From owner-freebsd-questions@FreeBSD.ORG Fri Mar 17 10:41:31 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 57E5116A420 for ; Fri, 17 Mar 2006 10:41:31 +0000 (UTC) (envelope-from norgaard@locolomo.org) Received: from strange.daemonsecurity.com (59.Red-81-33-11.staticIP.rima-tde.net [81.33.11.59]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7AB3243D48 for ; Fri, 17 Mar 2006 10:41:29 +0000 (GMT) (envelope-from norgaard@locolomo.org) Received: from [172.24.8.84] (generic.ATOSORIGIN.ES [212.170.156.200]) by strange.daemonsecurity.com (Postfix) with ESMTP id ADB2E2E041 for ; Fri, 17 Mar 2006 11:41:35 +0100 (CET) Message-ID: <441A9250.10103@locolomo.org> Date: Fri, 17 Mar 2006 11:41:20 +0100 From: Erik Norgaard User-Agent: Thunderbird 1.5 (X11/20060118) MIME-Version: 1.0 To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Subject: configuring fetch to passive mode X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Mar 2006 10:41:31 -0000 Hi: This ought to be a configuration tunable, but I can't find any documentaion on it: How to I force fetch to use passive mode? When I try "make fetch" of some port I get: => Attempting to fetch from \ ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/. fetch: \ ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/file: \ Operation not permitted It fails quickly, no sign of things timing out. In my firewall (pf), I have block in quick on $ext_if all pass out quick on $ext_if proto tcp all flags S/SA keep state pass out quick on $ext_if proto udp all keep state pass out quick on $ext_if proto icmp all keep state which basically block ftp active, but should allow ftp passive. If I flush the rules fetch works fine, so it must be an issue of fetch trying active mode. Setting FTP_PASSIVE_MODE=YES as environment variable or in make.conf doesn't change a thing. Thanks, Erik -- Ph: +34.666334818 web: www.locolomo.org S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F06.crt Subject ID: 9E:AA:18:E6:94:7A:91:44:0A:E4:DD:87:73:7F:4E:82:E7:08:9C:72 Fingerprint: 5B:D5:1E:3E:47:E7:EC:1C:4C:C8:3A:19:CC:AE:14:F5:DF:18:0F:B9