Hello freebsd-stable, I've got a problem with tftpd - when somebody wants to get file this fails with timeout messages. load# tftp localhost tftp> get pxeboot Transfer timed out. I run tftpd from inetd.conf: tftp dgram udp wait root /usr/libexec/tftpd tftpd -ls /usr/tftpboot -u nobody Here is strings from rc.conf about inetd: inetd_enable="YES" inetd_flags="-s 1" tftp writes logs to /var/log/ftp. Here is related record about those request: Oct 28 11:09:29 load tftpd[77002]: 172.16.3.15: read request for //pxeboot: success At all, after read request tftpd is running in some instances: load# ps -aux | grep 'tftpd' nobody 9568 0,0 0,2 1008 592 ?? S 12:28 0:00,00 tftpd -ls /usr/tftpboot -u nobody nobody 9556 0,0 0,2 1008 592 ?? S 12:28 0:00,00 tftpd -ls /usr/tftpboot -u nobody nobody 9542 0,0 0,2 1008 592 ?? S 12:28 0:00,00 tftpd -ls /usr/tftpboot -u nobody nobody 9530 0,0 0,2 1008 592 ?? S 12:28 0:00,00 tftpd -ls /usr/tftpboot -u nobody nobody 9526 0,0 0,2 1008 592 ?? I 12:28 0:00,00 tftpd -ls /usr/tftpboot -u nobody What is wrong? -- Best wishes, Maxim V. Tretjyakov Network administrator and telephony engineer Enterprise Sukhov tel.: +7 3512 672969 fax.: +7 3512 672969 mailto:knyaz@dom-sp.ru
On Sat, Oct 30, 2004 at 05:51:02PM +0600 I heard the voice of Maxim V Tretjyakov, and lo! it spake thus:> > What is wrong?Firewall? -- Matthew Fuller (MF4839) | fullermd@over-yonder.net Systems/Network Administrator | http://www.over-yonder.net/~fullermd/ "The only reason I'm burning my candle at both ends, is because I haven't figured out how to light the middle yet"
Hello freebsd-stable, tftp-client connects to server from local ethernet network or localhost and recieves timeout any time. I post it there: load# tftp localhost tftp> get pxeboot Transfer timed out. About firewall, here are rules. rl0 sees internal network and rl1 - external. As i see it isn't drop tftp packets. load# ipfw show 00100 0 0 deny tcp from any to any 135 00200 0 0 deny tcp from any to any 137 00300 45 2160 deny tcp from any to any 139 00400 2040 97920 deny tcp from any to any 445 00500 0 0 deny udp from any to any 135 00600 7815 676440 deny udp from any to any 137 00700 0 0 deny udp from any to any 139 00800 0 0 deny udp from any to any 445 00900 0 0 deny icmp from any to any in icmptype 9,13,14,15,16,17 01000 0 0 deny ip from any to 0.0.0.0/8 via rl1 01100 0 0 deny ip from any to 169.254.0.0/16 via rl1 01200 0 0 deny ip from any to 192.0.2.0/24 via rl1 01300 0 0 deny ip from any to 198.18.0.0/15 via rl1 01400 0 0 deny ip from any to 224.0.0.0/4 via rl1 01500 3 144 deny ip from any to 10.0.0.0/8 via rl1 01600 0 0 deny ip from any to 172.16.0.0/12 via rl1 01700 0 0 deny ip from any to 240.0.0.0/4 via rl1 01800 41532 3467663 allow tcp from 172.16.3.22 to me 22 via rl0 01900 0 0 allow tcp from 172.16.3.2 to me 22 via rl0 02000 0 0 allow tcp from 172.16.3.18 to me 22 via rl0 02100 0 0 allow tcp from 172.16.3.28 to me 22 via rl0 02200 74 4466 allow tcp from 172.16.3.9 to me 22 via rl0 02300 0 0 allow tcp from 172.16.1.220 to me 22 via rl0 02400 0 0 allow tcp from 172.16.1.238 to me 22 via rl0 02500 0 0 deny tcp from any to me 22 02600 0 0 allow tcp from 172.16.1.0/24 to me 20,21 via rl0 02700 370545 523976007 allow tcp from 172.16.3.0/24 to me 20,21 via rl0 02800 0 0 allow tcp from 212.57.164.64/26 to me 20,21 via rl0 02900 0 0 allow tcp from 83.164.86.0/24 to me 20,21 via rl0 03000 0 0 allow tcp from 62.165.36.56/30 to me 20,21 via rl0 03100 0 0 deny tcp from any to me 20,21 03200 4358843 1952438540 divert 8668 ip from any to any via rl1 65535 111202688 57901604051 allow ip from any to any At all, here is uname -a of a machine with tftpd: load# uname -a FreeBSD load.dom-sp.ru 4.10-STABLE FreeBSD 4.10-STABLE #6: Fri Jul 23 16:41:07 YEKST 2004 knyaz@kl-nat.dom-sp.ru:/usr/src/sys/compile/MYCONF i386 Also, tcpdump sees repeating RRQ requests, when i try to get file from my workstation: load# tcpdump port tftp tcpdump: listening on rl0 23:36:04.043609 tmv-dialup.cadkey-tablet > load.dom-sp.ru.tftp: 19 RRQ "pxeboot" 23:36:05.059834 tmv-dialup.cadkey-tablet > load.dom-sp.ru.tftp: 19 RRQ "pxeboot" 23:36:07.045206 tmv-dialup.cadkey-tablet > load.dom-sp.ru.tftp: 19 RRQ "pxeboot" 23:36:11.062940 tmv-dialup.cadkey-tablet > load.dom-sp.ru.tftp: 19 RRQ "pxeboot" 23:36:19.067046 tmv-dialup.cadkey-tablet > load.dom-sp.ru.tftp: 19 RRQ "pxeboot" 23:36:27.071147 tmv-dialup.cadkey-tablet > load.dom-sp.ru.tftp: 19 RRQ "pxeboot" 23:36:35.247173 tmv-dialup.cadkey-tablet > load.dom-sp.ru.tftp: 19 RRQ "pxeboot" 23:36:43.079383 tmv-dialup.cadkey-tablet > load.dom-sp.ru.tftp: 19 RRQ "pxeboot" 23:36:51.083506 tmv-dialup.cadkey-tablet > load.dom-sp.ru.tftp: 23 ERROR EUNDEF timeout on receive" ^C 345 packets received by filter 0 packets dropped by kernel -- Best wishes, Maxim V. Tretjyakov Network administrator and telephony engineer Enterprise Sukhov tel.: +7 3512 672969 fax.: +7 3512 672969 mailto:knyaz@dom-sp.ru
Maxim V Tretjyakov wrote:> Hello freebsd-stable, > > I've got a problem with tftpd - when somebody wants to get file this > fails with timeout messages. > load# tftp localhost > tftp> get pxeboot > Transfer timed out. > > What is wrong?Do you have an entry for tftpd in /etc/hosts.allow ? R.
Hello freebsd-stable,> Do you have an entry for tftpd in /etc/hosts.allow ?Yes, there is: ALL : ALL : allow I never changed this file. -- Best wishes, Maxim V. Tretjyakov Network administrator and telephony engineer Enterprise Sukhov tel.: +7 3512 672969 fax.: +7 3512 672969 mailto:knyaz@dom-sp.ru