2024 April 14th update

2026-01-01 22:25:42 +03:00 · 2024-04-14 12:55:54 +00:00
parent 7a7f65a77a
commit 942b2ef8b4
79 changed files with 1800 additions and 3778 deletions
--- a/components/security_apps/ips/ips_basic_policy.cc
+++ b/components/security_apps/ips/ips_basic_policy.cc
@@ -17,6 +17,8 @@ void
 RuleSelector::load(cereal::JSONInputArchive &ar)
 {
    readRules(ar);
+    readTriggerId(ar);
+    readExceptionId(ar);
    readDefaultAction(ar);
 }

@@ -36,7 +38,7 @@ RuleSelector::selectSignatures() const
            if (rule.isSignaturedMatched(*signature)) {
                if (rule.getAction() != IPSSignatureSubTypes::SignatureAction::IGNORE) {
                    signature->setIndicators("Check Point", signatures_version);
-                    res.emplace_back(signature, rule.getAction());
+                    res.emplace_back(signature, rule.getAction(), trigger_id, exception_id);
                }
                break;
            }
@@ -52,6 +54,28 @@ RuleSelector::readRules(cereal::JSONInputArchive &ar)
    ar(cereal::make_nvp("rules", rules));
 }

+void
+RuleSelector::readTriggerId(cereal::JSONInputArchive &ar)
+{
+    try {
+        ar(cereal::make_nvp("triggers", trigger_id));
+    } catch (const cereal::Exception &e) {
+        ar.setNextName(nullptr);
+        trigger_id = "";
+    }
+}
+
+void
+RuleSelector::readExceptionId(cereal::JSONInputArchive &ar)
+{
+    try {
+        ar(cereal::make_nvp("exceptions", exception_id));
+    } catch (const cereal::Exception &e) {
+        ar.setNextName(nullptr);
+        exception_id = "";
+    }
+}
+
 void
 RuleSelector::readDefaultAction(cereal::JSONInputArchive &ar)
 {