TFTP requests Not being serviced The 2019 Stack Overflow Developer Survey Results Are In Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) Come Celebrate our 10 Year Anniversary!Windows TFTP Server Recomendations?Strange UDP/TFTP ProblemTFTP/PXE with the foremanTFTP PUT Failing Across HostsFedora 17 tftp not sending files on requestsDownloading with U-Boot's tftp randomly times outHow to ACCEPT multicast connection with iptables's rule?OpenVPN UDP connections timing outDo DNS queries always travel over UDP?dnsmasq not responding to Cisco tftp broadcast requests (tftp://255.255.255.255/network-confg)

Is it ethical to upload a automatically generated paper to a non peer-reviewed site as part of a larger research?

What is special about square numbers here?

Does the AirPods case need to be around while listening via an iOS Device?

What aspect of planet Earth must be changed to prevent the industrial revolution?

Is every episode of "Where are my Pants?" identical?

What information about me do stores get via my credit card?

Am I ethically obligated to go into work on an off day if the reason is sudden?

Semisimplicity of the category of coherent sheaves?

How does ice melt when immersed in water

What are these Gizmos at Izaña Atmospheric Research Center in Spain?

Did the new image of black hole confirm the general theory of relativity?

Is it ok to offer lower paid work as a trial period before negotiating for a full-time job?

Do warforged have souls?

"... to apply for a visa" or "... and applied for a visa"?

Are spiders unable to hurt humans, especially very small spiders?

Is above average number of years spent on PhD considered a red flag in future academia or industry positions?

ELI5: Why do they say that Israel would have been the fourth country to land a spacecraft on the Moon and why do they call it low cost?

Road tyres vs "Street" tyres for charity ride on MTB Tandem

Change bounding box of math glyphs in LuaTeX

How did passengers keep warm on sail ships?

Would an alien lifeform be able to achieve space travel if lacking in vision?

How many people can fit inside Mordenkainen's Magnificent Mansion?

Derivation tree not rendering

Problems with Ubuntu mount /tmp



TFTP requests Not being serviced



The 2019 Stack Overflow Developer Survey Results Are In
Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)
Come Celebrate our 10 Year Anniversary!Windows TFTP Server Recomendations?Strange UDP/TFTP ProblemTFTP/PXE with the foremanTFTP PUT Failing Across HostsFedora 17 tftp not sending files on requestsDownloading with U-Boot's tftp randomly times outHow to ACCEPT multicast connection with iptables's rule?OpenVPN UDP connections timing outDo DNS queries always travel over UDP?dnsmasq not responding to Cisco tftp broadcast requests (tftp://255.255.255.255/network-confg)



.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;








2















This may look like a duplicate question but I did my share of searching, but could not find any solution.



I have created a tftp server, this server when accessed from a local tftp client, over a loopback gets and puts the file just fine.
When I try to access the server through an external client, The request times out. The connection is established. I can see the connection as connected in the tftp client, no issues there. The File transfer does not start.



The client is connected directly to the HOST via a ethernet cable, I have created a 2 Device LAN. pings work between them.



I initially thought this to be a firewall issue, now I have disabled the firewall, allowed INPUT and OUTPUT on the configured port 69 in the iptables. also udp is allowed on port 69.



I am also Not running multiple instances of the tftpd-hpa server , it is running as a daemon, and netstat -aup has only one tftp server running.



The clients are giving proper requests, I can see them in wireshark, but nothing goes out in response.



and the failure is always a TIMEOUT.



**firewall disabled**
**ports allow connection **
**file transfer fails**
** outgoing tftp request as a client to other tftp servers is alos blocked **


Update2:



I was not really sure about the Firewall thing, as this laptop was issued by my employer and I am skeptical that they wont allow the firewall to be disabled. reading the /var/log/syslog did not give any hints so tried looking at the kernel prints as to whether any kmodules were doing anything fishy, I see these ones.



[10989.915231] FIREWALL: IN=eth1 OUT= MAC=50:7b:9d:f9:44:5d:68:9e:19:99:9e:e4:08:00 SRC=10.42.0.89 DST=10.42.0.1 LEN=65 TOS=0x00 PREC=0x00 TTL=255 ID=117 DF PROTO=UDP SPT=2495 DPT=69 LEN=45


The SRC , DESTT , DPT , PROTO the MAC Address all match my tftp client.



I cannot really tell, what is happening here, so if anyone can give me hints to look for some logs or something else, It would be really helpful.



after this I installed gufw to manage the firewall and allowed all incoming and outgoing traffic. I still get timeouts, and this is what I now see on syslog.



Sep 5 16:16:01 arun-TP kernel: [13836.201853] [UFW AUDIT] IN= OUT=eth1 SRC=10.42.0.1 DST=10.42.0.255 LEN=184 TOS=0x00 PREC=0x00 TTL=64 ID=12630 DF PROTO=UDP SPT=17500 DPT=17500 LEN=164 
Sep 5 16:16:01 arun-TP kernel: [13836.201870] [UFW ALLOW] IN= OUT=eth1 SRC=10.42.0.1 DST=10.42.0.255 LEN=184 TOS=0x00 PREC=0x00 TTL=64 ID=12630 DF PROTO=UDP SPT=17500 DPT=17500 LEN=164


This time the DST does not make sense, The client is at 10.42.0.89 and not 10.42.0.255.



Update1:



/etc/default/tftpd-hpa



TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/tftpboot"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure --create -s"
RUN_DAEMON="YES"


ls -lrt /



drwxr-xr-x 2 tftp nogroup 4096 Sep 5 03:30 tftpboot


netstat -aup



Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
udp 0 0 *:mdns *:* 739/avahi-daemon: r
udp 0 0 *:50694 *:* 2514/rpc.mountd 
udp 0 0 *:55107 *:* 2514/rpc.mountd 
udp 0 0 *:nfs *:* - 
udp 0 0 *:3471 *:* 8567/dhclient 
udp 0 0 *:56776 *:* 739/avahi-daemon: r
udp 0 0 10.42.0.1:domain *:* 5403/dnsmasq 
udp 0 0 127.0.1.1:domain *:* 3025/dnsmasq 
udp 0 0 *:bootps *:* 5403/dnsmasq 
udp 0 0 *:bootpc *:* 8567/dhclient 
udp 0 0 *:tftp *:* 4316/in.tftpd 
udp 0 0 *:sunrpc *:* 966/rpcbind 
udp 0 0 *:ipp *:* 1476/cups-browsed
udp 0 0 *:707 *:* 966/rpcbind 
udp 0 0 *:33526 *:* 2514/rpc.mountd 
udp 0 0 *:49935 *:* - 
udp 0 0 localhost:796 *:* 1044/rpc.statd 
udp 0 0 *:54194 *:* 1044/rpc.statd 
udp 0 0 *:17500 *:* 3785/dropbox 
udp6 0 0 [::]:mdns [::]:* 739/avahi-daemon: r
udp6 0 0 [::]:42779 [::]:* - 
udp6 0 0 [::]:59279 [::]:* 1044/rpc.statd 
udp6 0 0 [::]:nfs [::]:* - 
udp6 0 0 [::]:60007 [::]:* 2514/rpc.mountd 
udp6 0 0 [::]:52311 [::]:* 2254/BESClient 
udp6 0 0 [::]:11656 [::]:* 8567/dhclient 
udp6 0 0 [::]:sunrpc [::]:* 966/rpcbind 
udp6 0 0 [::]:45289 [::]:* 739/avahi-daemon: r
udp6 0 0 [::]:57589 [::]:* 2514/rpc.mountd 
udp6 0 0 [::]:707 [::]:* 966/rpcbind 
udp6 0 0 [::]:37709 [::]:* 2514/rpc.mountd


no tftp configuration file in /etc/xinetd.d/



Firewall is disabled. ufw status = inactive



iptables -L -v



Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 
 2 656 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:bootps
 0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:bootps
 0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:domain
 0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:domain
36569 3800K ACCEPT all -- lo any anywhere anywhere 
30392 20M ACCEPT tcp -- any any anywhere anywhere state RELATED,ESTABLISHED
 2704 679K ACCEPT udp -- any any anywhere anywhere state RELATED,ESTABLISHED
 0 0 ACCEPT 254 -- ipsec+ any anywhere anywhere 
 0 0 ACCEPT esp -- any any anywhere anywhere 
 0 0 ACCEPT ah -- any any anywhere anywhere 
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:isakmp
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:cfengine
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:5900
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:5901
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:12080
 0 0 REJECT tcp -- any any anywhere anywhere tcp dpt:auth reject-with icmp-port-unreachable
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:https
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:5656
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpts:5004:5005
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpts:5004:5005
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:20830
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:20830
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpts:sip:5062
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpts:sip:5062
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:21100
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:2001
 0 0 ACCEPT gre -- any any anywhere anywhere 
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp destination-unreachable
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp source-quench
 689 56460 ACCEPT icmp -- any any anywhere anywhere icmp time-exceeded
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp parameter-problem
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp router-advertisement
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp echo-request
 13 832 ACCEPT icmp -- any any anywhere anywhere icmp echo-reply
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:tproxy
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:1533
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpts:30000:30005
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:bootps:bootpc
 6 1968 DROP udp -- any any anywhere anywhere udp dpts:bootps:bootpc
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:netbios-ns
 0 0 DROP udp -- any any anywhere anywhere udp dpt:netbios-ns
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:netbios-dgm
 0 0 DROP udp -- any any anywhere anywhere udp dpt:netbios-dgm
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:netbios-ssn
 0 0 DROP udp -- any any anywhere anywhere udp dpt:netbios-ssn
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:tcpmux:ftp-data
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:sunrpc
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:snmp:snmp-trap
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:520
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:6348:6349
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:6345:gnutella-rtr
 75 3256 LOG tcp -- any any anywhere anywhere limit: avg 3/min burst 5 LOG level debug prefix "FIREWALL: "
 1459 263K LOG udp -- any any anywhere anywhere limit: avg 3/min burst 5 LOG level debug prefix "FIREWALL: "
 3347 568K DROP all -- any any anywhere anywhere 
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:tftp state NEW,ESTABLISHED
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:69 state NEW,ESTABLISHED

Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 
 0 0 ACCEPT all -- any eth1 anywhere 10.42.0.0/24 state RELATED,ESTABLISHED
 0 0 ACCEPT all -- eth1 any 10.42.0.0/24 anywhere 
 0 0 ACCEPT all -- eth1 eth1 anywhere anywhere 
 0 0 REJECT all -- any eth1 anywhere anywhere reject-with icmp-port-unreachable
 0 0 REJECT all -- eth1 any anywhere anywhere reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT 68593 packets, 6962K bytes) pkts bytes target prot opt in out source destination 
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:69 state NEW,ESTABLISHED
 1 45 ACCEPT udp -- any any anywhere anywhere udp dpt:tftp state NEW,ESTABLISHED


Outgoing tftp requests as a client are also blocked. my IP is 192,168.0.5 tried connecting to 192.168.0.2



tftp 192.168.0.2
tftp> verbose on
Verbose mode on.
tftp> status
Connected to 192.168.0.2.
Mode: netascii Verbose: on Tracing: off Literal: off
Rexmt-interval: 5 seconds, Max-timeout: 25 seconds
tftp> put hello
putting hello to 192.168.0.2:hello [netascii]
Transfer timed out.


can there be something wrong with my Router? Is there any settings that I need to take care of, but this problem is there even when I connect the client directly to the server using an ethernet cable. I tired a BeagleBone Black, a MAcbook and my Android Phone as a tftp clients raising request to the server.



Client : 10.42.0.89 (BeagleBlack, at u-boot)
Server : 10.42.0.1



I used wireshark to sniff on the ethernet packets now.



ARP:



32 927.886269000 10.42.0.89 Broadcast ARP 60 Who has 10.42.0.1? Tell 10.42.0.89
33 927.886320000 50:7b:9d:f9:44:5d 10.42.0.89 ARP 42 10.42.0.1 is at 50:7b:9d:f9:44:5d


after this , I see only this initiating from the client and nothing goes out.



36 932.887008000 10.42.0.89 10.42.0.1 TFTP 79 Read Request, File: hello, Transfer type: octet, timeout00=500, blksize00=146800





udp file-transfer tftp







share|improve this question



















  • 1





    Please show tftpd configuration and output of command iptables -L -v. Can tftp client on the server connect to server via external ip address?

    – Mikhail Khirgiy
    Sep 5 '16 at 5:43











  • Question is updated now.. @MikhailKhirgiy

    – ArunMKumar
    Sep 5 '16 at 8:27

















2















This may look like a duplicate question but I did my share of searching, but could not find any solution.



I have created a tftp server, this server when accessed from a local tftp client, over a loopback gets and puts the file just fine.
When I try to access the server through an external client, The request times out. The connection is established. I can see the connection as connected in the tftp client, no issues there. The File transfer does not start.



The client is connected directly to the HOST via a ethernet cable, I have created a 2 Device LAN. pings work between them.



I initially thought this to be a firewall issue, now I have disabled the firewall, allowed INPUT and OUTPUT on the configured port 69 in the iptables. also udp is allowed on port 69.



I am also Not running multiple instances of the tftpd-hpa server , it is running as a daemon, and netstat -aup has only one tftp server running.



The clients are giving proper requests, I can see them in wireshark, but nothing goes out in response.



and the failure is always a TIMEOUT.



**firewall disabled**
**ports allow connection **
**file transfer fails**
** outgoing tftp request as a client to other tftp servers is alos blocked **


Update2:



I was not really sure about the Firewall thing, as this laptop was issued by my employer and I am skeptical that they wont allow the firewall to be disabled. reading the /var/log/syslog did not give any hints so tried looking at the kernel prints as to whether any kmodules were doing anything fishy, I see these ones.



[10989.915231] FIREWALL: IN=eth1 OUT= MAC=50:7b:9d:f9:44:5d:68:9e:19:99:9e:e4:08:00 SRC=10.42.0.89 DST=10.42.0.1 LEN=65 TOS=0x00 PREC=0x00 TTL=255 ID=117 DF PROTO=UDP SPT=2495 DPT=69 LEN=45


The SRC , DESTT , DPT , PROTO the MAC Address all match my tftp client.



I cannot really tell, what is happening here, so if anyone can give me hints to look for some logs or something else, It would be really helpful.



after this I installed gufw to manage the firewall and allowed all incoming and outgoing traffic. I still get timeouts, and this is what I now see on syslog.



Sep 5 16:16:01 arun-TP kernel: [13836.201853] [UFW AUDIT] IN= OUT=eth1 SRC=10.42.0.1 DST=10.42.0.255 LEN=184 TOS=0x00 PREC=0x00 TTL=64 ID=12630 DF PROTO=UDP SPT=17500 DPT=17500 LEN=164 
Sep 5 16:16:01 arun-TP kernel: [13836.201870] [UFW ALLOW] IN= OUT=eth1 SRC=10.42.0.1 DST=10.42.0.255 LEN=184 TOS=0x00 PREC=0x00 TTL=64 ID=12630 DF PROTO=UDP SPT=17500 DPT=17500 LEN=164


This time the DST does not make sense, The client is at 10.42.0.89 and not 10.42.0.255.



Update1:



/etc/default/tftpd-hpa



TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/tftpboot"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure --create -s"
RUN_DAEMON="YES"


ls -lrt /



drwxr-xr-x 2 tftp nogroup 4096 Sep 5 03:30 tftpboot


netstat -aup



Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
udp 0 0 *:mdns *:* 739/avahi-daemon: r
udp 0 0 *:50694 *:* 2514/rpc.mountd 
udp 0 0 *:55107 *:* 2514/rpc.mountd 
udp 0 0 *:nfs *:* - 
udp 0 0 *:3471 *:* 8567/dhclient 
udp 0 0 *:56776 *:* 739/avahi-daemon: r
udp 0 0 10.42.0.1:domain *:* 5403/dnsmasq 
udp 0 0 127.0.1.1:domain *:* 3025/dnsmasq 
udp 0 0 *:bootps *:* 5403/dnsmasq 
udp 0 0 *:bootpc *:* 8567/dhclient 
udp 0 0 *:tftp *:* 4316/in.tftpd 
udp 0 0 *:sunrpc *:* 966/rpcbind 
udp 0 0 *:ipp *:* 1476/cups-browsed
udp 0 0 *:707 *:* 966/rpcbind 
udp 0 0 *:33526 *:* 2514/rpc.mountd 
udp 0 0 *:49935 *:* - 
udp 0 0 localhost:796 *:* 1044/rpc.statd 
udp 0 0 *:54194 *:* 1044/rpc.statd 
udp 0 0 *:17500 *:* 3785/dropbox 
udp6 0 0 [::]:mdns [::]:* 739/avahi-daemon: r
udp6 0 0 [::]:42779 [::]:* - 
udp6 0 0 [::]:59279 [::]:* 1044/rpc.statd 
udp6 0 0 [::]:nfs [::]:* - 
udp6 0 0 [::]:60007 [::]:* 2514/rpc.mountd 
udp6 0 0 [::]:52311 [::]:* 2254/BESClient 
udp6 0 0 [::]:11656 [::]:* 8567/dhclient 
udp6 0 0 [::]:sunrpc [::]:* 966/rpcbind 
udp6 0 0 [::]:45289 [::]:* 739/avahi-daemon: r
udp6 0 0 [::]:57589 [::]:* 2514/rpc.mountd 
udp6 0 0 [::]:707 [::]:* 966/rpcbind 
udp6 0 0 [::]:37709 [::]:* 2514/rpc.mountd


