Colin Campbell wrote:
> I believe they can only do this by supporting transparent proxies and
> that requires kernel hacks which is why Gauntlet (on BSDI only?) supports
> it and the toolkit doesn't. It is in essence nothing more than a router
> filter, restricting access to certain addresses (1.2.3.*).
You're quite right. The many-to-many feature is only possible for
outgoing access with the Gauntlet using the transparency feature.
The transparency is available on all platforms, not only BSD/OS.
I won't use the comparison with a router filter since the Gauntlet
is a real Application Gateway opening only one client port for
a connection (whereas a router filter would allow all >1024 port #).
But you're right to use this comparison to explain the functionnality.
______________________ Jean-Francois Zwobada ____________________
Apogee Communications Tel : +33 (1) 69 85 56 47
Parc Club Universite Fax : +33 (1) 69 85 56 48
28, rue Jean Rostand
91893 ORSAY Cedex e-mail : zwobada @