On Fri, 26 Oct 2007, Nigel Frankcom wrote: > On Fri, 26 Oct 2007 09:43:37 -0700 (PPT), "John D. Hardin" > <[EMAIL PROTECTED]> wrote: > > >On Fri, 26 Oct 2007, Duane Hill wrote: > > > >> > But people don't read logs, or they would know... I'd suggest die-ing > >> > instead. > >> > >> Why not make it a configurable option in local.cf defaulting to > >> die. That way for those of us who create custom .cf files that > >> have the system resources can do so and not have to split them up > >> into more than one file. > > > >No, the size-to-die-at should be configurable, not whether you die or > >warn. If you *want* to support large custom config files, then up the > >limit. > > Perhaps a little more info about each rule would be helpful? I've > ended up with mine through a variety of trial and error and list post > comments and suggestions.
Huh? We're discussing adding a capability for limiting rules file sizes, so that things like blacklist.cf can be made obviously painful. This isn't about individual rules - though I suppose if you tried hard enough you could write a 50kb RE... Is that what you were commenting on? Here's my topical comment: in addition to globally upping the limit, perhaps an explicit per-filename size limit bypass as well? CONFIG_FILE_SIZE_LIMIT 100kb ACCEPT_LARGE_CONFIG_FILE generated_rules_01.cf -- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ [EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- ...the Fates notice those who buy chainsaws... -- www.darwinawards.com ----------------------------------------------------------------------- 5 days until Halloween
