github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 19:47:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

Uses an enumeration to determine the state of the SecRuleEngine

Browse Source
This commit is contained in:
Felipe Zimmerle
2015-07-09 16:10:32 -03:00
parent cb8d6249a8
commit 75a9cfa273
4 changed files with 43 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
headers/modsecurity/rules.h
View File

@@ -74,7 +74,43 @@ class Rules {
std::vector<Rule *> rules[7]; // Number of Phases. std::vector<Rule *> rules[7]; // Number of Phases.
int sec_rule_engine; /**
*
* The RuleEngine enumerator consists in mapping the different states
* of the rule engine.
*
*/
enum RuleEngine {
/**
* Rules won't be evaluated if Rule Engine is set to DisabledRuleEngine
*
*/
DisabledRuleEngine,
/**
* Rules will be evaluated and disturb actions will take place if needed.
*
*/
EnabledRuleEngine,
/**
* Rules will be evaluated but it won't generate any disruptive action.
*
*/
DetectionOnlyRuleEngine
};
static const char *ruleEngineStateString(RuleEngine i) {
switch (i) {
case DisabledRuleEngine:
return "Disabled";
case EnabledRuleEngine:
return "Enabled";
case DetectionOnlyRuleEngine:
return "DetectionOnly";
}
return NULL;
}
RuleEngine secRuleEngine;
int sec_audit_type; int sec_audit_type;
bool sec_audit_engine; bool sec_audit_engine;
bool sec_request_body_access; bool sec_request_body_access;

2
src/parser/driver.h
View File

@@ -81,7 +81,7 @@ class Driver {
std::vector<Rule *> rules[7]; // Number of Phases. std::vector<Rule *> rules[7]; // Number of Phases.
int sec_rule_engine; ModSecurity::Rules::RuleEngine secRuleEngine;
int sec_audit_type; int sec_audit_type;
bool sec_audit_engine; bool sec_audit_engine;
bool sec_request_body_access; bool sec_request_body_access;

6
src/parser/seclang-parser.yy
View File

@@ -186,15 +186,15 @@ expression:
} }
| CONFIG_DIR_RULE_ENG SPACE CONFIG_VALUE_OFF | CONFIG_DIR_RULE_ENG SPACE CONFIG_VALUE_OFF
{ {
driver.sec_rule_engine = 0; driver.secRuleEngine = ModSecurity::Rules::DisabledRuleEngine;
} }
| CONFIG_DIR_RULE_ENG SPACE CONFIG_VALUE_ON | CONFIG_DIR_RULE_ENG SPACE CONFIG_VALUE_ON
{ {
driver.sec_rule_engine = 1; driver.secRuleEngine = ModSecurity::Rules::EnabledRuleEngine;
} }
| CONFIG_DIR_RULE_ENG SPACE CONFIG_VALUE_DETC | CONFIG_DIR_RULE_ENG SPACE CONFIG_VALUE_DETC
{ {
driver.sec_rule_engine = 2; driver.secRuleEngine = ModSecurity::Rules::DetectionOnlyRuleEngine;
} }
| CONFIG_DIR_REQ_BODY SPACE CONFIG_VALUE_ON | CONFIG_DIR_REQ_BODY SPACE CONFIG_VALUE_ON
{ {

4
src/rules.cc
View File

@@ -154,7 +154,7 @@ int Rules::merge(Driver *from) {
} }
} }
this->sec_rule_engine = from->sec_rule_engine; this->secRuleEngine = from->secRuleEngine;
this->sec_audit_type = from->sec_audit_type; this->sec_audit_type = from->sec_audit_type;
this->sec_audit_engine = from->sec_audit_engine; this->sec_audit_engine = from->sec_audit_engine;
this->sec_request_body_access = from->sec_request_body_access; this->sec_request_body_access = from->sec_request_body_access;
@@ -189,7 +189,7 @@ int Rules::merge(Rules *from) {
} }
} }
this->sec_rule_engine = from->sec_rule_engine; this->secRuleEngine = from->secRuleEngine;
this->sec_audit_type = from->sec_audit_type; this->sec_audit_type = from->sec_audit_type;
this->sec_audit_engine = from->sec_audit_engine; this->sec_audit_engine = from->sec_audit_engine;
this->sec_request_body_access = from->sec_request_body_access; this->sec_request_body_access = from->sec_request_body_access;