如何解决PHP Curl FTPS 隐式传输被防火墙拒绝
我在通过 FTPS 将数据隐式传输到 CoreFTP 服务器时遇到问题。 如果脚本在具有外部 IP 的服务器上执行,则该脚本可以正常工作。然而,在我们的部署中,服务器位于防火墙后面,只有一个内部 IP。
我为 Curl 设置了以下标志
$options = array(
CURLOPT_USERPWD => $username . ':' . $password,CURLOPT_SSL_VERIFYPEER => false,// don't verify SSL
CURLOPT_SSL_VERIFYHOST => false,CURLOPT_FTP_SSL => CURLFTPSSL_ALL,// require SSL For both control and data connections
CURLOPT_FTPSSLAUTH => CURLFTPAUTH_DEFAULT,// let cURL choose the FTP authentication method (either SSL or TLS)
CURLOPT_UPLOAD => true,CURLOPT_PORT => $port,CURLOPT_TIMEOUT => 30,//CURLOPT_HTTPHEADER => array("REMOTE_ADDR: EXTERNAL FIREWALL IP","HTTP_X_FORWARDED_FOR: EXTERNAL FIREWALL IP"),CURLOPT_FTP_CREATE_MISSING_Dirs => true,CURLOPT_VERBOSE => true,CURLOPT_STDERR => $fp,
我尝试将标头设置为具有外部 Ip 的防火墙,但这不起作用。防火墙为我们的内部 IP 开放了所有端口。
Curl 日志如下所示:
* Trying 123.456.789.123:4423...
* Connected to xx.net (123.456.789.123) port 4423 (#0)
* successfully set certificate verify locations:
* xxx
* SSL connection using TLSv1.2 / AES128-SHA256
* Server certificate:
* xxx
* 220 Core FTP Server Version 1.2,build 589.38,64-bit Registered
USER xxx
331 password required for xxx
PASS xxx
230-Logged on
230
PBSZ 0
200 PBSZ set to PBSZ 0
PROT P
200 PROT command OK. Using private data connection.
PWD
257 "/" is current directory
* Entry path is '/'
CWD /
* ftp_perform ends with SECONDARY: 0
250 CWD command successful
CWD ftps
250 CWD command successful
CWD NotarealpersonTesting2222222206082021
550 CWD Failed,path not found
MKD NotarealpersonTesting2222222206082021
250 MKD command successful
CWD NotarealpersonTesting2222222206082021
250 CWD command successful
EPRT |1|10.153.43.11|43665|
502 Command unkNown or not supported...
* disabling EPRT usage
* Hostname 10.153.43.11 was found in DNS cache
PORT 10,153,43,11,145,192
200 PORT command successful
* Connect data stream actively
TYPE I
200 MODE set to I
STOR TestingNotarealpersonSummary.pdf
150 STOR command started
* Preparing for accepting server on data port
* Checking for server connect
* Data conn was not available immediately
* Checking for server connect
* Checking for server connect
* Ctrl conn has data while waiting for data conn
550 STOR Failed...
* Remembering we are in dir "/ftps/NotarealpersonTesting2222222206082021/"
* Connection #0 to host xxx.net left intact
如您所见,连接成功,可以创建目录。该问题仅影响文件传输,因为 PORT 命令发布内部服务器 IP。我相信如果要发布外部服务器 IP,这可能会解决问题。我可以设置任何标志以便 Curl 使用外部防火墙 IP 吗?
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。