From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Sat, 27 Sep 2003 05:02:29 +1100 From: Dmitry Lebkov To: community@altlinux.ru Subject: Re: [Comm] bugs?: cisco -> xinetd(tftpd) - why? Message-Id: <20030927050229.675d381c.dima@sakhalin.ru> In-Reply-To: <20030926170559.340d939a.olli@rbauto.ru> References: <20030926170559.340d939a.olli@rbauto.ru> X-Mailer: Sylpheed version 0.9.2 (GTK+ 1.2.10; i586-alt-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: 8bit X-BeenThere: community@altlinux.ru X-Mailman-Version: 2.1.2 Precedence: list Reply-To: community@altlinux.ru List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Sep 2003 18:02:29 -0000 Archived-At: List-Archive: List-Post: On Fri, 26 Sep 2003 17:05:59 +0400 Oleg K.Artemjev wrote: > > > Какие-то невнятные ошибки.. кто нибудь может объяснить в > чем дело? Конфиги, логи, screen dump'ы ниже: > > > На cisco: > 3550gbic@4=cs241#sh run | inc address > ip address 192.168.100.241 255.255.255.0 > ip address 192.168.200.241 255.255.255.0 > 3550gbic@4=cs241#copy run tftp > Source filename [running-config]? > Address or name of remote host []? 192.168.100.2 > Destination filename [3550gbic@4=cs241-confg]? > ...!! > 4975 bytes copied in 15.528 secs (320 bytes/sec) > 3550gbic@4=cs241# > > На pc в конфигах: > > -----------------/etc/xinetd.conf------------- > # Simple configuration file for xinetd > # > # Some defaults, and include /etc/xinetd.d/ > > defaults > { > log_type = SYSLOG authpriv > log_on_success = PID HOST USERID EXIT DURATION > log_on_failure = HOST RECORD USERID > instances = 25 > per_source = 5 > # localhost > only_from = 127.0.0.1 > # cisco equipment > only_from = 172.16.11.1 > only_from = 192.168.100.241 > only_from = 192.168.200.241 > only_from = 192.168.100.244 > only_from = 192.168.100.246 > only_from = 192.168.100.249 > only_from = 192.168.200.249 > } > > includedir /etc/xinetd.d > -----------------/etc/xinetd.conf------------- > -----------------/etc/xinetd.d/tftp------------- > # default: off > # description: The tftp server serves files using the trivial file transfer \ > # protocol. The tftp protocol is often used to boot diskless \ > # workstations, download configuration files to network-aware printers, \ > # and to start the installation process for some operating systems. > service tftp > { > disable = no > socket_type = dgram > wait = no > user = root > server = /usr/sbin/in.tftpd > server_args = -v -c -u tftp -s /0tftpd-storedir > } > -----------------/etc/xinetd.d/tftp------------- > > [root@ws002 root]# cat /etc/hosts.allow | grep 241 > # 3550gbic@4=cs241, both addresses > in.tftpd: 192.168.100.241 > in.tftpd: 192.168.200.241 > [root@ws002 root]# cat /etc/hosts.deny | grep 241 > [root@ws002 root]# > > На pc в логах: > [root@ws002 root]# grep tftp /var/log/all | tail -120 > Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18071 from=192.168.100.241 > Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18072 from=192.168.100.241 > Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18073 from=192.168.100.241 > Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18074 from=192.168.100.241 > Sep 26 16:42:37 ws002 xinetd[2084]: START: tftp pid=18075 from=192.168.100.241 > Sep 26 16:42:37 ws002 xinetd[2084]: FAIL: tftp per_source_limit from=192.168.100.241 > Sep 26 16:42:37 ws002 xinetd[18073]: libwrap refused connection to tftp from 192.168.100.241 > Sep 26 16:42:37 ws002 xinetd[18073]: FAIL: tftp libwrap from=192.168.100.241 > Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18073 duration=0(sec) > Sep 26 16:42:37 ws002 xinetd[18074]: libwrap refused connection to tftp from 192.168.100.241 > Sep 26 16:42:37 ws002 xinetd[18074]: FAIL: tftp libwrap from=192.168.100.241 > Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18074 duration=0(sec) > Sep 26 16:42:37 ws002 xinetd[18075]: libwrap refused connection to tftp from 192.168.100.241 > Sep 26 16:42:37 ws002 xinetd[18075]: FAIL: tftp libwrap from=192.168.100.241 > Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18075 duration=0(sec) > Sep 26 16:42:37 ws002 xinetd[18071]: libwrap refused connection to tftp from 192.168.100.241 > Sep 26 16:42:37 ws002 xinetd[18071]: FAIL: tftp libwrap from=192.168.100.241 > Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18071 duration=0(sec) > Sep 26 16:42:37 ws002 xinetd[18072]: libwrap refused connection to tftp from 192.168.100.241 > Sep 26 16:42:37 ws002 xinetd[18072]: FAIL: tftp libwrap from=192.168.100.241 > Sep 26 16:42:37 ws002 xinetd[2084]: EXIT: tftp status=0 pid=18072 duration=0(sec) > Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18076 from=192.168.100.241 > Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18077 from=192.168.100.241 > Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18078 from=192.168.100.241 > Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18079 from=192.168.100.241 > Sep 26 16:42:41 ws002 xinetd[2084]: START: tftp pid=18080 from=192.168.100.241 > Sep 26 16:42:41 ws002 xinetd[2084]: FAIL: tftp per_source_limit from=192.168.100.241 > Sep 26 16:42:46 ws002 xinetd[2084]: FAIL: tftp per_source_limit from=192.168.100.241 > Sep 26 12:42:52 ws002 in.tftpd[18081]: WRQ from 192.168.100.241 filename 3550gbic@4=cs241-confg > [root@ws002 root]# > > > Все конечно пишется.. но какого хрена эти самые FATAL?? Причем по второму разу спустя пару минут я ошибок > уже не наблюдаю: > > 3550gbic@4=cs241#copy run tftp > Source filename [running-config]? > Address or name of remote host []? 192.168.100.2 > Destination filename [3550gbic@4=cs241-confg]? > !! > 4975 bytes copied in 0.268 secs (18563 bytes/sec) > 3550gbic@4=cs241# В конфигах xinetd убери все упоминания USERID - это лишние "тормоза". Врядли у тебя везде работает identd ... Также, IMHO, вместо only_from в xinetd.conf лучше пользовать tcp_wrappers (hosts.deny|allow, man 5 host_access). -- WBR, Dmitry Lebkov