no tftp configuration file in /etc/xinetd.d/



Firewall is disabled. ufw status = inactive



iptables -L -v



Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 
 2 656 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:bootps
 0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:bootps
 0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:domain
 0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:domain
36569 3800K ACCEPT all -- lo any anywhere anywhere 
30392 20M ACCEPT tcp -- any any anywhere anywhere state RELATED,ESTABLISHED
 2704 679K ACCEPT udp -- any any anywhere anywhere state RELATED,ESTABLISHED
 0 0 ACCEPT 254 -- ipsec+ any anywhere anywhere 
 0 0 ACCEPT esp -- any any anywhere anywhere 
 0 0 ACCEPT ah -- any any anywhere anywhere 
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:isakmp
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:cfengine
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:5900
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:5901
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:12080
 0 0 REJECT tcp -- any any anywhere anywhere tcp dpt:auth reject-with icmp-port-unreachable
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:https
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:5656
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpts:5004:5005
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpts:5004:5005
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:20830
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:20830
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpts:sip:5062
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpts:sip:5062
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:21100
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:2001
 0 0 ACCEPT gre -- any any anywhere anywhere 
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp destination-unreachable
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp source-quench
 689 56460 ACCEPT icmp -- any any anywhere anywhere icmp time-exceeded
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp parameter-problem
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp router-advertisement
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp echo-request
 13 832 ACCEPT icmp -- any any anywhere anywhere icmp echo-reply
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:tproxy
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:1533
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpts:30000:30005
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:bootps:bootpc
 6 1968 DROP udp -- any any anywhere anywhere udp dpts:bootps:bootpc
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:netbios-ns
 0 0 DROP udp -- any any anywhere anywhere udp dpt:netbios-ns
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:netbios-dgm
 0 0 DROP udp -- any any anywhere anywhere udp dpt:netbios-dgm
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:netbios-ssn
 0 0 DROP udp -- any any anywhere anywhere udp dpt:netbios-ssn
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:tcpmux:ftp-data
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:sunrpc
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:snmp:snmp-trap
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:520
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:6348:6349
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:6345:gnutella-rtr
 75 3256 LOG tcp -- any any anywhere anywhere limit: avg 3/min burst 5 LOG level debug prefix "FIREWALL: "
 1459 263K LOG udp -- any any anywhere anywhere limit: avg 3/min burst 5 LOG level debug prefix "FIREWALL: "
 3347 568K DROP all -- any any anywhere anywhere 
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:tftp state NEW,ESTABLISHED
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:69 state NEW,ESTABLISHED

Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 
 0 0 ACCEPT all -- any eth1 anywhere 10.42.0.0/24 state RELATED,ESTABLISHED
 0 0 ACCEPT all -- eth1 any 10.42.0.0/24 anywhere 
 0 0 ACCEPT all -- eth1 eth1 anywhere anywhere 
 0 0 REJECT all -- any eth1 anywhere anywhere reject-with icmp-port-unreachable
 0 0 REJECT all -- eth1 any anywhere anywhere reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT 68593 packets, 6962K bytes) pkts bytes target prot opt in out source destination 
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:69 state NEW,ESTABLISHED
 1 45 ACCEPT udp -- any any anywhere anywhere udp dpt:tftp state NEW,ESTABLISHED


Outgoing tftp requests as a client are also blocked. my IP is 192,168.0.5 tried connecting to 192.168.0.2



tftp 192.168.0.2
tftp> verbose on
Verbose mode on.
tftp> status
Connected to 192.168.0.2.
Mode: netascii Verbose: on Tracing: off Literal: off
Rexmt-interval: 5 seconds, Max-timeout: 25 seconds
tftp> put hello
putting hello to 192.168.0.2:hello [netascii]
Transfer timed out.


can there be something wrong with my Router? Is there any settings that I need to take care of, but this problem is there even when I connect the client directly to the server using an ethernet cable. I tired a BeagleBone Black, a MAcbook and my Android Phone as a tftp clients raising request to the server.



Client : 10.42.0.89 (BeagleBlack, at u-boot)
Server : 10.42.0.1



I used wireshark to sniff on the ethernet packets now.



ARP:



32 927.886269000 10.42.0.89 Broadcast ARP 60 Who has 10.42.0.1? Tell 10.42.0.89
33 927.886320000 50:7b:9d:f9:44:5d 10.42.0.89 ARP 42 10.42.0.1 is at 50:7b:9d:f9:44:5d


after this , I see only this initiating from the client and nothing goes out.



36 932.887008000 10.42.0.89 10.42.0.1 TFTP 79 Read Request, File: hello, Transfer type: octet, timeout00=500, blksize00=146800





udp file-transfer tftp







share|improve this question



















  • 1





    Please show tftpd configuration and output of command iptables -L -v. Can tftp client on the server connect to server via external ip address?

    – Mikhail Khirgiy
    Sep 5 '16 at 5:43











  • Question is updated now.. @MikhailKhirgiy

    – ArunMKumar
    Sep 5 '16 at 8:27













2












2








2








This may look like a duplicate question but I did my share of searching, but could not find any solution.



I have created a tftp server, this server when accessed from a local tftp client, over a loopback gets and puts the file just fine.
When I try to access the server through an external client, The request times out. The connection is established. I can see the connection as connected in the tftp client, no issues there. The File transfer does not start.



The client is connected directly to the HOST via a ethernet cable, I have created a 2 Device LAN. pings work between them.



I initially thought this to be a firewall issue, now I have disabled the firewall, allowed INPUT and OUTPUT on the configured port 69 in the iptables. also udp is allowed on port 69.



I am also Not running multiple instances of the tftpd-hpa server , it is running as a daemon, and netstat -aup has only one tftp server running.



The clients are giving proper requests, I can see them in wireshark, but nothing goes out in response.



and the failure is always a TIMEOUT.



**firewall disabled**
**ports allow connection **
**file transfer fails**
** outgoing tftp request as a client to other tftp servers is alos blocked **


Update2:



I was not really sure about the Firewall thing, as this laptop was issued by my employer and I am skeptical that they wont allow the firewall to be disabled. reading the /var/log/syslog did not give any hints so tried looking at the kernel prints as to whether any kmodules were doing anything fishy, I see these ones.



[10989.915231] FIREWALL: IN=eth1 OUT= MAC=50:7b:9d:f9:44:5d:68:9e:19:99:9e:e4:08:00 SRC=10.42.0.89 DST=10.42.0.1 LEN=65 TOS=0x00 PREC=0x00 TTL=255 ID=117 DF PROTO=UDP SPT=2495 DPT=69 LEN=45


The SRC , DESTT , DPT , PROTO the MAC Address all match my tftp client.



I cannot really tell, what is happening here, so if anyone can give me hints to look for some logs or something else, It would be really helpful.



after this I installed gufw to manage the firewall and allowed all incoming and outgoing traffic. I still get timeouts, and this is what I now see on syslog.



Sep 5 16:16:01 arun-TP kernel: [13836.201853] [UFW AUDIT] IN= OUT=eth1 SRC=10.42.0.1 DST=10.42.0.255 LEN=184 TOS=0x00 PREC=0x00 TTL=64 ID=12630 DF PROTO=UDP SPT=17500 DPT=17500 LEN=164 
Sep 5 16:16:01 arun-TP kernel: [13836.201870] [UFW ALLOW] IN= OUT=eth1 SRC=10.42.0.1 DST=10.42.0.255 LEN=184 TOS=0x00 PREC=0x00 TTL=64 ID=12630 DF PROTO=UDP SPT=17500 DPT=17500 LEN=164


This time the DST does not make sense, The client is at 10.42.0.89 and not 10.42.0.255.



