Firewalls: Re: Firewall API's

Firewalls
(February 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Firewall API's
From:	bressen @ hks . net (Andrew K. Bressen)
Organization:	HKS.net
Date:	5 Feb 1996 04:49:06 -0500
To:	firewalls @ bb . hks . net
References:	<256176126 . 339531179 @ va . arca . com>

In article <256176126 .
 339531179 @
 va .
 arca .
 com>,
Jeff Williams <williams @
 va .
 arca .
 com> wrote:
>We're wondering whether or not it is common practice to provide an API so
>that we can create our own proxy applications if we want to.  At least one
>vendor has said "No way".

well, TIS Gauntlet (and FWTK) has a "plug-board" proxy that can be used 
to proxy a given TCP port (or maybe even port pair). 

you could also look into SOCKS.

I'm not sure what the status of skronk and gssapi are, or if they
could be applied to this problem.

>Is it reasonable to expect such an API with a firewall product? What's the
>best way to find out which ones do or do not?

reasonable, sure. realistic, I dunno.
many firewall vendors wish to give out as little info as possible
about the innards of their systems, and users adding things to
those systems is generally not supported.

References:

Firewall API's
From: williams @ va . arca . com (Jeff Williams)

Indexed By Date	Previous:	Re: Mandatory protection (was: product selection) From: Rick Smith <smith @ sctc . com>
Indexed By Date	Next:	Re: NFS services and firewalls From: Darren Reed <avalon @ coombs . anu . edu . au>
Indexed By Thread	Previous:	Firewall API's From: williams @ va . arca . com (Jeff Williams)
Indexed By Thread	Next:	Re: Firewall API's From: Frederick M Avolio <avolio @ trusted . com>