[fw-wiz] E-soft Interceptor (what fun!)

Tim O'Brien tjobrien@hiwaay.net
Wed, 12 Apr 2000 00:58:13 -0500

I've been lurking for a while, and thought I'd post something finally...

At my place of employment, we have a nice FreeBSD packet-filtering proxy
(fwtk) that gets us to the 'net. This thing works GREAT. Problem is,
logging. Yes, I know it logs just fine. But it's not the angry-fruit-salad
colorful barrage of graphics management wants to see. After all, how can
you impose narcissistic Internet policy if you can't understand the logs of
who's-doing-what? Because of this (and the "thou shalt not write any
special software" decree), I'm trying to set up an E-soft Interceptor unit.
It should be decent, as it's a BSDI box with essentially the same
capabilities as the current box. Just a lot more expensive :(

The fun part is getting the thing to do what I want. My DNS is split,
there's an internal smart-host for Email, and two load-sharing outside
mailservers, one of which also allows FTP. The GUI for the firewall (html
type) isn't at all intuitive (sucks, frankly). Getting the current (big)
ruleset into this jobbie is going to be a bear. 

I guess the question is: Does anyone else have one of these puppies
running? Anyone know of an easier way to get the rules in rather than a
cumbersome html GUI? I think once it's in place and running, this unit will
be fine. Until then, I'm pretty sure this is going to be painful.


Tim O'Brien <tjobrien@hiwaay.net>

OAsys Engineering
Madison, AL 35757