Update1:



/etc/default/tftpd-hpa



TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/tftpboot"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure --create -s"
RUN_DAEMON="YES"


ls -lrt /



drwxr-xr-x 2 tftp nogroup 4096 Sep 5 03:30 tftpboot


netstat -aup



Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
udp 0 0 *:mdns *:* 739/avahi-daemon: r
udp 0 0 *:50694 *:* 2514/rpc.mountd 
udp 0 0 *:55107 *:* 2514/rpc.mountd 
udp 0 0 *:nfs *:* - 
udp 0 0 *:3471 *:* 8567/dhclient 
udp 0 0 *:56776 *:* 739/avahi-daemon: r
udp 0 0 10.42.0.1:domain *:* 5403/dnsmasq 
udp 0 0 127.0.1.1:domain *:* 3025/dnsmasq 
udp 0 0 *:bootps *:* 5403/dnsmasq 
udp 0 0 *:bootpc *:* 8567/dhclient 
udp 0 0 *:tftp *:* 4316/in.tftpd 
udp 0 0 *:sunrpc *:* 966/rpcbind 
udp 0 0 *:ipp *:* 1476/cups-browsed
udp 0 0 *:707 *:* 966/rpcbind 
udp 0 0 *:33526 *:* 2514/rpc.mountd 
udp 0 0 *:49935 *:* - 
udp 0 0 localhost:796 *:* 1044/rpc.statd 
udp 0 0 *:54194 *:* 1044/rpc.statd 
udp 0 0 *:17500 *:* 3785/dropbox 
udp6 0 0 [::]:mdns [::]:* 739/avahi-daemon: r
udp6 0 0 [::]:42779 [::]:* - 
udp6 0 0 [::]:59279 [::]:* 1044/rpc.statd 
udp6 0 0 [::]:nfs [::]:* - 
udp6 0 0 [::]:60007 [::]:* 2514/rpc.mountd 
udp6 0 0 [::]:52311 [::]:* 2254/BESClient 
udp6 0 0 [::]:11656 [::]:* 8567/dhclient 
udp6 0 0 [::]:sunrpc [::]:* 966/rpcbind 
udp6 0 0 [::]:45289 [::]:* 739/avahi-daemon: r
udp6 0 0 [::]:57589 [::]:* 2514/rpc.mountd 
udp6 0 0 [::]:707 [::]:* 966/rpcbind 
udp6 0 0 [::]:37709 [::]:* 2514/rpc.mountd


no tftp configuration file in /etc/xinetd.d/



Firewall is disabled. ufw status = inactive



iptables -L -v



Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 
 2 656 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:bootps
 0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:bootps
 0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:domain
 0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:domain
36569 3800K ACCEPT all -- lo any anywhere anywhere 
30392 20M ACCEPT tcp -- any any anywhere anywhere state RELATED,ESTABLISHED
 2704 679K ACCEPT udp -- any any anywhere anywhere state RELATED,ESTABLISHED
 0 0 ACCEPT 254 -- ipsec+ any anywhere anywhere 
 0 0 ACCEPT esp -- any any anywhere anywhere 
 0 0 ACCEPT ah -- any any anywhere anywhere 
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:isakmp
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:cfengine
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:5900
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:5901
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:12080
 0 0 REJECT tcp -- any any anywhere anywhere tcp dpt:auth reject-with icmp-port-unreachable
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:https
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:5656
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpts:5004:5005
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpts:5004:5005
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:20830
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:20830
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpts:sip:5062
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpts:sip:5062
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:21100
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:2001
 0 0 ACCEPT gre -- any any anywhere anywhere 
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp destination-unreachable
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp source-quench
 689 56460 ACCEPT icmp -- any any anywhere anywhere icmp time-exceeded
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp parameter-problem
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp router-advertisement
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp echo-request
 13 832 ACCEPT icmp -- any any anywhere anywhere icmp echo-reply
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:tproxy
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:1533
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpts:30000:30005
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:bootps:bootpc
 6 1968 DROP udp -- any any anywhere anywhere udp dpts:bootps:bootpc
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:netbios-ns
 0 0 DROP udp -- any any anywhere anywhere udp dpt:netbios-ns
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:netbios-dgm
 0 0 DROP udp -- any any anywhere anywhere udp dpt:netbios-dgm
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:netbios-ssn
 0 0 DROP udp -- any any anywhere anywhere udp dpt:netbios-ssn
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:tcpmux:ftp-data
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:sunrpc
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:snmp:snmp-trap
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:520
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:6348:6349
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:6345:gnutella-rtr
 75 3256 LOG tcp -- any any anywhere anywhere limit: avg 3/min burst 5 LOG level debug prefix "FIREWALL: "
 1459 263K LOG udp -- any any anywhere anywhere limit: avg 3/min burst 5 LOG level debug prefix "FIREWALL: "
 3347 568K DROP all -- any any anywhere anywhere 
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:tftp state NEW,ESTABLISHED
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:69 state NEW,ESTABLISHED

Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 
 0 0 ACCEPT all -- any eth1 anywhere 10.42.0.0/24 state RELATED,ESTABLISHED
 0 0 ACCEPT all -- eth1 any 10.42.0.0/24 anywhere 
 0 0 ACCEPT all -- eth1 eth1 anywhere anywhere 
 0 0 REJECT all -- any eth1 anywhere anywhere reject-with icmp-port-unreachable
 0 0 REJECT all -- eth1 any anywhere anywhere reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT 68593 packets, 6962K bytes) pkts bytes target prot opt in out source destination 
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:69 state NEW,ESTABLISHED
 1 45 ACCEPT udp -- any any anywhere anywhere udp dpt:tftp state NEW,ESTABLISHED


Outgoing tftp requests as a client are also blocked. my IP is 192,168.0.5 tried connecting to 192.168.0.2



tftp 192.168.0.2
tftp> verbose on
Verbose mode on.
tftp> status
Connected to 192.168.0.2.
Mode: netascii Verbose: on Tracing: off Literal: off
Rexmt-interval: 5 seconds, Max-timeout: 25 seconds
tftp> put hello
putting hello to 192.168.0.2:hello [netascii]
Transfer timed out.


can there be something wrong with my Router? Is there any settings that I need to take care of, but this problem is there even when I connect the client directly to the server using an ethernet cable. I tired a BeagleBone Black, a MAcbook and my Android Phone as a tftp clients raising request to the server.



Client : 10.42.0.89 (BeagleBlack, at u-boot)
Server : 10.42.0.1



I used wireshark to sniff on the ethernet packets now.



ARP:



32 927.886269000 10.42.0.89 Broadcast ARP 60 Who has 10.42.0.1? Tell 10.42.0.89
33 927.886320000 50:7b:9d:f9:44:5d 10.42.0.89 ARP 42 10.42.0.1 is at 50:7b:9d:f9:44:5d


after this , I see only this initiating from the client and nothing goes out.



36 932.887008000 10.42.0.89 10.42.0.1 TFTP 79 Read Request, File: hello, Transfer type: octet, timeout00=500, blksize00=146800





udp file-transfer tftp







share|improve this question
















This may look like a duplicate question but I did my share of searching, but could not find any solution.



I have created a tftp server, this server when accessed from a local tftp client, over a loopback gets and puts the file just fine.
When I try to access the server through an external client, The request times out. The connection is established. I can see the connection as connected in the tftp client, no issues there. The File transfer does not start.



The client is connected directly to the HOST via a ethernet cable, I have created a 2 Device LAN. pings work between them.



I initially thought this to be a firewall issue, now I have disabled the firewall, allowed INPUT and OUTPUT on the configured port 69 in the iptables. also udp is allowed on port 69.



I am also Not running multiple instances of the tftpd-hpa server , it is running as a daemon, and netstat -aup has only one tftp server running.



The clients are giving proper requests, I can see them in wireshark, but nothing goes out in response.



and the failure is always a TIMEOUT.



**firewall disabled**
**ports allow connection **
**file transfer fails**
** outgoing tftp request as a client to other tftp servers is alos blocked **


Update2:



I was not really sure about the Firewall thing, as this laptop was issued by my employer and I am skeptical that they wont allow the firewall to be disabled. reading the /var/log/syslog did not give any hints so tried looking at the kernel prints as to whether any kmodules were doing anything fishy, I see these ones.



[10989.915231] FIREWALL: IN=eth1 OUT= MAC=50:7b:9d:f9:44:5d:68:9e:19:99:9e:e4:08:00 SRC=10.42.0.89 DST=10.42.0.1 LEN=65 TOS=0x00 PREC=0x00 TTL=255 ID=117 DF PROTO=UDP SPT=2495 DPT=69 LEN=45


The SRC , DESTT , DPT , PROTO the MAC Address all match my tftp client.



I cannot really tell, what is happening here, so if anyone can give me hints to look for some logs or something else, It would be really helpful.



after this I installed gufw to manage the firewall and allowed all incoming and outgoing traffic. I still get timeouts, and this is what I now see on syslog.



Sep 5 16:16:01 arun-TP kernel: [13836.201853] [UFW AUDIT] IN= OUT=eth1 SRC=10.42.0.1 DST=10.42.0.255 LEN=184 TOS=0x00 PREC=0x00 TTL=64 ID=12630 DF PROTO=UDP SPT=17500 DPT=17500 LEN=164 
Sep 5 16:16:01 arun-TP kernel: [13836.201870] [UFW ALLOW] IN= OUT=eth1 SRC=10.42.0.1 DST=10.42.0.255 LEN=184 TOS=0x00 PREC=0x00 TTL=64 ID=12630 DF PROTO=UDP SPT=17500 DPT=17500 LEN=164


This time the DST does not make sense, The client is at 10.42.0.89 and not 10.42.0.255.



Update1:



/etc/default/tftpd-hpa



TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/tftpboot"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure --create -s"
RUN_DAEMON="YES"


ls -lrt /



drwxr-xr-x 2 tftp nogroup 4096 Sep 5 03:30 tftpboot


netstat -aup



Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
udp 0 0 *:mdns *:* 739/avahi-daemon: r
udp 0 0 *:50694 *:* 2514/rpc.mountd 
udp 0 0 *:55107 *:* 2514/rpc.mountd 
udp 0 0 *:nfs *:* - 
udp 0 0 *:3471 *:* 8567/dhclient 
udp 0 0 *:56776 *:* 739/avahi-daemon: r
udp 0 0 10.42.0.1:domain *:* 5403/dnsmasq 
udp 0 0 127.0.1.1:domain *:* 3025/dnsmasq 
udp 0 0 *:bootps *:* 5403/dnsmasq 
udp 0 0 *:bootpc *:* 8567/dhclient 
udp 0 0 *:tftp *:* 4316/in.tftpd 
udp 0 0 *:sunrpc *:* 966/rpcbind 
udp 0 0 *:ipp *:* 1476/cups-browsed
udp 0 0 *:707 *:* 966/rpcbind 
udp 0 0 *:33526 *:* 2514/rpc.mountd 
udp 0 0 *:49935 *:* - 
udp 0 0 localhost:796 *:* 1044/rpc.statd 
udp 0 0 *:54194 *:* 1044/rpc.statd 
udp 0 0 *:17500 *:* 3785/dropbox 
udp6 0 0 [::]:mdns [::]:* 739/avahi-daemon: r
udp6 0 0 [::]:42779 [::]:* - 
udp6 0 0 [::]:59279 [::]:* 1044/rpc.statd 
udp6 0 0 [::]:nfs [::]:* - 
udp6 0 0 [::]:60007 [::]:* 2514/rpc.mountd 
udp6 0 0 [::]:52311 [::]:* 2254/BESClient 
udp6 0 0 [::]:11656 [::]:* 8567/dhclient 
udp6 0 0 [::]:sunrpc [::]:* 966/rpcbind 
udp6 0 0 [::]:45289 [::]:* 739/avahi-daemon: r
udp6 0 0 [::]:57589 [::]:* 2514/rpc.mountd 
udp6 0 0 [::]:707 [::]:* 966/rpcbind 
udp6 0 0 [::]:37709 [::]:* 2514/rpc.mountd


no tftp configuration file in /etc/xinetd.d/



Firewall is disabled. ufw status = inactive



iptables -L -v



Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 
 2 656 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:bootps
 0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:bootps
 0 0 ACCEPT udp -- eth1 any anywhere anywhere udp dpt:domain
 0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:domain
36569 3800K ACCEPT all -- lo any anywhere anywhere 
30392 20M ACCEPT tcp -- any any anywhere anywhere state RELATED,ESTABLISHED
 2704 679K ACCEPT udp -- any any anywhere anywhere state RELATED,ESTABLISHED
 0 0 ACCEPT 254 -- ipsec+ any anywhere anywhere 
 0 0 ACCEPT esp -- any any anywhere anywhere 
 0 0 ACCEPT ah -- any any anywhere anywhere 
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:isakmp
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:cfengine
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:5900
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:5901
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:12080
 0 0 REJECT tcp -- any any anywhere anywhere tcp dpt:auth reject-with icmp-port-unreachable
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:https
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:5656
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpts:5004:5005
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpts:5004:5005
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:20830
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:20830
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpts:sip:5062
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpts:sip:5062
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:21100
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:2001
 0 0 ACCEPT gre -- any any anywhere anywhere 
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp destination-unreachable
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp source-quench
 689 56460 ACCEPT icmp -- any any anywhere anywhere icmp time-exceeded
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp parameter-problem
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp router-advertisement
 0 0 ACCEPT icmp -- any any anywhere anywhere icmp echo-request
 13 832 ACCEPT icmp -- any any anywhere anywhere icmp echo-reply
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:tproxy
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:1533
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpts:30000:30005
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:bootps:bootpc
 6 1968 DROP udp -- any any anywhere anywhere udp dpts:bootps:bootpc
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:netbios-ns
 0 0 DROP udp -- any any anywhere anywhere udp dpt:netbios-ns
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:netbios-dgm
 0 0 DROP udp -- any any anywhere anywhere udp dpt:netbios-dgm
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:netbios-ssn
 0 0 DROP udp -- any any anywhere anywhere udp dpt:netbios-ssn
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:tcpmux:ftp-data
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:sunrpc
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:snmp:snmp-trap
 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:520
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:6348:6349
 0 0 DROP tcp -- any any anywhere anywhere tcp dpts:6345:gnutella-rtr
 75 3256 LOG tcp -- any any anywhere anywhere limit: avg 3/min burst 5 LOG level debug prefix "FIREWALL: "
 1459 263K LOG udp -- any any anywhere anywhere limit: avg 3/min burst 5 LOG level debug prefix "FIREWALL: "
 3347 568K DROP all -- any any anywhere anywhere 
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:tftp state NEW,ESTABLISHED
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:69 state NEW,ESTABLISHED

Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 
 0 0 ACCEPT all -- any eth1 anywhere 10.42.0.0/24 state RELATED,ESTABLISHED
 0 0 ACCEPT all -- eth1 any 10.42.0.0/24 anywhere 
 0 0 ACCEPT all -- eth1 eth1 anywhere anywhere 
 0 0 REJECT all -- any eth1 anywhere anywhere reject-with icmp-port-unreachable
 0 0 REJECT all -- eth1 any anywhere anywhere reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT 68593 packets, 6962K bytes) pkts bytes target prot opt in out source destination 
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:69 state NEW,ESTABLISHED
 1 45 ACCEPT udp -- any any anywhere anywhere udp dpt:tftp state NEW,ESTABLISHED


Outgoing tftp requests as a client are also blocked. my IP is 192,168.0.5 tried connecting to 192.168.0.2



tftp 192.168.0.2
tftp> verbose on
Verbose mode on.
tftp> status
Connected to 192.168.0.2.
Mode: netascii Verbose: on Tracing: off Literal: off
Rexmt-interval: 5 seconds, Max-timeout: 25 seconds
tftp> put hello
putting hello to 192.168.0.2:hello [netascii]
Transfer timed out.


can there be something wrong with my Router? Is there any settings that I need to take care of, but this problem is there even when I connect the client directly to the server using an ethernet cable. I tired a BeagleBone Black, a MAcbook and my Android Phone as a tftp clients raising request to the server.



Client : 10.42.0.89 (BeagleBlack, at u-boot)
Server : 10.42.0.1



I used wireshark to sniff on the ethernet packets now.



ARP:



32 927.886269000 10.42.0.89 Broadcast ARP 60 Who has 10.42.0.1? Tell 10.42.0.89
33 927.886320000 50:7b:9d:f9:44:5d 10.42.0.89 ARP 42 10.42.0.1 is at 50:7b:9d:f9:44:5d


after this , I see only this initiating from the client and nothing goes out.



36 932.887008000 10.42.0.89 10.42.0.1 TFTP 79 Read Request, File: hello, Transfer type: octet, timeout00=500, blksize00=146800





udp file-transfer tftp




udp file-transfer tftp






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Sep 5 '16 at 10:50







ArunMKumar

















asked Sep 4 '16 at 22:46









ArunMKumarArunMKumar

11618




11618







  • 1





    Please show tftpd configuration and output of command iptables -L -v. Can tftp client on the server connect to server via external ip address?

    – Mikhail Khirgiy
    Sep 5 '16 at 5:43











  • Question is updated now.. @MikhailKhirgiy

    – ArunMKumar
    Sep 5 '16 at 8:27












  • 1





    Please show tftpd configuration and output of command iptables -L -v. Can tftp client on the server connect to server via external ip address?

    – Mikhail Khirgiy
    Sep 5 '16 at 5:43











  • Question is updated now.. @MikhailKhirgiy

    – ArunMKumar
    Sep 5 '16 at 8:27







1




1





Please show tftpd configuration and output of command iptables -L -v. Can tftp client on the server connect to server via external ip address?

– Mikhail Khirgiy
Sep 5 '16 at 5:43





Please show tftpd configuration and output of command iptables -L -v. Can tftp client on the server connect to server via external ip address?

– Mikhail Khirgiy
Sep 5 '16 at 5:43













Question is updated now.. @MikhailKhirgiy

– ArunMKumar
Sep 5 '16 at 8:27





Question is updated now.. @MikhailKhirgiy

– ArunMKumar
Sep 5 '16 at 8:27










4 Answers
4






active

oldest

votes


















1














This part of firewall configuration shows you how all packets will be dropped and then tftp packets will be allowed. 



Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 
 . . . 
3347 568K DROP all -- any any anywhere anywhere 
 0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:tftp state NEW,ESTABLISHED
 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:69 state NEW,ESTABLISHED


Move drop all and logs rules after tftp allow rules.






share|improve this answer






























    1














    You should run tftpd inside inetd process, as described here, if you insist on running it as a standalone daemon, be sure to change configuration files as described here






    share|improve this answer

























    • already tried both of them, does not work still. The server exists and works fine on a loopback network, but nothing goes out or in from the machine hosting the tftp server. Connections are established to/from remote machines no issues in it, file transfer times out.

