tftp-proxy man page on FreeBSD

Man page or keyword search:  
man Server   9747 pages
apropos Keyword Search (all sections)
Output format
FreeBSD logo
[printable version]

TFTP-PROXY(8)		  BSD System Manager's Manual		 TFTP-PROXY(8)

NAME
     tftp-proxy — Internet Trivial File Transfer Protocol proxy

SYNOPSIS
     tftp-proxy [-v] [-w transwait]

DESCRIPTION
     tftp-proxy is a proxy for the Internet Trivial File Transfer Protocol
     invoked by the inetd(8) internet server.  TFTP connections should be
     redirected to the proxy using the pf(4) rdr command, after which the
     proxy connects to the server on behalf of the client.

     The proxy establishes a pf(4) rdr rule using the anchor facility to re‐
     write packets between the client and the server.  Once the rule is estab‐
     lished, tftp-proxy forwards the initial request from the client to the
     server to begin the transfer.  After transwait seconds, the pf(4) NAT
     state is assumed to have been established and the rdr rule is deleted and
     the program exits.	 Once the transfer between the client and the server
     is completed, the NAT state will naturally expire.

     Assuming the TFTP command request is from $client to $server, the proxy
     connected to the server using the $proxy source address, and $port is
     negotiated, tftp-proxy adds the following rule to the anchor:

	   rdr proto udp from $server to $proxy port $port -> $client

     The options are as follows:

     -v	     Log the connection and request information to syslogd(8).

     -w transwait
	     Number of seconds to wait for the data transmission to begin
	     before removing the pf(4) rdr rule.  The default is 2 seconds.

CONFIGURATION
     To make use of the proxy, pf.conf(5) needs the following rules.  The
     anchors are mandatory.  Adjust the rules as needed for your configura‐
     tion.

     In the NAT section:

	   nat on $ext_if from $int_if -> ($ext_if:0)

	   no nat on $ext_if to port tftp

	   rdr-anchor "tftp-proxy/*"
	   rdr on $int_if proto udp from $lan to any port tftp -> \
	       127.0.0.1 port 6969

     In the filter section, an anchor must be added to hold the pass rules:

	   anchor "tftp-proxy/*"

     inetd(8) must be configured to spawn the proxy on the port that packets
     are being forwarded to by pf(4).  An example inetd.conf(5) entry follows:

	   127.0.0.1:6969  dgram   udp	   wait	   root \
		   /usr/libexec/tftp-proxy tftp-proxy

SEE ALSO
     tftp(1), pf(4), pf.conf(5), ftp-proxy(8), inetd(8), syslogd(8), tftpd(8)

CAVEATS
     tftp-proxy chroots to /var/empty and changes to user “proxy” to drop
     privileges.

BSD			       November 28, 2005			   BSD
[top]

List of man pages available for FreeBSD

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net