disable passive FTP

[o5gmmob8]

Is there a configuration that allows me to disable passive FTP for fetching artifacts? My firewall restricts traffic to common web ports and even FTP is frowned upon. I understand that a port is just a port and malicious traffic can surreptitiously pass through a commonly used port like https.

[szatox]

That's a really weird question to ask. What are you trying to do there?
Isn't passive mode the one where client opens all connections (both, management and data) to the server? It's done this way on purpose, if you're on a consumer link, you're probably behind a NAT, so active mode with server-initiated data connection won't work anyway. Who controls that firewall you mentioned and what do you mean by FTP being frowned upon?
I wonder what the full story is....

You can override FETCHCOMMAND (check out emerge --info), but I doubt going active will get whatever result you're hoping for.
_________________
Make Computing Fun Again

[o5gmmob8]

I want to avoid FTP as a file transfer protocol being used and instead just use HTTPS.

[Hu]

Your original request reads specifically as an attempt to avoid passive FTP, with the implication that you wanted to prefer active FTP. Passive FTP is generally better than active, so asking to switch to active seemed strange.

I am not aware of a way to do what you want.

[grknight]

If you mean to pull down distfiles or binpkgs from mirrors, then simply don't list an ftp:// URL in GENTOO_MIRRORS in make.conf.
Except in the rare case that a mirror does not have a file and only ftp:// is listed in the ebuild file, then it will just fail if firewalled out.