Adds support to the `skip' action

2025-09-29 11:16:33 +03:00 · 2016-06-30 10:34:55 -03:00
parent f00e625c8e
commit b0f69b1262
7 changed files with 224 additions and 11 deletions
--- a/test/test-cases/regression/action-skip.json
+++ b/test/test-cases/regression/action-skip.json
@@ -0,0 +1,107 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing skip action 1/3",
+    "expected":{
+      "debug_log": "\\[9\\] Skipped rule id \\'2\\' due to \\`skip\\' action."
+    },
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "User-Agent":"My sweet little browser",
+        "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
+      },
+      "uri":"/?key=value&key=other_value",
+      "method":"GET"
+    },
+    "server":{
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecDebugLog \/tmp\/modsec_debug.log",
+      "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'1',phase:1,skip:1\"",
+      "SecRule REQUEST_HEADERS \"should be skipped\" \"id:'2',phase:1,setvar:SESSION.score=+10\"",
+      "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'3',phase:1,t:none,nolog,pass\"",
+      "SecRule REQUEST_HEADERS \".*\" \"id:'4',phase:1,setvar:SESSION.score=+5\""
+    ]
+  },
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing skip action 2/3",
+    "expected":{
+      "parser_error": "Rules error. File: action-skip.json. Line: 3. Column: 61. invalid character s"
+    },
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "User-Agent":"My sweet little browser",
+        "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
+      },
+      "uri":"/?key=value&key=other_value",
+      "method":"GET"
+    },
+    "server":{
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecDebugLog \/tmp\/modsec_debug.log",
+      "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'1',phase:1,skip:abc\"",
+      "SecRule REQUEST_HEADERS \"should be skipped\" \"id:'2',phase:1,setvar:SESSION.score=+10\"",
+      "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'3',phase:1,t:none,nolog,pass\"",
+      "SecRule REQUEST_HEADERS \".*\" \"id:'4',phase:1,setvar:SESSION.score=+5\""
+    ]
+  },
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing skip action 3/3",
+    "expected":{
+      "debug_log": "\\[9\\] Skipped rule id \\'3\\' due to \\`skip\\' action."
+    },
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "User-Agent":"My sweet little browser",
+        "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
+      },
+      "uri":"/?key=value&key=other_value",
+      "method":"GET"
+    },
+    "server":{
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecDebugLog \/tmp\/modsec_debug.log",
+      "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'1',phase:1,skip:2\"",
+      "SecRule REQUEST_HEADERS \"should be skipped\" \"id:'2',phase:1,setvar:SESSION.score=+10\"",
+      "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'3',phase:1,t:none,nolog,pass\"",
+      "SecRule REQUEST_HEADERS \".*\" \"id:'4',phase:1,setvar:SESSION.score=+5\""
+    ]
+  }
+]