swb@CHUMLEY.TN.CORNELL.EDU (02/28/89)
Folks, I have a special request. Before I start asking Marketing about prices and such, I'd like to know how Engineering feels about doing it, and if perhaps you have any clever suggestions for how to turn my problem into a non-problem. Basically, we have a user department at Cornell who is now very security conscious. They would like to replace their 750 with a p4200 (with 2-3 ethernet interfaces and one Pronet-10 interface), but they want to be sure that no NFS traffic can go in and out through one of those ethernet interfaces. What I'm looking for, then, is essentially IP forwarding **and simultaneously** the sort of "if byte 14 is 0xD7 and byte 23 is 0x7B then throw the packet out" sort of filtering that a good MAC-level bridge can do. We would like to stick with Proteon for the router here, but I don't know of any Proteon products that can do this sort of thing. What do you think *we* should do, and what can *you* do? (To tell the truth, I don't know enough to even be sure that NFS traffic can always be identified.) Thanks much ... Scott
swb@CHUMLEY.TN.CORNELL.EDU (02/28/89)
Huh. That wasn't meant for the whole list. I thought "p4200@proteon" was Proteon's local exploder (it turns out to be p4200-local). Well, as long as we're here, does anyone else have any thoughts? Scott
dek@proteon.com (David E. Kaufman) (02/28/89)
You can also reach proteon by email to bug-cgw@proteon.com, rather than p4200-local. Someone here is supposed to answer mail to bug-cgw, but mail to p4200 is only answered if a user doesn't respond first (and correctly of course). [This is because p4200 is the "independent" users' group list.] I'm sure you get the idea.... David