On Sat, Jul 16, 2011 at 3:23 PM, Loui Chang <louipc.ist@xxxxxxxxx> wrote: >> > On 07/16/2011 08:06 PM, Peggy Wilkins wrote: >> >> The annoucement suggests that a major reason for dropping support is >> >> that it is "confusing" to end users. An easy solution to that is to >> >> make a default hosts.allow file that says "ALL : ALL : ALLOW" out of >> >> the box. Then those of use wanting to simply restrict access (useful >> >> in many scenarios) can change that default as needed. > > I think it makes sense to have only one place to control traffic, makes > things a little simpler. tcp_wrappers is like a helper program for > beginner users to control traffic, but you can most likely find a > program that would help beginners to create iptable rules. I don't use > them so I can't advocate any particular program though. I haven't used it myself, but Uncomplicated Firewall (UFW) is available in the Community repository and looks like a simple alternative way to get going. https://wiki.archlinux.org/index.php/Firewalls#ufw ...and there are a handful of other similar firewall configuration tools listed on that page as well. Just thought it might be useful to point out for people following this thread. -- Aaron Bull Schaefer http://elasticdog.com/