On Mon, 05 Jun 2006, martin f krafft wrote:
> also sprach Yaroslav Halchenko <[EMAIL PROTECTED]>
> [2006.06.05.0308 +0200]:
> > Let me summarize whatever you are asking (if I got it right): * add
> > fwstart_after fwend_before rules into general configuration since
> > you don't want to modify default shipped configuration file. is
> > that correct?
> not general configuration, but per-service.
sorry for not being clear. By "general configuration" I meant the one
which I ship along with the package. Otherwise you have now
ability to modify anything you want up to your taste in the config file.
And interpolations natively provided by config file parser can be of
great help to shortcut some definitions.
> > I am not sure if addition of new fwstart_/end_* rules is
> > reasonable since they can be easily placed into the fwstart/end
> > definitions and be "tuned" using interpolations based on redefined
> > per sections parameters (like port, protocol now)
> but what if i want all my service to use rules A, B, C, but only
> service X should use A, B, D, C ?
well -- that is quite a customization (ie rarely used thus shouldn't be
provided by default for everyone in the shipped config file) but you can
define
fwban_A =
fwban_B =
...
fwban = %(fwban_A)s
%(fwban_B)s
...
and in some section override fwban definition to include fwban_D as
well... Interpolations rule...
So it seems that everything is "solvable" at the moment as soon as we
get split config files so users could easily override default actions
without mangling shipped config file. Do you agree? if so I would like
to retitle bug so it reflects that...
--
Yaroslav Halchenko
Research Assistant, Psychology Department, Rutgers-Newark
Office: (973) 353-5440x263 | FWD: 82823 | Fax: (973) 353-1171
101 Warren Str, Smith Hall, Rm 4-105, Newark NJ 07102
Student Ph.D. @ CS Dept. NJIT
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
