[*] OpenWrt problem with tftp

John Lange john.lange at open-it.ca
Wed Sep 27 15:40:19 CDT 2006 

So, to answer my own question from months ago...

To get tftp working through openwrt you need:

ipkg iptables-extra

Then reboot and viola! It works.

The actual tftp connection tracking is in a package kmod-ipt-nat-extra.
Not sure if thats important or not but thought I'd include it for the
sake of completeness.

John

On Tue, 2006-05-23 at 10:09 -0500, John Lange wrote:
> I originally thought that as well so I've made hosts.allow "ALL: ALL"
> and it still gives the same message. It appears to me that its getting a
> connection refused when trying to send the file back, not on the
> connection attempt.
> 
> tftp works fine from a host that is outside the firewall so my suspicion
> is still that there is something wrong with the OpenWRT box.
> 
> John
> 
> On Thu, 2006-05-18 at 19:41 -0500, Sean Walberg wrote:
> > xinetd uses tcp wrappers (/etc/hosts.{allow,deny}), plus any
> > statements in /etc/xinetd.d/tftp even though it's a UDP service...
> > Are you denying it somehow through there?
> > 
> > I'm pretty sure tftp is NAT friendly.  Since it's hitting syslog, my
> > guess is the wrappers config. 
> > 
> > Sean
> > 
> > On 5/18/06, John Lange <john.lange at open-it.ca> wrote:
> >         I believe that I'm having a problem with the OpenWRT and tftp.
> >         
> >         I'm trying to fetch a file outside of the OpenWRT firewall
> >         using tftp
> >         but on the server side I see these messages:
> >         
> >         in.tftpd[26104]: tftpd: read(ack): Connection refused 
> >         
> >         The client just times out.
> >         
> >         I suspect its a nat issue with the OpenWRT perhaps related to
> >         the fact
> >         the OpenWRT listens on a tftp port for uploads of firmware?
> >         
> >         Or is tftp generally tricky through nat? I can't see why it
> >         would be. 
> >         
> >         Is there some kind of iptables parameter that needs to be
> >         added? Scant
> >         little comes up on google for iptables, nat and tftp.
> >         
> >         --
> >         John Lange
> >         OpenIT ltd. www.Open-IT.ca (204) 885 0872
> >         VoIP, Web services, Linux Consulting, Server Co-Location
> >         
> >         _______________________________________________
> >         Asterisk mailing list
> >         Asterisk at muug.mb.ca 
> >         http://www.muug.mb.ca/mailman/listinfo/asterisk
> >         
> > 
> > 
> > 
> > -- 
> > Sean Walberg <sean at ertw.com>    http://ertw.com/ 
> > _______________________________________________
> > Asterisk mailing list
> > Asterisk at muug.mb.ca
> > http://www.muug.mb.ca/mailman/listinfo/asterisk

More information about the Asterisk mailing list