ALT Linux Community general discussions
 help / color / mirror / Atom feed
* [Comm] bugs?: cisco -> xinetd(tftpd) - why?
@ 2003-09-26 13:05 Oleg K.Artemjev
  2003-09-26 18:02 ` Dmitry Lebkov
  0 siblings, 1 reply; 3+ messages in thread
From: Oleg K.Artemjev @ 2003-09-26 13:05 UTC (permalink / raw)
  To: community



Какие-то невнятные ошибки.. кто нибудь может объяснить в чем дело? Конфиги, логи, screen dump'ы ниже:


На cisco:
3550gbic@4=cs241#sh run | inc address 
 ip address 192.168.100.241 255.255.255.0
 ip address 192.168.200.241 255.255.255.0
3550gbic@4=cs241#copy run tftp
Source filename [running-config]?
Address or name of remote host []? 192.168.100.2
Destination filename [3550gbic@4=cs241-confg]?
...!!
4975 bytes copied in 15.528 secs (320 bytes/sec)
3550gbic@4=cs241#

На pc в конфигах:

-----------------/etc/xinetd.conf-------------
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/

defaults
{
	log_type = SYSLOG authpriv
	log_on_success = PID HOST USERID EXIT DURATION
	log_on_failure = HOST RECORD USERID
	instances = 25
	per_source = 5
# localhost
	only_from = 127.0.0.1
# cisco equipment
	only_from = 172.16.11.1
    only_from = 192.168.100.241
    only_from = 192.168.200.241
    only_from = 192.168.100.244
    only_from = 192.168.100.246
    only_from = 192.168.100.249
    only_from = 192.168.200.249
}

includedir /etc/xinetd.d
-----------------/etc/xinetd.conf-------------
-----------------/etc/xinetd.d/tftp-------------
# default: off
# description: The tftp server serves files using the trivial file transfer \
#	protocol.  The tftp protocol is often used to boot diskless \
#	workstations, download configuration files to network-aware printers, \
#	and to start the installation process for some operating systems.
service tftp
{
	disable		= no
	socket_type	= dgram
	wait		= no
	user		= root
	server		= /usr/sbin/in.tftpd
	server_args	= -v -c -u tftp -s /0tftpd-storedir
}
-----------------/etc/xinetd.d/tftp-------------

[root@ws002 root]# cat /etc/hosts.allow | grep 241
# 3550gbic@4=cs241, both addresses
in.tftpd: 192.168.100.241
in.tftpd: 192.168.200.241
[root@ws002 root]# cat /etc/hosts.deny | grep 241
[root@ws002 root]#

На pc в логах:
[root@ws002 root]# grep tftp /var/log/all | tail -120
Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18071 from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18072 from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18073 from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18074 from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18075 from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: FAIL: tftp per_source_limit from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[18073]: libwrap refused connection to tftp from 192.168.100.241
Sep 26 16:42:37 ws002 xinetd[18073]: FAIL: tftp libwrap from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18073 duration=0(sec)
Sep 26 16:42:37 ws002 xinetd[18074]: libwrap refused connection to tftp from 192.168.100.241
Sep 26 16:42:37 ws002 xinetd[18074]: FAIL: tftp libwrap from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18074 duration=0(sec)
Sep 26 16:42:37 ws002 xinetd[18075]: libwrap refused connection to tftp from 192.168.100.241
Sep 26 16:42:37 ws002 xinetd[18075]: FAIL: tftp libwrap from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18075 duration=0(sec)
Sep 26 16:42:37 ws002 xinetd[18071]: libwrap refused connection to tftp from 192.168.100.241
Sep 26 16:42:37 ws002 xinetd[18071]: FAIL: tftp libwrap from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18071 duration=0(sec)
Sep 26 16:42:37 ws002 xinetd[18072]: libwrap refused connection to tftp from 192.168.100.241
Sep 26 16:42:37 ws002 xinetd[18072]: FAIL: tftp libwrap from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18072 duration=0(sec)
Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18076 from=192.168.100.241
Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18077 from=192.168.100.241
Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18078 from=192.168.100.241
Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18079 from=192.168.100.241
Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18080 from=192.168.100.241
Sep 26 16:42:41 ws002 xinetd[2084]: FAIL: tftp per_source_limit from=192.168.100.241
Sep 26 16:42:46 ws002 xinetd[2084]: FAIL: tftp per_source_limit from=192.168.100.241
Sep 26 12:42:52 ws002 in.tftpd[18081]: WRQ from 192.168.100.241 filename 3550gbic@4=cs241-confg
[root@ws002 root]# 


