1 |
>>> 1. Put all your mirror sites in the exception list. This can get tedious as |
2 |
>>> some ebuilds list many mirrors for sources |
3 |
>>> |
4 |
>>> or |
5 |
>>> |
6 |
>>> 2. wget using ftp |
7 |
>>> |
8 |
>>> or |
9 |
>>> |
10 |
>>> 3. set up a proxy |
11 |
>>> |
12 |
>>> The easiest is #2 by far |
13 |
>> |
14 |
>> Does portage use wget over http by default? Can I change a setting to |
15 |
>> make it use ftp? |
16 |
>> |
17 |
>> - Grant |
18 |
>> |
19 |
>> |
20 |
> |
21 |
> I think you would do well to setup a squid proxy and block outbound |
22 |
> traffic for the affected machines. We've had great success with squid |
23 |
> in our environment. This gives you a tremendous amount of flexibility |
24 |
> on your access control, and it means you don't have to be concerned |
25 |
> about which transport methods are used when updating/installing. |
26 |
> Added bonus is that the squid caches your Gentoo download objects. |
27 |
|
28 |
Is that tough to set up? I would think an iptables solution would be |
29 |
easier, but maybe that won't work out. |
30 |
|
31 |
- Grant |