On Wed, Jul 13, 2011 at 4:27 AM, Dave Reisner <d...@falconindy.com> wrote: > I'd like to pick up something Dan proposed about a year ago, which is > dropping support for tcp_wrappers. Its last official upstream release > was 1997, and we currently add 10 patches to it from 3 different distros > in order to make it compile, fix bugs, and add features (ipv6). We also > add in an odd default of ALL: ALL in the config file, meaning that the > first thing most people do on a new arch system is add a line to > /etc/hosts.allow along the lines of 'sshd: ALL' (or just delete the > blanket deny. To my knowledge, there isn't anything tcp_wrappers does > that iptables can't do more eloquently, and without the need to be > linked against an external library. > > Therefore, I'd like to propose that we just dump this.
+1 -t
