github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds capture action to RBL

Browse Source
This commit is contained in:
Felipe Zimmerle 2018-03-09 11:38:16 -03:00
parent df25c48f53
commit 0f361b7065
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
3 changed files with 20 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGES
View File

@ -1,6 +1,8 @@
v3.0.x - YYYY-MMM-DD (To be released) v3.0.x - YYYY-MMM-DD (To be released)
------------------------------------- -------------------------------------
- Adds capture action to rbl
[Issue #1698 - @zimmerle]
- Adds capture action to verifyCC - Adds capture action to verifyCC
[Issue #1698 - @michaelgranzow-avi, @zimmerle] [Issue #1698 - @michaelgranzow-avi, @zimmerle]
- Adds capture action to verifySSN - Adds capture action to verifySSN

19
src/operators/rbl.cc
View File

@ -196,9 +196,11 @@ void Rbl::furtherInfo(struct sockaddr_in *sin, std::string ipStr,
} }
bool Rbl::evaluate(Transaction *transaction, const std::string &ipStr) { bool Rbl::evaluate(Transaction *t, Rule *rule,
const std::string& ipStr,
std::shared_ptr<RuleMessage> ruleMessage) {
struct addrinfo *info = NULL; struct addrinfo *info = NULL;
std::string host = mapIpToAddress(ipStr, transaction); std::string host = mapIpToAddress(ipStr, t);
int rc = 0; int rc = 0;
if (host.empty()) { if (host.empty()) {
@ -211,15 +213,24 @@ bool Rbl::evaluate(Transaction *transaction, const std::string &ipStr) {
if (info != NULL) { if (info != NULL) {
freeaddrinfo(info); freeaddrinfo(info);
} }
debug(transaction, 5, "RBL lookup of " + ipStr + " failed."); debug(t, 5, "RBL lookup of " + ipStr + " failed.");
return false; return false;
} }
struct sockaddr *addr = info->ai_addr; struct sockaddr *addr = info->ai_addr;
struct sockaddr_in *sin = (struct sockaddr_in *) addr; struct sockaddr_in *sin = (struct sockaddr_in *) addr;
furtherInfo(sin, ipStr, transaction); furtherInfo(sin, ipStr, t);
freeaddrinfo(info); freeaddrinfo(info);
if (rule && t
&& rule->getActionsByName("capture").size() > 0) {
t->m_collections.m_tx_collection->storeOrUpdateFirst(
"0", std::string(ipStr));
#ifndef NO_LOGS
t->debug(7, "Added RXL match TX.0: " + \
std::string(ipStr));
#endif
}
return true; return true;
} }

4
src/operators/rbl.h
View File

@ -75,7 +75,9 @@ class Rbl : public Operator {
m_provider = RblProvider::httpbl; m_provider = RblProvider::httpbl;
} }
} }
bool evaluate(Transaction *transaction, const std::string &str) override; bool evaluate(Transaction *transaction, Rule *rule,
const std::string& input,
std::shared_ptr<RuleMessage> ruleMessage) override;
std::string mapIpToAddress(std::string ipStr, Transaction *trans); std::string mapIpToAddress(std::string ipStr, Transaction *trans);