On Fri, Aug 24, 2012 at 11:12:02PM -0500, Bruce Dubbs wrote: > [email protected] wrote: > > Author: krejzi > > Date: 2012-08-01 06:04:22 -0600 (Wed, 01 Aug 2012) > > New Revision: 10486 > > > > Added: > > trunk/BOOK/archive/tcpwrappers.xml > > Removed: > > trunk/BOOK/postlfs/security/tcpwrappers.xml > > Armin, > > I just noticed this. > > Why did you remove tcpwrappers? I recall saying I don't like it or use > it, but some other programs do use it. It's mentioned in sendmail, > nfs-utils, vsftpd, and exim as well as xinetd which I'm restoring. > > I think it's a legitimate optional dependency. It builds OK in 7.2. > > -- Bruce > There was general agreement that it should go. I didn't like the decision, but there was general agreement that if arch can drop it, so can we. I've moved to iptables (_fun_ : that reminds me, I must remember to fix my iptables scripts re multicast spamming the logs) - I didn't think tcp_wrappers were a big overhead, but I have to agree that they aren't the only way of providing that control.
Relatedly : for iptables, why isn't it a regular script in init.d ? And is there any interest in _different_ variants ? e.g. on this (7.2 :) desktop I've got rules for ssh (if I started it), tcp and udp if established or related, loopback, dns, ntp, icmp if related - and I should also permit multicast. -- das eine Mal als Tragödie, das andere Mal als Farce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
