Adds support to the TIME* variables

src/Makefile.am

@@ -28,6 +28,16 @@ pkginclude_HEADERS = \
 	../headers/modsecurity/debug_log.h \
 	../headers/modsecurity/intervention.h
 
+VARIABLES = \
+	variables/time.cc \
+	variables/time_day.cc \
+	variables/time_epoch.cc \
+	variables/time_hour.cc \
+	variables/time_min.cc \
+	variables/time_mon.cc \
+	variables/time_sec.cc \
+	variables/time_wday.cc \
+	variables/time_year.cc
 
 ACTIONS = \
 	actions/action.cc \
@@ -141,7 +151,8 @@ libmodsecurity_la_SOURCES = \
 	operators/str_match.cc \
 	operators/begins_with.cc \
 	${ACTIONS} \
-	${UTILS}
+	${UTILS} \
+	${VARIABLES}
 
 
 

src/parser/seclang-parser.yy

@@ -20,6 +20,15 @@ class Driver;
 #include "variable_modsec_build.h"
 #include "variable_highest_severity.h"
 #include "utils/geo_lookup.h"
+#include "variables/time.h"
+#include "variables/time_day.h"
+#include "variables/time_epoch.h"
+#include "variables/time_hour.h"
+#include "variables/time_min.h"
+#include "variables/time_mon.h"
+#include "variables/time_sec.h"
+#include "variables/time_wday.h"
+#include "variables/time_year.h"
 
 using ModSecurity::actions::Action;
 using ModSecurity::actions::transformations::Transformation;
@@ -31,6 +40,15 @@ using ModSecurity::VariableModsecBuild;
 using ModSecurity::VariableHighestSeverity;
 using ModSecurity::Rule;
 using ModSecurity::Utils::GeoLookup;
+using ModSecurity::Variables::Time;
+using ModSecurity::Variables::TimeDay;
+using ModSecurity::Variables::TimeEpoch;
+using ModSecurity::Variables::TimeHour;
+using ModSecurity::Variables::TimeMin;
+using ModSecurity::Variables::TimeMon;
+using ModSecurity::Variables::TimeSec;
+using ModSecurity::Variables::TimeWDay;
+using ModSecurity::Variables::TimeYear;
 
 }
 // The parsing context.
@@ -97,6 +115,16 @@ using ModSecurity::Utils::GeoLookup;
 %token <std::string> RUN_TIME_VAR_BLD
 %token <std::string> RUN_TIME_VAR_HSV
 
+%token <std::string> RUN_TIME_VAR_TIME
+%token <std::string> RUN_TIME_VAR_TIME_DAY
+%token <std::string> RUN_TIME_VAR_TIME_EPOCH
+%token <std::string> RUN_TIME_VAR_TIME_HOUR
+%token <std::string> RUN_TIME_VAR_TIME_MIN
+%token <std::string> RUN_TIME_VAR_TIME_MON
+%token <std::string> RUN_TIME_VAR_TIME_SEC
+%token <std::string> RUN_TIME_VAR_TIME_WDAY
+%token <std::string> RUN_TIME_VAR_TIME_YEAR
+
 %token <std::string> CONFIG_DIR_GEO_DB
 
