From: Alan McKinnon <alan.mckinnon@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Restricting Firefox website access
Date: Sat, 17 Jan 2009 20:21:47 +0200 [thread overview]
Message-ID: <200901172021.47900.alan.mckinnon@gmail.com> (raw)
In-Reply-To: <49bf44f10901171012u3a9f05c2i591de0e29cb251cc@mail.gmail.com>
On Saturday 17 January 2009 20:12:06 Grant wrote:
> > This requires only that the computer in question has a static IP or a
> > permanent lease (so you always know what it is), and you know the IP of
> > the web sites to be accessed (dig is a very good friend). Allow these,
> > deny everything else to destination port 80.
>
> That sounds good, but I won't be able to fetch all updates that
> portage might want, right?
There's always a wrinkle isn't there?
I find in real terms that my machines get all their updates from gentoo.org or
from the gentoo mirror on the ftp server at work. That works for me, if those
two mirrors both fail, I have problems that a change of GENTOO_MIRRORS will
not solve.
Perhaps the same is true of your environment. Failing that, I think you need
to haul out the big guns, along with the big administration burden, and run
an http proxy
--
alan dot mckinnon at gmail dot com
next prev parent reply other threads:[~2009-01-17 18:22 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-01-07 21:44 [gentoo-user] Restricting Firefox website access Grant
2009-01-07 21:54 ` Paul Hartman
2009-01-08 20:57 ` Kyle Bader
2009-01-09 18:40 ` Grant
2009-01-09 19:05 ` Alan McKinnon
2009-01-09 19:32 ` Grant
2009-01-09 20:58 ` Kyle Bader
2009-01-09 21:07 ` Nick Cunningham
2009-01-09 21:23 ` Alan McKinnon
2009-01-10 10:14 ` Peter Humphrey
2009-01-10 14:35 ` Matt Causey
2009-01-10 17:50 ` Grant
2009-01-10 19:35 ` Matt Causey
2009-01-10 5:18 ` Mike Kazantsev
2009-01-10 17:48 ` Grant
2009-01-11 2:05 ` Mike Kazantsev
2009-01-11 2:27 ` Grant
2009-01-13 19:33 ` Mick
2009-01-14 1:52 ` Mike Kazantsev
2009-01-17 5:34 ` Grant
2009-01-17 6:30 ` Mike Kazantsev
2009-01-17 9:50 ` Peter Humphrey
2009-01-17 8:47 ` Alan McKinnon
2009-01-17 18:12 ` Grant
2009-01-17 18:21 ` Alan McKinnon [this message]
2009-01-17 18:53 ` Matt Harrison
2009-01-17 18:24 ` Grant
2009-01-17 15:43 ` Stroller
2009-01-17 16:32 ` [gentoo-user] " Harry Putnam
2009-01-17 17:40 ` Grant
2009-01-17 19:02 ` Harry Putnam
2009-01-17 17:32 ` [gentoo-user] " Grant
2009-01-23 11:04 ` Matt Causey
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200901172021.47900.alan.mckinnon@gmail.com \
--to=alan.mckinnon@gmail.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox