我试图在CentOS 6上从xinetd运行tftpd ; 不过,我只能从本地tftp。
我有/opt/tftpboot/fw.test.conf文件,我可以检索如果我tftp本地主机:
[mpenning@localhost ~]$ tftp localhost tftp> get fw.test.conf tftp> quit [mpenning@localhost ~]$ ls fw.test.conf [mpenning@localhost ~]$
但是,如果我在此服务器上连接到eth1 ,则无法接收此文件( eth1上的地址为172.16.1.4)。
[mpenning@localhost ~]$ sudo tshark -i eth1 udp and host 172.16.1.5 Running as user "root" and group "root". This could be dangerous. Capturing on eth1 0.000000 172.16.1.5 -> 172.16.1.4 TFTP Read Request, File: fw.test.conf\000, Transfer type: netascii\000 5.000133 172.16.1.5 -> 172.16.1.4 TFTP Read Request, File: fw.test.conf\000, Transfer type: netascii\000 10.000184 172.16.1.5 -> 172.16.1.4 TFTP Read Request, File: fw.test.conf\000, Transfer type: netascii\000 15.000297 172.16.1.5 -> 172.16.1.4 TFTP Read Request, File: fw.test.conf\000, Transfer type: netascii\000 20.000331 172.16.1.5 -> 172.16.1.4 TFTP Read Request, File: fw.test.conf\000, Transfer type: netascii\000 ^C5 packets captured [mpenning@localhost ~]$
我有以下的xinetdconfiguration:
[root@localhost mpenning]# cat /etc/xinetd.d/tftp # default: off # description: The tftp server serves files using the trivial file transfer \ # protocol. The tftp protocol is often used to boot diskless \ # workstations, download configuration files to network-aware printers, \ # and to start the installation process for some operating systems. service tftp { socket_type = dgram protocol = udp wait = yes user = root server = /usr/sbin/in.tftpd server_args = -s /opt/tftpboot disable = no per_source = 11 cps = 100 2 flags = IPv4 } [root@localhost mpenning]#
在生产环境中,您希望特别允许TFTP通过防火墙。 这可以通过运行system-config-firewall-tui ,定制防火墙并select“TFTP”服务来完成。
CentOS阻止入站UDP tftp请求与iptables在以太网接口默认情况下…禁用iptables服务解决了这个问题(这是一个实验室机器,所以禁用iptables是好的)。
[root@localhost mpenning]# chkconfig iptables off [root@localhost mpenning]# /etc/init.d/iptables stop [root@localhost mpenning]#