From 5643d2fa287ce51cf3041b0afe3b9e41daa49011 Mon Sep 17 00:00:00 2001
From: Felipe Zimmerle <felipe@zimmerle.org>
Date: Tue, 3 May 2016 13:49:16 -0300
Subject: [PATCH] Warming up to the remote collections support

Huge refactoring to have the code in shape to later support the
remote collections with different backends.
---
 headers/modsecurity/modsecurity.h             |   6 +-
 headers/modsecurity/transaction.h             |   9 +-
 headers/modsecurity/transaction/collection.h  |  57 --------
 headers/modsecurity/transaction/collections.h | 103 --------------
 .../transaction/global_variables.h            | 119 -----------------
 headers/modsecurity/transaction/variable.h    |  47 -------
 headers/modsecurity/transaction/variables.h   | 101 --------------
 src/Makefile.am                               |  15 +--
 .../collection.cc}                            |  40 +++---
 src/{ => collection}/collections.cc           |  44 +++---
 src/global_variables.cc                       | 126 ------------------
 src/request_body_processor/multipart.cc       |  17 ++-
 src/request_body_processor/multipart.h        |   2 -
 src/rule.cc                                   |   4 +-
 src/transaction.cc                            |   9 +-
 src/variables/duration.cc                     |   4 +-
 src/variables/duration.h                      |   2 +-
 src/variables/env.cc                          |   6 +-
 src/variables/env.h                           |   2 +-
 src/variables/highest_severity.cc             |   4 +-
 src/variables/highest_severity.h              |   2 +-
 src/variables/modsec_build.cc                 |   4 +-
 src/variables/modsec_build.h                  |   2 +-
 src/variables/time.cc                         |   4 +-
 src/variables/time.h                          |   2 +-
 src/variables/time_day.cc                     |   4 +-
 src/variables/time_day.h                      |   2 +-
 src/variables/time_epoch.cc                   |   4 +-
 src/variables/time_epoch.h                    |   2 +-
 src/variables/time_hour.cc                    |   4 +-
 src/variables/time_hour.h                     |   2 +-
 src/variables/time_min.cc                     |   4 +-
 src/variables/time_min.h                      |   2 +-
 src/variables/time_mon.cc                     |   4 +-
 src/variables/time_mon.h                      |   2 +-
 src/variables/time_sec.cc                     |   4 +-
 src/variables/time_sec.h                      |   2 +-
 src/variables/time_wday.cc                    |   4 +-
 src/variables/time_wday.h                     |   2 +-
 src/variables/time_year.cc                    |   4 +-
 src/variables/time_year.h                     |   2 +-
 src/variables/tx.cc                           |   2 +-
 src/variables/tx.h                            |   2 +-
 src/variables/variable.cc                     |  10 +-
 src/variables/variable.h                      |   6 +-
 src/variables/variations/count.cc             |   6 +-
 src/variables/variations/count.h              |   2 +-
 src/variables/variations/exclusion.cc         |   2 +-
 src/variables/variations/exclusion.h          |   2 +-
 .../regression/variable-FILES_SIZES.json      |   2 +-
 50 files changed, 125 insertions(+), 688 deletions(-)
 delete mode 100644 headers/modsecurity/transaction/collection.h
 delete mode 100644 headers/modsecurity/transaction/collections.h
 delete mode 100644 headers/modsecurity/transaction/global_variables.h
 delete mode 100644 headers/modsecurity/transaction/variable.h
 delete mode 100644 headers/modsecurity/transaction/variables.h
 rename src/{variables.cc => collection/collection.cc} (63%)
 rename src/{ => collection}/collections.cc (85%)
 delete mode 100644 src/global_variables.cc

diff --git a/headers/modsecurity/modsecurity.h b/headers/modsecurity/modsecurity.h
index d88edbf8..52f1ea53 100644
--- a/headers/modsecurity/modsecurity.h
+++ b/headers/modsecurity/modsecurity.h
@@ -93,7 +93,7 @@ typedef struct ModSecurity_t modsecurity;
 #include "modsecurity/transaction.h"
 #include "modsecurity/debug_log.h"
 #include "modsecurity/rules.h"
-#include "modsecurity/transaction/global_variables.h"
+#include "modsecurity/collection/global_collection.h"
 
 /**
  * TAG_NUM:
@@ -223,8 +223,8 @@ class ModSecurity {
      NUMBER_OF_PHASES,
     };
 
-    transaction::GlobalVariables m_global_collection;
-    transaction::GlobalVariables m_ip_collection;
+    collection::GlobalCollection m_global_collection;
+    collection::GlobalCollection m_ip_collection;
  private:
     std::string m_connector;
     LogCb m_logCb;
diff --git a/headers/modsecurity/transaction.h b/headers/modsecurity/transaction.h
index e65cb9e3..a3eb8a1b 100644
--- a/headers/modsecurity/transaction.h
+++ b/headers/modsecurity/transaction.h
@@ -40,9 +40,9 @@ typedef struct Rules_t Rules;
 #endif
 
 #include "modsecurity/intervention.h"
-#include "modsecurity/transaction/collections.h"
-#include "modsecurity/transaction/variable.h"
-#include "modsecurity/transaction/variables.h"
+#include "modsecurity/collection/collections.h"
+#include "modsecurity/collection/variable.h"
+#include "modsecurity/collection/collection.h"
 
 #define LOGFY_ADD(a, b) \
     yajl_gen_string(g, reinterpret_cast<const unsigned char*>(a), strlen(a)); \
@@ -70,7 +70,6 @@ namespace modsecurity {
 class ModSecurity;
 class Transaction;
 class Rules;
-class Collections;
 class RuleMessage;
 namespace actions {
 class Action;
@@ -316,7 +315,7 @@ class Transaction {
     /**
      * Holds all the collections related to that transaction.
      */
-    transaction::Collections m_collections;
+    collection::Collections m_collections;
 
