[Debtags-devel] Another example of Faceted Categorization in Debian

[Hervé Eychenne]

On Mon, Mar 21, 2005 at 03:44:34PM +0100, Enrico Zini wrote:

> On Sun, Mar 20, 2005 at 03:10:59PM -0800, Erich Schubert wrote:

> > can you select multiple facets at one time to get their union or inte=
rsection?
> > like "show me all images with enrico and erich"?

> The interface is very simplified, and you can only do "or": that is,
> "All images with enrico and all images with erich".

> I find it more useful to "and" the results, though: "all images of
> Debian conferences, with Enrico and Erich".  Maybe that's going to be
> implemented in a future version.

> If they implement it, I'm curious to see if they can make the interface
> for it simple enough: so far, I couldn't :(

If you're looking for a simple interface to do arbitrary binary
expressions, I have one, written in C++.
I developped it for wflogs, the firewall log analyzer of the WallFire
project.

For example, this allows complicated filter expressions like:
$ wflogs -f '$start_time >= [this 3 days ago] && $start_time < [this 2
days ago] && $chainlabel =~ /(DROP|REJECT)/ && $sipaddr == 10.0.0.0/8
&& $protocol == tcp && ($dport == ssh || $dport == telnet) &&
($tcpflags & SYN)' -i netfilter -o text --summary=no

You can see a simple API usage example in:
http://cvs.wallfire.org/viewcvs.py/wallfire/wflogs/logs/test.cc?rev=1.1=
&view=markup

But the problem is that I only used it in wflogs for the moment, so
the binary expression tree is not independent enough from wflogs
specificities. The two are a little mixed yet.
The best would be to use the current code in another application, which
would help abstracting it, and make it cleaner and more generic.
That would be very cool.

 Hervé

-- 
 _
(°=  Hervé Eychenne
//)  Homepage:          http://www.eychenne.org/
v_/_ WallFire project:  http://www.wallfire.org/