16 Jul
2011
16 Jul
'11
5:13 p.m.
On Saturday 16 July 2011 12:06:34 Peggy Wilkins wrote:
The annoucement suggests that a major reason for dropping support is that it is "confusing" to end users. An easy solution to that is to make a default hosts.allow file that says "ALL : ALL : ALLOW" out of the box. Then those of use wanting to simply restrict access (useful in many scenarios) can change that default as needed. Technically this is what we did: without tcp_wrappers every input is accepted now.
You've to setup iptables to deny all input and accept only what you need. I never used iptables before, but now I find its syntax really simple, and powerful. -- Andrea