From owner-freebsd-questions@FreeBSD.ORG Thu Jul 12 17:15:57 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 1EA891065670; Thu, 12 Jul 2012 17:15:57 +0000 (UTC) (envelope-from Devin.Teske@fisglobal.com) Received: from mx1.fisglobal.com (mx1.fisglobal.com [199.200.24.190]) by mx1.freebsd.org (Postfix) with ESMTP id 937A68FC0A; Thu, 12 Jul 2012 17:15:55 +0000 (UTC) Received: from smtp.fisglobal.com ([10.132.206.31]) by ltcfislmsgpa07.fnfis.com (8.14.4/8.14.4) with ESMTP id q6CHFacF025907 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Thu, 12 Jul 2012 12:15:54 -0500 Received: from [10.0.0.101] (10.14.152.61) by smtp.fisglobal.com (10.132.206.31) with Microsoft SMTP Server (TLS) id 14.2.283.3; Thu, 12 Jul 2012 12:15:41 -0500 MIME-Version: 1.0 (Apple Message framework v1257) Content-Type: text/plain; charset="windows-1252" From: Devin Teske In-Reply-To: Date: Thu, 12 Jul 2012 10:15:43 -0700 Content-Transfer-Encoding: quoted-printable Message-ID: <314F6471-1EC7-4A73-803E-A0B0370757EB@fisglobal.com> References: To: Kaya Saman X-Mailer: Apple Mail (2.1257) X-Originating-IP: [10.14.152.61] X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.7.7855, 1.0.260, 0.0.0000 definitions=2012-07-12_05:2012-07-12, 2012-07-12, 1970-01-01 signatures=0 Cc: Devin Teske , freebsd-questions Subject: Re: Is there a way to run FreeBSD ports through port 80? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Devin Teske List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jul 2012 17:15:57 -0000 On Jul 12, 2012, at 9:42 AM, Kaya Saman wrote: > On Thu, Jul 12, 2012 at 5:33 PM, Devin Teske = wrote: >>=20 >> On Jul 12, 2012, at 9:23 AM, Kaya Saman wrote: >>=20 >>> Hi, >>>=20 >>> I am trying to introduce FreeBSD into my office and it's been looked >>> at with quite a bit of enthusiasm however, what makes it look bad is >>> our companies 'security' policy to block FTP. >>>=20 >>> At present they are running a whole bunch of CentOS based boxes and >>> VM's which of course can be run through port 80 when using YUM. >>>=20 >>>=20 >>> How does one get round this issue as my superiors are telling me that >>> opening up FTP is a security risk and therefor don't want to proceed? >>>=20 >>>=20 >>> I would like to use ports specifically and not the pkg_add tool to get = software. >>>=20 >>>=20 >>> Can anyone sugget anything? >>>=20 >>=20 >> env ftp_proxy=3Dhost:port >>=20 >> where is your normal command, such as "fetch". >>=20 >> For a full list of environment variables you can use,=85 >>=20 >> $ ldd -f '%p\n' `which fetch` | xargs grep -alr ftp_proxy | xargs string= s -n 7 | grep _proxy >> fetch_no_proxy_match >> fetch_default_proxy_port >> http_proxy >> ftp_proxy >> no_proxy >>=20 >> -- >> Devin >>=20 >> _____________ >> The information contained in this message is proprietary and/or confiden= tial. If you are not the intended recipient, please: (i) delete the message= and all copies; (ii) do not disclose, distribute or use the message in any= manner; and (iii) notify the sender immediately. In addition, please be aw= are that any message addressed to our domain is subject to archiving and re= view by persons other than the intended recipient. Thank you. >=20 > Thanks Devin for this however, >=20 > setenv ftp_proxy ftp://: indicates that FTP is being proxied ou= t. >=20 > We simply have it banned on a Juniper firewall. So http is being > proxied by a web appliance but that's it... nothing else. >=20 >=20 Yep. It's up to your proxy server whether it's going to handle FTP or only = HTTP (and/or HTTPS). I use squid a lot and it handles FTP great. --=20 Devin _____________ The information contained in this message is proprietary and/or confidentia= l. If you are not the intended recipient, please: (i) delete the message an= d all copies; (ii) do not disclose, distribute or use the message in any ma= nner; and (iii) notify the sender immediately. In addition, please be aware= that any message addressed to our domain is subject to archiving and revie= w by persons other than the intended recipient. Thank you.