Centos安装使用tftp服务器

1 CentOS 6

1.1 安装

如果网络可用，可以直接通过yum安装

# yum install tftp-server

也可以先下载rpm包，然后再安装，下载地址：

http://rpmfind.net/linux/rpm2html/search.php?query=tftp-server
或
https://crpm.cc/tftp-server-0-49-8-el6-x86_64-rpm/

然后安装

# rpm -ihv tftp-server-0.49-8.el6.x86_64.rpm

安装后，可以发现在/usr/sbin目录下多了一个in.tftpd的文件

$ which in.tftpd
/usr/sbin/in.tftpd

1.2 配置

in.tftpd通过xinetd服务管理，/etc/xinetd.conf存放了xinetd管理的所有服务的默认配置，也是tftpd的默认配置

# cat /etc/xinetd.conf
#
# This is the master xinetd configuration file. Settings in the
# default section will be inherited by all service configurations
# unless explicitly overridden in the service configuration. See
# xinetd.conf in the man pages for a more detailed explanation of
# these attributes.

defaults
{
# The next two items are intended to be a quick access place to
# temporarily enable or disable services.
#
#   enabled     =
#   disabled    =

# Define general logging characteristics.
    log_type    = SYSLOG daemon info
    log_on_failure  = HOST
    log_on_success  = PID HOST DURATION EXIT

# Define access restriction defaults
#
#   no_access   =
#   only_from   =
#   max_load    = 0

# 每秒最多接受50个连接，如果超过50，则停止20秒后才接受新的连接
    cps     = 50 10
# 最大连接数
    instances   = 50
# 单个客户端的最大连接数
    per_source  = 10

# Address and networking defaults
#
#   bind        =
#   mdns        = yes
    v6only      = no

# setup environmental attributes
#
#   passenv     =
    groups      = yes
    umask       = 002

# Generally, banners are not used. This sets up their global defaults
#
#   banner      =
#   banner_fail =
#   banner_success  =
}

includedir /etc/xinetd.d

在/etc/xinetd.d/tftp文件中添加tftp server的配置，该文件中指定的配置会覆盖/etc/xinetd.conf文件中的配置，没有指定的配置采用默认配置

# cd /etc/xinetd.d/
# vim tftp 
# default: off
# description: The tftp server serves files using the trivial file transfer \
#       protocol.  The tftp protocol is often used to boot diskless \
#       workstations, download configuration files to network-aware printers, \
#       and to start the installation process for some operating systems.
service tftp
{
        socket_type             = dgram
        protocol                = udp
        # 并发
        wait                    = no
        # 启动tftpd的用户
        user                    = root
        # 启动命令
        server                  = /usr/sbin/in.tftpd
        # 启动参数， -s指定tftpd的文件目录, -c表示允许上传文件
        server_args             = -s /var/lib/tftpboot -c
        # 允许启动
        disable                 = no
        per_source              = 11
        cps                     = 100 2
        flags                   = IPv4
}

关于xinetd的更多配置，可以参考：鸟哥的linux私房菜相关章节

1.3 启动

创建文件目录，并修改文件目录访问权限

# chmod 777 /var/lib/tftpboot

设置开机自启动，然后启动服务

# chkconfig tftp on
# chkconfig xinetd on
# service xinetd start

查看状态

# service xinetd status
xinetd (pid  28613) is running...

# ps -ef | grep in.tftpd | grep -v 'grep'
root     23264     1  0 May19 ?        00:00:03 in.tftpd -s /tftpboot -c
nobody   23405 28616  0 14:32 ?        00:00:00 in.tftpd -s /tftpboot -c
root     28616 28613  0 May19 ?        00:00:03 in.tftpd -s /tftpboot -c

# tftpd默认使用69端口
# lsof -i :69
COMMAND  PID USER   FD   TYPE     DEVICE SIZE/OFF NODE NAME
xinetd  5416 root    6u  IPv4 1731965196      0t0  UDP *:tftp

$ netstat -tuplna | grep ':69 '
(No info could be read for "-p": geteuid()=249958 but you should be root.)
udp        0      0 0.0.0.0:69                  0.0.0.0:*                               -
udp        0      0 0.0.0.0:69                  0.0.0.0:*                               -

# 测试端口连接
$ nc -uvz 127.0.0.1 69
Connection to 127.0.0.1 69 port [udp/tftp] succeeded!

2 CentOS 7

2.1 安装

假设网络条件允许直接通过yum安装，通过以下命令安装tftp服务端和tftp客户端

# yum install -y tftp-server tftp

安装完后，在/sbin和/usr/sbin目录下均多了一个服务端程序文件in.tftpd，这两个文件的MD5值是一样的

# which in.tftpd
/sbin/in.tftpd
# ls /usr/sbin | grep tftp
in.tftpd

tftp客户端程序则安装在/bin目录下

# which tftp
/bin/tftp

2.2 配置

使用yum安装完tftp服务端程序后，在/usr/lib/systemd/system目录下多了两个文件，tftp.service和tftp.socket，他们是tftp服务端的配置文件

