[blfs-dev] [blfs-book] r10486 - in trunk/BOOK: . archive gnome/core introduction/welcome multimedia/libdriv multimedia/videoutils networking/netprogs postlfs/security pst/printing pst/scanning server/databases server/mail server/major server/other xsoft/other

Ken Moffat zarniwhoop at ntlworld.com
Fri Aug 24 21:40:59 PDT 2012


On Fri, Aug 24, 2012 at 11:12:02PM -0500, Bruce Dubbs wrote:
> krejzi at linuxfromscratch.org wrote:
> > Author: krejzi
> > Date: 2012-08-01 06:04:22 -0600 (Wed, 01 Aug 2012)
> > New Revision: 10486
> >
> > Added:
> >     trunk/BOOK/archive/tcpwrappers.xml
> > Removed:
> >     trunk/BOOK/postlfs/security/tcpwrappers.xml
> 
> Armin,
> 
> I just noticed this.
> 
> Why did you remove tcpwrappers?  I recall saying I don't like it or use 
> it, but some other programs do use it.  It's mentioned in sendmail, 
> nfs-utils, vsftpd, and exim as well as xinetd which I'm restoring.
> 
> I think it's a legitimate optional dependency.  It builds OK in 7.2.
> 
>    -- Bruce
> 
 There was agreement that it wasn't needed - I didn't like the
decision, but I've accepted that I can replace it with iptables
(_fun_).

 Relatedly, I'm puzzled why rc.iptables isn't a regular rc.d/init.d
script ?

 Also, is there any interest in providing more examples of different
iptables scripts?  On my server I have to allow NEW connections from
specified local machines, and also incoming ESTABLISHED ssh,
loopback, dns, ntp, icmp if related, and pop3.  Similar for my
desktops, apart from the POP3 and permitting specific machines.
Hmm, must fix mine up to ACCEPT multicast (it comes from my cable
hub, when I have at least two machines connected) - tested that, but
forgot to commit it!

ĸen
-- 
das eine Mal als Tragödie, das andere Mal als Farce



More information about the blfs-dev mailing list