>> >> 1. Put all your mirror sites in the exception list. This can get tedious as >> some ebuilds list many mirrors for sources >> >> or >> >> 2. wget using ftp >> >> or >> >> 3. set up a proxy >> >> The easiest is #2 by far > > Does portage use wget over http by default? Can I change a setting to > make it use ftp? > > - Grant > >
I think you would do well to setup a squid proxy and block outbound traffic for the affected machines. We've had great success with squid in our environment. This gives you a tremendous amount of flexibility on your access control, and it means you don't have to be concerned about which transport methods are used when updating/installing. Added bonus is that the squid caches your Gentoo download objects. -- Matt