# pwd
/usr/lib/systemd/system

# cat tftp.service 
[Unit]
Description=Tftp Server
Requires=tftp.socket
Documentation=man:in.tftpd

[Service]
ExecStart=/usr/sbin/in.tftpd -c -p -s /var/lib/tftpboot
StandardInput=socket

[Install]
Also=tftp.socket

# cat tftp.socket 
[Unit]
Description=Tftp Server Activation Socket

[Socket]
ListenDatagram=69

[Install]
WantedBy=sockets.target

2.3 启动

使用下面的命令启动tftp server

# systemctl daemon-reload
# systemctl enable --now tftp
Created symlink from /etc/systemd/system/sockets.target.wants/tftp.socket to /usr/lib/systemd/system/tftp.socket.

查看启动的tftp server状态信息

# systemctl status tftp
● tftp.service - Tftp Server
   Loaded: loaded (/usr/lib/systemd/system/tftp.service; indirect; vendor preset: disabled)
   Active: active (running) since Tue 2022-12-20 20:59:24 CST; 41s ago
     Docs: man:in.tftpd
 Main PID: 22776 (in.tftpd)
   CGroup: /system.slice/tftp.service
           └─22776 /usr/sbin/in.tftpd -c -p -s /tftpboot

Dec 20 20:59:24 yq01-sys-netadmin01.yq01.baidu.com systemd[1]: Started Tftp Server.
# lsof -i :69
COMMAND    PID USER   FD   TYPE    DEVICE SIZE/OFF NODE NAME
systemd      1 root   22u  IPv6 400870756      0t0  UDP *:tftp 
in.tftpd 22776 root    0u  IPv6 400870756      0t0  UDP *:tftp

3 测试

tftp客户端通过put命令上传文件，通过get命令下载文件，但不支持list文件服务器的文件和目录列表，也不支持删除文件

tftp支持的所有命令：

# 检查tftp客户端是否已安装，系统一般默认安装
$ which tftp
/usr/bin/tftp


$ tftp -v 127.0.0.1
Connected to 127.0.0.1 (127.0.0.1), port 69
tftp> ?
tftp-hpa 0.49
Commands may be abbreviated.  Commands are:

connect     connect to remote tftp
mode        set file transfer mode
put         send file
get         receive file
quit        exit tftp
verbose     toggle verbose mode
trace       toggle packet tracing
literal     toggle literal mode, ignore ':' in file name
status      show current status
binary      set mode to octet
ascii       set mode to netascii
rexmt       set per-packet transmission timeout
timeout     set total retransmission timeout
?           print help information
help        print help information
tftp> quit

测试文件上传和下载

$ tftp 127.0.0.1
tftp> put test.txt
tftp> get test.txt
tftp> quit

或

# 上传
$ tftp -v 127.0.0.1 -c put test.txt
Connected to 127.0.0.1 (127.0.0.1), port 69
putting test.txt to 127.0.0.1:test.txt [netascii]
Sent 19 bytes in 0.0 seconds [8069 bit/s] 

# tftpd文件目录下查看上传的文件
$ ls /var/lib/tftpboot
test.txt
$ rm -f test.txt
$ ls

# 下载
$ tftp -v 127.0.0.1 -c get test.txt
Connected to 127.0.0.1 (127.0.0.1), port 69
getting from 127.0.0.1:test.txt to test.txt [netascii]
Received 19 bytes in 0.0 seconds [17714 bit/s]

# 查看下载的文件
$ ls
test.txt

4 原理

4.1 协议概述

TFTP英文全称：Trivial File Transfer Protocol，中文全称：简单文件传输协议。提供不复杂、开销不大的文件传输服务。端口号为69。基于UDP协议。

4.2 TFTP报文类型

TFTP共定义了五种类型的包，类型的区分由包数据前两个字节的Opcode字段区分，分别是：

1. 读文件请求包：Read request，简写为RRQ，对应Opcode字段值为1
2. 写文件请求包：Write requst，简写为WRQ，对应Opcode字段值为2
3. 文件数据包：Data，简写为DATA，对应Opcode字段值为3
4. 回应包：Acknowledgement，简写为ACK，对应Opcode字段值为4
5. 错误信息包：Error，简写为ERROR，对应Opcode字段值为5

4.3 TFTP端口号分配

TFTP客户端发送read request和write request报文的时候，目的端口是69。而Data、Acknowledgement、Error不使用69端口，它们使用的是随机端口1024~5000。
不同的操作系统有不同的端口号规定Linux使用32768~61000、Windows 使用1025~5000

tftp协议原理更多详情可参考：TFTP协议详解及TFTP穿越NAT