      – ArunMKumar
      Sep 5 '16 at 8:30


















    1














    When the server tries to send data to the client, the source port from the server is NOT 69...it is random high. If your client has a firewall and you punched a hole to/from UDP 69, TFTP won't work. Suggest trying again with a sniffer on the server, but look at all UDP traffic to the client, not just port 69. See the Wikipedia page for TFTP for more details on the protocol.



    Also, Anubioz is giving you good advice in the other answer.






    share|improve this answer























    • you are right, some posts suggested using atftpd for the same. but sadly all in vain. I have my firewall disabled , "ufw status" is inactive so I think that should not be a problem. and cannot fathom why would it do block tftp if it is inactive., as for the client, I tried tftp from uboot, and I think the bootloader would not put any restriction to movement of files as many people have got it working, I have taken your advice on packet sniffing. user wireshark. My server receives ARP and then TFTP requests (many of them) but nothing goes out to the client.

      – ArunMKumar
      Sep 5 '16 at 8:35












    • Hey one more thing, When I connect client to the router , then I do not receive any tftp packets, the router may be blocking them. so i connected it directly to my laptop, and marked "ipv4" method to "shared to other computers" on my laptop running ubuntu 14.04. can this be an issue?

      – ArunMKumar
      Sep 5 '16 at 8:37











    • Try putting the TFTP allow rules higher up in the INPUT chain (using -I to insert them). Looking at the stats, they are never getting hit, since they come after the deny all rules at the end.

      – Jeremy Dover
      Sep 5 '16 at 12:05


















    1














    I was having the exact same issue attempting to copy a file to a Casa Systems CMTS, and I needed an entry in the Service Management Module (SMM) Access Control List. I originally had an entry allowing TFTP from my TFTP server ip address. When I ran a tcpdump and discovered the response from the server to my router on a random high UDP port, I opened up the ACL on the router to allow any IP traffic from my TFTP server and the session started working.



    I know this is an old thread, but just in case someone else runs into this problem, try adding an entry into any control plane ACLs in place permitting all ip your TFTP server.






    share|improve this answer








    New contributor




    Joe Joseph is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.




















      Your Answer








      StackExchange.ready(function()
      var channelOptions =
      tags: "".split(" "),
      id: "2"
      ;
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function()
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled)
      StackExchange.using("snippets", function()
      createEditor();
      );

      else
      createEditor();

      );

      function createEditor()
      StackExchange.prepareEditor(
      heartbeatType: 'answer',
      autoActivateHeartbeat: false,
      convertImagesToLinks: true,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: 10,
      bindNavPrevention: true,
      postfix: "",
      imageUploader:
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      ,
      onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      );



      );













      draft saved

      draft discarded


















      StackExchange.ready(
      function ()
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f801050%2ftftp-requests-not-being-serviced%23new-answer', 'question_page');

      );

      Post as a guest















      Required, but never shown

























      4 Answers
      4






      active

      oldest

      votes








      4 Answers
      4






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes









      1














      This part of firewall configuration shows you how all packets will be dropped and then tftp packets will be allowed. 



      Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 
       . . . 
      3347 568K DROP all -- any any anywhere anywhere 
       0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:tftp state NEW,ESTABLISHED
       0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:69 state NEW,ESTABLISHED


      Move drop all and logs rules after tftp allow rules.






      share|improve this answer



























        1














        This part of firewall configuration shows you how all packets will be dropped and then tftp packets will be allowed. 



        Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 
         . . . 
        3347 568K DROP all -- any any anywhere anywhere 
         0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:tftp state NEW,ESTABLISHED
         0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:69 state NEW,ESTABLISHED


        Move drop all and logs rules after tftp allow rules.






        share|improve this answer

























          1












          1








          1







          This part of firewall configuration shows you how all packets will be dropped and then tftp packets will be allowed. 



          Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 
           . . . 
          3347 568K DROP all -- any any anywhere anywhere 
           0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:tftp state NEW,ESTABLISHED
           0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:69 state NEW,ESTABLISHED


          Move drop all and logs rules after tftp allow rules.






          share|improve this answer













          This part of firewall configuration shows you how all packets will be dropped and then tftp packets will be allowed. 



          Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 
           . . . 
          3347 568K DROP all -- any any anywhere anywhere 
           0 0 ACCEPT udp -- any any anywhere anywhere udp dpt:tftp state NEW,ESTABLISHED
           0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:69 state NEW,ESTABLISHED


          Move drop all and logs rules after tftp allow rules.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Sep 5 '16 at 16:15









          Mikhail KhirgiyMikhail Khirgiy

          1,57847




          1,57847























              1














              You should run tftpd inside inetd process, as described here, if you insist on running it as a standalone daemon, be sure to change configuration files as described here






              share|improve this answer

























              • already tried both of them, does not work still. The server exists and works fine on a loopback network, but nothing goes out or in from the machine hosting the tftp server. Connections are established to/from remote machines no issues in it, file transfer times out.

                – ArunMKumar
                Sep 5 '16 at 8:30















              1














              You should run tftpd inside inetd process, as described here, if you insist on running it as a standalone daemon, be sure to change configuration files as described here






              share|improve this answer

























              • already tried both of them, does not work still. The server exists and works fine on a loopback network, but nothing goes out or in from the machine hosting the tftp server. Connections are established to/from remote machines no issues in it, file transfer times out.

                – ArunMKumar
                Sep 5 '16 at 8:30













              1












              1








              1







              You should run tftpd inside inetd process, as described here, if you insist on running it as a standalone daemon, be sure to change configuration files as described here






              share|improve this answer















              You should run tftpd inside inetd process, as described here, if you insist on running it as a standalone daemon, be sure to change configuration files as described here







              share|improve this answer














              share|improve this answer



              share|improve this answer








              edited Apr 13 '17 at 12:22









              Community

              1




              1










              answered Sep 5 '16 at 0:41









              AnubiozAnubioz

              2,634920




              2,634920












              • already tried both of them, does not work still. The server exists and works fine on a loopback network, but nothing goes out or in from the machine hosting the tftp server. Connections are established to/from remote machines no issues in it, file transfer times out.

                – ArunMKumar
                Sep 5 '16 at 8:30

















              • already tried both of them, does not work still. The server exists and works fine on a loopback network, but nothing goes out or in from the machine hosting the tftp server. Connections are established to/from remote machines no issues in it, file transfer times out.

                – ArunMKumar
                Sep 5 '16 at 8:30
















              already tried both of them, does not work still. The server exists and works fine on a loopback network, but nothing goes out or in from the machine hosting the tftp server. Connections are established to/from remote machines no issues in it, file transfer times out.

              – ArunMKumar
              Sep 5 '16 at 8:30





              already tried both of them, does not work still. The server exists and works fine on a loopback network, but nothing goes out or in from the machine hosting the tftp server. Connections are established to/from remote machines no issues in it, file transfer times out.

              – ArunMKumar
              Sep 5 '16 at 8:30











              1














              When the server tries to send data to the client, the source port from the server is NOT 69...it is random high. If your client has a firewall and you punched a hole to/from UDP 69, TFTP won't work. Suggest trying again with a sniffer on the server, but look at all UDP traffic to the client, not just port 69. See the Wikipedia page for TFTP for more details on the protocol.



              Also, Anubioz is giving you good advice in the other answer.






              share|improve this answer























              • you are right, some posts suggested using atftpd for the same. but sadly all in vain. I have my firewall disabled , "ufw status" is inactive so I think that should not be a problem. and cannot fathom why would it do block tftp if it is inactive., as for the client, I tried tftp from uboot, and I think the bootloader would not put any restriction to movement of files as many people have got it working, I have taken your advice on packet sniffing. user wireshark. My server receives ARP and then TFTP requests (many of them) but nothing goes out to the client.

                – ArunMKumar
                Sep 5 '16 at 8:35












              • Hey one more thing, When I connect client to the router , then I do not receive any tftp packets, the router may be blocking them. so i connected it directly to my laptop, and marked "ipv4" method to "shared to other computers" on my laptop running ubuntu 14.04. can this be an issue?

                – ArunMKumar
                Sep 5 '16 at 8:37











              • Try putting the TFTP allow rules higher up in the INPUT chain (using -I to insert them). Looking at the stats, they are never getting hit, since they come after the deny all rules at the end.

                – Jeremy Dover
                Sep 5 '16 at 12:05















              1














              When the server tries to send data to the client, the source port from the server is NOT 69...it is random high. If your client has a firewall and you punched a hole to/from UDP 69, TFTP won't work. Suggest trying again with a sniffer on the server, but look at all UDP traffic to the client, not just port 69. See the Wikipedia page for TFTP for more details on the protocol.



