The documentation indicates that tcp wrappers' /etc/hosts.allow can be used if no firewall is installed on the system (see URL). There is no way to select this with the current ebuild, so iptables is always a dependency on linux systems. Just thinking for linux, but maybe the 'tcpd' and 'iptables' USE flags could be options.
Created attachment 335890 [details, diff]
Hm, it's not so simple, as i thougth. Attach draft patch. Please review it carefully. And after applying we should mask 'iptables' USE-flag of sshguard package at least on all *BSD-systems.
Also, i am not happy with 'kernel_FreeBSD? ( !tcpd? ( !ipfilter? ( sys-freebsd/freebsd-pf ) ) )'. Probably we should add 'pf' USE-flag too and get rid of that.
(In reply to comment #1)
> Also, i am not happy with 'kernel_FreeBSD? ( !tcpd? ( !ipfilter? (
> sys-freebsd/freebsd-pf ) ) )'. Probably we should add 'pf' USE-flag too and
> get rid of that.
Yeah, i reviewed my patch once more - it broke using of pf backend on *BSD systems. So, adding 'pf' USE-flag is definitely needed