github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-07-16 07:47:00 +00:00
Code Issues Projects Releases Wiki Activity

style(userspace/engine): avoid creating multiple versions of methods only to assume default ruleset. Use a default argument instead.

Browse Source 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
This commit is contained in:
Federico Di Pierro 2021-10-13 12:17:36 +02:00 committed by poiana
parent cb51522423
commit ea2ca56d5b
2 changed files with 6 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
userspace/engine/falco_engine.cpp
View File

@ -40,6 +40,7 @@ extern "C" {
string lua_on_event = "on_event";
string lua_print_stats = "print_stats";
const std::string falco_engine::m_default_ruleset = "falco-default-ruleset";
using namespace std;
@ -196,11 +197,6 @@ void falco_engine::enable_rule(const string &substring, bool enabled, const stri
}
}
void falco_engine::enable_rule(const string &substring, bool enabled)
{
enable_rule(substring, enabled, m_default_ruleset);
}
void falco_engine::enable_rule_exact(const string &rule_name, bool enabled, const string &ruleset)
{
uint16_t ruleset_id = find_ruleset_id(ruleset);
@ -212,11 +208,6 @@ void falco_engine::enable_rule_exact(const string &rule_name, bool enabled, cons
}
}
void falco_engine::enable_rule_exact(const string &rule_name, bool enabled)
{
enable_rule_exact(rule_name, enabled, m_default_ruleset);
}
void falco_engine::enable_rule_by_tag(const set<string> &tags, bool enabled, const string &ruleset)
{
uint16_t ruleset_id = find_ruleset_id(ruleset);
@ -227,11 +218,6 @@ void falco_engine::enable_rule_by_tag(const set<string> &tags, bool enabled, con
}
}
void falco_engine::enable_rule_by_tag(const set<string> &tags, bool enabled)
{
enable_rule_by_tag(tags, enabled, m_default_ruleset);
}
void falco_engine::set_min_priority(falco_common::priority_type priority)
{
m_min_priority = priority;
@ -279,11 +265,6 @@ void falco_engine::evttypes_for_ruleset(std::string &source, std::set<uint16_t>
}
void falco_engine::evttypes_for_ruleset(std::string &source, std::set<uint16_t> &evttypes)
{
evttypes_for_ruleset(source, evttypes, m_default_ruleset);
}
std::shared_ptr<gen_event_formatter> falco_engine::create_formatter(const std::string &source,
const std::string &output)
{

23
userspace/engine/falco_engine.h
View File

@ -78,25 +78,16 @@ public:
// be passed as an argument to process_event(). This allows
// for different sets of rules being active at once.
//
void enable_rule(const std::string &substring, bool enabled, const std::string &ruleset);
// Wrapper that assumes the default ruleset
void enable_rule(const std::string &substring, bool enabled);
void enable_rule(const std::string &substring, bool enabled, const std::string &ruleset = m_default_ruleset);
// Like enable_rule, but the rule name must be an exact match.
void enable_rule_exact(const std::string &rule_name, bool enabled, const std::string &ruleset);
// Wrapper that assumes the default ruleset
void enable_rule_exact(const std::string &rule_name, bool enabled);
void enable_rule_exact(const std::string &rule_name, bool enabled, const std::string &ruleset = m_default_ruleset);
//
// Enable/Disable any rules with any of the provided tags (set, exact matches only)
//
void enable_rule_by_tag(const std::set<std::string> &tags, bool enabled, const std::string &ruleset);
// Wrapper that assumes the default ruleset
void enable_rule_by_tag(const std::set<std::string> &tags, bool enabled);
void enable_rule_by_tag(const std::set<std::string> &tags, bool enabled, const std::string &ruleset = m_default_ruleset);
// Only load rules having this priority or more severe.
void set_min_priority(falco_common::priority_type priority);
@ -206,11 +197,7 @@ public:
//
void evttypes_for_ruleset(std::string &source,
std::set<uint16_t> &evttypes,
const std::string &ruleset);
// Assuming default ruleset
void evttypes_for_ruleset(std::string &source,
std::set<uint16_t> &evttypes);
const std::string &ruleset = m_default_ruleset);
//
// Given a source and output string, return an
@ -279,7 +266,7 @@ private:
double m_sampling_multiplier;
std::string m_lua_main_filename = "rule_loader.lua";
std::string m_default_ruleset = "falco-default-ruleset";
static std::string m_default_ruleset;
uint32_t m_default_ruleset_id;
std::string m_extra;