This is the mail archive of the ecos-patches@sources.redhat.com mailing list for the eCos project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

RedBoot: Doc TFTP firewall on RHL

From: Jonathan Larmour <jlarmour at jifvik dot org>
To: ecos-patches at ecos dot sourceware dot org
Date: Fri, 20 Feb 2004 03:38:05 GMT
Subject: RedBoot: Doc TFTP firewall on RHL

Index: ChangeLog
===================================================================
RCS file: /cvs/ecos/ecos/packages/redboot/current/ChangeLog,v
retrieving revision 1.181
diff -u -5 -p -r1.181 ChangeLog
--- ChangeLog	19 Feb 2004 10:47:10 -0000	1.181
+++ ChangeLog	20 Feb 2004 03:38:03 -0000
@@ -1,5 +1,10 @@
+2004-02-20  Jonathan Larmour  <jifl@eCosCentric.com>
+
+	* doc/redboot.sgml: Document lowering security level for TFTP to
+	work on more recent Red Hat Linux.
+
 2004-02-19  Jani Monoses <jani@iv.ro>
 
 	* src/xyzModem.c: Start with sending a 'C', do not wait until the
 	first packet from the sender.This allows download to start quicker.
 	
Index: doc/redboot.sgml
===================================================================
RCS file: /cvs/ecos/ecos/packages/redboot/current/doc/redboot.sgml,v
retrieving revision 1.7
diff -u -5 -p -r1.7 redboot.sgml
--- doc/redboot.sgml	20 May 2003 18:43:52 -0000	1.7
+++ doc/redboot.sgml	20 Feb 2004 03:38:03 -0000
@@ -555,10 +555,18 @@ xinetd RPM is installed.</para>
 <step><para>Enable TFTP by means of the following: <programlisting>/sbin/chkconfig tftp on
 </programlisting>Reload the xinetd configuration using the command:<programlisting>
  /sbin/service xinetd reload </programlisting>Create the directory /tftpboot
 using the command <programlisting>mkdir /tftpboot</programlisting></para>
 </step>
+<step><para>If you are using Red Hat 8 or newer, you may need to configure
+the built-in firewall to allow through TFTP. Either edit
+<filename>/etc/sysconfig/iptables</filename> or run
+<command>redhat-config-securitylevel</command> on the command line or from
+the menu as System Settings->Security Settings to lower the security level.
+You should only do this with the permission of your systems administrator and
+if you are already behind a separate firewall.</para>
+</step>
 </procedure>
 <note><title>NOTE</title>
 <para>Under Red Hat 7 you must address files by absolute pathnames, for example: <filename>
 /tftpboot/boot.img</filename> not <filename>/boot.img</filename>, as you may have done with
 other implementations.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]