fetch – and how to use it behind a firewall

fetch – and how to use it behind a firewall

fetch allows you to retrieve a file by supplying a URL (Uniform Resource
Locator).  It is very useful and powerful tool.  It effectively automates an
anonymous FTP session.

If you get the following message when you use fetch,
then I suspect you are behind a firewall:

su-2.02# fetch ftp://<somefilename>
fetch: ftp://<somefilename>: FTP error:
fetch: Can't open data connection

If you are behind a firewall, you might want to try the -P option on the command line.
  This will force fetch to "use the passive mode of the FTP protocol.
  This is useful for crossing certain types of firewalls." [as quoted from man

2 thoughts on “fetch – and how to use it behind a firewall”

  1. I recently improved my firewall rules to block ports for all the unused services on my machine (the standard rc.firewall "simple" configuration with the patch recommended in a problem report I can’t find again). By default, this blocks the ftp-data port from outside the local network.

    FTP clients, including fetch, have a "passive" mode to deal with this. However, if you’re simply typing ‘make’ in a ports directory, the ‘make fetch’ target will fail because it invokes fetch without passive mode. My first solution was to open the ftp-data port in the firewall rules, but I wanted the ‘make fetch’ target to use a passive fetch.

    The answer was to add ‘FETCH_CMD = /usr/bin/fetch -P’ to /etc/make.conf. The name, ‘FETCH_CMD’, is documented in the ports man page, but not where to put it.

Leave a Comment

Scroll to Top