部分内网用户反馈无法访问FTP,使用的是winscp软件。刚开始我也以为是pureftpd配置的问题,但是用公网测试了一下,没有问题,朋友电脑也是路由器下的电脑,也没有问题。一时算是找不到问题所在了。如下图:
写这篇文章只是问了记录解决问题的方法,里边的ip都是处理过的。突然想起来使用抓包工具来看看。
[root@VM_0_11_centos ~]# tcpdump -i eth0 host 123.123.123.123 and port 21 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes 17:14:32.639462 IP 123.123.123.123.timeflies > VM_0_11_centos.ftp: Flags [S], seq 1591552435, win 8192, options [mss 1360,nop,wscale 2,nop,nop,sackOK], length 0 17:14:32.639498 IP VM_0_11_centos.ftp > 123.123.123.123.timeflies: Flags [S.], seq 822383886, ack 1591552436, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0 17:14:32.670071 IP 123.123.123.123.timeflies > VM_0_11_centos.ftp: Flags [.], ack 1, win 16660, length 0 17:14:32.671164 IP VM_0_11_centos.ftp > 123.123.123.123.timeflies: Flags [P.], seq 1:322, ack 1, win 229, length 321: FTP: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 17:14:32.702010 IP 123.123.123.123.timeflies > VM_0_11_centos.ftp: Flags [P.], seq 1:17, ack 322, win 16579, length 16: FTP: USER aimuhuyan 17:14:32.702030 IP VM_0_11_centos.ftp > 123.123.123.123.timeflies: Flags [.], ack 17, win 229, length 0 17:14:32.702094 IP VM_0_11_centos.ftp > 123.123.123.123.timeflies: Flags [P.], seq 322:364, ack 17, win 229, length 42: FTP: 331 User aimuhuyan OK. Password required 17:14:32.732971 IP 123.123.123.123.timeflies > VM_0_11_centos.ftp: Flags [P.], seq 17:33, ack 364, win 16569, length 16: FTP: PASS aimuhuyan 17:14:32.748837 IP VM_0_11_centos.ftp > 123.123.123.123.timeflies: Flags [P.], seq 364:396, ack 33, win 229, length 32: FTP: 230 OK. Current directory is / 17:14:32.779631 IP 123.123.123.123.timeflies > VM_0_11_centos.ftp: Flags [P.], seq 33:39, ack 396, win 16561, length 6: FTP: SYST 17:14:32.779695 IP VM_0_11_centos.ftp > 123.123.123.123.timeflies: Flags [P.], seq 396:415, ack 39, win 229, length 19: FTP: 215 UNIX Type: L8 17:14:32.810479 IP 123.123.123.123.timeflies > VM_0_11_centos.ftp: Flags [P.], seq 39:45, ack 415, win 16556, length 6: FTP: FEAT 17:14:32.810556 IP VM_0_11_centos.ftp > 123.123.123.123.timeflies: Flags [P.], seq 415:662, ack 45, win 229, length 247: FTP: 211-Extensions supported: 17:14:32.841731 IP 123.123.123.123.timeflies > VM_0_11_centos.ftp: Flags [P.], seq 45:59, ack 662, win 16494, length 14: FTP: OPTS UTF8 ON 17:14:32.841813 IP VM_0_11_centos.ftp > 123.123.123.123.timeflies: Flags [P.], seq 662:683, ack 59, win 229, length 21: FTP: 504 Unknown command 17:14:32.968542 IP 123.123.123.123.timeflies > VM_0_11_centos.ftp: Flags [P.], seq 59:64, ack 683, win 16489, length 5: FTP: PWD 17:14:32.968623 IP VM_0_11_centos.ftp > 123.123.123.123.timeflies: Flags [P.], seq 683:717, ack 64, win 229, length 34: FTP: 257 "/" is your current location 17:14:32.999535 IP 123.123.123.123.timeflies > VM_0_11_centos.ftp: Flags [P.], seq 64:71, ack 717, win 16481, length 7: FTP: CWD / 17:14:32.999618 IP VM_0_11_centos.ftp > 123.123.123.123.timeflies: Flags [P.], seq 717:749, ack 71, win 229, length 32: FTP: 250 OK. Current directory