Hi Lynn and others: > This is exactly what I have had in mind..... I'm still working on the > database/variable file for my own testing. The only problem with this > idea is that it modifies existing packages (substution variables),
No it doesnt. Standard config files can be kept as they are and so the corresponding packages. BUT you need to create a whole buch of templates to "build" those files with this sytem and of course the template core itself. That means, if you dont want to, you dont need to use this system and can keep working the old way. > but it > nullifies the need to generate all the needed conf files saving tons of > space and re-packaging as well. You will need extra space for templates (they could be compressed if needed but in such case you would need to add some editor capable of uncompressing on the fly and the system itself should be able to do so) and templates sytem. In our case, Lince is designed to be run in a Compact Flash and space is no so criticall, but we have decided to keep the template system in the client (but the templates will be stored in the firewall). This is how it goes: 1) The user starts a JAVA application on the client. 2) This application connects to the firewall by ssh 3) It gets the database file and the templates 4) Trough a graphic front end you can configure the system 5) The new values are stored in the database file in the client 6) The new config files are built in the client 7) The files are copied back into the firewall (scp) 8) Services are restarted as needed Three comments: 1) Why storing the templates in the firewall? Well, if you make some customization (modifing the templates) you just want to access the system with those changes without the need to keep a copy of such modifications locally or asking the user to use his system. As the templates are downloaded from the real system, you have an up to date view of it. 2) Why not everything in the firewall? I guess this will be possible if the system ends up using few space, but we dont know that yet. Also, it gives you the chance to manage a lot of firewalls from the same console. Also, this could be done embedding a web server in LEAF capable of modifing the database file and executing the needed actions securelly. It was just a choice, we know others can be used. 3) There will be an "advanced option" that will let you edit the files trough the JAVA application, the rebuild the system. > These methods will work with *any* front-end and eliminate a lot > of common errors that are made via hand-editting. Indeed !!! This is a very much appreciated side effect of the system. Once templates work, very few typos get in the way :) Regards. -- Jaime Nebrera Herrera [EMAIL PROTECTED] ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
