{"id":115,"date":"2015-12-08T07:42:33","date_gmt":"2015-12-08T07:42:33","guid":{"rendered":"http:\/\/www.onepage.co.kr\/wordpress\/?p=115"},"modified":"2015-12-08T07:42:33","modified_gmt":"2015-12-08T07:42:33","slug":"vsftpd-active-passive-mode-configuration","status":"publish","type":"post","link":"https:\/\/www.onepage.co.kr\/wordpress\/index.php\/2015\/12\/08\/vsftpd-active-passive-mode-configuration\/","title":{"rendered":"vsftpd Active-Passive mode configuration"},"content":{"rendered":"<p><b>Active\/Passive \ubaa8\ub4dc \uc124\uc815<\/b><\/p>\n<p>\uc11c\ubc84\uc5d0\uc11c\ub294 Active \ubaa8\ub4dc, Passive \ubaa8\ub4dc \ub458\ub2e4 \uc9c0\uc6d0\ud558\ub3c4\ub85d \uae30\ub3d9\uc2dc\ucf1c\ub450\uace0 \ud074\ub77c\uc774\uc5b8\ud2b8 \ud504\ub85c\uadf8\ub7a8\uc5d0\uc11c \uc774\ub97c \uc120\ud0dd\ud558\ub3c4\ub85d \ud55c\ub2e4.<\/p>\n<p><b>1.\u00a0Conf \uc124\uc815<\/b><\/p>\n<table class=\"__se_tbl_ext\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td>\u00a0#\u00a0vi \/etc\/vsftpd\/vsftpd.conf<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><b>&#8211; Passive\u00a0<\/b><\/p>\n<table class=\"__se_tbl\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td class=\"\">\u00a0pasv_enable=YES<\/p>\n<p>pasv_max_port=11000<\/p>\n<p>pasv_min_port=10000<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><b>&#8211; Active<\/b><\/p>\n<p>\u3134 Active\ubaa8\ub4dc\ub294 \ud2b9\ubcc4\ud55c \uc635\uc158\uc744 \uc8fc\uc9c0 \uc54a\uc73c\uba74 Default\ub85c \ub3d9\uc791\ud55c\ub2e4.<\/p>\n<p><b>2.\u00a0\uc7ac\uae30\ub3d9<\/b><\/p>\n<table class=\"__se_tbl_ext\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td>\u00a0#\u00a0systemctl restart vsftpd.service<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<div><\/div>\n<div><b>3. SELINUX \uc124\uc815<\/b><\/div>\n<div>\n<div>Conf \ud30c\uc77c\uc744 \uc218\uc815\ud558\uace0 \uc7ac\uae30\ub3d9\u00a0\ud6c4\uc5d0, \ud074\ub77c\uc774\uc5b8\ud2b8\uc5d0\uc11c Active\ubaa8\ub4dc\ub85c\u00a0\uc811\uc18d\ud588\uc9c0\ub9cc\u00a0\uc544\ub798\uc640 \uac19\uc740 \ub85c\uadf8\ub97c \ubcf4\uc5ec\uc8fc\uace0 \uc811\uc18d\ub418\uc9c0 \uc54a\ub294\ub2e4.<\/div>\n<div>&#8211; Active \ubaa8\ub4dc\uc5d0 \uc811\uadfc\ud560 \uc218 \uc5c6\uc5b4\uc11c Passive\ubaa8\ub4dc\ub85c \uc811\uc18d\ud558\uaca0\ub2e4\ub294 \ub85c\uadf8 \ub0b4\uc6a9.. \uadf8\ub7ec\ub098 \uc811\uc18d\ud558\uc9c0 \ubabb\ud568.<\/div>\n<table class=\"__se_tbl_ext\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td width=\"741\">\u00a0\uba85\ub839: PORT 192,168,0,100,17,9<\/p>\n<p>\uc751\ub2f5: 200 PORT command successful. Consider using PASV.<\/p>\n<p>\uba85\ub839: LIST<\/p>\n<p>\uc751\ub2f5: 425 Failed to establish connection.<\/p>\n<p>\uc624\ub958:\u00a0\ub514\ub809\ud130\ub9ac \ubaa9\ub85d \uc870\ud68c \uc2e4\ud328<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>SELINUX \ub54c\ubb38\uc778\ub370.. SELINUX \ub85c\uadf8\ub97c \ubcf4\uba74 \uc544\ub798\uc640 \uac19\uc740 \ubd80\ubd84\uc774 \ub0a8\uaca8\uc838 \uc788\ub2e4.<\/p>\n<table class=\"__se_tbl\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td class=\"\">\u00a0&#8230; \u00a0avc: \u00a0denied \u00a0{ name_connect } for \u00a0pid=20401 comm=&#8221;vsftpd&#8221; \u00a0&#8230;<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&#8211;\u00a0\ub85c\uadf8\ub294 \uc124\uc815\uc5d0 \ub530\ub77c\u00a0\/var\/log\/audit\/audit.log \ub610\ub294 \/var\/log\/message \uc5d0 \ub0a8\uaca8\uc9c4\ub2e4.