This is the mail archive of the
ecos-patches@sources.redhat.com
mailing list for the eCos project.
RedBoot: Doc TFTP firewall on RHL
- From: Jonathan Larmour <jlarmour at jifvik dot org>
- To: ecos-patches at ecos dot sourceware dot org
- Date: Fri, 20 Feb 2004 03:38:05 GMT
- Subject: RedBoot: Doc TFTP firewall on RHL
Index: ChangeLog
===================================================================
RCS file: /cvs/ecos/ecos/packages/redboot/current/ChangeLog,v
retrieving revision 1.181
diff -u -5 -p -r1.181 ChangeLog
--- ChangeLog 19 Feb 2004 10:47:10 -0000 1.181
+++ ChangeLog 20 Feb 2004 03:38:03 -0000
@@ -1,5 +1,10 @@
+2004-02-20 Jonathan Larmour <jifl@eCosCentric.com>
+
+ * doc/redboot.sgml: Document lowering security level for TFTP to
+ work on more recent Red Hat Linux.
+
2004-02-19 Jani Monoses <jani@iv.ro>
* src/xyzModem.c: Start with sending a 'C', do not wait until the
first packet from the sender.This allows download to start quicker.
Index: doc/redboot.sgml
===================================================================
RCS file: /cvs/ecos/ecos/packages/redboot/current/doc/redboot.sgml,v
retrieving revision 1.7
diff -u -5 -p -r1.7 redboot.sgml
--- doc/redboot.sgml 20 May 2003 18:43:52 -0000 1.7
+++ doc/redboot.sgml 20 Feb 2004 03:38:03 -0000
@@ -555,10 +555,18 @@ xinetd RPM is installed.</para>
<step><para>Enable TFTP by means of the following: <programlisting>/sbin/chkconfig tftp on
</programlisting>Reload the xinetd configuration using the command:<programlisting>
/sbin/service xinetd reload </programlisting>Create the directory /tftpboot
using the command <programlisting>mkdir /tftpboot</programlisting></para>
</step>
+<step><para>If you are using Red Hat 8 or newer, you may need to configure
+the built-in firewall to allow through TFTP. Either edit
+<filename>/etc/sysconfig/iptables</filename> or run
+<command>redhat-config-securitylevel</command> on the command line or from
+the menu as System Settings->Security Settings to lower the security level.
+You should only do this with the permission of your systems administrator and
+if you are already behind a separate firewall.</para>
+</step>
</procedure>
<note><title>NOTE</title>
<para>Under Red Hat 7 you must address files by absolute pathnames, for example: <filename>
/tftpboot/boot.img</filename> not <filename>/boot.img</filename>, as you may have done with
other implementations.