Path: utzoo!attcan!uunet!snorkelwacker!apple!sun-barr!decwrl!mogul
From: mogul@decwrl.dec.com (Jeffrey Mogul)
Newsgroups: comp.dcom.lans
Subject: Re: Smart filtering within a protocol on bridge/router?
Message-ID: <233@jove.dec.com>
Date: 21 Nov 89 00:35:04 GMT
References: <2598@aecom.yu.edu>
Organization: DEC Western Research
Lines: 16

In article <2598@aecom.yu.edu> glen@aecom.yu.edu (Glen M. Marianko) writes:
>Anyone ever hear of a bridge or router that can filter traffic within
>a protocol.  Like tell the box to "filter all TELNET traffic" or
>"allow only SMTP traffic" either globally or for individual nodes.
>Granted, this is rather esoteric - but security is the concept
>here.

You might be interested in my paper "Simple and Flexible Datagram
Access Controls for Unix-Based Gateways" in the Proceedings of the
Summer 1989 USENIX Conference.  The system described allows you
to do exactly what you are asking for; it is not such an esoteric
request.

Note that this paper describes a research system, not a product.

-Jeff