From owner-freebsd-questions@FreeBSD.ORG Wed Nov 24 15:36:37 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E935416A4CF for ; Wed, 24 Nov 2004 15:36:37 +0000 (GMT) Received: from obsecurity.dyndns.org (CPE0050040655c8-CM00111ae02aac.cpe.net.cable.rogers.com [69.194.102.143]) by mx1.FreeBSD.org (Postfix) with ESMTP id AAA1643D5C for ; Wed, 24 Nov 2004 15:36:37 +0000 (GMT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 548C051290; Wed, 24 Nov 2004 07:40:52 -0800 (PST) Date: Wed, 24 Nov 2004 07:40:52 -0800 From: Kris Kennaway To: Dick Davies Message-ID: <20041124154052.GB11795@xor.obsecurity.org> References: <200411232158.53865.4711@chello.at> <20041123212208.81596.qmail@web53407.mail.yahoo.com> <20041123212853.GA16215@polands.org> <20041124110446.GD2355@lb.tenfour> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="rJwd6BRFiFCcLxzm" Content-Disposition: inline In-Reply-To: <20041124110446.GD2355@lb.tenfour> User-Agent: Mutt/1.4.2.1i cc: FreeBSD Questions Subject: Re: How do you "make install" without direct internet access? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Nov 2004 15:36:38 -0000 --rJwd6BRFiFCcLxzm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Nov 24, 2004 at 11:04:46AM +0000, Dick Davies wrote: > * Doug Poland [1129 21:29]: > > On Tue, Nov 23, 2004 at 01:22:07PM -0800, Ralph wrote: >=20 > > > actually, since I was in csh, the setenv FTP_PROXY > > > my.internal.proxy:80 worked like a charm, except that, > > > for some reason, fetch refuses to work without > > > internet DNS resolution. As with our environment, no > > > internal hosts have external DNS resolution - how do > > > you solve that? > > >=20 > > If you have ssh access out through the firewall, you can tunnel DNS (and > > http/ftp) requests through a *well-connected* Unix host. =20 >=20 > Well, yeah, but then you might as well not bother with a proxy... >=20 > That sounds like a bug to me - I guess most people use fetch with proxies > so the proxy will cache the distfiles rather than to allow isolated machi= nes > to get on the network, which might explain why it's not been spotted befo= re? No, most people who have proxies that allow them to fetch from the internet have DNS servers that let them resolve the internet - that's a very weird setup you have there, and not very useful, as you have discovered. Kris --rJwd6BRFiFCcLxzm Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBpKuEWry0BWjoQKURAg28AKCKyKW0byTLuAJEhPoucjgrg0+mZgCgyf7V QO/os8tMBqFDFtYmuZd0Q7A= =RLJ3 -----END PGP SIGNATURE----- --rJwd6BRFiFCcLxzm--