仔细考虑这个对话过程我们会发现一些有趣的事情。我们可以看到当 PORT 命令被提交时,它指定了客户端(192.168.150.80)上的一个端口而不是服务器的。当我们用被动FTP时我们会看到相反的现象。我们再来关注PORT命令的格式。就象你在下面的例子看到的一样,它是一个由六个被逗号隔开的数字组成的序列。前四个表示IP地址,后两个组成了用于数据连接的端口号。用第五个数乘以256再加上第六个数就得到了实际的端口号。下面例子中端口号就是( (14*256) + 178) = 3762。我们可以用netstat来验证这个端口信息。
testbox1: {/home/p-t/slacker/public_html} % ftp -d testbox2
Connected to testbox2.slacksite.com.
220 testbox2.slacksite.com FTP server ready.
Name (testbox2:slacker): slacker ---> USER slacker
331 Password required for slacker.
Password: TmpPass ---> PASS XXXX
230 User slacker logged in. ---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls ftp: setsockopt (ignored): Permission denied
---> PORT 192,168,150,80,14,178
200 PORT command successful. ---> LIST
150 Opening ASCII mode data connection for file list.
drwx------ 3 slacker users 104 Jul 27 01:45 public_html
226 Transfer complete.
ftp> quit ---> QUIT
221 Goodbye.
testbox1: {/home/p-t/slacker/public_html} % ftp -d testbox2
Connected to testbox2.slacksite.com.
220 testbox2.slacksite.com FTP server ready.
Name (testbox2:slacker): slacker ---> USER slacker
331 Password required for slacker.
Password: TmpPass ---> PASS XXXX
230 User slacker logged in. ---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> passive
Passive mode on.
ftp> ls ftp: setsockopt (ignored): Permission denied ---> PASV
227 Entering Passive Mode (192,168,150,90,195,149). ---> LIST
150 Opening ASCII mode data connection for file list
drwx------ 3 slacker users 104 Jul 27 01:45 public_html
226 Transfer complete.
ftp>; quit ---> QUIT
221 Goodbye.