> Or how about a more focused solution whereby the character '@' in a
> switch name would be replaced by the chain name?
>
> Example:
>
> NFLOG(1,0,1) net fw ; switch=@_foo
>
> would would be the equivalent of:
>
> NFLOG(1,0,1) net fw ; switch=net2fw_foo
>
That is all excellent, though looking a bit into possible feature
expansion/enhancement, where some (other) system/shorewall (internal)
resource/variables could be made available to actions/macros in the
future, you may need to use the "@" character to indicate a
system/shorewall (internal) resource/variable, followed by its name. In
our (the only one, at least for now) use-case, this could take the form
of "@chain".
Possible gotcha, however, is in the case where system variable names and
chain names could accidentally overlap, so to play it safe, you may want
to use the "@chain@" syntax, or something more suitable (one other
possible and very good alternative could be to borrow the bash syntax -
"@{chain}").
To summarise: "@chain" (possible gotchas) and/or "@chain@"/"@{chain}" as
alternatives to avoid overlaps.
Any further resources/variables you wish to make available in the future
(one possible candidate I could think of right now could be the current
log prefix, like "Shorewall:<chain>:<operation>" used in an
action/macros) could easily be expanded to "@something", keeping the
consistency. How's that?
------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
