From owner-freebsd-security@FreeBSD.ORG Sat Oct 29 14:34:30 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D48BC16A420 for ; Sat, 29 Oct 2005 14:34:30 +0000 (GMT) (envelope-from cperciva@freebsd.org) Received: from pd3mo2so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7639243D45 for ; Sat, 29 Oct 2005 14:34:30 +0000 (GMT) (envelope-from cperciva@freebsd.org) Received: from pd4mr1so.prod.shaw.ca (pd4mr1so-qfe3.prod.shaw.ca [10.0.141.212]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0IP4007SALTH8XC0@l-daemon> for freebsd-security@freebsd.org; Sat, 29 Oct 2005 08:34:29 -0600 (MDT) Received: from pn2ml10so.prod.shaw.ca ([10.0.121.80]) by pd4mr1so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0IP4001MFLTHV0G0@pd4mr1so.prod.shaw.ca> for freebsd-security@freebsd.org; Sat, 29 Oct 2005 08:34:29 -0600 (MDT) Received: from [192.168.0.60] (S0106006067227a4a.vc.shawcable.net [24.87.209.6]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0IP400B07LTH24@l-daemon> for freebsd-security@freebsd.org; Sat, 29 Oct 2005 08:34:29 -0600 (MDT) Date: Sat, 29 Oct 2005 07:34:28 -0700 From: Colin Percival In-reply-to: <20051029055605.GA58671@logik.internal.network> To: markzero Message-id: <43638874.2020004@freebsd.org> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: en-us, en X-Enigmail-Version: 0.92.1.0 References: <20051027233106.377D070DCE3@mail.npubs.com> <4361CD31.1080707@freebsd.org> <20051028072518.GA82014@logik.internal.network> <4362DDB4.6030906@freebsd.org> <20051029055605.GA58671@logik.internal.network> User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051001) Cc: freebsd-security@freebsd.org Subject: Re: Is the server portion of freebsd-update open source? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Oct 2005 14:34:30 -0000 markzero wrote: > No this isn't insufficient, what is insufficient is that I currently > can't run a local freebsd-update server. I'm quite limited by bandwidth > here, you see. What would make more sense in my situation would be to > have a local mirror of the 'official' freebsd-update server so that > all of my machines can sync to that rather than all of them downloading > over the WAN. Go ahead. :-) FreeBSD Update relies entirely upon static files served over HTTP, so if you point your favourite HTTP mirroring tool at update.daemonology.net you can create a local mirror. Another approach which is likely to be more useful is to set up an HTTP proxy: Since many files on the FreeBSD Update web server won't be fetched by most systems (FreeBSD Update attempts to use binary patches, and only falls back to fetching complete files if the patching fails), using a caching HTTP proxy will use far less bandwidth than mirroring everything. Colin Percival