github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity

Cosmetics: huge refactoring in the parser

Browse Source 
The parser is now more elegant and resilient.
This commit is contained in:
Felipe Zimmerle 2016-10-31 17:31:23 -03:00
parent d3de1c743a
commit 2bb9d7988f
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
2 changed files with 481 additions and 598 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

306
src/parser/seclang-parser.yy
View File

@ -17,54 +17,55 @@ class Driver;
}
}
#include "modsecurity/modsecurity.h"
#include "modsecurity/rules_properties.h"
#include "actions/accuracy.h"
#include "actions/action.h"
#include "actions/allow.h"
#include "actions/audit_log.h"
#include "actions/ctl_audit_log_parts.h"
#include "actions/ctl_request_body_access.h"
#include "actions/ctl_request_body_processor_json.h"
#include "actions/ctl_request_body_processor_xml.h"
#include "actions/ctl_rule_remove_target_by_tag.h"
#include "actions/ctl_rule_remove_target_by_id.h"
#include "actions/ctl_rule_remove_by_id.h"
#include "actions/ctl_request_body_access.h"
#include "actions/ctl_rule_remove_target_by_id.h"
#include "actions/ctl_rule_remove_target_by_tag.h"
#include "actions/init_col.h"
#include "actions/log_data.h"
#include "actions/maturity.h"
#include "actions/msg.h"
#include "actions/phase.h"
#include "actions/redirect.h"
#include "actions/rev.h"
#include "actions/set_sid.h"
#include "actions/set_uid.h"
#include "actions/set_var.h"
#include "actions/severity.h"
#include "actions/skip.h"
#include "actions/skip_after.h"
#include "actions/msg.h"
#include "actions/phase.h"
#include "actions/allow.h"
#include "actions/log_data.h"
#include "actions/maturity.h"
#include "actions/redirect.h"
#include "actions/rev.h"
#include "actions/ver.h"
#include "actions/tag.h"
#include "actions/transformations/transformation.h"
#include "actions/transformations/none.h"
#include "actions/transformations/transformation.h"
#include "actions/ver.h"
#include "actions/xmlns.h"
#include "operators/operator.h"
#include "modsecurity/rule.h"
#include "utils/geo_lookup.h"
#include "audit_log/audit_log.h"
#include "modsecurity/modsecurity.h"
#include "modsecurity/rules_properties.h"
#include "modsecurity/rule.h"
#include "operators/operator.h"
#include "utils.h"
#include "variables/variations/count.h"
#include "variables/variations/exclusion.h"
#include "utils/geo_lookup.h"
#include "variables/xml.h"
#include "variables/duration.h"
#include "variables/env.h"
#include "variables/highest_severity.h"
#include "variables/modsec_build.h"
#include "variables/remote_user.h"
#include "variables/rule.h"
#include "variables/time.h"
#include "variables/time_day.h"
#include "variables/time_epoch.h"
#include "variables/time.h"
#include "variables/time_hour.h"
#include "variables/time_min.h"
#include "variables/time_mon.h"
@ -72,45 +73,18 @@ class Driver;
#include "variables/time_wday.h"
#include "variables/time_year.h"
#include "variables/tx.h"
#include "variables/xml.h"
#include "variables/rule.h"
#include "variables/variations/count.h"
#include "variables/variations/exclusion.h"
using modsecurity::ModSecurity;
using modsecurity::actions::Accuracy;
using modsecurity::actions::Action;
using modsecurity::actions::CtlAuditLogParts;
using modsecurity::actions::CtlRequestBodyProcessorXML;
using modsecurity::actions::CtlRequestBodyProcessorJSON;
using modsecurity::actions::InitCol;
using modsecurity::actions::SetSID;
using modsecurity::actions::SetUID;
using modsecurity::actions::SetVar;
using modsecurity::actions::Severity;
using modsecurity::actions::Tag;
using modsecurity::actions::Redirect;
using modsecurity::actions::Rev;
using modsecurity::actions::Ver;
using modsecurity::actions::Msg;
using modsecurity::actions::Phase;
using modsecurity::actions::Allow;
using modsecurity::actions::transformations::None;
using modsecurity::actions::LogData;
using modsecurity::actions::Maturity;
using modsecurity::actions::transformations::Transformation;
using modsecurity::operators::Operator;
using modsecurity::Rule;
using modsecurity::Utils::GeoLookup;
using modsecurity::removeBracketsIfNeeded;
using modsecurity::Variables::Variations::Count;
using modsecurity::Variables::Variations::Exclusion;
using modsecurity::Variables::Duration;
using modsecurity::Variables::Env;
using modsecurity::Variables::HighestSeverity;
using modsecurity::Variables::ModsecBuild;
using modsecurity::Variables::RemoteUser;
using modsecurity::Variables::Time;
using modsecurity::Variables::TimeDay;
using modsecurity::Variables::TimeEpoch;
using modsecurity::Variables::TimeHour;
@ -119,9 +93,36 @@ using modsecurity::Variables::TimeMon;
using modsecurity::Variables::TimeSec;
using modsecurity::Variables::TimeWDay;
using modsecurity::Variables::TimeYear;
using modsecurity::Variables::Variable;
using modsecurity::Variables::Time;
using modsecurity::Variables::Tx;
using modsecurity::Variables::Variable;
using modsecurity::Variables::Variations::Count;
using modsecurity::Variables::Variations::Exclusion;
using modsecurity::Variables::XML;
using modsecurity::actions::Accuracy;
using modsecurity::actions::Action;
using modsecurity::actions::Allow;
using modsecurity::actions::CtlAuditLogParts;
using modsecurity::actions::CtlRequestBodyProcessorJSON;
using modsecurity::actions::CtlRequestBodyProcessorXML;
using modsecurity::actions::InitCol;
using modsecurity::actions::LogData;
using modsecurity::actions::Maturity;
using modsecurity::actions::Msg;
using modsecurity::actions::Phase;
using modsecurity::actions::Redirect;
using modsecurity::actions::Rev;
using modsecurity::actions::SetSID;
using modsecurity::actions::SetUID;
using modsecurity::actions::SetVar;
using modsecurity::actions::Severity;
using modsecurity::actions::Tag;
using modsecurity::actions::Ver;
using modsecurity::actions::transformations::None;
using modsecurity::actions::transformations::Transformation;
using modsecurity::operators::Operator;
using modsecurity::removeBracketsIfNeeded;
#define CHECK_VARIATION_DECL \
@ -177,41 +178,39 @@ using modsecurity::Variables::XML;
PIPE
;
%token <std::string> QUOTATION_MARK
%token <std::string> DIRECTIVE
%token <std::string> DIRECTIVE_SECRULESCRIPT
%token <std::string> CONFIG_DIR_REQ_BODY_LIMIT
%token <std::string> CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT
%token <std::string> CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT
%token <std::string> CONFIG_DIR_RES_BODY_LIMIT
%token <std::string> CONFIG_DIR_REQ_BODY_LIMIT_ACTION
%token <std::string> CONFIG_DIR_RES_BODY_LIMIT_ACTION
%token <std::string> CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION
%token <std::string> CONFIG_DIR_PCRE_MATCH_LIMIT
%token <std::string> CONGIG_DIR_RESPONSE_BODY_MP
%token <std::string> CONGIG_DIR_SEC_TMP_DIR
%token <std::string> CONGIG_DIR_SEC_DATA_DIR
%token <std::string> CONGIG_DIR_SEC_ARG_SEP
%token <std::string> CONGIG_DIR_SEC_COOKIE_FORMAT
%token <std::string> CONGIG_DIR_SEC_STATUS_ENGINE
%token <std::string> CONFIG_DIR_UNICODE_MAP_FILE
%token <std::string> CONFIG_DIR_RULE_ENG
%token <std::string> CONFIG_DIR_REQ_BODY
%token <std::string> CONFIG_DIR_RES_BODY
%token <std::string> CONFIG_VALUE_ON
%token <std::string> CONFIG_VALUE_OFF
%token <std::string> CONFIG_VALUE_DETC
%token <std::string> CONFIG_VALUE_HTTPS
%token <std::string> CONFIG_VALUE_SERIAL
%token <std::string> CONFIG_VALUE_PARALLEL
%token <std::string> CONFIG_VALUE_RELEVANT_ONLY
%token <std::string> CONFIG_VALUE_PROCESS_PARTIAL
%token <std::string> CONFIG_VALUE_REJECT
%token <std::string> CONFIG_VALUE_ABORT
%token <std::string> CONFIG_VALUE_WARN
%token <std::string> ACTION
%token <std::string> ACTION_ACCURACY
%token <std::string> ACTION_ALLOW
%token <std::string> ACTION_AUDIT_LOG
%token <std::string> ACTION_CTL_AUDIT_ENGINE
%token <std::string> ACTION_CTL_AUDIT_LOG_PARTS
