I also use the hosts.allow and hosts.deny files. It's a shame that support for them will be removed. It's easier than iptables. -- vic@xxxxxxxxxxx :: http://vic.demuzere.be :: PGP: 0x6690CF94 My software never contains bugs, it just develops random features. Sent from my phone, please excuse my brevity. On Jul 16, 2011 7:06 PM, "Peggy Wilkins" <enlil65@xxxxxxxxx> wrote: > I am an end user who is very unhappy about the removal of this option. > I didn't even know dropping tcp_wrappers was under consideration; had > I known that I would have spoken up with my vote against removing > support. > > The annoucement suggests that a major reason for dropping support is > that it is "confusing" to end users. An easy solution to that is to > make a default hosts.allow file that says "ALL : ALL : ALLOW" out of > the box. Then those of use wanting to simply restrict access (useful > in many scenarios) can change that default as needed. > > IMO for users who want to use this feature, the burden is on the end > user to find which services support tcp wrappers and which don't. A > default "allow" policy makes this simple. > > Surely I'm not the only tcp wrappers user out there. I will sorely > miss this option and strongly wish it to remain.