portsnap in cron and firewall
RW
fbsd06 at mlists.homeunix.com
Fri Sep 5 16:00:58 UTC 2008
On Fri, 5 Sep 2008 16:14:02 +0200
Albert Shih <Albert.Shih at obspm.fr> wrote:
> Hi all
>
> I've some servers for internal use. On those servers I have some pf
> (or ipfw) rule to deny any connection from inside to outside.
>
> Long time ago when ports tree is update with cvs, I'm using something
> like
>
> pf command to open inside --> outside connection
> cvsup
> portupgrade --fetch-only --all
> pf command to close inside --> outside connection
>
> But now with portsnap cron (that's mean random sleep) I don't known
> when the system try to connect outside.
>
> Do you have any idea how can I make my update using portsnap (I known
You can do this"
sleep `jot -r 1 0 3599`
<open pf>
portsnap fetch
<close pf>
However, I would suggest you simply create pf rules to allow the
server contact to the portsnap servers.
More information about the freebsd-questions
mailing list