%token <std::string> ACTION_CTL_BDY_JSON
%token <std::string> ACTION_CTL_BDY_XML
%token <std::string> ACTION_CTL_FORCE_REQ_BODY_VAR
%token <std::string> ACTION_CTL_REQUEST_BODY_ACCESS
%token <std::string> ACTION_CTL_RULE_ENGINE
%token <std::string> ACTION_CTL_RULE_REMOVE_BY_ID
%token <std::string> ACTION_CTL_RULE_REMOVE_TARGET_BY_ID
%token <std::string> ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG
%token <std::string> ACTION_EXEC
%token <std::string> ACTION_EXPIREVAR
%token <std::string> ACTION_INITCOL
%token <std::string> ACTION_MATURITY
%token <std::string> ACTION_MSG
%token <std::string> ACTION_PHASE
%token <std::string> ACTION_REDIRECT
%token <std::string> ACTION_REV
%token <std::string> ACTION_SETENV
%token <std::string> ACTION_SETSID
%token <std::string> ACTION_SETUID
%token <std::string> ACTION_SETVAR
%token <std::string> ACTION_SEVERITY
%token <std::string> ACTION_SKIP
%token <std::string> ACTION_SKIP_AFTER
%token <std::string> ACTION_TAG
%token <std::string> ACTION_VER
%token <std::string> ACTION_XMLNS
%token <std::string> CONFIG_COMPONENT_SIG
%token <std::string> CONFIG_DIR_AUDIT_DIR
%token <std::string> CONFIG_DIR_AUDIT_DIR_MOD
%token <std::string> CONFIG_DIR_AUDIT_ENG
@ -221,37 +220,63 @@ using modsecurity::Variables::XML;
%token <std::string> CONFIG_DIR_AUDIT_LOG_P
%token <std::string> CONFIG_DIR_AUDIT_STS
%token <std::string> CONFIG_DIR_AUDIT_TPE
%token <std::string> CONFIG_SEC_RULE_REMOVE_BY_ID
%token <std::string> CONFIG_UPDLOAD_KEEP_FILES
%token <std::string> CONFIG_UPDLOAD_SAVE_TMP_FILES
%token <std::string> CONFIG_UPLOAD_FILE_LIMIT
%token <std::string> CONFIG_UPLOAD_FILE_MODE
%token <std::string> CONFIG_UPLOAD_DIR
%token <std::string> CONFIG_COMPONENT_SIG
%token <std::string> CONFIG_DIR_DEBUG_LOG
%token <std::string> CONFIG_DIR_DEBUG_LVL
%token <std::string> CONFIG_XML_EXTERNAL_ENTITY
%token <std::string> CONFIG_DIR_GEO_DB
%token <std::string> CONFIG_DIR_PCRE_MATCH_LIMIT
%token <std::string> CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION
%token <std::string> CONFIG_DIR_REQ_BODY
%token <std::string> CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT
%token <std::string> CONFIG_DIR_REQ_BODY_LIMIT
%token <std::string> CONFIG_DIR_REQ_BODY_LIMIT_ACTION
%token <std::string> CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT
%token <std::string> CONFIG_DIR_RES_BODY
%token <std::string> CONFIG_DIR_RES_BODY_LIMIT
%token <std::string> CONFIG_DIR_RES_BODY_LIMIT_ACTION
%token <std::string> CONFIG_DIR_RULE_ENG
%token <std::string> CONFIG_DIR_SEC_ACTION
%token <std::string> CONFIG_DIR_SEC_DEFAULT_ACTION
%token <std::string> CONFIG_DIR_SEC_MARKER
%token <std::string> VARIABLE
%token <std::string> VARIABLE_STATUS
%token <std::string> VARIABLE_TX
%token <std::string> VARIABLE_COL
%token <std::string> CONFIG_DIR_UNICODE_MAP_FILE
%token <std::string> CONFIG_SEC_COLLECTION_TIMEOUT
%token <std::string> CONFIG_SEC_REMOTE_RULES_FAIL_ACTION
%token <std::string> CONFIG_SEC_RULE_REMOVE_BY_ID
%token <std::string> CONFIG_UPDLOAD_KEEP_FILES
%token <std::string> CONFIG_UPDLOAD_SAVE_TMP_FILES
%token <std::string> CONFIG_UPLOAD_DIR
%token <std::string> CONFIG_UPLOAD_FILE_LIMIT
%token <std::string> CONFIG_UPLOAD_FILE_MODE
%token <std::string> CONFIG_VALUE_ABORT
%token <std::string> CONFIG_VALUE_DETC
%token <std::string> CONFIG_VALUE_HTTPS
%token <std::string> CONFIG_VALUE_OFF
%token <std::string> CONFIG_VALUE_ON
%token <std::string> CONFIG_VALUE_PARALLEL
%token <std::string> CONFIG_VALUE_PROCESS_PARTIAL
%token <std::string> CONFIG_VALUE_REJECT
%token <std::string> CONFIG_VALUE_RELEVANT_ONLY
%token <std::string> CONFIG_VALUE_SERIAL
%token <std::string> CONFIG_VALUE_WARN
%token <std::string> CONFIG_XML_EXTERNAL_ENTITY
%token <std::string> CONGIG_DIR_RESPONSE_BODY_MP
%token <std::string> CONGIG_DIR_SEC_ARG_SEP
%token <std::string> CONGIG_DIR_SEC_COOKIE_FORMAT
%token <std::string> CONGIG_DIR_SEC_DATA_DIR
%token <std::string> CONGIG_DIR_SEC_STATUS_ENGINE
%token <std::string> CONGIG_DIR_SEC_TMP_DIR
%token <std::string> DIRECTIVE
%token <std::string> DIRECTIVE_SECRULESCRIPT
%token <std::string> FREE_TEXT
%token <std::string> LOG_DATA
%token <std::string> OPERATOR
%token <std::string> OPERATOR_GEOIP
%token <std::string> QUOTATION_MARK
%token <std::string> RUN_TIME_VAR_BLD
%token <std::string> RUN_TIME_VAR_DUR
%token <std::string> RUN_TIME_VAR_ENV
%token <std::string> RUN_TIME_VAR_BLD
%token <std::string> RUN_TIME_VAR_HSV
%token <std::string> RUN_TIME_VAR_REMOTE_USER
%token <std::string> RUN_TIME_VAR_RULE
%token <std::string> RUN_TIME_VAR_TIME
%token <std::string> RUN_TIME_VAR_TIME_DAY
%token <std::string> RUN_TIME_VAR_TIME_EPOCH
@ -262,57 +287,19 @@ using modsecurity::Variables::XML;
%token <std::string> RUN_TIME_VAR_TIME_WDAY
%token <std::string> RUN_TIME_VAR_TIME_YEAR
%token <std::string> RUN_TIME_VAR_XML
%token <std::string> RUN_TIME_VAR_RULE
%token <std::string> CONFIG_SEC_REMOTE_RULES_FAIL_ACTION
%token <std::string> CONFIG_DIR_GEO_DB
%token <std::string> OPERATOR
%token <std::string> OPERATOR_GEOIP
%token <std::string> FREE_TEXT
%token <std::string> ACTION
%token <std::string> ACTION_ACCURACY
%token <std::string> ACTION_EXEC
%token <std::string> ACTION_ALLOW
%token <std::string> ACTION_REDIRECT
%token <std::string> ACTION_SKIP_AFTER
%token <std::string> ACTION_SKIP
%token <std::string> ACTION_AUDIT_LOG
%token <std::string> ACTION_PHASE
%token <std::string> ACTION_SEVERITY
%token <std::string> ACTION_SETENV
%token <std::string> ACTION_SETVAR
%token <std::string> ACTION_SETSID
%token <std::string> ACTION_SETUID
%token <std::string> ACTION_EXPIREVAR
%token <std::string> ACTION_INITCOL
%token <std::string> ACTION_MSG
%token <std::string> ACTION_TAG
%token <std::string> ACTION_REV
%token <std::string> ACTION_VER
%token <std::string> ACTION_MATURITY
%token <std::string> ACTION_XMLNS
%token <std::string> LOG_DATA
%token <std::string> TRANSFORMATION
%token <std::string> ACTION_CTL_AUDIT_ENGINE
%token <std::string> ACTION_CTL_AUDIT_LOG_PARTS
%token <std::string> ACTION_CTL_BDY_JSON
%token <std::string> ACTION_CTL_BDY_XML
%token <std::string> ACTION_CTL_RULE_ENGINE
%token <std::string> ACTION_CTL_FORCE_REQ_BODY_VAR
%token <std::string> CONFIG_SEC_COLLECTION_TIMEOUT
%token <std::string> ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG
%token <std::string> ACTION_CTL_RULE_REMOVE_TARGET_BY_ID
%token <std::string> ACTION_CTL_RULE_REMOVE_BY_ID
%token <std::string> ACTION_CTL_REQUEST_BODY_ACCESS
%token <std::string> VARIABLE
%token <std::string> VARIABLE_COL
%token <std::string> VARIABLE_STATUS
%token <std::string> VARIABLE_TX
%type <Action *> act
%type <Operator *> op
%type <Variable *> var
%type <std::vector<Action *> *> actings
%type <std::vector<Action *> *> actions
%type <std::vector<Variable *> *> variables
%type <Variable *> var
%type <Action *> act
%type <std::vector<Action *> *> actings
%type <Operator *> op
%printer { yyoutput << $$; } <*>;
@ -493,6 +480,7 @@ op:
}
$$ = op;
}
;
expression:
audit_log
@ -1322,9 +1310,7 @@ actions:
;
%%
void
yy::seclang_parser::error (const location_type& l,
const std::string& m)
{
void yy::seclang_parser::error (const location_type& l, const std::string& m) {
driver.error (l, m);
}

773
src/parser/seclang-scanner.ll
View File

@ -3,15 +3,18 @@
#include <climits>
#include <cstdlib>
#include <string>
#include "parser/driver.h"
#include "seclang-parser.hh"
#include "utils/https_client.h"
#include "utils.h"
#include "src/utils.h"
using modsecurity::Parser::Driver;
using modsecurity::Utils::HttpsClient;
using modsecurity::split;
typedef yy::seclang_parser p;
// Work around an incompatibility in flex (at least versions
// 2.5.31 through 2.5.33): it generates code that does
// not conform to C89. See Debian bug 333231
@ -23,189 +26,152 @@ using modsecurity::split;
%}
%option noyywrap nounput batch debug noinput
ACTION (?i:accuracy|append|block|capture|chain|deny|deprecatevar|drop|expirevar|id:[0-9]+|id:'[0-9]+'|log|multiMatch|noauditlog|nolog|pass|pause|prepend|proxy|sanitiseArg|sanitiseMatched|sanitiseMatchedBytes|sanitiseRequestHeader|sanitiseResponseHeader|setrsc|setenv|status:[0-9]+)
ACTION_XMLNS (?i:xmlns)
ACTION_ALLOW ((?i:allow:(?i:REQUEST|PHASE))|(?i:phase:'(?i:REQUEST|PHASE)')|(?i:allow))
ACTION_INITCOL (?i:initcol)
ACTION_ACCURACY (?i:accuracy)
ACTION_REDIRECT (?i:redirect)
ACTION_SKIP (?i:skip)
ACTION_SKIP_AFTER (?i:skipAfter)
ACTION_PHASE ((?i:phase:(?i:REQUEST|RESPONSE|LOGGING|[0-9]+))|(?i:phase:'(?i:REQUEST|RESPONSE|LOGGING|[0-9]+)'))
ACTION_AUDIT_LOG (?i:auditlog)
ACTION_EXEC (?i:exec)
ACTION_SEVERITY (?i:severity)
ACTION_SEVERITY_VALUE (?i:(EMERGENCY|ALERT|CRITICAL|ERROR|WARNING|NOTICE|INFO|DEBUG)|[0-9]+)
ACTION_SETVAR (?i:setvar)
ACTION_SETENV (?i:setenv)
ACTION_SETSID (?i:setsid)
ACTION_SETUID (?i:setuid)
ACTION_EXPIREVAR (?i:expirevar)
ACTION_MSG (?i:msg)
ACTION_TAG (?i:tag)
ACTION_REV (?i:rev)
ACTION_VER (?i:ver)
ACTION_MATURITY (?i:maturity)
ACTION_CTL_BDY_XML (?i:ctl:requestBodyProcessor=XML)
ACTION_CTL_BDY_JSON (?i:ctl:requestBodyProcessor=JSON)
ACTION_CTL_AUDIT_LOG_PARTS (?i:ctl:auditLogParts)
ACTION_CTL_RULE_ENGINE (?i:ctl:ruleEngine)
ACTION_CTL_AUDIT_ENGINE (?i:ctl:auditEngine)
ACTION_CTL_FORCE_REQ_BODY_VAR (?i:ctl:forceRequestBodyVariable)
DIRECTIVE (?i:SecRule)
DIRECTIVE_SECRULESCRIPT (?i:SecRuleScript)
LOG_DATA (?i:logdata)
CONFIG_DIR_SEC_DEFAULT_ACTION (?i:SecDefaultAction)
CONFIG_DIR_SEC_ACTION (?i:SecAction)
CONFIG_DIR_SEC_MARKER (?i:SecMarker)
CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION (?i:SecPcreMatchLimitRecursion)
CONFIG_DIR_PCRE_MATCH_LIMIT (?i:SecPcreMatchLimit)
CONGIG_DIR_RESPONSE_BODY_MP (?i:SecResponseBodyMimeType)
CONGIG_DIR_SEC_TMP_DIR (?i:SecTmpDir)
CONGIG_DIR_SEC_DATA_DIR (?i:SecDataDir)
CONGIG_DIR_SEC_ARG_SEP (?i:SecArgumentSeparator)
CONGIG_DIR_SEC_COOKIE_FORMAT (?i:SecCookieFormat)
CONGIG_DIR_SEC_STATUS_ENGINE (?i:SecStatusEngine)
CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT (?i:SecRequestBodyInMemoryLimit)
CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT (?i:SecRequestBodyNoFilesLimit)
CONFIG_DIR_REQ_BODY_LIMIT (?i:SecRequestBodyLimit)
CONFIG_DIR_RES_BODY_LIMIT (?i:SecResponseBodyLimit)
CONFIG_DIR_REQ_BODY_LIMIT_ACTION (?i:SecRequestBodyLimitAction)
CONFIG_DIR_RES_BODY_LIMIT_ACTION (?i:SecResponseBodyLimitAction)
ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG (?i:ctl:ruleRemoveTargetByTag)
ACTION_CTL_RULE_REMOVE_TARGET_BY_ID (?i:ctl:ruleRemoveTargetById)
ACTION_CTL_RULE_REMOVE_BY_ID (?i:ctl:ruleRemoveById)
ACTION_CTL_REQUEST_BODY_ACCESS (?i:ctl:requestBodyAccess)
CONFIG_DIR_GEO_DB (?i:SecGeoLookupDb)
CONFIG_DIR_RULE_ENG (?i:SecRuleEngine)
CONFIG_DIR_REQ_BODY (?i:SecRequestBodyAccess)
CONFIG_DIR_RES_BODY (?i:SecResponseBodyAccess)
CONFIG_XML_EXTERNAL_ENTITY (?i:SecXmlExternalEntity)
CONFIG_DIR_AUDIT_DIR_MOD (?i:SecAuditLogDirMode)
CONFIG_DIR_AUDIT_DIR (?i:SecAuditLogStorageDir)
CONFIG_DIR_AUDIT_ENG (?i:SecAuditEngine)
CONFIG_DIR_AUDIT_FLE_MOD (?i:SecAuditLogFileMode)
CONFIG_DIR_AUDIT_LOG2 (?i:SecAuditLog2)
CONFIG_DIR_AUDIT_LOG_P (?i:SecAuditLogParts)
CONFIG_DIR_AUDIT_LOG (?i:SecAuditLog)
CONFIG_DIR_AUDIT_STS (?i:SecAuditLogRelevantStatus)
CONFIG_DIR_AUDIT_TPE (?i:SecAuditLogType)
ACTION (?i:accuracy|append|block|capture|chain|deny|deprecatevar|drop|expirevar|id:[0-9]+|id:'[0-9]+'|log|multiMatch|noauditlog|nolog|pass|pause|prepend|proxy|sanitiseArg|sanitiseMatched|sanitiseMatchedBytes|sanitiseRequestHeader|sanitiseResponseHeader|setrsc|setenv|status:[0-9]+)
ACTION_ACCURACY (?i:accuracy)
ACTION_ALLOW ((?i:allow:(?i:REQUEST|PHASE))|(?i:phase:'(?i:REQUEST|PHASE)')|(?i:allow))
ACTION_AUDIT_LOG (?i:auditlog)
ACTION_CTL_AUDIT_ENGINE (?i:ctl:auditEngine)
ACTION_CTL_AUDIT_LOG_PARTS (?i:ctl:auditLogParts)
ACTION_CTL_BDY_JSON (?i:ctl:requestBodyProcessor=JSON)
ACTION_CTL_BDY_XML (?i:ctl:requestBodyProcessor=XML)
ACTION_CTL_FORCE_REQ_BODY_VAR (?i:ctl:forceRequestBodyVariable)
ACTION_CTL_REQUEST_BODY_ACCESS (?i:ctl:requestBodyAccess)
ACTION_CTL_RULE_ENGINE (?i:ctl:ruleEngine)
ACTION_CTL_RULE_REMOVE_BY_ID (?i:ctl:ruleRemoveById)
ACTION_CTL_RULE_REMOVE_TARGET_BY_ID (?i:ctl:ruleRemoveTargetById)
ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG (?i:ctl:ruleRemoveTargetByTag)
ACTION_EXEC (?i:exec)
ACTION_EXPIREVAR (?i:expirevar)
ACTION_INITCOL (?i:initcol)
ACTION_MATURITY (?i:maturity)
ACTION_MSG (?i:msg)
ACTION_PHASE ((?i:phase:(?i:REQUEST|RESPONSE|LOGGING|[0-9]+))|(?i:phase:'(?i:REQUEST|RESPONSE|LOGGING|[0-9]+)'))
ACTION_REDIRECT (?i:redirect)
ACTION_REV (?i:rev)
ACTION_SETENV (?i:setenv)
ACTION_SETSID (?i:setsid)
ACTION_SETUID (?i:setuid)
ACTION_SETVAR (?i:setvar)
ACTION_SEVERITY (?i:severity)
ACTION_SEVERITY_VALUE (?i:(EMERGENCY|ALERT|CRITICAL|ERROR|WARNING|NOTICE|INFO|DEBUG)|[0-9]+)
ACTION_SKIP (?i:skip)
ACTION_SKIP_AFTER (?i:skipAfter)
ACTION_TAG (?i:tag)
ACTION_VER (?i:ver)
ACTION_XMLNS (?i:xmlns)
AUDIT_PARTS [ABCDEFHJKIZ]+
COL_FREE_TEXT_SPACE_COMMA ([^,"])+
COL_NAME [A-Za-z]+
CONFIG_COMPONENT_SIG (?i:SecComponentSignature)
CONFIG_DIR_AUDIT_DIR (?i:SecAuditLogStorageDir)
CONFIG_DIR_AUDIT_DIR_MOD (?i:SecAuditLogDirMode)
CONFIG_DIR_AUDIT_ENG (?i:SecAuditEngine)
CONFIG_DIR_AUDIT_FLE_MOD (?i:SecAuditLogFileMode)
CONFIG_DIR_AUDIT_LOG2 (?i:SecAuditLog2)
CONFIG_DIR_AUDIT_LOG (?i:SecAuditLog)
CONFIG_DIR_AUDIT_LOG_P (?i:SecAuditLogParts)
CONFIG_DIR_AUDIT_STS (?i:SecAuditLogRelevantStatus)
CONFIG_DIR_AUDIT_TPE (?i:SecAuditLogType)
CONFIG_DIR_DEBUG_LOG (?i:SecDebugLog)
CONFIG_DIR_DEBUG_LVL (?i:SecDebugLogLevel)
CONFIG_DIR_GEO_DB (?i:SecGeoLookupDb)
CONFIG_DIR_PCRE_MATCH_LIMIT (?i:SecPcreMatchLimit)
CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION (?i:SecPcreMatchLimitRecursion)
CONFIG_DIR_REQ_BODY (?i:SecRequestBodyAccess)
CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT (?i:SecRequestBodyInMemoryLimit)
CONFIG_DIR_REQ_BODY_LIMIT (?i:SecRequestBodyLimit)
CONFIG_DIR_REQ_BODY_LIMIT_ACTION (?i:SecRequestBodyLimitAction)
CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT (?i:SecRequestBodyNoFilesLimit)
CONFIG_DIR_RES_BODY (?i:SecResponseBodyAccess)
CONFIG_DIR_RES_BODY_LIMIT (?i:SecResponseBodyLimit)
CONFIG_DIR_RES_BODY_LIMIT_ACTION (?i:SecResponseBodyLimitAction)
CONFIG_DIR_RULE_ENG (?i:SecRuleEngine)
CONFIG_DIR_SEC_ACTION (?i:SecAction)
CONFIG_DIR_SEC_DEFAULT_ACTION (?i:SecDefaultAction)
CONFIG_DIR_SEC_MARKER (?i:SecMarker)
CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
CONFIG_INCLUDE (?i:Include)
CONFIG_SEC_COLLECTION_TIMEOUT (?i:SecCollectionTimeout)
CONFIG_SEC_REMOTE_RULES (?i:SecRemoteRules)
CONFIG_SEC_REMOTE_RULES_FAIL_ACTION (?i:SecRemoteRulesFailAction)
CONFIG_SEC_REMOVE_RULES_BY_ID (?i:SecRuleRemoveById)
CONFIG_UPDLOAD_KEEP_FILES (?i:SecUploadKeepFiles)
CONFIG_UPDLOAD_SAVE_TMP_FILES (?i:SecTmpSaveUploadedFiles)
CONFIG_UPLOAD_DIR (?i:SecUploadDir)
CONFIG_UPLOAD_FILE_LIMIT (?i:SecUploadFileLimit)
CONFIG_UPLOAD_FILE_MODE (?i:SecUploadFileMode)
CONFIG_VALUE_ABORT (?i:Abort)
CONFIG_VALUE_DETC (?i:DetectionOnly)
CONFIG_VALUE_HTTPS (?i:https)
CONFIG_VALUE_NUMBER [0-9]+
CONFIG_VALUE_OFF (?i:Off)
CONFIG_VALUE_ON (?i:On)
CONFIG_VALUE_PARALLEL (?i:Parallel|Concurrent)
CONFIG_VALUE_PATH [0-9A-Za-z_\/\.\-\*\:]+
CONFIG_VALUE_PROCESS_PARTIAL (?i:ProcessPartial)
CONFIG_VALUE_REJECT (?i:Reject)
CONFIG_VALUE_RELEVANT_ONLY (?i:RelevantOnly)
CONFIG_VALUE_SERIAL (?i:Serial)
CONFIG_VALUE_WARN (?i:Warn)
CONFIG_XML_EXTERNAL_ENTITY (?i:SecXmlExternalEntity)
CONGIG_DIR_RESPONSE_BODY_MP (?i:SecResponseBodyMimeType)
CONGIG_DIR_SEC_ARG_SEP (?i:SecArgumentSeparator)
CONGIG_DIR_SEC_COOKIE_FORMAT (?i:SecCookieFormat)
CONGIG_DIR_SEC_DATA_DIR (?i:SecDataDir)
CONGIG_DIR_SEC_STATUS_ENGINE (?i:SecStatusEngine)
CONGIG_DIR_SEC_TMP_DIR (?i:SecTmpDir)
DICT_ELEMENT [^ \t|]+
DIRECTIVE (?i:SecRule)
