On 01/10/2011 18:20, Tom Eastep wrote:
> On Oct 1, 2011, at 9:18 AM, Ed W wrote:
>
>> On 01/10/2011 15:21, Tom Eastep wrote:
>>> 2) With the preceding change, the rules file now has 14 columns. That
>>> makes it awkward to specify the last column as you have to insert
>>> the correct number of '-' to get the right column.
>>>
>>> To make that easier, it is now allowed to terminate the
>>> column-oriented format with a semicolon (";"), and then specify
>>> addition columns using a column-name=value format. See
>>> http://www.shorewall.net/configuration_file_basics.htm#Pairs for
>>> details.
>>>
>> Before this is released could I ask you to look over the JSON syntax? eg
>> http://en.wikipedia.org/wiki/JSON
>>
>>
> Ed,
>
> For the last time, I am NOT going to adopt a markup language for the
> Shorewall configuration. Get used to the idea.
But you just *did* adopt a markup language - that's my point. Every
config file format is just an arbitrary markup format
Look, I seem to have come across as being hostile - please read these
suggestions as genuinely just trying to help get things nailed down in a
future proof way? Personally I think I prefer the existing column
orientated format, so please don't misunderstand!
> What I have done for RC 1 is eliminate the need for the columnar format. Here
> is an example of a blacklist file:
>
> ;proto=udp port=1024:1033,1434,5948,23773
> ;networks=221.192.199.48
Sure - I'm just highlighting that the above is already an abitrary
"markup" and you might want to consider if it's optimal before
committing to it... If it is, then no complaints here...
Consider two other interesting alternatives (not claiming either is
*better*, just alternatives)
Perl style:
proto=>udp, port=>1024:1033,1434,5948,23773
networks=>221.192.199.48
or
"web" style
{proto:"udp" port:"1024:1033,1434,5948,23773"},
{networks:"221.192.199.48"},
Both have pros and conns. Just highlighting some existing ideas really?
Perl style feels natural to me
With regards to your current key=value markup, a couple of things occur
to me that might be nice to decide on while it's new:
1) You are using whitespace as the break between value and the next key.
Some people will assume that a comma is necessary (comma separated
values being probably at least as common, possibly more common). Do we care?
2) I don't know if there are currently any values which might contain
spaces, however, it seems something that may happen in the future. I
couldn't quickly see whether the current config file allows something
like key="value with spaces", but is that something you might want to allow?
Look, don't misundertand. All I'm saying is that personally I see
little difference between
;key=value key2=value
or
;key="value", key2=value
or
;key=>value, key2=value
or
{key:value, key2:value}
...By all means pick your favourite. All I'm asking is if you looked at
all the options? They all seem fairly similar to my eye...
Note, I think the current column format is quite nice (I haven't tried,
but I bet it's quite easy to edit using OpenOffice/Excel?). Is it
possible to produce a VIM syntax that makes the config files easier to
edit? (Not a vim expert, but it would seem that such a thing could
largely eliminate editing issues?)
All the best
Ed W
------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2dcopy2
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
