Add off-alert-enforce toggle for all rules, collapse heuristics by default

- Extend tri-toggle (Off/Alert/Enforce) to security and custom rules, not just heuristics
- BPF maps now store mode: 1=alert (log only), 2=enforce (block)
- Add rule_mode_overrides in user_rules.yaml for security+custom rules
- Dashboard: tri-toggle for security rules and custom rules
- Heuristics categories collapsed by default in Policy Rules tab
- Toggle changes apply instantly (SIGHUP to monitor, policy reload)
- macOS: only enforce rules added to Seatbelt profile

Made-with: Cursor

Author: leos565

deploy/dashboard/app.py

@@ -37,6 +37,7 @@
     get_custom_rules, get_custom_rule_metadata, CUSTOM_RULE_TYPES,
     load_settings, save_settings,
     get_heuristic_overrides, save_heuristic_overrides, set_group_heuristic_mode,
+    get_rule_mode_overrides, save_rule_mode_overrides,
     VALID_HEURISTIC_MODES,
 )
 from shared.rule_updater import check_for_updates, download_and_apply
@@ -64,7 +65,7 @@
 _BLOCK_LINE_RE = re.compile(
     r"(\d{4}-\d{2}-\d{2}\s+\d{2}:\d{2}:\d{2}[,.]?\d*)\s+"
     r"WARNING\s+\[[\w.]+\]\s+"
-    r"(?:BLOCKED|WARNING)\s+\[([A-Z0-9_-]+)\]\s+(.*)"
+    r"(BLOCKED|ALERT|WARNING)\s+\[([A-Z0-9_-]+)\]\s+(.*)"
 )
 
 
@@ -117,10 +118,12 @@ def _parse_log_lines(max_lines: int = 1000) -> list[dict]:
             for line in lines[-max_lines:]:
                 m = _BLOCK_LINE_RE.search(line)
                 if m:
+                    kind = m.group(2).upper()  # BLOCKED, ALERT, WARNING
                     alerts.append({
                         "timestamp": m.group(1),
-                        "rule_id": m.group(2),
-                        "details": m.group(3).strip(),
+                        "rule_id": m.group(3),
+                        "details": m.group(4).strip(),
+                        "blocked": kind != "ALERT",
                     })
         except (PermissionError, OSError):
             continue
@@ -237,12 +240,23 @@ async def update_user_rules(request: Request):
     """Update the user's rule exemptions (preserves custom_rules and heuristic_overrides)."""
     try:
         body = await request.json()
-        # Preserve existing custom_rules and heuristic_overrides when only exemptions are being saved
+        # Preserve existing when not in body
         existing = load_user_rules()
         if "custom_rules" not in body and "custom_rules" in existing:
             body["custom_rules"] = existing["custom_rules"]
         if "heuristic_overrides" not in body and "heuristic_overrides" in existing:
             body["heuristic_overrides"] = existing["heuristic_overrides"]
+        if "rule_mode_overrides" not in body and "rule_mode_overrides" in existing:
+            body["rule_mode_overrides"] = existing["rule_mode_overrides"]
+        # Sync exempted_rule_ids from rule_mode_overrides (disabled = exempted)
+        if "rule_mode_overrides" in body and isinstance(body["rule_mode_overrides"], dict):
+            exempted = set(existing.get("exempted_rule_ids", []))
+            for rid, m in body["rule_mode_overrides"].items():
+                if m == "disabled":
+                    exempted.add(rid)
+                else:
+                    exempted.discard(rid)
+            body["exempted_rule_ids"] = list(exempted)
         save_user_rules(body)
         _trigger_enforcement()
         return JSONResponse({

deploy/dashboard/templates/index.html

@@ -1901,6 +1901,7 @@ <h2 id="modalTitle">Add Custom Rule</h2>
         }
 
         function isMonitoredAlert(a) {
+            if (a.blocked === false) return true;
             const d = (a.details || '').toLowerCase();
             return d.includes('monitored') || d.includes('observed') || d.includes('action=allow');
         }
@@ -1953,13 +1954,16 @@ <h2 id="modalTitle">Add Custom Rule</h2>
                 const d = await fetchJSON('/api/user-rules');
                 exemptedIds = new Set(d.rules.exempted_rule_ids || []);
                 heuristicOverrides = d.rules.heuristic_overrides || {};
+                ruleModeOverrides = d.rules.rule_mode_overrides || {};
                 pendingExemptions = null;
                 pendingHeuristics = null;
+                pendingRuleModes = null;
                 renderRules();
             }
             catch {
                 exemptedIds = new Set();
                 heuristicOverrides = {};
+                ruleModeOverrides = {};
             }
         }
 