DIRECTIVE_SECRULESCRIPT (?i:SecRuleScript)
FREE_TEXT ([^\"]|(\\\"))+
FREE_TEXT_NEW_LINE [^\"|\n]+
FREE_TEXT_QUOTE ([^\']|([^\\]\\\'))+
FREE_TEXT_QUOTE_COMMA [^,\']+
FREE_TEXT_SPACE [^ \t]+
FREE_TEXT_SPACE_COMMA [^, \t]+
FREE_TEXT_SPACE_COMMA_QUOTE [^, \t\"\n\r]+
LOG_DATA (?i:logdata)
NEW_LINE_FREE_TEXT [^, \t\"\n\r]+
OPERATORNOARG (?i:@unconditionalMatch|@detectSQLi|@detectXSS|@validateUrlEncoding|@validateUtf8Encoding)
OPERATOR (?i:(?:@inspectFile|@fuzzyHash|@validateByteRange|@validateDTD|@validateHash|@validateSchema|@verifyCC|@verifyCPF|@verifySSN|@gsbLookup|@rsub)|(?:\!{0,1})(?:@within|@containsWord|@contains|@endsWith|@eq|@ge|@gt|@ipMatchF|@ipMatch|@ipMatchFromFile|@le|@lt|@pmf|@pm|@pmFromFile|@rbl|@rx|@streq|@strmatch|@beginsWith))
OPERATOR_GEOIP (?i:@geoLookup)
REMOVE_RULE_BY [0-9A-Za-z_\/\.\-\*\:\;\]\[]+
RUN_TIME_VAR_BLD (?i:MODSEC_BUILD)
RUN_TIME_VAR_DUR (?i:DURATION)
RUN_TIME_VAR_ENV (?i:ENV)
RUN_TIME_VAR_HSV (?i:HIGHEST_SEVERITY)
RUN_TIME_VAR_REMOTE_USER (?i:REMOTE_USER)
RUN_TIME_VAR_RULE (?i:RULE)
RUN_TIME_VAR_TIME (?i:TIME)
RUN_TIME_VAR_TIME_DAY (?i:TIME_DAY)
RUN_TIME_VAR_TIME_EPOCH (?i:TIME_EPOCH)
RUN_TIME_VAR_TIME_HOUR (?i:TIME_HOUR)
RUN_TIME_VAR_TIME_MIN (?i:TIME_MIN)
RUN_TIME_VAR_TIME_MON (?i:TIME_MON)
RUN_TIME_VAR_TIME_SEC (?i:TIME_SEC)
RUN_TIME_VAR_TIME_WDAY (?i:TIME_WDAY)
RUN_TIME_VAR_TIME_YEAR (?i:TIME_YEAR)
RUN_TIME_VAR_XML (?i:XML)
SOMETHING ["]{1}([^"]|([^\\"]\\\"))*["]{1}
TRANSFORMATION t:(?i:(parityZero7bit|parityOdd7bit|parityEven7bit|sqlHexDecode|cmdLine|sha1|md5|hexEncode|lowercase|urlDecodeUni|urlDecode|none|compressWhitespace|removeWhitespace|replaceNulls|removeNulls|htmlEntityDecode|jsDecode|cssDecode|trim|normalizePathWin|normalisePathWin|normalizePath|normalisePath|length|utf8toUnicode|urldecode|removeCommentsChar|removeComments|replaceComments))
VARIABLENOCOLON (?i:URLENCODED_ERROR|REQBODY_PROCESSOR_ERROR_MSG|REQBODY_PROCESSOR_ERROR|REQBODY_PROCESSOR|REQBODY_ERROR_MSG|REQBODY_ERROR|MULTIPART_FILE_LIMIT_EXCEEDED|MULTIPART_INVALID_QUOTING|MULTIPART_HEADER_FOLDING|MULTIPART_INVALID_HEADER_FOLDING|MULTIPART_STRICT_ERROR|MULTIPART_UNMATCHED_BOUNDARY|REMOTE_ADDR|REQUEST_LINE)
VARIABLE (?i:(SERVER_NAME|MULTIPART_DATA_AFTER|RESOURCE|ARGS_COMBINED_SIZE|ARGS_GET_NAMES|ARGS_POST_NAMES|FILES_TMPNAMES|FILES_COMBINED_SIZE|FULL_REQUEST_LENGTH|REQUEST_BODY_LENGTH|REQUEST_URI_RAW|UNIQUE_ID|SERVER_PORT|SERVER_ADDR|REMOTE_PORT|REMOTE_HOST|PATH_INFO|MULTIPART_CRLF_LF_LINES|MATCHED_VAR_NAME|MATCHED_VAR|INBOUND_DATA_ERROR|OUTBOUND_DATA_ERROR|FULL_REQUEST|AUTH_TYPE|ARGS_NAMES|REMOTE_ADDR|REQUEST_BASENAME|REQUEST_BODY|REQUEST_FILENAME|REQUEST_HEADERS_NAMES|REQUEST_METHOD|REQUEST_PROTOCOL|REQUEST_URI|RESPONSE_BODY|RESPONSE_CONTENT_LENGTH|RESPONSE_CONTENT_TYPE|RESPONSE_HEADERS_NAMES|RESPONSE_PROTOCOL|RESPONSE_STATUS|USERID|SESSIONID))
VARIABLE_COL (?i:(SESSION|GLOBAL|ARGS_POST|ARGS_GET|ARGS|FILES_SIZES|FILES_NAMES|FILES_TMP_CONTENT|MULTIPART_FILENAME|MULTIPART_NAME|MATCHED_VARS_NAMES|MATCHED_VARS|FILES|QUERY_STRING|REQUEST_COOKIES|REQUEST_HEADERS|RESPONSE_HEADERS|GEO|IP|REQUEST_COOKIES_NAMES))
VARIABLE_STATUS (?i:(STATUS[^:]))
VARIABLE_TX (?i:TX)
VARIABLE_WEBSERVER_ERROR_LOG (?:WEBSERVER_ERROR_LOG)
VAR_FREE_TEXT_QUOTE ([^\']|([^\\]\\\'))+
VAR_FREE_TEXT_SPACE [^ \t\"]+
VAR_FREE_TEXT_SPACE_COMMA [^, \t\"]+
CONFIG_UPLOAD_FILE_LIMIT (?i:SecUploadFileLimit)
CONFIG_UPLOAD_FILE_MODE (?i:SecUploadFileMode)
CONFIG_UPDLOAD_KEEP_FILES (?i:SecUploadKeepFiles)
CONFIG_UPDLOAD_SAVE_TMP_FILES (?i:SecTmpSaveUploadedFiles)
CONFIG_UPLOAD_DIR (?i:SecUploadDir)
CONFIG_SEC_COLLECTION_TIMEOUT (?i:SecCollectionTimeout)
CONFIG_DIR_DEBUG_LOG (?i:SecDebugLog)
CONFIG_DIR_DEBUG_LVL (?i:SecDebugLogLevel)
CONFIG_COMPONENT_SIG (?i:SecComponentSignature)
CONFIG_INCLUDE (?i:Include)
CONFIG_SEC_REMOTE_RULES (?i:SecRemoteRules)
CONFIG_SEC_REMOTE_RULES_FAIL_ACTION (?i:SecRemoteRulesFailAction)
CONFIG_SEC_REMOVE_RULES_BY_ID (?i:SecRuleRemoveById)
DICT_ELEMENT [^ \t|]+
OPERATOR (?i:(?:@inspectFile|@fuzzyHash|@validateByteRange|@validateDTD|@validateHash|@validateSchema|@verifyCC|@verifyCPF|@verifySSN|@gsbLookup|@rsub)|(?:\!{0,1})(?:@within|@containsWord|@contains|@endsWith|@eq|@ge|@gt|@ipMatchF|@ipMatch|@ipMatchFromFile|@le|@lt|@pmf|@pm|@pmFromFile|@rbl|@rx|@streq|@strmatch|@beginsWith))
OPERATORNOARG (?i:@unconditionalMatch|@detectSQLi|@detectXSS|@validateUrlEncoding|@validateUtf8Encoding)
OPERATOR_GEOIP (?i:@geoLookup)
TRANSFORMATION t:(?i:(parityZero7bit|parityOdd7bit|parityEven7bit|sqlHexDecode|cmdLine|sha1|md5|hexEncode|lowercase|urlDecodeUni|urlDecode|none|compressWhitespace|removeWhitespace|replaceNulls|removeNulls|htmlEntityDecode|jsDecode|cssDecode|trim|normalizePathWin|normalisePathWin|normalizePath|normalisePath|length|utf8toUnicode|urldecode|removeCommentsChar|removeComments|replaceComments))
VARIABLE (?i:(SERVER_NAME|MULTIPART_DATA_AFTER|RESOURCE|ARGS_COMBINED_SIZE|ARGS_GET_NAMES|ARGS_POST_NAMES|FILES_TMPNAMES|FILES_COMBINED_SIZE|FULL_REQUEST_LENGTH|REQUEST_BODY_LENGTH|REQUEST_URI_RAW|UNIQUE_ID|SERVER_PORT|SERVER_ADDR|REMOTE_PORT|REMOTE_HOST|PATH_INFO|MULTIPART_CRLF_LF_LINES|MATCHED_VAR_NAME|MATCHED_VAR|INBOUND_DATA_ERROR|OUTBOUND_DATA_ERROR|FULL_REQUEST|AUTH_TYPE|ARGS_NAMES|REMOTE_ADDR|REQUEST_BASENAME|REQUEST_BODY|REQUEST_FILENAME|REQUEST_HEADERS_NAMES|REQUEST_METHOD|REQUEST_PROTOCOL|REQUEST_URI|RESPONSE_BODY|RESPONSE_CONTENT_LENGTH|RESPONSE_CONTENT_TYPE|RESPONSE_HEADERS_NAMES|RESPONSE_PROTOCOL|RESPONSE_STATUS|USERID|SESSIONID))
VARIABLE_COL (?i:(SESSION|GLOBAL|ARGS_POST|ARGS_GET|ARGS|FILES_SIZES|FILES_NAMES|FILES_TMP_CONTENT|MULTIPART_FILENAME|MULTIPART_NAME|MATCHED_VARS_NAMES|MATCHED_VARS|FILES|QUERY_STRING|REQUEST_COOKIES|REQUEST_HEADERS|RESPONSE_HEADERS|GEO|IP|REQUEST_COOKIES_NAMES))
VARIABLE_STATUS (?i:(STATUS[^:]))
VARIABLE_TX (?i:TX)
VARIABLE_WEBSERVER_ERROR_LOG (?:WEBSERVER_ERROR_LOG)
RUN_TIME_VAR_REMOTE_USER (?i:REMOTE_USER)
RUN_TIME_VAR_DUR (?i:DURATION)
RUN_TIME_VAR_ENV (?i:ENV)
RUN_TIME_VAR_BLD (?i:MODSEC_BUILD)
RUN_TIME_VAR_HSV (?i:HIGHEST_SEVERITY)
RUN_TIME_VAR_TIME (?i:TIME)
RUN_TIME_VAR_TIME_DAY (?i:TIME_DAY)
RUN_TIME_VAR_TIME_EPOCH (?i:TIME_EPOCH)
RUN_TIME_VAR_TIME_HOUR (?i:TIME_HOUR)
RUN_TIME_VAR_TIME_MIN (?i:TIME_MIN)
RUN_TIME_VAR_TIME_MON (?i:TIME_MON)
RUN_TIME_VAR_TIME_SEC (?i:TIME_SEC)
RUN_TIME_VAR_TIME_WDAY (?i:TIME_WDAY)
RUN_TIME_VAR_TIME_YEAR (?i:TIME_YEAR)
RUN_TIME_VAR_XML (?i:XML)
RUN_TIME_VAR_RULE (?i:RULE)
VARIABLENOCOLON (?i:URLENCODED_ERROR|REQBODY_PROCESSOR_ERROR_MSG|REQBODY_PROCESSOR_ERROR|REQBODY_PROCESSOR|REQBODY_ERROR_MSG|REQBODY_ERROR|MULTIPART_FILE_LIMIT_EXCEEDED|MULTIPART_INVALID_QUOTING|MULTIPART_HEADER_FOLDING|MULTIPART_INVALID_HEADER_FOLDING|MULTIPART_STRICT_ERROR|MULTIPART_UNMATCHED_BOUNDARY|REMOTE_ADDR|REQUEST_LINE)
CONFIG_VALUE_ON (?i:On)
CONFIG_VALUE_OFF (?i:Off)
CONFIG_VALUE_DETC (?i:DetectionOnly)
CONFIG_VALUE_SERIAL (?i:Serial)
CONFIG_VALUE_PARALLEL (?i:Parallel|Concurrent)
CONFIG_VALUE_HTTPS (?i:https)
CONFIG_VALUE_RELEVANT_ONLY (?i:RelevantOnly)
CONFIG_VALUE_PROCESS_PARTIAL (?i:ProcessPartial)
CONFIG_VALUE_REJECT (?i:Reject)
CONFIG_VALUE_ABORT (?i:Abort)
CONFIG_VALUE_WARN (?i:Warn)
CONFIG_VALUE_PATH [0-9A-Za-z_\/\.\-\*\:]+
REMOVE_RULE_BY [0-9A-Za-z_\/\.\-\*\:\;\]\[]+
AUDIT_PARTS [ABCDEFHJKIZ]+
CONFIG_VALUE_NUMBER [0-9]+
FREE_TEXT ([^\"]|(\\\"))+
NEW_LINE_FREE_TEXT [^, \t\"\n\r]+
FREE_TEXT_NEW_LINE [^\"|\n]+
FREE_TEXT_QUOTE ([^\']|([^\\]\\\'))+
FREE_TEXT_SPACE [^ \t]+
FREE_TEXT_SPACE_COMMA [^, \t]+
FREE_TEXT_SPACE_COMMA_QUOTE [^, \t\"\n\r]+
FREE_TEXT_QUOTE_COMMA [^,\']+
COL_NAME [A-Za-z]+
COL_FREE_TEXT_SPACE_COMMA ([^,"])+
VAR_FREE_TEXT_QUOTE ([^\']|([^\\]\\\'))+
VAR_FREE_TEXT_SPACE_COMMA [^, \t\"]+
VAR_FREE_TEXT_SPACE [^ \t\"]+
SOMETHING ["]{1}([^"]|([^\\"]\\\"))*["]{1}
CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
%x EXPECTING_OPERATOR COMMENT EXPECTING_VARIABLE
%{
// Code run each time a pattern is matched.
