[Bro-Dev] changing Notice::policy mechanism
Siwek, Jonathan Luke
jsiwek at illinois.edu
Mon Nov 5 09:24:39 PST 2012
>> I think the construct we need to solve the problem already exists purely in the script-layer:
>> type TriggerFunc: function(n: Notice::Info): bool;
>> global Notice::policy: vector of set[TriggerFunc];
> That doesn't have the attribute that I think we likely want, namely an
> explicit "switch" on the particular notice type.
Right, your switch/case idea reminded me of that optimization. Would a table work for that? So revising the example:
type TriggerType: enum;
type TriggerFunc: function(n: Notice::Info): bool;
type PolicyHandlers: vector of set[TriggerFunc];
global Notice::policy: table[TriggerType] of PolicyHandlers &redef;
Again, the issue probably being the cumbersome syntax of manipulation/redefinitions (if it's even possible right now) that's expected to be done by the user.
> Sepaking of which, maybe we don't want an exact split-case-by-case but
> rather something a bit broader. Here I'm thinking of policies that I'd
> like to apply to any Notice of n different types; it's important to not
> have to replicate that code, but instead just list the n types and the
> associated predicate.
Think the above example supports that if the common code is just implemented as a TriggerFunc and then inserted in to the PolicyHandlers for the desired TriggerTypes.
More information about the bro-dev