The OpenNET Project / Index page

[ новости /+++ | форум | wiki | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

tftp-proxy (8)
  • >> tftp-proxy (8) ( FreeBSD man: Команды системного администрирования )

  • BSD mandoc
     

    NAME

    
    
    tftp-proxy
    
     - Internet Trivial File Transfer Protocol proxy
    
     
    

    SYNOPSIS

    tftp-proxy [-v ] [-w transwait ]  

    DESCRIPTION

    tftp-proxy is a proxy for the Internet Trivial File Transfer Protocol invoked by the inetd(8) internet server. TFTP connections should be redirected to the proxy using the pf(4) rdr command, after which the proxy connects to the server on behalf of the client.

    The proxy establishes a pf(4) rdr rule using the anchor facility to rewrite packets between the client and the server. Once the rule is established, tftp-proxy forwards the initial request from the client to the server to begin the transfer. After transwait seconds, the pf(4) NAT state is assumed to have been established and the rdr rule is deleted and the program exits. Once the transfer between the client and the server is completed, the NAT state will naturally expire.

    Assuming the TFTP command request is from $client to $server, the proxy connected to the server using the $proxy source address, and $port is negotiated, tftp-proxy adds the following rule to the anchor:

    rdr proto udp from $server to $proxy port $port - $client
    

    The options are as follows:

    -v
    Log the connection and request information to syslogd(8).
    -w transwait
    Number of seconds to wait for the data transmission to begin before removing the pf(4) rdr rule. The default is 2 seconds.

     

    CONFIGURATION

    To make use of the proxy, pf.conf5 needs the following rules. The anchors are mandatory. Adjust the rules as needed for your configuration.

    In the NAT section:

    nat on $ext_if from $int_if - ($ext_if:0)
    
    no nat on $ext_if to port tftp
    
    rdr-anchor "tftp-proxy/*"
    rdr on $int_if proto udp from $lan to any port tftp - \
        127.0.0.1 port 6969
    

    In the filter section, an anchor must be added to hold the pass rules:

    anchor "tftp-proxy/*"
    

    inetd(8) must be configured to spawn the proxy on the port that packets are being forwarded to by pf(4). An example inetd.conf5 entry follows:

    127.0.0.1:6969  dgram   udp     wait    root \
            /usr/libexec/tftp-proxy tftp-proxy
    
     

    SEE ALSO

    tftp(1), pf(4), pf.conf5, ftp-proxy8, inetd(8), syslogd(8), tftpd(8)  

    CAVEATS

    tftp-proxy chroots to /var/empty and changes to user ``proxy'' to drop privileges.


     

    Index

    NAME
    SYNOPSIS
    DESCRIPTION
    CONFIGURATION
    SEE ALSO
    CAVEATS


    Поиск по тексту MAN-ов: 




    Партнёры:
    PostgresPro
    Inferno Solutions
    Hosting by Hoster.ru
    Хостинг:

    Закладки на сайте
    Проследить за страницей
    Created 1996-2024 by Maxim Chirkov
    Добавить, Поддержать, Вебмастеру