[apparmor] [patch] libapparmor: add support for ip addresses and ports
Steve Beattie
steve at nxnw.org
Fri Apr 6 18:16:04 UTC 2012
On Fri, Apr 06, 2012 at 05:50:29PM +0000, Seth Arnold wrote:
> Could you explain the ip_addr regex? The {3,} is really confusing me.
That just means a minimum of three characters (in particular for ::1,
the loopback ipv6 interface). Otherwise, [a-f[:digit:].:] matches a-f,
0-9, '.', and ':'. Potentially / should be included in there as well,
but I couldn't generate a log message with an ipv6 address that looked
like that (e.g. "fe80::a00:27ff:fe3c:c567/64" pulled from ifconfig in a
vm).
> I also noticed the English month names in the patch -- will those never be localized?
(Note that that's not added by the patch.) I haven't looked to see
if any of the syslogds support using localized dates. It's possible,
I suppose. I'd hate to have to add support for that in the lexer; I'd
rather see us make the API such that the calling application needs to
strip the date (and the hostname, another fun thing to match against),
and just hand the message from the dmesg stamp onwards.
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20120406/511bfa12/attachment.pgp>
More information about the AppArmor
mailing list