Comment se fait le TFTP sur un Mac ?



par

Exécuter un serveur TFTP pour les configurations de périphériques réseau

....sur Mac OS X ou macOS


Par Rick Cogley

6-Fév.2017
Conseils logiciels Sysadmin


TOC

  • PréparationTrouver les commandes appropriéesDémarrer tftpdServir un fichier de firmwareLier en symétrie le dossier tftpbootCopier le fichier de firmware en positionObtenir le fichier de firmware de tftpdPoser un fichier d'un périphérique sur tftpdArrêter tftpdAlternatives

Si vous travaillez avec des périphériques réseau tels que des commutateurs, routeurs ou pare-feu, pour mettre à jour leur firmware, vous avez le plus souvent besoin d'un serveur TFTP. Voici comment utiliser celui qui est inclus dans Mac OS X ou macOS.

Préparation

Mac OS X a un serveur tftp inclus, et il suffit de le démarrer et de faire un peu de configuration.

Je l'ai trouvé et configuré de cette façon :

Trouver les commandes appropriées

Utiliser la commande apropos pour voir s'il y a des commandes liées à tftp. From Terminal:

Bash

  1. apropos tftp 

The command replies:

Bash

  1. tftp(1) - trivial file transfer program 
  2. tftpd(8) - DARPA Internet Trivial File Transfer Protocol server 

Since the commands exist, you can use man to get more info. We would want the server version of this command, so that is the one with the d suffix (d is for “daemon”).

Bash

  1. man tftpd 

Looking at these results and Apple’s online version of the man info, we see it says:

This server should not be started manually; instead, it should be run using launchd(8) using the plist /System/Library/LaunchDaemons/tftp.plist. It may be started using the launchctl(1) load command; refer to the documentation for that utility for more information.

Start tftpd

The man file gives you the plist to use, so, you just start it with launchctl:

Bash

  1. sudo launchctl load -F /System/Library/LaunchDaemons/tftp.plist 

… and tftpd will start. Supply your password when sudo prompts for it.

You can confirm it’s running using netstat to check what is listening on its port, traditionally port 69.

Bash

  1. netstat -na |grep *.69 

It will show:

Bash

  1. udp6 0 0 *.69 *.* 
  2. udp4 0 0 *.69 *.* 

Serve a Firmware File

Now that the tftpd server is started, you need to put the firmware binary file in a specific location for the tftpd to be able to serve it to a requesting device. Namely your firmware files should be saved to /private/tftpboot. The tftp.plist file looks like this:

Xml

  1. <?xml version="1.0" encoding="UTF-8"?> 
  2. .0"> 
  3.  
  4. Disabled 
  5.  
  6. Label 
  7. com.apple.tftpd 
  8. ProgramArguments 
  9.  
  10. /usr/libexec/tftpd 
  11. -i 
  12. /private/tftpboot 
  13.  
  14. inetdCompatibility 
  15.  
  16. Wait 
  17.  
  18.  
  19. InitGroups 
  20.  
  21. Sockets 
  22.  
  23. Listeners 
  24.  
  25. SockServiceName 
  26. tftp 
  27. SockType 
  28. dgram 
  29.  
  30.  
  31.  
  32.  

Symlink the tftpboot folder

You used to be able to change the tftpboot path, but OS X El Capitan and later macOSs have stronger security via their “SIP” system which makes things more difficult. Just symlink the tftpboot to a folder you have full control over. You can do it like this:

Bash

  1. cd /private/ 
  2. sudo rm -rf tftpboot 
  3. mkdir /Users/myuser/tftpboot 
  4. sudo ln -s /Users/myuser/tftpboot tftpboot 
  5. sudo launchctl unload -F /System/Library/LaunchDaemons/tftp.plist 
  6. sudo launchctl load -F /System/Library/LaunchDaemons/tftp.plist 

That being said, please note that I tested a fresh macOS Sierra install directly on /private/tftpboot, and tftp get and put from another Mac worked fine without the symlink in place, so YMMV. I confirmed with csrutil status that SIP is indeed enabled on my fresh macOS.

Japanese Mac keyboards don’t handle reverse solidus . To enter one you can press option-¥.

Copy firmware file into position

Now let’s serve a file. Let’s say we download a firmware for an HP switch, and want to upgrade its firmware to that version. The file downloaded is F_05_80.swi and is saved to our Downloads folder. Let’s move it to the correct folder, and set its permissions.

Bash

  1. cd /Users/myuser/tftpboot 
  2. cp ~/Downloads/hp/F_05_80.swi . 
  3. ls 
  4. chmod 766 F_05_80.swi 

Get firmware file from tftpd

Screenshot: HP Switch Firmware Upgrade UI

It differs by each device you’re upgrading, but typically you would set these:

  • Method of upgrade: select tftp usually.
  • IP address of tftpd server. This is the IP of your mac.
  • Name of firmware file. Enter the exact name, getting the case exactly right.

Then there is usually a way to “execute” the transfer by a command or menu. Une fois le firmware transféré et chargé, votre appareil redémarre généralement.

Cliquez sur la capture d'écran pour voir à quoi cela ressemble sur un commutateur HP.

Mettre un fichier d'un appareil sur tftpd

Parfois, vous voulez enregistrer un fichier de l'appareil, sur votre serveur tftp. Le protocole tftp est muet et ne nécessite aucune authentification, vous devez donc spécifier à l'avance quel sera le nom du fichier reçu. Use touchto do that.

Be sure to get the name exactly right, as mis-spellings are a common cause of errors here.

Bash

  1. touch ~/tftpboot/catalyst.conf 
  2. chmod 766 ~/tftpboot/catalyst.conf 

Now you have a blank file that will be overwritten, when you specify it from your remote device. Make sure you specify exactly the same filename.

Stop tftpd

Be sure to unload the service when you’re not using it:

Bash

  1. sudo launchctl unload -F /System/Library/LaunchDaemons/tftp.plist 
  2. netstat -na |grep *.69 

The aforementioned netstat command should return nothing.

Alternatives

There are a couple of GUI alternatives you can try, though I have not done so myself:

  • PumpKIN
  • TFTP Server

I hope this information helps someone.

Cheers!!