On Thu, Jul 12, 2012 at 6:15 PM, Devin Teske <devin.te...@fisglobal.com> wrote: > > On Jul 12, 2012, at 9:42 AM, Kaya Saman wrote: > >> On Thu, Jul 12, 2012 at 5:33 PM, Devin Teske <devin.te...@fisglobal.com> >> wrote: >>> >>> On Jul 12, 2012, at 9:23 AM, Kaya Saman wrote: >>> >>>> Hi, >>>> >>>> I am trying to introduce FreeBSD into my office and it's been looked >>>> at with quite a bit of enthusiasm however, what makes it look bad is >>>> our companies 'security' policy to block FTP. >>>> >>>> At present they are running a whole bunch of CentOS based boxes and >>>> VM's which of course can be run through port 80 when using YUM. >>>> >>>> >>>> How does one get round this issue as my superiors are telling me that >>>> opening up FTP is a security risk and therefor don't want to proceed? >>>> >>>> >>>> I would like to use ports specifically and not the pkg_add tool to get >>>> software. >>>> >>>> >>>> Can anyone sugget anything? >>>> >>> >>> env ftp_proxy=host:port <command> >>> >>> where <command> is your normal command, such as "fetch". >>> >>> For a full list of environment variables you can use,… >>> >>> $ ldd -f '%p\n' `which fetch` | xargs grep -alr ftp_proxy | xargs strings >>> -n 7 | grep _proxy >>> fetch_no_proxy_match >>> fetch_default_proxy_port >>> http_proxy >>> ftp_proxy >>> no_proxy >>> >>> -- >>> Devin >>> >>> _____________ >>> The information contained in this message is proprietary and/or >>> confidential. If you are not the intended recipient, please: (i) delete the >>> message and all copies; (ii) do not disclose, distribute or use the message >>> in any manner; and (iii) notify the sender immediately. In addition, please >>> be aware that any message addressed to our domain is subject to archiving >>> and review by persons other than the intended recipient. Thank you. >> >> Thanks Devin for this however, >> >> setenv ftp_proxy ftp://<ip>:<port> indicates that FTP is being proxied out. >> >> We simply have it banned on a Juniper firewall. So http is being >> proxied by a web appliance but that's it... nothing else. >> >> > > Yep. It's up to your proxy server whether it's going to handle FTP or only > HTTP (and/or HTTPS). > > I use squid a lot and it handles FTP great. > -- > Devin > > _____________ > The information contained in this message is proprietary and/or confidential. > If you are not the intended recipient, please: (i) delete the message and all > copies; (ii) do not disclose, distribute or use the message in any manner; > and (iii) notify the sender immediately. In addition, please be aware that > any message addressed to our domain is subject to archiving and review by > persons other than the intended recipient. Thank you.
We have an 'appliance' based proxy and as company policy FTP should be restricted, ie. not active on this as it's a security risk. Thats my major issue..... I will try the suggested method of: MASTER_SORT_REGEX = ^http for the time being to see if that helps before setting up our own repository. Regards, Kaya _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