# define YY_USER_ACTION driver.loc.back()->columns (yyleng);
%}
%%
@ -214,287 +180,221 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
// Code run each time yylex is called.
driver.loc.back()->step();
%}
{DIRECTIVE} { return yy::seclang_parser::make_DIRECTIVE(yytext, *driver.loc.back()); }
{DIRECTIVE_SECRULESCRIPT}[ ]{CONFIG_VALUE_PATH} { return yy::seclang_parser::make_DIRECTIVE_SECRULESCRIPT(yytext, *driver.loc.back()); }
{TRANSFORMATION} { return yy::seclang_parser::make_TRANSFORMATION(yytext, *driver.loc.back()); }
{CONFIG_DIR_RULE_ENG} { return yy::seclang_parser::make_CONFIG_DIR_RULE_ENG(yytext, *driver.loc.back()); }
{CONFIG_DIR_RES_BODY} { return yy::seclang_parser::make_CONFIG_DIR_RES_BODY(yytext, *driver.loc.back()); }
{CONFIG_DIR_REQ_BODY} { return yy::seclang_parser::make_CONFIG_DIR_REQ_BODY(yytext, *driver.loc.back()); }
%{ /* Audit log entries */ %}
{CONFIG_DIR_AUDIT_DIR}[ ]{CONFIG_VALUE_PATH} { return yy::seclang_parser::make_CONFIG_DIR_AUDIT_DIR(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_DIR_MOD}[ ]{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_CONFIG_DIR_AUDIT_DIR_MOD(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_ENG} { return yy::seclang_parser::make_CONFIG_DIR_AUDIT_ENG(yytext, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_FLE_MOD}[ ]{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_CONFIG_DIR_AUDIT_FLE_MOD(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_LOG2}[ ]{CONFIG_VALUE_PATH} { return yy::seclang_parser::make_CONFIG_DIR_AUDIT_LOG2(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_LOG}[ ]{CONFIG_VALUE_PATH} { return yy::seclang_parser::make_CONFIG_DIR_AUDIT_LOG(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_LOG_P}[ ]{AUDIT_PARTS} { return yy::seclang_parser::make_CONFIG_DIR_AUDIT_LOG_P(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_STS}[ ]["]{FREE_TEXT}["] { return yy::seclang_parser::make_CONFIG_DIR_AUDIT_STS(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_TPE} { return yy::seclang_parser::make_CONFIG_DIR_AUDIT_TPE(yytext, *driver.loc.back()); }
{ACTION_CTL_AUDIT_LOG_PARTS}=[+|-]{AUDIT_PARTS} { return yy::seclang_parser::make_ACTION_CTL_AUDIT_LOG_PARTS(yytext, *driver.loc.back()); }
{ACTION_CTL_RULE_ENGINE}= { return yy::seclang_parser::make_ACTION_CTL_RULE_ENGINE(yytext, *driver.loc.back()); }
{ACTION_CTL_AUDIT_ENGINE}= { return yy::seclang_parser::make_ACTION_CTL_AUDIT_ENGINE(yytext, *driver.loc.back()); }
{ACTION_CTL_FORCE_REQ_BODY_VAR}= { return yy::seclang_parser::make_ACTION_CTL_FORCE_REQ_BODY_VAR(yytext, *driver.loc.back()); }
{ACTION_CTL_REQUEST_BODY_ACCESS}= { return yy::seclang_parser::make_ACTION_CTL_REQUEST_BODY_ACCESS(yytext, *driver.loc.back()); }
{ACTION_ACCURACY}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_ACCURACY(yytext, *driver.loc.back()); }
{ACTION_ACCURACY}:{FREE_TEXT_QUOTE} { return p::make_ACTION_ACCURACY(yytext, *driver.loc.back()); }
{ACTION_ALLOW} { return p::make_ACTION_ALLOW(yytext, *driver.loc.back()); }
{ACTION_AUDIT_LOG} { return p::make_ACTION_AUDIT_LOG(yytext, *driver.loc.back()); }
{ACTION_CTL_AUDIT_ENGINE}= { return p::make_ACTION_CTL_AUDIT_ENGINE(yytext, *driver.loc.back()); }
{ACTION_CTL_AUDIT_LOG_PARTS}=[+|-]{AUDIT_PARTS} { return p::make_ACTION_CTL_AUDIT_LOG_PARTS(yytext, *driver.loc.back()); }
{ACTION_CTL_BDY_JSON} { return p::make_ACTION_CTL_BDY_JSON(yytext, *driver.loc.back()); }
{ACTION_CTL_BDY_XML} { return p::make_ACTION_CTL_BDY_XML(yytext, *driver.loc.back()); }
{ACTION_CTL_FORCE_REQ_BODY_VAR}= { return p::make_ACTION_CTL_FORCE_REQ_BODY_VAR(yytext, *driver.loc.back()); }
{ACTION_CTL_REQUEST_BODY_ACCESS}= { return p::make_ACTION_CTL_REQUEST_BODY_ACCESS(yytext, *driver.loc.back()); }
{ACTION_CTL_RULE_ENGINE}= { return p::make_ACTION_CTL_RULE_ENGINE(yytext, *driver.loc.back()); }
{ACTION_CTL_RULE_REMOVE_BY_ID}[=]{REMOVE_RULE_BY} { return p::make_ACTION_CTL_RULE_REMOVE_BY_ID(yytext, *driver.loc.back()); }
{ACTION_CTL_RULE_REMOVE_TARGET_BY_ID}[=]{REMOVE_RULE_BY} { return p::make_ACTION_CTL_RULE_REMOVE_TARGET_BY_ID(yytext, *driver.loc.back()); }
{ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG}[=]{REMOVE_RULE_BY} { return p::make_ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG(yytext, *driver.loc.back()); }
{ACTION_EXEC}:'{VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_EXEC(yytext, *driver.loc.back()); }
{ACTION_EXEC}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_EXEC(yytext, *driver.loc.back()); }
{ACTION_EXPIREVAR}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_EXPIREVAR(yytext, *driver.loc.back()); }
{ACTION_EXPIREVAR}:'{VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_EXPIREVAR(yytext, *driver.loc.back()); }
{ACTION_EXPIREVAR}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_EXPIREVAR(yytext, *driver.loc.back()); }
{ACTION_EXPIREVAR}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_EXPIREVAR(yytext, *driver.loc.back()); }
{ACTION_INITCOL}:{COL_NAME}={COL_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_INITCOL(yytext, *driver.loc.back()); }
{ACTION_MATURITY}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_MATURITY(yytext, *driver.loc.back()); }
{ACTION_MATURITY}:{FREE_TEXT_QUOTE} { return p::make_ACTION_MATURITY(yytext, *driver.loc.back()); }
{ACTION_MSG}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_MSG(yytext, *driver.loc.back()); }
{ACTION_PHASE} { return p::make_ACTION_PHASE(yytext, *driver.loc.back()); }
{ACTION_REDIRECT}:{FREE_TEXT} { return p::make_ACTION_REDIRECT(yytext, *driver.loc.back()); }
{ACTION_REV}:'{FREE_TEXT_QUOTE_COMMA}' { return p::make_ACTION_REV(yytext, *driver.loc.back()); }
{ACTION_REV}:{FREE_TEXT_QUOTE_COMMA} { return p::make_ACTION_REV(yytext, *driver.loc.back()); }
{ACTION_SETENV}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETENV(yytext, *driver.loc.back()); }
{ACTION_SETENV}:'{VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETENV(yytext, *driver.loc.back()); }
{ACTION_SETENV}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETENV(yytext, *driver.loc.back()); }
{ACTION_SETENV}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETENV(yytext, *driver.loc.back()); }
{ACTION_SETSID}:'{VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETSID(yytext, *driver.loc.back()); }
{ACTION_SETSID}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETSID(yytext, *driver.loc.back()); }
{ACTION_SETUID}:'{VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETUID(yytext, *driver.loc.back()); }
{ACTION_SETUID}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETUID(yytext, *driver.loc.back()); }
{ACTION_SETVAR}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETVAR(yytext, *driver.loc.back()); }
{ACTION_SETVAR}:'{VAR_FREE_TEXT_QUOTE}' { return p::make_ACTION_SETVAR(yytext, *driver.loc.back()); }
{ACTION_SETVAR}:{VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETVAR(yytext, *driver.loc.back()); }
{ACTION_SETVAR}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} { return p::make_ACTION_SETVAR(yytext, *driver.loc.back()); }
{ACTION_SEVERITY}:'{ACTION_SEVERITY_VALUE}' { return p::make_ACTION_SEVERITY(yytext, *driver.loc.back()); }
{ACTION_SEVERITY}:{ACTION_SEVERITY_VALUE} { return p::make_ACTION_SEVERITY(yytext, *driver.loc.back()); }
{ACTION_SKIP_AFTER}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return p::make_ACTION_SKIP_AFTER(yytext, *driver.loc.back()); }
{ACTION_SKIP}:{CONFIG_VALUE_NUMBER} { return p::make_ACTION_SKIP(yytext, *driver.loc.back()); }
{ACTION_TAG}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_TAG(yytext, *driver.loc.back()); }
{ACTION_VER}:'{FREE_TEXT_QUOTE}' { return p::make_ACTION_VER(yytext, *driver.loc.back()); }
{ACTION_XMLNS}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return p::make_ACTION_XMLNS(yytext, *driver.loc.back()); }
{ACTION} { return p::make_ACTION(yytext, *driver.loc.back()); }
{CONFIG_COMPONENT_SIG}[ \t]+["]{FREE_TEXT}["] { return p::make_CONFIG_COMPONENT_SIG(strchr(yytext, ' ') + 2, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_DIR_MOD}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_AUDIT_DIR_MOD(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_DIR}[ ]{CONFIG_VALUE_PATH} { return p::make_CONFIG_DIR_AUDIT_DIR(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_ENG} { return p::make_CONFIG_DIR_AUDIT_ENG(yytext, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_FLE_MOD}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_AUDIT_FLE_MOD(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_LOG2}[ ]{CONFIG_VALUE_PATH} { return p::make_CONFIG_DIR_AUDIT_LOG2(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_LOG_P}[ ]{AUDIT_PARTS} { return p::make_CONFIG_DIR_AUDIT_LOG_P(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_LOG}[ ]{CONFIG_VALUE_PATH} { return p::make_CONFIG_DIR_AUDIT_LOG(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_STS}[ ]["]{FREE_TEXT}["] { return p::make_CONFIG_DIR_AUDIT_STS(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_AUDIT_TPE} { return p::make_CONFIG_DIR_AUDIT_TPE(yytext, *driver.loc.back()); }
{CONFIG_DIR_DEBUG_LOG}[ ]{CONFIG_VALUE_PATH} { return p::make_CONFIG_DIR_DEBUG_LOG(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_DEBUG_LVL}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_DEBUG_LVL(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_GEO_DB}[ ]{FREE_TEXT_NEW_LINE} { return p::make_CONFIG_DIR_GEO_DB(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_PCRE_MATCH_LIMIT}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_PCRE_MATCH_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_REQ_BODY_LIMIT_ACTION} { return p::make_CONFIG_DIR_REQ_BODY_LIMIT_ACTION(yytext, *driver.loc.back()); }
{CONFIG_DIR_REQ_BODY_LIMIT}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_REQ_BODY_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_REQ_BODY} { return p::make_CONFIG_DIR_REQ_BODY(yytext, *driver.loc.back()); }
