On Mar 20, 2014, at 12:31 PM, Martin Langhoff <martin.langh...@gmail.com> wrote:
> On Thu, Mar 20, 2014 at 1:34 PM, Lennart Poettering <mzerq...@0pointer.de> > wrote: > I wonder whether it wouldn't be time to say goodbye to tcpwrappers in > Fedora. There has been a request in systemd upstream to disable support > > As Stephen points out, they are used. Does systemd+xinetd match their > functionality? > > cheers, > > > m I have to say that there are certain out-of-the-box services that it’s nice to be able to block access at the application-level, which would be hard to do at the transport or network layer. RPC-based services being the most obvious, but also things like FTP or TFTP or VNC or X that don’t always have port numbers that are easily expressed… Then there’s filtering on DNS hostname suffixes, etc… NIS+ membership... I’m fine with seeing systemd being decoupled from them, but I’d like to see legacy services continue to work with tcpwrappers (libwrap). -Philip
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct