|TFTP-PROXY(8)||System Manager's Manual||TFTP-PROXY(8)|
tftp-proxyis a proxy for the Internet Trivial File Transfer Protocol. TFTP connections should be redirected to the proxy using a pf(4) rule using the divert-to option, after which the proxy connects to the server on behalf of the client. The connection from the proxy to the server needs to be passed by a rule with divert-reply set.
The proxy inserts pf(4) pass and/or
rdr rules using the anchor facility to allow payload
packets between the client and the server. Once the rules are inserted,
tftp-proxy forwards the initial request from the
client to the server to begin the transfer. After
transwait seconds, the states are assumed to have been
established and the pf(4) rules are deleted
and the program exits. Once the transfer between the client and the server
is completed the states will naturally expire.
The options are as follows:
tftp-proxyto use IPv4 addresses only.
tftp-proxyto use IPv6 addresses only.
-aoptions to specify both an IPv4 and an IPv6 address.
tftp-proxywill run in the foreground and log the client IP, type of request, and filename to stderr.
tftp-proxylistens on localhost addresses.
tftp-proxylistens on port 6969.
anchor "tftp-proxy/*" pass in quick on $int_if inet proto udp from $lan to port tftp \ divert-to 127.0.0.1 port 6969 pass out quick on $ext_if inet proto udp from $lan to port tftp \ group _tftp_proxy divert-reply
|November 5, 2018||OpenBSD-current|