Ingo Wichmann <[email protected]> écrit : > > I wonder if anyone is using TCP wrappers any more?
I do. > Wouldn't you use iptables instead today? I know there are use cases > where TCP wrapper would fit better. But aren't they rare? TCP wrappers is much more efficient than Netfilter because it affects only the establishment of a connection. When enabled, Netfilter checks every network packet, which adds a significant overhead. Netfilter is for routers, not for servers. > A lot of services still come with TCP wrappers enabled by default. But > does that mean there are commonly in use today? I doubt it. sshd? > "Understand the role of TCP wrappers. " > /etc/hosts.allow > and > /etc/hosts.deny > > I'd recommend to remove it. I'd be glad if we could keep it. _______________________________________________ lpi-examdev mailing list [email protected] http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
