[mirror-admin] Blocking ips on dl.fedoraproject.org (Or Please update your mirrors in mirror-manager)
Jan Kasprzak
kas at fi.muni.cz
Tue Mar 29 12:00:51 EDT 2016
Hello,
Stephen John Smoogen wrote:
: On 28 March 2016 at 16:46, Carlos <carlos at inf.ufpr.br> wrote:
: > Stephen John Smoogen (smooge at gmail.com) wrote on Mon, Mar 28, 2016 at 03:59:25PM BRT:
: >> The server we are seeing is
: >>
: >> download05/rsyncd-fedora.log:2016/03/28 17:20:05 [34236] connect from
: >> sagres.c3sl.ufpr.br (200.236.31.1)
: >> download05/rsyncd-fedora.log:2016/03/28 17:20:05 [34236] rsync on
: >> fedora-enchilada0/fullfilelist from sagres.c3sl.ufpr.br (200.236.31.1)
: >>
: >> Not
: >>
: >> [smooge at smooge-laptop00 Rsync-Stats]$ host fedora.c3sl.ufpr.br
: >> fedora.c3sl.ufpr.br has address 200.236.31.8
: >> fedora.c3sl.ufpr.br has IPv6 address 2801:82:80ff:8000::9
: >
: > Mirrormanager asks for the site name and the IPs of the rsync servers. This
: > doesn't mean they should be the same machine. In our case it is, but it has
: > several IPs. All you should check is if the IPs used are those in mirrormanager
: > for the site.
: >
:
: But I am not seeing the ip listed in mirrormanager.
:
: OK that is a failure on our part. I am going to need the ips of the
: rsync servers if I am going to put in firewall rules for tier0 and
: tier1 mirrors. I will need all of the ips that could be used or we
: will run into this again. I will have to figure out how to do this
: later.
It would be nice if it can result in a machine-usable
list of IPv4/IPv6 addresses. I would use it for populating the rsync ACL for
the pre-bitflip content. So far I maintain the ACL of ftp.linux.cz
manually.
-Yenya
--
| Jan "Yenya" Kasprzak <kas at {fi.muni.cz - work | yenya.net - private}> |
| http://www.fi.muni.cz/~kas/ GPG: 4096R/A45477D5 |
Like most things in Windows, on the surface it looks great.
-- Jeremy Allison, A Tale of Two Standards
--
More information about the Mirror-admin
mailing list