{CONFIG_DIR_RES_BODY_LIMIT_ACTION} { return p::make_CONFIG_DIR_RES_BODY_LIMIT_ACTION(yytext, *driver.loc.back()); }
{CONFIG_DIR_RES_BODY_LIMIT}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_DIR_RES_BODY_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_RES_BODY} { return p::make_CONFIG_DIR_RES_BODY(yytext, *driver.loc.back()); }
{CONFIG_DIR_RULE_ENG} { return p::make_CONFIG_DIR_RULE_ENG(yytext, *driver.loc.back()); }
{CONFIG_DIR_SEC_ACTION} { return p::make_CONFIG_DIR_SEC_ACTION(yytext, *driver.loc.back()); }
{CONFIG_DIR_SEC_DEFAULT_ACTION} { return p::make_CONFIG_DIR_SEC_DEFAULT_ACTION(yytext, *driver.loc.back()); }
{CONFIG_DIR_SEC_MARKER}[ \t]+["]{NEW_LINE_FREE_TEXT}["] { return p::make_CONFIG_DIR_SEC_MARKER(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_SEC_MARKER}[ \t]+{NEW_LINE_FREE_TEXT} { return p::make_CONFIG_DIR_SEC_MARKER(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_UNICODE_MAP_FILE}[ ]{FREE_TEXT_NEW_LINE} { return p::make_CONFIG_DIR_UNICODE_MAP_FILE(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_SEC_REMOVE_RULES_BY_ID}[ ]{FREE_TEXT_NEW_LINE} { return p::make_CONFIG_SEC_RULE_REMOVE_BY_ID(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_UPDLOAD_KEEP_FILES} { return p::make_CONFIG_UPDLOAD_KEEP_FILES(yytext, *driver.loc.back()); }
{CONFIG_UPDLOAD_SAVE_TMP_FILES} { return p::make_CONFIG_UPDLOAD_SAVE_TMP_FILES(yytext, *driver.loc.back()); }
{CONFIG_UPLOAD_DIR}[ ]{CONFIG_VALUE_PATH} { return p::make_CONFIG_UPLOAD_DIR(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_UPLOAD_FILE_LIMIT}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_UPLOAD_FILE_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_UPLOAD_FILE_MODE}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_UPLOAD_FILE_MODE(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_VALUE_ABORT} { return p::make_CONFIG_VALUE_ABORT(yytext, *driver.loc.back()); }
{CONFIG_VALUE_DETC} { return p::make_CONFIG_VALUE_DETC(yytext, *driver.loc.back()); }
{CONFIG_VALUE_HTTPS} { return p::make_CONFIG_VALUE_HTTPS(yytext, *driver.loc.back()); }
{CONFIG_VALUE_OFF} { return p::make_CONFIG_VALUE_OFF(yytext, *driver.loc.back()); }
{CONFIG_VALUE_ON} { return p::make_CONFIG_VALUE_ON(yytext, *driver.loc.back()); }
{CONFIG_VALUE_PARALLEL} { return p::make_CONFIG_VALUE_PARALLEL(yytext, *driver.loc.back()); }
{CONFIG_VALUE_PROCESS_PARTIAL} { return p::make_CONFIG_VALUE_PROCESS_PARTIAL(yytext, *driver.loc.back()); }
{CONFIG_VALUE_REJECT} { return p::make_CONFIG_VALUE_REJECT(yytext, *driver.loc.back()); }
{CONFIG_VALUE_RELEVANT_ONLY} { return p::make_CONFIG_VALUE_RELEVANT_ONLY(yytext, *driver.loc.back()); }
{CONFIG_VALUE_SERIAL} { return p::make_CONFIG_VALUE_SERIAL(yytext, *driver.loc.back()); }
{CONFIG_VALUE_WARN} { return p::make_CONFIG_VALUE_WARN(yytext, *driver.loc.back()); }
{CONFIG_XML_EXTERNAL_ENTITY} { return p::make_CONFIG_XML_EXTERNAL_ENTITY(yytext, *driver.loc.back()); }
{CONGIG_DIR_RESPONSE_BODY_MP}[ ]{FREE_TEXT_NEW_LINE} { return p::make_CONGIG_DIR_RESPONSE_BODY_MP(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONGIG_DIR_SEC_ARG_SEP}[ ]{FREE_TEXT_NEW_LINE} { return p::make_CONGIG_DIR_SEC_ARG_SEP(yytext, *driver.loc.back()); }
{CONGIG_DIR_SEC_COOKIE_FORMAT}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONGIG_DIR_SEC_COOKIE_FORMAT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONGIG_DIR_SEC_DATA_DIR}[ ]{CONFIG_VALUE_PATH} { return p::make_CONGIG_DIR_SEC_DATA_DIR(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONGIG_DIR_SEC_STATUS_ENGINE}[ ]{FREE_TEXT_NEW_LINE} { return p::make_CONGIG_DIR_SEC_STATUS_ENGINE(yytext, *driver.loc.back()); }
{CONGIG_DIR_SEC_TMP_DIR}[ ]{CONFIG_VALUE_PATH} { return p::make_CONGIG_DIR_SEC_TMP_DIR(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{DIRECTIVE_SECRULESCRIPT}[ ]{CONFIG_VALUE_PATH} { return p::make_DIRECTIVE_SECRULESCRIPT(yytext, *driver.loc.back()); }
{DIRECTIVE} { return p::make_DIRECTIVE(yytext, *driver.loc.back()); }
{LOG_DATA}:'{FREE_TEXT_QUOTE}' { return p::make_LOG_DATA(yytext, *driver.loc.back()); }
{TRANSFORMATION} { return p::make_TRANSFORMATION(yytext, *driver.loc.back()); }
{CONFIG_SEC_REMOTE_RULES_FAIL_ACTION} { return p::make_CONFIG_SEC_REMOTE_RULES_FAIL_ACTION(yytext, *driver.loc.back()); }
{CONFIG_SEC_COLLECTION_TIMEOUT}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONFIG_SEC_COLLECTION_TIMEOUT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
[ \t]*[\n] { driver.loc.back()->lines(1); driver.loc.back()->step(); }
#[ \t]*SecRule[^\\].*\\[ \t]*[\r\n]* { driver.loc.back()->lines(1); driver.loc.back()->step(); BEGIN(COMMENT); }
#[ \t]*SecAction[^\\].*\\[ \t]*[^\\n] { driver.loc.back()->lines(1); driver.loc.back()->step(); BEGIN(COMMENT); }
#.* { driver.loc.back()->step(); /* comment, just ignore. */ }
\r { driver.loc.back()->step(); /* carriage return, just ignore. */}
["] { return p::make_QUOTATION_MARK(yytext, *driver.loc.back()); }
[,] { return p::make_COMMA(*driver.loc.back()); }
%{ /* Remove Rules */ %}
{CONFIG_SEC_REMOVE_RULES_BY_ID}[ ]{FREE_TEXT_NEW_LINE} { return yy::seclang_parser::make_CONFIG_SEC_RULE_REMOVE_BY_ID(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG}[=]{REMOVE_RULE_BY} { return yy::seclang_parser::make_ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG(yytext, *driver.loc.back()); }
{ACTION_CTL_RULE_REMOVE_TARGET_BY_ID}[=]{REMOVE_RULE_BY} { return yy::seclang_parser::make_ACTION_CTL_RULE_REMOVE_TARGET_BY_ID(yytext, *driver.loc.back()); }
{ACTION_CTL_RULE_REMOVE_BY_ID}[=]{REMOVE_RULE_BY} { return yy::seclang_parser::make_ACTION_CTL_RULE_REMOVE_BY_ID(yytext, *driver.loc.back()); }
%{ /* Upload */ %}
{CONFIG_UPLOAD_FILE_LIMIT}[ ]{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_CONFIG_UPLOAD_FILE_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_UPLOAD_FILE_MODE}[ ]{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_CONFIG_UPLOAD_FILE_MODE(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_UPDLOAD_KEEP_FILES} { return yy::seclang_parser::make_CONFIG_UPDLOAD_KEEP_FILES(yytext, *driver.loc.back()); }
{CONFIG_UPDLOAD_SAVE_TMP_FILES} { return yy::seclang_parser::make_CONFIG_UPDLOAD_SAVE_TMP_FILES(yytext, *driver.loc.back()); }
{CONFIG_UPLOAD_DIR}[ ]{CONFIG_VALUE_PATH} { return yy::seclang_parser::make_CONFIG_UPLOAD_DIR(strchr(yytext, ' ') + 1, *driver.loc.back()); }
%{ /* Debug log entries */ %}
{CONFIG_DIR_DEBUG_LOG}[ ]{CONFIG_VALUE_PATH} { return yy::seclang_parser::make_CONFIG_DIR_DEBUG_LOG(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_DEBUG_LVL}[ ]{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_CONFIG_DIR_DEBUG_LVL(strchr(yytext, ' ') + 1, *driver.loc.back()); }
<INITIAL,EXPECTING_VARIABLE>{
%{ /* Variables */ %}
[!&]?{VARIABLE_WEBSERVER_ERROR_LOG} { driver.error (*driver.loc.back(), "Variable VARIABLE_WEBSERVER_ERROR_LOG is not supported by libModSecurity", ""); throw yy::seclang_parser::syntax_error(*driver.loc.back(), "");}
[!&]?{VARIABLE}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_VARIABLE(yytext, *driver.loc.back()); }
[!&]?{VARIABLE}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_VARIABLE(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_STATUS} { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_VARIABLE_STATUS(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_COL}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_VARIABLE_COL(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_COL}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_VARIABLE_COL(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_XML}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_XML}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_RULE}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_RULE}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_TX}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_VARIABLE_TX(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_TX}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_VARIABLE_TX(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_DUR} { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_REMOTE_USER} { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_REMOTE_USER(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_ENV}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_ENV}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_BLD} { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_HSV} { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_HSV(yytext, *driver.loc.back()); }
[!&]?{VARIABLENOCOLON} { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_VARIABLE(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_VARIABLE(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE}(\:{DICT_ELEMENT})?["] { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_VARIABLE(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE_TX}(\:{DICT_ELEMENT})?["] { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_VARIABLE_TX(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE_TX}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_VARIABLE_TX(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE_COL}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_VARIABLE_COL(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE_COL}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_VARIABLE_COL(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_XML}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_XML}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_RULE}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_RULE}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_DUR}["] { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_ENV}(\:{DICT_ELEMENT})?["] { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_ENV}(\:\'{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_BLD}["] { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_HSV}["] { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_HSV(yytext, *driver.loc.back()); }
