1.1 简介
Apache FtpServer是100%纯Java FTP服务器。它被设计为基于当前可用的开放协议的完整且可移植的FTP服务器引擎解决方案。FtpServer可以作为Windows服务或Unix / Linux守护程序独立运行,也可以嵌入Java应用程序中。
1.2安装apache-ftpserver
- linux环境下部署ftpserver
- 下载地址:https://mina.apache.org/ftpserver-project/downloads.html,这里下载Apache FtpServer 1.2.0 Release版本
- 进入目录 cd /opt ,上传下载的压缩包,解压:apache-ftpserver-1.2.0-bin.tar.gz
tar -zxvf apache-ftpserver-1.2.0-bin.tar.gz
cd /opt/ftpserver/res/conf
cp ftpd-typical.xml ftpd.xml
vim ftpd.xml
<?xml version="1.0" encoding="UTF-8"?>
<server xmlns="http://mina.apache.org/ftpserver/spring/v1"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://mina.apache.org/ftpserver/spring/v1
http://mina.apache.org/ftpserver/ftpserver-1.0.xsd"
id="myServer"
max-logins="100"
anon-enabled="false"
max-anon-logins="0"
max-login-failures="3"
login-failure-delay="3000" >
<listeners>
<nio-listener name="default" port="21">
<ssl>
<keystore file="./res/ftpserver.jks" password="password" />
</ssl>
</nio-listener>
</listeners>
<file-user-manager file="./res/conf/users.properties" encrypt-passwords="clear"/>
</server>
- 参数 说明
参数名 | 必选 | 端口 | 说明 |
---|---|---|---|
id | 是 | string | 设置server的标志符 |
max-logins | 是 | string | 设置同时登陆的最大人数 |
anon-enabled | 否 | string | 设置匿名登陆为不允许 |
max-anon-logins | 否 | string | 设置匿名登陆用户为0个 |
max-login-failures | 否 | string | 设置3次失败登陆后,关闭此链接 |
login-failure-delay | 否 | string | 失败登陆后下一次登陆所需的时间间隔,防止暴力破解,单位是微秒 |
name | 是 | string | 名称 |
port | 是 | string | 默认的链接端口为2121,必须 ,修改成21,项目中采用的 |
ssl | 是 | 标签 | 密钥存储路径和密钥存储密码,必须 |
file-user-manager | 是 | 标签 | 用户登陆信息,“./res/conf/users.properties”为文件路径,“encrypt-passwords=‘clear’”设置密码加密方式,默认是“MD5”,设置成“clear”表示不加密,直接输入 |
- 修改users.properties文件配置用户
# Password is "admin"
ftpserver.user.admin.userpassword=21232F297A57A5A743894A0E4A801FC3
ftpserver.user.admin.homedirectory=./res/home
ftpserver.user.admin.enableflag=true
ftpserver.user.admin.writepermission=true
ftpserver.user.admin.maxloginnumber=0
ftpserver.user.admin.maxloginperip=0
ftpserver.user.admin.idletime=0
ftpserver.user.admin.uploadrate=0
ftpserver.user.admin.downloadrate=0
#密码 配置新的用户
ftpserver.user.ftpadmin.userpassword=123456
#主目录,这里可以自定义自己的主目录
ftpserver.user.ftpadmin.homedirectory=/opt/apache-tomcat-9.0.65/webapps/ftp
#当前用户可用
ftpserver.user.ftpadmin.enableflag=true
#具有上传权限
ftpserver.user.ftpadmin.writepermission=true
#最大登陆用户数为20
ftpserver.user.ftpadmin.maxloginnumber=20
#同IP登陆用户数为2
ftpserver.user.ftpadmin.maxloginperip=20
#空闲时间为300秒
ftpserver.user.ftpadmin.idletime=300
#上传速率限制为480000字节每秒
ftpserver.user.ftpadmin.uploadrate=48000000
#下载速率限制为480000字节每秒
ftpserver.user.ftpadmin.downloadrate=48000000
- 可将上传的文件存储目录直接存放在tomcat的webapps下,这样当Tomcat启动之后,可直接通过ip:端口/路径进行预览,如下图所示:
1.3 启动服务
#启动ftp服务,后台启动方式:
nohup /opt/ftpserver/bin/ftpd.sh res/conf/ftpd.xml 1>/opt/ftpserver/res/log/ftpd.log 2>&1 &
- 配置ftp快捷命令
#编写脚本文件:
vim ftpserver
#!/bin/bash
# wangli 2022-11-03 Create
if [ "$1"x = "start"x ]; then
nohup /opt/ftpserver/bin/ftpd.sh res/conf/ftpd.xml 1>/opt/ftpserver/res/log/ftpd.log 2>&1 &
fi
if [ "$1"x = "stop"x ]; then
kill -9 $(ps aux|grep "ftpserver" | grep -v grep |awk '{print $2}')
fi
if [ "$1"x = "check"x ]; then
ps -aux|grep "ftpserver" | grep -v grep
fi
if [ "$1"x = "log"x ]; then
tail -f /opt/ftpserver/res/log/ftpd.log -n 1000
