ftp/fetch/cvsup behind a firewall

luke at themango.org luke at themango.org
Tue Feb 3 12:37:59 PST 2004

> Unfortunately, I do not have control over my firewall.
> ----Original Message Follows----
> From: Kent Stewart <kstewart at owt.com>
> To: "Anthony Discolo" <avdiscolo at hotmail.com>, kaeru at pd.jaring.my
> CC: freebsd-questions at freebsd.org
> Subject: Re: ftp/fetch/cvsup behind a firewall
> Date: Mon, 2 Feb 2004 19:16:37 -0800
> On Monday 02 February 2004 11:18 am, Anthony Discolo wrote:
>  > I don't have a /usr/share/examples/etc/defaults/make.conf, but I have
>  > a /usr/share/examples/etc/make.conf.  But it doesn't have a FETCH_ENV
>  > line in it.
>  >
>  > I'm sure someone has been successful in running cvsup behind a
>  > firewall? After all, don't all these tools use ftp indrectly?
> I use cvsup behind the ipfw firewall. I thought I had to allow port
> 5999, which is the port cvsup used to talk to the server, and will have
> to look at my firewall rules more closely. I use a cvs-mirror to
> maintain my outside information. I have fewer problems accessing the
> mirror from inside my firewall. A 100mpbs network is also much faster
> than my DSL line :).
> Do you have control of the firewall?
> Kent

If you cannot get the admin of the firewall to open up port 5999 how about
port 21 for ssh. It seems that most people have that open anyway so it may
not be much of an issue.

Here's where I am going.
1) You need to get shell access on a remote machine outside the firewall.
This shouldn't be too hard, either your machine at home, a friends machine
or one of those many that are offering free shell access. We'll call it

2) From your FreeBSD machine behind the firewall you would open up a
tunnel between yourself and the friendly machine on port 5999 for cvsup.

$ ssh -L 5999:cvsupmirror.freebsd.org:5999 loginid at friendly.excample.com

replace "cvsupmirros.freebsd.org" with an actual one from the list of
mirrors. loginid is your login name on the remote machine.

3) From another command prompt you run cvsup while pointing to your
localhost as the cvsup server.

# cvsup -g -L2 -h localhost /path/to/cvsupfile

Cheers and good luck,


More information about the freebsd-questions mailing list