在远端机房换了新的F5之后，就发现了一个奇怪的现象，向远端进行FTP的时候，LINUX环境可以顺利执行，而Solaris环境，FTP则没有响应。

对于Solaris环境下，FTP可以登陆成功，但是执行任何需要访问远端站点的操作，FTP会话就HANG住了，除非执行CTRL+C，否则不会自动退出：

bash-2.03$ uname -a
SunOS datat1 5.8 Generic_117350-46 sun4u sparc SUNW,Sun-Fire-480R
bash-2.03$ ftp 172.0.2.60
Connected to 172.0.2.60.
220 unknown FTP server (SunOS 5.8) ready.
Name (172.0.2.60:oracle): oracle
331 Password required for oracle.
Password:
230 User oracle logged in.
ftp> ls
200 PORT command successful.
^C
421 Service not available, remote server has closed connection

而对于Linux环境而言，访问相同站点，同样的操作却没有任何的问题：

[oracle@bjtest data]$ uname -a
Linux bjtest 2.6.18-8.el5xen #1 SMP Tue Jun 5 23:53:34 EDT 2007 x86_64 x86_64 x86_64 GNU/Linux
[oracle@bjtest data]$ ftp 172.0.2.60
Connected to 172.0.2.60.
220 unknown FTP server (SunOS 5.8) ready.
500 'AUTH GSSAPI': command not understood.
500 'AUTH KERBEROS_V4': command not understood.
KERBEROS_V4 rejected as an authentication type
Name (172.0.2.60:oracle): oracle
331 Password required for oracle.
Password:
230 User oracle logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (172,0,2,60,129,247)
150 ASCII data connection for /bin/ls (172.25.198.230,48588) (0 bytes).
total 10284856
drwxr-xr-x 8 oracle dba 1536 Apr 29 16:51 .
drwxr-xr-x 5 root other 512 Dec 19 2006 ..
-rw------- 1 oracle dba 102 May 21 2007 .Xauthority
-rw------- 1 oracle dba 7454 Jun 20 10:23 .bash_history
-rw-r--r-- 1 oracle dba 321 May 22 2007 .profile
drwxr-xr-x 2 oracle dba 512 May 21 2007 .vnc
-rw-r--r-- 1 oracle dba 917512192 Dec 13 2006 10gr2_db_sol.cpio
.
.
.
-rw-r--r-- 1 oracle dba 4091 Mar 26 15:38 zxjy2008_20080326_from60_exp.log
226 ASCII Transfer complete.

为了定位问题的原因，在两个FTP会话连接后，都执行了一下STATUS命令：

ftp> quit
bash-2.03$ ftp 172.0.2.60
Connected to 172.0.2.60.
220 unknown FTP server (SunOS 5.8) ready.
Name (172.0.2.60:oracle): oracle
331 Password required for oracle.
Password:
230 User oracle logged in.
ftp> status
Connected to 172.0.2.60.
No proxy connection.
Mode: stream; Type: ascii; Form: non-print; Structure: file
Verbose: on; Bell: off; Prompting: on; Globbing: on
Store unique: off; Receive unique: off
Case: off; CR stripping: on
Ntrans: off
Nmap: off
Hash mark printing: off; Use of PORT cmds: on

上面的是Solaris下ftp的status状态，而下面是Linux下ftp的status状态：

ftp> status
Connected to 172.0.2.60.
Control Channel Protection Level: clear
Data Channel Protection Level: clear
Passive mode on
Mode: stream; Type: binary; Form: non-print; Structure: file
Store unique: off; Receive unique: off
Case: off; CR stripping: on
Ntrans: off
Nmap: off
No proxy connection.
Hash mark printing: off; Use of PORT cmds: on
Verbose: on; Bell: off; Prompting: on; Globbing: on

对比二者的差别，最终发现，Linux环境下的ftp的PASSIVE模式为ON，通过查看FTP的在线文档，可以看到设置PASSIVE模式为ON，可以用来访问防火墙之后的主机，而这正是当前的情况。

passive
Toggle passive data transfer mode off. In passive mode, the client initiates the data connection by connecting to the data port. Passive mode is often necessary for operation from behind firewalls which do not permit incoming connections, but may need to be disabled if you connect to an FTP server which does not support passive operation.

由于Solaris的版本比较低，因此没有这个选项，不过在Solaris 10中，FTP已经有这个选项了：

$ uname -a
SunOS ahrac1 5.10 Generic_118833-33 sun4u sparc SUNW,Sun-Fire-V490
$ ftp 172.0.2.60
Connected to 172.0.2.60.
220 unknown FTP server (SunOS 5.8) ready.
Name (172.0.2.60:root): oracle
331 Password required for oracle.
Password:
230 User oracle logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> status
Connected to 172.0.2.60.
No proxy connection.
Not authenticated.
Mechanism: kerberos_v5
Autoauth: off; Autologin: on
Control Channel Protection Level: clear
Data Channel Protection Level: clear
Passive mode: off.
Mode: stream; Type: binary; Form: non-print; Structure: file
Verbose: on; Bell: off; Prompting: on; Globbing: on
Store unique: off; Receive unique: off
Case: off; CR stripping: on
Ntrans: off
Nmap: off
Hash mark printing: off; Use of PORT cmds: on