Date: Sat, 13 Aug 2016 15:38:14 +0200 From: "Vlad K." <vlad-fbsd@acheronmedia.com> To: freebsd-questions@freebsd.org Subject: Re: freebsd-update's "Fetching patches" phase? Message-ID: <0f41085ce2c14ad63627a3379dfaee5a@acheronmedia.com> In-Reply-To: <20160813142023.620de294@gumby.homeunix.com> References: <823dd643595a5be72671fd5d9c7199b0@acheronmedia.com> <20160813142023.620de294@gumby.homeunix.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2016-08-13 15:20, RW via freebsd-questions wrote: > On Sat, 13 Aug 2016 12:28:43 +0200 > > That's where the updates are downloaded. Yes, but I mean specifically the patches, since this is binary upgrade, and is followed by "Fetching files" of equally large number of them. > It might be because of the MITM vulnerability in freebsd-update. Ah, that might explain it. But is that the case? > If you use a proxy each client should be have HTTP_PROXY set to the > same thing as this is used the seed the random selection of origin > servers. If you intercept the connections it wont cache well. Actually I'm not using HTTP_PROXY at all, but I've set ServerName in /etc/freebsd-update.conf to hostname where the rev proxy is. There nginx is running with proxy cache, including cached 404s. Thanks for your reply! -- Vlad K.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0f41085ce2c14ad63627a3379dfaee5a>