From owner-freebsd-questions@FreeBSD.ORG Fri Sep 5 14:14:06 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3CE4A1065671 for ; Fri, 5 Sep 2008 14:14:06 +0000 (UTC) (envelope-from jas@pcjas.obspm.fr) Received: from blade2-ext.obspm.fr (blade2-ext.obspm.fr [145.238.186.8]) by mx1.freebsd.org (Postfix) with ESMTP id AD1098FC14 for ; Fri, 5 Sep 2008 14:14:04 +0000 (UTC) (envelope-from jas@pcjas.obspm.fr) Received: from pcjas.obspm.fr (pcjas.obspm.fr [145.238.184.233]) by blade2-ext.obspm.fr (8.13.8/8.13.8/SIO Observatoire de Paris - 15/11/07) with ESMTP id m85EE3mh023188 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Fri, 5 Sep 2008 16:14:03 +0200 Received: from pcjas.obspm.fr (localhost [127.0.0.1]) by pcjas.obspm.fr (8.14.2/8.14.2) with ESMTP id m85EE2rv006221 for ; Fri, 5 Sep 2008 16:14:02 +0200 (CEST) (envelope-from jas@pcjas.obspm.fr) Received: (from jas@localhost) by pcjas.obspm.fr (8.14.2/8.14.2/Submit) id m85EE2dA006220 for freebsd-questions@freebsd.org; Fri, 5 Sep 2008 16:14:02 +0200 (CEST) (envelope-from jas) Date: Fri, 5 Sep 2008 16:14:02 +0200 From: Albert Shih To: freebsd-questions@freebsd.org Message-ID: <20080905141402.GJ5474@pcjas.obspm.fr> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.18 (2008-05-17) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.0 (blade2-ext.obspm.fr [145.238.186.20]); Fri, 05 Sep 2008 16:14:03 +0200 (CEST) X-Virus-Scanned: ClamAV 0.93.3/8167/Fri Sep 5 13:10:15 2008 on blade2-ext.obspm.fr X-Virus-Status: Clean Subject: portsnap in cron and firewall X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Albert.Shih@obspm.fr List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Sep 2008 14:14:06 -0000 Hi all I've some servers for internal use. On those servers I have some pf (or ipfw) rule to deny any connection from inside to outside. Long time ago when ports tree is update with cvs, I'm using something like pf command to open inside --> outside connection cvsup portupgrade --fetch-only --all pf command to close inside --> outside connection But now with portsnap cron (that's mean random sleep) I don't known when the system try to connect outside. Do you have any idea how can I make my update using portsnap (I known I can use cvsup) in a crontab with my network config ? Regards. -- Albert SHIH SIO batiment 15 Observatoire de Paris Meudon 5 Place Jules Janssen 92195 Meudon Cedex Heure local/Local time: Ven 5 sep 2008 16:07:27 CEST