From 303b44fb3268bef70c3f04a8159a7b2139adb1cc Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sun, 11 May 2025 15:10:02 +0200 Subject: [PATCH] Drop 'Using TFTP services through NAT' procedure In both the "Enabling connections from a client to {ProjectServer}" and "Enabling connections from {ProjectServer} and clients to a {SmartProxyServer}" procedures there is a --add-service=tftp line so users are already told to open up port 69 from clients. Then the specific part of allowing it through NAT is not something we support anywhere. --- .../common/assembly_preparing-networking.adoc | 2 - .../proc_using-tftp-services-through-nat.adoc | 45 ------------------- 2 files changed, 47 deletions(-) delete mode 100644 guides/common/modules/proc_using-tftp-services-through-nat.adoc diff --git a/guides/common/assembly_preparing-networking.adoc b/guides/common/assembly_preparing-networking.adoc index b31f53338c0..3c04b95c680 100644 --- a/guides/common/assembly_preparing-networking.adoc +++ b/guides/common/assembly_preparing-networking.adoc @@ -20,8 +20,6 @@ include::modules/ref_dns-options-for-network-configuration.adoc[leveloffset=+2] include::modules/ref_tftp-options-for-network-configuration.adoc[leveloffset=+2] -include::modules/proc_using-tftp-services-through-nat.adoc[leveloffset=+2] - include::modules/proc_adding-a-domain.adoc[leveloffset=+1] include::modules/proc_adding-a-subnet.adoc[leveloffset=+1] diff --git a/guides/common/modules/proc_using-tftp-services-through-nat.adoc b/guides/common/modules/proc_using-tftp-services-through-nat.adoc deleted file mode 100644 index fab07aff8a7..00000000000 --- a/guides/common/modules/proc_using-tftp-services-through-nat.adoc +++ /dev/null @@ -1,45 +0,0 @@ -[id="Using_TFTP_Services_Through_NAT_{context}"] -= Using TFTP services through NAT - -You can use {Project} TFTP services through NAT. -To do this, on all NAT routers or firewalls, you must enable a TFTP service on UDP port 69 and enable the TFTP state tracking feature. -For more information, see the documentation for your NAT device. - -ifdef::satellite[] -.Using NAT on {RHEL} 7: -endif::[] -ifndef::satellite[] -.Using NAT on Linux with `firewalld`: -endif::[] -. Allow the TFTP service in the firewall configuration: -+ ----- -# firewall-cmd --add-service=tftp ----- -include::snip_make-firewall-settings-persistent.adoc[] - -ifdef::satellite[] -.Using NAT on {RHEL} 6: -endif::[] -ifndef::satellite[] -.Using NAT on linux with `iptables`: -endif::[] -. Configure the firewall to allow TFTP service UDP on port 69: -+ ----- -# iptables \ ---sport 69 \ ---state ESTABLISHED \ --A OUTPUT \ --i eth0 \ --j ACCEPT \ --m state \ --p udp -# service iptables save ----- -. Load the `ip_conntrack_tftp` kernel TFTP state module. -In the `/etc/sysconfig/iptables-config` file, locate `IPTABLES_MODULES` and add `ip_conntrack_tftp` as follows: -+ ----- -IPTABLES_MODULES="ip_conntrack_tftp" -----