@@ -2016,7 +2020,8 @@ <h2 id="modalTitle">Add Custom Rule</h2>
                 const platLabel = plat === 'both' ? '' : '(' + plat + ')';
                 const sev = r.severity ? `<span class="rule-tag severity-${r.severity.toLowerCase()}">${esc(r.severity)}</span>` : '';
                 const desc = r.description ? `<div style="font-size:12px;color:var(--text-muted);margin-top:4px;width:100%;">${esc(r.description)}</div>` : '';
-                html += `<div class="rule-item">
+                const mode = (pendingRuleModes ?? ruleModeOverrides)[r.id] || (exemptedIds.has(r.id) ? 'disabled' : 'enforce');
+                html += `<div class="rule-item" style="${mode === 'disabled' ? 'opacity:0.5;' : ''}">
           <div class="rule-info" style="flex-wrap:wrap;">
             <span class="rule-tag custom">${r.id}</span>
             <span style="font-size:16px;flex-shrink:0;">${typeIcons[r.type] || '📌'}</span>
@@ -2025,7 +2030,8 @@ <h2 id="modalTitle">Add Custom Rule</h2>
             <span style="font-size:11px;color:var(--text-muted);flex-shrink:0;">${r.type} ${platLabel}</span>
             ${desc}
           </div>
-          <div class="rule-actions">
+          <div class="rule-actions" style="display:flex; align-items:center; gap:8px;">
+            <div class="tri-toggle mode-${mode}"><div class="tri-slider"></div><div class="tri-btn" data-val="disabled" onclick="toggleRuleMode('${r.id}', 'disabled')">🚫 Off</div><div class="tri-btn" data-val="alert" onclick="toggleRuleMode('${r.id}', 'alert')">👀 Alert</div><div class="tri-btn" data-val="enforce" onclick="toggleRuleMode('${r.id}', 'enforce')">🛡️ Enforce</div></div>
             <button class="btn btn-ghost btn-sm" onclick="editCustomRule('${r.id}')">Edit</button>
             <button class="btn btn-danger btn-sm" onclick="deleteCustomRule('${r.id}')">Delete</button>
           </div>
@@ -2036,6 +2042,8 @@ <h2 id="modalTitle">Add Custom Rule</h2>
 
         // ── Render System Rules ──
         let activeRuleCategory = 'security';
+        let ruleModeOverrides = {};
+        let pendingRuleModes = null;
         function setRuleCategory(cat) {
             activeRuleCategory = cat;
             document.getElementById('btnCatSecurity').style.background = cat === 'security' ? 'var(--accent)' : 'transparent';
@@ -2045,18 +2053,29 @@ <h2 id="modalTitle">Add Custom Rule</h2>
             renderRules();
         }
 
+        function getSecurityRuleMode(r) {
+            const cur = pendingRuleModes ?? ruleModeOverrides;
+            if (cur[r.id]) return cur[r.id];
+            return exemptedIds.has(r.id) ? 'disabled' : 'enforce';
+        }
+
         function renderRules() {
             const c = document.getElementById('rulesContainer');
-            const curExempts = pendingExemptions || exemptedIds;
-            const curHeuristics = pendingHeuristics || heuristicOverrides;
+            const curExempts = pendingExemptions ?? exemptedIds;
+            const curHeuristics = pendingHeuristics ?? heuristicOverrides;
+            const curRuleModes = pendingRuleModes ?? ruleModeOverrides;
             const q = (document.getElementById('ruleSearch')?.value || '').toLowerCase();
 
             const visible = allRuleItems.filter(r => {
                 if (r.type !== activeRuleCategory) return false;
                 return shouldShowRule(r);
             });
 
-            document.getElementById('exemptionCount').textContent = `${curExempts.size} exempted`;
+            const exemptCount = [...visible].filter(r => {
+                const m = activeRuleCategory === 'security' ? getSecurityRuleMode(r) : (curHeuristics[r.id] || r.defaultAction || 'alert');
+                return m === 'disabled';
+            }).length;
+            document.getElementById('exemptionCount').textContent = `${exemptCount} off`;
 