is / 17:14:33.030259 IP 123.123.123.123.timeflies > VM_0_11_centos.ftp: Flags [P.], seq 71:76, ack 749, win 16473, length 5: FTP: PWD 17:14:33.030325 IP VM_0_11_centos.ftp > 123.123.123.123.timeflies: Flags [P.], seq 749:783, ack 76, win 229, length 34: FTP: 257 "/" is your current location 17:14:33.170288 IP 123.123.123.123.timeflies > VM_0_11_centos.ftp: Flags [P.], seq 76:84, ack 783, win 16464, length 8: FTP: TYPE A 17:14:33.170366 IP VM_0_11_centos.ftp > 123.123.123.123.timeflies: Flags [P.], seq 783:806, ack 84, win 229, length 23: FTP: 200 TYPE is now ASCII 17:14:33.201747 IP 123.123.123.123.timeflies > VM_0_11_centos.ftp: Flags [P.], seq 84:109, ack 806, win 16458, length 25: FTP: PORT 218,206,241,3,5,83 17:14:33.201910 IP VM_0_11_centos.ftp > 123.123.123.123.timeflies: Flags [P.], seq 806:835, ack 109, win 229, length 29: FTP: 200 PORT command successful 17:14:33.232540 IP 123.123.123.123.timeflies > VM_0_11_centos.ftp: Flags [P.], seq 109:115, ack 835, win 16451, length 6: FTP: MLSD 17:14:33.280145 IP VM_0_11_centos.ftp > 123.123.123.123.timeflies: Flags [.], ack 115, win 229, length 0 17:14:48.850198 IP 123.123.123.123.timeflies > VM_0_11_centos.ftp: Flags [F.], seq 115, ack 835, win 16451, length 0 17:14:48.890133 IP VM_0_11_centos.ftp > 123.123.123.123.timeflies: Flags [.], ack 116, win 229, length 0 ^C 29 packets captured 29 packets received by filter 0 packets dropped by kernel [root@VM_0_11_centos ~]# 1
[root@VM_0_11_centos ~]# tcpdump -i eth0 host 123.111.111.111 and port 21 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes 17:17:04.820260 IP 123.111.111.111.57448 > VM_0_11_centos.ftp: Flags [S], seq 615429217, win 8192, options [mss 1424,nop,wscale 2,nop,nop,sackOK], length 0 17:17:04.820308 IP VM_0_11_centos.ftp > 123.111.111.111.57448: Flags [S.], seq 2414336472, ack 615429218, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0 17:17:04.847902 IP 123.111.111.111.57448 > VM_0_11_centos.ftp: Flags [.], ack 1, win 16732, length 0 17:17:04.848908 IP VM_0_11_centos.ftp > 123.111.111.111.57448: Flags [P.], seq 1:322, ack 1, win 229, length 321: FTP: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 17:17:04.876951 IP 123.111.111.111.57448 > VM_0_11_centos.ftp: Flags [P.], seq 1:17, ack 322, win 16651, length 16: FTP: USER aimuhuyan 17:17:04.876982 IP VM_0_11_centos.ftp > 123.111.111.111.57448: Flags [.], ack 17, win 229, length 0 17:17:04.877061 IP VM_0_11_centos.ftp > 123.111.111.111.57448: Flags [P.], seq 322:364, ack 17, win 229, length 42: FTP: 331 User aimuhuyan OK. Password required 17:17:04.904840 IP 123.111.111.111.57448 > VM_0_11_centos.ftp: Flags [P.], seq 17:33, ack 364, win 16641, length 16: FTP: PASS aimuhuyan 17:17:04.922926 IP VM_0_11_centos.ftp > 123.111.111.111.57448: Flags [P.], seq 364:396, ack 33, win 229, length 32: FTP: 230 OK. Current directory is / 17:17:04.950698 IP 123.111.111.111.57448 > VM_0_11_centos.ftp: Flags [P.], seq 33:39, ack 396, win 16633, length 6: FTP: SYST 17:17:04.950874 IP