Install and update system and packages without FTP

Hi,

I stumbled upon this line in the FreeBSD official documentation:
For those situations when FTP is required, PF provides redirection of FTP traffic to a small proxy program called ftp-proxy(8), which is included in the base system of FreeBSD. The role of the proxy is to dynamically insert and delete rules in the ruleset, using a set of anchors, in order to correctly handle FTP traffic.
For those situations when FTP is required
I'm stunned because I've been looking for ways to work with FreeBSD without FTP for days and it seems impossible.

pkg install uses FTP and I find no way to globally override this
freebsd-update uses FTP and I find no way to globally override this

So are there really situations when you can admin a FreeBSD server without using FTP?
If so, how?

Thanks for your help.
 
Ok, I guess it was only pkg then. Still, I don't see how I can configure it so that it uses http by default. What file should I edit? Am I supposed to choose a single http mirror and hope it never goes down?
 
Ok, I guess it was only pkg then. Still, I don't see how I can configure it so that it uses http by default.
It already uses HTTP by default.

Code:
FreeBSD: {
  url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",
  mirror_type: "srv",
  signature_type: "fingerprints",
  fingerprints: "/usr/share/keys/pkg",
  enabled: yes
}
 
Ok, I guess it was only pkg then. Still, I don't see how I can configure it so that it uses http by default. What file should I edit? Am I supposed to choose a single http mirror and hope it never goes down?
Can you show us what's in /etc/pkg/FreeBSD.conf and /usr/local/etc/pkg.conf on your system? Is there anything in /usr/local/etc/pkg/repos/? What's the output of pkg -vv?

The server to use is pkg.freebsd.org which uses GeoDNS to select the nearest package mirror at your location. It also provides SRV records as a fallback in case a server is down (try it: drill _http._tcp.pkg.freebsd.org SRV).

What FreeBSD version are you using? The older package tools like pkg_add all used FTP by default IIRC.
 
Thanks! The hosting company had put a file in /usr/local/etc/pkg/repos/. It referenced their own FTP mirror server. Unfortunately their mirror is FTP only. I removed the file and now pkg uses the default configuration, which is http.
 
Back
Top