Hello everybody,
My machine (A) is located on a lan behind a firewall, and the only way outside is ssh.
I have another machine (B) outside the lan. B has ssh server, and I can ssh from A to B.
In order to be able to perform software updates with yum I set up ssl tunnel from A to B
using dynamic port forwarding, that is: I ssh from A to B, and ssh client on A serves
as SOCKS proxy. In addition, SOCKS client wrapper is installed on A (I use dante's
socksify).
The mentioned SOCKS proxy works properly, for example I can use the web.
But when I try to use yum (running 'socksify yum update', for example), it fails to ran
properly. I see (using ssh's escape characters) that ssh forwards yum's connections,
but yum tells that either network is unreachable or that connection timed out.
That is what I get from yum:
--------------------------------------------------------------------
[root@centos .ssh]# socksify yum update
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: ftp.plusline.de
* updates: mirror.netcologne.de
* addons: ftp.plusline.de
* extras: mirror.silyus.net
http://ftp.plusline.de/centos/5.3/os/i386/repodata/repomd.xml: [Errno 4] IOError: <urlopen error (114, 'Operation already in progress')>
Trying other mirror.
http://mirror.netcologne.de/centos/5.3/os/i386/repodata/repomd.xml: [Errno 4] IOError: <urlopen error (101, 'Network is unreachable')>
Trying other mirror.
http://mirror.silyus.net/centos/5.3/os/i386/repodata/repomd.xml: [Errno 4] IOError: <urlopen error (114, 'Operation already in progress')>
Trying other mirror.
http://centos.spiegelserver.eu/5.3/os/i386/repodata/repomd.xml: [Errno 4] IOError: <urlopen error (114, 'Operation already in progress')>
Trying other mirror.
ftp://ftp.cs.hacettepe.edu.tr/pub/mirrors/CentOS/5.3/os/i386/repodata/repomd.xml: [Errno 4] IOError: [Errno ftp error] timed out
Trying other mirror.
http://centos.bio.lmu.de/5.3/os/i386/repodata/repomd.xml: [Errno 4] IOError: <urlopen error (101, 'Network is unreachable')>
Trying other mirror.
http://ftp.halifax.rwth-aachen.de/centos/5.3/os/i386/repodata/repomd.xml: [Errno 12] Timeout: <urlopen error timed out>
Trying other mirror.
http://ftp.linux.org.tr/centos/5.3/os/i386/repodata/repomd.xml: [Errno 12] Timeout: <urlopen error timed out>
Trying other mirror.
http://mirror.atrpms.net/centos/5.3/os/i386/repodata/repomd.xml: [Errno 12] Timeout: <urlopen error timed out>
Trying other mirror.
http://wftp.tu-chemnitz.de/pub/linux/centos/5.3/os/i386/repodata/repomd.xml: [Errno 12] Timeout: <urlopen error timed out>
Trying other mirror.
Error: Cannot retrieve repository metadata (repomd.xml) for repository: base. Please verify its path and try again
--------------------------------------------------------------------
And this is what ssh tells me about forwarded connections:
--------------------------------------------------------------------
The following connections are open:
#2 client-session (t4 r0 i0/0 o0/0 fd 6/7 cfd -1)
#3 direct-tcpip: listening port 9999 for ftp.plusline.de port 80, connect from 127.0.0.1 port 48980 (t4 r16 i0/0 o0/0 fd 9/9 cfd -1)
#4 direct-tcpip: listening port 9999 for centos.bio.lmu.de port 80, connect from 127.0.0.1 port 48589 (t4 r1 i0/0 o0/0 fd 10/10 cfd -1)
#5 direct-tcpip: listening port 9999 for mirror.silyus.net port 80, connect from 127.0.0.1 port 48599 (t4 r2 i0/0 o0/0 fd 11/11 cfd -1)
#7 direct-tcpip: listening port 9999 for mirror.atrpms.net port 80, connect from 127.0.0.1 port 48616 (t4 r3 i0/0 o0/0 fd 13/13 cfd -1)
#8 direct-tcpip: listening port 9999 for centos.spiegelserver.eu port 80, connect from 127.0.0.1 port 48633 (t4 r4 i0/0 o0/0 fd 14/14 cfd -1)
#9 direct-tcpip: listening port 9999 for mirror.netcologne.de port 80, connect from 127.0.0.1 port 48650 (t4 r5 i0/0 o0/0 fd 15/15 cfd -1)
#10 direct-tcpip: listening port 9999 for wftp.tu-chemnitz.de port 80, connect from 127.0.0.1 port 48667 (t4 r6 i0/0 o0/0 fd 16/16 cfd -1)
#11 direct-tcpip: listening port 9999 for ftp.linux.org.tr port 80, connect from 127.0.0.1 port 48766 (t4 r8 i0/0 o0/0 fd 17/17 cfd -1)
