* [Comm] bugs?: cisco -> xinetd(tftpd) - why?
@ 2003-09-26 13:05 Oleg K.Artemjev
2003-09-26 18:02 ` Dmitry Lebkov
0 siblings, 1 reply; 3+ messages in thread
From: Oleg K.Artemjev @ 2003-09-26 13:05 UTC (permalink / raw)
To: community
Какие-то невнятные ошибки.. кто нибудь может объяснить в чем дело? Конфиги, логи, screen dump'ы ниже:
На cisco:
3550gbic@4=cs241#sh run | inc address
ip address 192.168.100.241 255.255.255.0
ip address 192.168.200.241 255.255.255.0
3550gbic@4=cs241#copy run tftp
Source filename [running-config]?
Address or name of remote host []? 192.168.100.2
Destination filename [3550gbic@4=cs241-confg]?
...!!
4975 bytes copied in 15.528 secs (320 bytes/sec)
3550gbic@4=cs241#
На pc в конфигах:
-----------------/etc/xinetd.conf-------------
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/
defaults
{
log_type = SYSLOG authpriv
log_on_success = PID HOST USERID EXIT DURATION
log_on_failure = HOST RECORD USERID
instances = 25
per_source = 5
# localhost
only_from = 127.0.0.1
# cisco equipment
only_from = 172.16.11.1
only_from = 192.168.100.241
only_from = 192.168.200.241
only_from = 192.168.100.244
only_from = 192.168.100.246
only_from = 192.168.100.249
only_from = 192.168.200.249
}
includedir /etc/xinetd.d
-----------------/etc/xinetd.conf-------------
-----------------/etc/xinetd.d/tftp-------------
# default: off
# description: The tftp server serves files using the trivial file transfer \
# protocol. The tftp protocol is often used to boot diskless \
# workstations, download configuration files to network-aware printers, \
# and to start the installation process for some operating systems.
service tftp
{
disable = no
socket_type = dgram
wait = no
user = root
server = /usr/sbin/in.tftpd
server_args = -v -c -u tftp -s /0tftpd-storedir
}
-----------------/etc/xinetd.d/tftp-------------
[root@ws002 root]# cat /etc/hosts.allow | grep 241
# 3550gbic@4=cs241, both addresses
in.tftpd: 192.168.100.241
in.tftpd: 192.168.200.241
[root@ws002 root]# cat /etc/hosts.deny | grep 241
[root@ws002 root]#
На pc в логах:
[root@ws002 root]# grep tftp /var/log/all | tail -120
Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18071 from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18072 from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18073 from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18074 from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18075 from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: FAIL: tftp per_source_limit from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[18073]: libwrap refused connection to tftp from 192.168.100.241
Sep 26 16:42:37 ws002 xinetd[18073]: FAIL: tftp libwrap from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18073 duration=0(sec)
Sep 26 16:42:37 ws002 xinetd[18074]: libwrap refused connection to tftp from 192.168.100.241
Sep 26 16:42:37 ws002 xinetd[18074]: FAIL: tftp libwrap from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18074 duration=0(sec)
Sep 26 16:42:37 ws002 xinetd[18075]: libwrap refused connection to tftp from 192.168.100.241
Sep 26 16:42:37 ws002 xinetd[18075]: FAIL: tftp libwrap from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18075 duration=0(sec)
Sep 26 16:42:37 ws002 xinetd[18071]: libwrap refused connection to tftp from 192.168.100.241
Sep 26 16:42:37 ws002 xinetd[18071]: FAIL: tftp libwrap from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18071 duration=0(sec)
Sep 26 16:42:37 ws002 xinetd[18072]: libwrap refused connection to tftp from 192.168.100.241
Sep 26 16:42:37 ws002 xinetd[18072]: FAIL: tftp libwrap from=192.168.100.241
Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18072 duration=0(sec)
Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18076 from=192.168.100.241
Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18077 from=192.168.100.241
Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18078 from=192.168.100.241
Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18079 from=192.168.100.241
Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18080 from=192.168.100.241
Sep 26 16:42:41 ws002 xinetd[2084]: FAIL: tftp per_source_limit from=192.168.100.241
Sep 26 16:42:46 ws002 xinetd[2084]: FAIL: tftp per_source_limit from=192.168.100.241
Sep 26 12:42:52 ws002 in.tftpd[18081]: WRQ from 192.168.100.241 filename 3550gbic@4=cs241-confg
[root@ws002 root]#
Все конечно пишется.. но какого хрена эти самые FATAL?? Причем по второму разу спустя пару минут я ошибок
уже не наблюдаю:
3550gbic@4=cs241#copy run tftp
Source filename [running-config]?
