Home Man
Today's Posts

Linux & Unix Commands - Search Man Pages
Man Page or Keyword Search:
Select Section of Man Page:
Select Man Page Repository:

NetBSD 6.1.5 - man page for tftp-proxy (netbsd section 8)

TFTP-PROXY(8)			   BSD System Manager's Manual			    TFTP-PROXY(8)

     tftp-proxy -- Internet Trivial File Transfer Protocol proxy

     tftp-proxy [-v] [-w transwait]

     tftp-proxy is a proxy for the Internet Trivial File Transfer Protocol invoked by the
     inetd(8) internet server.	TFTP connections should be redirected to the proxy using the
     pf(4) rdr command, after which the proxy connects to the server on behalf of the client.

     The proxy establishes a pf(4) rdr rule using the anchor facility to rewrite packets between
     the client and the server.  Once the rule is established, tftp-proxy forwards the initial
     request from the client to the server to begin the transfer.  After transwait seconds, the
     pf(4) NAT state is assumed to have been established and the rdr rule is deleted and the pro-
     gram exits.  Once the transfer between the client and the server is completed, the NAT state
     will naturally expire.

     Assuming the TFTP command request is from $client to $server, the proxy connected to the
     server using the $proxy source address, and $port is negotiated, tftp-proxy adds the follow-
     ing rule to the anchor:

	   rdr proto udp from $server to $proxy port $port -> $client

     The options are as follows:

     -v      Log the connection and request information to syslogd(8).

     -w transwait
	     Number of seconds to wait for the data transmission to begin before removing the
	     pf(4) rdr rule.  The default is 2 seconds.

     To make use of the proxy, pf.conf(5) needs the following rules.  The anchors are mandatory.
     Adjust the rules as needed for your configuration.

     In the NAT section:

	   nat on $ext_if from $int_if -> ($ext_if:0)

	   no nat on $ext_if to port tftp

	   rdr-anchor "tftp-proxy/*"
	   rdr on $int_if proto udp from $lan to any port tftp -> \ port 6969

     In the filter section, an anchor must be added to hold the pass rules:

	   anchor "tftp-proxy/*"

     inetd(8) must be configured to spawn the proxy on the port that packets are being forwarded
     to by pf(4).  An example inetd.conf(5) entry follows:  dgram   udp	   wait    root \
		   /usr/libexec/tftp-proxy tftp-proxy

     tftp(1), pf(4), pf.conf(5), ftp-proxy(8), inetd(8), syslogd(8), tftpd(8)

     tftp-proxy chroots to /var/chroot/tftp-proxy and changes to user ``_proxy'' to drop privi-

BSD					   May 31, 2007 				      BSD

All times are GMT -4. The time now is 05:16 AM.

Unix & Linux Forums Content Copyrightę1993-2018. All Rights Reserved.
Show Password