4

I have looked at the following questions without success:

I've tried using tftp-hpa, atftpd and tftp. I've returned to tftp as using the others made no difference.

So far I have:

Installed tftp

sudo apt-get install xinetd tftpd tftp

Set up /etc/xinetd.d/tftp

service tftp
{
protocol        = udp
port            = 69
socket_type     = dgram
wait            = yes
user            = nobody
server          = /usr/sbin/in.tftpd
server_args     = /tftpboot
disable         = no
}

Created the /tftpboot folder and ran the following for it:

sudo chmod -R 777 /tftpboot
sudo chown -R nobody /tftpboot

I have allowed port 69 through iptables:

sudo iptables -A INPUT -p tcp --dport 69 -j ACCEPT
sudo iptables -A INPUT -p udp --dport 69 -j ACCEPT
sudo iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:tftp
ACCEPT     udp  --  anywhere             anywhere             udp dpt:tftp

and restarted the service:

sudo /etc/init.d/xinetd restart

I can connect fine using localhost (same result if I explicitly use 127.0.0.1):

tftp localhost
tftp> status
Connected to localhost.
Mode: netascii Verbose: off Tracing: off
Rexmt-interval: 5 seconds, Max-timeout: 25 seconds
tftp> get test
Received 21 bytes in 0.0 seconds
tftp> quit

However, none of my colleagues can access it from their machines (same network, same subnet mask) and, most importantly, I can't access it from the embedded board that I need it for (ethernet cables plugged into same switch). I've been googling for hours and haven't found a fix yet.

The fact that it works locally would suggest its a firewall/port problem but port 69 is allowed on iptables and I'm not sure what else I an do.

Community
  • 1
Alex Meuer
  • 175
  • 2
  • 2
  • 7
  • 1
    Can you try telnet from your colleague for port 69 to your machine? If it does/doesn't work, let me know. – Gen Jul 06 '16 at 09:52
  • So how do you connect to this server from the other machine? Do you use that 127-address, or the actual public local address? Do you set the 69 port? Most clients expect port 21. You should give us those details! – SPRBRN Jul 06 '16 at 10:03
  • I'm using `tftp 10.42.143.17` from another pc, and `load -b tftp://10.42.243.17/zbimage-linux-xload` from the embedded system. According to other questions and tutorials udp port 69 is the default for tftp. – Alex Meuer Jul 06 '16 at 10:22
  • @Gen Telnet on port 69 fails. – Alex Meuer Jul 06 '16 at 10:34
  • @AlexMeuer this means problem is at firewall inside your server or router. To be sure make same iptables rules for output, just change `INPUT` to `OUTPUT` and let me know if problem still exist. – Gen Jul 06 '16 at 10:39
  • @Gen Adding the OUTPUT rules fixed my problem. Thank you so much! – Alex Meuer Jul 06 '16 at 10:46
  • With problems like these, disable the firewall, then test again. – SPRBRN Jul 06 '16 at 10:56

1 Answers1

2

Since you have only INPUT rules, which means you only accept incoming traffic from port 69 but you have traffic going out aswell, that means you need to ACCEPT outgoing traffic aswell.

sudo iptables -A OUTPUT -p tcp --dport 69 -j ACCEPT
sudo iptables -A OUTPUT -p udp --dport 69 -j ACCEPT
Gen
  • 923
  • 7
  • 12