[CentOS] leaving ports open for tftp

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[CentOS] leaving ports open for tftp

Tim Dunphy
hey guys,

 I have a really silly question for you! I just built a cobbler server that I am using to bare metal some boxes. But I am a bit n00b and need to figure out which ports to open in iptables.

 Here's a start:

xinetd     2031      root    8u     IPv4              94306                 UDP *:tftp
in.tftpd   9203      root  cwd       DIR              253,0     4096     588097 /tftpboot
in.tftpd   9203      root  rtd       DIR              253,0     4096          2 /
in.tftpd   9203      root  txt       REG              253,0    39544    1813945 /usr/sbin/in.tftpd
in.tftpd   9203      root  mem       REG              253,0   139504    1698969 /lib64/ld-2.5.so
in.tftpd   9203      root  mem       REG              253,0  1722304    1698999 /lib64/libc-2.5.so
in.tftpd   9203      root  mem       REG              253,0    37368    1699127 /lib64/libwrap.so.0.7.6
in.tftpd   9203      root  mem       REG              253,0   114352    1699014 /lib64/libnsl-2.5.so
in.tftpd   9203      root  mem       REG              253,0    53880    1698970 /lib64/libnss_files-2.5.so
in.tftpd   9203      root    0u     IPv4              94306                 UDP *:tftp



I think what I want is the 6th column but I am uncertain of how to express that in terms of iptables. Thanks!

tim
_______________________________________________
CentOS mailing list
[hidden email]
http://lists.centos.org/mailman/listinfo/centos
Reply | Threaded
Open this post in threaded view
|

Re: [CentOS] leaving ports open for tftp

brian
On 06/14/2011 06:51 PM, Tim Dunphy wrote:

> hey guys,
>
>   I have a really silly question for you! I just built a cobbler server that I am using to bare metal some boxes. But I am a bit n00b and need to figure out which ports to open in iptables.
>
>   Here's a start:
>
> xinetd     2031      root    8u     IPv4              94306                 UDP *:tftp
> in.tftpd   9203      root  cwd       DIR              253,0     4096     588097 /tftpboot
> in.tftpd   9203      root  rtd       DIR              253,0     4096          2 /
> in.tftpd   9203      root  txt       REG              253,0    39544    1813945 /usr/sbin/in.tftpd
> in.tftpd   9203      root  mem       REG              253,0   139504    1698969 /lib64/ld-2.5.so
> in.tftpd   9203      root  mem       REG              253,0  1722304    1698999 /lib64/libc-2.5.so
> in.tftpd   9203      root  mem       REG              253,0    37368    1699127 /lib64/libwrap.so.0.7.6
> in.tftpd   9203      root  mem       REG              253,0   114352    1699014 /lib64/libnsl-2.5.so
> in.tftpd   9203      root  mem       REG              253,0    53880    1698970 /lib64/libnss_files-2.5.so
> in.tftpd   9203      root    0u     IPv4              94306                 UDP *:tftp
>
>
>
> I think what I want is the 6th column but I am uncertain of how to express that in terms of iptables. Thanks!

  tim --

     I think the *standard* port for TFTP is 69.   You may have configured your server to use a different port...

     Assuming the default INPUT policy on your iptables configuration is "deny", typing the following at the command prompt, as
root, will insert a rule allowing (and accepting) tftp on port 69:

     iptables -I INPUT -p udp --dport 69 -j ACCEPT


     ...this will enable tftp on port 69 from all network interfaces.

_______________________________________________
CentOS mailing list
[hidden email]
http://lists.centos.org/mailman/listinfo/centos