Provided by: atftpd_0.8.0-3ubuntu3_amd64 
NAME
atftpd - Trivial File Transfer Protocol Server.
SYNOPSIS
atftpd [options] directory
DESCRIPTION
atftpd is a TFTP (RFC1350) server. By default it is started by inetd on most systems, but may run as a
stand alone daemon. This server is multi-threaded and supports all options described in RFC2347 (option
extension), RFC2348 (blksize), RFC2349 (tsize and timeout) and RFC2090 (multicast option). It also
supports mtftp as defined in the PXE specification.
OPTIONS
This program supports both the usual GNU command line syntax, with long options starting with two dashes
('-') as well as short options. A description of the options is included below.
-t, --tftpd-timeout <value>
Number of seconds of inactivity before the server exits. This value has meaning only when the
server is started by inetd. In daemon mode, the server never exits. Default is 300 seconds.
-r, --retry-timeout <value>
How many seconds to wait for a reply before retransmitting a packet. Default is 5 seconds. This
can be overridden by the TFTP client with the 'timeout' option.
-m, --maxthread <value>
Maximum number of concurrent threads allowed. Default is 100.
-v, --verbose[=value]
Increase or set the logging level. No arguments will increase by one the current value. Default is
LOG_NOTICE, see syslog(3) for log level. Valid value range from 0 (LOG_EMERG) to 7 (LOG_DEBUG).
--trace
When verbose level is set to 7, this will output debug information for each packet sent or
received from the network.
--no-timeout
disable 'timeout' from RFC2349. This will prevent the server from acknowledging the 'timeout'
option requested by the client.
--no-tsize
disable 'tsize' from RFC2349. This will prevent the server from acknowledging the 'tsize' option
requested by the client.
--no-blksize
disable 'blksize' from RFC2348. This will prevent the server from acknowledging the 'blksize'
request by the client.
--no-windowsize
disable 'windowsize' from RFC7440. This will prevent the server from acknowledging the
'windowsize' request by the client.
--no-multicast
disable 'multicast' from RFC2090. This will prevent the server from acknowledging the 'multicast'
request by the client.
--logfile <logfile>
Log to a specific file instead of only syslog. 'nobody' (or any user used to run the server) must
have permissions on the given file. Assuming the file is /var/log/atftpd.log, simply run: "touch
/var/log/atftpd.log" and then "chown nobody.nogroup /var/log/atftpd.log". When the server is run
in daemon mode, /dev/stdout or /dev/stderr can be used. Specifying a single dash as the filename
will send logs to stdout (file descriptor 1).
--pidfile
Write the PID of the server to the specified file. This may be useful when automatically starting
and stopping one or more instance of the server.
--daemon
Run as a daemon. Do not use this option if atftpd is started by inetd.
--no-fork
When --daemon is specified, this option will prevent the server from forking to background. It is
useful for debugging purpose or specialized usage.
--user <user[.group]>
By default, the server change identity to the user nobody and group nogroup. Specify an alternate
user.group with this option.
--group <group>
Alternate way of specifying the group. If group is specified with --user and --group, the last
option will be used.
--port <number>
Specify the port on which atftpd listens. Useful when --daemon is specified. Default is standard
tftp port as determined by getservbyname(3).
--bind-address <IP address>
Specify the IP address which atftpd binds to. Useful when --daemon is specified. Default is to
bind to all interfaces. Only one address can be specified, the server can only listen to one or
all interfaces.
--mcast-ttl
Specify the TTL to be used for multicast datagram. By default a value of 1 is used. Note that TTL
has a special meaning in multicast as it is used to determine the scope of the packets. The value
of 1 means the packets don't leave the local network, see ip(4). Scope may also be determine by
the address as described RFC2365.
--mcast-addr
Specify the IP address range to be used for multicast transfer. Format string may comprise range
and list of values: "239.255.0.0-31,128-132,200". Default value is "239.255.0.0-255". This
address range is proposed in RFC2365 for local scope.
--mcast-port
Specify the UDP port to use for multicast transfer. Format string may contain range and list of
port number: "1758-2000,8000-9000". default value is "1758".
--pcre <file>
Specify a pattern/replacement file to use. This allows one to replace requested file name based on
Perl Compatible Regular Expression. See README.PCRE.
--pcre-test <file>
Test a pattern/replacement file. When using this option, the server will not start as usual but
just read file name from stdin and printout the substitution.
--mtftp <file>
This will start a mtftp server thread for each valid entry in the supplied file. See PXE
specification for detail about mtftp. An example file is provided in the source distribution.
--mtftp-port <port>
Port the mtftp server shall listen to for incoming request.
--no-source-port-checking
In some specific cases of networks using load balancer or other equipment performing NAT (network
address translation), some needs to disable source port checking because port number as been
translated. If you want to use this feature, you must know why you need it and the implication. Be
aware that this option violate the RFC1350. This option has effect only for non-multicast
transfer.
--prevent-sas
Address the Sorcerer's Apprentice Syndrome situation as requested by RFC 1350. This RFC requires
repeated responses to a single packet to be rejected. Thus a block will only get retransmitted on
a timeout. For backward compatibility, the default stays to ignore this RFC. So blocks get
transmitted on every request.
--mcast-switch-client
This option allows the server to proceed with the next multicast client as soon as the current
client timeout. When the current master client fails to send an acknowledge (ACK) to the server,
the server will send an option acknowledge (OACK) to the master client with the field MC (master
client) set to false and send an OACK to the next multicast client with MC set to true. Without
this option, the server will retry the current master client up to 5 times and then mark it done,
proceeding with the next one.
-V, --version
Show version of program.
-h, --help
Show summary of options.
path This is the root directory used by the TFTP server. All requested files from a TFTP client must
reside in this directory. If not specified, the directory defaults to /tftpboot. Since atftpd run
as the nobody user, the permission of the directory must be set properly to allow file reading and
writing.
STATS
Starting with release 0.2, the server collects some statistics. Currently the server compute system
load, time between connections and some thread statistics like number of file sent, received, number of
abort... To see those stats in the logs, you need to set --verbose=6 (LOG_NOTICE) or higher.
SECURITY
TFTP by itself has no provision for security. There is no user authentication and TFTP clients get access
to all files within the specified root directory for which the server has permission.
Some level of security can be gained using atftp libwrap support. Adding proper entry to /etc/hosts.allow
and /etc/hosts.deny will restrict access to trusted hosts. Daemon name to use in these files is in.tftpd.
PCRE
The atftpd server provides a way to dynamically replace requested file name by a new one based on Perl
compatible regular expression. Pairs of pattern/replacement are read from the specified files. Upon
reception of a read request, the server will first try to open the file name requested. If it fails, then
it will search for a replacement based on the content of the pattern file. If this still fails, then an
error will be sent to the client. This feature is available only for read request. It makes no sense
doing this substitution for client writing files to the server.
MTFTP
The mtftp name refer to multicasrt tftp as define by the PXE specification. See pxespec.txt for the
source of the specification. Note that this is not the same as RFC2090. PXE compliant boot implements
mtftp, not RFC2090.
SEE ALSO
inetd(8),hosts_access(5),libpcre(7), RFC1350, RFC2090, RFC2347, RFC2348, RFC2349 and pxespec.pdf.
AUTHOR
This manual page was written by Remi Lefebvre <remi@debian.org> and Jean-Pierre Lefebvre
<helix@step.polymtl.ca>.
December 27, 2000 ATFTPD(8)