On Sat, Jul 16, 2011 at 3:23 PM, Loui Chang <louipc.ist@gmail.com> wrote:
On 07/16/2011 08:06 PM, Peggy Wilkins wrote:
The annoucement suggests that a major reason for dropping support is that it is "confusing" to end users. An easy solution to that is to make a default hosts.allow file that says "ALL : ALL : ALLOW" out of the box. Then those of use wanting to simply restrict access (useful in many scenarios) can change that default as needed.
I think it makes sense to have only one place to control traffic, makes things a little simpler. tcp_wrappers is like a helper program for beginner users to control traffic, but you can most likely find a program that would help beginners to create iptable rules. I don't use them so I can't advocate any particular program though.
I haven't used it myself, but Uncomplicated Firewall (UFW) is available in the Community repository and looks like a simple alternative way to get going. https://wiki.archlinux.org/index.php/Firewalls#ufw ...and there are a handful of other similar firewall configuration tools listed on that page as well. Just thought it might be useful to point out for people following this thread. -- Aaron Bull Schaefer http://elasticdog.com/