Date: Thu, 12 Jul 2012 18:22:04 +0100 From: Kaya Saman <kayasaman@gmail.com> To: Devin Teske <dteske@freebsd.org> Cc: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: Is there a way to run FreeBSD ports through port 80? Message-ID: <CAPj0R5K6axkkhKm8wp%2B4bTDFo58ZKUhnmjES=LFN-_%2B5TkwG4w@mail.gmail.com> In-Reply-To: <314F6471-1EC7-4A73-803E-A0B0370757EB@fisglobal.com> References: <CAPj0R5KJ=0yFcQG5azYfCS73oWLAfJhf4NpAz5Oozo4N-vYQyg@mail.gmail.com> <C412A022-7C3C-45FB-8662-ED299C272937@fisglobal.com> <CAPj0R5JddE%2BJ6F3ZhASoaGsf9hpGRGc2Jr4sjdF_9=kP2jnWZA@mail.gmail.com> <314F6471-1EC7-4A73-803E-A0B0370757EB@fisglobal.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jul 12, 2012 at 6:15 PM, Devin Teske <devin.teske@fisglobal.com> wr= ote: > > On Jul 12, 2012, at 9:42 AM, Kaya Saman wrote: > >> On Thu, Jul 12, 2012 at 5:33 PM, Devin Teske <devin.teske@fisglobal.com>= wrote: >>> >>> On Jul 12, 2012, at 9:23 AM, Kaya Saman wrote: >>> >>>> Hi, >>>> >>>> I am trying to introduce FreeBSD into my office and it's been looked >>>> at with quite a bit of enthusiasm however, what makes it look bad is >>>> our companies 'security' policy to block FTP. >>>> >>>> At present they are running a whole bunch of CentOS based boxes and >>>> VM's which of course can be run through port 80 when using YUM. >>>> >>>> >>>> How does one get round this issue as my superiors are telling me that >>>> opening up FTP is a security risk and therefor don't want to proceed? >>>> >>>> >>>> I would like to use ports specifically and not the pkg_add tool to get= software. >>>> >>>> >>>> Can anyone sugget anything? >>>> >>> >>> env ftp_proxy=3Dhost:port <command> >>> >>> where <command> is your normal command, such as "fetch". >>> >>> For a full list of environment variables you can use,=85 >>> >>> $ ldd -f '%p\n' `which fetch` | xargs grep -alr ftp_proxy | xargs strin= gs -n 7 | grep _proxy >>> fetch_no_proxy_match >>> fetch_default_proxy_port >>> http_proxy >>> ftp_proxy >>> no_proxy >>> >>> -- >>> Devin >>> >>> _____________ >>> The information contained in this message is proprietary and/or confide= ntial. If you are not the intended recipient, please: (i) delete the messag= e and all copies; (ii) do not disclose, distribute or use the message in an= y manner; and (iii) notify the sender immediately. In addition, please be a= ware that any message addressed to our domain is subject to archiving and r= eview by persons other than the intended recipient. Thank you. >> >> Thanks Devin for this however, >> >> setenv ftp_proxy ftp://<ip>:<port>; indicates that FTP is being proxied o= ut. >> >> We simply have it banned on a Juniper firewall. So http is being >> proxied by a web appliance but that's it... nothing else. >> >> > > Yep. It's up to your proxy server whether it's going to handle FTP or onl= y HTTP (and/or HTTPS). > > I use squid a lot and it handles FTP great. > -- > Devin > > _____________ > The information contained in this message is proprietary and/or confident= ial. If you are not the intended recipient, please: (i) delete the message = and all copies; (ii) do not disclose, distribute or use the message in any = manner; and (iii) notify the sender immediately. In addition, please be awa= re that any message addressed to our domain is subject to archiving and rev= iew by persons other than the intended recipient. Thank you. We have an 'appliance' based proxy and as company policy FTP should be restricted, ie. not active on this as it's a security risk. Thats my major issue..... I will try the suggested method of: MASTER_SORT_REGEX =3D ^http for the time being to see if that helps before setting up our own repositor= y. Regards, Kaya
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPj0R5K6axkkhKm8wp%2B4bTDFo58ZKUhnmjES=LFN-_%2B5TkwG4w>