argus command-line parameter handling
Chris Russel
russel at yorku.ca
Fri Jun 14 15:32:57 EDT 2002
On Fri, 14 Jun 2002, Carter Bullard wrote:
> I think the problem is that the Argus project is
> going to provide maximum flexibility, rather than trying to
> keep the user from shooting themselves.
I completely agree with this philosophy and I don't think that's a
problem. I think this problem falls into the hidden/undocumented
behaviours category. Maybe my message will help with the documentation
aspect.
My vote is to not load the default config unless no -F is specified. This
is the behaviour the debian init script is expecting. BTW I have filed a
bug with them since it is clearly wrong - allowing users to shoot
themselves is one thing, having the gun pointed at them by default is
another.
The simplest thing would be to not load a default config at all and just
use hard-coded values unless overridden by -F's or equivalent command-line
parameters. That would eliminate having to test for duplicate interfaces
or duplicate config files (it's still possible but it would be the users
doing). Obviously this breaks with some traditional usage.
--
Chris Russel | CNS Information Security
russel at yorku.ca | York University, Toronto, Canada
More information about the argus
mailing list