Centos安裝使用tftp服務器

1 CentOS 6

1.1 安裝

如果網絡可用,可以直接通過yum安裝

# yum install tftp-server

也可以先下載rpm包,然后再安裝,下載地址:

http://rpmfind.net/linux/rpm2html/search.php?query=tftp-server
或
https://crpm.cc/tftp-server-0-49-8-el6-x86_64-rpm/

然后安裝

# rpm -ihv tftp-server-0.49-8.el6.x86_64.rpm

安裝后,可以發現在/usr/sbin目錄下多了一個in.tftpd的文件

$ which in.tftpd
/usr/sbin/in.tftpd

1.2 配置

in.tftpd通過xinetd服務管理,/etc/xinetd.conf存放了xinetd管理的所有服務的默認配置,也是tftpd的默認配置

# cat /etc/xinetd.conf
#
# This is the master xinetd configuration file. Settings in the
# default section will be inherited by all service configurations
# unless explicitly overridden in the service configuration. See
# xinetd.conf in the man pages for a more detailed explanation of
# these attributes.

defaults
{
# The next two items are intended to be a quick access place to
# temporarily enable or disable services.
#
#   enabled     =
#   disabled    =

# Define general logging characteristics.
    log_type    = SYSLOG daemon info
    log_on_failure  = HOST
    log_on_success  = PID HOST DURATION EXIT

# Define access restriction defaults
#
#   no_access   =
#   only_from   =
#   max_load    = 0

# 每秒最多接受50個連接,如果超過50,則停止20秒后才接受新的連接
    cps     = 50 10
# 最大連接數
    instances   = 50
# 單個客戶端的最大連接數
    per_source  = 10

# Address and networking defaults
#
#   bind        =
#   mdns        = yes
    v6only      = no

# setup environmental attributes
#
#   passenv     =
    groups      = yes
    umask       = 002

# Generally, banners are not used. This sets up their global defaults
#
#   banner      =
#   banner_fail =
#   banner_success  =
}

includedir /etc/xinetd.d

/etc/xinetd.d/tftp文件中添加tftp server的配置,該文件中指定的配置會覆蓋/etc/xinetd.conf文件中的配置,沒有指定的配置采用默認配置

# cd /etc/xinetd.d/
# vim tftp 
# default: off
# description: The tftp server serves files using the trivial file transfer \
#       protocol.  The tftp protocol is often used to boot diskless \
#       workstations, download configuration files to network-aware printers, \
#       and to start the installation process for some operating systems.
service tftp
{
        socket_type             = dgram
        protocol                = udp
        # 并發
        wait                    = no
        # 啟動tftpd的用戶
        user                    = root
        # 啟動命令
        server                  = /usr/sbin/in.tftpd
        # 啟動參數, -s指定tftpd的文件目錄, -c表示允許上傳文件
        server_args             = -s /var/lib/tftpboot -c
        # 允許啟動
        disable                 = no
        per_source              = 11
        cps                     = 100 2
        flags                   = IPv4
}

關于xinetd的更多配置,可以參考:鳥哥的linux私房菜相關章節

1.3 啟動

創建文件目錄,并修改文件目錄訪問權限

# chmod 777 /var/lib/tftpboot

設置開機自啟動,然后啟動服務

# chkconfig tftp on
# chkconfig xinetd on
# service xinetd start

查看狀態

# service xinetd status
xinetd (pid  28613) is running...

# ps -ef | grep in.tftpd | grep -v 'grep'
root     23264     1  0 May19 ?        00:00:03 in.tftpd -s /tftpboot -c
nobody   23405 28616  0 14:32 ?        00:00:00 in.tftpd -s /tftpboot -c
root     28616 28613  0 May19 ?        00:00:03 in.tftpd -s /tftpboot -c

# tftpd默認使用69端口
# lsof -i :69
COMMAND  PID USER   FD   TYPE     DEVICE SIZE/OFF NODE NAME
xinetd  5416 root    6u  IPv4 1731965196      0t0  UDP *:tftp

$ netstat -tuplna | grep ':69 '
(No info could be read for "-p": geteuid()=249958 but you should be root.)
udp        0      0 0.0.0.0:69                  0.0.0.0:*                               -
udp        0      0 0.0.0.0:69                  0.0.0.0:*                               -

# 測試端口連接
$ nc -uvz 127.0.0.1 69
Connection to 127.0.0.1 69 port [udp/tftp] succeeded!

2 CentOS 7

2.1 安裝

假設網絡條件允許直接通過yum安裝,通過以下命令安裝tftp服務端和tftp客戶端

# yum install -y tftp-server tftp

安裝完后,在/sbin/usr/sbin目錄下均多了一個服務端程序文件in.tftpd,這兩個文件的MD5值是一樣的

# which in.tftpd
/sbin/in.tftpd
# ls /usr/sbin | grep tftp
in.tftpd

tftp客戶端程序則安裝在/bin目錄下

# which tftp
/bin/tftp

2.2 配置

使用yum安裝完tftp服務端程序后,在/usr/lib/systemd/system目錄下多了兩個文件,tftp.servicetftp.socket,他們是tftp服務端的配置文件

