pacman(arch linux 包管理器)传出通信端口

tag-icon tag-icon arch-linux iptables tcp pacman
pacman(arch linux 包管理器)传出通信端口

我必须阻止未使用的端口上的所有传出连接,但我找不到吃豆人同步和更新/安装软件包。在互联网上,我发现吃豆人根据存储库使用http或协议,因此当我仅允许使用这些协议并尝试安装包时,我会收到与连接相关的错误。ftpiptables

pacman 使用动态端口还是特定的 prot?

这是我正在做的一个例子:
The os is in a VM
拱门的版本。

user@archlinux ~> sudo iptables -F
user@archlinux ~> sudo iptables -A OUTPUT -p TCP --sport 1:500 -j ACCEPT
user@archlinux ~> sudo iptables -A OUTPUT -p TCP --sport 4242 -j ACCEPT # My ssh connection
user@archlinux ~> sudo iptables -A OUTPUT -p UDP --sport 1:500 -j ACCEPT
user@archlinux ~> sudo iptables -A OUTPUT -j DROP
user@archlinux ~> sudo pacman -S mariadb
resolving dependencies...
looking for conflicting packages...

Packages (5) jemalloc-1:5.2.0-1  lzo-2.10-2  mariadb-clients-10.4.6-1  mariadb-libs-10.4.6-1  mariadb-10.4.6-1

Total Download Size:    45.61 MiB
Total Installed Size:  290.92 MiB

:: Proceed with installation? [Y/n] 
:: Retrieving packages...
error: failed retrieving file 'lzo-2.10-2-x86_64.pkg.tar.xz' from mirror.xtom.com.hk : Could not resolve host: mirror.xtom.com.hk
error: failed retrieving file 'lzo-2.10-2-x86_64.pkg.tar.xz' from archlinux.surlyjake.com : Could not resolve host: archlinux.surlyjake.com
error: failed retrieving file 'lzo-2.10-2-x86_64.pkg.tar.xz' from mirror.datacenter.by : Could not resolve host: mirror.datacenter.by
error: failed retrieving file 'lzo-2.10-2-x86_64.pkg.tar.xz' from archlinux.za.mirror.allworldit.com : Could not resolve host: archlinux.za.mirror.allworldit.com
error: failed retrieving file 'lzo-2.10-2-x86_64.pkg.tar.xz' from archlinux.iskon.hr : Could not resolve host: archlinux.iskon.hr
error: failed retrieving file 'lzo-2.10-2-x86_64.pkg.tar.xz' from ftp.vectranet.pl : Could not resolve host: ftp.vectranet.pl
error: failed retrieving file 'lzo-2.10-2-x86_64.pkg.tar.xz' from mirror.netcologne.de : Could not resolve host: mirror.netcologne.de
error: failed retrieving file 'lzo-2.10-2-x86_64.pkg.tar.xz' from mirror.0x.sg : Could not resolve host: mirror.0x.sg
error: failed retrieving file 'lzo-2.10-2-x86_64.pkg.tar.xz' from mirror.umd.edu : Could not resolve host: mirror.umd.edu



先感谢您。

答案1

我认为DNS解析有问题。您必须允许 DNS 的端口 53 UDP 传出。此致。

答案2

pacman使用 HTTP 和 HTTPS 下载包。哪一个取决于 /etc/pacman.d/mirrorlist 的内容。

相关内容