From owner-freebsd-questions@FreeBSD.ORG Mon Nov 20 23:32:49 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 1FBFE16A5AC for ; Mon, 20 Nov 2006 23:32:49 +0000 (UTC) (envelope-from ggroth@gregs-garage.com) Received: from mail.gregs-garage.com (h-64-105-8-34.chcgilgm.covad.net [64.105.8.34]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5044843D64 for ; Mon, 20 Nov 2006 23:30:17 +0000 (GMT) (envelope-from ggroth@gregs-garage.com) Received: from [192.168.0.150] ([192.168.0.150]) (authenticated bits=0) by mail.gregs-garage.com (8.13.8/8.13.8) with ESMTP id kAKNNOOT078959 for ; Mon, 20 Nov 2006 17:23:24 -0600 (CST) (envelope-from ggroth@gregs-garage.com) Message-ID: <456238DE.3010902@gregs-garage.com> Date: Mon, 20 Nov 2006 17:23:10 -0600 From: Greg Groth User-Agent: Thunderbird 1.5.0.8 (Windows/20061025) MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <45623692.7040308@squaretrade.com> In-Reply-To: <45623692.7040308@squaretrade.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-3.7 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.1.7 X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on mail.gregs-garage.com Subject: Re: FTP_PASSIVE_MODE stumper X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Nov 2006 23:32:49 -0000 Paul Lathrop wrote: > I've been banging my head against this for 2 hours. > > My network lives behind an OpenBSD firewall which uses ftp-proxy to > allow active mode FTP connections out to the world. Unfortunately, > passive mode FTP just does not work in our current firewall configuration. > > I'm trying to install some ports on my shiny new FreeBSD 6.1 server. > Unfortunately, the fetch operations time out because they are attempting > to use passive mode FTP. So, I consult the man pages and discover that > fetch obeys the FTP_PASSIVE_MODE environment variable. I check the > environment and see that FTP_PASSIVE_MODE=YES! Excellent! The fetch(3) > man page says I need to set this to 'no', so I do so and procedd to > install... > > Still times out. > > Hrm. Okay, try 'NO'. No dice. Try removing it from login.conf, running > cap_mkdb, and logging out then back in. Nope, that still doesn't do it. > Try *changing* it to NO in login.conf, running cap_mkdb, logging out and > back in. Nope. > > Set it by hand in the shell. Nope. > > Set it in /etc/make.conf. Still not working. > > The only conclusion I can come to is that fetch does not, in fact, obey > this environment variable. > > So, how does one install software from ports in this environment? > > Any pointers would be much appreciated. > > Regards, > Paul Lathrop Sorry, I don't have an answer. I just wanted to chime in and state that I have the same issue behind a pfsense firewall. I have an environment at home in which I have a single IP address and use port forwarding for my one server, and have no issues. However at work, I have 3 sitting behind a pfsense firewall using CARP for address translation, and fetch in passive mode will not work. I end up having to use an FTP client, and SCPing the files to the server, and then moving them to /usr/ports/distfiles. Any help would be much appreciated. Greg Groth