On Wed, 2003-04-23 at 10:20, Troy Dawson wrote: > Howdy All, > It seems that the machine having problem with firewalls is still having > problems with firewalls. (When I asked for details he sent me information on > a different problem, which we got fixed) > > So here is the scenerio (a little more detailed than last time). The machine > in question is behind a firewall. The firewall allows only incomming > connections when those connections were initiated from within the firewall. > When it does an ftp, the ftp connection has to be passive. > > So when this machine does a yum it does the following. > > # yum -d 10 list nedit > Gathering package information from servers > server name/cachedir:Fermi Linux 731 main-/var/cache/yum/731server > Getting headers from: Fermi Linux 731 main > getting header.info from server > > and then it sits forever. > Back on the server we see it in /var/log/secure, connecting > > Apr 22 16:25:18 linux1 xinetd[800]: START: ftp pid=19397 from=xxx.xxx.xxx.xxx > > But nothing else. > > So I guess my big question is, does anyone know the step by step details of > what goes on when yum/python tries to get a file via ftp? > > I'm thinking that the only way we are going to fix this is for them to poke > holes for our two servers in thier firewall, but if there is anything we can > do to do a little less than that, we'd appreciate any ideas. This sounds like passive ftp vs active ftp and typical firewalling problems. Do you have an http server setup on those machines too? if so I'd recommend using http instead. None of that passive/active crap that ftp deals with. -sv
