Re: -s /tftpboot path in xinetd.d/tftp file

From: Mark Sargent (powderkeg_at_snow.email.ne.jp)
Date: 03/23/05

  • Next message: gaurav: "Linux ISA client" 
    Date: Wed, 23 Mar 2005 15:28:15 +0900
To: For users of Fedora Core releases <fedora-list@redhat.com>

    Mark Sargent wrote:

    > Alexander Apprich wrote:
    >
    >> Mark,
    >>
    >> Mark Sargent wrote:
    >>
    >>> Hi All,
    >>>
    >>> does the -s in the path in this file represent a soft link.? If so,
    >>> where would I find this link's path..?
    >>>
    >>> [root@localhost xinetd.d]# cat tftp
    >>> service tftp
    >>> {
    >>> socket_type = dgram
    >>> protocol = udp
    >>> wait = yes
    >>> user = root
    >>> server = /usr/bin/tftp
    >>> server_args = -s /tftpboot
    >>> disable = no
    >>> per_source = 11
    >>> cps = 100 2
    >>> }
    >>>
    >>> Doing a find / -name tftpboot -print gives the following,
    >>>
    >>> [root@localhost xinetd.d]# find / -name tftpboot -print
    >>> /var/tftpboot
    >>> /var/tftpboot/tftpboot
    >>>
    >>> Is one of those the link's location.? Cheers.
    >>>
    >>
    >> according to man tftpd
    >>
    >> -s Change root directory on startup. This means the remote host
    >> does not need to pass along the directory as part of the
    >> transfer, and may add security. When -s is specified, exactly one
    >> directory should be specified on the command line.
    >> The use of this option is recommended for security as well as
    >> compatibility with some boot ROMs which cannot be easily
    >> made to include a directory name in its request.
    >>
    >>
    >>> Mark Sargent.
    >>>
    >> Hth
    >>
    >> Alex
    >>
    > Hi All,
    >
    > Alex, if I'm trying to upload a running-config file of a cisco switch to
    > /tftpboot, what do I specify at the switches prompt,
    >
    > Switch>en
    > Switch#copy run tftp
    > Address or name of remote host []? 192.168.168.12
    > Destination filename [running-config]? running-config
    >
    > Is this correct, above.? I can't seem to get it to work.
    >
    > Switch#copy run tftp
    > Source filename [running-config]? running-config
    > Destination IP address or hostname []? 192.168.168.12
    > Destination filename [running-config]? running-config
    > Building configuration...
    > .....
    > %Error opening tftp://192.168.168.12/running-config (Undefined error)
    >
    > Cheers.
    >
    >
    Hi All,

    please see the below content of my post to a general linux web forum for
    this. It is in more detail. Cheers.

    Mark Sargent.

    ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

    Hi All,

    I'm still having problems with this. I can successfully tftp on Windows,
    which disappoints me even more. I have uninstalled-re-installed the rpm
    from dagwieer. I have configured the xinetd.d/tftp file.

    [root@localhost tftpboot]# cat /etc/xinetd.d/tftp
    service tftp
    {
    socket_type = dgram
    protocol = udp
    wait = yes
    user = root
    server = /usr/bin/tftp
    server_args = -s /tftpboot
    disable = no
    per_source = 11
    cps = 100 2
    }

    And allowed access from the switch via firestarter. But, still, I get
    the undefined error message,

    Switch#copy run tftp
    Source filename [running-config]? running-config
    Destination IP address or hostname []? 192.168.168.12
    Destination filename [running-config]? tftpboot/running-config
    Building configuration...
    .....
    %Error opening tftp://192.168.168.12/tftpboot/running-config (Undefined
    error)

    I've also tried this with Destination filename as just running-config
    which is the file name in the tftpboot dir,

    [root@localhost tftpboot]# ls -alh
    total 8.0K
    drwxr-xr-x 2 root root 4.0K Mar 22 17:48 .
    drwxr-xr-x 24 root root 4.0K Mar 23 12:49 ..
    -rwxrwxrwx 1 root root 0 Mar 22 17:48 running-config

    which has the correct permissions, I believe. I'm rather stumped on this.

    I see the switch accessing the PC via tethereal,

    13.477954 192.168.168.1 -> 192.168.168.12 TFTP Write Request, File:
    running-config, Transfer type: octet
    14.001489 Cisco_6b:d7:81 -> Spanning-tree-(for-bridges)_00 STP Conf.
    Root = 32768/00:d0:79:6b:d7:80 Cost = 0 Port = 0x800d
    16.002249 Cisco_6b:d7:81 -> Spanning-tree-(for-bridges)_00 STP Conf.
    Root = 32768/00:d0:79:6b:d7:80 Cost = 0 Port = 0x800d
    17.478025 192.168.168.1 -> 192.168.168.12 TFTP Write Request, File:
    running-config, Transfer type: octet
    18.001950 Cisco_6b:d7:81 -> Spanning-tree-(for-bridges)_00 STP Conf.
    Root = 32768/00:d0:79:6b:d7:80 Cost = 0 Port = 0x800d
    20.002158 Cisco_6b:d7:81 -> Spanning-tree-(for-bridges)_00 STP Conf.
    Root = 32768/00:d0:79:6b:d7:80 Cost = 0 Port = 0x800d
    22.002374 Cisco_6b:d7:81 -> Spanning-tree-(for-bridges)_00 STP Conf.
    Root = 32768/00:d0:79:6b:d7:80 Cost = 0 Port = 0x800d
    22.479865 192.168.168.1 -> 192.168.168.12 TFTP Write Request, File:
    running-config, Transfer type: octet
    24.002581 Cisco_6b:d7:81 -> Spanning-tree-(for-bridges)_00 STP Conf.
    Root = 32768/00:d0:79:6b:d7:80 Cost = 0 Port = 0x800d
    26.002813 Cisco_6b:d7:81 -> Spanning-tree-(for-bridges)_00 STP Conf.
    Root = 32768/00:d0:79:6b:d7:80 Cost = 0 Port = 0x800d
    28.004524 Cisco_6b:d7:81 -> Spanning-tree-(for-bridges)_00 STP Conf.
    Root = 32768/00:d0:79:6b:d7:80 Cost = 0 Port = 0x800d
    28.480521 192.168.168.1 -> 192.168.168.12 TFTP Write Request, File:
    running-config, Transfer type: octet

    and netstat -nutlp shows xined listening on port 69,

    udp 0 0 0.0.0.0:69 0.0.0.0:* 4924/xinetd
    udp 0 0 0.0.0.0:69 0.0.0.0:* 4924/xinetd

    With the amount of devices that need tftp to work, I'm looking at the
    prospect of switching back to, arrrgh, Windows. The only thing I can
    think of, is, maybe, with having 2 nics, perhaps I need to tell xined to
    listen on eth1, not eth0. Is this possible..? Cheers. 

    -- 
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
  • Next message: gaurav: "Linux ISA client"