["][!&]?{VARIABLENOCOLON}["] { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_VARIABLE(yytext, *driver.loc.back()); }
%{ /* Variables: TIME */ %}
[!&]?{RUN_TIME_VAR_TIME} { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_TIME(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_DAY} { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_TIME_DAY(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_EPOCH} { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_TIME_EPOCH(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_HOUR} { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_TIME_HOUR(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_MIN} { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_TIME_MIN(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_MON} { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_TIME_MON(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_SEC} { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_TIME_SEC(yytext, *driver.loc.back()); }
[&]?{RUN_TIME_VAR_TIME_WDAY} { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_TIME_WDAY(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_YEAR} { BEGIN(EXPECTING_OPERATOR); return yy::seclang_parser::make_RUN_TIME_VAR_TIME_YEAR(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_BLD} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_DUR} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_ENV}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_ENV}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_HSV} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_HSV(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_REMOTE_USER} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_REMOTE_USER(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_RULE}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_RULE}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_DAY} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME_DAY(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_EPOCH} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME_EPOCH(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_HOUR} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME_HOUR(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_MIN} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME_MIN(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_MON} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME_MON(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_SEC} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME_SEC(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME_YEAR} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME_YEAR(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_TIME} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_XML}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
[!&]?{RUN_TIME_VAR_XML}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
[!&]?{VARIABLENOCOLON} { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_COL}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_COL}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_STATUS} { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_STATUS(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_TX}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_TX}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
[!&]?{VARIABLE_WEBSERVER_ERROR_LOG} { driver.error (*driver.loc.back(), "Variable VARIABLE_WEBSERVER_ERROR_LOG is not supported by libModSecurity", ""); throw p::syntax_error(*driver.loc.back(), "");}
[!&]?{VARIABLE}(\:[\']{FREE_TEXT_QUOTE}[\'])? { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE(yytext, *driver.loc.back()); }
[!&]?{VARIABLE}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_BLD}["] { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_DUR}["] { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_ENV}(\:\'{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_ENV}(\:{DICT_ELEMENT})?["] { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_HSV}["] { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_HSV(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_RULE}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_RULE}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_XML}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
["][!&]?{RUN_TIME_VAR_XML}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
["][!&]?{VARIABLENOCOLON}["] { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE_COL}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE_COL}(\:{DICT_ELEMENT})? { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE_TX}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE_TX}(\:{DICT_ELEMENT})?["] { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE}(\:[\']{FREE_TEXT_QUOTE}[\'])?["] { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE(yytext, *driver.loc.back()); }
["][!&]?{VARIABLE}(\:{DICT_ELEMENT})?["] { BEGIN(EXPECTING_OPERATOR); return p::make_VARIABLE(yytext, *driver.loc.back()); }
[&]?{RUN_TIME_VAR_TIME_WDAY} { BEGIN(EXPECTING_OPERATOR); return p::make_RUN_TIME_VAR_TIME_WDAY(yytext, *driver.loc.back()); }
}
%{ /* Geo DB loopkup */ %}
{CONFIG_DIR_GEO_DB}[ ]{FREE_TEXT_NEW_LINE} { return yy::seclang_parser::make_CONFIG_DIR_GEO_DB(strchr(yytext, ' ') + 1, *driver.loc.back()); }
%{ /* Request body limit */ %}
{CONFIG_DIR_REQ_BODY_LIMIT}[ ]{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_CONFIG_DIR_REQ_BODY_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT}[ ]{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_REQ_BODY_LIMIT_ACTION} { return yy::seclang_parser::make_CONFIG_DIR_REQ_BODY_LIMIT_ACTION(yytext, *driver.loc.back()); }
{CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT}[ ]{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
%{ /* Reponse body limit */ %}
{CONFIG_DIR_RES_BODY_LIMIT}[ ]{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_CONFIG_DIR_RES_BODY_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_RES_BODY_LIMIT_ACTION} { return yy::seclang_parser::make_CONFIG_DIR_RES_BODY_LIMIT_ACTION(yytext, *driver.loc.back()); }
{CONFIG_COMPONENT_SIG}[ \t]+["]{FREE_TEXT}["] { return yy::seclang_parser::make_CONFIG_COMPONENT_SIG(strchr(yytext, ' ') + 2, *driver.loc.back()); }
%{ /* Other configurations */ %}
{CONFIG_XML_EXTERNAL_ENTITY} { return yy::seclang_parser::make_CONFIG_XML_EXTERNAL_ENTITY(yytext, *driver.loc.back()); }
{CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION}[ ]{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_PCRE_MATCH_LIMIT}[ ]{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_CONFIG_DIR_PCRE_MATCH_LIMIT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONGIG_DIR_RESPONSE_BODY_MP}[ ]{FREE_TEXT_NEW_LINE} { return yy::seclang_parser::make_CONGIG_DIR_RESPONSE_BODY_MP(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONGIG_DIR_SEC_TMP_DIR}[ ]{CONFIG_VALUE_PATH} { return yy::seclang_parser::make_CONGIG_DIR_SEC_TMP_DIR(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONGIG_DIR_SEC_DATA_DIR}[ ]{CONFIG_VALUE_PATH} { return yy::seclang_parser::make_CONGIG_DIR_SEC_DATA_DIR(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONGIG_DIR_SEC_ARG_SEP}[ ]{FREE_TEXT_NEW_LINE} { return yy::seclang_parser::make_CONGIG_DIR_SEC_ARG_SEP(yytext, *driver.loc.back()); }
{CONGIG_DIR_SEC_COOKIE_FORMAT}[ ]{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_CONGIG_DIR_SEC_COOKIE_FORMAT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONGIG_DIR_SEC_STATUS_ENGINE}[ ]{FREE_TEXT_NEW_LINE} { return yy::seclang_parser::make_CONGIG_DIR_SEC_STATUS_ENGINE(yytext, *driver.loc.back()); }
{CONFIG_DIR_UNICODE_MAP_FILE}[ ]{FREE_TEXT_NEW_LINE} { return yy::seclang_parser::make_CONFIG_DIR_UNICODE_MAP_FILE(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_VALUE_WARN} { return yy::seclang_parser::make_CONFIG_VALUE_WARN(yytext, *driver.loc.back()); }
{CONFIG_VALUE_ABORT} { return yy::seclang_parser::make_CONFIG_VALUE_ABORT(yytext, *driver.loc.back()); }
{CONFIG_VALUE_ON} { return yy::seclang_parser::make_CONFIG_VALUE_ON(yytext, *driver.loc.back()); }
{CONFIG_VALUE_OFF} { return yy::seclang_parser::make_CONFIG_VALUE_OFF(yytext, *driver.loc.back()); }
{CONFIG_VALUE_SERIAL} { return yy::seclang_parser::make_CONFIG_VALUE_SERIAL(yytext, *driver.loc.back()); }
{CONFIG_VALUE_PARALLEL} { return yy::seclang_parser::make_CONFIG_VALUE_PARALLEL(yytext, *driver.loc.back()); }
{CONFIG_VALUE_HTTPS} { return yy::seclang_parser::make_CONFIG_VALUE_HTTPS(yytext, *driver.loc.back()); }
{CONFIG_VALUE_DETC} { return yy::seclang_parser::make_CONFIG_VALUE_DETC(yytext, *driver.loc.back()); }
{CONFIG_VALUE_RELEVANT_ONLY} { return yy::seclang_parser::make_CONFIG_VALUE_RELEVANT_ONLY(yytext, *driver.loc.back()); }
{CONFIG_VALUE_PROCESS_PARTIAL} { return yy::seclang_parser::make_CONFIG_VALUE_PROCESS_PARTIAL(yytext, *driver.loc.back()); }
{CONFIG_VALUE_REJECT} { return yy::seclang_parser::make_CONFIG_VALUE_REJECT(yytext, *driver.loc.back()); }
{CONFIG_DIR_SEC_ACTION} { return yy::seclang_parser::make_CONFIG_DIR_SEC_ACTION(yytext, *driver.loc.back()); }
{CONFIG_DIR_SEC_DEFAULT_ACTION} { return yy::seclang_parser::make_CONFIG_DIR_SEC_DEFAULT_ACTION(yytext, *driver.loc.back()); }
{CONFIG_DIR_SEC_MARKER}[ \t]+{NEW_LINE_FREE_TEXT} { return yy::seclang_parser::make_CONFIG_DIR_SEC_MARKER(strchr(yytext, ' ') + 1, *driver.loc.back()); }
{CONFIG_DIR_SEC_MARKER}[ \t]+["]{NEW_LINE_FREE_TEXT}["] { return yy::seclang_parser::make_CONFIG_DIR_SEC_MARKER(strchr(yytext, ' ') + 1, *driver.loc.back()); }
<EXPECTING_OPERATOR>{
