Date: Fri, 25 Jan 2002 13:36:07 -0500 From: freebsd-hackers@remdesign.net To: "Grover, Andrew" <andrew.grover@intel.com> Cc: freebsd-hackers@freebsd.org Subject: Re: How can I run CVSup through a firewall? Message-ID: <20020125133607.A21690@tharmas.rintrah.org> In-Reply-To: <59885C5E3098D511AD690002A5072D3C02AB7BE6@orsmsx111.jf.intel.com>; from andrew.grover@intel.com on Fri, Jan 25, 2002 at 10:12:34AM -0800 References: <59885C5E3098D511AD690002A5072D3C02AB7BE6@orsmsx111.jf.intel.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jan 25, 2002 at 10:12:34AM -0800, Grover, Andrew wrote:
> It is a little tricky (IMHO) to set up, but you can use m3socks to allow
> cvsup to use a SOCKS proxy, if you have one of those. I'm also behind a
> firewall so that is what I did.
>
> Regards -- Andy
>
> > From: Ladislav Kostal [mailto:ladislav.kostal@fem.uniag.sk]
> > On Fri, 25 Jan 2002, Dariush Azimi wrote:
> > > I can not access the internet without going through the firewall.
> >
> > I use to run small redirector (plug) on server with public IP
> > address and
> > then on client cvsup -g -L 2 -P m /etc/cvsupfile.
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message
man cvsup gives a couple more ideas:
USING ssh PORT FORWARDING
As an alternative to SOCKS, a user behind a firewall can penetrate it
with the TCP port forwarding provided by the Secure Shell package ssh.
The user must have a login account on the CVSup server host in order to
do this. The procedure is as follows:
1. Establish a connection to the server host with ssh, like this:
ssh -f -x -L 5999:localhost:5999 serverhost sleep 60
Replace serverhost with the hostname of the CVSup server, but type
`localhost' literally. This sets up the required port forwarding.
You must start cvsup before the 60-second sleep finishes. Once the
update has begun, ssh will keep the forwarded channels open as long
as they are needed.
2. Run cvsup on the local host, including the arguments `-h localhost'
on the command line.
and
CVSup AND FIREWALLS
In its default mode, cvsup will work through any firewall which permits
outbound connections to port 5999 of the server host. With slightly more
permissive firewall rules it may be possible to use passive mode or one
of the other modes, for a very slight gain in efficiency. See the
description of the -P option for details.
For more information on using CVSup with specific kinds of firewalls, see
the CVSup FAQ at <http://www.polstra.com/projects/freeware/CVSup/>.
--devin
--
Mathematicians are like Frenchmen: whatever you say to them they
translate into their own language, and forthwith it is something
entirely different.
-- Johann Wolfgang von Goethe
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020125133607.A21690>