Getting timeouts on TFTP on F15 as well as F14

Aaron Gray aaronngray.lists at gmail.com
Mon Oct 10 21:42:27 UTC 2011 

On 10 October 2011 22:20, Frantisek Hanzlik <franta at hanzlici.cz> wrote:

> Aaron Gray wrote:
> ...
> >
> >     4) if You use firewall (iptables), You should load nf_conntrack_tftp
> module,
> >     for tracking ephemeral ports. That means
> /etc/sysconfig/iptables-config should
> >     contain line as:
> >     ...
> >     IPTABLES_MODULES="nf_conntrack_tftp"
> >     ...
> >     (other module is for NATting tftp connection)
> >
> >
> > using localhost
>
> loopback (lo interface) is subject to firewall rules too. And Your tcpdump
> below show IP addresses 192.168.0.4 and 192.168.0.5 - they perhaps are not
> at lo loopback interface?
> Have You firewall active?
>

I wrote a firewall rule :-

-A INPUT -m state --state NEW -m udp -p udp --dport 69 -j ACCEPT


> >
> >
> >
> >     5) /var/log/messages should contain entries as:
> >     Oct 10 20:28:32 ns xinetd[1908]: START: tftp pid=5315
> from=192.168.1.22
> >     Oct 10 20:28:42 ns xinetd[1908]: EXIT: tftp status=0 pid=5315
> duration=10(sec)
> >
> >
> > Oct 10 21:09:07 gold xinetd[13402]: Exiting...
> > Oct 10 21:09:12 gold xinetd[13650]: xinetd Version 2.3.14 started with
> libwrap loadavg
> > labeled-networking options compiled in.
> > Oct 10 21:09:12 gold xinetd[13650]: Started working: 1 available service
>
> There isn't nothing about that xinetd starts tftp daemon. Mentioned
> "1 available service" is tftp?
> This command show only tftp:
>
> # grep '^[[:blank:]]*disable.*no' /etc/xinetd.d/*
> /etc/xinetd.d/tftp:     disable = no
>

I tested it and it is the only xinetd demon running

>
> Next command display some similar at Your server?:
> # netstat -a -n -p --ip|grep 69
> udp        0      0 0.0.0.0:69           0.0.0.0:*      1595/xinetd
>
> Can You post Your "/etc/xinetd.d/tftp" file?
>

Attached.


>
> >
> > is all I am getting in messages
> >
> > Checked tfpt is the only one enabled
> >
> >
> >
> >
> >     6) tcpdump on relevant interface (here eth0) should display traffic,
> >     at minimal incomming packet:
> >     # tcpdump -i eth0 -l -nn udp port 69
> >     tcpdump: verbose output suppressed, use -v or -vv for full protocol
> decode
> >     listening on eth0, link-type EN10MB (Ethernet), capture size 65535
> bytes
> >     20:43:13.612200 IP 192.168.1.22.58949 > 192.168.1.254.69:  17 RRQ
> "b.log" netascii
> >
> >
> > [root at xxxxx /]# tcpdump -i em1 -l -nn udp port 69
> > tcpdump: verbose output suppressed, use -v or -vv for full protocol
> decode
> > listening on em1, link-type EN10MB (Ethernet), capture size 65535 bytes
> > 21:33:08.653033 IP 192.168.0.5.47352 > 192.168.0.4.69:  19 RRQ "vmlinuz"
> netascii
> > 21:33:13.653306 IP 192.168.0.5.47352 > 192.168.0.4.69:  19 RRQ "vmlinuz"
> netascii
> > 21:33:18.653565 IP 192.168.0.5.47352 > 192.168.0.4.69:  19 RRQ "vmlinuz"
> netascii
> > 21:33:23.653963 IP 192.168.0.5.47352 > 192.168.0.4.69:  19 RRQ "vmlinuz"
> netascii
> > 21:33:28.654212 IP 192.168.0.5.47352 > 192.168.0.4.69:  19 RRQ "vmlinuz"
> netascii
> > ^C
> > 5 packets captured
> > 5 packets received by filter
> > 0 packets dropped by kernel
>
> It isn't traffic at localhost, as You wrote above, em1 is external
> interface.
>

No I tried it remote because I did not know how to use tcpdump locally
without reading the manual and I had another machine handy. The F15 laptop
that does run tftp fine with the same xinetd.d/tftp configuration file thats
why I am so confused !


> With default timeout (900 sec=15min), You should be seing tftp running.
> E.g. "ps xa|grep tftp" should display it. But there isn't line in messages
> that xinetd start tftp daemon.
>
> Most likely there is firewall or SELinux blocking incomming packets - can
> You stop them?
>

Tried that before with F14, made no difference, but I will try again.


>
> tcpdump usualy not display something other than first packet, as next
> dialog
> (second and next packets) run at ephemeral port.
>
> >
> > Well thats it I am stumped tftp seem to be running but ignoring requests
> >
> > Aaron
>
>
> Franta
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/users/attachments/20111010/77490630/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tftp
Type: application/octet-stream
Size: 515 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20111010/77490630/attachment.obj

More information about the users mailing list