diff options
-rw-r--r-- | libexec/tftp-proxy/tftp-proxy.8 | 39 |
1 files changed, 13 insertions, 26 deletions
diff --git a/libexec/tftp-proxy/tftp-proxy.8 b/libexec/tftp-proxy/tftp-proxy.8 index 28d4ac474b7..3e508f5076a 100644 --- a/libexec/tftp-proxy/tftp-proxy.8 +++ b/libexec/tftp-proxy/tftp-proxy.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: tftp-proxy.8,v 1.2 2007/05/31 19:19:41 jmc Exp $ +.\" $OpenBSD: tftp-proxy.8,v 1.3 2009/09/01 14:15:57 sthen Exp $ .\" .\" Copyright (c) 2005 joshua stein <jcs@openbsd.org> .\" @@ -25,7 +25,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: May 31 2007 $ +.Dd $Mdocdate: September 1 2009 $ .Dt TFTP-PROXY 8 .Os .Sh NAME @@ -41,16 +41,17 @@ is a proxy for the Internet Trivial File Transfer Protocol invoked by the .Xr inetd 8 internet server. -TFTP connections should be redirected to the proxy using the +TFTP connections should be redirected to the proxy using a .Xr pf 4 -.Ar rdr -command, after which the proxy connects to the server on behalf of +rule using the +.Ar rdr-to +option, after which the proxy connects to the server on behalf of the client. .Pp The proxy establishes a .Xr pf 4 -.Ar rdr -rule using the +.Ar rdr-to +pass rule using the .Ar anchor facility to rewrite packets between the client and the server. Once the rule is established, @@ -59,10 +60,8 @@ forwards the initial request from the client to the server to begin the transfer. After .Ar transwait -seconds, the +seconds, the NAT state is assumed to have been established and the .Xr pf 4 -NAT state is assumed to have been established and the -.Ar rdr rule is deleted and the program exits. Once the transfer between the client and the server is completed, the NAT state will naturally expire. @@ -85,7 +84,6 @@ Log the connection and request information to Number of seconds to wait for the data transmission to begin before removing the .Xr pf 4 -.Ar rdr rule. The default is 2 seconds. .El @@ -93,23 +91,12 @@ The default is 2 seconds. To make use of the proxy, .Xr pf.conf 5 needs the following rules. -The anchors are mandatory. -Adjust the rules as needed for your configuration. -.Pp -In the NAT section: -.Bd -literal -offset indent -nat on $ext_if from $int_if -\*(Gt ($ext_if:0) - -no nat on $ext_if to port tftp - -rdr-anchor "tftp-proxy/*" -rdr on $int_if proto udp from $lan to any port tftp -\*(Gt \e - 127.0.0.1 port 6969 -.Ed -.Pp -In the filter section, an anchor must be added to hold the pass rules: +The anchor is mandatory. +Adjust the rule as needed for your configuration. .Bd -literal -offset indent anchor "tftp-proxy/*" +pass in quick on $int_if proto udp from $lan to any port tftp \e + rdr-to 127.0.0.1 port 6969 .Ed .Pp .Xr inetd 8 |