<\/p>\n<p>&#8211; avc\ub294 SELINUX\ucee4\ub110\uc5d0 \uc788\ub294 \uc11c\ube44\uc2a4 &#8211;\u00a0Access Vector Cache<\/p>\n<p>&#8211;\u00a0Active \ubaa8\ub4dc\uc5d0\uc11c \uc0ac\uc6a9\ud558\ub824\ub294\u00a0Data\uc138\uc158\uc774 \uc0ac\uc6a9\ud558\ub294 \ud3ec\ud2b8\uac00 \ubc29\ud654\ubcbd\uc5d0 \ub9c9\ud614\uae30 \ub54c\ubb38\uc774\ub77c\uace0 \ud55c\ub2e4.<\/p>\n<p>&nbsp;<\/p>\n<table class=\"__se_tbl_ext\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td>\u00a0#\u00a0setsebool -P ftp_home_dir 1<\/p>\n<p>#\u00a0setsebool \u2013P ftpd_use_passive_mode 1<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&#8211; <b>setsebool<\/b>\uc740 SELINUX\uc758 \uc815\ucc45\uc744 \uc124\uc815\ud55c\ub2e4.<\/p>\n<p>&#8211; P\uc635\uc158\uc740 \uc601\uad6c\uc124\uc815\uc744 \uc758\ubbf8, 1\uc740 on\u00a0\/\u00a00\uc740 off<\/p>\n<p>&#8211;\u00a0<b>ftp_home_dir<\/b> \uc740 ftp\uc11c\ubc84\uac00 \ud648\ub514\ub809\ud1a0\ub9ac\uc5d0\ub9cc \uc811\uadfc\uac00\ub2a5\ud558\ub3c4\ub85d \ud558\ub294 \uc635\uc158.<\/p>\n<p>&#8211;\u00a0<b>ftpd_use_passive_mode<\/b>\ub294 ftpd\uac00 Passive\ubaa8\ub4dc \uc0ac\uc6a9\uc744 \ud5c8\uac00\ud558\ub294 \uc635\uc158.<\/p>\n<p><b>4.\u00a0\ud655\uc778<\/b><\/p>\n<\/div>\n<table class=\"__se_tbl_ext\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td>\u00a0#\u00a0getsebool -a | egrep &#8220;^ftp_home_dir|^ftpd_use_passive_mode&#8221;<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&#8211; <b>getsebool<\/b>\uc740 SELINUX\uc758 \uc815\ucc45\uc744 \ud655\uc778\ud55c\ub2e4.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" id=\"20150116_9\/jogahyok_1421409203883BXUeL_PNG\/%C1%A6%B8%F1_%BE%F8%C0%BD.png\" class=\"_photoImage\" src=\"http:\/\/postfiles10.naver.net\/20150116_9\/jogahyok_1421409203883BXUeL_PNG\/%C1%A6%B8%F1_%BE%F8%C0%BD.png?type=w2\" alt=\"\" width=\"640\" height=\"63\" \/><\/p>\n<p><b>5.\u00a0\uc811\uc18d\ud14c\uc2a4\ud2b8<\/b><\/p>\n<p><b>&#8211; Active \ubaa8\ub4dc\ub85c \uc811\uc18d.<\/b><\/p>\n<p>&#8211; \ud074\ub77c\uc774\uc5b8\ud2b8\uc5d0\uc11c \uc815\uc0c1 \uc811\uc18d \ud6c4\uc5d0 21\ubc88 \ud3ec\ud2b8\ub85c \uc678\ubd80\uc5d0\uc11c \uc811\uc18d.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" id=\"20150116_128\/jogahyok_1421411515153XPQ7K_PNG\/1.PNG\" class=\"_photoImage\" src=\"http:\/\/postfiles1.naver.net\/20150116_128\/jogahyok_1421411515153XPQ7K_PNG\/1.PNG?type=w2\" alt=\"\" width=\"643\" height=\"88\" \/><\/p>\n<p>&#8211; \ud30c\uc77c \ub2e4\uc6b4\ub85c\ub4dc\uc2dc\uc5d0 Active\ubaa8\ub4dc\uc774\ubbc0\ub85c <b>20\ubc88\u00a0\ud3ec\ud2b8<\/b>\uac00 open\ub418\uc5b4 \ud30c\uc77c \ub2e4\uc6b4\ub85c\ub4dc<br \/>\n<img loading=\"lazy\" decoding=\"async\" id=\"20150116_23\/jogahyok_14214115154511F6xu_PNG\/2.PNG\" class=\"_photoImage\" src=\"http:\/\/postfiles8.naver.net\/20150116_23\/jogahyok_14214115154511F6xu_PNG\/2.PNG?type=w2\" alt=\"\" width=\"642\" height=\"132\" \/><br \/>\n<b>&#8211; Passive \ubaa8\ub4dc\ub85c \uc811\uc18d.