TFTP简介
TFTP(Trivial File Transfer Protocol,简单文件传输协议)是TCP/IP协议族中的一个用来在客户机与服务器之间进行简单文件传输的协议,提供不复杂、开销不大的文件传输服务。端口号为69。安装TFTP服务器
检查是否有TFTP服务器软件包
[fanmaolin@centos6 ~]$ rpm -qa | grep tftp下载安装服务器软件包
[fanmaolin@Centeros ~]$ sudo yum install -y tftp-server
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Determining fastest mirrors
* base: centos.ustc.edu.cn
* extras: centos.ustc.edu.cn
* updates: centos.ustc.edu.cn
base | 3.7 kB 00:00
extras | 3.4 kB 00:00
extras/primary_db | 29 kB 00:00
updates | 3.4 kB 00:00
updates/primary_db | 2.5 MB 00:01
Resolving Dependencies
--> Running transaction check
---> Package tftp-server.x86_64 0:0.49-8.el6 will be installed
--> Processing Dependency: xinetd for package: tftp-server-0.49-8.el6.x86_64
--> Running transaction check
---> Package xinetd.x86_64 2:2.3.14-40.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
==================================================================================================================================
Package Arch Version Repository Size
==================================================================================================================================
Installing:
tftp-server x86_64 0.49-8.el6 base 39 k
Installing for dependencies:
xinetd x86_64 2:2.3.14-40.el6 base 122 k
Transaction Summary
==================================================================================================================================
Install 2 Package(s)
Total download size: 161 k
Installed size: 317 k
Downloading Packages:
(1/2): tftp-server-0.49-8.el6.x86_64.rpm | 39 kB 00:00
(2/2): xinetd-2.3.14-40.el6.x86_64.rpm | 122 kB 00:00
----------------------------------------------------------------------------------------------------------------------------------
Total 289 kB/s | 161 kB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : 2:xinetd-2.3.14-40.el6.x86_64 1/2
Installing : tftp-server-0.49-8.el6.x86_64 2/2
Verifying : 2:xinetd-2.3.14-40.el6.x86_64 1/2
Verifying : tftp-server-0.49-8.el6.x86_64 2/2
Installed:
tftp-server.x86_64 0:0.49-8.el6
Dependency Installed:
xinetd.x86_64 2:2.3.14-40.el6
Complete!下载安装TFTP命令包
[fanmaolin@Centeros ~]$ sudo yum install -y tftp
新建TFTP目录
[fanmaolin@Centeros ~]$ mkdir tftp
[fanmaolin@Centeros ~]$ cd tftp
[fanmaolin@Centeros tftp]$ pwd
/home/fanmaolin/tftp对TFTP服务器进行配置启动
linux下的tftp服务是由xinetd(还有openbsd-inetd等其他服务)所设定的,默认情况下tftp是处于关闭状态。所以要修改tftp的配置文件,开启tftp服务。tftp的配置文件在/etc/xinetd.d/tftp下:
[fanmaolin@Centeros tftp]$ sudo vim /etc/xinetd.d/tftp
# default: off
# description: The tftp server serves files using the trivial file transfer \
# protocol. The tftp protocol is often used to boot diskless \
# workstations, download configuration files to network-aware printers, \
# and to start the installation process for some operating systems.
service tftp
{
disable = no #添加
socket_type = dgram
protocol = udp
wait = yes
user = root
server = /usr/sbin/in.tftpd
server_args = -s /home/fanmaolin/tftp -c #修改,这里-s指tftp服务器的根目录,刚才新建的tftp文件夹,-c指能创建文件
disable = yes
per_source = 11
cps = 100 2
flags = IPv4
}
~开启xinetd服务
使刚才的更改生效
[fanmaolin@Centeros ~]$ sudo service xinetd restart
Stopping xinetd: [FAILED]
Starting xinetd: [ OK ]对TFTP的69端口进行查看,确认服务开启
[fanmaolin@Centeros ~]$ sudo netstat -nlp | grep 69
udp 0 0 0.0.0.0:69 0.0.0.0:* 3118/xinetd
unix 2 [ ACC ] STREAM LISTENING 13369 1715/rpcbind /var/run/rpcbind.sock
unix 2 [ ACC ] STREAM LISTENING 17691 2597/at-spi-registr /tmp/orbit-gdm/linc-a25-0-7d2b3ccc9dec6出现 udp 0 0 0.0.0.0:69 0.0.0.0:* 3118/xinetd 则成功开启TFTP服务器
关闭SeLinux
SeLinux保持开启状态的话,系统有可能会组织tftp客户端的下载,可以将它暂时关闭: [fanmaolin@Centeros ~]$ sudo setenforce 0#这里0表示设置SeLinux为permissive模式,1代表设置SeLinux为enforcing模式可以使用
[fanmaolin@Centeros ~]$ getenforce #getenforce 命令查看SeLinux状态
Permissive彻底禁用SeLinux:
[fanmaolin@Centeros ~]$ sudo vim /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disable #修改这里为不使用
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted在防火墙中使能TFTP
只需要使能tftp所使用的69端口即可
[fanmaolin@Centeros ~]$ sudo /sbin/iptables -I INPUT -p tcp --dport 69 -j ACCEPT
[fanmaolin@Centeros ~]$ sudo /sbin/iptables -I INPUT -p udp --dport 69 -j ACCEPT
[fanmaolin@Centeros ~]$ sudo /sbin/iptables -I INPUT -p tcp --dport 80 -j ACCEPT
[fanmaolin@Centeros ~]$ sudo /sbin/iptables -I INPUT -p tcp --dport 21 -j ACCEPT
[fanmaolin@Centeros ~]$ sudo /sbin/iptables -I INPUT -p tcp --dport 22 -j ACCEPT
[fanmaolin@Centeros ~]$ sudo /etc/rc.d/init.d/iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
[fanmaolin@Centeros ~]$ sudo service iptables restart
iptables: Setting chains to policy ACCEPT: nat mangle filte[ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ][fanmaolin@Centeros ~]$ sudo service iptables status #查看防火墙状态
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
3 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
***4 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:69
5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:69***
6 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
8 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67
9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
10 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
12 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
13 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
14 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited如果希望在系统启动时防火墙不启动,可以用ntsysv关闭防火墙服务,同时还可以设置tftp服务在系统启动时就开启
[fanmaolin@Centeros ~]$ export TERM=vt100
[fanmaolin@Centeros ~]$ sudo ntsysv
[ ] ip6tables
[ ] iptables
[*] tftp
[*] xinetd使用空格键进行选中或取消,使用Tab进行切换
对TFTP服务器进行测试
在tftp文件夹下新建文件x.c,写入内容,传输到当前目录下,查看内容。
(用ifconfig查看本机IP)
[fanmaolin@Centeros ~]$ sudo tftp 192.168.216.128
tftp> help
tftp-hpa 0.49
Commands may be abbreviated. Commands are:
connect connect to remote tftp
mode set file transfer mode
put send file
get receive file
quit exit tftp
verbose toggle verbose mode
trace toggle packet tracing
literal toggle literal mode, ignore ':' in file name
status show current status
binary set mode to octet
ascii set mode to netascii
rexmt set per-packet transmission timeout
timeout set total retransmission timeout
? print help information
help print help information
tftp> get
(files) x.c //选择要传输的文件
tftp> q //退出
[fanmaolin@Centeros ~]$ ls
Desktop Documents dropbear-0.53.1 fl2440 Pictures src test Videos zuoye
dir Downloads dropbear-0.53.1.tar.bz2 Music Public Templates tftp x.c 桌面
[fanmaolin@Centeros ~]$ cat x.c
hello fan
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
