From owner-svn-src-all@freebsd.org  Mon Jun  6 17:06:39 2016
Return-Path: <owner-svn-src-all@freebsd.org>
Delivered-To: svn-src-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4DB82B6D816
 for <svn-src-all@mailman.ysv.freebsd.org>;
 Mon,  6 Jun 2016 17:06:39 +0000 (UTC)
 (envelope-from mailing-machine@vniz.net)
Received: from mail-lf0-f46.google.com (mail-lf0-f46.google.com
 [209.85.215.46])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id DA7821C0C
 for <svn-src-all@freebsd.org>; Mon,  6 Jun 2016 17:06:38 +0000 (UTC)
 (envelope-from mailing-machine@vniz.net)
Received: by mail-lf0-f46.google.com with SMTP id s64so98916436lfe.0
 for <svn-src-all@freebsd.org>; Mon, 06 Jun 2016 10:06:38 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:subject:to:references:cc:from:message-id:date
 :user-agent:mime-version:in-reply-to:content-transfer-encoding;
 bh=aiThh3IgYt7zw8DRHreJ8b24E4ujvzOHfcvlHRYkNlk=;
 b=MDn4krqigC6opkJEmRyc5XedZOKEklX4KYUVOFVIKsQr7B0QsHiF7NxKvvKInVw97v
 PyZ8mBsQOoFLWxl0hGn1pRn52ShuGbxeecBwQUBTOpeT0bf1/jKTb5MML4V3GSs+sfWF
 xk7CAmwlNQ7Th2PlDWhbC1zYq2gEzYYF723fxJle2NH2yJdGHggppbLt9dmAlOSZvUuj
 HNzT/5vTKtaprsz4nOWf4v5cTlTJHBndw3ItJHqeVd/crT5TlxPlbQGjdPyN7wmHOZwK
 Gn/TZbtohnlg/Q0Fs0pOfbASclpBoi4K/k1QBClhxuerF4PJpC3eQlvpCj4y5SZWXN+j
 ftWg==
X-Gm-Message-State: ALyK8tIW4LsbzCIKM7Rl/P6/Zf5z7VZsuiRTYa5Tp/0+QMdWhO07QmDjIMkdnPsMcZ4MoQ==
X-Received: by 10.25.206.147 with SMTP id e141mr1346769lfg.138.1465232791472; 
 Mon, 06 Jun 2016 10:06:31 -0700 (PDT)
Received: from [192.168.1.2] ([89.169.173.68])
 by smtp.gmail.com with ESMTPSA id m8sm1969157lfe.15.2016.06.06.10.06.30
 (version=TLSv1/SSLv3 cipher=OTHER);
 Mon, 06 Jun 2016 10:06:30 -0700 (PDT)
Subject: Re: svn commit: r301226 - in head: etc etc/defaults
 etc/periodic/security etc/rc.d lib lib/libblacklist libexec
 libexec/blacklistd-helper share/mk tools/build/mk usr.sbin
 usr.sbin/blacklistctl usr.sbin...
To: Ian Lepore <ian@freebsd.org>, lidl@FreeBSD.org,
 Matteo Riondato <rionda@gmail.com>
References: <201606021906.u52J649H019481@repo.freebsd.org>
 <BC308CA2-2EE2-448A-9641-0BB769045868@gmail.com>
 <90df7c5b-7680-3de0-68ba-ab9bd1c9d73e@FreeBSD.org>
 <1465232404.1188.5.camel@freebsd.org>
Cc: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
From: Andrey Chernov <ache@freebsd.org>
Message-ID: <9aafd3b8-ebe2-5ac8-e91b-31ffed34eff1@freebsd.org>
Date: Mon, 6 Jun 2016 20:06:30 +0300
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101
 Thunderbird/45.1.1
MIME-Version: 1.0
In-Reply-To: <1465232404.1188.5.camel@freebsd.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jun 2016 17:06:39 -0000

On 06.06.2016 20:00, Ian Lepore wrote:
> Probably everyone assumed (like I did) that it would be disabled by
> default, and didn't notice that wasn't the case.  Your response
> indicates the problem with "default enabled"... you mention enabling
> packet filtering in pf.conf, my response is:  WTF is pf.conf and why
> are you assuming I do any kind of packet filtering?
> 
> I have literally dozens of systems here running freebsd, only one of
> them runs ipfw, and most of them are systems with small memory and
> wimpy processors, so why would I want extra do-nothing network daemons
> running on them by default?

As variant, I keep hope blacklist sh helper will teach about ipfw soon,
it looks possible. Then it can be re-enabled by default.