             if (!visible.length) {
                 c.innerHTML = '<div class="empty-state"><p>No rules match your search for this category.</p></div>';
@@ -2073,18 +2092,17 @@ <h2 id="modalTitle">Add Custom Rule</h2>
             let html = '';
             for (const [cat, items] of Object.entries(groups)) {
                 if (activeRuleCategory === 'security') {
-                    const ec = items.filter(r => curExempts.has(r.id)).length;
-                    html += `<div class="rule-group"><div class="rule-group-title">${ec ? `${cat} (${items.length}) · ${ec} exempted` : `${cat} (${items.length})`}</div>`;
+                    html += `<div class="rule-group"><div class="rule-group-title">${cat} (${items.length})</div>`;
                     for (const r of items) {
-                        const ex = curExempts.has(r.id);
+                        const mode = getSecurityRuleMode(r);
                         const typeBadge = ruleTypeBadge(r.id);
-                        html += `<div class="rule-item" style="${ex ? 'opacity:0.5;' : ''}"><div class="rule-info">${typeBadge}<span class="rule-tag ${ex ? 'exempted' : ''}">${r.id}</span><span class="rule-value" title="${esc(r.val)}">${esc(r.val)}</span></div><label class="toggle"><input type="checkbox" ${ex ? '' : 'checked'} onchange="toggleExemption('${r.id}',this.checked)"><span class="toggle-slider"></span></label></div>`;
+                        html += `<div class="rule-item" style="${mode === 'disabled' ? 'opacity:0.5;' : ''}"><div class="rule-info">${typeBadge}<span class="rule-tag ${mode === 'disabled' ? 'exempted' : ''}">${r.id}</span><span class="rule-value" title="${esc(r.val)}">${esc(r.val)}</span></div><div class="rule-actions" style="min-width:100px;"><div class="tri-toggle mode-${mode}"><div class="tri-slider"></div><div class="tri-btn" data-val="disabled" onclick="toggleRuleMode('${r.id}', 'disabled')">🚫 Off</div><div class="tri-btn" data-val="alert" onclick="toggleRuleMode('${r.id}', 'alert')">👀 Alert</div><div class="tri-btn" data-val="enforce" onclick="toggleRuleMode('${r.id}', 'enforce')">🛡️ Enforce</div></div></div></div>`;
                     }
                     html += '</div>';
                 } else {
                     // Heuristics
                     const rids = items.map(r => r.id).join(',');
-                    html += `<details class="rule-group-details" open style="padding-bottom:12px; margin-bottom: 8px;">
+                    html += `<details class="rule-group-details" style="padding-bottom:12px; margin-bottom: 8px;">
                         <summary class="rule-group-title" style="display:flex; justify-content:space-between; align-items:center;">
                             <span><span class="group-arrow">▶</span>${cat} (${items.length})</span>
                             <div style="display:flex; gap:8px; align-items:center; font-size:12px; font-weight:normal;">
@@ -2141,6 +2159,20 @@ <h2 id="modalTitle">Add Custom Rule</h2>
             renderRules();
         }
 
+        function toggleRuleMode(id, mode) {
+            if (!pendingRuleModes) pendingRuleModes = { ...ruleModeOverrides };
+            pendingRuleModes[id] = mode;
+            if (mode === 'disabled') {
+                if (!pendingExemptions) pendingExemptions = new Set(exemptedIds);
+                pendingExemptions.add(id);
+            } else {
+                if (!pendingExemptions) pendingExemptions = new Set(exemptedIds);
+                pendingExemptions.delete(id);
+            }
+            document.getElementById('saveBanner').classList.add('visible');
+            renderRules();
+        }
+
         function toggleHeuristic(id, mode) {
             if (!pendingHeuristics) pendingHeuristics = { ...heuristicOverrides };
             pendingHeuristics[id] = mode;
@@ -2161,16 +2193,25 @@ <h2 id="modalTitle">Add Custom Rule</h2>
 
