* Michael Ströder:
Hmm, I will drop it since the same functionality can be easily achieved on this platform by using local kernel firewall.
The DNS-based access rules are not available as part of the kernel firewall. For some odd reasons, a lot of people think this tcpwrappers feature is insecure, but it seems a rather convenient way to get *additional* security in cases where you have proper reverse lookup (with matching forward lookup) and fragmented address space that does not lend itself easily to writing access rules.
But as I said, this goes against accepted wisdom, so these additional filters probably don't make it through security audits, and carrying along this support at the tool level does not make much sense anymore:
https://lists.fedoraproject.org/pipermail/devel/2014-March/196913.html