Date: Fri, 17 Mar 2006 13:10:42 +0200 From: Nikos Vassiliadis <nvass@teledomenet.gr> To: freebsd-questions@freebsd.org Subject: Re: configuring fetch to passive mode Message-ID: <200603171310.42917.nvass@teledomenet.gr> In-Reply-To: <441A9250.10103@locolomo.org> References: <441A9250.10103@locolomo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday 17 March 2006 12:41, Erik Norgaard wrote: > Hi: > > This ought to be a configuration tunable, but I can't find any > documentaion on it: How to I force fetch to use passive mode? > > When I try "make fetch" of some port I get: > > => Attempting to fetch from \ > ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/. > fetch: \ ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/file: \ > Operation not permitted > > It fails quickly, no sign of things timing out. > > In my firewall (pf), I have > > block in quick on $ext_if all You block everything that comes in from your external interface. The "quick" keyword means that the search ends there. So you no incoming traffic passes... HTH, Nikos > pass out quick on $ext_if proto tcp all flags S/SA keep state > pass out quick on $ext_if proto udp all keep state > pass out quick on $ext_if proto icmp all keep state > > which basically block ftp active, but should allow ftp passive. If I > flush the rules fetch works fine, so it must be an issue of fetch trying > active mode. > > Setting FTP_PASSIVE_MODE=YES as environment variable or in make.conf > doesn't change a thing. > > Thanks, Erik
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200603171310.42917.nvass>