On 12/07/2011 09:03 AM, Philippe Naudin wrote:
Hello,
While yum is configured to use a proxy, like this : [base] name=CentOS-$releasever - Base mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&rep... #baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 proxy=http://proxy.lasb:3128
it still make some attempts to connect directly to Internet (tcp 80). These attempts are denied and logged by the firewall.
If I comment out the line mirrorlist= and uncomment the line baseurl= then there is no more direct connexion to Internet. (N.B. : in both cases, yum works well despite the access denied.)
I have tried to add a line proxy= to fastestmirror.conf, but it doesn't change anything. I can't put proxy= in /etc/yum.conf because I also have a local repo.
Any idea on how to avoid these connexion to Internet ?
fastestmirror is designed to make direct connections to remote sites, time them, and then pick the fastest mirror from that machine to a specific mirror. If your machine can not connect directly to the external mirror, it is going to cause issues.
It works ok through most transparent proxies (though, the connection times are going to be to the proxy, and all the same and very low, and not valid for the purpose of fastest mirror) ... it does not work with proxies that require a password or non port 80 proxies.
If you have a web proxy, you will most likely need to not use fastest mirror.