I find myself in a complicated situation and would like to ask the
oracle (choke!) for help. I would like to install the packages from
the continuous release repo and the yum config for this repo says


well, I definitely do not want to allow worldwide outgoing http so I
try to find the IPs

# host mirror.centos.org
mirror.centos.org has address

but! wait...

# host mirror.centos.org
mirror.centos.org has address

dns round robin is not very helpful for me doing firewall rules.
How would you solve this yum and firewall thing?
- --
Kind Regards, Markus Falb

I think your best bet would be either
1) take a host you're more comfortable with having http access to the
world, change it to run squid, perhaps putting limit rules in squid
to only allow http requests to download.centos.org (or whatever), then
point your more secured host to this machine as your proxy server.
2) find a likewise host that you can allow pretty much any outbout
http traffic on that also has a pretty good amount of disk space free
and usable, then use it to pull in a local mirror of the cent
archives. and over ride DNS results with local /etc/host rules for dns

or just live dangerously and pick one host that you're pretty sure
will be up and over ride the DNS rotor with your own local dns
configs/etc/hosts entries... but that's kinda riding dirty. I
probably shouldn't even suggest it.

but I'm far from being an oracle. not even a sybase.
Even the Magic 8 ball has an opinion on email clients: Outlook not so good.

Search Discussions

Discussion Posts


Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 2 of 16 | next ›
Discussion Overview
groupcentos @
postedJan 15, '13 at 8:58p
activeJan 18, '13 at 5:48p



site design / logo © 2021 Grokbase