[Discussion] Configuration file conditional preprocessor
Victor Julien
lists at inliniac.net
Fri Feb 13 09:44:58 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Martin Fong wrote:
> Victor,
>
>> I understand your goal and I like it. However one of our goals is
>> to make the configuration & tuning less complex. Adding this type
>> of complexity could conflict with that goal. On the other hand just
>> having to configure one config that could be deployed everywhere in
>> your organization may make it simpler again... thoughts?
>
> The complexity of a configuration file is subject to its design and
> implementation, and I assert that the addition of conditional
> processing directives, whose use is optional, neither fosters nor
> hinders this complexity. However, like multiple inheritance in OOPLs,
> you'll seldom need it, but when you do, the workarounds are both
> inconvenient and ugly.
You're right about that Martin, I just fear it will increase
implementation complexity quite a bit for just a very small group of
users. But maybe it's worth it.
Does anyone have ideas about what kind of configuration format to use? I
think it should be:
- - easy to edit by humans
- - easy to parse by programs
- - preferably be (similar to) something ppl already know
I think Snort3 is going to use Lua for example. ModSecurity uses Apache
style configuration.
Regards,
Victor
- --
- ---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
- ---------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkmVQRoACgkQiSMBBAuniMcddACeOxnS1WmFpO9XWoaua5Yj7FuP
FHQAnAkSrnzTCIYAchePywpd1TE6lcHk
=qOiC
-----END PGP SIGNATURE-----
More information about the Discussion
mailing list