Package: nftlb Version: 0.6-1 Severity: normal X-Debbugs-Cc: witold.bary...@gmail.com
Dear Maintainer, just installing nftlb package, without configuring it, will make nftlb daemon listen on port 5555 on all interfaces. I would suggest only listening on localhost by default instead. This way if it is installed for testing, it is not exposed by default on public network. If one wants to have it accessible from other machines, it would need to be configured anyway in more detail, than what defaults provide. Regards, Witold root@debian:~# ss -apn | grep nft u_str ESTAB 0 0 * 6204 * 15643 users:(("nftlb",pid=1983,fd=2),("nftlb",pid=1983,fd=1)) u_dgr ESTAB 0 0 * 16584 * 17418 users:(("nftlb",pid=1983,fd=3)) tcp LISTEN 0 2 *:5555 *:* users:(("nftlb",pid=1983,fd=6)) -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.15.0-rc7 (SMP w/32 CPU threads; PREEMPT) Kernel taint flags: TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages nftlb depends on: ii libc6 2.32-4 ii libev4 1:4.33-1 ii libjansson4 2.13.1-1.1 ii libmnl0 1.0.4-3 ii libnftables1 1.0.0-1 nftlb recommends no packages. nftlb suggests no packages. -- no debconf information