 %token <std::string> OPERATOR
@@ -322,8 +350,115 @@ variables:
         variables->push_back(new VariableHighestSeverity($1));
         $$ = variables;
       }
+    | RUN_TIME_VAR_TIME
+      {
+        std::vector<Variable *> *variables = new std::vector<Variable *>;
+        variables->push_back(new ModSecurity::Variables::Time($1));
+        $$ = variables;
+      }
+    | RUN_TIME_VAR_TIME_DAY
+      {
+        std::vector<Variable *> *variables = new std::vector<Variable *>;
+        variables->push_back(new ModSecurity::Variables::TimeDay($1));
+        $$ = variables;
+      }
+    | RUN_TIME_VAR_TIME_EPOCH
+      {
+        std::vector<Variable *> *variables = new std::vector<Variable *>;
+        variables->push_back(new ModSecurity::Variables::TimeEpoch($1));
+        $$ = variables;
+      }
+    | RUN_TIME_VAR_TIME_HOUR
+      {
+        std::vector<Variable *> *variables = new std::vector<Variable *>;
+        variables->push_back(new ModSecurity::Variables::TimeHour($1));
+        $$ = variables;
+      }
+    | RUN_TIME_VAR_TIME_MIN
+      {
+        std::vector<Variable *> *variables = new std::vector<Variable *>;
+        variables->push_back(new ModSecurity::Variables::TimeMin($1));
+        $$ = variables;
+      }
+    | RUN_TIME_VAR_TIME_MON
+      {
+        std::vector<Variable *> *variables = new std::vector<Variable *>;
+        variables->push_back(new ModSecurity::Variables::TimeMon($1));
+        $$ = variables;
+      }
+    | RUN_TIME_VAR_TIME_SEC
+      {
+        std::vector<Variable *> *variables = new std::vector<Variable *>;
+        variables->push_back(new ModSecurity::Variables::TimeSec($1));
+        $$ = variables;
+      }
+    | RUN_TIME_VAR_TIME_WDAY
+      {
+        std::vector<Variable *> *variables = new std::vector<Variable *>;
+        variables->push_back(new ModSecurity::Variables::TimeWDay($1));
+        $$ = variables;
+      }
+    | RUN_TIME_VAR_TIME_YEAR
+      {
+        std::vector<Variable *> *variables = new std::vector<Variable *>;
+        variables->push_back(new ModSecurity::Variables::TimeYear($1));
+        $$ = variables;
+      }
+    | variables PIPE RUN_TIME_VAR_TIME
+      {
+        std::vector<Variable *> *v = $1;
+        v->push_back(new ModSecurity::Variables::Time($3));
+        $$ = $1;
+      }
+    | variables PIPE RUN_TIME_VAR_TIME_DAY
+      {
+        std::vector<Variable *> *v = $1;
+        v->push_back(new ModSecurity::Variables::TimeDay($3));
+        $$ = $1;
+      }
+    | variables PIPE RUN_TIME_VAR_TIME_EPOCH
+      {
+        std::vector<Variable *> *v = $1;
+        v->push_back(new ModSecurity::Variables::TimeEpoch($3));
+        $$ = $1;
+      }
+    | variables PIPE RUN_TIME_VAR_TIME_HOUR
+      {
+        std::vector<Variable *> *v = $1;
+        v->push_back(new ModSecurity::Variables::TimeHour($3));
+        $$ = $1;
+      }
+    | variables PIPE RUN_TIME_VAR_TIME_MIN
+      {
+        std::vector<Variable *> *v = $1;
+        v->push_back(new ModSecurity::Variables::TimeMin($3));
+        $$ = $1;
+      }
+    | variables PIPE RUN_TIME_VAR_TIME_MON
+      {
+        std::vector<Variable *> *v = $1;
+        v->push_back(new ModSecurity::Variables::TimeMon($3));
+        $$ = $1;
+      }
+    | variables PIPE RUN_TIME_VAR_TIME_SEC
+      {
+        std::vector<Variable *> *v = $1;
+        v->push_back(new ModSecurity::Variables::TimeSec($3));
+        $$ = $1;
+      }
+    | variables PIPE RUN_TIME_VAR_TIME_WDAY
+      {
+        std::vector<Variable *> *v = $1;
+        v->push_back(new ModSecurity::Variables::TimeWDay($3));
+        $$ = $1;
+      }
+    | variables PIPE RUN_TIME_VAR_TIME_YEAR
+      {
+        std::vector<Variable *> *v = $1;
+        v->push_back(new ModSecurity::Variables::TimeYear($3));
+        $$ = $1;
+      }
 
-      
 actions:
     actions COMMA SPACE ACTION
       {

src/parser/seclang-scanner.ll

@@ -66,6 +66,16 @@ RUN_TIME_VAR_ENV  (?i:ENV)
 RUN_TIME_VAR_BLD  (?i:MODSEC_BUILD)
 RUN_TIME_VAR_HSV  (?i:HIGHEST_SEVERITY)
 
+RUN_TIME_VAR_TIME       (?i:TIME)
+RUN_TIME_VAR_TIME_DAY   (?i:TIME_DAY)
+RUN_TIME_VAR_TIME_EPOCH (?i:TIME_EPOCH)
+RUN_TIME_VAR_TIME_HOUR  (?i:TIME_HOUR)
+RUN_TIME_VAR_TIME_MIN   (?i:TIME_MIN)
+RUN_TIME_VAR_TIME_MON   (?i:TIME_MON)
+RUN_TIME_VAR_TIME_SEC   (?i:TIME_SEC)
+RUN_TIME_VAR_TIME_WDAY  (?i:TIME_WDAY)
+RUN_TIME_VAR_TIME_YEAR  (?i:TIME_YEAR)
+
 VARIABLENOCOLON  (?i:REQBODY_ERROR|MULTIPART_STRICT_ERROR|MULTIPART_UNMATCHED_BOUNDARY|REMOTE_ADDR|REQUEST_LINE)
 
 CONFIG_VALUE_ON On
@@ -122,6 +132,17 @@ FREE_TEXT_NEW_LINE       [^\"|\n]+
 {RUN_TIME_VAR_BLD}                      { return yy::seclang_parser::make_RUN_TIME_VAR_BLD(yytext, loc); }
 {RUN_TIME_VAR_HSV}                      { return yy::seclang_parser::make_RUN_TIME_VAR_HSV(yytext, loc); }
 
+%{ /* Variables: TIME */ %}
+{RUN_TIME_VAR_TIME}        { return yy::seclang_parser::make_RUN_TIME_VAR_TIME(yytext, loc); }
+{RUN_TIME_VAR_TIME_DAY}    { return yy::seclang_parser::make_RUN_TIME_VAR_TIME_DAY(yytext, loc); }
+{RUN_TIME_VAR_TIME_EPOCH}  { return yy::seclang_parser::make_RUN_TIME_VAR_TIME_EPOCH(yytext, loc); }
+{RUN_TIME_VAR_TIME_HOUR}   { return yy::seclang_parser::make_RUN_TIME_VAR_TIME_HOUR(yytext, loc); }
+{RUN_TIME_VAR_TIME_MIN}    { return yy::seclang_parser::make_RUN_TIME_VAR_TIME_MIN(yytext, loc); }
+{RUN_TIME_VAR_TIME_MON}    { return yy::seclang_parser::make_RUN_TIME_VAR_TIME_MON(yytext, loc); }
+{RUN_TIME_VAR_TIME_SEC}    { return yy::seclang_parser::make_RUN_TIME_VAR_TIME_SEC(yytext, loc); }
+{RUN_TIME_VAR_TIME_WDAY}   { return yy::seclang_parser::make_RUN_TIME_VAR_TIME_WDAY(yytext, loc); }
+{RUN_TIME_VAR_TIME_YEAR}   { return yy::seclang_parser::make_RUN_TIME_VAR_TIME_YEAR(yytext, loc); }
+
 %{ /* Geo DB loopkup */ %}
 {CONFIG_DIR_GEO_DB}[ ]{FREE_TEXT_NEW_LINE}      { return yy::seclang_parser::make_CONFIG_DIR_GEO_DB(strchr(yytext, ' ') + 1, loc); }
 

src/variables/time.cc

@@ -0,0 +1,59 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "variables/time.h"
+
+#include <time.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#include "modsecurity/assay.h"
+
+namespace ModSecurity {
+namespace Variables {
+
+std::list<std::pair<std::string, std::string>>
+    Time::evaluate(Assay *assay) {
+    std::list<std::pair<std::string, std::string>> resl;
+    std::pair<std::string, std::string> pair;
+    char tstr[200];
+    struct tm timeinfo;
+    time_t timer;
+
+    time(&timer);
+    memset(tstr, '\0', 200);
+
+    localtime_r(&timer, &timeinfo);
+    strftime(tstr, 200, "%H:%M:%S", &timeinfo);
+
+    pair = std::make_pair(std::string("TIME"),
+       std::string(tstr));
+    resl.push_back(pair);
+
+    return resl;
+}
+
+
+}  // namespace Variables
+}  // namespace ModSecurity

src/variables/time.h

@@ -0,0 +1,44 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_TIME_H_
+#define SRC_VARIABLES_TIME_H_
+
+#include "src/variable.h"
+
+namespace ModSecurity {
+
+class Assay;
+namespace Variables {
+
+class Time : public Variable {
+ public:
+    explicit Time(std::string _name)
+        : Variable(_name) { }
+
+    std::list<std::pair<std::string, std::string>>
+        evaluate(Assay *assay) override;
+};
+
+}  // namespace Variables
+}  // namespace ModSecurity
+
+#endif  // SRC_VARIABLES_TIME_H_

src/variables/time_day.cc

@@ -0,0 +1,59 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "variables/time_day.h"
+
+#include <time.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#include "modsecurity/assay.h"
+
+namespace ModSecurity {
+namespace Variables {
+
+std::list<std::pair<std::string, std::string>>
+    TimeDay::evaluate(Assay *assay) {
+    std::list<std::pair<std::string, std::string>> resl;
+    std::pair<std::string, std::string> pair;
+    char tstr[200];
+    struct tm timeinfo;
+    time_t timer;
+
+    time(&timer);
+    memset(tstr, '\0', 200);
+
+    localtime_r(&timer, &timeinfo);
+    strftime(tstr, 200, "%d", &timeinfo);
+
+    pair = std::make_pair(std::string("TIME_DAY"),
+       std::string(tstr));
+    resl.push_back(pair);
+
+    return resl;
+}
+
+
+}  // namespace Variables
+}  // namespace ModSecurity

src/variables/time_day.h

@@ -0,0 +1,43 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <vector>
+#include <string>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_TIME_DAY_H_
+#define SRC_VARIABLES_TIME_DAY_H_
+
+#include "src/variable.h"
+
+namespace ModSecurity {
+
+class Assay;
+namespace Variables {
+
+class TimeDay : public Variable {
+ public:
+    explicit TimeDay(std::string _name)
+        : Variable(_name) { }
+
+    std::list<std::pair<std::string, std::string>>
+        evaluate(Assay *assay) override;
+};
+
+}  // namespace Variables
+}  // namespace ModSecurity
+
+#endif  // SRC_VARIABLES_TIME_DAY_H_

src/variables/time_epoch.cc

@@ -0,0 +1,50 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "variables/time_epoch.h"
+
+#include <time.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#include "modsecurity/assay.h"
+
+namespace ModSecurity {
+namespace Variables {
+
+std::list<std::pair<std::string, std::string>>
+    TimeEpoch::evaluate(Assay *assay) {
+    std::list<std::pair<std::string, std::string>> resl;
+    std::pair<std::string, std::string> pair;
+
+    pair = std::make_pair(std::string("TIME_EPOCH"),
+       std::to_string(std::time(nullptr)));
+    resl.push_back(pair);
+
+    return resl;
+}
+
+
+}  // namespace Variables
+}  // namespace ModSecurity

src/variables/time_epoch.h

@@ -0,0 +1,43 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <vector>
+#include <string>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_TIME_EPOCH_H_
+#define SRC_VARIABLES_TIME_EPOCH_H_
+
+#include "src/variable.h"
+
+namespace ModSecurity {
+
+class Assay;
+namespace Variables {
+
+class TimeEpoch : public Variable {
+ public:
+    explicit TimeEpoch(std::string _name)
+        : Variable(_name) { }
+
+    std::list<std::pair<std::string, std::string>>
+        evaluate(Assay *assay) override;
+};
+
+}  // namespace Variables
+}  // namespace ModSecurity
+
+#endif  // SRC_VARIABLES_TIME_EPOCH_H_

src/variables/time_hour.cc

@@ -0,0 +1,59 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "variables/time_hour.h"
+
+#include <time.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#include "modsecurity/assay.h"
+
+namespace ModSecurity {
+namespace Variables {
+
+std::list<std::pair<std::string, std::string>>
+    TimeHour::evaluate(Assay *assay) {
+    std::list<std::pair<std::string, std::string>> resl;
+    std::pair<std::string, std::string> pair;
+    char tstr[200];
+    struct tm timeinfo;
+    time_t timer;
+
+    time(&timer);
+    memset(tstr, '\0', 200);
+
+    localtime_r(&timer, &timeinfo);
+    strftime(tstr, 200, "%H", &timeinfo);
+
+    pair = std::make_pair(std::string("TIME_HOUR"),
+       std::string(tstr));
+    resl.push_back(pair);
+
+    return resl;
+}
+
+
+}  // namespace Variables
+}  // namespace ModSecurity

src/variables/time_hour.h

@@ -0,0 +1,43 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <vector>
+#include <string>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_TIME_HOUR_H_
+#define SRC_VARIABLES_TIME_HOUR_H_
+
+#include "src/variable.h"
+
+namespace ModSecurity {
+
+class Assay;
+namespace Variables {
+
+class TimeHour : public Variable {
+ public:
+    explicit TimeHour(std::string _name)
+        : Variable(_name) { }
+
+    std::list<std::pair<std::string, std::string>>
+        evaluate(Assay *assay) override;
+};
+
+}  // namespace Variables
+}  // namespace ModSecurity
+
+#endif  // SRC_VARIABLES_TIME_HOUR_H_

src/variables/time_min.cc

@@ -0,0 +1,59 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "variables/time_min.h"
+
+#include <time.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#include "modsecurity/assay.h"
+
+namespace ModSecurity {
+namespace Variables {
+
+std::list<std::pair<std::string, std::string>>
+    TimeMin::evaluate(Assay *assay) {
+    std::list<std::pair<std::string, std::string>> resl;
+    std::pair<std::string, std::string> pair;
+    char tstr[200];
+    struct tm timeinfo;
+    time_t timer;
+
+    time(&timer);
+    memset(tstr, '\0', 200);
+
+    localtime_r(&timer, &timeinfo);
+    strftime(tstr, 200, "%M", &timeinfo);
+
+    pair = std::make_pair(std::string("TIME_MIN"),
+       std::string(tstr));
+    resl.push_back(pair);
+
+    return resl;
+}
+
+
+}  // namespace Variables
+}  // namespace ModSecurity

src/variables/time_min.h

@@ -0,0 +1,43 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <vector>
+#include <string>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_TIME_MIN_H_
+#define SRC_VARIABLES_TIME_MIN_H_
+
+#include "src/variable.h"
+
+namespace ModSecurity {
+
+class Assay;
+namespace Variables {
+
+class TimeMin : public Variable {
+ public:
+    explicit TimeMin(std::string _name)
+        : Variable(_name) { }
+
+    std::list<std::pair<std::string, std::string>>
+        evaluate(Assay *assay) override;
+};
+
+}  // namespace Variables
+}  // namespace ModSecurity
+
+#endif  // SRC_VARIABLES_TIME_MIN_H_

src/variables/time_mon.cc

@@ -0,0 +1,61 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "variables/time_mon.h"
+
+#include <time.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#include "modsecurity/assay.h"
+
+namespace ModSecurity {
+namespace Variables {
+
+std::list<std::pair<std::string, std::string>>
+    TimeMon::evaluate(Assay *assay) {
+    std::list<std::pair<std::string, std::string>> resl;
+    std::pair<std::string, std::string> pair;
+    char tstr[200];
+    struct tm timeinfo;
+    time_t timer;
+
+    time(&timer);
+    memset(tstr, '\0', 200);
+
+    localtime_r(&timer, &timeinfo);
+    strftime(tstr, 200, "%m", &timeinfo);
+    int a = atoi(tstr);
+    a--;
+
+    pair = std::make_pair(std::string("TIME_MON"),
+       std::to_string(a));
+    resl.push_back(pair);
+
+    return resl;
+}
+
+
+}  // namespace Variables
+}  // namespace ModSecurity

src/variables/time_mon.h

@@ -0,0 +1,43 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <vector>
+#include <string>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_TIME_MON_H_
+#define SRC_VARIABLES_TIME_MON_H_
+
+#include "src/variable.h"
+
+namespace ModSecurity {
+
+class Assay;
+namespace Variables {
+
+class TimeMon : public Variable {
+ public:
+    explicit TimeMon(std::string _name)
+        : Variable(_name) { }
+
+    std::list<std::pair<std::string, std::string>>
+        evaluate(Assay *assay) override;
+};
+
+}  // namespace Variables
+}  // namespace ModSecurity
+
+#endif  // SRC_VARIABLES_TIME_MON_H_

src/variables/time_sec.cc

@@ -0,0 +1,59 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "variables/time_sec.h"
+
+#include <time.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#include "modsecurity/assay.h"
+
+namespace ModSecurity {
+namespace Variables {
+
+std::list<std::pair<std::string, std::string>>
+    TimeSec::evaluate(Assay *assay) {
+    std::list<std::pair<std::string, std::string>> resl;
+    std::pair<std::string, std::string> pair;
+    char tstr[200];
+    struct tm timeinfo;
+    time_t timer;
+
+    time(&timer);
+    memset(tstr, '\0', 200);
+
+    localtime_r(&timer, &timeinfo);
+    strftime(tstr, 200, "%S", &timeinfo);
+
+    pair = std::make_pair(std::string("TIME_SEC"),
+       std::string(tstr));
+    resl.push_back(pair);
+
+    return resl;
+}
+
+
+}  // namespace Variables
+}  // namespace ModSecurity

src/variables/time_sec.h

@@ -0,0 +1,43 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <vector>
+#include <string>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_TIME_SEC_H_
+#define SRC_VARIABLES_TIME_SEC_H_
+
+#include "src/variable.h"
+
+namespace ModSecurity {
+
+class Assay;
+namespace Variables {
+
+class TimeSec : public Variable {
+ public:
+    explicit TimeSec(std::string _name)
+        : Variable(_name) { }
+
+    std::list<std::pair<std::string, std::string>>
+        evaluate(Assay *assay) override;
+};
+
+}  // namespace Variables
+}  // namespace ModSecurity
+
+#endif  // SRC_VARIABLES_TIME_SEC_H_

src/variables/time_wday.cc

@@ -0,0 +1,61 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "variables/time_wday.h"
+
+#include <time.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#include "modsecurity/assay.h"
+
+namespace ModSecurity {
+namespace Variables {
+
+std::list<std::pair<std::string, std::string>>
+    TimeWDay::evaluate(Assay *assay) {
+    std::list<std::pair<std::string, std::string>> resl;
+    std::pair<std::string, std::string> pair;
+    char tstr[200];
+    struct tm timeinfo;
+    time_t timer;
+
+    time(&timer);
+    memset(tstr, '\0', 200);
+
+    localtime_r(&timer, &timeinfo);
+    strftime(tstr, 200, "%u", &timeinfo);
+    int a = atoi(tstr);
+    a--;
+
+    pair = std::make_pair(std::string("TIME_WDAY"),
+       std::to_string(a));
+    resl.push_back(pair);
+
+    return resl;
+}
+
+
+}  // namespace Variables
+}  // namespace ModSecurity

src/variables/time_wday.h

@@ -0,0 +1,43 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <vector>
+#include <string>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_TIME_WDAY_H_
+#define SRC_VARIABLES_TIME_WDAY_H_
+
+#include "src/variable.h"
+
+namespace ModSecurity {
+
+class Assay;
+namespace Variables {
+
+class TimeWDay : public Variable {
+ public:
+    explicit TimeWDay(std::string _name)
+        : Variable(_name) { }
+
+    std::list<std::pair<std::string, std::string>>
+        evaluate(Assay *assay) override;
+};
+
+}  // namespace Variables
+}  // namespace ModSecurity
+
+#endif  // SRC_VARIABLES_TIME_WDAY_H_

src/variables/time_year.cc

@@ -0,0 +1,59 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "variables/time_year.h"
+
+#include <time.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#include "modsecurity/assay.h"
+
+namespace ModSecurity {
+namespace Variables {
+
+std::list<std::pair<std::string, std::string>>
+    TimeYear::evaluate(Assay *assay) {
+    std::list<std::pair<std::string, std::string>> resl;
+    std::pair<std::string, std::string> pair;
+    char tstr[200];
+    struct tm timeinfo;
+    time_t timer;
+
+    time(&timer);
+    memset(tstr, '\0', 200);
+
+    localtime_r(&timer, &timeinfo);
+    strftime(tstr, 200, "%Y", &timeinfo);
+
+    pair = std::make_pair(std::string("TIME_YEAR"),
+       std::string(tstr));
+    resl.push_back(pair);
+
+    return resl;
+}
+
+
+}  // namespace Variables
+}  // namespace ModSecurity

src/variables/time_year.h

@@ -0,0 +1,43 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <vector>
+#include <string>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_TIME_YEAR_H_
+#define SRC_VARIABLES_TIME_YEAR_H_
+
+#include "src/variable.h"
+
+namespace ModSecurity {
+
+class Assay;
+namespace Variables {
+
+class TimeYear : public Variable {
+ public:
+    explicit TimeYear(std::string _name)
+        : Variable(_name) { }
+
+    std::list<std::pair<std::string, std::string>>
+        evaluate(Assay *assay) override;
+};
+
+}  // namespace Variables
+}  // namespace ModSecurity
+
+#endif  // SRC_VARIABLES_TIME_YEAR_H_

test/test-cases/regression/variable-TIME.json

@@ -0,0 +1,45 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Variables :: TIME",
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{
+      "ip":"200.249.12.11",
+      "port":80
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "Content-Length":"27",
+        "Content-Type":"application/x-www-form-urlencoded"
+      },
+      "uri":"/one/two/three?key1=value1&key2=v%20a%20l%20u%20e%202",
+      "protocol":"GET"
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[
+        "no need."
+      ]
+    },
+    "expected":{
+      "debug_log":"Target value: \"([0-9]+):([0-9]+):([0-9]+)\" \\(Variable: TIME\\)"
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecDebugLog \/tmp\/modsec_debug.log",
+      "SecDebugLogLevel 9",
+      "SecRule TIME \"@contains test \" \"phase:3,pass,t:trim\""
+    ]
+  }
+]

test/test-cases/regression/variable-TIME_DAY.json

@@ -0,0 +1,45 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Variables :: TIME_DAY",
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{
+      "ip":"200.249.12.11",
+      "port":80
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "Content-Length":"27",
+        "Content-Type":"application/x-www-form-urlencoded"
+      },
+      "uri":"/one/two/three?key1=value1&key2=v%20a%20l%20u%20e%202",
+      "protocol":"GET"
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[
+        "no need."
+      ]
+    },
+    "expected":{
+      "debug_log":"Target value: \"([0-9]+)\" \\(Variable: TIME_DAY\\)"
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecDebugLog \/tmp\/modsec_debug.log",
+      "SecDebugLogLevel 9",
+      "SecRule TIME_DAY \"@contains test \" \"phase:3,pass,t:trim\""
+    ]
+  }
+]

test/test-cases/regression/variable-TIME_EPOCH.json

@@ -0,0 +1,45 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Variables :: TIME_EPOCH",
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{
+      "ip":"200.249.12.11",
+      "port":80
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "Content-Length":"27",
+        "Content-Type":"application/x-www-form-urlencoded"
+      },
+      "uri":"/one/two/three?key1=value1&key2=v%20a%20l%20u%20e%202",
+      "protocol":"GET"
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[
+        "no need."
+      ]
+    },
+    "expected":{
+      "debug_log":"Target value: \"([0-9]+)\" \\(Variable: TIME_EPOCH\\)"
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecDebugLog \/tmp\/modsec_debug.log",
+      "SecDebugLogLevel 9",
+      "SecRule TIME_EPOCH \"@contains test \" \"phase:3,pass,t:trim\""
+    ]
+  }
+]

test/test-cases/regression/variable-TIME_HOUR.json

@@ -0,0 +1,45 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Variables :: TIME_HOUR",
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{
+      "ip":"200.249.12.11",
+      "port":80
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "Content-Length":"27",
+        "Content-Type":"application/x-www-form-urlencoded"
+      },
+      "uri":"/one/two/three?key1=value1&key2=v%20a%20l%20u%20e%202",
+      "protocol":"GET"
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[
+        "no need."
+      ]
+    },
+    "expected":{
+      "debug_log":"Target value: \"([0-9]+)\" \\(Variable: TIME_HOUR\\)"
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecDebugLog \/tmp\/modsec_debug.log",
+      "SecDebugLogLevel 9",
+      "SecRule TIME_HOUR \"@contains test \" \"phase:3,pass,t:trim\""
+    ]
+  }
+]

test/test-cases/regression/variable-TIME_MIN.json

@@ -0,0 +1,45 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Variables :: TIME_MIN",
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{
+      "ip":"200.249.12.11",
+      "port":80
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "Content-Length":"27",
+        "Content-Type":"application/x-www-form-urlencoded"
+      },
+      "uri":"/one/two/three?key1=value1&key2=v%20a%20l%20u%20e%202",
+      "protocol":"GET"
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[
+        "no need."
+      ]
+    },
+    "expected":{
+      "debug_log":"Target value: \"([0-9]+)\" \\(Variable: TIME_MIN\\)"
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecDebugLog \/tmp\/modsec_debug.log",
+      "SecDebugLogLevel 9",
+      "SecRule TIME_MIN \"@contains test \" \"phase:3,pass,t:trim\""
+    ]
+  }
+]

test/test-cases/regression/variable-TIME_MON.json

@@ -0,0 +1,45 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Variables :: TIME_MON",
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{
+      "ip":"200.249.12.11",
+      "port":80
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "Content-Length":"27",
+        "Content-Type":"application/x-www-form-urlencoded"
+      },
+      "uri":"/one/two/three?key1=value1&key2=v%20a%20l%20u%20e%202",
+      "protocol":"GET"
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[
+        "no need."
+      ]
+    },
+    "expected":{
+      "debug_log":"Target value: \"([0-9]+)\" \\(Variable: TIME_MON\\)"
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecDebugLog \/tmp\/modsec_debug.log",
+      "SecDebugLogLevel 9",
+      "SecRule TIME_MON \"@contains test \" \"phase:3,pass,t:trim\""
+    ]
+  }
+]

test/test-cases/regression/variable-TIME_SEC.json

@@ -0,0 +1,45 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Variables :: TIME_SEC",
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{
+      "ip":"200.249.12.11",
+      "port":80
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "Content-Length":"27",
+        "Content-Type":"application/x-www-form-urlencoded"
+      },
+      "uri":"/one/two/three?key1=value1&key2=v%20a%20l%20u%20e%202",
+      "protocol":"GET"
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[
+        "no need."
+      ]
+    },
+    "expected":{
+      "debug_log":"Target value: \"([0-9]+)\" \\(Variable: TIME_SEC\\)"
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecDebugLog \/tmp\/modsec_debug.log",
+      "SecDebugLogLevel 9",
+      "SecRule TIME_SEC \"@contains test \" \"phase:3,pass,t:trim\""
+    ]
+  }
+]

test/test-cases/regression/variable-TIME_WDAY.json

@@ -0,0 +1,45 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Variables :: TIME_WDAY",
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{
+      "ip":"200.249.12.11",
+      "port":80
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "Content-Length":"27",
+        "Content-Type":"application/x-www-form-urlencoded"
+      },
+      "uri":"/one/two/three?key1=value1&key2=v%20a%20l%20u%20e%202",
+      "protocol":"GET"
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[
+        "no need."
+      ]
+    },
+    "expected":{
+      "debug_log":"Target value: \"([0-9]+)\" \\(Variable: TIME_WDAY\\)"
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecDebugLog \/tmp\/modsec_debug.log",
+      "SecDebugLogLevel 9",
+      "SecRule TIME_WDAY \"@contains test \" \"phase:3,pass,t:trim\""
+    ]
+  }
+]

test/test-cases/regression/variable-TIME_YEAR.json

@@ -0,0 +1,45 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Variables :: TIME_YEAR",
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{
+      "ip":"200.249.12.11",
+      "port":80
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "Content-Length":"27",
+        "Content-Type":"application/x-www-form-urlencoded"
+      },
+      "uri":"/one/two/three?key1=value1&key2=v%20a%20l%20u%20e%202",
+      "protocol":"GET"
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[
+        "no need."
+      ]
+    },
+    "expected":{
+      "debug_log":"Target value: \"([0-9]+)\" \\(Variable: TIME_YEAR\\)"
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecDebugLog \/tmp\/modsec_debug.log",
+      "SecDebugLogLevel 9",
+      "SecRule TIME_YEAR \"@contains test \" \"phase:3,pass,t:trim\""
+    ]
+  }
+]