[apparmor] [patch] libapparmor: add support for ip addresses and ports

John Johansen john.johansen at canonical.com
Fri Apr 6 21:54:15 UTC 2012


On 04/06/2012 11:16 AM, Steve Beattie wrote:
> On Fri, Apr 06, 2012 at 05:50:29PM +0000, Seth Arnold wrote:
>> Could you explain the ip_addr regex? The {3,} is really confusing me.
> 
> That just means a minimum of three characters (in particular for ::1,
> the loopback ipv6 interface). Otherwise, [a-f[:digit:].:] matches a-f,
> 0-9, '.', and ':'. Potentially / should be included in there as well,
> but I couldn't generate a log message with an ipv6 address that looked
> like that (e.g. "fe80::a00:27ff:fe3c:c567/64" pulled from ifconfig in a
> vm).
It won't ever generate an address with a mask at least currently.  If your
curious its using the ip6_compressed_string fn from lib/vsprintf.c in the
kernel which supports
  http://tools.ietf.org/html/rfc5952

> 
>> I also noticed the English month names in the patch -- will those never be localized?
> 
> (Note that that's not added by the patch.) I haven't looked to see
> if any of the syslogds support using localized dates. It's possible,
> I suppose. I'd hate to have to add support for that in the lexer; I'd
> rather see us make the API such that the calling application needs to
> strip the date (and the hostname, another fun thing to match against),
> and just hand the message from the dmesg stamp onwards.
> 
right the lexer is the wrong place



More information about the AppArmor mailing list