Fix the `log' action and the webserver error callback

headers/modsecurity/rule.h

@@ -104,6 +104,7 @@ class RuleMessage {
         m_ver(rule->m_ver),
         m_maturity(rule->m_maturity),
         m_rule(rule),
+        m_saveMessage(false),
         m_match(std::string(""))
     { }
 
@@ -119,9 +120,43 @@ class RuleMessage {
         m_ver(rule->m_ver),
         m_maturity(rule->m_maturity),
         m_rule(rule),
+        m_saveMessage(false),
         m_match(std::string(""))
     { }
 
+
+    std::string errorLog(Transaction *trans) {
+        std::string msg;
+
+        msg.append("[client " + std::string(trans->m_clientIpAddress) + "]");
+        msg.append(" ModSecurity: Warning.");
+        msg.append(" Matched \"" + m_match + "\"");
+        if (trans->m_collections.resolveFirst("MATCHED_VAR_NAME")) {
+            msg.append(" at "
+                + *trans->m_collections.resolveFirst("MATCHED_VAR_NAME"));
+        }
+        msg.append(" [file \"" + std::string(m_ruleFile) + "\"]");
+        msg.append(" [line \"" + std::to_string(m_ruleLine) + "\"]");
+        msg.append(" [id \"" + std::to_string(m_ruleId) + "\"]");
+        msg.append(" [rev \"" + m_rev + "\"]");
+        msg.append(" [msg \"" + m_message + "\"]");
+        msg.append(" [data \"" + m_data + "\"]");
+        msg.append(" [severity \"" +
+            std::to_string(m_severity) + "\"]");
+        msg.append(" [ver \"" + m_ver + "\"]");
+        msg.append(" [maturity \"" + std::to_string(m_maturity) + "\"]");
+        msg.append(" [accuracy \"" + std::to_string(m_accuracy) + "\"]");
+        for (auto &a : m_tags) {
+            msg.append(" [tag \"" + a + "\"]");
+        }
+        msg.append(" [hostname \"" + std::string(trans->m_serverIpAddress) \
+            + "\"]");
+        msg.append(" [uri \"" + std::string(trans->m_uri) + "\"]");
+        msg.append(" [unique_id \"" + trans->m_id + "\"]");
+
+        return msg;
+    }
+
     std::string m_match;
     std::string m_ruleFile;
     int m_ruleLine;
@@ -137,6 +172,7 @@ class RuleMessage {
     std::list<std::string> m_tags;
 
     Rule *m_rule;
+    bool m_saveMessage;
 };
 
 

src/Makefile.am

@@ -102,6 +102,7 @@ ACTIONS = \
 	actions/ctl_request_body_processor_xml.cc \
 	actions/init_col.cc \
 	actions/deny.cc \
+	actions/log.cc \
 	actions/log_data.cc \
 	actions/maturity.cc \
 	actions/msg.cc \

src/actions/action.cc

@@ -31,6 +31,7 @@
 #include "actions/severity.h"
 #include "actions/capture.h"
 #include "actions/pass.h"
+#include "actions/log.h"
 
 
 
@@ -89,6 +90,9 @@ Action *Action::instantiate(const std::string& name) {
     if (name == "deny") {
         return new Deny(name);
     }
+    if (name == "log") {
+        return new Log(name);
+    }
     return new Action(name);
 }
 

src/actions/log.cc

@@ -18,16 +18,19 @@
 #include <iostream>
 #include <string>
 
+#include "actions/action.h"
 #include "modsecurity/transaction.h"
+#include "src/utils.h"
+#include "operators/operator.h"
+
 
 namespace modsecurity {
 namespace actions {
 
 
-bool Log::evaluate(Rule *rule, Transaction *transaction) {
-    transaction->m_toBeSavedInAuditlogs = true;
-    /* FIXME: transaction->serverLog("Something...."); */
+bool Log::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
     transaction->debug(9, "Saving transaction to logs");
+    rm->m_saveMessage = true;
     return true;
 }
 

src/actions/log.h

@@ -32,7 +32,8 @@ class Log : public Action {
     explicit Log(std::string action)
         : Action(action, RunTimeOnlyIfMatchKind) { }
 
-    bool evaluate(Rule *rule, Transaction *transaction) override;
+    bool evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm)
+        override;
 };
 
 }  // namespace actions

src/rule.cc

@@ -282,6 +282,7 @@ bool Rule::evaluate(Transaction *trasn) {
     }
 
     ruleMessage = new modsecurity::RuleMessage(this, m_log_message);
+
 #ifndef NO_LOGS
     std::string eparam = MacroExpansion::expand(this->op->param, trasn);
 
@@ -533,6 +534,10 @@ bool Rule::evaluate(Transaction *trasn) {
         }
     }
 
+    if (ruleMessage->m_saveMessage == true) {
+        trasn->serverLog(ruleMessage->errorLog(trasn));
+    }
+
     if ((!m_log_message.empty() || !m_log_data.empty())
         && !ruleMessage->m_match.empty()) {
         ruleMessage->m_data = m_log_data;