#!/usr/bin/perl

use CPAN();

$CPAN_has_usable = \&CPAN::has_usable;

local *CPAN::has_usable = sub {
    return if $_[1] =~ /^(?:Net|LWP)/;
    return $CPAN_has_usable->( @_ );
};

do 'path/to/perl/bin/cpan';
[download]

You can probably solve your problem by using passive FTP. Before you run the CPAN shell just put:

LWP and Net::FTP should then be able to work around your firewall. You can stick that environment variable in your bashrc as well or if you're using CPAN in a script you should be able to set $ENV{FTP_PASSIVE} = 1 to do the same thing.

HTH

update fixed a typo

update2 Maybe I should start reading the posts first, I've heard its great. Anyway as dmorgo kindly pointed out, my solution won't do authentication for the proxy, he has the correct answer below.

He mentioned this is an authenticating proxy. My understanding of authenticating proxies is that this (simply using passive) won't work, because he still needs some way to tell the firewall his userid and password. (See my post below).

Here's what you need for LWP to work with an authenticated proxy (assumes bash):

export ftp_proxy=proxyuserid:proxypass@ftpproxy.foo.com:21
export http_proxy=http://proxyuserid:proxypass@httpproxy.foo.com:9090
[download]

(Change proxyuserid, proxypass, 9090, and the addresses as appropriate.)

This also assumes there is a call like $ua->env_proxy; in LWP by default (making LWP pay attention to those environment variables by default), which I believe there is.

Let us know if you figure out Net::FTP. I ended up using ncftpget and wget, and hand editing the CPAN file to make it try those first, as someone else described.

Here are the settings for ncftpget:

# ncftpget proxy settings; put in ~/.ncftp/firewall
# ftp only
firewall-type=2
firewall-host=hostname.com
firewall-user=userid
firewall-password=whatever
firewall-port=21
firewall-exception-list=.foo.com,localhost,localdomain
[download]

# put in .wgetrc file:
http_proxy = http://wwwproxy.foo.com:9090/
ftp_proxy = ftpproxy.foo.com:21 # ftp untested
use_proxy = on
proxy-user=userid
proxy-passwd=passwd
[download]

Brilliant!

I slightly modified the solution by PodMaster to make my own executable script:

#!/usr/bin/perl

use CPAN();

$CPAN_has_usable = \&CPAN::has_usable;

local *CPAN::has_usable = sub {
    return if $_[1] =~ /^(?:Net|LWP)/;
    return $CPAN_has_usable->( @_ );
};

CPAN::shell();
[download]

To skip lynx and the other command line tools, I hacked my MyConfig.pm in ~/.cpan/CPAN to say something like:

  'ncftpget' => q[/bin/false],
  'ftp' => q[/bin/false],
  'lynx' => q[/bin/false],
[download]

  'http_proxy' => q[10.10.10.10:8000],
  'proxy_pass' => q[myPassWord],
  'proxy_user' => q[myUser],
[download]

Minor addition to script to avoid an annoying warning:

use CPAN ();

$CPAN_has_usable = \&CPAN::has_usable;

local *CPAN::has_usable = sub {
    return if $_[1] =~ /^(?:Net|LWP)/;
    return $CPAN_has_usable->( @_ );
};

$ENV{PERL_READLINE_NOWARN} = 1;

CPAN::shell();
[download]

It seems that if the shell is started this way rather than directly on the commandline, it complains "Can't ioctl TIOCGETP: Invalid argument" - readline etc. work anyway, so the env variable disables the warning.

Maybe, I missed a point or two ...

At my work environment, I've pretty much the same conditions -- i.e. restrictive firewall and an authenticating proxy, which allows only "browser ftp".

After reading this very thread, I've tweaked Config.pm (That's down in $YourPerlModulesAreHere/5.8.x/CPAN). When I set ftp_proxy to the same value as http_proxy and put the credentials in the URL, a little happy LWP goes going.

Here a snippet from Config.pm:

$CPAN::Config = {

# more stuff here ...

'ftp_proxy' => q[http://user:passwd@server:port],
'http_proxy' => q[http://user:passwd@server:port],

# ... and here also

}
[download]

I hope, anyone -- beside myself -- can made some good use of it.