[sf-lug] Cheswick&Bellovin

Rick Moen rick at linuxmafia.com
Sun Aug 19 18:49:51 PDT 2007


Quoting Alex Kleider (a_kleider at yahoo.com):

> I thought I was getting the 2nd edition but what I have makes no
> mention if which edition it is so I assume it is the first (copyright
> 94)
> Topology schematic on page 87

That would seem to refer to Figure 4.1 in chapter 4, in the first
edition.  Section 4.2 starts out:

"We have used three general application gateway configurations. They are
shown in Figure 4.1. [...]"

There you have it:  _application_ gateways.  The authors are talking,
here, about network proxy services operating at the application layer of
the standard OSI networking model.  As I mentioned, the standard
commodity example of an application-level proxy gateway is "SOCKS".

So, a network application on the inside of the gateway would submit its 
request to the proxy for that network service.  The proxy would generate 
a corresponding service request on the public network side of the
gateway.  And so on.  

Chapter 3 described how such things (application gateways) work, and
distinguished them from packet filtering and from circuit gateways.

You may not ever encounter (or _know_ you've encountered) an
application-level proxy gateway, let alone construct one, but it might
repay your effort to learn how they work.





More information about the sf-lug mailing list