On Fri, 18 Aug 2017, Jason L Tibbitts III wrote:
> Sadly I know how terrible tcp_wrappers is and so I know it needs to go
> away.
just because crows trying to protect their young will 'mob' a
hawk hunting to feed her young does not make the hawk
terrible; latest is not always greatest
I found the ranting toward wrappers unconvincing years ago -
- I remain unconvinced that it is terrible code
> It's just unfortunate that there's no replacement for it besides
> firewalling, and dealing with the firewall is unfortunately so
> complicated.
wrappers will invoke the resolver, and do PTR lookups, and so
can do:
- hostname based,
- domain related, and
- absent DNS information based blocking
I know of no way to do these tasks with the 'firewalld' code
-- Russ herrold
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