     /**
      * Holds the whatever matched in the operation utilization.
diff --git a/headers/modsecurity/transaction/collection.h b/headers/modsecurity/transaction/collection.h
deleted file mode 100644
index 11183af5..00000000
--- a/headers/modsecurity/transaction/collection.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * ModSecurity, http://www.modsecurity.org/
- * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
- *
- * You may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * If any of the files related to licensing are missing or if you have any
- * other questions related to licensing please contact Trustwave Holdings, Inc.
- * directly using the email address security@modsecurity.org.
- *
- */
-
-
-#ifndef HEADERS_MODSECURITY_TRANSACTION_COLLECTION_H_
-#define HEADERS_MODSECURITY_TRANSACTION_COLLECTION_H_
-
-
-#ifndef __cplusplus
-typedef struct Collection_t Collection;
-#endif
-
-
-#ifdef __cplusplus
-#include <string>
-
-namespace modsecurity {
-
-class Collection : public transaction::Variables {
- public:
-     Collection(std::string name, std::string key)
-       : m_name(name),
-       m_persisted(false),
-       m_timeout(0),
-       m_updateCounter(0),
-       m_updateRate(0),
-       m_key(key) { }
-
-     std::string m_name;
-     clock_t m_createTime;
-     bool m_persisted; /* IS_NEW from the old documentation */
-     std::string m_key;
-     clock_t m_lastUpdateTime;
-     double m_timeout;
-     double m_updateCounter;
-     double m_updateRate;
-};
-
-}  // namespace modsecurity
-#endif
-
-
-#endif  // HEADERS_MODSECURITY_TRANSACTION_COLLECTION_H_
-
-
diff --git a/headers/modsecurity/transaction/collections.h b/headers/modsecurity/transaction/collections.h
deleted file mode 100644
index 8aaba1e7..00000000
--- a/headers/modsecurity/transaction/collections.h
+++ /dev/null
@@ -1,103 +0,0 @@
-/*
- * ModSecurity, http://www.modsecurity.org/
- * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
- *
- * You may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * If any of the files related to licensing are missing or if you have any
- * other questions related to licensing please contact Trustwave Holdings, Inc.
- * directly using the email address security@modsecurity.org.
- *
- */
-
-
-#ifdef __cplusplus
-#include <ctime>
-#include <iostream>
-#include <unordered_map>
-#include <fstream>
-#include <vector>
-#include <iomanip>
-#include <set>
-#include <cstdio>
-#include <string>
-#include <list>
-#endif
-
-#include "modsecurity/transaction/global_variables.h"
-#include "modsecurity/transaction/variables.h"
-#include "modsecurity/transaction/variable.h"
-#include "modsecurity/transaction/collection.h"
-
-#ifndef HEADERS_MODSECURITY_TRANSACTION_COLLECTIONS_H_
-#define HEADERS_MODSECURITY_TRANSACTION_COLLECTIONS_H_
-
-#ifndef __cplusplus
-typedef struct Variable_t Variable;
-#endif
-
-#ifdef __cplusplus
-namespace modsecurity {
-namespace transaction {
-
-class Collections :
-    public std::unordered_map<std::string, Collection *> {
- public:
-    Collections(GlobalVariables *global, GlobalVariables *ip);
-    ~Collections();
-
-    void init(const std::string& name, const std::string& key);
-    void store(std::string key, std::string value);
-    void storeOrUpdateFirst(const std::string& collectionName,
-        const std::string& variableName,
-        const std::string& targetValue);
-    bool storeOrUpdateFirst(const std::string &key, const std::string &value);
-    bool updateFirst(const std::string &key, const std::string &value);
-    void del(const std::string& key);
-    std::string* resolveFirst(const std::string& var);
-    std::string* resolveFirst(const std::string& collectionName,
-        const std::string& var);
-
-    void resolveSingleMatch(const std::string& var,
-        std::vector<const transaction::Variable *> *l);
-    void resolveSingleMatch(const std::string& var,
-        const std::string& collection,
-        std::vector<const transaction::Variable *> *l);
-    void resolveMultiMatches(const std::string& var,
-        std::vector<const transaction::Variable *> *l);
-    void resolveMultiMatches(const std::string& var,
-        const std::string& collection,
-        std::vector<const transaction::Variable *> *l);
-    void resolveRegularExpression(const std::string& var,
-        std::vector<const transaction::Variable *> *l);
-    void resolveRegularExpression(const std::string& var,
-        const std::string& collection,
-        std::vector<const transaction::Variable *> *l);
-
-    /**
-     * This is a special collection to host the transaction variables.
-     *
-     * It exists independent of initialization and it is only valid during a transaction.
-     *
-     * Notice that it is not the TX collection.
-     */
-    transaction::Variables m_transient;
-
-    std::string m_global_collection_key;
-    std::string m_ip_collection_key;
-
-    transaction::GlobalVariables *m_global_collection;
-    transaction::GlobalVariables *m_ip_collection;
-};
-
-}  // namespace transaction
-}  // namespace modsecurity
-#endif
-
-
-#endif  // HEADERS_MODSECURITY_TRANSACTION_COLLECTIONS_H_
-
-
diff --git a/headers/modsecurity/transaction/global_variables.h b/headers/modsecurity/transaction/global_variables.h
deleted file mode 100644
index 33ec90d9..00000000
--- a/headers/modsecurity/transaction/global_variables.h
+++ /dev/null
@@ -1,119 +0,0 @@
-/*
- * ModSecurity, http://www.modsecurity.org/
- * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
- *
- * You may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * If any of the files related to licensing are missing or if you have any
- * other questions related to licensing please contact Trustwave Holdings, Inc.
- * directly using the email address security@modsecurity.org.
- *
- */
-
-
-#ifdef __cplusplus
-#include <string>
-#include <iostream>
-#include <unordered_map>
-#include <list>
-#include <vector>
-#include <algorithm>
-#endif
-
-
-#include "modsecurity/transaction/variable.h"
-
-#ifndef HEADERS_MODSECURITY_TRANSACTION_GLOBAL_VARIABLES_H_
-#define HEADERS_MODSECURITY_TRANSACTION_GLOBAL_VARIABLES_H_
-
-#ifndef __cplusplus
-typedef struct Variable_t Variables;
-#endif
-
-#ifdef __cplusplus
-namespace modsecurity {
-namespace transaction {
-
-
-class CollectionKey {
- public:
-    CollectionKey()
-        : m_compartiment(""),
-        m_name("") { };
-    CollectionKey(std::string name)
-        : m_compartiment(""),
-        m_name(name) { };
-    CollectionKey(std::string name, std::string compartiment)
-        : m_compartiment(compartiment),
-        m_name(name) { };
-
-    std::string m_name;
-    std::string m_compartiment;
-};
-
-
-class collection_hash
-{
-public:
-    size_t operator()(const CollectionKey *v) const
-    {
-        size_t h = 0;
-        std::for_each(v->m_name.begin(), v->m_name.end(), [&](char c) {
-            h += tolower(c);
-        });
-        std::for_each(v->m_compartiment.begin(), v->m_compartiment.end(), [&](char c) {
-            h += tolower(c);
-        });
-
-        return h;
-    };
-};
-
-
-class collection_equal
-{
-public:
-    bool operator()(const CollectionKey *u, const CollectionKey *v) const
-    {
-        return u->m_name == v->m_name && u->m_compartiment == v->m_compartiment;
-    };
-};
-
-
-class GlobalVariables :
-    public std::unordered_multimap<CollectionKey *, std::string,
-        collection_hash, collection_equal> {
- public:
-    GlobalVariables();
-    ~GlobalVariables();
-    void store(std::string key, std::string compartment, std::string value);
-
-    bool storeOrUpdateFirst(const std::string &key, std::string compartment,
-        const std::string &value);
-
-    bool updateFirst(const std::string &key, std::string compartment,
-        const std::string &value);
-
-    void del(const std::string& key, std::string compartment);
-
-    std::string* resolveFirst(const std::string& var, std::string compartment);
-    void resolveSingleMatch(const std::string& var, std::string compartment,
-        std::vector<const transaction::Variable *> *l);
-    void resolveMultiMatches(const std::string& var, std::string compartment,
-        std::vector<const transaction::Variable *> *l);
-
-    void resolveRegularExpression(const std::string& var, std::string compartment,
-        std::vector<const transaction::Variable *> *l);
-
-
-};
-
-}  // namespace transaction
-}  // namespace modsecurity
-#endif
-
-
-#endif  // HEADERS_MODSECURITY_TRANSACTION_GLOBAL_VARIABLES_H_
diff --git a/headers/modsecurity/transaction/variable.h b/headers/modsecurity/transaction/variable.h
deleted file mode 100644
index 2fe39545..00000000
--- a/headers/modsecurity/transaction/variable.h
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * ModSecurity, http://www.modsecurity.org/
- * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
- *
- * You may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * If any of the files related to licensing are missing or if you have any
- * other questions related to licensing please contact Trustwave Holdings, Inc.
- * directly using the email address security@modsecurity.org.
- *
- */
-
-
-#ifdef __cplusplus
-#include <string>
-#endif
-
-
-#ifndef HEADERS_MODSECURITY_TRANSACTION_VARIABLE_H_
-#define HEADERS_MODSECURITY_TRANSACTION_VARIABLE_H_
-
-
-#ifndef __cplusplus
-typedef struct Variable_t Variable;
-#endif
-
-#ifdef __cplusplus
-namespace modsecurity {
-namespace transaction {
-
-class Variable {
- public:
-     Variable(const std::string& key, const std::string& value) :
-        m_key(key),
-        m_value(value) { }
-     std::string m_key;
-     std::string m_value;
-};
-
-}  // namespace transaction
-}  // namespace modsecurity
-#endif
-
-#endif  // HEADERS_MODSECURITY_TRANSACTION_VARIABLE_H_
diff --git a/headers/modsecurity/transaction/variables.h b/headers/modsecurity/transaction/variables.h
deleted file mode 100644
index d47b7a10..00000000
--- a/headers/modsecurity/transaction/variables.h
+++ /dev/null
@@ -1,101 +0,0 @@
-/*
- * ModSecurity, http://www.modsecurity.org/
- * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
- *
- * You may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * If any of the files related to licensing are missing or if you have any
- * other questions related to licensing please contact Trustwave Holdings, Inc.
- * directly using the email address security@modsecurity.org.
- *
- */
-
-
-#ifdef __cplusplus
-#include <string>
-#include <iostream>
-#include <unordered_map>
-#include <list>
-#include <vector>
-#include <algorithm>
-#endif
-
-
-#include "modsecurity/transaction/variable.h"
-
-#ifndef HEADERS_MODSECURITY_TRANSACTION_VARIABLES_H_
-#define HEADERS_MODSECURITY_TRANSACTION_VARIABLES_H_
-
-#ifndef __cplusplus
-typedef struct Variable_t Variables;
-#endif
-
-#ifdef __cplusplus
-namespace modsecurity {
-namespace transaction {
-
-
-/*
- * FIXME:
- *
- * This was an example grabbed from:
- * http://stackoverflow.com/questions/8627698/case-insensitive-stl-containers-e-g-stdunordered-set
- *
- * We have to have a better hash function, maybe based on the std::hash.
- *
- */
-struct MyEqual {
-    bool operator()(const std::string& Left, const std::string& Right) const {
-        return Left.size() == Right.size()
-             && std::equal(Left.begin(), Left.end(), Right.begin(),
-            [](char a, char b) {
-            return tolower(a) == tolower(b);
-        });
-    }
-};
-
-struct MyHash{
-    size_t operator()(const std::string& Keyval) const {
-        // You might need a better hash function than this
-        size_t h = 0;
-        std::for_each(Keyval.begin(), Keyval.end(), [&](char c) {
-            h += tolower(c);
-        });
-        return h;
-    }
-};
-
-class Variables :
-    public std::unordered_multimap<std::string, std::string,
-        /*std::hash<std::string>*/MyHash, MyEqual> {
- public:
-    Variables();
-    ~Variables();
-    void store(std::string key, std::string value);
-
-    bool storeOrUpdateFirst(const std::string &key,
-        const std::string &value);
-
-    bool updateFirst(const std::string &key, const std::string &value);
-
-    void del(const std::string& key);
-
-    std::string* resolveFirst(const std::string& var);
-
-    void resolveSingleMatch(const std::string& var,
-        std::vector<const transaction::Variable *> *l);
-    void resolveMultiMatches(const std::string& var,
-        std::vector<const transaction::Variable *> *l);
-    void resolveRegularExpression(const std::string& var,
-        std::vector<const transaction::Variable *> *l);
-};
-
-}  // namespace transaction
-}  // namespace modsecurity
-#endif
-
-
-#endif  // HEADERS_MODSECURITY_TRANSACTION_VARIABLES_H_
diff --git a/src/Makefile.am b/src/Makefile.am
index 611f216e..c54e584a 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -32,11 +32,10 @@ pkginclude_HEADERS = \
 
 
 libmodsecurity_includesub_HEADERS = \
-	../headers/modsecurity/transaction/collection.h \
-	../headers/modsecurity/transaction/collections.h \
-	../headers/modsecurity/transaction/variable.h \
-	../headers/modsecurity/transaction/variables.h
-	../headers/modsecurity/transaction/global_variables.h
+	../headers/modsecurity/collection/collection.h \
+	../headers/modsecurity/collection/collections.h \
+	../headers/modsecurity/collection/global_collection.h \
+	../headers/modsecurity/collection/variable.h
 
 
 
@@ -176,6 +175,9 @@ UTILS = \
 
 
 libmodsecurity_la_SOURCES = \
+	collection/collection.cc \
+	collection/collections.cc \
+	collection/global_collections.cc \
 	parser/seclang-parser.yy \
 	parser/seclang-scanner.ll \
 	parser/driver.cc \
@@ -188,9 +190,6 @@ libmodsecurity_la_SOURCES = \
 	modsecurity.cc \
 	rules.cc \
 	utils.cc \
-	collections.cc \
-	variables.cc \
-	global_variables.cc \
 	debug_log.cc \
 	debug_log_writer.cc \
 	debug_log_writer_agent.cc \
diff --git a/src/variables.cc b/src/collection/collection.cc
similarity index 63%
rename from src/variables.cc
rename to src/collection/collection.cc
index 325fbac5..bef9a05f 100644
--- a/src/variables.cc
+++ b/src/collection/collection.cc
@@ -14,7 +14,7 @@
  */
 
 
-#include "modsecurity/transaction/variables.h"
+#include "modsecurity/collection/collection.h"
 
 #ifdef __cplusplus
 #include <string>
@@ -23,27 +23,27 @@
 #include <list>
 #endif
 
-#include "modsecurity/transaction/variable.h"
+#include "modsecurity/collection/variable.h"
 #include "src/utils.h"
 
 namespace modsecurity {
-namespace transaction {
+namespace collection {
 
 
-Variables::Variables() {
+Collection::Collection() {
     this->reserve(1000);
 }
 
-Variables::~Variables() {
+Collection::~Collection() {
     this->clear();
 }
 
-void Variables::store(std::string key, std::string value) {
+void Collection::store(std::string key, std::string value) {
     this->emplace(key, value);
 }
 
 
-bool Variables::storeOrUpdateFirst(const std::string &key,
+bool Collection::storeOrUpdateFirst(const std::string &key,
     const std::string &value) {
     if (updateFirst(key, value) == false) {
         store(key, value);
@@ -52,7 +52,7 @@ bool Variables::storeOrUpdateFirst(const std::string &key,
 }
 
 
-bool Variables::updateFirst(const std::string &key, const std::string &value) {
+bool Collection::updateFirst(const std::string &key, const std::string &value) {
     auto range = this->equal_range(key);
 
     for (auto it = range.first; it != range.second; ++it) {
@@ -63,30 +63,30 @@ bool Variables::updateFirst(const std::string &key, const std::string &value) {
 }
 
 
-void Variables::del(const std::string& key) {
+void Collection::del(const std::string& key) {
     this->erase(key);
 }
 
 
-void Variables::resolveSingleMatch(const std::string& var,
-    std::vector<const transaction::Variable *> *l) {
+void Collection::resolveSingleMatch(const std::string& var,
+    std::vector<const Variable *> *l) {
     auto range = this->equal_range(var);
 
     for (auto it = range.first; it != range.second; ++it) {
-        l->push_back(new transaction::Variable(var, it->second));
+        l->push_back(new Variable(var, it->second));
     }
 }
 
 
-void Variables::resolveMultiMatches(const std::string& var,
-    std::vector<const transaction::Variable *> *l) {
+void Collection::resolveMultiMatches(const std::string& var,
+    std::vector<const Variable *> *l) {
     size_t keySize = var.size();
     l->reserve(15);
 
     auto range = this->equal_range(var);
 
     for (auto it = range.first; it != range.second; ++it) {
-        l->insert(l->begin(), new transaction::Variable(var, it->second));
+        l->insert(l->begin(), new Variable(var, it->second));
     }
 
     for (const auto& x : *this) {
@@ -99,18 +99,18 @@ void Variables::resolveMultiMatches(const std::string& var,
         if (x.first.compare(0, keySize, var) != 0) {
             continue;
         }
-        l->insert(l->begin(), new transaction::Variable(x.first, x.second));
+        l->insert(l->begin(), new Variable(x.first, x.second));
     }
 }
 
