Re: Issue: Attribute concatenation/splitting

[Barney Wolff <barney@databus.com>]

On Fri, Jul 07, 2006 at 08:33:07PM -0400, Avi Lior wrote:
> I think we should not allow to pack more then one Filter Rule in a
> single attribute.
> 
> A Filter Rule should be allowed to overflow (span) more then one
> attribute.
> 
> If you have more then one filter rules in a packet with some filter
> rules overflowing, how can you tell when a new one begins?
> 
> A filter rule always starts with an action: permit or deny.  These words
> do not appear anywhere else in the rule.  Therefore a Filter Atribute
> that starts with a permit or deny must be a new filter rule.
> 
> What is wrong with that?

It's a layer violation.

What will be suggested when the next new attribute runs into the same
problem?  Another technique that depends on the syntax of the particular
attribute?

IMHO, Feh!

Regards,
Barney

-- 
Barney Wolff         I never met a computer I didn't like.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>