From: Scott Morris (swm@emanon.com)
Date: Sun Oct 13 2002 - 15:35:56 GMT-3
It'll depend on which direction things are going first of all...
But secondly, the first packet is the only one that's really to the tftp
port. :) Subsequent packets are to a random port above 1024. Take a
sniffer and look at what's being done! Or 'debug ip packet detail' on
your router!
Scott
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
James
Sent: Sunday, October 13, 2002 2:10 PM
To: ccielab@groupstudy.com
Subject: weird question about tftp and access-list
hi, all
i am trying to permit tftp packet out of ether 0.
tftp srv---------(e0)r4(s0)--------(s0)r3(e0)-----cleint
i can copy files to tftp server from client without any access-list. but
after applying the access-list as following, i got some error message:
!..... %Error writing tftp://192.168.0.188/r22 (Write error)...... that
means, the first packet is permit, but the subsequent is block. i am
wondering what is the real reason. thanks in advance access-list is as
following: permit ospf any any (234 matches)
permit tcp 172.16.21.0 0.0.0.255 any eq telnet
permit icmp any any echo log (20 matches)
permit icmp any any echo-reply log (5 matches)
permit udp any any eq tftp log (3 matches)
the log message is : 04:31:12: %SEC-6-IPACCESSLOGP: list allow_ftp_ping
permitted udp 172.16.37.2(549
49) -> 192.168.0.188(69), 1 packet
james
This archive was generated by hypermail 2.1.4 : Tue Nov 05 2002 - 08:35:46 GMT-3