Библиотека сайта rus-linux.net
At my place of employment, we have a WAN connecting several remote locations. These remote locations have Cisco routers connected via ISDN, or in some instances, Centrex data circuits, to provide Internet and WAN connectivity. Cisco router products allow using TFTP ("Trivial File Transfer Protocol") on a network server to read and write configuration files. Whenever a router configuration is changed, it is important to save the configuration file on the Linux server so that a backup is maintained.
Please note that Red Hat disables the TFTP service by default,
because it can be a real security hole if not configured properly. The
TFTP daemon allows anyone to read and write files without performing
authentication. The way I personally set things up is to create a
'' directory, owned
by root, and then modify the existing configuration line in the
'' file to
specify the file location:
tftpd dgram udp wait root /usr/sbin/tcpd in.tftpd /tftpboot
Note: Note: Adding the ``
/tftpboot'' path at the end of the above line specifically indicates where the TFTP daemon is allowed to access files. Although you can actually leave this part out and allow TFTP to access files anywhere on your system, as TFTP is considered somewhat of a security risk, this would probably be a very bad idea.
Once you have enabled the TFTP service, don't forget to type:
The above command restarts the INETD daemon to recognize whatever changes you have made to the inetd.conf file.
Creating a backup of a router configuration file involves a 3-step process: setting permissions on an existing file (or creating a new one) to allow writes, writing the backup file, and then resetting permissions to restrict access to the file. An example router backup session follows:
In case of router failure (caused, for example, by a power surge during a lightning storm), these backup files can be helpful to reload the router configuration. Again, restoring from a configuration file involves a 3-step process: setting permissions on the existing file, loading the file, and then resetting permissions to restrict access to the file. An example router restoration session follows.