FAQ

Hi,
I find myself in a complicated situation and would like to ask the
oracle (choke!) for help. I would like to install the packages from
the continuous release repo and the yum config for this repo says

baseurl=http://mirror.centos.org/centos/$releasever/cr/$basearch/

well, I definitely do not want to allow worldwide outgoing http so I
try to find the IPs

# host mirror.centos.org
mirror.centos.org has address 93.113.36.66

but! wait...

# host mirror.centos.org
mirror.centos.org has address 88.198.211.197

dns round robin is not very helpful for me doing firewall rules.
How would you solve this yum and firewall thing?
- --
Kind Regards, Markus Falb

I think your best bet would be either
1) take a host you're more comfortable with having http access to the
world, change it to run squid, perhaps putting limit rules in squid
to only allow http requests to download.centos.org (or whatever), then
point your more secured host to this machine as your proxy server.
2) find a likewise host that you can allow pretty much any outbout
http traffic on that also has a pretty good amount of disk space free
and usable, then use it to pull in a local mirror of the cent
archives. and over ride DNS results with local /etc/host rules for dns
results.


or just live dangerously and pick one host that you're pretty sure
will be up and over ride the DNS rotor with your own local dns
configs/etc/hosts entries... but that's kinda riding dirty. I
probably shouldn't even suggest it.


but I'm far from being an oracle. not even a sybase.
--
Even the Magic 8 ball has an opinion on email clients: Outlook not so good.

Search Discussions

Discussion Posts

Previous

Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 2 of 16 | next ›
Discussion Overview
groupcentos @
categoriescentos
postedJan 15, '13 at 8:58p
activeJan 18, '13 at 5:48p
posts16
users7
websitecentos.org
irc#centos

People

Translate

site design / logo © 2021 Grokbase