VM_0_11_centos.ftp > 123.111.111.111.57448: Flags [P.], seq 396:415, ack 39, win 229, length 19: FTP: 215 UNIX Type: L8 17:17:04.978649 IP 123.111.111.111.57448 > VM_0_11_centos.ftp: Flags [P.], seq 39:45, ack 415, win 16628, length 6: FTP: FEAT 17:17:04.978841 IP VM_0_11_centos.ftp > 123.111.111.111.57448: Flags [P.], seq 415:662, ack 45, win 229, length 247: FTP: 211-Extensions supported: 17:17:05.026127 IP 123.111.111.111.57448 > VM_0_11_centos.ftp: Flags [P.], seq 45:59, ack 662, win 16566, length 14: FTP: OPTS UTF8 ON 17:17:05.026323 IP VM_0_11_centos.ftp > 123.111.111.111.57448: Flags [P.], seq 662:683, ack 59, win 229, length 21: FTP: 504 Unknown command 17:17:05.155050 IP 123.111.111.111.57448 > VM_0_11_centos.ftp: Flags [P.], seq 59:64, ack 683, win 16561, length 5: FTP: PWD 17:17:05.155187 IP VM_0_11_centos.ftp > 123.111.111.111.57448: Flags [P.], seq 683:717, ack 64, win 229, length 34: FTP: 257 "/" is your current location 17:17:05.184255 IP 123.111.111.111.57448 > VM_0_11_centos.ftp: Flags [P.], seq 64:71, ack 717, win 16553, length 7: FTP: CWD / 17:17:05.184399 IP VM_0_11_centos.ftp > 123.111.111.111.57448: Flags [P.], seq 717:749, ack 71, win 229, length 32: FTP: 250 OK. Current directory is / 17:17:05.212134 IP 123.111.111.111.57448 > VM_0_11_centos.ftp: Flags [P.], seq 71:76, ack 749, win 16545, length 5: FTP: PWD 17:17:05.212271 IP VM_0_11_centos.ftp > 123.111.111.111.57448: Flags [P.], seq 749:783, ack 76, win 229, length 34: FTP: 257 "/" is your current location 17:17:05.358229 IP 123.111.111.111.57448 > VM_0_11_centos.ftp: Flags [P.], seq 76:84, ack 783, win 16536, length 8: FTP: TYPE A 17:17:05.358347 IP VM_0_11_centos.ftp > 123.111.111.111.57448: Flags [P.], seq 783:806, ack 84, win 229, length 23: FTP: 200 TYPE is now ASCII 17:17:05.386638 IP 123.111.111.111.57448 > VM_0_11_centos.ftp: Flags [P.], seq 84:114, ack 806, win 16530, length 30: FTP: PORT 218,206,242,146,224,105 17:17:05.386813 IP VM_0_11_centos.ftp > 123.111.111.111.57448: Flags [P.], seq 806:835, ack 114, win 229, length 29: FTP: 200 PORT command successful 17:17:05.414592 IP 123.111.111.111.57448 > VM_0_11_centos.ftp: Flags [P.], seq 114:120, ack 835, win 16523, length 6: FTP: MLSD 17:17:05.443627 IP VM_0_11_centos.ftp > 123.111.111.111.57448: Flags [P.], seq 835:865, ack 120, win 229, length 30: FTP: 150 Connecting to port 57449 17:17:05.444495 IP VM_0_11_centos.ftp > 123.111.111.111.57448: Flags [P.], seq 865:888, ack 120, win 229, length 23: FTP: 226 175 matches total 17:17:05.471996 IP 123.111.111.111.57448 > VM_0_11_centos.ftp: Flags [.], ack 888, win 16510, length 0 ^C 29 packets captured 29 packets received by filter 0 packets dropped by kernel [root@VM_0_11_centos ~]#
经过对比后发现 FTP: MLSD后边的数据不一样。终端的是没收到P包。为何没收到P包呢?
FLAGS是F.和. 具体两者的意思可以参考。tcpdump报文中的flag描述 P F 分别代表
一直没有搞明白。直到换了个机器收到下图
才瞬间明白。这还的从ftp的端口说起吧。21和20端口。一个是数据端口,一个是控制端口,控制端口一般为21,而数据端口不一定是20,这和FTP的应用模式有关,如果是主动模式,应该为20,如果为被动模式,由服务器端和客户端协商而定。
关于主动模式和被动模式的详细情况,自己百度去吧。
1、关闭防火墙 有点暴力,为了安全还是详细点。
2、允许这个软件的入栈规则。
结束了。