I'm doing some testing in a lab which is isolated from the rest of my network (DMZ). I'm doing both inbound and outbound filtering at the firewall (CentOS +iptables). What protocols, ports and destination IP addresses does yum use to identify updates, and then actually go get them for installation? Looking at yum.conf and wireshark data, yum appears to go to a central site, look up the closest mirrors, then query the mirrors for the latest updates. Using wireshark it appears that http and tcp are used, but the addresses are all over the place (many mirrors). Is there a way to restrict the outbound traffic to a small number of mirrors? In other words, can I force yum to only check certain sites? If that is not so easy, I should be able to restrict the outbound traffic to a small set of addresses (yes/no?). DaveM _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos