Is there a way to run FreeBSD ports through port 80?

Kaya Saman kayasaman at gmail.com
Thu Jul 12 17:22:05 UTC 2012 

On Thu, Jul 12, 2012 at 6:15 PM, Devin Teske <devin.teske at fisglobal.com> wrote:
>
> On Jul 12, 2012, at 9:42 AM, Kaya Saman wrote:
>
>> On Thu, Jul 12, 2012 at 5:33 PM, Devin Teske <devin.teske at fisglobal.com> wrote:
>>>
>>> On Jul 12, 2012, at 9:23 AM, Kaya Saman wrote:
>>>
>>>> Hi,
>>>>
>>>> I am trying to introduce FreeBSD into my office and it's been looked
>>>> at with quite a bit of enthusiasm however, what makes it look bad is
>>>> our companies 'security' policy to block FTP.
>>>>
>>>> At present they are running a whole bunch of CentOS based boxes and
>>>> VM's which of course can be run through port 80 when using YUM.
>>>>
>>>>
>>>> How does one get round this issue as my superiors are telling me that
>>>> opening up FTP is a security risk and therefor don't want to proceed?
>>>>
>>>>
>>>> I would like to use ports specifically and not the pkg_add tool to get software.
>>>>
>>>>
>>>> Can anyone sugget anything?
>>>>
>>>
>>> env ftp_proxy=host:port <command>
>>>
>>> where <command> is your normal command, such as "fetch".
>>>
>>> For a full list of environment variables you can use,…
>>>
>>> $ ldd -f '%p\n' `which fetch` | xargs grep -alr ftp_proxy | xargs strings -n 7 | grep _proxy
>>> fetch_no_proxy_match
>>> fetch_default_proxy_port
>>> http_proxy
>>> ftp_proxy
>>> no_proxy
>>>
>>> --
>>> Devin
>>>
>>> _____________
>>> The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you.
>>
>> Thanks Devin for this however,
>>
>> setenv ftp_proxy ftp://<ip>:<port> indicates that FTP is being proxied out.
>>
>> We simply have it banned on a Juniper firewall. So http is being
>> proxied by a web appliance but that's it... nothing else.
>>
>>
>
> Yep. It's up to your proxy server whether it's going to handle FTP or only HTTP (and/or HTTPS).
>
> I use squid a lot and it handles FTP great.
> --
> Devin
>
> _____________
> The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you.


We have an 'appliance' based proxy and as company policy FTP should be
restricted, ie. not active on this as it's a security risk.

Thats my major issue.....


I will try the suggested method of:

MASTER_SORT_REGEX = ^http

for the time being to see if that helps before setting up our own repository.


Regards,


Kaya

More information about the freebsd-questions mailing list