vsftpd问题--外网不能访问.

K.C

连接路由上网(ADSL), 路由已经映射端口20至本机.
下面是vsftpd的有效配置.
listen=YES
anonymous_enable=YES
local_enable=YES
write_enable=NO
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
pam_service_name=vsftpd
no_anon_password=YES
pasv_enable=no

要求: 外网能用IE,等浏览器访问.

cw0319

如果是PORT方式，需要映射20和21端口。
如果是被动方式，需要映射21及指定端口池。

K.C

还是不能匿名访问呀.  已经映射端口 21; 5310~5320 5315;
更改后的配置如下
listen=YES
anonymous_enable=YES
local_enable=YES
write_enable=NO
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
pam_service_name=vsftpd
no_anon_password=YES
pasv_enable=yes
pasv_min_port=5310
pasv_max_port=5320

K.C

发现如果内网用anonymous登陆, 则不会询问密码, 如果用外网用anonymous登陆则要密码.  如何能使外网访问也不用密码呢?  高手支几招吧.
#ftp 192.168.1.2
Connected to kelen-laptop.
220 Welcome to Kelen's FTP service.
Name (kelen-laptop:kelen): anonymous
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> exit
221 Goodbye.

#showip
59.33.63.254

#ftp 59.33.63.254
Connected to 59.33.63.254.
220 FTPU ready.
Name (59.33.63.254:kelen): anonymous
331 Password required for anonymous.
Password:
530 Login incorrect.
Login failed.
Remote system type is Ignored.
ftp> exit
221 Have a nice day!

#grep -v '^#' /etc/vsftpd.conf
listen=YES
anonymous_enable=YES
local_enable=YES
write_enable=NO
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
ftpd_banner=Welcome to Kelen.Chang's FTP service.
pam_service_name=vsftpd
no_anon_password=YES
pasv_enable=yes
anon_root=/home/ftp

memory

从提示看应该不是同一台机器：
Connected to kelen-laptop.
220 Welcome to Kelen's FTP service.

Connected to 59.33.63.254.
220 FTPU ready.

K.C

UP
是同一台机. kelen-laptop是本机, 即kelen-laptop=192.168.1.2
而59.33.63.254是当时的公网IP