Jerry McAllister wrote: > On Tue, Feb 13, 2007 at 08:00:11PM -0500, Mark Jacobs wrote: >> On Tue, 2007-02-13 at 19:54 -0500, Jerry McAllister wrote: >>> On Tue, Feb 13, 2007 at 06:54:10PM -0500, Mark Jacobs wrote: >>> >>>> At work I run 6.2 stable and due to firewall problems I cannot download >>>> packages or port sources using http.
>> Like I said I have firewall problems at work. I can update my ports file >> fine,but cannot download the source archives using http. > > I don't think it uses http. > I think it uses ftp - even handles passive ftp which is needed > for some firewall situations. > I never looked closely. When downloading the distfiles required for a port, it is at the port maintainer's discretion as to what mechanism to use. Nowadays, HTTP is probably the most popular, with FTP in decline. Together those two account for perhaps 99% of the ports, but there is the capability for a port maintainer to write some more customised download if needed. Only being able to use FTP seems perverse to me: the arcane way in which FTP uses multiple connections between source and destination makes it much, much harder to firewall effectively, whereas HTTP is a nice clean simple modern protocol. It is common for many companies to require HTTP traffic to pass through some sort of proxy -- generally so they can stop the windows users downloading malware and stop users in general browsing for inappropriate pink bits. However you should still be able to pull down source tarballs through such a proxy by setting environment variables -- see fetch(3) for details, but the main ones are FTP_PROXY and HTTP_PROXY. If that doesn't work, then the distfiles for any ports that have been compiled on the package building cluster should be available from ftp://ftp.freebsd.org/pub/FreeBSD/ports/distfiles/ -- that's the vast majority of software available via the ports, but usually it takes a few days for the package building cluster to get round to rebuilding updated ports (so the distfiles may not be there yet), and this won't help you for the ports marked not to be built on the cluster. You can even set the following in /etc/make.conf to cause the ports system to try using the ftp.freebsd.org distfile cache before it tries the upstream distribution points, although don't do this unless you absolutely need to, or ftp.freebsd.org could end up horribly overloaded: MASTER_SITE_FREEBSD= yes MASTER_SITE_OVERRIDE= yes See ports(7) for details. You'll still have a problem downloading the ports INDEX (ie 'make fetchindex') as that uses HTTP by default. Locating an FTP accessible source for the INDEX, and finding out what to put in make.conf to cause the make system to use it is left as an exercise for the student. Or you can use my p5-FreeBSD-Portindex port to build and maintain your own, or you can even just do without an INDEX at all... Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW
signature.asc
Description: OpenPGP digital signature