         async function saveExemptions() {
             try {
+                const body = {};
                 if (pendingExemptions) {
-                    await fetch('/api/user-rules', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ exempted_rule_ids: Array.from(pendingExemptions) }) });
+                    body.exempted_rule_ids = Array.from(pendingExemptions);
                     exemptedIds = new Set(pendingExemptions);
                     pendingExemptions = null;
                 }
+                if (pendingRuleModes) {
+                    body.rule_mode_overrides = { ...ruleModeOverrides, ...pendingRuleModes };
+                    ruleModeOverrides = body.rule_mode_overrides;
+                    pendingRuleModes = null;
+                }
                 if (pendingHeuristics) {
-                    await fetch('/api/heuristic-overrides', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ overrides: pendingHeuristics }) });
-                    heuristicOverrides = { ...pendingHeuristics };
+                    body.heuristic_overrides = { ...heuristicOverrides, ...pendingHeuristics };
+                    heuristicOverrides = body.heuristic_overrides;
                     pendingHeuristics = null;
                 }
+                if (Object.keys(body).length) {
+                    await fetch('/api/user-rules', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(body) });
+                }
                 document.getElementById('saveBanner').classList.remove('visible');
                 renderRules();
                 showToast("Changes applied.", 'success');
@@ -2180,6 +2221,7 @@ <h2 id="modalTitle">Add Custom Rule</h2>
         function cancelExemptions() {
             pendingExemptions = null;
             pendingHeuristics = null;
+            pendingRuleModes = null;
             document.getElementById('saveBanner').classList.remove('visible');
             renderRules();
         }
@@ -2190,10 +2232,7 @@ <h2 id="modalTitle">Add Custom Rule</h2>
                 toggleHeuristic(id, 'disabled');
             } else {
                 setRuleCategory('security');
-                if (!pendingExemptions) pendingExemptions = new Set(exemptedIds);
-                pendingExemptions.add(id);
-                document.getElementById('saveBanner').classList.add('visible');
-                renderRules();
+                toggleRuleMode(id, 'disabled');
             }
             document.querySelectorAll('.tab').forEach(t => t.classList.remove('active'));
             document.querySelectorAll('.tab-panel').forEach(p => p.classList.remove('active'));

deploy/linux/bpf_hooks.c

@@ -41,7 +41,8 @@ struct event_t {
   char filename[MAX_FILENAME_LEN];
   u8 action; // 0 = observed (enter), 1 = blocked (SIGKILL), 2 = post-exec
              // (exit, for deny_rules), 3 = connect_attempt (userspace domain
-             // check), 4 = heuristic_alert, 5 = heuristic_block
+             // check), 4 = heuristic_alert, 5 = heuristic_block,
+             // 6 = security_alert (match but no kill)
   u32 blocked_ip; // for connect events: IP in host byte order
   u16 heu_slot;  // for heuristic events: slot index for rule_id lookup
 };
@@ -238,12 +239,13 @@ TRACEPOINT_PROBE(syscalls, sys_enter_execve) {
   bpf_get_current_comm(&evt.comm, sizeof(evt.comm));
   bpf_probe_read_user_str(&evt.filename, sizeof(evt.filename), fname);
 
-  /* Layer 1: blocked executable */
-  u8 *is_blocked = blocked_hashes.lookup(&h);
-  if (is_blocked) {
-    evt.action = 1;
+  /* Layer 1: blocked executable — value 1=alert, 2=enforce */
+  u8 *mode = blocked_hashes.lookup(&h);
+  if (mode) {
+    evt.action = (*mode == 2) ? 1 : 6;
     events.perf_submit(args, &evt, sizeof(evt));
-    bpf_send_signal(SIGKILL);
+    if (*mode == 2)
+      bpf_send_signal(SIGKILL);
     return 0;
   }
 
@@ -373,22 +375,22 @@ TRACEPOINT_PROBE(syscalls, sys_enter_openat) {
   const char *fname = args->filename;
   u64 h = simple_hash(fname, MAX_FILENAME_LEN);
 
-  u8 *is_blocked = blocked_path_hashes.lookup(&h);
-  if (is_blocked) {
+  u8 *mode = blocked_path_hashes.lookup(&h);
+  if (mode) {
     struct event_t evt = {};
     evt.pid = pid;
     evt.ns_pid = get_ns_pid();
     evt.uid = bpf_get_current_uid_gid() & 0xFFFFFFFF;
     bpf_get_current_comm(&evt.comm, sizeof(evt.comm));
     bpf_probe_read_user_str(&evt.filename, sizeof(evt.filename), fname);
-    evt.action = 1;
+    evt.action = (*mode == 2) ? 1 : 6;
     events.perf_submit(args, &evt, sizeof(evt));
 #ifdef CLAWEDR_USE_LSM
-    /* LSM file_open will block with -EPERM; don't kill (keeps OpenClaw intact)
-     */
+    if (*mode == 2)
+      /* LSM file_open will block with -EPERM; don't kill (keeps OpenClaw intact) */
+      ;
 #else
-    /* Only SIGKILL subprocesses; protect OpenClaw gateway from being killed */
-    if (!protected_pids.lookup(&pid))
+    if (*mode == 2 && !protected_pids.lookup(&pid))
       bpf_send_signal(SIGKILL);
 #endif
   }
@@ -408,36 +410,31 @@ TRACEPOINT_PROBE(syscalls, sys_enter_statx) {
   const char *fname = (const char *)args->filename;
   u64 h = simple_hash(fname, MAX_FILENAME_LEN);
 
