Re: CVS access from behind the firewall

To: debian-firewall@lists.debian.org
Subject: Re: CVS access from behind the firewall
From: Daniel Pittman <daniel@rimspace.net>
Date: Sun, 28 Nov 2004 10:21:25 +1100
Message-id: <87oehiev4a.fsf@enki.rimspace.net>
References: <41A8C554.6090206@hanaden.com>

On 28 Nov 2004, hanasaki@hanaden.com wrote:
> I have a bunch of developers behind a squid firewall. Only http/https
> are allowed out.  What is a simple/secure way to let the at least pull 
> CVS down from the Internet (ex: sourceforge) and preferable do CVS 
> checkins too.  An iptables masquerade is not at the top of the list of 
> options.

Permit 'CONNECT' to the cvs pserver port (2409, IIRC, but check that),
and then give them the `httptunnel', `corkscrew' or `proxychains'
packages.

That will allow them to make a vaguely passable shot at getting at the
outside world.

...alternately, talk to management and get them to alter security policy
to permit access to that service on the Internet;  it is, after all,
business related.

As usual, a non-technical solution to a non-technical problem is the
best path, where possible.

Regards,
        Daniel

-- 
A companion, unobtrusive
Plays the song that's so elusive
And the magic music makes your morning mood.
        -- Rush, _The Spirit of Radio_, 1980

Reply to:

References:
- CVS access from behind the firewall
  - From: hanasaki <hanasaki@hanaden.com>

Prev by Date: Re: wondershaper setup as in readme.Debian
Next by Date: Re: wondershaper setup as in readme.Debian
Previous by thread: CVS access from behind the firewall
Next by thread: Re: CVS access from behind the firewall
Index(es):
- Date
- Thread