RE: portsnap in cron and firewall

Fri, 05 Sep 2008 08:52:13 -0700 


> Date: Fri, 5 Sep 2008 17:43:44 +0200> From: [EMAIL PROTECTED]> To: [EMAIL 
> PROTECTED]> CC: freebsd-questions@freebsd.org> Subject: Re: portsnap in cron 
> and firewall> > > Le 05/09/2008 à 11:33:59-0400, Sean Cavanaugh a écrit> > > 
> > > > > Date: Fri, 5 Sep 2008 16:14:02 +0200> From: [EMAIL PROTECTED]>> > > 
> To: freebsd-questions@freebsd.org> Subject: portsnap in cron and> > > 
> firewall> > Hi all> > I've some servers for internal use. On those> > > 
> servers I have some pf (or> ipfw) rule to deny any connection from> > > 
> inside to outside. > > Long time ago when ports tree is update with> > > cvs, 
> I'm using something like> > pf command to open inside -->> > > outside 
> connection> cvsup > portupgrade --fetch-only --all> pf> > > command to close 
> inside --> outside connection> > But now with> > > portsnap cron (that's mean 
> random sleep) I don't known when> the> > > system try to connect outside. > > 
> Do you have any idea how can I> > > make my update using portsnap (I known I 
> can> use cvsup) in a> > > crontab with my network config ? >> > > > "portsnap 
> cron" just randomizes the time to download unlike "portsnap> > fetch" which 
> says to do it right now. cron was added to help randomize> > the time so 
> everyone syncing at midnight UTC arent all hitting at> > exact same time.> > 
> Yes I known. That's why I'm asking you how can I make portsnap through the> 
> cron and opening firewall just before he going to make the connection.> > Of 
> course I can hack the portsnap to make he don't try to see if it's fork> by 
> cron or not. But it's not a good idea IMHO, what's happen if all person> do 
> that ? 
I think you misread what i was saying. Inside your cron job use "portsnap 
fetch" instead of "portsnap cron". that way it will fetch exactly when you run 
the cron job, without the randomized delay.
 
most likely a shell script that would have the following:
1)open pf
2)portsnap fetch
3)portsnap update (<- you were missing this important step also)
4)portupgrade --fetch-only --all
5)close pf_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"






















					Reply via email to