github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

Rename TX_SEVERITY to HIGHEST_SEVERITY, fix and document.

Browse Source
This commit is contained in:
brectanus 2007-08-09 14:32:02 +00:00
parent b71687c7f7
commit 9cfdd8f0d2
5 changed files with 43 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apache2/modsecurity.c
View File

@ -299,7 +299,7 @@ apr_status_t modsecurity_tx_init(modsec_rec *msr) {
msr->tcache = apr_hash_make(msr->mp); msr->tcache = apr_hash_make(msr->mp);
if (msr->tcache == NULL) return -1; if (msr->tcache == NULL) return -1;
msr->tx_severity = 7; /* lowest */ msr->highest_severity = 255; /* high, invalid value */
return 1; return 1;
} }

2
apache2/modsecurity.h
View File

@ -320,7 +320,7 @@ struct modsec_rec {
apr_time_t time_checkpoint_3; apr_time_t time_checkpoint_3;
const char *matched_var; const char *matched_var;
int tx_severity; int highest_severity;
/* upload */ /* upload */
int upload_extract_files; int upload_extract_files;

5
apache2/re.c
View File

@ -1254,8 +1254,9 @@ static int execute_operator(msre_var *var, msre_rule *rule, modsec_rec *msr,
msr->matched_var = apr_pstrdup(msr->mp, var->name); msr->matched_var = apr_pstrdup(msr->mp, var->name);
/* Keep track of the highest severity matched so far */ /* Keep track of the highest severity matched so far */
if (acting_actionset->severity < msr->tx_severity) { if ((acting_actionset->severity > 0) && (acting_actionset->severity < msr->highest_severity))
msr->tx_severity = acting_actionset->severity; {
msr->highest_severity = acting_actionset->severity;
} }

39
apache2/re_variables.c
View File

@ -734,14 +734,6 @@ static int var_tx_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
return count; return count;
} }
/* TX_SEVERITY */
static int var_tx_severity_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
apr_table_t *vartab, apr_pool_t *mptmp)
{
return var_simple_generate(var, vartab, mptmp, apr_psprintf(mptmp, "%i", msr->tx_severity));
}
/* GEO */ /* GEO */
static int var_geo_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, static int var_geo_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
@ -786,6 +778,15 @@ static int var_geo_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
return count; return count;
} }
/* HIGHEST_SEVERITY */
static int var_highest_severity_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
apr_table_t *vartab, apr_pool_t *mptmp)
{
return var_simple_generate(var, vartab, mptmp,
apr_psprintf(mptmp, "%d", msr->highest_severity));
}
/* IP */ /* IP */
static int var_ip_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, static int var_ip_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
@ -2203,6 +2204,17 @@ void msre_engine_register_default_variables(msre_engine *engine) {
PHASE_REQUEST_HEADERS PHASE_REQUEST_HEADERS
); );
/* HIGHEST_SEVERITY */
msre_engine_variable_register(engine,
"HIGHEST_SEVERITY",
VAR_SIMPLE,
0, 0,
NULL,
var_highest_severity_generate,
VAR_DONT_CACHE,
PHASE_REQUEST_HEADERS
);
/* IP */ /* IP */
msre_engine_variable_register(engine, msre_engine_variable_register(engine,
"IP", "IP",
@ -2896,17 +2908,6 @@ void msre_engine_register_default_variables(msre_engine *engine) {
PHASE_REQUEST_HEADERS PHASE_REQUEST_HEADERS
); );
/* TX_SEVERITY */
msre_engine_variable_register(engine,
"TX_SEVERITY",
VAR_SIMPLE,
0, 0,
NULL,
var_tx_severity_generate,
VAR_DONT_CACHE,
PHASE_REQUEST_HEADERS
);
/* WEBAPPID */ /* WEBAPPID */
msre_engine_variable_register(engine, msre_engine_variable_register(engine,
"WEBAPPID", "WEBAPPID",

19
doc/modsecurity2-apache-reference.xml
View File

@ -3,7 +3,7 @@
<title>ModSecurity Reference Manual</title> <title>ModSecurity Reference Manual</title>
<articleinfo> <articleinfo>
<releaseinfo>Version 2.5.0-trunk / (Aug 8, 2007)</releaseinfo> <releaseinfo>Version 2.5.0-trunk / (Aug 9, 2007)</releaseinfo>
<copyright> <copyright>
<year>2004-2007</year> <year>2004-2007</year>
@ -2224,6 +2224,23 @@ SecRule <emphasis role="bold">ENV:tag</emphasis> "suspicious"</programlisting>
SecRule GEO:COUNTRY_CODE "!@streq UK"</programlisting> SecRule GEO:COUNTRY_CODE "!@streq UK"</programlisting>
</section> </section>
<section>
<title><literal moreinfo="none">HIGHEST_SEVERITY</literal></title>
<para>This variable holds the highest severity of any rules that have
matched so far. Severities are numeric values and thus can be used with
comparison operators such as <literal moreinfo="none">@lt</literal>,
etc.</para>
<note>
<para>Higher severities have a lower numeric value.</para>
<para>A value of 255 indicates no severity has been set.</para>
</note>
<programlisting format="linespecific">SecRule HIGHEST_SEVERITY "@le 2" "phase:2,deny,status:500,msg:'severity %{HIGHEST_SEVERITY}'"</programlisting>
</section>
<section> <section>
<title><literal moreinfo="none">MODSEC_BUILD</literal></title> <title><literal moreinfo="none">MODSEC_BUILD</literal></title>