Am 15.01.2013 21:58, schrieb Markus Falb: > I would like to install the packages from > the continuous release repo and the yum config for this repo says > > baseurl=http://mirror.centos.org/centos/$releasever/cr/$basearch/ > > well, I definitely do not want to allow worldwide outgoing http so I > try to find the IPs > > # host mirror.centos.org > mirror.centos.org has address 93.113.36.66 > > but! wait... > > # host mirror.centos.org > mirror.centos.org has address 88.198.211.197 > > dns round robin is not very helpful for me doing firewall rules. > How would you solve this yum and firewall thing? You'll need an application level gateway (ALG) firewall. Simple packet filtering, even stateful, is not sufficient for this purpose. -- Tilman Schmidt Phoenix Software GmbH Bonn, Germany -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20130118/2e70694c/attachment-0004.sig>