              Also, Anubioz is giving you good advice in the other answer.






              share|improve this answer























              • you are right, some posts suggested using atftpd for the same. but sadly all in vain. I have my firewall disabled , "ufw status" is inactive so I think that should not be a problem. and cannot fathom why would it do block tftp if it is inactive., as for the client, I tried tftp from uboot, and I think the bootloader would not put any restriction to movement of files as many people have got it working, I have taken your advice on packet sniffing. user wireshark. My server receives ARP and then TFTP requests (many of them) but nothing goes out to the client.

                – ArunMKumar
                Sep 5 '16 at 8:35












              • Hey one more thing, When I connect client to the router , then I do not receive any tftp packets, the router may be blocking them. so i connected it directly to my laptop, and marked "ipv4" method to "shared to other computers" on my laptop running ubuntu 14.04. can this be an issue?

                – ArunMKumar
                Sep 5 '16 at 8:37











              • Try putting the TFTP allow rules higher up in the INPUT chain (using -I to insert them). Looking at the stats, they are never getting hit, since they come after the deny all rules at the end.

                – Jeremy Dover
                Sep 5 '16 at 12:05













              1












              1








              1







              When the server tries to send data to the client, the source port from the server is NOT 69...it is random high. If your client has a firewall and you punched a hole to/from UDP 69, TFTP won't work. Suggest trying again with a sniffer on the server, but look at all UDP traffic to the client, not just port 69. See the Wikipedia page for TFTP for more details on the protocol.



              Also, Anubioz is giving you good advice in the other answer.






              share|improve this answer













              When the server tries to send data to the client, the source port from the server is NOT 69...it is random high. If your client has a firewall and you punched a hole to/from UDP 69, TFTP won't work. Suggest trying again with a sniffer on the server, but look at all UDP traffic to the client, not just port 69. See the Wikipedia page for TFTP for more details on the protocol.



              Also, Anubioz is giving you good advice in the other answer.







              share|improve this answer












              share|improve this answer



              share|improve this answer










              answered Sep 5 '16 at 1:10









              Jeremy DoverJeremy Dover

              29816




              29816












              • you are right, some posts suggested using atftpd for the same. but sadly all in vain. I have my firewall disabled , "ufw status" is inactive so I think that should not be a problem. and cannot fathom why would it do block tftp if it is inactive., as for the client, I tried tftp from uboot, and I think the bootloader would not put any restriction to movement of files as many people have got it working, I have taken your advice on packet sniffing. user wireshark. My server receives ARP and then TFTP requests (many of them) but nothing goes out to the client.

                – ArunMKumar
                Sep 5 '16 at 8:35












              • Hey one more thing, When I connect client to the router , then I do not receive any tftp packets, the router may be blocking them. so i connected it directly to my laptop, and marked "ipv4" method to "shared to other computers" on my laptop running ubuntu 14.04. can this be an issue?

                – ArunMKumar
                Sep 5 '16 at 8:37











              • Try putting the TFTP allow rules higher up in the INPUT chain (using -I to insert them). Looking at the stats, they are never getting hit, since they come after the deny all rules at the end.

                – Jeremy Dover
                Sep 5 '16 at 12:05

















              • you are right, some posts suggested using atftpd for the same. but sadly all in vain. I have my firewall disabled , "ufw status" is inactive so I think that should not be a problem. and cannot fathom why would it do block tftp if it is inactive., as for the client, I tried tftp from uboot, and I think the bootloader would not put any restriction to movement of files as many people have got it working, I have taken your advice on packet sniffing. user wireshark. My server receives ARP and then TFTP requests (many of them) but nothing goes out to the client.

                – ArunMKumar
                Sep 5 '16 at 8:35












              • Hey one more thing, When I connect client to the router , then I do not receive any tftp packets, the router may be blocking them. so i connected it directly to my laptop, and marked "ipv4" method to "shared to other computers" on my laptop running ubuntu 14.04. can this be an issue?

                – ArunMKumar
                Sep 5 '16 at 8:37











              • Try putting the TFTP allow rules higher up in the INPUT chain (using -I to insert them). Looking at the stats, they are never getting hit, since they come after the deny all rules at the end.

                – Jeremy Dover
                Sep 5 '16 at 12:05
















              you are right, some posts suggested using atftpd for the same. but sadly all in vain. I have my firewall disabled , "ufw status" is inactive so I think that should not be a problem. and cannot fathom why would it do block tftp if it is inactive., as for the client, I tried tftp from uboot, and I think the bootloader would not put any restriction to movement of files as many people have got it working, I have taken your advice on packet sniffing. user wireshark. My server receives ARP and then TFTP requests (many of them) but nothing goes out to the client.

              – ArunMKumar
              Sep 5 '16 at 8:35






              you are right, some posts suggested using atftpd for the same. but sadly all in vain. I have my firewall disabled , "ufw status" is inactive so I think that should not be a problem. and cannot fathom why would it do block tftp if it is inactive., as for the client, I tried tftp from uboot, and I think the bootloader would not put any restriction to movement of files as many people have got it working, I have taken your advice on packet sniffing. user wireshark. My server receives ARP and then TFTP requests (many of them) but nothing goes out to the client.

              – ArunMKumar
              Sep 5 '16 at 8:35














              Hey one more thing, When I connect client to the router , then I do not receive any tftp packets, the router may be blocking them. so i connected it directly to my laptop, and marked "ipv4" method to "shared to other computers" on my laptop running ubuntu 14.04. can this be an issue?

              – ArunMKumar
              Sep 5 '16 at 8:37





              Hey one more thing, When I connect client to the router , then I do not receive any tftp packets, the router may be blocking them. so i connected it directly to my laptop, and marked "ipv4" method to "shared to other computers" on my laptop running ubuntu 14.04. can this be an issue?

              – ArunMKumar
              Sep 5 '16 at 8:37













              Try putting the TFTP allow rules higher up in the INPUT chain (using -I to insert them). Looking at the stats, they are never getting hit, since they come after the deny all rules at the end.

              – Jeremy Dover
              Sep 5 '16 at 12:05





              Try putting the TFTP allow rules higher up in the INPUT chain (using -I to insert them). Looking at the stats, they are never getting hit, since they come after the deny all rules at the end.

              – Jeremy Dover
              Sep 5 '16 at 12:05











              1














              I was having the exact same issue attempting to copy a file to a Casa Systems CMTS, and I needed an entry in the Service Management Module (SMM) Access Control List. I originally had an entry allowing TFTP from my TFTP server ip address. When I ran a tcpdump and discovered the response from the server to my router on a random high UDP port, I opened up the ACL on the router to allow any IP traffic from my TFTP server and the session started working.



              I know this is an old thread, but just in case someone else runs into this problem, try adding an entry into any control plane ACLs in place permitting all ip your TFTP server.






              share|improve this answer








              New contributor




              Joe Joseph is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.
























                1














                I was having the exact same issue attempting to copy a file to a Casa Systems CMTS, and I needed an entry in the Service Management Module (SMM) Access Control List. I originally had an entry allowing TFTP from my TFTP server ip address. When I ran a tcpdump and discovered the response from the server to my router on a random high UDP port, I opened up the ACL on the router to allow any IP traffic from my TFTP server and the session started working.



                I know this is an old thread, but just in case someone else runs into this problem, try adding an entry into any control plane ACLs in place permitting all ip your TFTP server.






                share|improve this answer








                New contributor




                Joe Joseph is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                Check out our Code of Conduct.






















                  1












                  1








                  1







                  I was having the exact same issue attempting to copy a file to a Casa Systems CMTS, and I needed an entry in the Service Management Module (SMM) Access Control List. I originally had an entry allowing TFTP from my TFTP server ip address. When I ran a tcpdump and discovered the response from the server to my router on a random high UDP port, I opened up the ACL on the router to allow any IP traffic from my TFTP server and the session started working.



                  I know this is an old thread, but just in case someone else runs into this problem, try adding an entry into any control plane ACLs in place permitting all ip your TFTP server.






                  share|improve this answer








                  New contributor




                  Joe Joseph is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.










                  I was having the exact same issue attempting to copy a file to a Casa Systems CMTS, and I needed an entry in the Service Management Module (SMM) Access Control List. I originally had an entry allowing TFTP from my TFTP server ip address. When I ran a tcpdump and discovered the response from the server to my router on a random high UDP port, I opened up the ACL on the router to allow any IP traffic from my TFTP server and the session started working.



                  I know this is an old thread, but just in case someone else runs into this problem, try adding an entry into any control plane ACLs in place permitting all ip your TFTP server.







                  share|improve this answer








                  New contributor




                  Joe Joseph is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.









                  share|improve this answer



                  share|improve this answer






                  New contributor




                  Joe Joseph is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.









                  answered Apr 9 at 6:12









                  Joe JosephJoe Joseph

                  111




                  111




                  New contributor




                  Joe Joseph is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.





                  New contributor





                  Joe Joseph is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.






