github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds full support to UpdateActionById.

Browse Source 
Issue #1800
This commit is contained in:
Felipe Zimmerle
2018-10-04 01:06:28 -03:00
parent 3e8e28da48
commit 85ecd190d9
17 changed files with 963 additions and 719 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
test/test-cases/regression/action-disruptive.json
View File

@@ -32,7 +32,6 @@
"version_min":300000,
"title":"Testing Disruptive actions (3/n)",
"expected":{
"debug_log": "Running .disruptive. action: block",
"http_code":404
},
"rules":[

227
test/test-cases/regression/config-update-action-by-id.json Normal file
View File

@@ -0,0 +1,227 @@
[
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateActionById (1/n)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"application/lhebs",
"Expect":"100-continue"
},
"uri":"/a=urlencoded?param1=value1",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code": 200,
"debug_log": "Skipped rule id '200005'"
},
"rules":[
"SecRuleEngine On",
"SecRuleUpdateActionById 200004 \"allow\"",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\"",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateActionById (2/n)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"application/lhebs",
"Expect":"100-continue"
},
"uri":"/a=urlencoded?param1=value1",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code": 403
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateActionById (3/n)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"application/lhebs",
"Expect":"100-continue"
},
"uri":"/a=urlencoded?param1=value1",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code": 200,
"debug_log": "Running action: log"
},
"rules":[
"SecRuleEngine On",
"SecRuleUpdateActionById 200004 \"pass\"",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\"",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateActionById (4/n)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"application/lhebs",
"Expect":"100-continue"
},
"uri":"/a=urlencoded?param1=value1",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code": 200,
"debug_log": "Running action: log"
},
"rules":[
"SecRuleEngine On",
"SecRuleUpdateActionById 200004 \"pass\"",
"SecDefaultAction \"phase:3,deny\"",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200004,block\"",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateActionById (5/n)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"application/lhebs",
"Expect":"100-continue"
},
"uri":"/a=urlencoded?param1=value1",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code": 200,
"debug_log": "Dropping the evaluation of upcoming rules in favor of"
},
"rules":[
"SecRuleEngine On",
"SecRuleUpdateActionById 200004 \"allow\"",
"SecDefaultAction \"phase:3,deny\"",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200004,block\"",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\""
]
}
]

8
test/test-cases/regression/issue-960.json
View File

@@ -69,8 +69,8 @@
},
"expected": {
"audit_log": "",
"debug_log": "\\(Rule: 960032\\) .* Rule returned 1.",
"error_log": ""
"error_log": "",
"http_code": 418
},
"rules": [
"SecDefaultAction \"phase:1,log,deny,status:418,tag:'Host: %{request_headers.host}'\"",
@@ -109,8 +109,8 @@
},
"expected": {
"audit_log": "",
"debug_log": "\\(Rule: 960032\\) .* Rule returned 1.",
"error_log": ""
"error_log": "",
"http_code": 418
},
"rules": [
"SecDefaultAction \"phase:1,log,deny,status:418,tag:'Host: %{request_headers.host}'\"",

3
test/test-cases/regression/secruleengine.json
View File

@@ -34,8 +34,7 @@
"version_min":300000,
"title":"Testing Disruptive actions (3/n)",
"expected":{
"debug_log": "Not running disruptive action: block. SecRuleEngine is not On",
"http_code":200
"http_code":404
},
"rules":[
"SecRuleEngine On",