diff --git a/check_rule_ids.py b/check_rule_ids.py index f435e7d..d0bfaef 100644 --- a/check_rule_ids.py +++ b/check_rule_ids.py @@ -73,17 +73,38 @@ def main(): print("āœ… No rule files were changed in this PR.") return - print(f"šŸ” Checking these files for conflicts: {[f.name for f in changed_files]}") + # print(f"šŸ” Checking these files for conflicts: {[f.name for f in changed_files]}") + + # changed_ids = get_rule_ids_in_files(changed_files) + # main_ids = get_all_main_rule_ids() + # conflicts = changed_ids & main_ids + + # if conflicts: + # print(f"āŒ Conflicting rule IDs: {sorted(conflicts)}") + # sys.exit(1) + # else: + # print("āœ… No rule ID conflicts.") - changed_ids = get_rule_ids_in_files(changed_files) + print(f"šŸ” Checking these files for conflicts: {[f.name for f in changed_files]}") main_ids = get_all_main_rule_ids() - conflicts = changed_ids & main_ids - if conflicts: - print(f"āŒ Conflicting rule IDs: {sorted(conflicts)}") - sys.exit(1) - else: - print("āœ… No rule ID conflicts.") + # Loop through each changed file and check for ID conflicts + for path in changed_files: + print(f"\nšŸ”Ž Checking file: {path.name}") + try: + content = path.read_text() + file_ids = extract_rule_ids_from_xml(content) + except Exception as e: + print(f"āš ļø Could not read {path.name}: {e}") + continue + conflicts = file_ids & main_ids + if conflicts: + print(f"āŒ Conflicting rule IDs in {path.name} file. Rule IDs: {sorted(conflicts)}") + sys.exit(1) + else: + print(f"āœ… No rule ID conflicts in {path.name}.") + + print("\nāœ… All checked files are conflict-free.") if __name__ == "__main__": main() diff --git a/rules/conflicting _rules.xml b/rules/conflicting _rules.xml new file mode 100644 index 0000000..47cca53 --- /dev/null +++ b/rules/conflicting _rules.xml @@ -0,0 +1,19 @@ + + + + + + + + + + + 5716 + 1.1.1.1 + sshd: authentication failed from IP 1.1.1.1. + authentication_failed,pci_dss_10.2.4,pci_dss_10.2.5, + + +