Skip to main content

Make tftpd-hpa play nicely with Cisco

By
The following was tested on Ubuntu 11.10. This is completely insecure, make sure it is confined to a LAN environment, i.e. not publicly accessibly. 

apt-get install tftpd-hpa

mkdir /tftp
chmod 777 /tftp

nano /etc/default/tftpd-hpa

# /etc/default/tftpd-hpa
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/tftp"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure --create -v"
service tftpd-hpa restart 

--create is needed to allow client to create new file. Otherwise you will get error stating 'File does not exist' or similar.


--secure is so that the client does not need to specify an absolute path such as /tftp/file. The root of the tftp server becomes TFTP_DIRECTORY.


-v is for verbose logging in /var/syslog





culv-lns1#copy run tftp
Address or name of remote host []? 10.2.2.40
Destination filename [culv-lns1-confg]?
!!
1446 bytes copied in 0.168 secs (8607 bytes/sec)
_________________________________________________



culv-lns1#copy tftp://10.2.2.40/test.0 flash
Destination filename [test.0]?
Accessing tftp:// 10.2.2.40 /test.0...
Loading test.0 from  10.2.2.40  (via GigabitEthernet0/0): !
[OK - 816 bytes]


816 bytes copied in 0.408 secs (2000 bytes/sec)






















Labels:

Comments

  1. Linux NotesFebruary 10, 2013 at 2:42 PM

    Very nice post. Thank you for sharing. I was getting sick of having to run tftp32 on windows when it came time to back or upgrade network equipment.

    ReplyDelete

Post a Comment

Popular posts from this blog

Mikrotik Bridge Horizon

By
To achieve similar functionality to Cisco's private VLANS, where all ports are on the same L2 segment, but cannot exchange packets, you can use Mikrotik's Bridge Horizon feature. Basically, every port in a bridge is assigned a horizon value, and RouterOS will only forward frames to other interfaces in the bridge that have different horizon values. This means that you assign the same horizon value to the interfaces that you don't want to be able to communicate. For example, you want to bridge all your customers and use a single /24 subnet and the same gateway. Typically this is bad and poses a huge security risk, not to mention performance issues. If you assign the same horizon value to the customer interfaces, then the router will not forward traffic between customers. Customer A will not be able to ping Customer B. If you had a server, such as an IP-PBX that all customers needed to access, and you were lazy and added it to the bridge, then you would assign a diff...
Post a Comment
Read more

DHCP option 121

By
http://tools.ietf.org/html/rfc3442 This is used to add a classless  static route to the DHCP clients. To add option 121 to a Mikrotik DHCP server, it's value is specified in HEX. The format is as follows. 0xnnddddddddgggggggg where n=mask, d=destination, g=gateway. To convert ip address to HEX, you convert each octet, so 192=C0, 168=A8, 55=37, 1=01 You can use a tool such as  http://www.miniwebtool.com/ip-address-to-hex-converter/?ip=192.168.55.1 Example: To add a route to the destination network of 192.168.55.0/24 via gateway 172.16.10.1. /ip dhcp-server option add name=classlessroutes code=121 value=0x18C0A837AC100A01 where 18 is 24 in hex. *note: depending on the subnet mask, you may only need to specify 0-4 octets. In fact only the non-zero, or network portion of the subnet. Here is a table from the RFC. subnet mask Number of octets 0 0 1- 8 1 ...
Post a Comment
Read more

System History and the undo command

By
The history of system configuration changes is held until the next router shutdown. The invoked commands can be 'undone' using the /undo command. By invoking the command several times, the configuration changes can be 'undone' in reverse order they have been invoked. Use the /system history print command to see the list of performed actions: [MikroTik] system history> print Flags: U - undoable, R - redoable, F - floating-undo    ACTION                                   BY            POLICY           U nat rule changed                         admin         write            U nat rule changed                         admin         write ...
Post a Comment
Read more