                  Joe Joseph is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.



























                      draft saved

                      draft discarded
















































                      Thanks for contributing an answer to Server Fault!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid


                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.

                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function ()
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f801050%2ftftp-requests-not-being-serviced%23new-answer', 'question_page');

                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      -

                      Popular posts from this blog

                      Club Baloncesto Breogán Índice Historia | Pavillón | Nome | O Breogán na cultura popular | Xogadores | Adestradores | Presidentes | Palmarés | Historial | Líderes | Notas | Véxase tamén | Menú de navegacióncbbreogan.galCadroGuía oficial da ACB 2009-10, páxina 201Guía oficial ACB 1992, páxina 183. Editorial DB.É de 6.500 espectadores sentados axeitándose á última normativa"Estudiantes Junior, entre as mellores canteiras"o orixinalHemeroteca El Mundo Deportivo, 16 setembro de 1970, páxina 12Historia do BreogánAlfredo Pérez, o último canoneiroHistoria C.B. BreogánHemeroteca de El Mundo DeportivoJimmy Wright, norteamericano do Breogán deixará Lugo por ameazas de morteResultados de Breogán en 1986-87Resultados de Breogán en 1990-91Ficha de Velimir Perasović en acb.comResultados de Breogán en 1994-95Breogán arrasa al Barça. "El Mundo Deportivo", 27 de setembro de 1999, páxina 58CB Breogán - FC BarcelonaA FEB invita a participar nunha nova Liga EuropeaCharlie Bell na prensa estatalMáximos anotadores 2005Tempada 2005-06 : Tódolos Xogadores da Xornada""Non quero pensar nunha man negra, mais pregúntome que está a pasar""o orixinalRaúl López, orgulloso dos xogadores, presume da boa saúde económica do BreogánJulio González confirma que cesa como presidente del BreogánHomenaxe a Lisardo GómezA tempada do rexurdimento celesteEntrevista a Lisardo GómezEl COB dinamita el Pazo para forzar el quinto (69-73)Cafés Candelas, patrocinador del CB Breogán"Suso Lázare, novo presidente do Breogán"o orixinalCafés Candelas Breogán firma el mayor triunfo de la historiaEl Breogán realizará 17 homenajes por su cincuenta aniversario"O Breogán honra ao seu fundador e primeiro presidente"o orixinalMiguel Giao recibiu a homenaxe do PazoHomenaxe aos primeiros gladiadores celestesO home que nos amosa como ver o Breo co corazónTita Franco será homenaxeada polos #50anosdeBreoJulio Vila recibirá unha homenaxe in memoriam polos #50anosdeBreo"O Breogán homenaxeará aos seus aboados máis veteráns"Pechada ovación a «Capi» Sanmartín e Ricardo «Corazón de González»Homenaxe por décadas de informaciónPaco García volve ao Pazo con motivo do 50 aniversario"Resultados y clasificaciones""O Cafés Candelas Breogán, campión da Copa Princesa""O Cafés Candelas Breogán, equipo ACB"C.B. Breogán"Proxecto social"o orixinal"Centros asociados"o orixinalFicha en imdb.comMario Camus trata la recuperación del amor en 'La vieja música', su última película"Páxina web oficial""Club Baloncesto Breogán""C. B. Breogán S.A.D."eehttp://www.fegaba.com

                      Image
                      Barça LassaBAXI ManresaCafés Candelas BreogánDelteco GBCDivina Seguros JoventutHerbalife Gran CanariaIberostar TenerifeKirolbet BaskoniaMonbus ObradoiroMontakit FuenlabradaMoraBanc AndorraMovistar EstudiantesReal MadridSan Pablo BurgosTecnyconta ZaragozaUCAM MurciaUnicajaValencia Basket Club Baloncesto Breogán baloncestoLugoGalicia1966JuanJosé Ramón Varela Portasmáxima categoría1970competicións europeasLiga ACBPavillón MunicipalPazo dos DeportesJesús Lázareliga EBAClub Estudiantes1965Lugobaloncestosegunda divisiónJosé RamónJuan Varela-Portas y Pardo1966Celestino Fernández de la Vega196869primeira divisiónZaragozaprimeira divisiónReal MadridJoventutEstudiantes19701971máxima categoría estatal11 de outubro1970Palacio dos DeportesLugoTenerifeMadridReal MadridAlfredo PérezBreogán19711972TenerifeMadridvascocatalánAlfredo PérezespañolMadridLugoManresa La Casera19741975As...
                      Read more

                      Vilaño, A Laracha Índice Patrimonio | Lugares e parroquias | Véxase tamén | Menú de navegación43°14′52″N 8°36′03″O / 43.24775, -8.60070

                      Image
                      Parroquias da LarachaParroquias de Galicia baixo a advocación de Santiago o Maior coruñésLarachacomarca de BergantiñosIGE20131999castro de Montesclarospoboado castrexoidade de ferroromanización de Galiciamiliariopazo de Montesclarosséculo XIXAmboadeA AreosaA BarreiraBos AiresA BoticaAs Brañas da ViñaAs BrañasBusteloOs CanedosFerreirosAs FervenzasA Fonte da CanleO FormigueiroFornelosA FragaFragundeGravidoA LamelaMarfuloOs MeánsMontes ClarosA PanelaO PazoQuintánsRibelaSamiroO SeixoA TelleiraVilañoVilanovaA ViñaVista AlegreCabovilaño (San Román)Caión (Santa María do Socorro)Coiro (San Xián)Erboedo (Santa María)Golmar (San Bieito)Lemaio (Santa Mariña)Lendo (San Xián)Lestón (San Martiño)Montemaior (Santa María Madanela)Soandres (San Pedro)Soutullo (Santa María)Torás (Santa María)Vilaño (Santiago) Vilaño, A Laracha Na Galipedia, a Wi...
                      Read more

                      Cegueira Índice Epidemioloxía | Deficiencia visual | Tipos de cegueira | Principais causas de cegueira | Tratamento | Técnicas de adaptación e axudas | Vida dos cegos | Primeiros auxilios | Crenzas respecto das persoas cegas | Crenzas das persoas cegas | O neno deficiente visual | Aspectos psicolóxicos da cegueira | Notas | Véxase tamén | Menú de navegación54.054.154.436928256blindnessDicionario da Real Academia GalegaPortal das Palabras"International Standards: Visual Standards — Aspects and Ranges of Vision Loss with Emphasis on Population Surveys.""Visual impairment and blindness""Presentan un plan para previr a cegueira"o orixinalACCDV Associació Catalana de Cecs i Disminuïts Visuals - PMFTrachoma"Effect of gene therapy on visual function in Leber's congenital amaurosis"1844137110.1056/NEJMoa0802268Cans guía - os mellores amigos dos cegosArquivadoEscola de cans guía para cegos en Mortágua, PortugalArquivado"Tecnología para ciegos y deficientes visuales. Recopilación de recursos gratuitos en la Red""Colorino""‘COL.diesis’, escuchar los sonidos del color""COL.diesis: Transforming Colour into Melody and Implementing the Result in a Colour Sensor Device"o orixinal"Sistema de desarrollo de sinestesia color-sonido para invidentes utilizando un protocolo de audio""Enseñanza táctil - geometría y color. Juegos didácticos para niños ciegos y videntes""Sistema Constanz"L'ocupació laboral dels cecs a l'Estat espanyol està pràcticament equiparada a la de les persones amb visió, entrevista amb Pedro ZuritaONCE (Organización Nacional de Cegos de España)Prevención da cegueiraDescrición de deficiencias visuais (Disc@pnet)Braillín, un boneco atractivo para calquera neno, con ou sen discapacidade, que permite familiarizarse co sistema de escritura e lectura brailleAxudas Técnicas36838ID00897494007150-90057129528256DOID:1432HP:0000618D001766C10.597.751.941.162C97109C0155020

                      Image
                      OftalmoloxíaDiscapacidade sentidovistaNorteaméricaEuropaollopaíses en vías de desenvolvementopaíses desenvolvidos2014Organización Mundial da SaúdeGaliciaretinopatía diabéticaglaucomaresto visualagudeza visualcampo visualterapia xénicaretinavirus do arrefriado comúncanadestradoséculo XIXLouis Brailleteclado brailleescáneresrecoñecemento óptico de caractereslectores de pantallacorsinestesiafrauta doceamareloclarineteazultamboresvermellopianoverdeSistema Constanzsemáforocans guíaBrailletactosoftwaretactoeuroAvuiséculo XXUnión SoviéticaFranciaItaliaInglaterraNataciónatletismociclismojudoesquífútbol salamontañismoxadrezgoalballsociedademúsicosindixentesprofetassabiosoídotactomúsicarisatactooídolinguaxePiaget (function()var node=document.getElementById("mw-dismissablenotice-anonplace");if(node)node.outerHTML="u003Cdiv class="mw-dismissable-notice"u0...
                      Read more