From owner-freebsd-security Sat Apr 1 15: 2:38 2000 Delivered-To: freebsd-security@freebsd.org Received: from bsdie.rwsystems.net (bsdie.rwsystems.net [209.197.223.2]) by hub.freebsd.org (Postfix) with ESMTP id 2230937BC43 for ; Sat, 1 Apr 2000 15:02:33 -0800 (PST) (envelope-from jwyatt@rwsystems.net) Received: from bsdie.rwsystems.net([209.197.223.2]) (1600 bytes) by bsdie.rwsystems.net via sendmail with P:esmtp/R:bind_hosts/T:inet_zone_bind_smtp (sender: ) id for ; Sat, 1 Apr 2000 17:02:18 -0600 (CST) (Smail-3.2.0.106 1999-Mar-31 #1 built 1999-Aug-7) Date: Sat, 1 Apr 2000 17:02:17 -0600 (CST) From: James Wyatt To: Nate Williams Cc: Andre Gironda , Jim Durham , freebsd-security@FreeBSD.ORG Subject: Re: FTP with firewall rules In-Reply-To: <200004011856.LAA04865@nomad.yogotech.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 1 Apr 2000, Nate Williams wrote: > > export/setenv http_proxy! > > Huh? > > > of course, you have to find all of the distfiles manually, since only > > about 4% of them have an http site to download the source from. > > That's irrelevant. You can still download *ALL* of them via > passive-mode ftp. I have yet to find a site that didn't let me download > with ftp in passive mode, so if you are *truly* interested in security, > then you certainly don't want to open up so people can use active-mode > ftp from behind your firewall. Andre said his was a special case and that "it works though, but i doubt it's what you are looking for. i had to do this behind a firewall/proxy architecture that did not allow ftp." I took it to mean "*he* *has* to use HTTP to fetch because his firewall doesn't support *any* ftp" and that if there is some problem with active FTP it might still work. - Jy@ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message