[GH-ISSUE #4401] [sharing ftp over frp demo][ frp之ftp案例分享 ] 227 Entering Passive Mode( IP, xxx, xxx )

gitea-mirror commented

2026-05-05 14:14:05 -06:00

Owner

Originally created by @weiqi-chen on GitHub (Aug 23, 2024).
Original GitHub issue: https://github.com/fatedier/frp/issues/4401

Describe the feature request

我希望可以将这个配置案例添加到文档当中，我发现在issue中很多人遇到问题，但是忽略了一个细节导致失败。我留意到了并且成功通过frp建立ftp链接。在此我分享我的经验。
I hope to add this configuration case to the documentation. I have noticed that many people encounter issues in the issue tracker but overlook a detail that leads to failure. I noticed this detail and successfully established an FTP connection using FRP. Here, I am sharing my experience.

我不会对细节进行过多的讲解，我只会讲关键点。
I won’t go into too much detail, I will only cover the key points.

一个关键的错误消息：
A key error message:

192.168.1.100这个IP地址是ftp server的私有IP地址。frp所有监听的都是回环地址，因此此处应该是127.0.0.1才行！
The IP address 192.168.1.100 is the private IP address of the FTP server. FRP listens on loopback addresses, so it should be 127.0.0.1 here!

下方关键配置解决这个问题：
The key configuration below solves this problem:

A机器：ftp server机器运行frp，通过proxies配置，将本地ftp端口、被动连接端口映射出去：
Machine A: The FTP server machine runs FRP. Through the proxies configuration, it maps the local FTP port and passive connection port.

{{- range $_, $v := parseNumberRangePair "21,49000-49009" "21,49000-49009" }}
[[proxies]]
name = "rpi-ftp-{{ $v.First }}"
type = "stcp"
secretKey = "aaaa"
localIP = "127.0.0.1"
localPort = {{ $v.First }}
{{- end }}

B机器要访问ftp server的机器运行frp，通过visitors配置，监听本地21，49000-49009端口，并将请求转发到proxies。
Machine B: To access the FTP server, this machine runs FRP with the visitors configuration, listening on local ports 21 and 49000-49009, and forwarding requests to proxies.

{{- range $_, $v := parseNumberRangePair "21,49000-49009" "21,49000-49009" }}
[[visitors]]
name = "rpi-ftp-{{ $v.First }}"
servername = "rpi-ftp-{{ $v.First }}"
type = "stcp"
secretKey = "aaaa"
bindAddr = "127.0.0.1"
bindPort = {{ $v.First }}
{{- end }}

这样B机器访问ftp://127.0.0.1即可访问A机器的FTP服务器。
With this setup, Machine B can access the FTP server on Machine A by using ftp://127.0.0.1.

Describe alternatives you've considered

No response

Affected area

Docs
Installation
Performance and Scalability
Security
User Experience
Test and Release
Developer Infrastructure
Client Plugin
Server Plugin
Extensions
Others

