This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

How to disable TFTP on VDX6720

How to disable TFTP on VDX6720

Go to solution
Adam_Schappell
New Contributor

‎10-25-2018 02:15 PM

Hello, we have a requirement to have TFTP disabled on our switch... Is this possible? If so what commands can I run?
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Truyen_Phan
Extreme Employee

‎01-16-2019 06:54 AM

Hi Adam,

TFTP is executed under the inetd process. TFTPd is disabled by default on higher releases (6.x+) which the 6720 does not support. IPfilter is not needed to block this.

Please do the following to disable tftpd. A reload will be needed to take effect.

The below will do the following:

  1. take back up of inetd.conf
  2. comment out tftpd in inetd.conf and put in new file via sed
  3. overwrite inetd.conf with update file
  4. copy inetd.conf to 2nd partition in case of partition swap in the future
  5. reload switch
code:
sw0# unhide foscmd
Password: ******** (fibranne)
sw0# fos bash | no
sw0:root> netstat -anp | grep :69
udp    0   0 0.0.0.0:69       0.0.0.0:*              1295/inetd

sw0:root> cat /etc/inetd.conf | grep tftpd
tftp dgram  udp   wait  nobody /usr/sbin/in.tftpd  in.tftpd /tftpboot

bash-2.04# cp /etc/inetd.conf /etc/inetd.conf.bak
bash-2.04# cp /mnt/etc/inetd.conf /mnt/etc/inetd.conf.bak
bash-2.04# sed -e 's/^tftp/#tftp/' /etc/inetd.conf > /etc/inetd.conf.new
bash-2.04# cp /etc/inetd.conf.new /etc/inetd.conf
bash-2.04# grep tftp /etc/inetd.conf
#tftp dgram  udp   wait  nobody /usr/sbin/in.tftpd  in.tftpd /tftpboot

bash-2.04# cp /etc/inetd.conf /mnt/etc/inetd.conf
bash-2.04# exit
exit
sw0# reload system


### After switch boots up ###

code:
sw0# unhide foscmd
Password: ******** (fibranne)
sw0# fos bash | no
bash-2.04# netstat -anp | grep :69
bash-2.04#

View solution in original post

0 Kudos
25 REPLIES 25

Go to solution
Ivan_Chan
Extreme Employee

‎01-14-2019 07:51 PM

The telnet server shut functionality has been changed, the below cli may not be available in earlier NOS version.

Here is the steps to shut down Telnet Server in Active …

Static-Lab-SM08_VDX2# sh ver
Network Operating System Software
Network Operating System Version: 7.3.0a
Copyright (c) 1995-2017 Brocade Communications Systems, Inc.
Firmware name: 7.3.0a
Build Time: 07:59:32 Sep 24, 2018
Install Time: 05:24:19 Jan 5, 2019
Kernel: 2.6.34.6
BootProm: 1.0.1
Control Processor: e500mc with 4096 MB of memory
Slot Name Primary/Secondary Versions Status
---------------------------------------------------------------------------
SW/0 NOS 7.3.0a ACTIVE*
7.3.0a
SW/1 NOS 7.3.0a STANDBY
7.3.0a


Static-Lab-SM08_VDX2# sh telnet server status rb all
rbridge-id 2
VRF-Name: mgmt-vrf Status: Enabled
VRF-Name: default-vrf Status: Enabled
Static-Lab-SM08_VDX2# sh ssh server status rb all
rbridge-id 2
VRF-Name: mgmt-vrf Status: Enabled
VRF-Name: default-vrf Status: Enabled

Static-Lab-SM08_VDX2(config-rbridge-id-1)# rb 2
Static-Lab-SM08_VDX2(config-rbridge-id-2)# telnet server
Possible completions:
shutdown Shutdown Telnet Server
standby Configure Standby Telnet
use-vrf Configure VRF Name
Static-Lab-SM08_VDX2(config-rbridge-id-2)# telnet server shutdown
Possible completions:

Static-Lab-SM08_VDX2(config-rbridge-id-2)# telnet server shutdown
Static-Lab-SM08_VDX2(config-rbridge-id-2)# do show telnet server status rbridge-id 2
Possible completions:

Static-Lab-SM08_VDX2(config-rbridge-id-2)# do show telnet server status rbridge-id 2
rbridge-id 2
VRF-Name: default-vrf Status: Enabled
VRF-Name: mgmt-vrf Status: Disabled
0 Kudos

Go to solution
Adam_Schappell
New Contributor

‎01-14-2019 07:45 PM

Hey Ivan, yes seen that you replied but was wondering where it was 🙂

NOS version 4.1.3b
0 Kudos

Go to solution
Ivan_Chan
Extreme Employee

‎01-14-2019 07:42 PM

Sorry Adam, my 2 earlier replies did not make it into the system.
Have to redo it.

BTW, what NOS version are you running ?
0 Kudos

Go to solution
Adam_Schappell
New Contributor

‎01-14-2019 07:37 PM

Anyone?
0 Kudos

Go to solution
Ivan_Chan
Extreme Employee

‎01-14-2019 07:20 PM

Hi Adam,

What version of NOS are you running on the switch.
Earlier version does not have the telnet server shutdown cli; the capability was added in later release.
Let me know what version you are running so we can check.

Below is the step to disable Telnet Server on the Active.

Static-Lab-SM08_VDX2# sh ver
Network Operating System Software
Network Operating System Version: 7.3.0a
Copyright (c) 1995-2017 Brocade Communications Systems, Inc.
Firmware name: 7.3.0a
Build Time: 07:59:32 Sep 24, 2018
Install Time: 05:24:19 Jan 5, 2019
Kernel: 2.6.34.6
BootProm: 1.0.1
Control Processor: e500mc with 4096 MB of memory
Slot Name Primary/Secondary Versions Status
---------------------------------------------------------------------------
SW/0 NOS 7.3.0a ACTIVE*
7.3.0a
SW/1 NOS 7.3.0a STANDBY
7.3.0a
Static-Lab-SM08_VDX2#

Static-Lab-SM08_VDX2# sh telnet server status rb all
rbridge-id 2
VRF-Name: mgmt-vrf Status: Enabled
VRF-Name: default-vrf Status: Enabled
Static-Lab-SM08_VDX2# sh ssh server status rb all
rbridge-id 2
VRF-Name: mgmt-vrf Status: Enabled
VRF-Name: default-vrf Status: Enabled
Static-Lab-SM08_VDX2# conf t
Static-Lab-SM08_VDX2(config-rbridge-id-1)# rb 2
Static-Lab-SM08_VDX2(config-rbridge-id-2)# telnet server
Possible completions:
shutdown Shutdown Telnet Server
standby Configure Standby Telnet
use-vrf Configure VRF Name
Static-Lab-SM08_VDX2(config-rbridge-id-2)# telnet server shutdown
Possible completions:

Static-Lab-SM08_VDX2(config-rbridge-id-2)# telnet server shutdown
Static-Lab-SM08_VDX2(config-rbridge-id-2)# do show telnet server status rbridge-id 2
Possible completions:

Static-Lab-SM08_VDX2(config-rbridge-id-2)# do show telnet server status rbridge-id 2
rbridge-id 2
VRF-Name: default-vrf Status: Enabled
VRF-Name: mgmt-vrf Status: Disabled
0 Kudos
Top
GTM-P2G8KFN