1 CentOS 6
1.1 安裝
如果網絡可用,可以直接通過yum安裝
# yum install tftp-server
也可以先下載rpm包,然后再安裝,下載地址:
http://rpmfind.net/linux/rpm2html/search.php?query=tftp-server
或
https://crpm.cc/tftp-server-0-49-8-el6-x86_64-rpm/
然后安裝
# rpm -ihv tftp-server-0.49-8.el6.x86_64.rpm
安裝后,可以發現在/usr/sbin
目錄下多了一個in.tftpd
的文件
$ which in.tftpd
/usr/sbin/in.tftpd
1.2 配置
in.tftpd
通過xinetd
服務管理,/etc/xinetd.conf
存放了xinetd
管理的所有服務的默認配置,也是tftpd
的默認配置
# cat /etc/xinetd.conf
#
# This is the master xinetd configuration file. Settings in the
# default section will be inherited by all service configurations
# unless explicitly overridden in the service configuration. See
# xinetd.conf in the man pages for a more detailed explanation of
# these attributes.
defaults
{
# The next two items are intended to be a quick access place to
# temporarily enable or disable services.
#
# enabled =
# disabled =
# Define general logging characteristics.
log_type = SYSLOG daemon info
log_on_failure = HOST
log_on_success = PID HOST DURATION EXIT
# Define access restriction defaults
#
# no_access =
# only_from =
# max_load = 0
# 每秒最多接受50個連接,如果超過50,則停止20秒后才接受新的連接
cps = 50 10
# 最大連接數
instances = 50
# 單個客戶端的最大連接數
per_source = 10
# Address and networking defaults
#
# bind =
# mdns = yes
v6only = no
# setup environmental attributes
#
# passenv =
groups = yes
umask = 002
# Generally, banners are not used. This sets up their global defaults
#
# banner =
# banner_fail =
# banner_success =
}
includedir /etc/xinetd.d
在/etc/xinetd.d/tftp
文件中添加tftp server
的配置,該文件中指定的配置會覆蓋/etc/xinetd.conf
文件中的配置,沒有指定的配置采用默認配置
# cd /etc/xinetd.d/
# vim tftp
# default: off
# description: The tftp server serves files using the trivial file transfer \
# protocol. The tftp protocol is often used to boot diskless \
# workstations, download configuration files to network-aware printers, \
# and to start the installation process for some operating systems.
service tftp
{
socket_type = dgram
protocol = udp
# 并發
wait = no
# 啟動tftpd的用戶
user = root
# 啟動命令
server = /usr/sbin/in.tftpd
# 啟動參數, -s指定tftpd的文件目錄, -c表示允許上傳文件
server_args = -s /var/lib/tftpboot -c
# 允許啟動
disable = no
per_source = 11
cps = 100 2
flags = IPv4
}
關于xinetd的更多配置,可以參考:鳥哥的linux私房菜相關章節
1.3 啟動
創建文件目錄,并修改文件目錄訪問權限
# chmod 777 /var/lib/tftpboot
設置開機自啟動,然后啟動服務
# chkconfig tftp on
# chkconfig xinetd on
# service xinetd start
查看狀態
# service xinetd status
xinetd (pid 28613) is running...
# ps -ef | grep in.tftpd | grep -v 'grep'
root 23264 1 0 May19 ? 00:00:03 in.tftpd -s /tftpboot -c
nobody 23405 28616 0 14:32 ? 00:00:00 in.tftpd -s /tftpboot -c
root 28616 28613 0 May19 ? 00:00:03 in.tftpd -s /tftpboot -c
# tftpd默認使用69端口
# lsof -i :69
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
xinetd 5416 root 6u IPv4 1731965196 0t0 UDP *:tftp
$ netstat -tuplna | grep ':69 '
(No info could be read for "-p": geteuid()=249958 but you should be root.)
udp 0 0 0.0.0.0:69 0.0.0.0:* -
udp 0 0 0.0.0.0:69 0.0.0.0:* -
# 測試端口連接
$ nc -uvz 127.0.0.1 69
Connection to 127.0.0.1 69 port [udp/tftp] succeeded!
