Re: Opinion: Worst interface ever.

["Marcus J. Ranum" <mjr () ranum com>]

Paul D. Robertson wrote:
> I don't mind the optimization[1], I mind the fact that the UI won't tell
> me how the rules are optimized

That's the beauty of it. It can't. The UI can tell you the ruleset that
it gave the ASICs but the ASICs are gonna do what the ASICs decide
to do. And they're gonna be too busy, you know, passing packets
really FAST, to bother figuring out how to tell the UI what ruleset
they chose to enforce. Sure, you could put the optimization algorithm
up in software, too, so the UI could show you "this is what I think the
ASICs are doing.." but then valuable intellectual property (the
optimization algorithm) would be exposed in software where it could
be examined. Can't have that!

UI: "Here are some rules. Run them. Run them FAST"
ASICs: "OK. Here I go. I'm doing stuff."
UI: "What 'stuff' are you doing."
ASICs: "Sorry, I'm afraid I can't tell you that."
UI: "What do you mean? 'you can't tell me that'?"
ASICs: "Shut up, I'm busy shovelling packets. Hi ho, hi ho,...."
UI: "Hey! HEY! Did you 'optimize' those rules I gave you?!'"
UI: "Hello?"

mjr. 

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards