View Full Version : Yum behind firewall not proxy

26th July 2006, 04:05 PM
I am sorry if this has been asked before. I searched but could not find anything. I am trying to get yum to work from behind our firewall. Most ports are blocked except for what we need. Is there a port I need to open up to get yum to work or is there a special config I need to do on the firewall to make this happen? Any help is greatly appreciated.


26th July 2006, 04:23 PM
quoted from above:
"By default, yum accesses network repositories with HTTP. All yum HTTP operations use HTTP/1.1, and are compatible with web proxy servers that support this standard. You may also access FTP repositories, and configure yum to use an FTP proxy server. The squid package provides a proxy service for both HTTP/1.1 and FTP connections."

what kind of output does yum provide? any error messages?

26th July 2006, 05:24 PM
I am not sure of the error message, I will get it from the user and post it as soon as I can. In the meantime, I may not have been clear about this before, I am behind a firewall but I am not using a proxy. I have access to configure the firewall so if there is a change that can be made on the firewall we should be ok. Are we required to use a proxy for yum to work? Again thank you in advance for any help.


27th July 2006, 07:35 PM
yum itself just requires an internet connection, whether or not it's proxied is up to you. I was referencing that page since it seemed most relevant. The output from yum should help determine where the failure is, I'll wait to see it.

4th August 2006, 09:29 PM
Sorry for the delay. Here is the error message we are getting. As always, any help is greatly appreciated.

--> Populating transaction set with selected packages. Please wait.
---> Downloading header for mysql-devel to pack into transaction set.
mysql-devel-5.0.22-1.FC5. 100% |=========================| 2.4 MB 00:07
http://fedora.colorado.edu/linux/core/updates/5/x86_64/mysql-devel-5.0.22-1.FC5.1.x86_64.rpm: [Errno -1] Header is not complete.
Trying other mirror.
mysql-devel-5.0.22-1.FC5. 100% |=========================| 400 kB 00:02
http://mirror.linux.duke.edu/pub/fedora/linux/core/updates/5/x86_64/mysql-devel-5.0.22-1.FC5.1.x86_64.rpm: [Errno 4] Socket Error: (11, 'Resource temporarily unavailable')
Trying other mirror.
ftp://ftp.software.umn.edu/pub/linux/fedora/core/updates/5/x86_64/mysql-devel-5.0.22-1.FC5.1.x86_64.rpm: [Errno 4] IOError: [Errno ftp error] 550 Failed to change directory.

7th August 2006, 01:51 PM
Here is another error snippet from a different system.

[root@eric eric]# yum install xmms.x86_64
Loading "installonlyn" plugin
Setting up Install Process
Setting up repositories
updates [1/3]
core [2/3]
extras [3/3]
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for xmms to pack into transaction set.
.fc5.x86_64.rpm: [Errno 4] IOError: [Errno ftp error] [Errno ftp error] 500 Unkn
own command.
Trying other mirror.
xmms-1.2.10-25.fc5.x86_64 100% |=========================| 1.7 MB 00:07
.x86_64.rpm: [Errno -1] Header is not complete.
Trying other mirror.
.2.10-25.fc5.x86_64.rpm: [Errno 14] HTTP Error 404: Date: Fri, 04 Aug 2006 21:20
:57 GMT
Server: Apache/2.0.52 (Red Hat)
Content-Length: 360
Connection: close
Content-Type: text/html; charset=iso-8859-1
Trying other mirror.
xmms-1.2.10-25.fc5.x86_64 100% |=========================| 1.7 MB 00:05
5.fc5.x86_64.rpm: [Errno -1] Header is not complete.
Trying other mirror.
xmms-1.2.10-25.fc5.x86_64 100% |=========================| 248 kB 00:00
10-25.fc5.x86_64.rpm: [Errno 4] Socket Error: (11, 'Resource temporarily unavail
Trying other mirror.

8th August 2006, 11:31 PM
I wanted to let everyone know this problem has been resolved. It turns out out Sonicwall was causing the issue. I found the problem on this post:


I did not have to disable the Gateway AntiVirus and Spyware but just enable the FTP 'REST' and HTTP Byte-Range as the directions say. As soon as I did this all of the systems on the network were able to run YUM.