Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to disable tftp-proxy service?

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 1 Posters 908 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      oldlongjohnson
      last edited by oldlongjohnson

      I'm seeing a lot of messages in my syslogs that look like this:

      May 5 01:36:35 	tftp-proxy 	99308 	146.88.240.4:34504 -> 127.0.0.1:6969/{WAN IP}:61119 -> {WAN IP}:69 "RRQ ay9mfwq7xxmd4w6cz"
      May 4 21:51:40 	tftp-proxy 	5165 	184.105.139.94:32825 -> 127.0.0.1:6969/{WAN IP}:57740 -> {WAN IP}:69 "RRQ a.pdf"
      May 4 09:43:36 	tftp-proxy 	47300 	172.105.220.161:49874 -> 127.0.0.1:6969/{WAN IP}50101 -> {WAN IP}:69 "RRQ a.pdf" 
      

      From these same 3 sources, every day for over 2 months. I looked them up and they all seem to be security "researchers", but obviously I dont want to let outside sources use TFTP, period. I dont even want TFTP enabled at all, I dont need or use it. I tried looking for the tftp-proxy service, but I dont see it running, and I dont see any page to manage it anywhere. I have all external access to the firewall disabled so I'm not even sure why pfsense is passing these requests in the first place, the firewall should be invisible from the outside as far as I know, I cannot get it to respond from the outside in any meaningful way so I'm not sure how theyre able to do it.

      1 Reply Last reply Reply Quote 0
      • O
        oldlongjohnson
        last edited by

        I found it, its under System -> Advanced -> Firewall & NAT -> Network Address Translation -> TFTP Proxy

        Now that I found it, I do remember turning this on when I was having issues getting NAT to work properly, but I dont remember why I did it.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.