[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

TFTP "access denied"problem on a Linux Redhat ES3 machine

Posted on 2005-04-13
12
Medium Priority
?
1,971 Views
Last Modified: 2008-01-09
I installed a linux Redhat ES3 software on a dell poweredge 420 machine. There is a tftp server running on this machine but my problem is that I am not able to retrive any file from the server.The message I get from the TFTP client machine is that the server cannot be accessed.I have placed the config file in the /tftpboot folder and I have also made sure that my iptables is not running.What could be the problem??

the netstat -ul result is

udp        0      0 *:tftp                  *:*

 checked the IP tables  i  got the folowing result

[root@localhost init.d]# ./iptables status
Table: filter
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
 
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Thanks for the help.This is a urgent request.
0
Comment
Question by:aej1973
  • 5
  • 5
10 Comments
 
LVL 15

Expert Comment

by:veedar
ID: 13775425
Try ...

./iptables stop

and then try it again.
If that fails do a portscan on your tftp server
0
 

Author Comment

by:aej1973
ID: 13775662
Did a ./iptables stop;

[root@localhost init.d]# ./iptables stop
Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: filter                    [  OK  ]
Unloading iptables modules:                                [  OK  ]
[root@localhost init.d]#
 How do  do a port scan on my TFTP server??
I did a nmap command and got the following;

Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Host  (192.168.120.9) appears to be up ... good.
Initiating UDP Scan against  (192.168.120.9)
The UDP Scan took 5 seconds to scan 1468 ports.
Adding open port 137/udp
Adding open port 138/udp
Adding open port 1900/udp
Adding open port 500/udp
Adding open port 445/udp
Adding open port 514/udp
Adding open port 69/udp
Adding open port 135/udp
Adding open port 123/udp
Interesting ports on  (192.168.120.9):
(The 1459 ports scanned but not shown below are in state: closed)
Port       State       Service
69/udp     open        tftp
123/udp    open        ntp
135/udp    open        loc-srv
137/udp    open        netbios-ns
138/udp    open        netbios-dgm
445/udp    open        microsoft-ds
500/udp    open        isakmp
514/udp    open        syslog
1900/udp   open        UPnP
 
I keep getting a error the "server stops the trasfer".

A
0
 
LVL 15

Expert Comment

by:veedar
ID: 13776791
nmap did the sport scan it shows the tftp port is open so no firewall issue.

So the hunt continues...from the tftp docs...

"Errors are  caused by three types of events: not being able to satisfy the
   request (e.g., file not found, access violation, or no such user),
   receiving a packet which cannot be explained by a delay or
   duplication in the network (e.g., an incorrectly formed packet), and
   losing access to a necessary resource (e.g., disk full or access
   denied during a transfer)."   http://spectral.mscs.mu.edu/RFC/rfc1350.html

Look in /var/log/messages
you should see your tftp attempts logged.

What does the log report? What is the exact error message?



0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:aej1973
ID: 13777050
one of the error messages in the log file is as follows;

Apr 13 15:22:35 localhost xinetd[3637]: warning: can't get client address: Transport endpoint is not connected.

I really am not able to notice any other messages that could be related to TFTP and I do not see ant attempts logged.

Thanks ,

A

0
 
LVL 15

Expert Comment

by:veedar
ID: 13777526
On the tftpserver run...
  tftp localhost
What does it say?

Run...
  updatedb
  locate tftp
Does it locate tftp?

Run...
  ls -ld /tftpboot  
Does it exist?

Run...
  netstat -a | grep LISTEN
Is tftp listening?
0
 

Author Comment

by:aej1973
ID: 13781050
Veedar: I ran the commands you mentioned and I have copied my outputs; it really does not make much sense to me.  Does any thing seem to be the problem??Thanks.

