rpcbind & TCP wrappers

[Alexander Motin]

Hi.

I've made benchmark to test rpcbind performance and discovered very 
interesting numbers: on my test machine our present rpcbind is able to 
handle only 12K RPCs per second, but building it without TCP wrappers 
(libwrap) improves performance to 116K RPCs/sec. Obviously hosts.allow 
parsing for each RPC is too expensive. Since rpcbind output is often 
cached by the clients it may be not so huge problem, but still 10x 
difference IMO worth some decision to be made there.

I've talked to several people and they agree that it is not very useful 
to protect rpcbind since it is any way effectively read-only for other 
hosts in default configuration. Since I expect some people may still 
want it I've implemented patch disabling TCP wrappers in rpcbind by 
default, but introducing new command line option -t to easily restore 
functionality when needed: http://people.freebsd.org/~mav/libwrap.patch

Any comments or objections?

-- 
Alexander Motin