<\/b><\/p>\n<p>&#8211; \ud30c\uc77c \ub2e4\uc6b4\ub85c\ub4dc \uc2dc\uc5d0 Passive\ubaa8\ub4dc \uc774\ubbc0\ub85c Passive\ubaa8\ub4dc \uc0ac\uc6a9\uc744 \uc704\ud574 \uc124\uc815\ud574\ub454 <b>10000~11000 \uc0ac\uc774\uc758 \ud3ec\ud2b8<\/b>\ub85c Data\uc804\uc1a1.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" id=\"20150116_68\/jogahyok_1421411768388qVO0I_PNG\/55.png\" class=\"_photoImage\" src=\"http:\/\/postfiles5.naver.net\/20150116_68\/jogahyok_1421411768388qVO0I_PNG\/55.png?type=w2\" alt=\"\" width=\"644\" height=\"119\" \/><\/p>\n<div class=\"autosourcing-stub-extra\">\n<p><strong>[\ucd9c\ucc98]<\/strong> <a href=\"http:\/\/blog.naver.com\/jogahyok\/220242656406\" target=\"_blank\">[CentOS 7] vsftpd #2. Active\/Passive \ubaa8\ub4dc \uc124\uc815<\/a>|<strong>\uc791\uc131\uc790<\/strong> <a href=\"http:\/\/blog.naver.com\/jogahyok\" target=\"_blank\">\ud601\uc774<\/a><\/p>\n<\/div>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Active\/Passive \ubaa8\ub4dc \uc124\uc815 \uc11c\ubc84\uc5d0\uc11c\ub294 Active \ubaa8\ub4dc, Passive \ubaa8\ub4dc \ub458\ub2e4 \uc9c0\uc6d0\ud558\ub3c4\ub85d \uae30\ub3d9\uc2dc\ucf1c\ub450\uace0 \ud074\ub77c\uc774\uc5b8\ud2b8 \ud504\ub85c\uadf8\ub7a8\uc5d0\uc11c \uc774\ub97c \uc120\ud0dd\ud558\ub3c4\ub85d \ud55c\ub2e4. 1.\u00a0Conf \uc124\uc815 \u00a0#\u00a0vi \/etc\/vsftpd\/vsftpd.conf &#8211; Passive\u00a0 \u00a0pasv_enable=YES pasv_max_port=11000 pasv_min_port=10000 &#8211; Active \u3134 Active\ubaa8\ub4dc\ub294 \ud2b9\ubcc4\ud55c \uc635\uc158\uc744 \uc8fc\uc9c0 \uc54a\uc73c\uba74 Default\ub85c \ub3d9\uc791\ud55c\ub2e4. 2.\u00a0\uc7ac\uae30\ub3d9 \u00a0#\u00a0systemctl restart vsftpd.service 3. SELINUX \uc124\uc815 Conf \ud30c\uc77c\uc744 \uc218\uc815\ud558\uace0 \uc7ac\uae30\ub3d9\u00a0\ud6c4\uc5d0, \ud074\ub77c\uc774\uc5b8\ud2b8\uc5d0\uc11c Active\ubaa8\ub4dc\ub85c\u00a0\uc811\uc18d\ud588\uc9c0\ub9cc\u00a0\uc544\ub798\uc640 \uac19\uc740 \ub85c\uadf8\ub97c \ubcf4\uc5ec\uc8fc\uace0 \uc811\uc18d\ub418\uc9c0 \uc54a\ub294\ub2e4. &#8211; Active [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-115","post","type-post","status-publish","format-standard","hentry","category-about-linux"],"_links":{"self":[{"href":"https:\/\/www.onepage.co.kr\/wordpress\/index.php\/wp-json\/wp\/v2\/posts\/115","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.onepage.co.kr\/wordpress\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.onepage.co.kr\/wordpress\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.onepage.co.kr\/wordpress\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.onepage.co.kr\/wordpress\/index.php\/wp-json\/wp\/v2\/comments?post=115"}],"version-history":[{"count":1,"href":"https:\/\/www.onepage.co.kr\/wordpress\/index.php\/wp-json\/wp\/v2\/posts\/115\/revisions"}],"predecessor-version":[{"id":116,"href":"https:\/\/www.onepage.co.kr\/wordpress\/index.php\/wp-json\/wp\/v2\/posts\/115\/revisions\/116"}],"wp:attachment":[{"href":"https:\/\/www.onepage.co.kr\/wordpress\/index.php\/wp-json\/wp\/v2\/media?parent=115"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.onepage.co.kr\/wordpress\/index.php\/wp-json\/wp\/v2\/categories?post=115"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.onepage.co.kr\/wordpress\/index.php\/wp-json\/wp\/v2\/tags?post=115"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}