[U-Boot-Users] PATCH: Force TFTP to use a fixed UDP port

[Jerry Van Baren <gerald.vanbaren@smiths-aerospace.com>]

Tolunay Orkun wrote:
> I think you are doing something wrong with your Windows box. I have just 
> tried 2 tftp servers (one running as service and another running as 
> application) on Windows XP box and no such trickery that you prosed was 
> needed.
> 
> You just have to tell Windows Firewall to unblock the application (or 
> the executable for the service) and it works perfectly. What exactly is 
> your configuration?

You understand it perfectly and it works perfectly as you describe.  The 
problem isn't Windows XP firewall per se, it is stupid customers.  They 
either don't understand the firewall (quite likely) and/or their machine 
is "locked down" by their IT staff so that they cannot unblock TFTP (a 
very serious problem).  They expect to plug in our customer's software 
and have it "just work."  When it doesn't, it is a major support 
headache for our customer and hurts their reputation.

> The only TFTP firewall issue I know is when client is behind a stateful 
> firewall or NAT device, in which case the dynamic port chosen by the 
> server for conducting the transfer (beyond 1st packet) gets blocked by 
> the firewall. Source port of TFTP client is not an issue in that case. 
> When server is behind a stateful firewall, this is not an issue!

...and this patch won't help in that case.

> I am having hard time understanding your issues. Can you describe the XP 
> firewall issues a bit more in detail? I am feeling this patch is not 
> really needed.

Agreed, it isn't a necessary patch, but it is one that would help our 
customer (who has to deal with stupid customers).  I'll clean up the 
patch per Wolfgang's email and resubmit it.  If it is accepted, maybe it 
will help someone else with stupid customers.  If not, it will remain in 
_our_ build and will help _our_ customer with his stupid customers.

gvb
P.S. The customer is always right (even if he is stupid ;-)

> Best regards,
> Tolunay
> 
> Jerry Van Baren wrote:
> 
>> Hi Wolfgang,
>>
>> Attached is a patch to allow the user to set an environment variable 
>> "tftpourport" to force TFTP to use that value for "TftpOurPort" (our 
>> UDP port).  As discussed yesterday on this list, this is helpful for 
>> "punching through" a firewall such as is installed with Windows XP SP2.
>>
>> Making it an environment variable is cute but an overkill.  If there 
>> is an outcry over the level of overkill, I would be willing to make 
>> the UDP port a simple #define of a compile time constant, in which 
>> case it would actually save a few bytes of ROM over the pseudo-random 
>> algorithm :-).
>>
>> Thanks,
>> gvb