The reason is that it's very rarely used and has a history of issues.
replyI'd have guessed that the default paranoia-first policy would be "drop everything; verify what you need" which would include AF_ALG.
replyshare and enjoy!
>might as well block every socket and just multiplex everything on stdin/out
replyYou may be on to something…