// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved. // Licensed under the Apache License, Version 2.0 (the "License"); // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. #include "generic_rulebase/generic_rulebase.h" #include #include "generic_rulebase/evaluators/trigger_eval.h" #include "generic_rulebase/evaluators/practice_eval.h" #include "generic_rulebase/evaluators/parameter_eval.h" #include "generic_rulebase/evaluators/zone_eval.h" #include "generic_rulebase/evaluators/asset_eval.h" #include "generic_rulebase/evaluators/query_eval.h" #include "generic_rulebase/evaluators/connection_eval.h" #include "generic_rulebase/evaluators/http_transaction_data_eval.h" #include "generic_rulebase/zone.h" #include "generic_rulebase/triggers_config.h" #include "generic_rulebase/parameters_config.h" #include "singleton.h" #include "common.h" #include "debug.h" #include "cache.h" #include "config.h" #include "i_environment.h" using namespace std; USE_DEBUG_FLAG(D_RULEBASE_CONFIG); class GenericRulebase::Impl : Singleton::Provide::From { public: void init() {} void fini() {} void preload(); Maybe getLocalZone() const override { return getZoneConfig(true); } Maybe getOtherZone() const override { return getZoneConfig(false); } LogTriggerConf getLogTriggerConf(const string &trigger_Id) const override; ParameterException getParameterException(const string ¶meter_Id) const override; set getBehavior(const ParameterKeyValues &key_value_pairs) const override; private: Maybe getZoneConfig(bool is_local_zone) const { ScopedContext asset_location_ctx; asset_location_ctx.registerValue("is local asset", is_local_zone); return getConfiguration("rulebase", "zones"); } }; void GenericRulebase::Impl::preload() { addMatcher(); addMatcher(); addMatcher(); addMatcher(); addMatcher(); addMatcher(); addMatcher(); addMatcher(); addMatcher(); addMatcher(); addMatcher(); addMatcher(); addMatcher(); addMatcher(); addMatcher(); addMatcher(); addMatcher(); addMatcher(); addMatcher(); BasicRuleConfig::preload(); LogTriggerConf::preload(); ParameterException::preload(); registerExpectedConfiguration("rulebase", "zones"); registerExpectedConfigFile("zones", Config::ConfigFileType::Policy); registerExpectedConfigFile("triggers", Config::ConfigFileType::Policy); registerExpectedConfigFile("rules", Config::ConfigFileType::Policy); registerExpectedConfigFile("parameters", Config::ConfigFileType::Policy); registerExpectedConfigFile("exceptions", Config::ConfigFileType::Policy); } LogTriggerConf GenericRulebase::Impl::getLogTriggerConf(const string& trigger_Id) const { ScopedContext ctx; set triggers = {trigger_Id}; ctx.registerValue>(TriggerMatcher::ctx_key, triggers); return getConfigurationWithDefault(LogTriggerConf(), "rulebase", "log"); } ParameterException GenericRulebase::Impl::getParameterException(const string& parameter_Id) const { ScopedContext ctx; set exceptions = {parameter_Id}; ctx.registerValue>(ParameterMatcher::ctx_key, exceptions); return getConfigurationWithDefault(ParameterException(), "rulebase", "exception"); } set GenericRulebase::Impl::getBehavior(const ParameterKeyValues &key_value_pairs) const { auto &exceptions = getConfiguration("rulebase", "exception"); if (!exceptions.ok()) { dbgTrace(D_RULEBASE_CONFIG) << "Could not find any exception with the current rule's context"; return {}; } return (*exceptions).getBehavior(key_value_pairs); } GenericRulebase::GenericRulebase() : Component("GenericRulebase"), pimpl(make_unique()) {} GenericRulebase::~GenericRulebase() {} void GenericRulebase::init() { pimpl->init(); } void GenericRulebase::fini() { pimpl->fini(); } void GenericRulebase::preload() { pimpl->preload(); }