Configuring Remote Access for AN and Passport ARN Routers

Restricting TFTP Access to Specified Directories

To restrict TFTP access to a specific directory:

1.Log in to your UNIX workstation as root.

2.Insert the appropriate line in the /etc/inetd.conf file.

The examples in Table 2-4 restrict access to the /tftpboot directory. You can substitute any directory you want.

Table 2-4.

Restricting TFTP Access to Specified Directories

 

 

Operating

 

System

Sample Line to Insert in /etc/inetd.conf File, or Other Instruction

 

 

SunOS

tftp dgram udp wait root /usr/etc/in.tftpd in.tftpd -s

 

/tftpboot

 

 

Solaris

tftp dgram udp wait root /usr/sbin/in.tftpd in.tftpd

 

-s /tftpboot

 

 

HP-UX

tftp dgram udp wait root /etc/tftp tftp -s /tftpboot

 

 

AIX

Use the System Management Interface Tool (SMIT) to configure TFTP.

 

For instructions, see the IBM guides on TCP/IP daemons and TFTP.

 

 

3.Create a symbolic link in the specified directory for every startup file path name.

For example, to set up symbolic links in the /tftpboot directory:

a.Enter the following command to move to the /tftpboot directory: cd tftpboot

Note: Do not insert a slash (/) in the cd tftpboot command. A symbolic link cannot contain references to directories above the directory specified in the tftpd command line.

b.Enter the following commands to create symbolic links:

ln -s . usr

ln -s . tftpboot

2-10

308614-14.20 Rev 00

Page 50
Image 50
Nortel Networks 14.2 manual Restricting Tftp Access to Specified Directories, Ln -s . usr Ln -s . tftpboot