logs-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Logs-devel] questions

From: Jim Prewett
Subject: Re: [Logs-devel] questions
Date: Tue, 23 May 2006 17:00:02 -0600 (MDT) 
I've just committed the changes that Vijay is recommending.  Thanks Vijay!

Jim

James E. Prewett                    address@hidden address@hidden 
Systems Team Leader           LoGS: http://www.hpc.unm.edu/~download/LoGS/ 
Designated Security Officer         OpenPGP key: pub 1024D/31816D93    
HPC Systems Engineer III   UNM HPC  505.277.8210

On Tue, 23 May 2006, Vijay Lakshminarayanan wrote:

> Hi Jim
> 
> A few random questions about LoGS.  These are just questions that
> occured to me when reading the code.  If they're irrelevant,
> fundamentally wrong (because of my poor understanding of lisp etc.),
> there's actually a good reason behind the current scheme (no pun
> intended), or something else where my question is unnecessary, feel
> free to ignore it.
> 
> First off, what I feel is a peep-hole optimization:
> 
> Why is the LoGS-debug macro defined as
> (defmacro LoGS-debug (message &rest rest)
>  `(when +debug+
>     (format t ,message ,@rest)))
> 
> and not
> 
> (defmacro LoGS-debug (message &rest rest)
>  `(when ,+debug+                       ; notice the comma
>     (format t ,message ,@rest)))
> 
> In Parlance.lisp, for MATCH-REGEXP-BINDING-LIST
> 
> I think you meant:
> 
> OLD:
> !        (when matches
> !          (let ((sub-matches (copy-array-add-zeroeth-element
> sub-matches matches)))
> !            (unless (eql (length sub-matches) (length binding-list))
> !              (error "binding and match length mis-match~%"))
> 
> NEW:
> +      (when matches
> +        (let ((sub-matches (if use-full-match
> +                               (copy-array-add-zeroeth-element
> +                                sub-matches matches)
> +                               sub-matches)))
> +          (unless (eql (length sub-matches) (length binding-list))
> +                (error "binding and match length mis-match ~A ~A~%"
> +                       sub-matches binding-list))
> 
> btw, how do you use this function?
> 
> I tried
> (let* ((message (make-instance 'message :message "one(two)(three)four"))
>       (rule (make-instance
>              'rule
>              :match (match-regexp-binding-list "one(two)(three)four" '($1 $2))
>              :actions
>              (lambda (message matches sub-matches)
>                (declare (ignore message matches sub-matches))
>                (format t "at least it matched.")
>                ;; How do I refer to that $1 and $2 above?
>                (list (list '$1 '$2)))))
>       (ruleset (make-instance 'ruleset)))
>  (enqueue ruleset rule)
>  (check-rule ruleset message))
> 
> Why doesn't this match?  And how do I use the bindings made?
> 
> This question is _really_ nitpicking, but I'm curious: Why are the
> defgenerics for CHECK-RULE and CHECK-RULES the exact opposite in
> order?
> 
> (defgeneric check-rule  (rule    message)) and
> (defgeneric check-rules (message ruleset))
> 
> I have some more.  I'll ask them later.
> 
> I also have an incomplete mail in which I'm comparing SEC rules vs
> LoGS rules.  Before I actually finish writing all of that and getting
> to work on the macro ideas I have (most of which you've already
> implemented in Parlance.lisp).
> 
> Will get back with more.
> 
> Thanks
> Vijay Lakshminarayanan
> 
> 
> _______________________________________________
> LoGS-devel mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/logs-devel
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]