# pwd
/usr/lib/systemd/system

# cat tftp.service 
[Unit]
Description=Tftp Server
Requires=tftp.socket
Documentation=man:in.tftpd

[Service]
ExecStart=/usr/sbin/in.tftpd -c -p -s /var/lib/tftpboot
StandardInput=socket

[Install]
Also=tftp.socket

# cat tftp.socket 
[Unit]
Description=Tftp Server Activation Socket

[Socket]
ListenDatagram=69

[Install]
WantedBy=sockets.target

2.3 啟動

使用下面的命令啟動tftp server

# systemctl daemon-reload
# systemctl enable --now tftp
Created symlink from /etc/systemd/system/sockets.target.wants/tftp.socket to /usr/lib/systemd/system/tftp.socket.

查看啟動的tftp server狀態信息

# systemctl status tftp
● tftp.service - Tftp Server
   Loaded: loaded (/usr/lib/systemd/system/tftp.service; indirect; vendor preset: disabled)
   Active: active (running) since Tue 2022-12-20 20:59:24 CST; 41s ago
     Docs: man:in.tftpd
 Main PID: 22776 (in.tftpd)
   CGroup: /system.slice/tftp.service
           └─22776 /usr/sbin/in.tftpd -c -p -s /tftpboot

Dec 20 20:59:24 yq01-sys-netadmin01.yq01.baidu.com systemd[1]: Started Tftp Server.
# lsof -i :69
COMMAND    PID USER   FD   TYPE    DEVICE SIZE/OFF NODE NAME
systemd      1 root   22u  IPv6 400870756      0t0  UDP *:tftp 
in.tftpd 22776 root    0u  IPv6 400870756      0t0  UDP *:tftp

3 測試

tftp客戶端通過put命令上傳文件,通過get命令下載文件,但不支持list文件服務器的文件和目錄列表,也不支持刪除文件

tftp支持的所有命令:

# 檢查tftp客戶端是否已安裝,系統一般默認安裝
$ which tftp
/usr/bin/tftp


$ tftp -v 127.0.0.1
Connected to 127.0.0.1 (127.0.0.1), port 69
tftp> ?
tftp-hpa 0.49
Commands may be abbreviated.  Commands are:

connect     connect to remote tftp
mode        set file transfer mode
put         send file
get         receive file
quit        exit tftp
verbose     toggle verbose mode
trace       toggle packet tracing
literal     toggle literal mode, ignore ':' in file name
status      show current status
binary      set mode to octet
ascii       set mode to netascii
rexmt       set per-packet transmission timeout
timeout     set total retransmission timeout
?           print help information
help        print help information
tftp> quit

測試文件上傳和下載

$ tftp 127.0.0.1
tftp> put test.txt
tftp> get test.txt
tftp> quit


# 上傳
$ tftp -v 127.0.0.1 -c put test.txt
Connected to 127.0.0.1 (127.0.0.1), port 69
putting test.txt to 127.0.0.1:test.txt [netascii]
Sent 19 bytes in 0.0 seconds [8069 bit/s] 

# tftpd文件目錄下查看上傳的文件
$ ls /var/lib/tftpboot
test.txt
$ rm -f test.txt
$ ls

# 下載
$ tftp -v 127.0.0.1 -c get test.txt
Connected to 127.0.0.1 (127.0.0.1), port 69
getting from 127.0.0.1:test.txt to test.txt [netascii]
Received 19 bytes in 0.0 seconds [17714 bit/s]

# 查看下載的文件
$ ls
test.txt

4 原理

4.1 協議概述

TFTP英文全稱:Trivial File Transfer Protocol,中文全稱:簡單文件傳輸協議。提供不復雜、開銷不大的文件傳輸服務。端口號為69。基于UDP協議。

4.2 TFTP報文類型

TFTP共定義了五種類型的包,類型的區分由包數據前兩個字節的Opcode字段區分,分別是:

  1. 讀文件請求包:Read request,簡寫為RRQ,對應Opcode字段值為1
  2. 寫文件請求包:Write requst,簡寫為WRQ,對應Opcode字段值為2
  3. 文件數據包:Data,簡寫為DATA,對應Opcode字段值為3
  4. 回應包:Acknowledgement,簡寫為ACK,對應Opcode字段值為4
  5. 錯誤信息包:Error,簡寫為ERROR,對應Opcode字段值為5

4.3 TFTP端口號分配

TFTP客戶端發送read request和write request報文的時候,目的端口是69。而Data、Acknowledgement、Error不使用69端口,它們使用的是隨機端口1024~5000。
不同的操作系統有不同的端口號規定Linux使用32768~61000、Windows 使用1025~5000

tftp協議原理更多詳情可參考:TFTP協議詳解及TFTP穿越NAT

最后編輯于
?著作權歸作者所有,轉載或內容合作請聯系作者
平臺聲明:文章內容(如有圖片或視頻亦包括在內)由作者上傳并發布,文章內容僅代表作者本人觀點,簡書系信息發布平臺,僅提供信息存儲服務。

推薦閱讀更多精彩內容