[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: SVNServe and firewalls

From: Bob Proulx <bob_at_proulx.com>
Date: 2005-04-23 18:06:06 CEST

Robert Murphy wrote:
> My company is trying to share a repository that is hosted using
> svnserve. Unfortunately our partners have a rather restrictive
> firewall and are unable to retrieve or send updates to the repo.

To be clear let me repeat what I am reading. You are hosting the
repository. You think the access to the repository from the outside
world is fine. But your partners are having trouble getting to it
because they cannot get out of their restrictive firewall. You think
the problem is on their end getting out.

> We tried to be clever hand have svnserve use port 80 and have it
> bind to a specific host name but to no avail. I have seen previous
> posts concerning firewalls but those dealt with the Apache module
> and not the stand alone server. Any ideas would be appreciated.

Can your partners get out using ssh? If so then they should be able
to use the svn+ssh:// method. This will use port 22. This does
unfortunately mean shell access to your server. Special and more
restrictive configurations are available.

Many times restrictive corporate firewalls will provide alternate
access methods such as a "socks" server. Frequently this is not known
to users. Check to see if your partner has a socks server is
available to get access outside their firewall. This is the case at
my employment. We configure ssh to use socks to connect out. Then
the svn+ssh:// method is available. If socks is available then you
could also use a "socksified" svn client directly instead of using a
"socksified" ssh client with svn+ssh. Feel free to mail me directly
with socks questions because that would be off-topic for this list.

I personally like using the svn+ssh:// method and use it whenever
possible by preference. However issues such as the one you are seeing
have been a push to use the https:// method. Using http/https works
through most firewalls and is more seamless in port environments such
as MS. Using https:// would likely solve your problem. Is it
possible for you to set up an apache2 installation to host a WebDAV
interface? What system is hosting the repository? For instance I am
using Debian GNU/Linux and this is quite easy to install and configure


To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sat Apr 23 18:07:48 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.