[Development] Contributing to the Qt Project behind a hefty firewall and proxy server

[Laszlo Papp]

> But let's make sure that we are NOT recommending that people circumvent IT
> network policies. If the IT infrastructure blocks the traffic, then they must
> have a reason for it. It can be because:
>
> 1) the block is overly broad and shouldn't be there
> or
> 2) the block is intentional and the Git/Gerrit/SSH traffic should not be
> permitted
>
> We simply don't know which it is. The use by that user of the SSH server
> running on port 443 could lead to a violation of the corporate network
> security policy. We must make it clear that we are not responsible and that
> the user must figure that out with their people.
>
> Which leads me to my suggestion: if your firewall blocks the traffic to port
> 29418, create the IT ticket now and get an approved way of doing Gerrit traffic.
> Follow the company's procedures.

+1

> And the best way to ensure that it gets done is to prove that you cannot work
> without the solution. Prove it by spending a week idling because you could not
> do your work. That's also valid for consultants.

I personally believe that, this is not the good practical approach of
achieving those goals or getting a good impression at the company, but
it depends on the supervisor and management as well, I guess. :-)

> Yes, I have worked for big companies and I still do. In both Nokia and Intel,
> there are approved ways of accessing those ports that don't involve
> circumventing the security policy.

The situation is simpler with big companies like Nokia and Intel since
they work on open source projects as well, and some of those are
hosted publically using Git, SSH, and so forth as you enumerated.
Therefore, it is quite reasonable to have that internal support in
place by default. This is unfortunately not the case for many big
companies.

Best Regards,
Laszlo Papp