fi
#保存退出后赋予执行权限:
chmod a+x ftpserver
#启动:
ftpserver start
#关闭:
ftpserver stop
#查看日志:
ftpserver log
#检查ftpserver进程:
ftpserver check
- 如果开启防火墙会导致上传下载失败 , 需要添加被动或者主动端口
<server xmlns="http://mina.apache.org/ftpserver/spring/v1"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://mina.apache.org/ftpserver/spring/v1 http://mina.apache.org/ftpserver/ftpserver-1.0.xsd"
id="myServer">
<listeners>
<nio-listener name="default" port="2121"> <!--ftp服务端口-->
<ssl>
<keystore file="./res/ftpserver.jks" password="password" />
</ssl>
<data-connection idle-timeout="60">
<active local-port="1886" /><!--主动端口-->
<passive ports="1886" /><!--被动端口-->
</data-connection>
</nio-listener>
</listeners>
<!-- 添加encrypt-passwords="clear",将密码加密方式修改给clear也就是明文密码 -->
<file-user-manager file="./res/conf/users.properties" encrypt-passwords="clear"/>
</server>
passive 端口设置最好采用范围,因为是动态的, 会有失败的情况,不能连续下载等问题:参考官方文档:
https://mina.apache.org/ftpserver-project/configuration_passive_ports.html
https://mina.apache.org/ftpserver-project/configuration_listeners.html
Configure passive ports
When the client wants to use a passive data connection, the server should provide the port to use. By default, FtpServer will choose any available port. However this can be overridden using the configuration for the passive data connection. The allowed passive ports can then be specified as a single port (e.g. 20020), multiple ports (e.g. 20020, 20030, 20040) or a range of ports (e.g. 20020-20030). Ranges can be closed (e.g. 20020-20030) or open ended (e.g. 60000-). Open ended ranges start at 1 and end at 65535, that is, the range 60000- will allow all ports between 60000 and 65535. Any combination of specified values or ranges can be used.
When the server has used up all passive ports (one per client doing passive data transfer), the next clients will have to wait for an available port. It is therefore advised to provide multiple passive ports.
If a value (specific port or start or end of an range) is outside of the allowed values of 0 and 65535, an error will be thrown at startup.
Examples:
端口 | 描述 |
---|---|
0 | Any available port is used as the passive port |
123 | Port 123 will be used as the passive port |
123,133 | Port 123 and 133 will be used as the passive port |
123-125 | Any port in a range from 123 to 125 will be used as the passive port |
123-125 | Any port in a range from 123 to 125 will be used as the passive port |
123-125, 127, 129-130 | Any port in a range from 123 to 125, port 127 or in the range from 129 to 130 will be used as the passive port |
0- | 大于0的端口 |
1.4 FTP文件定时备份:
- 创建执行脚本文件
#!/bin/bash
# 数据库备份根目录
backup_dir="/opt/ftpBak/bak"
source_dir="/opt/apache-tomcat-9.0.65/webapps/ftp/*"
# 备份数据保留天数
backup_clean_day=5
#如果文件夹不存在则创建
if [ ! -d $backup_dir ];
then
mkdir -p $backup_dir;
fi
# 打包压缩到指定文件目录
tar -cvzf $backup_dir/ftp_`date "+%Y_%m_%d"`.tar.gz $source_dir
# 设置停留20秒,以免打包太慢
sleep 20
# 打包完成之后,远程在备份一次
scp $backup_dir/ftp_`date "+%Y_%m_%d"`.tar.gz root@192.168.19.4:/opt/ftpBak
#删除5天之前的备份
find ${backup_dir} -type f -mtime +${backup_clean_day} -delete
crontab -e #添加定时任务,每天凌晨4点钟执行
0 4 * * * /opt/apache-tomcat-9.0.65/webapps/ftp_bak.sh
linux环境下部署ftpserver - Yourbestboy的文章 - 知乎:https://zhuanlan.zhihu.com/p/624104074