In article <256176126 .
Jeff Williams <williams @
>We're wondering whether or not it is common practice to provide an API so
>that we can create our own proxy applications if we want to. At least one
>vendor has said "No way".
well, TIS Gauntlet (and FWTK) has a "plug-board" proxy that can be used
to proxy a given TCP port (or maybe even port pair).
you could also look into SOCKS.
I'm not sure what the status of skronk and gssapi are, or if they
could be applied to this problem.
>Is it reasonable to expect such an API with a firewall product? What's the
>best way to find out which ones do or do not?
reasonable, sure. realistic, I dunno.
many firewall vendors wish to give out as little info as possible
about the innards of their systems, and users adding things to
those systems is generally not supported.