diff --git a/Makefile.am b/Makefile.am index b23541dc..e8a092d9 100644 --- a/Makefile.am +++ b/Makefile.am @@ -288,4 +288,5 @@ TESTS+=test/test-cases/regression/operator-fuzzyhash.json TESTS+=test/test-cases/regression/collection-resource.json TESTS+=test/test-cases/regression/operator-inpectFile.json TESTS+=test/test-cases/regression/action-exec.json +TESTS+=test/test-cases/regression/directive-sec_rule_script.json diff --git a/test/test-cases/regression/directive-sec_rule_script.json b/test/test-cases/regression/directive-sec_rule_script.json new file mode 100644 index 00000000..b8eb9047 --- /dev/null +++ b/test/test-cases/regression/directive-sec_rule_script.json @@ -0,0 +1,201 @@ +[ + { + "enabled":1, + "version_min":300000, + "version_max":0, + "resource":"lua", + "title":"Testing action :: SecRuleScript (1/4)", + "client":{ + "ip":"200.249.12.31", + "port":2313 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", + "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept-Language":"en-us,en;q=0.5", + "Accept-Encoding":"gzip,deflate", + "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive":"300", + "Connection":"keep-alive", + "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma":"no-cache", + "Cache-Control":"no-cache" + }, + "uri":"\/test.pl?param1= test ¶m2=test2", + "method":"GET", + "http_version":1.1, + "body":"" + }, + "response":{ + "headers":{ + "Content-Type":"text\/xml; charset=utf-8\n\r", + "Content-Length":"length\n\r" + } + }, + "expected":{ + "audit_log":"", + "debug_log":"", + "error_log":"", + "parser_error":"Failed to load script: Failed to compile script 'test-cases/data/match" + }, + "rules":[ + "SecRuleEngine On", + "SecRuleScript test-cases/data/match-ops.lua \"id:1,t:lowercase,t:none\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "version_max":0, + "resource":"lua", + "title":"Testing action :: SecRuleScript (2/4)", + "client":{ + "ip":"200.249.12.31", + "port":2313 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", + "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept-Language":"en-us,en;q=0.5", + "Accept-Encoding":"gzip,deflate", + "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive":"300", + "Connection":"keep-alive", + "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma":"no-cache", + "Cache-Control":"no-cache" + }, + "uri":"\/test.pl?param1= test ¶m2=test2", + "method":"GET", + "http_version":1.1, + "body":"" + }, + "response":{ + "headers":{ + "Content-Type":"text\/xml; charset=utf-8\n\r", + "Content-Length":"length\n\r" + } + }, + "expected":{ + "audit_log":"", + "debug_log":"", + "error_log":"", + "parser_error":"Failed to load script: Failed to compile script " + }, + "rules":[ + "SecRuleEngine On", + "SecRuleScript /bin/echo \"id:1,t:lowercase,t:none\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "version_max":0, + "resource":"lua", + "title":"Testing action :: SecRuleScript (3/4)", + "client":{ + "ip":"200.249.12.31", + "port":2313 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", + "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept-Language":"en-us,en;q=0.5", + "Accept-Encoding":"gzip,deflate", + "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive":"300", + "Connection":"keep-alive", + "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma":"no-cache", + "Cache-Control":"no-cache" + }, + "uri":"\/test.pl?param1= test ¶m2=test2", + "method":"GET", + "http_version":1.1, + "body":"" + }, + "response":{ + "headers":{ + "Content-Type":"text\/xml; charset=utf-8\n\r", + "Content-Length":"length\n\r" + } + }, + "expected":{ + "audit_log":"", + "debug_log":"echo 123", + "error_log":"", + "parser_error":"", + "http_code": 404 + }, + "rules":[ + "SecRuleEngine On", + "SecRuleScript test-cases/data/match-log.lua \"id:1,t:lowercase,t:none,status:404,deny\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "version_max":0, + "resource":"lua", + "title":"Testing action :: SecRuleScript (4/4)", + "client":{ + "ip":"200.249.12.31", + "port":2313 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", + "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept-Language":"en-us,en;q=0.5", + "Accept-Encoding":"gzip,deflate", + "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive":"300", + "Connection":"keep-alive", + "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma":"no-cache", + "Cache-Control":"no-cache" + }, + "uri":"\/test.pl?param1= test ¶m2=test2", + "method":"GET", + "http_version":1.1, + "body":"" + }, + "response":{ + "headers":{ + "Content-Type":"text\/xml; charset=utf-8\n\r", + "Content-Length":"length\n\r" + } + }, + "expected":{ + "audit_log":"", + "debug_log":"Running \\(disruptive\\) action: deny", + "error_log":"", + "parser_error":"", + "http_code": 404 + }, + "rules":[ + "SecRuleEngine On", + "SecRuleScript test-cases/data/match.lua \"id:1,t:lowercase,t:none,status:404,deny\"" + ] + } +] +