github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 11:44:32 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix disruptive action flow while RuleEngine is in DetectionOnly

Browse Source
This commit is contained in:
Felipe Zimmerle
2015-09-17 10:49:12 -03:00
parent 490ad23e41
commit 11e1a67d58
8 changed files with 136 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/actions/block.cc
View File

@@ -20,6 +20,7 @@
#include "modsecurity/assay.h"
#include "src/rule.h"
#include "modsecurity/intervention.h"
namespace ModSecurity {
namespace actions {
@@ -32,6 +33,7 @@ Block::Block(std::string action)
bool Block::evaluate(Rule *rule, Assay *assay) {
assay->debug(8, "Running action block");
for (Action *a : rule->actions_runtime_pos) {
if (a->isDisruptive() == true) {
assay->actions.push_back(a);
@@ -41,7 +43,7 @@ bool Block::evaluate(Rule *rule, Assay *assay) {
}
void Block::fill_intervention(ModSecurityIntervention *i) {
i->disruptive = true;
}
} // namespace actions

6
src/actions/deny.cc
View File

@@ -31,13 +31,17 @@ Deny::Deny(std::string action)
bool Deny::evaluate(Rule *rule, Assay *assay) {
assay->debug(8, "Running action deny");
assay->actions.push_back(this);
return true;
}
void Deny::fill_intervention(ModSecurityIntervention *i) {
i->status = 403;
if (i->status == 200) {
i->status = 403;
}
i->log = "Deny action";
i->disruptive = true;
}
} // namespace actions