#12 direct-tcpip: listening port 9999 for ftp-stud.fht-esslingen.de port 80, connect from 127.0.0.1 port 48939 (t4 r15 i0/0 o0/0 fd 18/18 cfd -1)
#13 direct-tcpip: listening port 9999 for ftp.halifax.rwth-aachen.de port 80, connect from 127.0.0.1 port 48752 (t4 r7 i0/0 o0/0 fd 19/19 cfd -1)
#14 direct-tcpip: listening port 9999 for wftp.tu-chemnitz.de port 80, connect from 127.0.0.1 port 48783 (t4 r9 i0/0 o0/0 fd 20/20 cfd -1)
#15 direct-tcpip: listening port 9999 for ftp.hosteurope.de port 80, connect from 127.0.0.1 port 48800 (t4 r10 i0/0 o0/0 fd 21/21 cfd -1)
#16 direct-tcpip: listening port 9999 for ftp.halifax.rwth-aachen.de port 80, connect from 127.0.0.1 port 48817 (t4 r11 i0/0 o0/0 fd 22/22 cfd -1)
#18 direct-tcpip: listening port 9999 for centos.intergenia.de port 80, connect from 127.0.0.1 port 48851 (t4 r12 i0/0 o0/0 fd 24/24 cfd -1)
#22 direct-tcpip: listening port 9999 for wftp.tu-chemnitz.de port 80, connect from 127.0.0.1 port 48905 (t4 r14 i0/0 o0/0 fd 28/28 cfd -1)
#23 direct-tcpip: listening port 9999 for centos.intergenia.de port 80, connect from 127.0.0.1 port 48924 (t4 r13 i0/0 o0/0 fd 29/29 cfd -1)
--------------------------------------------------------------------
Now, I understand why the one ftp connection had failed, but why did yum fail to
retreive the required data using other connections? The file repomd.xml from
each of the tried mirrors could be downloaded successfully using wget via my SOCKS proxy.
So, why yum didn't work?
Thanks.
My machine (A) is located on a lan behind a firewall, and the only way outside is ssh.
I have another machine (B) outside the lan. B has ssh server, and I can ssh from A to B.
In order to be able to perform software updates with yum I set up ssl tunnel from A to B
using dynamic port forwarding, that is: I ssh from A to B, and ssh client on A serves
as SOCKS proxy. In addition, SOCKS client wrapper is installed on A (I use dante's
socksify).
The mentioned SOCKS proxy works properly, for example I can use the web.
But when I try to use yum (running 'socksify yum update', for example), it fails to ran
properly. I see (using ssh's escape characters) that ssh forwards yum's connections,
but yum tells that either network is unreachable or that connection timed out.
That is what I get from yum:
--------------------------------------------------------------------
[root@centos .ssh]# socksify yum update
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: ftp.plusline.de
* updates: mirror.netcologne.de
* addons: ftp.plusline.de
* extras: mirror.silyus.net
http://ftp.plusline.de/centos/5.3/os/i386/repodata/repomd.xml: [Errno 4] IOError: <urlopen error (114, 'Operation already in progress')>
Trying other mirror.
http://mirror.netcologne.de/centos/5.3/os/i386/repodata/repomd.xml: [Errno 4] IOError: <urlopen error (101, 'Network is unreachable')>
Trying other mirror.
http://mirror.silyus.net/centos/5.3/os/i386/repodata/repomd.xml: [Errno 4] IOError: <urlopen error (114, 'Operation already in progress')>
Trying other mirror.
http://centos.spiegelserver.eu/5.3/os/i386/repodata/repomd.xml: [Errno 4] IOError: <urlopen error (114, 'Operation already in progress')>
Trying other mirror.
ftp://ftp.cs.hacettepe.edu.tr/pub/mirrors/CentOS/5.3/os/i386/repodata/repomd.xml: [Errno 4] IOError: [Errno ftp error] timed out
Trying other mirror.
http://centos.bio.lmu.de/5.3/os/i386/repodata/repomd.xml: [Errno 4] IOError: <urlopen error (101, 'Network is unreachable')>
Trying other mirror.
http://ftp.halifax.rwth-aachen.de/centos/5.3/os/i386/repodata/repomd.xml: [Errno 12] Timeout: <urlopen error timed out>
Trying other mirror.
http://ftp.linux.org.tr/centos/5.3/os/i386/repodata/repomd.xml: [Errno 12] Timeout: <urlopen error timed out>
Trying other mirror.
http://mirror.atrpms.net/centos/5.3/os/i386/repodata/repomd.xml: [Errno 12] Timeout: <urlopen error timed out>
Trying other mirror.
http://wftp.tu-chemnitz.de/pub/linux/centos/5.3/os/i386/repodata/repomd.xml: [Errno 12] Timeout: <urlopen error timed out>
Trying other mirror.
