Solved

Using "emerge" from behind a firewall

Posted on 2004-09-02
11
711 Views
Last Modified: 2013-12-15
I'm working on a gentoo linux box and need to install some programs: jikes, w3m, curl, djbdns, bind-tools, mtr and sun-jdk.
I'm working at a bank and they only allow port 80 traffic in and out of the vlan I'm on.  So, using "emerge" doesn't work.  i.e. #emerge jikes.  Since it attempts to ftp the download.  Is there a way around this?  What are my options?
0
Comment
Question by:aandrade
11 Comments
 
LVL 11

Expert Comment

by:avizit
ID: 11969229
I dont remember exactly but you can download using 'wget' too ..do you have wget installed.
if installed maybe you have to make a few changes to /etc/make.conf

I dont have acess to a gentoo machine now .. but will check when i reach workplace
0
 
LVL 40

Expert Comment

by:jlevie
ID: 11969941
If the files are only available via FTP and those ports aren't permitted by the firewall you are simply out of luck whether you use an FTP client or wget. Only if you can find a site that allows downloads via HTTP are you cgoing to have any success. You can use a web browser, wget, or lynx for the download, but the install will be a manual process.
0
 
LVL 6

Expert Comment

by:knollbert
ID: 11970008
it appears that if you modify the mirrors select variable in make.conf
that it will download using what ever protocol that mirror has  However if that  program can't be found on one of those mirrors it'll
use  one that works which may or may not be http

I currently use
http://mirror.datapipe.net/gentoo http://mirrors.tds.net/gentoo

i got w3m, djbdns, bind-tools, mtr, and sun must be downloaded seperately

!!! dev-java/sun-jdk-1.4.2.05 has fetch restriction turned on.
!!! This probably means that this ebuild's files must be downloaded
!!! manually.  See the comments in the ebuild for more information.

However jikes appears to only be availible at ftp.ibm.blahblah
0
 
LVL 23

Expert Comment

by:Mysidia
ID: 11970248
I suggest getting your firewall reconfigured to permit at least the destination port for FTP.

If destination port 80 is allowed, then all the destination ports might as well be allowed, as
just about anything can be made to go through that port.

Yeah, you could get around it by finding an http mirror or setting up a local one on the
other side of your firewall.

But the zealous firewall configuration is likely to cause a lot of similar problems.
Consider how much time and energy it's taking you to work around it and just in one instance......
0
 
LVL 7

Expert Comment

by:troopern
ID: 12001177
knollbert is correct, you need to change your GENTOO_MIRRORS variable in /etc/make.conf to "http://" mirrors.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:aandrade
ID: 12002077
When accessing http:// the firewall requires that I enter "user id" and "password", how do specify this in the make.conf file?
0
 

Author Comment

by:aandrade
ID: 12002185
This might be more helpful then my last message.  I changed my GENTOO_MIRRORS variable to an "http:// mirror.  When I attempt to i.e. "#emerge curl" I get "HTTP request sent, awaiting response...401 Unathorized Authorization failed."  "Couldn't download curl-7.****. Aborting"

I know that when I access the Internet I have to supply my userid and password.  How can I specify the username and password in my make.conf file?
0
 

Author Comment

by:aandrade
ID: 12011124
Ok, I figured out how to do this.  "emerge" uses "wget" when fetching files online.  I made this entry in my "make.conf" file:

DISTDIR="/usr/portage/distfiles"
URI="http://mirrors.tds.net/gentoo"

FETCHCOMMAND="wget --http-user={username} --http-passwd={passwd} -P \${DISTDIR} \${URI}"
RESUMECOMMAND="/usr/bin/wget --http-user={username} --http-passwd={passwd} -P \${DISTDIR} \${URI}"

And now I can emerge without a problem.  Thanks to everyone for their input and advice.
0
 

Author Comment

by:aandrade
ID: 12011577
The only tool I can't download is jikes, because it's only availble via ftp download (you're right knolbert) and my site blocks all ports except 80.  Is there anyway around this?  I need to be able to use command: #emerge jikes.
0
 
LVL 6

Accepted Solution

by:
knollbert earned 500 total points
ID: 12015400
Download elsewhere and place file in the /usr/portage/distfiles
folder
I know its not the best way.
Unless there is a way to reroute ftp requests into http (none that i know of)
it may be the only way
Unless you can convince your sysadmin to open up FTP for you
0
 
LVL 6

Expert Comment

by:knollbert
ID: 12077761
Any luck??
0

Featured Post

Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

Join & Write a Comment

I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
The purpose of this article is to demonstrate how we can use conditional statements using Python.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now