Re: rfc: gnome-inetd
- From: Alan Cox <alan lxorguk ukuu org uk>
- To: Mark McLoughlin <markmc redhat com>
- Cc: Sean Middleditch <elanthis awesomeplay com>, Desktop Devel <desktop-devel-list gnome org>
- Subject: Re: rfc: gnome-inetd
- Date: Wed, 01 Dec 2004 15:36:06 +0000
On Mer, 2004-12-01 at 07:03, Mark McLoughlin wrote:
> I don't think you want to get too fancy - tcp wrappers abstracts host
> based access control already and its not hard to shut down a daemon when
> its unused.
tcp_wrappers is pretty poor for a lot of things (eg dynamic rule
changes). You'd want the filters in gconf so that you can do
notification of firewall policy changes on the fly. Stripped of the DNS
functions (which are worthless as DNS is not authenticated) it comes
down to if (addr & mask <op> value) so its not hard to reimplement.
] [Thread Prev