Using CVSUP behind a firewall

These instructions apply more to FreeBSD, but can be adapted quickly to work for other unixes. If you cannot get the admin of the firewall to open up port 5999, then you have another option. If you can get port 22 opened for ssh and can ssh to a remote machine, then you can tunnel cvsup through that conduit.

  1. Setup your cvsup file:
    [tethys]:[10:14am]:[/home/rnejdl/www/networking/Unix] > cat /usr/local/etc/cvsup/ports-supfile
    *default tag=.
    *default host=cvsup6.freebsd.org
    *default base=/usr/local/etc/cvsup
    *default prefix=/usr
    *default release=cvs tag=RELENG_5_2
    *default delete use-rel-suffix
    *default compress
    ports-all tag=.
    
  2. You need to get shell access on a remote machine outside the firewall. This shouldn't be too hard, either your machine at home, a friends machine or one of those many that are offering free shell access. We'll call it "friendly.example.com"
  3. From your FreeBSD machine behind the firewall you would open up a tunnel between yourself and the friendly machine on port 5999 for cvsup. This is done as follows:
    $ ssh -L 5999:cvsupmirror.freebsd.org:5999 loginid@friendly.example.com
    
    Replace "cvsupmirror.freebsd.org" with an actual one from the list of mirrors. loginid is your login name on the remote machine.

    You will see the following in netstat when this connection is opened:
    tcp4       0      0  127.0.0.1.5999         *.*                    LISTEN
    tcp6       0      0  ::1.5999               *.*                    LISTEN
    
  4. From another command prompt you run cvsup while pointing to your localhost as the cvsup server as such:
    # cvsup -g -L2 -h localhost /path/to/cvsupfile
    

If all goes well, then your cvsup should go through and update, in this example, all of your ports collection.