Tftp package doesn't work but found a workaround
-
Wow, I deserve my "newbie" title then :)
I set it to none but still not working.
As a client, I use a vm on a esx server a try to boot the pxe way -
Upload a test file using the TFTP package GUI, and then try to retrieve it from something locally.
$ tftp 192.168.x.y tftp> get help.png Received 3157 bytes during 0.0 seconds in 7 blocks tftp> quit -
:nc -uz 127.0.0.1 ย 69 Connection to 127.0.0.1 69 port [udp/tftp] succeeded! :nc -uz 192.168.1.1 69 Connection to 192.168.1.1 69 port [udp/tftp] succeeded!Well, it seems it works from the box itselfโฆ I don't get it ...
-
Do you have an actual tftp client you can try from another box/vm, instead of just trying a PXE boot? Also make sure the file name matches exactly what you're trying to download, case and all.
-
Also I noticed you had NAT reflection on, you might try to disable NAT reflection for that one rule using the override box on the rule editor.
-
OK I disabled the NAT reflection for this rule.
Here what I got from tftp :Setting up tftp (0.17-16) ... vm-swat:~# tftp 192.168.1.1 tftp> get BootMenu Transfer timed out. tftp> -
and that VM can ping and otherwise talk to 192.168.1.1 without problems?
-
I disabled NAT reflection at sytem level and activated it for the only rule which need it. Cool new functionality.
Yes, I checked connectivity to be sure.
I also disabled snort (only other package installed) to be sure there was not any interference or side effect -
actually if I do
nc -uz 192.168.1.1 (any port number)it returns succeeded :)
-
I tried to disable any nat reflection and have a clean /var/etc/inetd.conf looking like this :
tftp-proxy dgram udp wait root /usr/libexec/tftp-proxy tftp-proxy -v tftp dgram udp wait root /usr/libexec/tftpd tftpd /tftpbootBut still no way (โฆ)ย ???
-
But if you can't reproduce the problem on your side, there might be something wrong on my box, I will work on it to check if I can go ahead. Thank you for your support. Appreciated.
By the way, here some very minor bugs I found on TFTP package, may we post directly to bug database when we find something like this ?
http://forum.pfsense.org/index.php/topic,36713.0.html -
Actually, due to the nature of my VM setups I almost exclusively try this stuff from the WAN side, and that is working, but when I boot up a VM behind that VM and try it from the LAN, that is timing out on a fetch. Guess I'll have more to look at.
tcpdump shows the packets coming in, they aren't being blocked, truss shows the inetd process responding to the request, but apparently for whatever reason the packets aren't going back out to the LAN like they should.
NAT rules are identical for WAN and LAN so it doesn't make a lot of sense.
-
OK, I tried truss with pid of tftpd and same result, packets are received by the box but timeout on client side. That's interestingโฆ
-
OK I figured it out. WAN gets an outbound NAT rule from 127.0.0.1 automatically, and LAN does not. So I switched to Manual Outbound NAT and added a rule on LAN from 127.0.0.1 to any, translate to Interface Address, and it started to reply.
-
Wow, yeah this works. Thank you so much !ย ;D
-
I added this so I don't forget about it next week (unless someone else picks up on it before I get a chance): http://redmine.pfsense.org/issues/1528
-
You guys rock !
For info, I also posted this => http://forum.pfsense.org/index.php/topic,36713.0.html
Do not know if this is relevant in this forum but just to report it. -
I replied there. The issue doesn't exist with the current version of the TFTP package that I have installed.
-
Is this the latest version trough the package installation interface ? or is there another way to install it ? Package version of TFTP I have is 2.0
-
2.0 sounds right, you might have to delete the package and then reinstall it, instead of just trying to upgrade it.