Address or name of remote host []? 192.168.100.2
Destination filename [3550gbic@4=cs241-confg]?
!!
4975 bytes copied in 0.268 secs (18563 bytes/sec)
3550gbic@4=cs241#
--
Bye.Olli. http://olli.digger.org.ru
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Comm] bugs?: cisco -> xinetd(tftpd) - why?
2003-09-26 13:05 [Comm] bugs?: cisco -> xinetd(tftpd) - why? Oleg K.Artemjev
@ 2003-09-26 18:02 ` Dmitry Lebkov
2003-09-29 9:03 ` Oleg K.Artemjev
0 siblings, 1 reply; 3+ messages in thread
From: Dmitry Lebkov @ 2003-09-26 18:02 UTC (permalink / raw)
To: community
On Fri, 26 Sep 2003 17:05:59 +0400
Oleg K.Artemjev <olli@rbauto.ru> wrote:
>
>
> Какие-то невнятные ошибки.. кто нибудь может объяснить в
> чем дело? Конфиги, логи, screen dump'ы ниже:
>
>
> На cisco:
> 3550gbic@4=cs241#sh run | inc address
> ip address 192.168.100.241 255.255.255.0
> ip address 192.168.200.241 255.255.255.0
> 3550gbic@4=cs241#copy run tftp
> Source filename [running-config]?
> Address or name of remote host []? 192.168.100.2
> Destination filename [3550gbic@4=cs241-confg]?
> ...!!
> 4975 bytes copied in 15.528 secs (320 bytes/sec)
> 3550gbic@4=cs241#
>
> На pc в конфигах:
>
> -----------------/etc/xinetd.conf-------------
> # Simple configuration file for xinetd
> #
> # Some defaults, and include /etc/xinetd.d/
>
> defaults
> {
> log_type = SYSLOG authpriv
> log_on_success = PID HOST USERID EXIT DURATION
> log_on_failure = HOST RECORD USERID
> instances = 25
> per_source = 5
> # localhost
> only_from = 127.0.0.1
> # cisco equipment
> only_from = 172.16.11.1
> only_from = 192.168.100.241
> only_from = 192.168.200.241
> only_from = 192.168.100.244
> only_from = 192.168.100.246
> only_from = 192.168.100.249
> only_from = 192.168.200.249
> }
>
> includedir /etc/xinetd.d
> -----------------/etc/xinetd.conf-------------
> -----------------/etc/xinetd.d/tftp-------------
> # default: off
> # description: The tftp server serves files using the trivial file transfer \
> # protocol. The tftp protocol is often used to boot diskless \
> # workstations, download configuration files to network-aware printers, \
> # and to start the installation process for some operating systems.