2 CentOS 7
2.1 安裝
假設網絡條件允許直接通過yum安裝,通過以下命令安裝tftp服務端和tftp客戶端
# yum install -y tftp-server tftp
安裝完后,在/sbin
和/usr/sbin
目錄下均多了一個服務端程序文件in.tftpd
,這兩個文件的MD5值是一樣的
# which in.tftpd
/sbin/in.tftpd
# ls /usr/sbin | grep tftp
in.tftpd
tftp客戶端程序則安裝在/bin
目錄下
# which tftp
/bin/tftp
2.2 配置
使用yum安裝完tftp服務端程序后,在/usr/lib/systemd/system
目錄下多了兩個文件,tftp.service
和tftp.socket
,他們是tftp服務端的配置文件
# pwd
/usr/lib/systemd/system
# cat tftp.service
[Unit]
Description=Tftp Server
Requires=tftp.socket
Documentation=man:in.tftpd
[Service]
ExecStart=/usr/sbin/in.tftpd -c -p -s /var/lib/tftpboot
StandardInput=socket
[Install]
Also=tftp.socket
# cat tftp.socket
[Unit]
Description=Tftp Server Activation Socket
[Socket]
ListenDatagram=69
[Install]
WantedBy=sockets.target
2.3 啟動
使用下面的命令啟動tftp server
# systemctl daemon-reload
# systemctl enable --now tftp
Created symlink from /etc/systemd/system/sockets.target.wants/tftp.socket to /usr/lib/systemd/system/tftp.socket.
查看啟動的tftp server狀態信息
# systemctl status tftp
● tftp.service - Tftp Server
Loaded: loaded (/usr/lib/systemd/system/tftp.service; indirect; vendor preset: disabled)
Active: active (running) since Tue 2022-12-20 20:59:24 CST; 41s ago
Docs: man:in.tftpd
Main PID: 22776 (in.tftpd)
CGroup: /system.slice/tftp.service
└─22776 /usr/sbin/in.tftpd -c -p -s /tftpboot
Dec 20 20:59:24 yq01-sys-netadmin01.yq01.baidu.com systemd[1]: Started Tftp Server.
# lsof -i :69
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
systemd 1 root 22u IPv6 400870756 0t0 UDP *:tftp
in.tftpd 22776 root 0u IPv6 400870756 0t0 UDP *:tftp
3 測試
tftp客戶端通過put
命令上傳文件,通過get
命令下載文件,但不支持list文件服務器的文件和目錄列表,也不支持刪除文件
tftp支持的所有命令:
# 檢查tftp客戶端是否已安裝,系統一般默認安裝
$ which tftp
/usr/bin/tftp
$ tftp -v 127.0.0.1
Connected to 127.0.0.1 (127.0.0.1), port 69
tftp> ?
tftp-hpa 0.49
Commands may be abbreviated. Commands are:
connect connect to remote tftp
mode set file transfer mode
put send file
get receive file
quit exit tftp
verbose toggle verbose mode
trace toggle packet tracing
literal toggle literal mode, ignore ':' in file name
status show current status
binary set mode to octet
ascii set mode to netascii
rexmt set per-packet transmission timeout
timeout set total retransmission timeout
? print help information
help print help information
tftp> quit
測試文件上傳和下載
$ tftp 127.0.0.1
tftp> put test.txt
tftp> get test.txt
tftp> quit
或
# 上傳
$ tftp -v 127.0.0.1 -c put test.txt
Connected to 127.0.0.1 (127.0.0.1), port 69
putting test.txt to 127.0.0.1:test.txt [netascii]
Sent 19 bytes in 0.0 seconds [8069 bit/s]
# tftpd文件目錄下查看上傳的文件
$ ls /var/lib/tftpboot
test.txt
$ rm -f test.txt
$ ls
# 下載
$ tftp -v 127.0.0.1 -c get test.txt
Connected to 127.0.0.1 (127.0.0.1), port 69
getting from 127.0.0.1:test.txt to test.txt [netascii]
Received 19 bytes in 0.0 seconds [17714 bit/s]
# 查看下載的文件
$ ls
test.txt
4 原理
4.1 協議概述
TFTP英文全稱:Trivial File Transfer Protocol
,中文全稱:簡單文件傳輸協議。提供不復雜、開銷不大的文件傳輸服務。端口號為69。基于UDP協議。
4.2 TFTP報文類型
TFTP共定義了五種類型的包,類型的區分由包數據前兩個字節的Opcode字段區分,分別是:
- 讀文件請求包:Read request,簡寫為RRQ,對應Opcode字段值為1
- 寫文件請求包:Write requst,簡寫為WRQ,對應Opcode字段值為2
- 文件數據包:Data,簡寫為DATA,對應Opcode字段值為3
- 回應包:Acknowledgement,簡寫為ACK,對應Opcode字段值為4
- 錯誤信息包:Error,簡寫為ERROR,對應Opcode字段值為5
4.3 TFTP端口號分配
TFTP客戶端發送read request和write request報文的時候,目的端口是69。而Data、Acknowledgement、Error不使用69端口,它們使用的是隨機端口1024~5000。
不同的操作系統有不同的端口號規定Linux使用32768~61000、Windows 使用1025~5000
tftp協議原理更多詳情可參考:TFTP協議詳解及TFTP穿越NAT