如何在FTP和SSL中使用FTP程序中的NAT? [英] How to use FTP with SSL & NAT in program?
问题描述
我想用C#编写一个程序来连接FTP服务器,找到另一家公司并下载一些文件. FTP服务器使用SSL和NAT设置.它有2个IP.一个是公用Internet IP(220.166.51.10,由NAT设置),另一个是专用IP(192.168.10.100,是真实IP).因此,我必须使用公共Internet IP(220.166.51.10)连接服务器.但是在FTP协议处理中,服务器将返回服务器IP(192.168.10.100),它们是不同的,因此客户端会认为服务器是错误的.解决方案是什么?
FTP协议过程:(带下划线的文字)
[08:30:58] WinSock 2.0-OpenSSL 0.9.8i 2008年9月15日
[08:31:04] [R] 连接到220.166.51.10 -> IP = 220.166.51.10 PORT = 21
[08:31:04] [R]已连接到220.166.51.10
[08:31:04] [R] 220(vsFTPd 2.0.5)
[08:31:04] [R]身份验证SSL
[08:31:04] [R] 234继续进行谈判.
[08:31:04] [R]已连接.协商SSL会话..
[08:31:04] [R] SSL协商成功...
[08:31:04] [R]使用密码DES-CBC3-SHA(168位)的SSL加密会话
[08:31:04] [R] PBSZ 0
[08:31:04] [R] 200 PBSZ设置为0.
[08:31:04] [R] USER z29
[08:31:04] [R] 331请指定密码.
[08:31:04] [R]通过(隐藏)
[08:31:05] [R] 230登录成功.
[08:31:05] [R] SYST
[08:31:05] [R] 215 UNIX类型:L8
[08:31:05] [R] FEAT
[08:31:05] [R] 211-功能:
[08:31:05] [R] AUTH SSL
[08:31:05] [R] AUTH TLS
[08:31:05] [R] EPSV
[08:31:05] [R] MDTM
[08:31:05] [R] PASV
[08:31:05] [R] PBSZ
[08:31:05] [R] PROT
[08:31:05] [R] REST STREAM
[08:31:05] [R]尺寸
[08:31:05] [R] TVFS
[08:31:05] [R] 211结束
[08:31:05] [R] PWD
[08:31:05] [R] 257"/u01/z29"
[08:31:05] [R] A型
[08:31:05] [R] 200切换到ASCII模式.
[08:31:05] [R] PROT P
[08:31:05] [R] 200 PROT现在为私人.
[08:31:05] [R] PASV
[08:31:05] [R] 227进入被动模式(192,168,10,100,234,96)
[08:31:05] [R]打开数据连接IP:220.166.51.10端口:60000
[08:31:05] [R]列表-al
[08:31:05] [R]已连接.协商SSL会话..
[08:31:05] [R] 150这是目录列表.
[08:31:05] [R] SSL协商成功...
[08:31:05] [R]使用密码DES-CBC3-SHA(168位)的SSL加密会话
[08:31:05] [R] 226目录发送成功.
[08:31:05] [R]列表完成:0.47秒内1 KB(2.2 KB/s)
I want to write a program in C# to connect a FTP Server locate another company and download some files. The FTP Server is setup with SSL and NAT. It has 2 IP. One is public internet IP(220.166.51.10, is set by NAT), and the other is private IP(192.168.10.100, the true IP). So I must connect the Server use public internet IP(220.166.51.10). But in FTP protocol processing, the server will return the server IP(192.168.10.100), they are different, so the client will think the server is wrong. What is the solution?
the FTP protocol process: (the underline text)
[08:30:58] WinSock 2.0 -- OpenSSL 0.9.8i 15 Sep 2008
[08:31:04] [R] Connecting to 220.166.51.10 -> IP=220.166.51.10 PORT=21
[08:31:04] [R] Connected to 220.166.51.10
[08:31:04] [R] 220 (vsFTPd 2.0.5)
[08:31:04] [R] AUTH SSL
[08:31:04] [R] 234 Proceed with negotiation.
[08:31:04] [R] Connected. Negotiating SSL session..
[08:31:04] [R] SSL negotiation successful...
[08:31:04] [R] SSL encrypted session using cipher DES-CBC3-SHA (168 bits)
[08:31:04] [R] PBSZ 0
[08:31:04] [R] 200 PBSZ set to 0.
[08:31:04] [R] USER z29
[08:31:04] [R] 331 Please specify the password.
[08:31:04] [R] PASS (hidden)
[08:31:05] [R] 230 Login successful.
[08:31:05] [R] SYST
[08:31:05] [R] 215 UNIX Type: L8
[08:31:05] [R] FEAT
[08:31:05] [R] 211-Features:
[08:31:05] [R] AUTH SSL
[08:31:05] [R] AUTH TLS
[08:31:05] [R] EPSV
[08:31:05] [R] MDTM
[08:31:05] [R] PASV
[08:31:05] [R] PBSZ
[08:31:05] [R] PROT
[08:31:05] [R] REST STREAM
[08:31:05] [R] SIZE
[08:31:05] [R] TVFS
[08:31:05] [R] 211 End
[08:31:05] [R] PWD
[08:31:05] [R] 257 "/u01/z29"
[08:31:05] [R] TYPE A
[08:31:05] [R] 200 Switching to ASCII mode.
[08:31:05] [R] PROT P
[08:31:05] [R] 200 PROT now Private.
[08:31:05] [R] PASV
[08:31:05] [R] 227 Entering Passive Mode (192,168,10,100,234,96)
[08:31:05] [R] Opening data connection IP: 220.166.51.10 PORT: 60000
[08:31:05] [R] LIST -al
[08:31:05] [R] Connected. Negotiating SSL session..
[08:31:05] [R] 150 Here comes the directory listing.
[08:31:05] [R] SSL negotiation successful...
[08:31:05] [R] SSL encrypted session using cipher DES-CBC3-SHA (168 bits)
[08:31:05] [R] 226 Directory send OK.
[08:31:05] [R] List Complete: 1 KB in 0.47 seconds (2.2 KB/s)
推荐答案
这听起来像是网络配置错误. br/>
硬件层应该对软件透明.
我建议您检查路由器端口转发等.
This sounds like a network configuration error.
The hardware layer should appear transparent to the software.
I suggest you check the routers port forwarding etc.
这篇关于如何在FTP和SSL中使用FTP程序中的NAT?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