[root@localhost root]# locate tftp

/usr/share/doc/redhat-config-netboot-0.1.1/s1-netboot-tftp.html
/usr/share/man/man1/tftp.1.gz
/usr/share/man/man8/in.tftpd.8.gz
/usr/share/man/man8/tftpd.8.gz
/usr/sbin/in.tftpd
/usr/bin/tftp
/usr/include/arpa/tftp.h
/usr/src/linux-2.4.21-4.EL/include/linux/netfilter_ipv4/ip_conntrack_tftp.h
/usr/src/linux-2.4.21-4.EL/include/config/ip/nf/tftp.h
/usr/src/linux-2.4.21-4.EL/include/config/ip/nf/tftp
/usr/src/linux-2.4.21-4.EL/include/config/ip/nf/tftp/module.h
/usr/src/linux-2.4.21-4.EL/include/config/ip/nf/nat/tftp.h
/usr/src/linux-2.4.21-4.EL/include/config/ip/nf/nat/tftp
/usr/src/linux-2.4.21-4.EL/include/config/ip/nf/nat/tftp/module.h
/usr/src/linux-2.4.21-4.EL/net/ipv4/netfilter/ip_conntrack_tftp.c
/usr/src/linux-2.4.21-4.EL/net/ipv4/netfilter/ip_nat_tftp.c
/etc/xinetd.d/tftp
/lib/modules/2.4.21-4.EL/kernel/net/ipv4/netfilter/ip_conntrack_tftp.o
/lib/modules/2.4.21-4.EL/kernel/net/ipv4/netfilter/ip_nat_tftp.o
/lib/modules/2.4.21-4.ELsmp/kernel/net/ipv4/netfilter/ip_conntrack_tftp.o
/lib/modules/2.4.21-4.ELsmp/kernel/net/ipv4/netfilter/ip_nat_tftp.o
/tftpboot
/tftpboot/linux-install
/tftpboot/linux-install/pxelinux.cfg
/tftpboot/linux-install/pxelinux.0
/tftpboot/linux-install/msgs
/tftpboot/linux-install/msgs/boot.msg
/tftpboot/linux-install/msgs/expert.msg
/tftpboot/linux-install/msgs/general.msg
/tftpboot/linux-install/msgs/param.msg
/tftpboot/linux-install/msgs/rescue.msg
/tftpboot/linux-install/msgs/snake.msg
/tftpboot/D512U128.cfg
[root@localhost root]#
---------------------------------------------------------------------------
[root@localhost root]# netstat -a|grep LISTEN
tcp        0      0 *:32768                 *:*                     LISTEN
tcp        0      0 localhost.localdo:32769 *:*                     LISTEN
tcp        0      0 *:sunrpc                *:*                     LISTEN
tcp        0      0 *:x11                   *:*                     LISTEN
tcp        0      0 *:ssh                   *:*                     LISTEN
tcp        0      0 localhost.localdoma:ipp *:*                     LISTEN
tcp        0      0 localhost.localdom:smtp *:*                     LISTEN
unix  2      [ ACC ]     STREAM     LISTENING     11996  /tmp/orbit-root/linc-1f6c-0-54b5128be7986
unix  2      [ ACC ]     STREAM     LISTENING     12006  /tmp/orbit-root/linc-1f53-0-645e5aab9bd5
unix  2      [ ACC ]     STREAM     LISTENING     12041  /tmp/orbit-root/linc-1f6f-0-39e5b56c7a64
unix  2      [ ACC ]     STREAM     LISTENING     12061  /tmp/orbit-root/linc-1f71-0-2c335d07e3249
unix  2      [ ACC ]     STREAM     LISTENING     12142  /tmp/orbit-root/linc-1f7d-0-c4903820453
unix  2      [ ACC ]     STREAM     LISTENING     12172  /tmp/orbit-root/linc-1f85-0-75c2c00d93ea1
unix  2      [ ACC ]     STREAM     LISTENING     12190  /tmp/orbit-root/linc-1f81-0-75c2c00da956e
unix  2      [ ACC ]     STREAM     LISTENING     10218  /dev/gpmctl
unix  2      [ ACC ]     STREAM     LISTENING     12260  /tmp/orbit-root/linc-1f83-0-27ba01de3e9f8
unix  2      [ ACC ]     STREAM     LISTENING     12293  /tmp/orbit-root/linc-1f87-0-27ba01de5994e
unix  2      [ ACC ]     STREAM     LISTENING     12438  /tmp/orbit-root/linc-1f8b-0-5fdbba3aaef74
unix  2      [ ACC ]     STREAM     LISTENING     12480  /tmp/orbit-root/linc-1f94-0-897794625a8e
unix  2      [ ACC ]     STREAM     LISTENING     24607  /tmp/orbit-root/linc-2367-0-67406bbe9fce1
unix  2      [ ACC ]     STREAM     LISTENING     12080  /tmp/.fam_socket
unix  2      [ ACC ]     STREAM     LISTENING     11979  /tmp/ssh-fkOh8019/agent.8019
unix  2      [ ACC ]     STREAM     LISTENING     11953  /tmp/.X11-unix/X0
unix  2      [ ACC ]     STREAM     LISTENING     10265  /tmp/.font-unix/fs7100
unix  2      [ ACC ]     STREAM     LISTENING     12030  /tmp/.ICE-unix/8019
[root@localhost root]#
------------------------------------------------------------------------------

[root@localhost root]# ls-ld /tftpboot/
bash: ls-ld: command not found
[root@localhost root]#
-----------------------------------------------------------------------------
[root@localhost xinetd.d]# tftp
tftp> tftp localhost
?Invalid command
tftp>

0
 

Author Comment

by:aej1973
ID: 13783762
Veedar need your input please!!!
0
 
LVL 15

Expert Comment

by:veedar
ID: 13783859
Sorry I wasn't more clear

ls   -ld    /tftpboot   #note the spaces

tftp  localhost     #all on one line


You may want to uninstall and re-install tftp. How was it initially installed?
0
 

Author Comment

by:aej1973
ID: 13784001
This is the output.

[root@localhost root]# ls   -ld    /tftpboot
drwxr-xr-x    3 root     root         4096 Apr 14 07:21 /tftpboot
[root@localhost root]#

[root@localhost xinetd.d]# tftp localhost
tftp> tftp localhost
?Invalid command
tftp>

When I installed the RH ES3 cd the tftp server was already loaded. How do I remove and reinstall the package. I tried doing that trough add/remove programs but I was not able to do this.When I tried stopping the tftp service  from the menu , the option to stop the service was greyed out. Is there any other way I remove and reinstall the package???Thanks.

A
0
 
LVL 15

Accepted Solution

by:
veedar earned 2000 total points
ID: 13784400
To reinstall...

yum remove tftp-server

yum install tftp-server

Then goto
Applications -> System Settings -> Server Settings -> Service -> tftp
and make sure it is enabled.

To test...

echo xxx >  /tftpboot/xfile
tftp localhost
get xfile
quit
xfile should be in your current directory if it worked
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…
Suggested Courses

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question