-  u8 *is_blocked = blocked_path_hashes.lookup(&h);
-  if (is_blocked) {
+  u8 *mode = blocked_path_hashes.lookup(&h);
+  if (mode) {
     struct event_t evt = {};
     evt.pid = pid;
     evt.ns_pid = get_ns_pid();
     evt.uid = bpf_get_current_uid_gid() & 0xFFFFFFFF;
     bpf_get_current_comm(&evt.comm, sizeof(evt.comm));
     bpf_probe_read_user_str(&evt.filename, sizeof(evt.filename), fname);
-    evt.action = 1;
+    evt.action = (*mode == 2) ? 1 : 6;
     events.perf_submit(args, &evt, sizeof(evt));
-    /* statx has no LSM equivalent; SIGKILL subprocesses but protect OpenClaw
-     * gateway */
-    if (!protected_pids.lookup(&pid))
+    if (*mode == 2 && !protected_pids.lookup(&pid))
       bpf_send_signal(SIGKILL);
   }
 
   return 0;
 }
 
-/* Helper: check blocked IP and optionally kill (used by sendto tracepoint) */
-static __always_inline int _check_blocked_ip(void *ctx, u32 pid, u32 ip,
-                                             int do_kill) {
-  u8 *is_blocked = blocked_ips.lookup(&ip);
-  if (!is_blocked)
+/* Helper: check blocked IP — value 1=alert, 2=enforce */
+static __always_inline int _check_blocked_ip(void *ctx, u32 pid, u32 ip) {
+  u8 *mode = blocked_ips.lookup(&ip);
+  if (!mode)
     return 0;
 
   char comm[TASK_COMM_LEN];
   bpf_get_current_comm(&comm, sizeof(comm));
-  /* Exempt sudo/systemctl: may connect to 8.8.8.8 for DNS; child processes
-   * (e.g. curl) still blocked */
   if (comm[0] == 's' && comm[1] == 'u' && comm[2] == 'd' && comm[3] == 'o' &&
       (comm[4] == '\0' || comm[4] == ' '))
     return 0;
@@ -454,9 +451,9 @@ static __always_inline int _check_blocked_ip(void *ctx, u32 pid, u32 ip,
   evt.blocked_ip = ip;
   const char msg[] = "NETWORK_CONNECT";
   __builtin_memcpy((void *)evt.filename, msg, sizeof(msg));
-  evt.action = 1;
+  evt.action = (*mode == 2) ? 1 : 6;
   events.perf_submit(ctx, &evt, sizeof(evt));
-  if (do_kill)
+  if (*mode == 2)
     bpf_send_signal(SIGKILL);
   return 1;
 }
@@ -486,8 +483,8 @@ LSM_PROBE(socket_connect, struct socket *sock, struct sockaddr *address,
   u32 ip = 0;
   bpf_probe_read_kernel(&ip, sizeof(ip), (void *)address + 4);
 
-  u8 *is_blocked = blocked_ips.lookup(&ip);
-  if (!is_blocked)
+  u8 *mode = blocked_ips.lookup(&ip);
+  if (!mode)
     return 0;
 
   char comm[TASK_COMM_LEN];
@@ -508,9 +505,11 @@ LSM_PROBE(socket_connect, struct socket *sock, struct sockaddr *address,
   evt.blocked_ip = ip;
   const char msg[] = "NETWORK_CONNECT";
   __builtin_memcpy((void *)evt.filename, msg, sizeof(msg));
-  evt.action = 1;
+  evt.action = (*mode == 2) ? 1 : 6;
   events.perf_submit(sock, &evt, sizeof(evt));
-  return -1; /* -EPERM */
+  if (*mode == 2)
+    return -1; /* -EPERM */
+  return 0;
 }
 #endif
 
@@ -539,7 +538,7 @@ TRACEPOINT_PROBE(syscalls, sys_enter_connect) {
     if (!is_blocked) {
 #else
     /* Fallback: tracepoint + SIGKILL when LSM unavailable */
-    if (_check_blocked_ip(args, pid, ip, 1))
+    if (_check_blocked_ip(args, pid, ip))
       return 0;
     {
 #endif
@@ -584,7 +583,7 @@ TRACEPOINT_PROBE(syscalls, sys_enter_sendto) {
   if (family == 2) { /* AF_INET */
     u32 ip = 0;
     bpf_probe_read_user(&ip, sizeof(ip), (void *)addr + 4);
-    _check_blocked_ip(args, pid, ip, 1);
+    _check_blocked_ip(args, pid, ip);
   }
 
   return 0;