[Yum] yum and firewalls again

Troy Dawson dawson at fnal.gov
Wed Apr 23 14:20:01 UTC 2003

Howdy All,
It seems that the machine having problem with firewalls is still having 
problems with firewalls.  (When I asked for details he sent me information on 
a different problem, which we got fixed)

So here is the scenerio (a little more detailed than last time).  The machine 
in question is behind a firewall.  The firewall allows only incomming 
connections when those connections were initiated from within the firewall. 
When it does an ftp, the ftp connection has to be passive.

So when this machine does a yum it does the following.

# yum -d 10 list nedit
Gathering package information from servers
server name/cachedir:Fermi Linux 731 main-/var/cache/yum/731server
Getting headers from: Fermi Linux 731 main
getting header.info from server

and then it sits forever.
Back on the server we see it in /var/log/secure, connecting

Apr 22 16:25:18 linux1 xinetd[800]: START: ftp pid=19397 from=xxx.xxx.xxx.xxx

But nothing else.

So I guess my big question is, does anyone know the step by step details of 
what goes on when yum/python tries to get a file via ftp?

I'm thinking that the only way we are going to fix this is for them to poke 
holes for our two servers in thier firewall, but if there is anything we can 
do to do a little less than that, we'd appreciate any ideas.


Troy Dawson  dawson at fnal.gov  (630)840-6468
Fermilab  ComputingDivision/OSS  CSI Group

More information about the Yum mailing list