> service tftp
> {
> disable = no
> socket_type = dgram
> wait = no
> user = root
> server = /usr/sbin/in.tftpd
> server_args = -v -c -u tftp -s /0tftpd-storedir
> }
> -----------------/etc/xinetd.d/tftp-------------
>
> [root@ws002 root]# cat /etc/hosts.allow | grep 241
> # 3550gbic@4=cs241, both addresses
> in.tftpd: 192.168.100.241
> in.tftpd: 192.168.200.241
> [root@ws002 root]# cat /etc/hosts.deny | grep 241
> [root@ws002 root]#
>
> На pc в логах:
> [root@ws002 root]# grep tftp /var/log/all | tail -120
> Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18071 from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18072 from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18073 from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18074 from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18075 from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: FAIL: tftp per_source_limit from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[18073]: libwrap refused connection to tftp from 192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[18073]: FAIL: tftp libwrap from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18073 duration=0(sec)
> Sep 26 16:42:37 ws002 xinetd[18074]: libwrap refused connection to tftp from 192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[18074]: FAIL: tftp libwrap from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18074 duration=0(sec)
> Sep 26 16:42:37 ws002 xinetd[18075]: libwrap refused connection to tftp from 192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[18075]: FAIL: tftp libwrap from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18075 duration=0(sec)
> Sep 26 16:42:37 ws002 xinetd[18071]: libwrap refused connection to tftp from 192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[18071]: FAIL: tftp libwrap from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18071 duration=0(sec)
> Sep 26 16:42:37 ws002 xinetd[18072]: libwrap refused connection to tftp from 192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[18072]: FAIL: tftp libwrap from=192.168.100.241
> Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18072 duration=0(sec)
> Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18076 from=192.168.100.241
> Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18077 from=192.168.100.241
> Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18078 from=192.168.100.241
> Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18079 from=192.168.100.241
> Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18080 from=192.168.100.241
> Sep 26 16:42:41 ws002 xinetd[2084]: FAIL: tftp per_source_limit from=192.168.100.241
> Sep 26 16:42:46 ws002 xinetd[2084]: FAIL: tftp per_source_limit from=192.168.100.241
> Sep 26 12:42:52 ws002 in.tftpd[18081]: WRQ from 192.168.100.241 filename 3550gbic@4=cs241-confg
> [root@ws002 root]#
>
>
> Все конечно пишется.. но какого хрена эти самые FATAL?? Причем по второму разу спустя пару минут я ошибок
> уже не наблюдаю:
>
> 3550gbic@4=cs241#copy run tftp
> Source filename [running-config]?
> Address or name of remote host []? 192.168.100.2
> Destination filename [3550gbic@4=cs241-confg]?
> !!
> 4975 bytes copied in 0.268 secs (18563 bytes/sec)
> 3550gbic@4=cs241#
В конфигах xinetd убери все упоминания USERID - это лишние
"тормоза". Врядли у тебя везде работает identd ...
Также, IMHO, вместо only_from в xinetd.conf лучше пользовать
tcp_wrappers (hosts.deny|allow, man 5 host_access).
--
WBR, Dmitry Lebkov
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Comm] bugs?: cisco -> xinetd(tftpd) - why?
2003-09-26 18:02 ` Dmitry Lebkov
@ 2003-09-29 9:03 ` Oleg K.Artemjev
0 siblings, 0 replies; 3+ messages in thread
From: Oleg K.Artemjev @ 2003-09-29 9:03 UTC (permalink / raw)
To: community
On Sat, 27 Sep 2003 05:02:29 +1100
Dmitry Lebkov <dima@sakhalin.ru> wrote:
> В конфигах xinetd убери все упоминания USERID - это лишние
> "тормоза". Врядли у тебя везде работает identd ...
спасибо, я о нем забыл. %) Наверняка из-за этого и получаются первые
таймауты - на кисках identd нет.
> Также, IMHO, вместо only_from в xinetd.conf лучше пользовать
> tcp_wrappers (hosts.deny|allow, man 5 host_access).
будет довольно забавно, если после этого баги пропадут - можно
будет в bugs вешать.
--
Bye.Olli. http://olli.digger.org.ru
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2003-09-29 9:03 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-09-26 13:05 [Comm] bugs?: cisco -> xinetd(tftpd) - why? Oleg K.Artemjev
2003-09-26 18:02 ` Dmitry Lebkov
2003-09-29 9:03 ` Oleg K.Artemjev
ALT Linux Community general discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
public-inbox-index community
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.community
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git