10-09-2009
7 More Discussions You Might Find Interesting
1. Cybersecurity
Setting up an Internet proxy - need help
Hi guys
In the past I had set a computer to act as an Internet proxy. This would be multihomed, and running dansguardian, tinyproxy and firehol. Then webmin would be used as interface. By time I realised that this system is far from effective....
Is... (0 Replies)
Discussion started by: ramon82
0 Replies
2. Emergency UNIX and Linux Support
I am writing a shell script which needs to connect to a remote internet ftp site over sftp. The problem is that the Red Hat Linux system on which the script will be executed resides behind a web/internet proxy. How can the standard sftp client which is bundled with Red Hat Linux distributions be... (2 Replies)
Discussion started by: toobrown1
2 Replies
3. Solaris
hi
can anyone fine a solution thwe the problem that am facing
i was trying to install sun4v client vth sol10_U8,
but when i played "boot net"
its asking for "requesting internet address for 0:21:28:17:80:f4
plz give me a sol for this (1 Reply)
Discussion started by: all_is_well
1 Replies
4. UNIX and Linux Applications
Hi Everyone!
A friend of mine is looking for a way to limit time his kids spent on the internet. I told him he should try out Squid proxy server. He now tries to find a way to limit total time spend on the internet to "X" hours a day, at any time during the day.
I remember there are built-in... (3 Replies)
Discussion started by: togr
3 Replies
5. UNIX for Dummies Questions & Answers
I configured my linux server with Static IP address out of the range of the DHCP linksys router, but cannot get on the internet.
When I switch back to "Automatically obtain IP address" ..then I can get on the internet.
Can comeone help with this. (2 Replies)
Discussion started by: FrankOscar
2 Replies
6. UNIX for Dummies Questions & Answers
Hi,
i replaced one of my UNIX machines last week, the old box had an external IP address before. Everything is the same as the previous box and the only difference is the new one has a different MAC address (of course, since the mother boards are different). The problem is the new machine can't... (2 Replies)
Discussion started by: tezarin
2 Replies
7. IP Networking
We cannot access our local servers from our LAN, but we CAN access them from everywhere else!
Every once in awhile, our local access to our servers drops, but if I SSH into an external Linux account I have, I can then SSH back into the server right in the next room. We've been trying to deal... (20 Replies)
Discussion started by: gmark99
20 Replies
LEARN ABOUT FREEBSD
tftp-proxy
TFTP-PROXY(8) BSD System Manager's Manual TFTP-PROXY(8)
NAME
tftp-proxy -- Internet Trivial File Transfer Protocol proxy
SYNOPSIS
tftp-proxy [-v] [-w transwait]
DESCRIPTION
tftp-proxy is a proxy for the Internet Trivial File Transfer Protocol invoked by the inetd(8) internet server. TFTP connections should be
redirected to the proxy using the pf(4) rdr command, after which the proxy connects to the server on behalf of the client.
The proxy establishes a pf(4) rdr rule using the anchor facility to rewrite packets between the client and the server. Once the rule is
established, tftp-proxy forwards the initial request from the client to the server to begin the transfer. After transwait seconds, the pf(4)
NAT state is assumed to have been established and the rdr rule is deleted and the program exits. Once the transfer between the client and
the server is completed, the NAT state will naturally expire.
Assuming the TFTP command request is from $client to $server, the proxy connected to the server using the $proxy source address, and $port is
negotiated, tftp-proxy adds the following rule to the anchor:
rdr proto udp from $server to $proxy port $port -> $client
The options are as follows:
-v Log the connection and request information to syslogd(8).
-w transwait
Number of seconds to wait for the data transmission to begin before removing the pf(4) rdr rule. The default is 2 seconds.
CONFIGURATION
To make use of the proxy, pf.conf(5) needs the following rules. The anchors are mandatory. Adjust the rules as needed for your configura-
tion.
In the NAT section:
nat on $ext_if from $int_if -> ($ext_if:0)
no nat on $ext_if to port tftp
rdr-anchor "tftp-proxy/*"
rdr on $int_if proto udp from $lan to any port tftp ->
127.0.0.1 port 6969
In the filter section, an anchor must be added to hold the pass rules:
anchor "tftp-proxy/*"
inetd(8) must be configured to spawn the proxy on the port that packets are being forwarded to by pf(4). An example inetd.conf(5) entry fol-
lows:
127.0.0.1:6969 dgram udp wait root
/usr/libexec/tftp-proxy tftp-proxy
SEE ALSO
tftp(1), pf(4), pf.conf(5), ftp-proxy(8), inetd(8), syslogd(8), tftpd(8)
CAVEATS
tftp-proxy chroots to /var/empty and changes to user ``proxy'' to drop privileges.
BSD
November 28, 2005 BSD