Add HostMatch field and related functionality in Ruleset and Server

The Ruleset struct has been updated to include a 'HostMatch' field. A corresponding conditional block to handle 'HostMatch' was added in the 'Server' object's ruleset cycle. This allows the rules to include host-specific matches and debug information about matches found. Further expansion of this functionality can enable detailed rule application based on the target host.
This commit is contained in:
Winni Neessen 2023-12-22 21:52:33 +01:00
parent 1aaa9ac247
commit 6987f4627c
Signed by: wneessen
GPG key ID: 5F3AF39B820C119D
2 changed files with 17 additions and 2 deletions

View file

@ -18,9 +18,15 @@ type Ruleset struct {
Rule []struct { Rule []struct {
ID string `fig:"id" validate:"required"` ID string `fig:"id" validate:"required"`
Regexp *regexp.Regexp `fig:"regexp" validate:"required"` Regexp *regexp.Regexp `fig:"regexp" validate:"required"`
HostMatch *string `fig:"host_match"`
} `fig:"rule"` } `fig:"rule"`
} }
// NewRuleset initializes a new Ruleset based on the provided Config.
// It reads the rule file specified in the Config, validates the file's
// existence, and loads the Ruleset using the fig library.
// It checks for duplicate rules and returns an error if any duplicates are found.
// If all operations are successful, it returns the created Ruleset and no error.
func NewRuleset(c *Config) (*Ruleset, error) { func NewRuleset(c *Config) (*Ruleset, error) {
rs := &Ruleset{} rs := &Ruleset{}
p := filepath.Dir(c.Server.RuleFile) p := filepath.Dir(c.Server.RuleFile)

View file

@ -71,6 +71,15 @@ func (s *Server) Run() error {
s.ruleset = rs s.ruleset = rs
for _, r := range rs.Rule { for _, r := range rs.Rule {
s.log.Debug("found rule", slog.String("ID", r.ID)) s.log.Debug("found rule", slog.String("ID", r.ID))
if r.HostMatch != nil {
s.log.Debug("host match enabled", slog.String("host", *r.HostMatch))
}
if r.Regexp != nil {
foo := r.Regexp.FindAllStringSubmatch("test_foo23", -1)
if len(foo) > 0 {
s.log.Debug("matched", slog.Any("groups", foo))
}
}
} }
return s.RunWithListener(l) return s.RunWithListener(l)