From owner-freebsd-questions@FreeBSD.ORG  Thu Jul 12 17:22:05 2012
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 350F41065670;
	Thu, 12 Jul 2012 17:22:05 +0000 (UTC)
	(envelope-from kayasaman@gmail.com)
Received: from mail-vb0-f54.google.com (mail-vb0-f54.google.com
	[209.85.212.54])
	by mx1.freebsd.org (Postfix) with ESMTP id C84618FC0C;
	Thu, 12 Jul 2012 17:22:04 +0000 (UTC)
Received: by vbmv11 with SMTP id v11so2119294vbm.13
	for <multiple recipients>; Thu, 12 Jul 2012 10:22:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type:content-transfer-encoding;
	bh=4jGj/FouqG5KdAabPIzf+8EFORg+hAShrC/1anqflbE=;
	b=AxIDr9iffJ6m/keTRP1IWRENfmZPnjwDZwslXf8duEJS26j9EseEKJTUQVECHbh2H0
	4rJBmFWSwhYfomFRzKKWPeGzqN2kFewdnDk2Md67AcSyUiCXzpdPK08lXHn4aA7k2doh
	Q68uzFU5MzFFWf5UAcliJDlq/gJnlxVip5M1z2fknHJ8RYuT1Q+voCdT+qvKIZiRFi6s
	XQvxFopP5NwgNwpCg6CIsJGF3o5tGJxbo3LCcLsKTTgEp6XxPeP/RjhNwv/6tBOu9XHa
	3OE9Scqn3NExizddqyM17CPTByiBiD807gWXavgmG8JLqBSTefJ2XL7JjPYhZsEkC4mC
	K3Xw==
MIME-Version: 1.0
Received: by 10.52.25.70 with SMTP id a6mr21672907vdg.78.1342113724317; Thu,
	12 Jul 2012 10:22:04 -0700 (PDT)
Received: by 10.58.154.169 with HTTP; Thu, 12 Jul 2012 10:22:04 -0700 (PDT)
In-Reply-To: <314F6471-1EC7-4A73-803E-A0B0370757EB@fisglobal.com>
References: <CAPj0R5KJ=0yFcQG5azYfCS73oWLAfJhf4NpAz5Oozo4N-vYQyg@mail.gmail.com>
	<C412A022-7C3C-45FB-8662-ED299C272937@fisglobal.com>
	<CAPj0R5JddE+J6F3ZhASoaGsf9hpGRGc2Jr4sjdF_9=kP2jnWZA@mail.gmail.com>
	<314F6471-1EC7-4A73-803E-A0B0370757EB@fisglobal.com>
Date: Thu, 12 Jul 2012 18:22:04 +0100
Message-ID: <CAPj0R5K6axkkhKm8wp+4bTDFo58ZKUhnmjES=LFN-_+5TkwG4w@mail.gmail.com>
From: Kaya Saman <kayasaman@gmail.com>
To: Devin Teske <dteske@freebsd.org>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
Cc: freebsd-questions <freebsd-questions@freebsd.org>
Subject: Re: Is there a way to run FreeBSD ports through port 80?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Jul 2012 17:22:05 -0000

On Thu, Jul 12, 2012 at 6:15 PM, Devin Teske <devin.teske@fisglobal.com> wr=
ote:
>
> On Jul 12, 2012, at 9:42 AM, Kaya Saman wrote:
>
>> On Thu, Jul 12, 2012 at 5:33 PM, Devin Teske <devin.teske@fisglobal.com>=
 wrote:
>>>
>>> On Jul 12, 2012, at 9:23 AM, Kaya Saman wrote:
>>>
>>>> Hi,
>>>>
>>>> I am trying to introduce FreeBSD into my office and it's been looked
>>>> at with quite a bit of enthusiasm however, what makes it look bad is
>>>> our companies 'security' policy to block FTP.
>>>>
>>>> At present they are running a whole bunch of CentOS based boxes and
>>>> VM's which of course can be run through port 80 when using YUM.
>>>>
>>>>
>>>> How does one get round this issue as my superiors are telling me that
>>>> opening up FTP is a security risk and therefor don't want to proceed?
>>>>
>>>>
>>>> I would like to use ports specifically and not the pkg_add tool to get=
 software.
>>>>
>>>>
>>>> Can anyone sugget anything?
>>>>
>>>
>>> env ftp_proxy=3Dhost:port <command>
>>>
>>> where <command> is your normal command, such as "fetch".
>>>
>>> For a full list of environment variables you can use,=85
>>>
>>> $ ldd -f '%p\n' `which fetch` | xargs grep -alr ftp_proxy | xargs strin=
gs -n 7 | grep _proxy
>>> fetch_no_proxy_match
>>> fetch_default_proxy_port
>>> http_proxy
>>> ftp_proxy
>>> no_proxy
>>>
>>> --
>>> Devin
>>>
>>> _____________
>>> The information contained in this message is proprietary and/or confide=
ntial. If you are not the intended recipient, please: (i) delete the messag=
e and all copies; (ii) do not disclose, distribute or use the message in an=
y manner; and (iii) notify the sender immediately. In addition, please be a=
ware that any message addressed to our domain is subject to archiving and r=
eview by persons other than the intended recipient. Thank you.
>>
>> Thanks Devin for this however,
>>
>> setenv ftp_proxy ftp://<ip>:<port> indicates that FTP is being proxied o=
ut.
>>
>> We simply have it banned on a Juniper firewall. So http is being
>> proxied by a web appliance but that's it... nothing else.
>>
>>
>
> Yep. It's up to your proxy server whether it's going to handle FTP or onl=
y HTTP (and/or HTTPS).
>
> I use squid a lot and it handles FTP great.
> --
> Devin
>
> _____________
> The information contained in this message is proprietary and/or confident=
ial. If you are not the intended recipient, please: (i) delete the message =
and all copies; (ii) do not disclose, distribute or use the message in any =
manner; and (iii) notify the sender immediately. In addition, please be awa=
re that any message addressed to our domain is subject to archiving and rev=
iew by persons other than the intended recipient. Thank you.


We have an 'appliance' based proxy and as company policy FTP should be
restricted, ie. not active on this as it's a security risk.

Thats my major issue.....


I will try the suggested method of:

MASTER_SORT_REGEX =3D ^http

for the time being to see if that helps before setting up our own repositor=
y.


Regards,


Kaya