Dropping tcp_wrappers support.

Michal Soltys soltys at ziu.info
Wed Aug 10 20:31:28 UTC 2011

On 11-08-10 17:18, Thomas Penteker wrote:
> * Johnny (gloomyquazar at mail.ru) wrote:
>>  Hi.
> Hello!
>>  Archlinux's developers are dropping tcp_wrappers support. Aren't CRUX devs
>>  doing to do the same step?
>>  http://www.archlinux.org/news/dropping-tcp_wrappers-support/
> "This is due to upstream not having released a new version since April 1997."
> is NO argument. The security-side benefits may be doubted (ip addresses can be
> forged).  tcpwrappers allows one to block clients by netaddresses without the
> need for iptables. It's easy and it's clean. Let's stick with tcp_wrappers.
> regards, Thomas

Furthermore, tcp_wrappers is not only about poor man's blocking / 
allowing. For example, vsftpd uses it as a means to load per-ip specific 
configuration files on the fly.

More information about the CRUX mailing list