Originally created by @weiqi-chen on GitHub (Aug 23, 2024). Original GitHub issue: https://github.com/fatedier/frp/issues/4401 ### Describe the feature request 我希望可以将这个配置案例添加到文档当中，我发现在issue中很多人遇到问题，但是忽略了一个细节导致失败。我留意到了并且成功通过frp建立ftp链接。在此我分享我的经验。 I hope to add this configuration case to the documentation. I have noticed that many people encounter issues in the issue tracker but overlook a detail that leads to failure. I noticed this detail and successfully established an FTP connection using FRP. Here, I am sharing my experience. 我不会对细节进行过多的讲解，我只会讲关键点。 I won’t go into too much detail, I will only cover the key points. 一个关键的错误消息： A key error message: ![FTP 227 Entering Passive Mode](https://github.com/user-attachments/assets/c23e0456-221a-490a-ac62-bbb14a8b712f) 192.168.1.100这个IP地址是ftp server的**私有IP地址**。frp所有监听的都是回环地址，因此此处应该是127.0.0.1才行！ The IP address 192.168.1.100 is the **private IP address** of the FTP server. FRP listens on loopback addresses, so it should be 127.0.0.1 here! 下方关键配置解决这个问题： The key configuration below solves this problem: ![image](https://github.com/user-attachments/assets/f7988eaa-02f9-4636-be78-01600599093e) **A机器**：ftp server机器运行frp，通过`proxies`配置，将本地ftp端口、被动连接端口映射出去： **Machine A**: The FTP server machine runs FRP. Through the `proxies` configuration, it maps the local FTP port and passive connection port. ```go {{- range $_, $v := parseNumberRangePair "21,49000-49009" "21,49000-49009" }} [[proxies]] name = "rpi-ftp-{{ $v.First }}" type = "stcp" secretKey = "aaaa" localIP = "127.0.0.1" localPort = {{ $v.First }} {{- end }} ``` **B机器**要访问ftp server的机器运行frp，通过`visitors`配置，监听本地`21`，`49000-49009`端口，并将请求转发到`proxies`。 **Machine B**: To access the FTP server, this machine runs FRP with the `visitors` configuration, listening on local ports `21` and `49000-49009`, and forwarding requests to `proxies`. ```go {{- range $_, $v := parseNumberRangePair "21,49000-49009" "21,49000-49009" }} [[visitors]] name = "rpi-ftp-{{ $v.First }}" servername = "rpi-ftp-{{ $v.First }}" type = "stcp" secretKey = "aaaa" bindAddr = "127.0.0.1" bindPort = {{ $v.First }} {{- end }} ``` 这样B机器访问ftp://127.0.0.1即可访问A机器的FTP服务器。 With this setup, Machine B can access the FTP server on Machine A by using ftp://127.0.0.1. ### Describe alternatives you've considered _No response_ ### Affected area - [X] Docs - [ ] Installation - [ ] Performance and Scalability - [ ] Security - [X] User Experience - [ ] Test and Release - [ ] Developer Infrastructure - [ ] Client Plugin - [ ] Server Plugin - [ ] Extensions - [ ] Others

gitea-mirror

2026-05-05 14:14:05 -06:00

closed this issue
added the
lifecycle/stale
label

gitea-mirror commented

2026-05-05 14:14:08 -06:00

Author

Owner

@weiqi-chen commented on GitHub (Aug 23, 2024):

突然想到：这样配置的FTP服务器只有本机和frp visitors能访问。其它机器都无法访问这个FTP。我这里IP绑定配置我甚至写为127.0.0.1。

“对本地连接不使用外部IP”这个选项我不是很明白是什么意思，local connection是回环地址还是广播域呢？如果是广播域的话，勾选这个选项，同一个广播域其它主机应该能访问这个FTP Server。只要被FileZilla判断为非“本地连接”，那么被动模式连接的目标IP地址将会是127.0.0.1，这样就访问不了FTP Server咯。

@weiqi-chen commented on GitHub (Aug 23, 2024): 突然想到：这样配置的FTP服务器只有本机和frp visitors能访问。其它机器都无法访问这个FTP。我这里IP绑定配置我甚至写为127.0.0.1。 ![image](https://github.com/user-attachments/assets/413097e3-10fd-48f4-a653-4f4ca6de2ac2) “对本地连接不使用外部IP”这个选项我不是很明白是什么意思，local connection是回环地址还是广播域呢？如果是广播域的话，勾选这个选项，同一个广播域其它主机应该能访问这个FTP Server。只要被FileZilla判断为非“本地连接”，那么被动模式连接的目标IP地址将会是127.0.0.1，这样就访问不了FTP Server咯。

gitea-mirror commented

2026-05-05 14:14:08 -06:00

Author

Owner

@xqzr commented on GitHub (Aug 25, 2024):

frp 也许应该实现，类似于 NAT ALG 的功能（对于 FTP 来说）

@xqzr commented on GitHub (Aug 25, 2024): frp 也许应该实现，类似于 NAT ALG 的功能（对于 FTP 来说）

gitea-mirror commented

2026-05-05 14:14:09 -06:00

Author

Owner

@fatedier commented on GitHub (Aug 26, 2024):

FTP should no longer be the recommended protocol or tool.

@fatedier commented on GitHub (Aug 26, 2024): FTP should no longer be the recommended protocol or tool.

gitea-mirror commented

2026-05-05 14:14:09 -06:00

Author

Owner

@github-actions[bot] commented on GitHub (Sep 17, 2024):

Issues go stale after 21d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.

@github-actions[bot] commented on GitHub (Sep 17, 2024): Issues go stale after 21d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.