I am using Fedora 8 and installed all TFTP packages on 2 computers connected by ethernet LAN adaptor.
When i use "put" command at TFTP prompt, the computer sends TFTP write request to the second machine and it replies with:
ICMP, desination unreachable(port unreachable)
I have disabled firewalls and SELinux on both computers but still can not get rid of this error. "nmap" on the second computer doesn't show any port 69, open though i have enabled port 69 udp/tcp by the graphical icon of Fedora 8.
Though this problem doesn't relate to the firewall and packet filtering because i have disabled firewall!!
What is the answer ? how can i use TFTP?
Read the tftpd man page for what the options mean.
# man tftpd
On mine I needed to do this to manually start the tftp server if it hadnt started. I dont trust the GUI's.
# /etc/init.d/in.tftpd start
You can test the route with telnet or ssh, I mean if they can connect to the router from the tftpd server the routings ok.
# netstat -rn shows you the linux routing table.
I found that to get the tftp working, I had to have the server configured properly on linux. try looking for /etc/conf.d/in.tftpd
These might help find a configuration file on linux.
# locate tftpd
Mine was going to send files to /var/tftp/
and within that directory I must have the filename existing before the, in my case, Pix firewall can write its config there. This is the same principal for a router or switch. File must be writeable.
# chmod 0666 filename.txt
On the PIX i needed a tftp-server line
tftp-server inside <tftpd-server-ip> pix-config.txt
the "inside" being the interface the server will be out of relative to the PIX.
From above /var/tftp/pix-config.txt file must exist for this to work.
I need to go through mine but permissions and security needs to be looked at as I think /var/tftp is open for anyone to write to.
Luckily mines behind quite a few firewalls!
Ive got scripts that get the configs via nightly cron job of all the PIX I manage and keeps them on a webpage for other firewall engineers. Engineers can also manually do a write net on teh PIX or routers to do the same before or after changes.
Its very worth while checking this out too. Google for it!
ciscocmd-1.5, its a script that allows you to run any commands remotely to a raft of cisco devices. Whats relevant here is the write net command and having the tftpd set up properly.