Implementation of CentOS8.0 Installation and Configuration of ftp Server

After the release of CentOS 8.0-1905, I tried to migrate the FTP server to the new version of CentOS. However, during the test, after the ftp service was opened in the firewall, I still couldn't connect directly. If I used lftp or ftp tools to test, I would be prompted with an error of "No route to the host". However, after the firewall is turned off, the ftp service can be accessed normally.

In the process of inquiring relevant information, some information said that firewalld software has bug, but trying to install http can be successful after testing, indicating that there is no problem with firewall.

Continuing to query relevant information, it is found that most client tools such as chrome, firefox or Filezilla use passive mode (PASV mode) to access ftp service by default, so it is guessed that the port is rejected when ftp works in passive mode.

After adding PASV related settings in vsftpd configuration file, and opening the specified port in firewall, it can be accessed normally.

The implementation steps are as follows:

1. Installation

yum -y install vsftpd

2. Adjust the configuration

vim /etc/vsftpd/vsftpd.conf 
## Adjust the configuration as needed, such as enabling anonymous access 
## Enable Passive Mode 
##################
#pasv_enable=YES ## Enable 
#pasv_min_port=10000 ## Turn on the lowest pasv Port, it is recommended to use a port greater than 1024 High port of 
#pasv_max_port=11000 ## Turn on the highest pasv Port 
#######################

3. Adjust the firewall configuration

## Enable ftp Server 
firewall-cmd --add-service=ftp --permanent
###### Increase ftp Visit 
firewall-cmd --add-port=10000-11000/tcp --permanent
###### The above order, open 10000-11000 No. tcp Port 
###### If necessary, you can add the corresponding udp Port 
firewall-cmd --reload
## Reload the firewall 

4. Restart ftp service to access