You provide no concrete reasoning for your speculations, and I think that you're wrong.
What speculation? That the basis of networking is how specific machines' interfaces are linked, be it at layer 2 or layer 7? This kind of hand-waving really makes me itch for ad-hominem attacks, but I'm going to thus far resist.
You're saying that the world's largest firewall vendor only account for 90% of their customer's security? I think you're wrong here, too :-).
No, I'm saying that any level of indirection is going to cover up edge cases and make them impossible to deal with - this is the reality of programming. Under the covers, regardless of what you think is happening, some poor sod at CheckPoint has programmed some arguably intelligent code that does it's best to translate your your intent from the GUI into an interface-based ruleset. If you don't think that's true... well, I can't help you there. I'd impolitely suggest a hike, but we need all types, be they assembly warriors or PHBs. Ick. Maybe not the latter.
I officially consider you slightly insane now, hehe. Or at the least, you have way too much free time on your hands :-).
Clinically insane - I have the papers and take the medicine. It's [iptables] what I know and what I like, and has all the edge cases I can possibly think of covered. If for some reason it doesn't, I go download the latest patch-o-matic tarball and insert what I need. RB --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
