From owner-freebsd-questions Thu Oct 10 19: 1:48 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DEB4237B401 for ; Thu, 10 Oct 2002 19:01:46 -0700 (PDT) Received: from smtprelay9.dc2.adelphia.net (smtprelay9.dc2.adelphia.net [64.8.50.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id 07CE043EA9 for ; Thu, 10 Oct 2002 19:01:46 -0700 (PDT) (envelope-from barbish@a1poweruser.com) Received: from barbish ([68.65.175.62]) by smtprelay9.dc2.adelphia.net (Netscape Messaging Server 4.15) with SMTP id H3SOAP02.CO3; Thu, 10 Oct 2002 22:01:37 -0400 Reply-To: From: "JoeB" To: , Subject: RE: ipfw rules Date: Thu, 10 Oct 2002 22:01:36 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG This is what I use # Allow out & in FBSD (make install & CVSUP) functions # Basically give user id root "GOD" privileges. $cmd 00640 allow tcp from me to any out via $oif setup keep-state uid root -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of tristan11@mindspring.com Sent: Thursday, October 10, 2002 9:18 PM To: freebsd-questions@FreeBSD.ORG Subject: re: ipfw rules On Thursday, October 10, 2002, at 03:06 PM, Jack L. Stone wrote: At 05:52 PM 10.10.2002 -0400, tristan11@mindspring.com wrote: Could anyone please tell me what ipfw rules need to be set in order to allow software installation through the ports collection? I tried adding a rule to allow ftp outbound and although I can ftp out, I still cannot fetch the source tarball when using the make command in /usr/ports. What else needs to be open for the make command to work? Thank you, Michelle I believe it likes to use port 5999 for cvsuping..... I am able to use cvsup with our firewall. The problem is when actually trying to install the software using the make command since the make command tries to fetch the source tarball from a remote server using ftp. I cannot get ftp to dowload data through our firewall. Is it possible to use the make command without opening up our firewall completely or is it best to put the source tarballs in /usr/ports/distfiles manually? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message