>> Has anyone got any ideas on how one would get Apple Ethertalk
>> protocols through a firewall setup or provide any compeling
>> reason why doing so would be an extremely bad idea?
>Well, for one thing, AppleTalk protocols over Ethernet are not IP, so
>IP firewalls will have no effect. If, however, you are encapsulating
>AppleTalk in IP, you will have to get a firewall or tunneling software
>that is smart enough to filter on specific AppleTalk services.
>You cannot, of course, filter on specific AppleTalk node addresses. Rather,
>you will have to filter out Networks, Zones or Name Binding Protocol names.
>For services, you will have to filter based on Datagram Delivery Protocol
>socket IDs. I'm not sure if there is a published list of these, but
>you may want to check out some of the Mac FTP archives like info-mac.
>I am not aware of any products that do any of this currently, but it's
>not an easy prospect.
> Communications Engineer
KarlNet of Columbus, Ohio (614)-263-5275 http://www.karlnet.com
Has a product called KarlBridge, which essentially is a PC with two
Ethernet cards nicely packaged into a stackable filtering Ethernet Bridge
(Brouter software is optional) that can filter on AppleTalk, Novell, IP,
I've had an evaluation unit here in our lab for several weeks now.
Overall I like the unit for its hardware simplicity and price/performance,
though there are some kinks in the filter configuration GUI that could come
back to bite someone who doesn't configure and then *test* to ensure it's
behaving as intended - something you should do after setting up any
set of filter rules anyway. If you have a need to be filtering on these
protocols, it's certainly worth a look.
Standard Disclaimer: Neither I nor SAIC are affiliated with KarlNet in any
way other than having this eval unit which we are now in the process of
purchasing for inclusion in our firewall / networking lab.
Stephen Goldstein steveg @
My first computer: A 24K Atari 800, Rev. A ROMS, November 1980
Disclaimer: That's not what I said.