snowcrash+sa writes: > > it's compiled C code, so whatever affects portability of that will > > affect compiled rulesets too. > > likely depends on choices of compile-time optimization, i think. > > need to read up, and check if/what presumptions are made by sa-compile > process. > > i've cross-compiled across different arch's within a CPU family before, > so that's not an issue. i've *not* done so across different CPUs (e.g., > PPC vs x86), so that'll need some investigation.
I think either different family, or different CPU arch, will be a problem to be honest... > assuming 'all that' gets ironed out, is it sufficient to simply 'push' > the "/compiled" dir's contents to each box -- with a HUP of SA, i'd > guess? or does each SA instance need to be otherwise 'informed' of the > presence/change of compiled rules/files? Yep, with a HUP. --j.
