I was reading through the config files, and noticed that many of them would be well suited by being replaced or supplemented with an (optionally optional) shiny new XML format that would allow the user to specify only the needed attributes and not have to fill in -s where not needed. Would prevent such mishaps as 1-too-many or 1-too-few -s resulting in entries being placed in the column, and as I understand it perl already has simple to use XML tools. Complicated files may end up longer in some cases, but overall specification of rules would be.. simpler to write and understand, if a bit more verbose. Examples:
<rule> <action>DNAT</action> <source>net</source> <dest>loc:10.0.0.1</dest> <proto>tcp</proto> <port>80</port> <mark>88</mark> <!-- this is the line that makes it simpler --> </rule> <!-- also, reading this in a console is a lot more intuitive when you come back 6 months later than an ass-ton of columns with no header information (because it's three page-ups away, not because it's deleted, obviously --> ------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2dcopy2 _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
