diff --git a/userspace/engine/falco_engine.cpp b/userspace/engine/falco_engine.cpp index 34525352..af73cec7 100644 --- a/userspace/engine/falco_engine.cpp +++ b/userspace/engine/falco_engine.cpp @@ -298,6 +298,12 @@ std::unique_ptr falco_engine::load_rules_file(const std::string &ru void falco_engine::enable_rule(const std::string &substring, bool enabled, const std::string &ruleset) { uint16_t ruleset_id = find_ruleset_id(ruleset); + + enable_rule(substring, enabled, ruleset_id); +} + +void falco_engine::enable_rule(const std::string &substring, bool enabled, const uint16_t ruleset_id) +{ bool match_exact = false; for(const auto &it : m_sources) @@ -316,6 +322,12 @@ void falco_engine::enable_rule(const std::string &substring, bool enabled, const void falco_engine::enable_rule_exact(const std::string &rule_name, bool enabled, const std::string &ruleset) { uint16_t ruleset_id = find_ruleset_id(ruleset); + + enable_rule_exact(rule_name, enabled, ruleset_id); +} + +void falco_engine::enable_rule_exact(const std::string &rule_name, bool enabled, const uint16_t ruleset_id) +{ bool match_exact = true; for(const auto &it : m_sources) @@ -335,6 +347,11 @@ void falco_engine::enable_rule_by_tag(const std::set &tags, bool en { uint16_t ruleset_id = find_ruleset_id(ruleset); + enable_rule_by_tag(tags, enabled, ruleset_id); +} + +void falco_engine::enable_rule_by_tag(const std::set &tags, bool enabled, const uint16_t ruleset_id) +{ for(const auto &it : m_sources) { if(enabled) diff --git a/userspace/engine/falco_engine.h b/userspace/engine/falco_engine.h index dc41a012..1ca7ec67 100644 --- a/userspace/engine/falco_engine.h +++ b/userspace/engine/falco_engine.h @@ -96,15 +96,23 @@ public: // void enable_rule(const std::string &substring, bool enabled, const std::string &ruleset = s_default_ruleset); + // Same as above but providing a ruleset id instead + void enable_rule(const std::string &substring, bool enabled, const uint16_t ruleset_id); // Like enable_rule, but the rule name must be an exact match. void enable_rule_exact(const std::string &rule_name, bool enabled, const std::string &ruleset = s_default_ruleset); + // Same as above but providing a ruleset id instead + void enable_rule_exact(const std::string &rule_name, bool enabled, const uint16_t ruleset_id); + // // Enable/Disable any rules with any of the provided tags (set, exact matches only) // void enable_rule_by_tag(const std::set &tags, bool enabled, const std::string &ruleset = s_default_ruleset); + // Same as above but providing a ruleset id instead + void enable_rule_by_tag(const std::set &tags, bool enabled, const uint16_t ruleset_id); + // // Must be called after the engine has been configured and all rulesets // have been loaded and enabled/disabled.