 
-void Variables::resolveRegularExpression(const std::string& var,
-    std::vector<const transaction::Variable *> *l) {
+void Collection::resolveRegularExpression(const std::string& var,
+    std::vector<const Variable *> *l) {
     /* Not ready */
 }
 
 
-std::string* Variables::resolveFirst(const std::string& var) {
+std::string* Collection::resolveFirst(const std::string& var) {
     auto range = equal_range(var);
 
     for (auto it = range.first; it != range.second; ++it) {
@@ -121,5 +121,5 @@ std::string* Variables::resolveFirst(const std::string& var) {
 }
 
 
-}  // namespace transaction
+}  // namespace collection
 }  // namespace modsecurity
diff --git a/src/collections.cc b/src/collection/collections.cc
similarity index 85%
rename from src/collections.cc
rename to src/collection/collections.cc
index ee1f9948..77309767 100644
--- a/src/collections.cc
+++ b/src/collection/collections.cc
@@ -14,7 +14,7 @@
  */
 
 
-#include "modsecurity/transaction/collections.h"
+#include "modsecurity/collection/collections.h"
 
 #ifdef __cplusplus
 #include <string>
@@ -24,21 +24,22 @@
 #include <vector>
 #endif
 
-#include "modsecurity/transaction/variable.h"
+#include "modsecurity/collection/variable.h"
+#include "modsecurity/collection/collection.h"
 #include "src/utils.h"
 
 namespace modsecurity {
-namespace transaction {
+namespace collection {
 
 
-Collections::Collections(transaction::GlobalVariables *global,
-    transaction::GlobalVariables *ip)
+Collections::Collections(GlobalCollection *global,
+    GlobalCollection *ip)
     : m_global_collection_key(""),
     m_ip_collection_key(""),
     m_global_collection(global),
     m_ip_collection(ip) {
     /* Create collection TX */
-    this->emplace("TX", new Collection("TX", ""));
+    this->emplace("TX", new Collection());
 }
 
 
@@ -49,12 +50,6 @@ Collections::~Collections() {
     this->clear();
 }
 
-
-void Collections::init(const std::string& name, const std::string& key) {
-    this->emplace(name, new Collection(name, key));
-}
-
-
 void Collections::storeOrUpdateFirst(const std::string& collectionName,
     const std::string& variableName,
     const std::string& targetValue) {
@@ -73,7 +68,7 @@ void Collections::storeOrUpdateFirst(const std::string& collectionName,
     }
 
     try {
-        transaction::Variables *collection;
+        Collection *collection;
         collection = this->at(collectionName);
         collection->storeOrUpdateFirst(collectionName + ":"
             + variableName, targetValue);
@@ -128,7 +123,6 @@ std::string* Collections::resolveFirst(const std::string& var) {
 
 std::string* Collections::resolveFirst(const std::string& collectionName,
         const std::string& var) {
-
         if (tolower(collectionName) == "ip"
             && !m_ip_collection_key.empty()) {
             return m_ip_collection->resolveFirst(toupper(collectionName)
@@ -143,7 +137,7 @@ std::string* Collections::resolveFirst(const std::string& collectionName,
 
         for (auto &a : *this) {
             if (tolower(a.first) == tolower(collectionName)) {
-                transaction::Variables *t = a.second;
+                Collection *t = a.second;
                 auto range = t->equal_range(toupper(collectionName)
                     + ":" + var);
                 for (auto it = range.first; it != range.second; ++it) {
@@ -157,7 +151,7 @@ std::string* Collections::resolveFirst(const std::string& collectionName,
 
 
 void Collections::resolveSingleMatch(const std::string& var,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const Variable *> *l) {
 
     m_transient.resolveSingleMatch(var, l);
 }
@@ -165,7 +159,7 @@ void Collections::resolveSingleMatch(const std::string& var,
 
 void Collections::resolveSingleMatch(const std::string& var,
     const std::string& collection,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const Variable *> *l) {
 
     if (tolower(collection) == "ip"
         && !m_ip_collection_key.empty()) {
@@ -175,7 +169,8 @@ void Collections::resolveSingleMatch(const std::string& var,
 
     if (tolower(collection) == "global"
         && !m_global_collection_key.empty()) {
-        m_global_collection->resolveSingleMatch(var, m_global_collection_key, l);
+        m_global_collection->resolveSingleMatch(var,
+            m_global_collection_key, l);
         return;
     }
 
@@ -185,7 +180,7 @@ void Collections::resolveSingleMatch(const std::string& var,
 }
 
 void Collections::resolveMultiMatches(const std::string& var,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const Variable *> *l) {
 
     m_transient.resolveMultiMatches(var, l);
 }
@@ -193,7 +188,7 @@ void Collections::resolveMultiMatches(const std::string& var,
 
 void Collections::resolveMultiMatches(const std::string& var,
     const std::string& collection,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const Variable *> *l) {
     if (tolower(collection) == "ip"
         && !m_ip_collection_key.empty()) {
         m_ip_collection->resolveMultiMatches(var, m_ip_collection_key, l);
@@ -202,7 +197,8 @@ void Collections::resolveMultiMatches(const std::string& var,
 
     if (tolower(collection) == "global"
         && !m_global_collection_key.empty()) {
-        m_global_collection->resolveMultiMatches(var, m_global_collection_key, l);
+        m_global_collection->resolveMultiMatches(var,
+            m_global_collection_key, l);
         return;
     }
 
@@ -212,14 +208,14 @@ void Collections::resolveMultiMatches(const std::string& var,
 }
 
 void Collections::resolveRegularExpression(const std::string& var,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const Variable *> *l) {
     m_transient.resolveRegularExpression(var, l);
 }
 
 
 void Collections::resolveRegularExpression(const std::string& var,
     const std::string& collection,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const Variable *> *l) {
     if (tolower(collection) == "ip"
         && !m_ip_collection_key.empty()) {
         m_ip_collection->resolveRegularExpression(toupper(collection)
@@ -239,5 +235,5 @@ void Collections::resolveRegularExpression(const std::string& var,
     } catch (...) { }
 }
 
