Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
07-14-2003, 10:18 AM
|
#1
|
LQ Newbie
Registered: Jul 2003
Location: Bangalore, INdia
Distribution: Redhat Linux
Posts: 9
Rep:
|
tftp - "Destination Unreachable" due to "Port Unreachable"
I am trying to connect my Redhat Linux 8.0 PC to a BDI2000 (Hardware Debugger) there i have to do some init work and then then BDI2000 will read a config file using tftp. i am able to do the init work and connect do BDI2000 using telnet but when the file request comes from bdi2000 using tftp protocol , its telling that file is not found
but when i captured the packet data using ethereal and analysed i found that the connection to port 69 cannot be established and due to that its timing out the operation
i tried to disable the firewall using lokkit, but its not saving the setting (again when i am going there security level is high)
what should i do for that my BDI2000 will connect to the tftp port 69
|
|
|
07-14-2003, 02:00 PM
|
#2
|
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658
Rep:
|
RH8 has a "bug" that no matter what level you set the lokkit firewall at, the firewall GUI will always say "high". If you change the level, it will indeed change the firewall settings, but the GUI will still say high. That being said, just turn iptables off using the command line:
su -
<enter root password>
service iptables stop
you might also need to put the ip address of the client in /etc/hosts.allow . Put an entry in like:
FTPD: 111.222.333.444 <- where this is the BDI2000
If iptables is indeed the problem, you'll need to write a rule to punch the BDI2000 through the firewall and then restart your firewall otherwise you'll be wide open.
HTH
|
|
|
07-15-2003, 12:05 PM
|
#3
|
LQ Newbie
Registered: Jul 2003
Location: Bangalore, INdia
Distribution: Redhat Linux
Posts: 9
Original Poster
Rep:
|
didnt work-- need more help
it didnt work
can you help me in punching through the firewall
i got some documents regarding frewall and
it confusing where to start with
|
|
|
07-17-2003, 09:52 PM
|
#4
|
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658
Rep:
|
If it still doesn't work after turning off iptables, then the problem is not with the firewall. It is likely that the TFTP daemon isn't on or isn't configured properly. Try the following commands on the TFTP server:
netstat -lan
If the TFTP daemon is on (and listening properly) you should see an entry for port 69. If you don't see an entry then the TFTP daemon isn't listening, so try and restart it. Also verify iptables is off using:
service iptables status
It should respond: iptables [OFF]
|
|
|
07-23-2003, 12:55 PM
|
#5
|
LQ Newbie
Registered: Jul 2003
Location: Bangalore, INdia
Distribution: Redhat Linux
Posts: 9
Original Poster
Rep:
|
IT WORKED!!!!
when i installed the previous time i had not installed tftp server by default
then i tried installing it by double clicking the rpm package..
may be something would have gone wrong
And since this was my only major work in this PC i reinstalled linux with no firewall option and i selected the tftp server while installing linux.. and after bringing up the linux i disabled iptables using ntsysv and rebooted the system
Then IT WORKED FINE
Thanks a lot Captain Caveman
|
|
|
07-24-2003, 10:36 AM
|
#6
|
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658
Rep:
|
Glad you got it to work!
Just don't forget to re-activate the iptables firewall, or your box will be an easy target for hackers. If you feel comfortable with iptables, you can write a firewall script yourself. If you like the GUI better, use the lokkit firewall program to build your iptables rules for you. Just make sure to make a custom rule that allows incoming tFTP traffic (port 69).
|
|
|
All times are GMT -5. The time now is 03:57 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|