Date: Fri, 20 May 2005 09:35:29 -0500 (CDT) From: Tony Shadwick <tshadwick@goinet.com> To: Julien Gabel <jpeg@thilelli.net> Cc: freebsd-questions@freebsd.org Subject: Re: syncing sources without cvs and cvsup. Message-ID: <20050520093105.W39659@mail.goinet.com> In-Reply-To: <10959.145.248.192.30.1116595105.squirrel@webmail.thilelli.net> References: <58a92a8f050520020374baf403@mail.gmail.com> <50571.145.248.192.30.1116581497.squirrel@webmail.thilelli.net> <10959.145.248.192.30.1116595105.squirrel@webmail.thilelli.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hmm. Is port 80 actually blocked then to everyone but the actual proxy servers? Just getting a feel for your environment. Try telnet www.google.com 80. Does it connect? If it does, then I wonder if your firewall is statefully inspecting non-http traffic across 80. You could get an ssh server on the outside to listen on 80, then ssh to it as I mentioned before. Just trying to come up with ideas. If it's a legitimate business need, then I would suggest making a request to your IP dept. to set up a rule on the firewall to allow cvsup to connect outbound from your box's IP address, and all to connections to the list of cvsup mirrors for your country. So you're asking for a rule for one host, to connect to a list of say, 20 hosts. That seems like a very reasonable request to me. Tony On Fri, 20 May 2005, Julien Gabel wrote: >>>> i need to update my freebsd sources to -current but the firewall i'm >>>> behind blocks both cvs and cvsup, and ctm is an overkill. > >>> Just for information, why is CTM an "overkill"? I use it at work for >>> the very same problem as described here, and don't see any drawback >>> (yet...). > >> Just a thought here. Is ssh blocked? :) You have a machine on the >> outside that you trust? You could do an ssh tunnel out and then point >> cvsup to localhost:myforwardedport, could you not? > > Yes, ssh is blocked. We can just use the web and ftp via a farm of three > proxies, which are able to resolve names on the Net. We can't even do that > from our workstations or internal servers. So... > > -- > -jpeg. > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050520093105.W39659>