Все конечно пишется.. но какого хрена эти самые FATAL?? Причем по второму разу спустя пару минут я ошибок
уже не наблюдаю:

3550gbic@4=cs241#copy run tftp        
Source filename [running-config]?                      
Address or name of remote host []? 192.168.100.2    
Destination filename [3550gbic@4=cs241-confg]? 
!!
4975 bytes copied in 0.268 secs (18563 bytes/sec)
3550gbic@4=cs241#


-- 
Bye.Olli.			http://olli.digger.org.ru




^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [Comm] bugs?: cisco -> xinetd(tftpd) - why?
  2003-09-26 13:05 [Comm] bugs?: cisco -> xinetd(tftpd) - why? Oleg K.Artemjev
@ 2003-09-26 18:02 ` Dmitry Lebkov
  2003-09-29  9:03   ` Oleg K.Artemjev
  0 siblings, 1 reply; 3+ messages in thread
From: Dmitry Lebkov @ 2003-09-26 18:02 UTC (permalink / raw)
  To: community

On Fri, 26 Sep 2003 17:05:59 +0400
Oleg K.Artemjev <olli@rbauto.ru> wrote:

> 
> 
> Какие-то невнятные ошибки.. кто нибудь может объяснить в
> чем дело? Конфиги, логи, screen dump'ы ниже:
>
>
> На cisco:
> 3550gbic@4=cs241#sh run | inc address 
>  ip address 192.168.100.241 255.255.255.0
>  ip address 192.168.200.241 255.255.255.0
> 3550gbic@4=cs241#copy run tftp
> Source filename [running-config]?
> Address or name of remote host []? 192.168.100.2
> Destination filename [3550gbic@4=cs241-confg]?
> ...!!
> 4975 bytes copied in 15.528 secs (320 bytes/sec)
> 3550gbic@4=cs241#
> 
> На pc в конфигах:
> 
> -----------------/etc/xinetd.conf-------------
> # Simple configuration file for xinetd
> #
> # Some defaults, and include /etc/xinetd.d/
> 
> defaults
> {
> 	log_type = SYSLOG authpriv
> 	log_on_success = PID HOST USERID EXIT DURATION
> 	log_on_failure = HOST RECORD USERID
> 	instances = 25
> 	per_source = 5
> # localhost
> 	only_from = 127.0.0.1
> # cisco equipment
> 	only_from = 172.16.11.1
>     only_from = 192.168.100.241
>     only_from = 192.168.200.241
>     only_from = 192.168.100.244
>     only_from = 192.168.100.246
>     only_from = 192.168.100.249
>     only_from = 192.168.200.249
> }
> 
> includedir /etc/xinetd.d
> -----------------/etc/xinetd.conf-------------
> -----------------/etc/xinetd.d/tftp-------------
> # default: off
> # description: The tftp server serves files using the trivial file transfer \
> #	protocol.  The tftp protocol is often used to boot diskless \
> #	workstations, download configuration files to network-aware printers, \
> #	and to start the installation process for some operating systems.
> service tftp
> {
> 	disable		= no
> 	socket_type	= dgram
> 	wait		= no
> 	user		= root
> 	server		= /usr/sbin/in.tftpd
> 	server_args	= -v -c -u tftp -s /0tftpd-storedir
> }
> -----------------/etc/xinetd.d/tftp-------------
> 
> [root@ws002 root]# cat /etc/hosts.allow | grep 241
> # 3550gbic@4=cs241, both addresses
> in.tftpd: 192.168.100.241
> in.tftpd: 192.168.200.241
> [root@ws002 root]# cat /etc/hosts.deny | grep 241
> [root@ws002 root]#
> 
> На pc в логах:
> [root@ws002 root]# grep tftp /var/log/all | tail -120
> Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18071 from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18072 from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18073 from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18074 from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18075 from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: FAIL: tftp per_source_limit from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[18073]: libwrap refused connection to tftp from 192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[18073]: FAIL: tftp libwrap from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18073 duration=0(sec)
> Sep 26 16:42:37 ws002 xinetd[18074]: libwrap refused connection to tftp from 192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[18074]: FAIL: tftp libwrap from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18074 duration=0(sec)
> Sep 26 16:42:37 ws002 xinetd[18075]: libwrap refused connection to tftp from 192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[18075]: FAIL: tftp libwrap from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18075 duration=0(sec)
> Sep 26 16:42:37 ws002 xinetd[18071]: libwrap refused connection to tftp from 192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[18071]: FAIL: tftp libwrap from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18071 duration=0(sec)
> Sep 26 16:42:37 ws002 xinetd[18072]: libwrap refused connection to tftp from 192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[18072]: FAIL: tftp libwrap from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18072 duration=0(sec)
> Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18076 from=192.168.100.241
> Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18077 from=192.168.100.241
> Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18078 from=192.168.100.241
> Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18079 from=192.168.100.241
> Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18080 from=192.168.100.241
> Sep 26 16:42:41 ws002 xinetd[2084]: FAIL: tftp per_source_limit from=192.168.100.241
> Sep 26 16:42:46 ws002 xinetd[2084]: FAIL: tftp per_source_limit from=192.168.100.241
> Sep 26 12:42:52 ws002 in.tftpd[18081]: WRQ from 192.168.100.241 filename 3550gbic@4=cs241-confg
> [root@ws002 root]# 
> 
> 
> Все конечно пишется.. но какого хрена эти самые FATAL?? Причем по второму разу спустя пару минут я ошибок
> уже не наблюдаю:
> 
> 3550gbic@4=cs241#copy run tftp        
> Source filename [running-config]?                      
> Address or name of remote host []? 192.168.100.2    
> Destination filename [3550gbic@4=cs241-confg]? 
> !!
> 4975 bytes copied in 0.268 secs (18563 bytes/sec)
> 3550gbic@4=cs241#