["]{OPERATOR}[ ]{FREE_TEXT}["] { BEGIN(INITIAL); return yy::seclang_parser::make_OPERATOR(yytext, *driver.loc.back()); }
["]{OPERATORNOARG}[\t ]*["] { BEGIN(INITIAL); return yy::seclang_parser::make_OPERATOR(yytext, *driver.loc.back()); }
["]{OPERATOR_GEOIP}[\t ]*["] { BEGIN(INITIAL); return yy::seclang_parser::make_OPERATOR_GEOIP(yytext, *driver.loc.back()); }
{SOMETHING} { BEGIN(INITIAL); return yy::seclang_parser::make_FREE_TEXT(yytext, *driver.loc.back()); }
["]{OPERATOR}[ ]{FREE_TEXT}["] { BEGIN(INITIAL); return p::make_OPERATOR(yytext, *driver.loc.back()); }
["]{OPERATORNOARG}[\t ]*["] { BEGIN(INITIAL); return p::make_OPERATOR(yytext, *driver.loc.back()); }
["]{OPERATOR_GEOIP}[\t ]*["] { BEGIN(INITIAL); return p::make_OPERATOR_GEOIP(yytext, *driver.loc.back()); }
{SOMETHING} { BEGIN(INITIAL); return p::make_FREE_TEXT(yytext, *driver.loc.back()); }
}
{ACTION} { return yy::seclang_parser::make_ACTION(yytext, *driver.loc.back()); }
{ACTION_PHASE} { return yy::seclang_parser::make_ACTION_PHASE(yytext, *driver.loc.back()); }
{ACTION_SKIP}:{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_ACTION_SKIP(yytext, *driver.loc.back()); }
{ACTION_SKIP_AFTER}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return yy::seclang_parser::make_ACTION_SKIP_AFTER(yytext, *driver.loc.back()); }
{ACTION_AUDIT_LOG} { return yy::seclang_parser::make_ACTION_AUDIT_LOG(yytext, *driver.loc.back()); }
{ACTION_SEVERITY}:{ACTION_SEVERITY_VALUE} { return yy::seclang_parser::make_ACTION_SEVERITY(yytext, *driver.loc.back()); }
{ACTION_SEVERITY}:'{ACTION_SEVERITY_VALUE}' { return yy::seclang_parser::make_ACTION_SEVERITY(yytext, *driver.loc.back()); }
{ACTION_EXEC}:'{VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_EXEC(yytext, *driver.loc.back());
}
{ACTION_EXEC}:{VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_EXEC(yytext, *driver.loc.back());
}
{ACTION_EXPIREVAR}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_EXPIREVAR(yytext, *driver.loc.back());
}
{ACTION_EXPIREVAR}:'{VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_EXPIREVAR(yytext, *driver.loc.back());
}
{ACTION_EXPIREVAR}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_EXPIREVAR(yytext, *driver.loc.back());
}
{ACTION_EXPIREVAR}:{VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_EXPIREVAR(yytext, *driver.loc.back());
}
{ACTION_SETENV}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_SETENV(yytext, *driver.loc.back());
}
{ACTION_SETENV}:'{VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_SETENV(yytext, *driver.loc.back());
}
{ACTION_SETENV}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_SETENV(yytext, *driver.loc.back());
}
{ACTION_SETENV}:{VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_SETENV(yytext, *driver.loc.back());
}
{ACTION_SETSID}:{VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_SETSID(yytext, *driver.loc.back());
}
{ACTION_SETSID}:'{VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_SETSID(yytext, *driver.loc.back());
}
{ACTION_SETUID}:{VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_SETUID(yytext, *driver.loc.back());
}
{ACTION_SETUID}:'{VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_SETUID(yytext, *driver.loc.back());
}
{ACTION_SETVAR}:'{VAR_FREE_TEXT_QUOTE}={VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_SETVAR(yytext, *driver.loc.back());
}
{ACTION_SETVAR}:'{VAR_FREE_TEXT_QUOTE}' {
return yy::seclang_parser::make_ACTION_SETVAR(yytext, *driver.loc.back());
}
{ACTION_SETVAR}:{VAR_FREE_TEXT_SPACE}={VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_SETVAR(yytext, *driver.loc.back());
}
{ACTION_SETVAR}:{VAR_FREE_TEXT_SPACE_COMMA} {
return yy::seclang_parser::make_ACTION_SETVAR(yytext, *driver.loc.back());
}
{ACTION_XMLNS}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return yy::seclang_parser::make_ACTION_XMLNS(yytext, *driver.loc.back()); }
{LOG_DATA}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_LOG_DATA(yytext, *driver.loc.back()); }
{ACTION_MSG}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_MSG(yytext, *driver.loc.back()); }
{ACTION_ALLOW} { return yy::seclang_parser::make_ACTION_ALLOW(yytext, *driver.loc.back()); }
{ACTION_REDIRECT}:{FREE_TEXT} { return yy::seclang_parser::make_ACTION_REDIRECT(yytext, *driver.loc.back()); }
{ACTION_TAG}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_TAG(yytext, *driver.loc.back()); }
{ACTION_REV}:'{FREE_TEXT_QUOTE_COMMA}' { return yy::seclang_parser::make_ACTION_REV(yytext, *driver.loc.back()); }
{ACTION_REV}:{FREE_TEXT_QUOTE_COMMA} { return yy::seclang_parser::make_ACTION_REV(yytext, *driver.loc.back()); }
{ACTION_VER}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_VER(yytext, *driver.loc.back()); }
{ACTION_MATURITY}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_MATURITY(yytext, *driver.loc.back()); }
{ACTION_MATURITY}:{FREE_TEXT_QUOTE} { return yy::seclang_parser::make_ACTION_MATURITY(yytext, *driver.loc.back()); }
{ACTION_ACCURACY}:'{FREE_TEXT_QUOTE}' { return yy::seclang_parser::make_ACTION_ACCURACY(yytext, *driver.loc.back()); }
{ACTION_ACCURACY}:{FREE_TEXT_QUOTE} { return yy::seclang_parser::make_ACTION_ACCURACY(yytext, *driver.loc.back()); }
{ACTION_CTL_BDY_XML} { return yy::seclang_parser::make_ACTION_CTL_BDY_XML(yytext, *driver.loc.back()); }
{ACTION_CTL_BDY_JSON} { return yy::seclang_parser::make_ACTION_CTL_BDY_JSON(yytext, *driver.loc.back()); }
{ACTION_INITCOL}:{COL_NAME}={COL_FREE_TEXT_SPACE_COMMA} { return yy::seclang_parser::make_ACTION_INITCOL(yytext, *driver.loc.back()); }
["] { return yy::seclang_parser::make_QUOTATION_MARK(yytext, *driver.loc.back()); }
[,] { return yy::seclang_parser::make_COMMA(*driver.loc.back()); }
<INITIAL,EXPECTING_OPERATOR,EXPECTING_VARIABLE>{
[|] { BEGIN(EXPECTING_VARIABLE); return yy::seclang_parser::make_PIPE(*driver.loc.back()); }
[|] { BEGIN(EXPECTING_VARIABLE); return p::make_PIPE(*driver.loc.back()); }
}
<INITIAL,EXPECTING_OPERATOR>{
[ \t]+ { }
[ \t]*\\\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
[ \t]*\\\r\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
[ \t]+ { }
[ \t]*\\\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
[ \t]*\\\r\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
}
<COMMENT>{
.*[ \t]*\\\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
.*[ \t]*\\\r\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
.*[^\\] { BEGIN(INITIAL); driver.loc.back()->lines(1); driver.loc.back()->step(); }
.*[^\\] { BEGIN(INITIAL); driver.loc.back()->lines(1); driver.loc.back()->step(); }
.*[ \t]*\\\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
.*[ \t]*\\\r\n[ \t]* { driver.loc.back()->lines(1); driver.loc.back()->step(); }
.*[^\\] { BEGIN(INITIAL); driver.loc.back()->lines(1); driver.loc.back()->step(); }
}
[ \t]*[\n] { driver.loc.back()->lines(1); driver.loc.back()->step(); }
#[ \t]*SecRule[^\\].*\\[ \t]*[\r\n]* { driver.loc.back()->lines(1); driver.loc.back()->step(); BEGIN(COMMENT); }
#[ \t]*SecAction[^\\].*\\[ \t]*[^\\n] { driver.loc.back()->lines(1); driver.loc.back()->step(); BEGIN(COMMENT); }
#.* { driver.loc.back()->step(); /* comment, just ignore. */ }
\r { driver.loc.back()->step(); /* carriage return, just ignore. */}
. { driver.error (*driver.loc.back(), "invalid character", yytext); throw yy::seclang_parser::syntax_error(*driver.loc.back(), ""); }
<<EOF>> {
if (driver.ref.size() > 0) {
driver.ref.pop_back();
}
if (driver.loc.size() > 1) {
yy::location *l = driver.loc.back();
driver.loc.pop_back();
delete l;
}
if (yyin) {
fclose(yyin);
}
. { driver.error (*driver.loc.back(), "invalid character", yytext); throw p::syntax_error(*driver.loc.back(), ""); }
<<EOF>> {
if (driver.ref.size() > 0) {
driver.ref.pop_back();
}
if (driver.loc.size() > 1) {
yy::location *l = driver.loc.back();
driver.loc.pop_back();
delete l;
}
if (yyin) {
fclose(yyin);
}
yypop_buffer_state();
if (!YY_CURRENT_BUFFER) {
return p::make_END(*driver.loc.back());
}
}
yypop_buffer_state();
if (!YY_CURRENT_BUFFER)
{
return yy::seclang_parser::make_END(*driver.loc.back());
}
}
%{ /* Include external configurations */ %}
{CONFIG_INCLUDE}[ ]{CONFIG_VALUE_PATH} {
const char *file = strchr(yytext, ' ') + 1;
for (auto& s: modsecurity::expandEnv(file, 0)) {
@ -503,7 +403,7 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
if (!yyin) {
BEGIN(INITIAL);
driver.error (*driver.loc.back(), "", s + std::string(": Not able to open file."));
throw yy::seclang_parser::syntax_error(*driver.loc.back(), "");
throw p::syntax_error(*driver.loc.back(), "");
}
driver.ref.push_back(f);
driver.loc.push_back(new yy::location());
@ -521,7 +421,7 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
if (!yyin) {
BEGIN(INITIAL);
driver.error (*driver.loc.back(), "", s + std::string(": Not able to open file."));
throw yy::seclang_parser::syntax_error(*driver.loc.back(), "");
throw p::syntax_error(*driver.loc.back(), "");
}
driver.ref.push_back(f.c_str());
driver.loc.push_back(new yy::location());
@ -531,7 +431,6 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
free(f);
}
{CONFIG_SEC_REMOTE_RULES}[ ][^ ]+[ ][^\n\r ]+ {
HttpsClient c;
std::string key;
@ -556,15 +455,13 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
}
if (driver.m_remoteRulesActionOnFailed == Rules::OnFailedRemoteRulesAction::AbortOnFailedRemoteRulesAction) {
driver.error (*driver.loc.back(), "", yytext + std::string(" - Failed to download: ") + c.error);
throw yy::seclang_parser::syntax_error(*driver.loc.back(), "");
throw p::syntax_error(*driver.loc.back(), "");
}
}
yy_scan_string(c.content.c_str());
}
{CONFIG_SEC_REMOTE_RULES_FAIL_ACTION} { return yy::seclang_parser::make_CONFIG_SEC_REMOTE_RULES_FAIL_ACTION(yytext, *driver.loc.back()); }
{CONFIG_SEC_COLLECTION_TIMEOUT}[ ]{CONFIG_VALUE_NUMBER} { return yy::seclang_parser::make_CONFIG_SEC_COLLECTION_TIMEOUT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
%%