misrouted: goto 1
Nov. 28th, 2006 09:56 am![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
pvaneyndI've had a little setback with misrouted: it turns out that my original idea of how the universe of CP objects work (ie we have item and containers) turns out to be deeply wrong.
While parsing some complex rulebase with the old implementation it turns out that the objects are divided in 3 classes: items, containers and container-of-listable-items (ideas on naming are welcome). This is because you can have a network, which is a collection, that can contain a group, also previously a collection, in a different way then that the group contains the network: all members of the group are in the network versus a custom method looking if all possible ip's in the network are in the group. Also the trivial method I used the last method kind of broke down when it tried to expand a /8 network into ip's. :-S
So this means surgery at a pretty deep level in the class hierarchy and the old program could just about handle it, but the scars run deep. So misrouted is being rewritten to use the new setup. The good news it that I've thought of a more complex, but not O((N_rules**4)**N_firewalls**2) method of simulating the effects of a rulebase on traffic.
While parsing some complex rulebase with the old implementation it turns out that the objects are divided in 3 classes: items, containers and container-of-listable-items (ideas on naming are welcome). This is because you can have a network, which is a collection, that can contain a group, also previously a collection, in a different way then that the group contains the network: all members of the group are in the network versus a custom method looking if all possible ip's in the network are in the group. Also the trivial method I used the last method kind of broke down when it tried to expand a /8 network into ip's. :-S
So this means surgery at a pretty deep level in the class hierarchy and the old program could just about handle it, but the scars run deep. So misrouted is being rewritten to use the new setup. The good news it that I've thought of a more complex, but not O((N_rules**4)**N_firewalls**2) method of simulating the effects of a rulebase on traffic.
