Closed hekun515sinacom closed 4 years ago
Why should it be 20?
I understand that port mode (active mode) requires 20 ports to reply to client messages. I think the standard document clearly states that in this mode, the server usually uses 20 data ports to actively connect to the client's high random port. At this time, it belongs to the server's active connection to the client. Port 20 is used because it does not need the access rights of the high port that the server opens separately, and only opens specific ports. Access to port 20 is sufficient. If the high random port of the server is still used to actively connect the high random port of the client in port mode, there is no difference between PASV (passive mode). If my understanding is wrong, please correct it.
PORT command (or EPRT for IPv6) is a command sent by client which:
This port can be anything, from 0 to 65536, but usually it is > 1024, and it is decided by client, not by server. By default pyftpdlib rejects the PORT/EPRT command if the specified port is < 1024 for security reasons, but this can be disabled with FTPHandler.permit_privileged_ports = True
.
PORT/EPRT is the contrary of PASV/EPSV where it's the server which opens a port and the client connects to it, which is the recommended method for clients to use FTP.
handler.permit_privileged_ports = True
The client requests EPRT mode, but the port of FTP reply is not 20 port, but a random port greater than 1024. See attachment for message interaction process 192,168.10.60 address is server