使用被动模式时,如果我们将pasv_max_port设置为10100并将pasv_min_port设置为10090.这是否意味着VSFTP服务器只能同时为10个客户端提供服务?
我们可以为pasv_max_port和pasv_min_port设置相同的端口号吗?如果可能,VSFTP服务器可以同时处理多少客户端?只有一个?
解决方法
为了简化,我会说是的,这就是你应该如何考虑它(在我看来).
限制端口范围将根据最小和最大之间的端口数限制同时的客户端连接.
这样你就可以避免奇怪的行为.
但是,事实并非如此,必须加以审核:-)
更深入,更精确:限制端口会影响数据通道的使用.
请注意,新的连接请求需要可用的数据通道.
我不知道所有使用数据通道的FTP命令,但基本上传(STOR),下载(RETR),列表(LIST)命令需要数据通道.
为了说明这一点,我刚用我的vsftpd服务器和这些设置在实验室(你可以重现)进行测试:
pasv_max_port=10100 pasv_min_port=10100
1.首次测试:
- I connect with Client1 : ok
- I connect with Client2 while Client1 is still connected : ok
- I connect with Client3 while Client1 and Client2 are still connected : ok
为什么?
- Client2 was able to connect because Client1 was doing nothing (idle) and
was not using data channel,so the server has assigned the port to Client2.- Client3 was able to connect because Client1 and Client2 were
idle and not using data channel,so the server has assigned the port
to Client3.
2.第二次测试:
- I connect with Client1 and start uploading a file : ok file upload in progress
- I connect with Client2 while Client1 upload was still running : ERROR cannot connect
- I wait for Client1 upload to finish
- Once Client1 upload was finished i was able to connect with Client2.
为什么?
- Because Client1 was using data channel for its upload,Client2 was not able to connect because there was no more available port on server side to serve him.
- Once Client1 upload has finished,the server freed-up data channel port and Client2 was able to use it to connect.
3.第三次测试:
- I connect with Client1 : ok
- I connect with Client2 while Client1 is still connected : ok
- I start an upload to ftp server from Client1 : ok upload in progress
- I start an upload to ftp server from Client2 while Client1 upload is still running : ERROR connexion closed by server. Transfert Failed.
为什么?
A mix of test 1 and test 2 :
- Client2 was able to connect because Client1 was doing nothing (idle) and
was not using data channel,so the server has assigned the port to Client2.- Client1 is able to upload a file because Client2 is idle so the server has assigned the
port to Client1 for its upload.- Client2 is not able to upload a file because data transfert port is already in use by Client1 for its upload
现在你可以理解为什么我在开始时谈论“怪异”的行为.
希望它会有所帮助!
