Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
SDN 101: An Introduction to Software Defined Networking
Discover the advantages of SDN.
SDN has quickly become one of the hottest trends in IT. But not all SDN solutions offer real software-defined functionality. As more enterprises consider SDN, they want to know, “What is SDN? And what are the real benefits?” If you're ready to explore the advantages of SDN, and want to know how it should be implemented within your enterprise, start by reading our introductory white paper.
Click Here to receive this Complete Guide absolutely free.
FWIW: I have never been able to "write/put" to the linux based tftpd, just read. Although, when using the Solarwinds tftpd server on my XP box, I can read/write files without any problems from my cisco routers/switches. If you ever get tftpd writes working, I would like to know the solution. To me, this is a permissions based problem on the directories, but I have even done chmod 777 on /tmp and /tftpboot directories during my tests, but still no cigar.
If you need to backup your cisco device, I would suggest using the tftp client on your linux box and pull/get the startup-config from your cisco device. Thats what I ended up doing at my end (I admin a little over 100 cisco routers/switches). I simply wrote a shell script that loops for each cisco device listed in a variable. Then I added this script to the daily cron job.
Oops! Missed the part about the PIX. So my previous reply is probably useless.
In order for me to backup my PIX's, I currently have to use the solarwinds tftp server on my XP box (I know!). I added this step as part of my change control procedures, since I cannot pull the pix startup-config using the shell script that I use for my routers/switches.
FWIW: The following is a copy/paste of my manual process of backing up a PIX device using the solarwinds tftp server:
pix-idc# sh ver
Cisco PIX Security Appliance Software Version 7.0(2)
Device Manager Version 5.0(1)
Compiled on Fri 15-Jul-05 22:55 by builders
System image file is "flash:/pix-702.bin"
Config file at boot was "startup-config"
pix-idc# copy startup-config tftp:
Address or name of remote host ? 192.168.32.10
Destination filename [startup-config]?
28544 bytes copied in 2.600 secs (14272 bytes/sec)
Again, if you ever get the linux tftpd server working for writes, I would be interested in the solution. It would be nice to backup the PIX's directly to my linux box where all other cisco device startup-configs are stored.
Oh darn, i guess i will have to back it up through windows. But i will not give up. And yes, i have given even chmod 777 and disabled the firewall on linux, to no avail. I followed every step on cisco related material, and nothing seems to work.
Using debian and the regular NSA TFTPD downloaded with apt-get install tftpd, the configuration for TFTPd is held in /etc/inetd.conf. I am not sure where the read or read-write is defined for the running server but the following may help you:
To write a file to the TFPTd server, the file must already exist and have world writable attribute. This where you can control read or read write permissions also...
Sorry i haven't replied in a while. I am doing it again. I will not stop now until i get it done. I will be trying all these things you have written down here; i will also post back whatever i find, and hopefully, the way to get tftp working with the pix.
I'll keep you guys posted.
Ok, i performed the actions you suggested here. Installed the tftp server, configured /etc/xined.d/tftp, created the file /tftpboot/pix.cfg and gave a+rw permissions to it. I also went into System Settings > Security Level > SELinux and checked the box under 'SELinux Service Protection' that says 'Disable SELinux protection for tftpd daemon'.
The /etc/xinetd.d/tftp file i wrote looks like this:
# default: off
# description: The tftp server serves files using the trivial file transfer \
# protocol. The tftp protocol is often used to boot diskless \
# workstations, download configuration files to network-aware printers, \
# and to start the installation process for some operating systems.
socket_type = dgram
protocol = udp
wait = yes
user = root
server = /usr/sbin/in.tftpd
server_args = -c -s /tftpboot
disable = no
per_source = 11
cps = 100 2
Notice that i have the -c option in server_args to make sure i have write privileges. I don't know what else to do.
Source filename [running-config]?
Address or name of remote host [192.168.220.214]?
Destination filename [pix.cfg;int=inside]?
Cryptochecksum: 1cad74ed d34a66f8 c96a4a09 56890a74
%Error writing tftp://192.168.220.214//pix.cfg;int=inside (Forbidden directory)
Dude, this is a different error message; now i have 'forbidden directory'. It did apparently find something deeper than access to the machine itself. Now the problem could be directory permissions. I will 'chmod 777 /tftpboot' to see what happens. I'll post back with the results.
So, nothing changed after performing chmod. I don't know if there is a particular line one has to change in some file to tell it to store in /tftpboot directory. I guess that's gotta be a default path, which i know it is. And the directory has permissions to do anything:
'drwxrwxrwx 2 nobody nobody 4096 Dec 11 16:16 tftpboot'
Could the fact that 'nobody' owns the directory and that user in /etc/xinetd.d/tftp is 'root' be the cuase of this problem?