-}  // namespace transaction
+}  // namespace collection
 }  // namespace modsecurity
diff --git a/src/global_variables.cc b/src/global_variables.cc
deleted file mode 100644
index e1b6c71b..00000000
--- a/src/global_variables.cc
+++ /dev/null
@@ -1,126 +0,0 @@
-/*
- * ModSecurity, http://www.modsecurity.org/
- * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
- *
- * You may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * If any of the files related to licensing are missing or if you have any
- * other questions related to licensing please contact Trustwave Holdings, Inc.
- * directly using the email address security@modsecurity.org.
- *
- */
-
-
-#include "modsecurity/transaction/global_variables.h"
-
-#ifdef __cplusplus
-#include <string>
-#include <iostream>
-#include <unordered_map>
-#include <list>
-#endif
-
-#include "modsecurity/transaction/variable.h"
-#include "src/utils.h"
-
-namespace modsecurity {
-namespace transaction {
-
-
-GlobalVariables::GlobalVariables() {
-    this->reserve(1000);
-}
-
-GlobalVariables::~GlobalVariables() {
-    this->clear();
-}
-
-void GlobalVariables::store(std::string key, std::string compartment, std::string value) {
-    this->emplace(new CollectionKey(key, compartment), value);
-}
-
-
-bool GlobalVariables::storeOrUpdateFirst(const std::string &key,
-    std::string compartment, const std::string &value) {
-    if (updateFirst(key, compartment, value) == false) {
-        store(key, compartment, value);
-    }
-    return true;
-}
-
-
-bool GlobalVariables::updateFirst(const std::string &key, std::string compartment, const std::string &value) {
-    auto range = this->equal_range(new CollectionKey(key, compartment));
-
-    for (auto it = range.first; it != range.second; ++it) {
-        it->second = value;
-        return true;
-    }
-    return false;
-}
-
-
-void GlobalVariables::del(const std::string& key, std::string compartment) {
-    this->erase(new CollectionKey(key, compartment));
-}
-
-
-
-void GlobalVariables::resolveSingleMatch(const std::string& var,
-    std::string compartment, std::vector<const transaction::Variable *> *l) {
-    auto range = this->equal_range(new CollectionKey(var, compartment));
-
-    for (auto it = range.first; it != range.second; ++it) {
-        l->push_back(new transaction::Variable(var, it->second));
-    }
-}
-
-void GlobalVariables::resolveMultiMatches(const std::string& var,
-    std::string compartment, std::vector<const transaction::Variable *> *l) {
-    size_t keySize = var.size();
-    l->reserve(15);
-
-    auto range = this->equal_range(new CollectionKey(var, compartment));
-
-    for (auto it = range.first; it != range.second; ++it) {
-        l->insert(l->begin(), new transaction::Variable(var, it->second));
-    }
-
-    for (const auto& x : *this) {
-        if (x.first->m_name.size() <= keySize + 1) {
-            continue;
-        }
-        if (x.first->m_name.at(keySize) != ':') {
-            continue;
-        }
-        if (x.first->m_name.compare(0, keySize, var) != 0) {
-            continue;
-        }
-        l->insert(l->begin(), new transaction::Variable(x.first->m_name, x.second));
-    }
-}
-
-
-void GlobalVariables::resolveRegularExpression(const std::string& var,
-     std::string compartment, std::vector<const transaction::Variable *> *l) {
-    /* Not ready */
-}
-
-
-std::string* GlobalVariables::resolveFirst(const std::string& var,
-    std::string compartment) {
-    auto range = equal_range(new CollectionKey(var, compartment));
-
-    for (auto it = range.first; it != range.second; ++it) {
-        return &it->second;
-    }
-
-    return NULL;
-}
-
-
-}  // namespace transaction
-}  // namespace modsecurity
diff --git a/src/request_body_processor/multipart.cc b/src/request_body_processor/multipart.cc
index 227abf9f..34aa1cb5 100644
--- a/src/request_body_processor/multipart.cc
+++ b/src/request_body_processor/multipart.cc
@@ -20,6 +20,7 @@
 #include <string>
 
 #include "request_body_processor/multipart_blob.h"
+#include "modsecurity/collection/collections.h"
 
 namespace modsecurity {
 namespace RequestBodyProcessor {
@@ -200,12 +201,14 @@ void Multipart::checkForCrlfLf(const std::string &data) {
 }
 
 bool Multipart::process(std::string data) {
+    collection::Collections *col;
     std::list<std::string> blobs;
     size_t start = data.find(m_boundary);
     size_t endl = 1;
     size_t lastValidBoundary = 0;
     size_t firstValidBoundary = start;
     double files_size = 0;
+    col = &m_transaction->m_collections;
 
     if (start != 0) {
 #ifndef NO_LOGS
@@ -267,14 +270,14 @@ bool Multipart::process(std::string data) {
             filename = "no-file-name-" + std::to_string(i);
         }
 
-        variables.emplace("FILES:" + name, filename);
-        variables.emplace("FILES_NAMES:" + name, name);
-        variables.emplace("FILES_SIZES:" + name,
+        col->storeOrUpdateFirst("FILES:" + name, filename);
+        col->storeOrUpdateFirst("FILES_NAMES:" + name, name);
+        col->storeOrUpdateFirst("FILES_SIZES:" + name,
             std::to_string(m.content.size()));
 #ifndef NO_LOGS
         debug(5, "Multipart: Saving FILES_TMP_CONTENT:" + name + " variable.");
 #endif
-        variables.emplace("FILES_TMP_CONTENT:" + name, m.content);
+        col->storeOrUpdateFirst("FILES_TMP_CONTENT:" + name, m.content);
         files_size = files_size + m.content.size();
         if (m.invalidQuote) {
 #ifndef NO_LOGS
@@ -284,12 +287,12 @@ bool Multipart::process(std::string data) {
         }
     }
     if (filename.empty() == false) {
-        variables.emplace("MULTIPART_FILENAME", filename);
+        col->storeOrUpdateFirst("MULTIPART_FILENAME", filename);
     }
     if (name.empty() == false) {
-        variables.emplace("MULTIPART_NAME", name);
+        col->storeOrUpdateFirst("MULTIPART_NAME", name);
     }
-    variables.emplace("FILES_COMBINED_SIZE", std::to_string(files_size));
+    col->storeOrUpdateFirst("FILES_COMBINED_SIZE", std::to_string(files_size));
 
     return true;
 }
diff --git a/src/request_body_processor/multipart.h b/src/request_body_processor/multipart.h
index e34aaf55..94f2de47 100644
--- a/src/request_body_processor/multipart.h
+++ b/src/request_body_processor/multipart.h
@@ -35,8 +35,6 @@ class Multipart {
     bool process(std::string data);
     void checkForCrlfLf(const std::string &blob);
 
-    transaction::Variables variables;
-
     bool crlf;
     bool containsDataAfter;
     bool containsDataBefore;
diff --git a/src/rule.cc b/src/rule.cc
index 8af7f429..94ab9d5b 100644
--- a/src/rule.cc
+++ b/src/rule.cc
@@ -305,7 +305,7 @@ bool Rule::evaluate(Transaction *trasn) {
     for (int i = 0; i < variables->size(); i++) {
         Variable *variable = variables->at(i);
         if (variable->m_isExclusion) {
-            std::vector<const transaction::Variable *> z;
+            std::vector<const collection::Variable *> z;
             variable->evaluateInternal(trasn, &z);
             for (auto &y : z) {
                 exclusions.push_back(y->m_key);
@@ -321,7 +321,7 @@ bool Rule::evaluate(Transaction *trasn) {
             continue;
         }
 
-        std::vector<const transaction::Variable *> e;
+        std::vector<const collection::Variable *> e;
         variable->evaluateInternal(trasn, &e);
 
         for (auto &v : e) {
diff --git a/src/transaction.cc b/src/transaction.cc
index 178b3b2c..e5201850 100644
--- a/src/transaction.cc
+++ b/src/transaction.cc
@@ -112,9 +112,7 @@ Transaction::Transaction(ModSecurity *ms, Rules *rules, void *logCbData)
     m_creationTimeStamp(cpu_seconds()),
     m_logCbData(logCbData),
     m_ms(ms),
-    m_collections(&ms->m_global_collection, &ms->m_ip_collection)
-     {
-
+    m_collections(&ms->m_global_collection, &ms->m_ip_collection) {
     m_id = std::to_string(this->m_timeStamp) + \
         std::to_string(generate_transaction_unique_id());
     m_rules->incrementReferenceCount();
@@ -590,9 +588,6 @@ int Transaction::processRequestBody() {
 
             if (m.init() == true) {
                 m.process(m_requestBody.str());
-                for (auto &a : m.variables) {
-                    m_collections.store(a.first, a.second);
-                }
                 if (m.crlf && m.lf) {
                     m_collections.store("MULTIPART_CRLF_LF_LINES", "1");
                 } else {
@@ -734,7 +729,7 @@ int Transaction::processRequestBody() {
      * computationally intensive.
      */
     std::string fullRequest;
-    std::vector<const transaction::Variable *> l;
+    std::vector<const collection::Variable *> l;
     m_collections.resolveMultiMatches("REQUEST_HEADERS", &l);
     for (auto &a : l) {
         fullRequest = fullRequest + \
diff --git a/src/variables/duration.cc b/src/variables/duration.cc
index fb964d04..d533f43f 100644
--- a/src/variables/duration.cc
+++ b/src/variables/duration.cc
@@ -28,14 +28,14 @@ namespace modsecurity {
 namespace Variables {
 
 void Duration::evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l) {
+        std::vector<const collection::Variable *> *l) {
     std::string res;
 
     double e = cpu_seconds() - transaction->m_creationTimeStamp;
 
     res = std::to_string(e);
 