В конфигах xinetd убери все упоминания USERID - это лишние
"тормоза". Врядли у тебя везде работает identd ...

Также, IMHO, вместо only_from в xinetd.conf лучше пользовать
tcp_wrappers (hosts.deny|allow, man 5 host_access).

--
WBR, Dmitry Lebkov


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [Comm] bugs?: cisco -> xinetd(tftpd) - why?
  2003-09-26 18:02 ` Dmitry Lebkov
@ 2003-09-29  9:03   ` Oleg K.Artemjev
  0 siblings, 0 replies; 3+ messages in thread
From: Oleg K.Artemjev @ 2003-09-29  9:03 UTC (permalink / raw)
  To: community

On Sat, 27 Sep 2003 05:02:29 +1100
Dmitry Lebkov <dima@sakhalin.ru> wrote:

> В конфигах xinetd убери все упоминания USERID - это лишние
> "тормоза". Врядли у тебя везде работает identd ...
спасибо, я о нем забыл. %) Наверняка из-за этого и получаются первые
таймауты - на кисках identd нет.

> Также, IMHO, вместо only_from в xinetd.conf лучше пользовать
> tcp_wrappers (hosts.deny|allow, man 5 host_access).
будет довольно забавно, если после этого баги пропадут - можно 
будет в bugs вешать.

-- 
Bye.Olli.			http://olli.digger.org.ru




^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2003-09-29  9:03 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-09-26 13:05 [Comm] bugs?: cisco -> xinetd(tftpd) - why? Oleg K.Artemjev
2003-09-26 18:02 ` Dmitry Lebkov
2003-09-29  9:03   ` Oleg K.Artemjev

ALT Linux Community general discussions

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
		mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
	public-inbox-index community

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://lore.altlinux.org/org.altlinux.lists.community


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git