[128899] in North American Network Operators' Group
Re: (cisco, or any) acl *reducers* out there?
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Thu Aug 19 15:02:23 2010
In-Reply-To: <alpine.BSF.2.00.1008191414290.13957@iguana.reptiles.org>
Date: Thu, 19 Aug 2010 15:02:12 -0400
From: Christopher Morrow <morrowc.lists@gmail.com>
To: Cat Okita <cat@reptiles.org>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Thu, Aug 19, 2010 at 2:18 PM, Cat Okita <cat@reptiles.org> wrote:
> On Thu, 19 Aug 2010, Christopher Morrow wrote:
>>
>> this paper, while full of math and graphs and sh*t, doesn't make my
>> acl management simpler, clearer or more complete... I keep trying to
>> push my acls through the paper, no joy yet.
>>
>> there's code or something somewhere that implements the algorithms and
>> graphs and sh*t that the paper shows in a pretty fashion?
>
> Heh. =A0Of course there's code associated with it -- how else would we ha=
ve
> managed to come up with numbers from practical application :P
oh! I thought perhaps on them fancy HP 37 calculators?
Seriously though, in a brief read I saw it talking about checkpoint
firewall policy stuff... does the code include compiling to meta-state
the policy? does it handle policy from things other than checkpoint?
(like juniper router firewall syntax and pix and cisco acls?)
> OTOH, without some idea of whether it's what he had in mind, it's
> pointless to push the battle to go anywhere with it.
>
> There are certainly some commercial products that do what he seemed to be
> asking about, as well -- but I'm failing to find references to them just
> now (nothing like illness and deadlines).
>
>> (btw, you owe me some neosporin to take care of all the paper cuts)
>
> I've got some lovely iodine... :P
excellent! I love purple skin!
-chris
> cheers!
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> "A cat spends her life conflicted between a deep, passionate and profound
> desire for fish and an equally deep, passionate and profound desire to
> avoid getting wet. =A0This is the defining metaphor of my life right now.=
"
>
