From owner-svn-src-head@freebsd.org  Mon Jun  6 18:03:34 2016
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id DE26EB6D60A;
 Mon,  6 Jun 2016 18:03:34 +0000 (UTC)
 (envelope-from allanjude@freebsd.org)
Received: from mx1.scaleengine.net (mx1.scaleengine.net [209.51.186.6])
 by mx1.freebsd.org (Postfix) with ESMTP id BEA77139B;
 Mon,  6 Jun 2016 18:03:34 +0000 (UTC)
 (envelope-from allanjude@freebsd.org)
Received: from [10.1.1.2] (unknown [10.1.1.2])
 (Authenticated sender: allanjude.freebsd@scaleengine.com)
 by mx1.scaleengine.net (Postfix) with ESMTPSA id CF694D374;
 Mon,  6 Jun 2016 18:03:32 +0000 (UTC)
Subject: Re: svn commit: r301226 - in head: etc etc/defaults
 etc/periodic/security etc/rc.d lib lib/libblacklist libexec
 libexec/blacklistd-helper share/mk tools/build/mk usr.sbin
 usr.sbin/blacklistctl usr.sbin...
To: Nathan Whitehorn <nwhitehorn@freebsd.org>, lidl@freebsd.org
References: <201606021906.u52J649H019481@repo.freebsd.org>
 <BC308CA2-2EE2-448A-9641-0BB769045868@gmail.com>
 <90df7c5b-7680-3de0-68ba-ab9bd1c9d73e@FreeBSD.org>
 <1465232404.1188.5.camel@freebsd.org>
 <9aafd3b8-ebe2-5ac8-e91b-31ffed34eff1@freebsd.org>
 <1465233764.1188.9.camel@freebsd.org>
 <ab8b6207-bceb-f5a8-3db8-69cd344677df@freebsd.org>
 <e8d06c17-cb12-bf85-4e44-cb25e8b97e9f@freebsd.org>
Cc: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
From: Allan Jude <allanjude@freebsd.org>
Message-ID: <e936ae7c-71ff-7a2f-200b-811c5cc851bc@freebsd.org>
Date: Mon, 6 Jun 2016 14:03:32 -0400
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101
 Thunderbird/45.1.1
MIME-Version: 1.0
In-Reply-To: <e8d06c17-cb12-bf85-4e44-cb25e8b97e9f@freebsd.org>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jun 2016 18:03:35 -0000

On 2016-06-06 13:50, Nathan Whitehorn wrote:
> 
> 
> On 06/06/16 10:25, Andrey Chernov wrote:
>> On 06.06.2016 20:22, Ian Lepore wrote:
>>> On Mon, 2016-06-06 at 20:06 +0300, Andrey Chernov wrote:
>>>> As variant, I keep hope blacklist sh helper will teach about ipfw
>>>> soon,
>>>> it looks possible. Then it can be re-enabled by default.
>>> No, it should still not be enabled by default.  Maybe it should be
>>> enabled in response to some question in the installer, or maybe even
>>> better, enabled only if some firewall software that understands it is
>>> also enabled.  But afaik, all the available firewalls are disabled by
>>> default in defaults/rc.conf, and this should be too.
>> BTW, it is good idea: to check first, is supported firewall enabled, and
>> only then enable blacklistd by default.
>>
>>
> 
> Like many others, I think it shouldn't be enabled by default ever, even
> though it is a useful thing and a service that should be in the small
> checklist in the installer. FreeBSD has *no* daemons enabled by default
> except devd and a local sendmail and, since this particular feature is
> one that many people don't want, this is the wrong time for an expansion
> of that list.
> 
> (Thanks for adding this to the system, though, and thanks for changing
> the setting!)
> -Nathan
> 

I will add it to the list of services in the installer @ BSDCan.

-- 
Allan Jude