On 06/06/16 10:25, Andrey Chernov wrote:
On 06.06.2016 20:22, Ian Lepore wrote:
On Mon, 2016-06-06 at 20:06 +0300, Andrey Chernov wrote:
As variant, I keep hope blacklist sh helper will teach about ipfw
soon,
it looks possible. Then it can be re-enabled by default.
No, it should still not be enabled by default. Maybe it should be
enabled in response to some question in the installer, or maybe even
better, enabled only if some firewall software that understands it is
also enabled. But afaik, all the available firewalls are disabled by
default in defaults/rc.conf, and this should be too.
BTW, it is good idea: to check first, is supported firewall enabled, and
only then enable blacklistd by default.
Like many others, I think it shouldn't be enabled by default ever, even
though it is a useful thing and a service that should be in the small
checklist in the installer. FreeBSD has *no* daemons enabled by default
except devd and a local sendmail and, since this particular feature is
one that many people don't want, this is the wrong time for an expansion
of that list.
(Thanks for adding this to the system, though, and thanks for changing
the setting!)
-Nathan
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
