The FTP Tutorial (ver. 1.0.0)



Background:

After reading the old FTP tutorial, I decided rather then fixing it up, a complete rewrite was necessary. In this new FTP tutorial, instead of following in the footsteps of the old tutorial, I would actually like to talk about the File Transfer Protocol. This tutorial is aimed at the intermediate newbie. One that knows the basics of the internet: what a socket is, what TCP/IP is, etc.

Down To Work:

The File Transfer Protocol (FTP), as its name states, is a set of rules that dictates how files should be transfered over the TCP/IP protocol. A basic FTP connection consists of a client and a server. The client gets a file by opening a connection to the server. Usually, the server is run on port 21, however, the system administrator can change this if he or she wishes.

Once the client has connected to the server, the server will send a “greeting” to the client. A greeting usually looks something like the following:

220 SpiderMan's FTP server. Please login!


The number before the text is known as a “completion code”. The server greeting will be one of two codes: 220 if the server accepts the connection or 421 if the server rejects the connection.

After the server has sent its greeting, the client sends a request. A request is made up of a verb and, for some verbs, a parameter. Common verbs are:

Verbs Description
CWD Change the current directory on the server.
PWD Print the current directory on the server.
CDUP Moves up to the parent directory.
LIST List the contents of a directory.
MKD Creates a directory on the server.
RMD Removes a directory from the server.
DELE Removes a file from the server.
USER Sends the username for the login.
PASS Sends the password for the login.
ABOR Abort the transfer.
QUIT Closes the connection with the server.
STAT Gets the current status of the server.
TYPE Toggles the binary flag on the server.
PORT Asks the server to connect to the client.
PASV Requests a data connection on a new port.
RETR Requests the server to send a file.
STOR Sends a file from the client to the server
APPE Same as STOR, except data is appended.
REST Start a download at a certain position.
SYST Gets the OS information of the server.
HELP Get help on a verb.
NOOP No operation.

After sending a request, the client should wait for the server to respond before the client sends another request; however, the client can send an ABOR, STAT, or QUIT request without waiting for the server to respond. Typically, after the server has sent the greeting, the client will respond with a USER request in which the client sends the username to log into the FTP server with.

After the client has sent the server a request, the server replies with a “response”. A response consists of a completion code followed by one, or more, lines. Generally, if the second digit of the completion code is a 0, it is a syntax error message; if the second digit of the completion code is a 2, it is a hello or goodbye message.

Once the client is logged in, he or she would then get the file he or she wishes to retrieve. A typical session would look similar to this:

220 SpiderMan's FTP server. Please login!
USER SpiderMan
331 Username okay. Send password!
PASS password
230 Password accepted, user logged in.
LIST
150 Opening ASCII mode data connection for /bin/ls
226 Transfer complete
TYPE I
200 Type set to I
PASV
227 Entering passive mode (206,84,161,87,28,46)
RETR datafile.zip
150 Opening BINARY mode data connection for datafile.zip
226 Transfer complete

When downloading a file, the client should specify whether he or she wants the file sent in ASCII mode (each line ended with a CR/LF) or binary mode. To set the mode of transfer, the client sends the TYPE request. TYPE I would set the binary mode. By default, binary mode is turned off. It is important that the server send the file in the correct mode to avoid file corruption.

I should elaborate on the PASV and PORT request since they are very important to FTP. You may be wondering just what the PASV request is used for and what the odd looking response from the server is supposed to mean. When the client sends a PASV request, the server opens up a temporary socket and sends a reply to the client which informs the client of port to connect to. The reply would look like this:

PASV 227 Entering passive mode (206,84,161,87,28,46)

The numbers in the parentheses play an important role. The numbers separated by the first four commas make up the IP address to connect to. In this example, the IP would be 206.84.161.87. The remaining numbers specify which port to connect to. Usually, this is done by multiplying the first number by 256 and adding the second number. In this example, the port number would be 7214 (28*256+46= 7214). Now that the server has replied to the PASV request, two channels are open: the first (the original one) is the “communication channel” where the requests are sent and the second is the “data channel” where the data is transfered.

The PORT request is similar to the PASV request, however, when the client sends a PASV request, the server opens another socket and the client connects to it. When a client sends a PORT request, the server connects to the client—usually on port 20.

With the advent of IPv6, you may be wondering how FTP will be carried out since the servers are replying to the PASV requests with an IPv4 IP. One solution, proposed by D. Bernstein, would be to have IPv6 servers send a nonexistent IP address and have IPv6 clients ignore the IP and skip straight to the port number. This way, older clients using IPv4 will connect to a fake IP and give up trying to connect to the server.

Now that you know how FTP works, I'll show you how to log into a server, look around, and then get a file. Before I begin, I should tell you about anonymous FTP servers. An anonymous FTP server is just like a normal server, however, you can login using the username “anonymous” and an e-mail as the password. In this example, I'll use a fake e-mail of guest@guest.com. Most anonymous FTP servers only read up to the @ sign, so if you're lazy you can just type in “guest@”. A lot of sites offer anonymous FTP because it is an easy way to let the public get files without assigning each person a login. On with the example!

First, I connect to the server and send my username and password.

220 SpiderMan's FTP server. Please login!
USER anonymous
331 Anonymous login okay, send e-mail as password.
PASS guest@guest.com
230 Password accepted, logged in as anonymous.

Now that I'm in, I'll change to the “files” directory and download a file.

CWD ./files
250 CWD command successful.
TYPE I
200 Type set to I
PASV
227 Entering passive mode (210,52,165,168,15,26)
RETR code.zip
150 Opening BINARY mode data connection for code.zip
226 Transfer complete

I've got the file I want, now I'll move up to the parent directory, move to another directory, and download another file.

CWD ..
250 Okay
CWD ./jokes
250 CWD command successful.
TYPE A
200 Type set to A
PASV
227 Entering passive mode (210,52,165,168,15,26)
RETR jokes.txt
150 Opening ASCII mode data connection for jokes.txt
226 Transfer complete

I got the two files I wanted, so now I'll logout.

QUIT
221 Goodbye, please come back!


Further Reading:


  • RFC 959
  • The FTP Handbook
  • The WarFTP FTP resource site
Conclusion:


And so ends yet another text file. As always, if you find any errors or have any comments please send them to spiderman@witty.com. Please direct all questions to the message board. Until next time...

Credits


Blacksun Research Facilitiy
http://blacksun.box.sk
http://spidrman.cjb.net/
SpiderMan (spiderman@witty.com)
Last updated: 11/01/01