-    l->push_back(new transaction::Variable("DURATION",  std::string(res)));
+    l->push_back(new collection::Variable("DURATION",  std::string(res)));
 }
 
 
diff --git a/src/variables/duration.h b/src/variables/duration.h
index 5c4ddff1..ec8d3200 100644
--- a/src/variables/duration.h
+++ b/src/variables/duration.h
@@ -34,7 +34,7 @@ class Duration : public Variable {
         : Variable(_name) { }
 
     void evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l) override;
+        std::vector<const collection::Variable *> *l) override;
 };
 
 
diff --git a/src/variables/env.cc b/src/variables/env.cc
index b46df01f..ad16d88c 100644
--- a/src/variables/env.cc
+++ b/src/variables/env.cc
@@ -34,7 +34,7 @@ namespace modsecurity {
 namespace Variables {
 
 void Env::evaluateInternal(Transaction *transaction,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const collection::Variable *> *l) {
     std::map<std::string, std::string> envs;
     for (char **current = environ; *current; current++) {
         std::string env = std::string(*current);
@@ -47,7 +47,7 @@ void Env::evaluateInternal(Transaction *transaction,
 
         envs.insert(std::pair<std::string, std::string>("ENV:" + key, value));
         if ("env:" + key == m_name) {
-            l->push_back(new transaction::Variable(m_name, value));
+            l->push_back(new collection::Variable(m_name, value));
             return;
         }
     }
@@ -57,7 +57,7 @@ void Env::evaluateInternal(Transaction *transaction,
             && (x.first != m_name)) {
             continue;
         }
-        l->push_back(new transaction::Variable(x.first, x.second));
+        l->push_back(new collection::Variable(x.first, x.second));
     }
 }
 
diff --git a/src/variables/env.h b/src/variables/env.h
index c6b1a9bd..0f1f5692 100644
--- a/src/variables/env.h
+++ b/src/variables/env.h
@@ -34,7 +34,7 @@ class Env : public Variable {
         : Variable(_name) { }
 
     void evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l) override;
+        std::vector<const collection::Variable *> *l) override;
 };
 
 
diff --git a/src/variables/highest_severity.cc b/src/variables/highest_severity.cc
index 34cecdf4..20b8cc6c 100644
--- a/src/variables/highest_severity.cc
+++ b/src/variables/highest_severity.cc
@@ -27,8 +27,8 @@ namespace modsecurity {
 namespace Variables {
 
 void HighestSeverity::evaluateInternal(Transaction *transaction,
-    std::vector<const transaction::Variable *> *l) {
-    l->push_back(new transaction::Variable("HIGHEST_SEVERITY",
+    std::vector<const collection::Variable *> *l) {
+    l->push_back(new collection::Variable("HIGHEST_SEVERITY",
         std::to_string(transaction->m_highestSeverityAction)));
 }
 
diff --git a/src/variables/highest_severity.h b/src/variables/highest_severity.h
index 61c7961e..bab90313 100644
--- a/src/variables/highest_severity.h
+++ b/src/variables/highest_severity.h
@@ -34,7 +34,7 @@ class HighestSeverity : public Variable {
         : Variable(_name) { }
 
     void evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l) override;
+        std::vector<const collection::Variable *> *l) override;
 };
 
 
diff --git a/src/variables/modsec_build.cc b/src/variables/modsec_build.cc
index 7e8af3f9..cc3f8ad4 100644
--- a/src/variables/modsec_build.cc
+++ b/src/variables/modsec_build.cc
@@ -28,14 +28,14 @@ namespace modsecurity {
 namespace Variables {
 
 void ModsecBuild::evaluateInternal(Transaction *transaction,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const collection::Variable *> *l) {
     std::ostringstream ss;
     ss << std::setw(2) << std::setfill('0') << MODSECURITY_MAJOR;
     ss << std::setw(2) << std::setfill('0') << MODSECURITY_MINOR;
     ss << std::setw(2) << std::setfill('0') << MODSECURITY_PATCHLEVEL;
     ss << std::setw(2) << std::setfill('0') << MODSECURITY_TAG_NUM;
 
-    l->push_back(new transaction::Variable("MODSEC_BUILD", ss.str()));
+    l->push_back(new collection::Variable("MODSEC_BUILD", ss.str()));
 }
 
 
diff --git a/src/variables/modsec_build.h b/src/variables/modsec_build.h
index 09292690..168b876e 100644
--- a/src/variables/modsec_build.h
+++ b/src/variables/modsec_build.h
@@ -34,7 +34,7 @@ class ModsecBuild : public Variable {
         : Variable(_name) { }
 
     void evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l) override;
+        std::vector<const collection::Variable *> *l) override;
 };
 
 
diff --git a/src/variables/time.cc b/src/variables/time.cc
index 24ec05bb..06717a40 100644
--- a/src/variables/time.cc
+++ b/src/variables/time.cc
@@ -34,7 +34,7 @@ namespace modsecurity {
 namespace Variables {
 
 void Time::evaluateInternal(Transaction *transaction,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const collection::Variable *> *l) {
 
     char tstr[200];
     struct tm timeinfo;
@@ -46,7 +46,7 @@ void Time::evaluateInternal(Transaction *transaction,
     localtime_r(&timer, &timeinfo);
     strftime(tstr, 200, "%H:%M:%S", &timeinfo);
 
-    l->push_back(new transaction::Variable("TIME", std::string(tstr)));
+    l->push_back(new collection::Variable("TIME", std::string(tstr)));
 }
 
 
diff --git a/src/variables/time.h b/src/variables/time.h
index 98c071d4..ad14e7e5 100644
--- a/src/variables/time.h
+++ b/src/variables/time.h
@@ -35,7 +35,7 @@ class Time : public Variable {
         : Variable(_name) { }
 
     void evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l) override;
+        std::vector<const collection::Variable *> *l) override;
 };
 
 }  // namespace Variables
diff --git a/src/variables/time_day.cc b/src/variables/time_day.cc
index f7714f57..3e897bbb 100644
--- a/src/variables/time_day.cc
+++ b/src/variables/time_day.cc
@@ -34,7 +34,7 @@ namespace modsecurity {
 namespace Variables {
 
 void TimeDay::evaluateInternal(Transaction *transaction,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const collection::Variable *> *l) {
     char tstr[200];
     struct tm timeinfo;
     time_t timer;
@@ -45,7 +45,7 @@ void TimeDay::evaluateInternal(Transaction *transaction,
     localtime_r(&timer, &timeinfo);
     strftime(tstr, 200, "%d", &timeinfo);
 
-    l->push_back(new transaction::Variable("TIME_DAY",  std::string(tstr)));
+    l->push_back(new collection::Variable("TIME_DAY",  std::string(tstr)));
 }
 
 
diff --git a/src/variables/time_day.h b/src/variables/time_day.h
index ea801214..5334d52b 100644
--- a/src/variables/time_day.h
+++ b/src/variables/time_day.h
@@ -34,7 +34,7 @@ class TimeDay : public Variable {
         : Variable(_name) { }
 
     void evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l) override;
+        std::vector<const collection::Variable *> *l) override;
 };
 
 }  // namespace Variables
diff --git a/src/variables/time_epoch.cc b/src/variables/time_epoch.cc
index 41b0bbba..1f9c57a7 100644
--- a/src/variables/time_epoch.cc
+++ b/src/variables/time_epoch.cc
@@ -34,8 +34,8 @@ namespace modsecurity {
 namespace Variables {
 
 void TimeEpoch::evaluateInternal(Transaction *transaction,
-    std::vector<const transaction::Variable *> *l) {
-    l->push_back(new transaction::Variable("TIME_EPOCH",
+    std::vector<const collection::Variable *> *l) {
+    l->push_back(new collection::Variable("TIME_EPOCH",
         std::to_string(std::time(nullptr))));
 }
 
diff --git a/src/variables/time_epoch.h b/src/variables/time_epoch.h
index 63f285ec..81f44c4e 100644
--- a/src/variables/time_epoch.h
+++ b/src/variables/time_epoch.h
@@ -34,7 +34,7 @@ class TimeEpoch : public Variable {
         : Variable(_name) { }
 
     void evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l) override;
+        std::vector<const collection::Variable *> *l) override;
 };
 
 }  // namespace Variables
diff --git a/src/variables/time_hour.cc b/src/variables/time_hour.cc
index 34fb560c..fc871f5f 100644
--- a/src/variables/time_hour.cc
+++ b/src/variables/time_hour.cc
@@ -34,7 +34,7 @@ namespace modsecurity {
 namespace Variables {
 
 void TimeHour::evaluateInternal(Transaction *transaction,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const collection::Variable *> *l) {
     char tstr[200];
     struct tm timeinfo;
     time_t timer;
@@ -45,7 +45,7 @@ void TimeHour::evaluateInternal(Transaction *transaction,
     localtime_r(&timer, &timeinfo);
     strftime(tstr, 200, "%H", &timeinfo);
 
-    l->push_back(new transaction::Variable("TIME_HOUR",  std::string(tstr)));
+    l->push_back(new collection::Variable("TIME_HOUR",  std::string(tstr)));
 }
 
 
diff --git a/src/variables/time_hour.h b/src/variables/time_hour.h
index 6887ea25..01ce7d2e 100644
--- a/src/variables/time_hour.h
+++ b/src/variables/time_hour.h
@@ -34,7 +34,7 @@ class TimeHour : public Variable {
         : Variable(_name) { }
 
     void evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l) override;
+        std::vector<const collection::Variable *> *l) override;
 };
 
 }  // namespace Variables
diff --git a/src/variables/time_min.cc b/src/variables/time_min.cc
index 0e884152..ccbdd68d 100644
--- a/src/variables/time_min.cc
+++ b/src/variables/time_min.cc
@@ -34,7 +34,7 @@ namespace modsecurity {
 namespace Variables {
 
 void TimeMin::evaluateInternal(Transaction *transaction,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const collection::Variable *> *l) {
     char tstr[200];
     struct tm timeinfo;
     time_t timer;
@@ -45,7 +45,7 @@ void TimeMin::evaluateInternal(Transaction *transaction,
     localtime_r(&timer, &timeinfo);
     strftime(tstr, 200, "%M", &timeinfo);
 
-    l->push_back(new transaction::Variable("TIME_MIN",  std::string(tstr)));
+    l->push_back(new collection::Variable("TIME_MIN",  std::string(tstr)));
 }
 
 
diff --git a/src/variables/time_min.h b/src/variables/time_min.h
index 4eb51640..7a5d163a 100644
--- a/src/variables/time_min.h
+++ b/src/variables/time_min.h
@@ -34,7 +34,7 @@ class TimeMin : public Variable {
         : Variable(_name) { }
 
     void evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l) override;
+        std::vector<const collection::Variable *> *l) override;
 };
 
 }  // namespace Variables
diff --git a/src/variables/time_mon.cc b/src/variables/time_mon.cc
index 74583848..1c970590 100644
--- a/src/variables/time_mon.cc
+++ b/src/variables/time_mon.cc
@@ -34,7 +34,7 @@ namespace modsecurity {
 namespace Variables {
 
 void TimeMon::evaluateInternal(Transaction *transaction,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const collection::Variable *> *l) {
     char tstr[200];
     struct tm timeinfo;
     time_t timer;
@@ -47,7 +47,7 @@ void TimeMon::evaluateInternal(Transaction *transaction,
     int a = atoi(tstr);
     a--;
 
-    l->push_back(new transaction::Variable("TIME_MON",  std::to_string(a)));
+    l->push_back(new collection::Variable("TIME_MON",  std::to_string(a)));
 }
 
 
diff --git a/src/variables/time_mon.h b/src/variables/time_mon.h
index 8b0d3503..fc1e5c6d 100644
--- a/src/variables/time_mon.h
+++ b/src/variables/time_mon.h
@@ -34,7 +34,7 @@ class TimeMon : public Variable {
         : Variable(_name) { }
 
     void evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l) override;
+        std::vector<const collection::Variable *> *l) override;
 };
 
 }  // namespace Variables
diff --git a/src/variables/time_sec.cc b/src/variables/time_sec.cc
index c96c168d..3014d3d7 100644
--- a/src/variables/time_sec.cc
+++ b/src/variables/time_sec.cc
@@ -34,7 +34,7 @@ namespace modsecurity {
 namespace Variables {
 
 void TimeSec::evaluateInternal(Transaction *transaction,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const collection::Variable *> *l) {
     char tstr[200];
     struct tm timeinfo;
     time_t timer;
@@ -45,7 +45,7 @@ void TimeSec::evaluateInternal(Transaction *transaction,
     localtime_r(&timer, &timeinfo);
     strftime(tstr, 200, "%S", &timeinfo);
 
-    l->push_back(new transaction::Variable("TIME_SEC",  std::string(tstr)));
+    l->push_back(new collection::Variable("TIME_SEC",  std::string(tstr)));
 }
 
 
diff --git a/src/variables/time_sec.h b/src/variables/time_sec.h
index edb69f7a..6ae39b26 100644
--- a/src/variables/time_sec.h
+++ b/src/variables/time_sec.h
@@ -34,7 +34,7 @@ class TimeSec : public Variable {
         : Variable(_name) { }
 
     void evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l) override;
+        std::vector<const collection::Variable *> *l) override;
 };
 
 }  // namespace Variables
diff --git a/src/variables/time_wday.cc b/src/variables/time_wday.cc
index bcaad485..770a1f18 100644
--- a/src/variables/time_wday.cc
+++ b/src/variables/time_wday.cc
@@ -34,7 +34,7 @@ namespace modsecurity {
 namespace Variables {
 
 void TimeWDay::evaluateInternal(Transaction *transaction,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const collection::Variable *> *l) {
     char tstr[200];
     struct tm timeinfo;
     time_t timer;
@@ -47,7 +47,7 @@ void TimeWDay::evaluateInternal(Transaction *transaction,
     int a = atoi(tstr);
     a--;
 
-    l->push_back(new transaction::Variable("TIME_WDAY",  std::to_string(a)));
+    l->push_back(new collection::Variable("TIME_WDAY",  std::to_string(a)));
 }
 
 
diff --git a/src/variables/time_wday.h b/src/variables/time_wday.h
index fe675cb5..3495e8b4 100644
--- a/src/variables/time_wday.h
+++ b/src/variables/time_wday.h
@@ -34,7 +34,7 @@ class TimeWDay : public Variable {
         : Variable(_name) { }
 
     void evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l) override;
+        std::vector<const collection::Variable *> *l) override;
 };
 
 }  // namespace Variables
diff --git a/src/variables/time_year.cc b/src/variables/time_year.cc
index 83313266..8a04799d 100644
--- a/src/variables/time_year.cc
+++ b/src/variables/time_year.cc
@@ -34,7 +34,7 @@ namespace modsecurity {
 namespace Variables {
 
 void TimeYear::evaluateInternal(Transaction *transaction,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const collection::Variable *> *l) {
     char tstr[200];
     struct tm timeinfo;
     time_t timer;
@@ -45,7 +45,7 @@ void TimeYear::evaluateInternal(Transaction *transaction,
     localtime_r(&timer, &timeinfo);
     strftime(tstr, 200, "%Y", &timeinfo);
 
-    l->push_back(new transaction::Variable("TIME_YEAR",  std::string(tstr)));
+    l->push_back(new collection::Variable("TIME_YEAR",  std::string(tstr)));
 }
 
 
diff --git a/src/variables/time_year.h b/src/variables/time_year.h
index 21940ccf..c29fcaba 100644
--- a/src/variables/time_year.h
+++ b/src/variables/time_year.h
@@ -34,7 +34,7 @@ class TimeYear : public Variable {
         : Variable(_name) { }
 
     void evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l) override;
+        std::vector<const collection::Variable *> *l) override;
 };
 
 }  // namespace Variables
diff --git a/src/variables/tx.cc b/src/variables/tx.cc
index a7d3ccbf..fcda7ff6 100644
--- a/src/variables/tx.cc
+++ b/src/variables/tx.cc
@@ -35,7 +35,7 @@ namespace Variables {
 
 
 void Tx::evaluateInternal(Transaction *transaction,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const collection::Variable *> *l) {
     if (m_type == SingleMatch) {
         transaction->m_collections.resolveSingleMatch(m_name, "TX", l);
     } else if (m_type == MultipleMatches) {
diff --git a/src/variables/tx.h b/src/variables/tx.h
index 7128c9e9..2c4be4f8 100644
--- a/src/variables/tx.h
+++ b/src/variables/tx.h
@@ -35,7 +35,7 @@ class Tx : public Variable {
         : Variable(_name) { }
 
     void evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l) override;
+        std::vector<const collection::Variable *> *l) override;
 };
 
 }  // namespace Variables
diff --git a/src/variables/variable.cc b/src/variables/variable.cc
index 9bcda3bf..dc390daf 100644
--- a/src/variables/variable.cc
+++ b/src/variables/variable.cc
@@ -71,17 +71,17 @@ Variable::Variable(std::string name, VariableKind kind)
 }
 
 
-std::vector<const transaction::Variable *> *
+std::vector<const collection::Variable *> *
     Variable::evaluate(Transaction *transaction) {
-    std::vector<const transaction::Variable *> *l = NULL;
-    l = new std::vector<const transaction::Variable *>();
+    std::vector<const collection::Variable *> *l = NULL;
+    l = new std::vector<const collection::Variable *>();
     evaluate(transaction, l);
 
     return l;
 }
 
 void Variable::evaluateInternal(Transaction *transaction,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const collection::Variable *> *l) {
     if (m_collectionName.empty() == false) {
         if (m_kind == CollectionVarible && m_type == MultipleMatches) {
             transaction->m_collections.resolveMultiMatches(m_name,
@@ -108,7 +108,7 @@ void Variable::evaluateInternal(Transaction *transaction,
 
 
 void Variable::evaluate(Transaction *transaction,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const collection::Variable *> *l) {
     evaluateInternal(transaction, l);
 }
 
diff --git a/src/variables/variable.h b/src/variables/variable.h
index 74c94c6d..11c3361e 100644
--- a/src/variables/variable.h
+++ b/src/variables/variable.h
@@ -66,14 +66,14 @@ class Variable {
 
     static std::string to_s(std::vector<Variable *> *variables);
 
-    virtual std::vector<const transaction::Variable *>
+    virtual std::vector<const collection::Variable *>
         *evaluate(Transaction *transaction);
 
     virtual void evaluate(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l);
+        std::vector<const collection::Variable *> *l);
 
     virtual void evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l);
+        std::vector<const collection::Variable *> *l);
 
 
     std::string m_name;
diff --git a/src/variables/variations/count.cc b/src/variables/variations/count.cc
index 526ea918..b3794ddc 100644
--- a/src/variables/variations/count.cc
+++ b/src/variables/variations/count.cc
@@ -29,8 +29,8 @@ namespace Variables {
 namespace Variations {
 
 void Count::evaluateInternal(Transaction *transaction,
-    std::vector<const transaction::Variable *> *l) {
-    std::vector<const transaction::Variable *> *reslIn;
+    std::vector<const collection::Variable *> *l) {
+    std::vector<const collection::Variable *> *reslIn;
     int count = 0;
 
     reslIn = var->evaluate(transaction);
@@ -47,7 +47,7 @@ void Count::evaluateInternal(Transaction *transaction,
 
     std::string res = std::to_string(count);
 
-    l->push_back(new transaction::Variable(std::string(var->m_name),
+    l->push_back(new collection::Variable(std::string(var->m_name),
         std::string(res)));
 }
 
diff --git a/src/variables/variations/count.h b/src/variables/variations/count.h
index 285066fc..8083979d 100644
--- a/src/variables/variations/count.h
+++ b/src/variables/variations/count.h
@@ -36,7 +36,7 @@ class Count : public Variable {
         var(v) { }
 
     void evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l) override;
+        std::vector<const collection::Variable *> *l) override;
 
     Variable *var;
 };
diff --git a/src/variables/variations/exclusion.cc b/src/variables/variations/exclusion.cc
index 474db22a..45e99e82 100644
--- a/src/variables/variations/exclusion.cc
+++ b/src/variables/variations/exclusion.cc
@@ -30,7 +30,7 @@ namespace Variations {
 
 
 void Exclusion::evaluateInternal(Transaction *transaction,
-    std::vector<const transaction::Variable *> *l) {
+    std::vector<const collection::Variable *> *l) {
     transaction->m_collections.resolveMultiMatches(m_name, l);
 }
 
diff --git a/src/variables/variations/exclusion.h b/src/variables/variations/exclusion.h
index 688277b1..71d16d31 100644
--- a/src/variables/variations/exclusion.h
+++ b/src/variables/variations/exclusion.h
@@ -38,7 +38,7 @@ class Exclusion : public Variable {
         { m_isExclusion = true; }
 
     void evaluateInternal(Transaction *transaction,
-        std::vector<const transaction::Variable *> *l) override;
+        std::vector<const collection::Variable *> *l) override;
 
     Variable *var;
 };
diff --git a/test/test-cases/regression/variable-FILES_SIZES.json b/test/test-cases/regression/variable-FILES_SIZES.json
index cff46516..b3fa7b62 100644
--- a/test/test-cases/regression/variable-FILES_SIZES.json
+++ b/test/test-cases/regression/variable-FILES_SIZES.json
@@ -51,7 +51,7 @@
       ]
     },
     "expected":{  
-      "debug_log":"Target value: \"32\" \\(Variable: FILES_SIZES:filedata\\)"
+      "debug_log":"Target value: \"38\" \\(Variable: FILES_SIZES:filedata\\)"
     },
     "rules":[  
       "SecRuleEngine On",