Re: cr repo and firewalling

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Am 15.01.2013 21:58, schrieb Markus Falb:
> I would like to install the packages from
> the continuous release repo and the yum config for this repo says
> 
> baseurl=http://mirror.centos.org/centos/$releasever/cr/$basearch/
> 
> well, I definitely do not want to allow worldwide outgoing http so I
> try to find the IPs
> 
> # host mirror.centos.org
> mirror.centos.org has address 93.113.36.66
> 
> but! wait...
> 
> # host mirror.centos.org
> mirror.centos.org has address 88.198.211.197
> 
> dns round robin is not very helpful for me doing firewall rules.
> How would you solve this yum and firewall thing?

You'll need an application level gateway (ALG) firewall.
Simple packet filtering, even stateful, is not sufficient
for this purpose.

-- 
Tilman Schmidt
Phoenix Software GmbH
Bonn, Germany

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux