yum update and iptables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



I'm doing some testing in a lab which is isolated from the rest of my
network (DMZ). I'm doing both inbound and outbound filtering at the
firewall (CentOS +iptables).

What protocols, ports and destination IP addresses does yum use to
identify updates, and then actually go get them for installation?

Looking at yum.conf and wireshark data, yum appears to go to a central
site, look up the closest mirrors, then query the mirrors for the latest
updates.

Using wireshark it appears that http and tcp are used, but the addresses
are all over the place (many mirrors).

Is there a way to restrict the outbound traffic to a small number of
mirrors? In other words, can I force yum to only check certain sites?

If that is not so easy, I should be able to restrict the outbound
traffic to a small set of addresses (yes/no?).

DaveM


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux