https://bugzilla.novell.com/show_bug.cgi?id=272516 ------- Comment #2 from s.handgraaf@xs4all.nl 2007-05-09 04:46 MST ------- (In reply to comment #1)
ident is not dropped by default to avoid timeouts with e.g. SMTP and IRC servers. I don't know whether such broken SMTP servers are still common. On IRC servers at last the misbehavior of quering ident still seems to be used. So I'll keep the current default configuration for another few releases.
Is there any motivation to make this as only port by default reject while others are droped from a security perspective? As I mentioned, imho in the first place a firewall is here to protect. Starting with the motivation it might be needed for some users since some unknown percentage can have some minor trouble does not fit common security perspective. I think the only good reason to put a default reject in is if users truely need this en mass. That is also why all other ports are droped by default. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.