From owner-freebsd-questions@FreeBSD.ORG Fri Sep 5 15:59:53 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 492F31065688 for ; Fri, 5 Sep 2008 15:59:53 +0000 (UTC) (envelope-from jas@pcjas.obspm.fr) Received: from blade2-ext.obspm.fr (blade2-ext.obspm.fr [145.238.186.8]) by mx1.freebsd.org (Postfix) with ESMTP id D1ED18FC2C for ; Fri, 5 Sep 2008 15:59:52 +0000 (UTC) (envelope-from jas@pcjas.obspm.fr) Received: from pcjas.obspm.fr (pcjas.obspm.fr [145.238.184.233]) by blade2-ext.obspm.fr (8.13.8/8.13.8/SIO Observatoire de Paris - 15/11/07) with ESMTP id m85FxpGx026033 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 5 Sep 2008 17:59:51 +0200 Received: from pcjas.obspm.fr (localhost [127.0.0.1]) by pcjas.obspm.fr (8.14.2/8.14.2) with ESMTP id m85FxpMU007383; Fri, 5 Sep 2008 17:59:51 +0200 (CEST) (envelope-from jas@pcjas.obspm.fr) Received: (from jas@localhost) by pcjas.obspm.fr (8.14.2/8.14.2/Submit) id m85FxpBE007382; Fri, 5 Sep 2008 17:59:51 +0200 (CEST) (envelope-from jas) Date: Fri, 5 Sep 2008 17:59:51 +0200 From: Albert Shih To: Sean Cavanaugh Message-ID: <20080905155951.GO5474@pcjas.obspm.fr> References: <20080905141402.GJ5474@pcjas.obspm.fr> <20080905154344.GL5474@pcjas.obspm.fr> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.5.18 (2008-05-17) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.0 (blade2-ext.obspm.fr [145.238.186.20]); Fri, 05 Sep 2008 17:59:51 +0200 (CEST) X-Virus-Scanned: ClamAV 0.93.3/8167/Fri Sep 5 13:10:15 2008 on blade2-ext.obspm.fr X-Virus-Status: Clean Cc: freebsd-questions@freebsd.org Subject: Re: portsnap in cron and firewall X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Albert.Shih@obspm.fr List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Sep 2008 15:59:53 -0000 Le 05/09/2008 à 11:51:57-0400, Sean Cavanaugh a écrit > ------------------------------------------------------------------------------- > > > > Yes I known. That's why I'm asking you how can I make portsnap through the > > cron and opening firewall just before he going to make the connection. > > > > Of course I can hack the portsnap to make he don't try to see if it's fork > > by cron or not. But it's not a good idea IMHO, what's happen if all person > > do that ? > > I think you misread what i was saying. Inside your cron job use "portsnap > fetch" instead of "portsnap cron". that way it will fetch exactly when you run > the cron job, without the randomized delay. > > most likely a shell script that would have the following: > 1)open pf > 2)portsnap fetch > 3)portsnap update (<- you were missing this important step also) > 4)portupgrade --fetch-only --all > 5)close pf Yes I known ;-) and I understand what you saying. But what I'm saying is if the developper of portsnap think it's useful to put some randomized delay I'm going to follow this. Because if I make what you say how can I known after 1 or 2 years there no other enough users to do same thing and make the portsnap server overload ? Event I make some «randomize» time in the crontab it's only when I make the crontab, that's mean every day the portsnap is launch in the same moment. The best solution is to make some «hook_script» in the portsnap and after the randomize delay is over just before the fetch is launch to run a hook-script So now portsnap cron = sleep random_time; portsnap fetch what I think is portsnap cron -h hook-script = sleep random_time; sh hook-script; portsnap fetch regards. -- Albert SHIH SIO batiment 15 Observatoire de Paris Meudon 5 Place Jules Janssen 92195 Meudon Cedex Heure local/Local time: Ven 5 sep 2008 17:53:37 CEST