=/etc/vsftpd.userlist
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
ssl_enable=NO
utf8_filesystem=YES
PASV 端口范围的端口转发设置的屏幕截图:
答案1
你的端口转发错误。
你应该不是将 10090-10100 转发到 2121(即 FTP 服务器主要的监听端口)。 您应该将它们转发到 FTP 服务器上的 10090-10100 端口。
FTP 会打开一个额外的连接用于数据传输,这就是此端口范围的用途。这当然意味着它们需要转发到数据端口,而不是控制端口。
另外,请考虑不要使用 FTP。您所遇到的情况是一个原因。默认情况下缺乏安全性是另一个原因。它也是一种缓慢的协议,下载单个文件会产生很大的开销。对于经过身份验证的用户,sftp、scp 和 webdav 可能是不错的选择。对于匿名访问,http(s) 是更好的解决方案。FTP 不安全,按照当今的标准也不是一种好的协议。