A brief Introduction to the File Transfer Protocol (FTP)

Basic concepts
The File Transfer Protocol (FTP) specification was created to transfer files reliably and efficiently between incompatible computer systems. An FTP conversation consists of commands sent by the client software (eg. FTPShell Client) and responses sent by the server software (eg. FTPShell server).

After the client connects, the server sends a response to the client, either accepting or rejecting the connection. This initial response is called the greeting. If the server accepts the connection, the client sends commands to the server. The server sends one or more responses to the client.

Commands and Responses
An FTP command is a string of bytes. It contains a verb consisting of alphabetic ASCII characters, a space followed optionally by a parameter and a terminating character sequence(\r\n).

The server's response consists of one or more lines. Each line is terminated by a terminating character(\r\n). The last line of the response contains a three digit ASCII code. Codes between 100 and 199 indicate marks, codes between 200 and 399 indicate acceptance while codes between 400 and 599 indicate rejection.

Usernames, Passwords, and Files
An FTP server provides access to a collection of files. Each file is identified by a server-defined username and a server-defined pathname. Many servers provide public files under the standard username anonymous. Most of these servers demand a password, but allow any password that ends with @. FTP defines three types of files - text files, binary files, and directories.

The client normally begins each FTP connection with a USER request, then, depending on the servers response, a PASS request. A USER request has a parameter showing a username. A PASS request has a parameter called a password.

Mechanics of file transfer
An FTP session consists of two separate network connections known as the control connection and the data connection. Both the control and data connections use TCP. The use of separate connections enables selection of different qualities of service e.g. minimum delay for the control connection and maximum throughput for the data connection.

Data transfer is always initiated by the client though either may supply the data (download vs upload). The data transfer mechanism is also used to transfer directory listings. A RETR request asks the server to send the contents of a file over the data connection. The RETR parameter is the pathname of the file. The file is transferred either in binary or text mode, depending on the most recent TYPE request.

To resume downloads, the REST request is used with a file size parameter. If the file size parameter is n, the server will omit the first n bytes of the data that it sends through the data connection. To upload files, a STOR request is issued. A STOR request asks the server to read the contents of a file from the data connection. The STOR parameter is the pathname of the file. To resume uploads the APPE command is used. APPE is similar to STOR except that if the file already exists, the server appends the client's data to the file.

The Passive Mode
In a normal connection, the data connection is established by the server. However, if the client is accessing the server through a client-side firewall, the security features of the firewall will not allow the remote server to connect to a data port. Hence the passive mode (PASV request) needs to be used. In a PASV connection, the data connection is established by the client. The server responds back to the client with a port number that it has allocated. The client then initiates the data connection to the IP address and port number provided by the FTP server.

Furthur reading
Implementation details of the FTP protocol including various reference documents are available here. A comprehensive list of all FTP commands and their descriptions is available here. Information on a simple FTP scripting language is available here