On Wed, 23 Jul 2008 19:05:13 +0200 Edgar Fuß wrote:
> > Why this? I do this with iptables.
> Hm. Mainly because I find hosts.{allow,deny} easier to handle in this case
> than (i)pf.conf. It's also somewhat more staightforward to maintain a single
> pair of hosts.* files consistent accross all mail servers than to deal with
> individual packet filter
> rules. And, if you like to, you can do more elaborate things with tcp
> wrappers than what I mentioned (and currently need).
I maintain the iptables configuration(s) (on Fedora in /etc/sysconfig/iptables)
across machines using scp or rsync. No problem.
--Frank Elsner