Error: Cannot retrieve repository metadata (repomd.xml) for repository: base. Please verify its path and try again
--------------------------------------------------------------------
And this is what ssh tells me about forwarded connections:
--------------------------------------------------------------------
The following connections are open:
#2 client-session (t4 r0 i0/0 o0/0 fd 6/7 cfd -1)
#3 direct-tcpip: listening port 9999 for ftp.plusline.de port 80, connect from 127.0.0.1 port 48980 (t4 r16 i0/0 o0/0 fd 9/9 cfd -1)
#4 direct-tcpip: listening port 9999 for centos.bio.lmu.de port 80, connect from 127.0.0.1 port 48589 (t4 r1 i0/0 o0/0 fd 10/10 cfd -1)
#5 direct-tcpip: listening port 9999 for mirror.silyus.net port 80, connect from 127.0.0.1 port 48599 (t4 r2 i0/0 o0/0 fd 11/11 cfd -1)
#7 direct-tcpip: listening port 9999 for mirror.atrpms.net port 80, connect from 127.0.0.1 port 48616 (t4 r3 i0/0 o0/0 fd 13/13 cfd -1)
#8 direct-tcpip: listening port 9999 for centos.spiegelserver.eu port 80, connect from 127.0.0.1 port 48633 (t4 r4 i0/0 o0/0 fd 14/14 cfd -1)
#9 direct-tcpip: listening port 9999 for mirror.netcologne.de port 80, connect from 127.0.0.1 port 48650 (t4 r5 i0/0 o0/0 fd 15/15 cfd -1)
#10 direct-tcpip: listening port 9999 for wftp.tu-chemnitz.de port 80, connect from 127.0.0.1 port 48667 (t4 r6 i0/0 o0/0 fd 16/16 cfd -1)
#11 direct-tcpip: listening port 9999 for ftp.linux.org.tr port 80, connect from 127.0.0.1 port 48766 (t4 r8 i0/0 o0/0 fd 17/17 cfd -1)
#12 direct-tcpip: listening port 9999 for ftp-stud.fht-esslingen.de port 80, connect from 127.0.0.1 port 48939 (t4 r15 i0/0 o0/0 fd 18/18 cfd -1)
#13 direct-tcpip: listening port 9999 for ftp.halifax.rwth-aachen.de port 80, connect from 127.0.0.1 port 48752 (t4 r7 i0/0 o0/0 fd 19/19 cfd -1)
#14 direct-tcpip: listening port 9999 for wftp.tu-chemnitz.de port 80, connect from 127.0.0.1 port 48783 (t4 r9 i0/0 o0/0 fd 20/20 cfd -1)
#15 direct-tcpip: listening port 9999 for ftp.hosteurope.de port 80, connect from 127.0.0.1 port 48800 (t4 r10 i0/0 o0/0 fd 21/21 cfd -1)
#16 direct-tcpip: listening port 9999 for ftp.halifax.rwth-aachen.de port 80, connect from 127.0.0.1 port 48817 (t4 r11 i0/0 o0/0 fd 22/22 cfd -1)
#18 direct-tcpip: listening port 9999 for centos.intergenia.de port 80, connect from 127.0.0.1 port 48851 (t4 r12 i0/0 o0/0 fd 24/24 cfd -1)
#22 direct-tcpip: listening port 9999 for wftp.tu-chemnitz.de port 80, connect from 127.0.0.1 port 48905 (t4 r14 i0/0 o0/0 fd 28/28 cfd -1)
#23 direct-tcpip: listening port 9999 for centos.intergenia.de port 80, connect from 127.0.0.1 port 48924 (t4 r13 i0/0 o0/0 fd 29/29 cfd -1)
--------------------------------------------------------------------
Now, I understand why the one ftp connection had failed, but why did yum fail to
retreive the required data using other connections? The file repomd.xml from
each of the tried mirrors could be downloaded successfully using wget via my SOCKS proxy.
So, why yum didn't work?
Thanks.
_______________________________________________ Yum mailing list Yum@xxxxxxxxxxxxxxxxx http://lists.baseurl.org/mailman/listinfo/yum
