diff --git a/CHANGES b/CHANGES
index 391c6d48..fbfddec6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,10 @@
 v3.x.y - YYYY-MMM-DD (to be released)
 ------------------------------------- 
-
+ 
+  - IMPORTANT: SecDefaultAction behaves changing: SecDefaultAction specified
+    on a child configuration will overwrite the ones specified on the parent;
+    Previously it was concatenating.
+    [@zimmerle]
   - Using std::shared_ptr instead of generates its own references counters
     for Rules and related.
     [@zimmerle]
diff --git a/examples/reading_logs_via_rule_message/reading_logs_via_rule_message.h b/examples/reading_logs_via_rule_message/reading_logs_via_rule_message.h
index 4e369445..a6595aaa 100644
--- a/examples/reading_logs_via_rule_message/reading_logs_via_rule_message.h
+++ b/examples/reading_logs_via_rule_message/reading_logs_via_rule_message.h
@@ -176,21 +176,22 @@ class ReadingLogsViaRuleMessage {
             return;
         }
 
-        const modsecurity::RuleMessage *ruleMessage = \
-            reinterpret_cast<const modsecurity::RuleMessage *>(ruleMessagev);
+        modsecurity::RuleMessage ruleMessage(
+            *reinterpret_cast<const modsecurity::RuleMessage *>(ruleMessagev));
 
-        std::cout << "Rule Id: " << std::to_string(ruleMessage->m_ruleId);
-        std::cout << " phase: " << std::to_string(ruleMessage->m_phase);
+
+        std::cout << "Rule Id: " << std::to_string(ruleMessage.getRuleId());
+        std::cout << " phase: " << std::to_string(ruleMessage.getPhase());
         std::cout << std::endl;
-        if (ruleMessage->m_isDisruptive) {
+        if (ruleMessage.isDisruptive()) {
             std::cout << " * Disruptive action: ";
-            std::cout << modsecurity::RuleMessage::log(ruleMessage);
+            std::cout << modsecurity::RuleMessage::log(&ruleMessage);
             std::cout << std::endl;
             std::cout << " ** %d is meant to be informed by the webserver.";
             std::cout << std::endl;
         } else {
             std::cout << " * Match, but no disruptive action: ";
-            std::cout << modsecurity::RuleMessage::log(ruleMessage);
+            std::cout << modsecurity::RuleMessage::log(&ruleMessage);
             std::cout << std::endl;
         }
     }
diff --git a/examples/using_bodies_in_chunks/simple_request.cc b/examples/using_bodies_in_chunks/simple_request.cc
index 853668bd..cca09010 100644
--- a/examples/using_bodies_in_chunks/simple_request.cc
+++ b/examples/using_bodies_in_chunks/simple_request.cc
@@ -69,21 +69,21 @@ static void logCb(void *data, const void *ruleMessagev) {
         return;
     }
 
-    const modsecurity::RuleMessage *ruleMessage = \
-        reinterpret_cast<const modsecurity::RuleMessage *>(ruleMessagev);
+    modsecurity::RuleMessage ruleMessage(
+        *reinterpret_cast<const modsecurity::RuleMessage *>(ruleMessagev));
 
-    std::cout << "Rule Id: " << std::to_string(ruleMessage->m_ruleId);
-    std::cout << " phase: " << std::to_string(ruleMessage->m_phase);
+    std::cout << "Rule Id: " << std::to_string(ruleMessage.getRuleId());
+    std::cout << " phase: " << std::to_string(ruleMessage.getPhase());
     std::cout << std::endl;
-    if (ruleMessage->m_isDisruptive) {
+    if (ruleMessage.isDisruptive()) {
         std::cout << " * Disruptive action: ";
-        std::cout << modsecurity::RuleMessage::log(ruleMessage);
+        std::cout << modsecurity::RuleMessage::log(&ruleMessage);
         std::cout << std::endl;
         std::cout << " ** %d is meant to be informed by the webserver.";
         std::cout << std::endl;
     } else {
         std::cout << " * Match, but no disruptive action: ";
-        std::cout << modsecurity::RuleMessage::log(ruleMessage);
+        std::cout << modsecurity::RuleMessage::log(&ruleMessage);
         std::cout << std::endl;
     }
 }
diff --git a/headers/modsecurity/actions/action.h b/headers/modsecurity/actions/action.h
index 4409660c..bd348aec 100644
--- a/headers/modsecurity/actions/action.h
+++ b/headers/modsecurity/actions/action.h
@@ -56,13 +56,20 @@ class Action {
             set_name_and_payload(_action);
         }
 
+    Action(const Action &a)
+        : m_isNone(a.m_isNone),
+        temporaryAction(a.temporaryAction),
+        action_kind(a.action_kind),
+        m_name(a.m_name),
+        m_parser_payload(a.m_parser_payload) { }
+
     virtual ~Action() { }
 
     virtual std::string evaluate(const std::string &exp,
         Transaction *transaction);
     virtual bool evaluate(RuleWithActions *rule, Transaction *transaction);
     virtual bool evaluate(RuleWithActions *rule, Transaction *transaction,
-        std::shared_ptr<RuleMessage> ruleMessage) {
+        RuleMessage &ruleMessage) {
         return evaluate(rule, transaction);
     }
     virtual bool init(std::string *error) { return true; }
diff --git a/headers/modsecurity/modsecurity.h b/headers/modsecurity/modsecurity.h
index 83cdfd7e..7eac444c 100644
--- a/headers/modsecurity/modsecurity.h
+++ b/headers/modsecurity/modsecurity.h
@@ -292,7 +292,7 @@ class ModSecurity {
      */
     void setServerLogCb(ModSecLogCb cb, int properties);
 
-    void serverLog(void *data, std::shared_ptr<RuleMessage> rm);
+    void serverLog(void *data, RuleMessage *rm);
 
     const std::string& getConnectorInformation() const;
 
diff --git a/headers/modsecurity/rule.h b/headers/modsecurity/rule.h
index a8426c61..b755d490 100644
--- a/headers/modsecurity/rule.h
+++ b/headers/modsecurity/rule.h
@@ -57,13 +57,17 @@ using TransformationResult = std::pair<std::shared_ptr<std::string>,
 using TransformationResults = std::list<TransformationResult>;
 
 using Transformation = actions::transformations::Transformation;
-using Transformations = std::vector<Transformation *>;
+using Transformations = std::vector<std::shared_ptr<Transformation> >;
+using TransformationsPtr = std::vector<Transformation *>;
 
 using Actions = std::vector<actions::Action *>;
 
-using Tags = std::vector<actions::Tag *>;
-using SetVars = std::vector<actions::SetVar *>;
-using MatchActions = std::vector<actions::Action *>;
+using Tags = std::vector<std::shared_ptr<actions::Tag> >;
+using TagsPtr = std::vector<actions::Tag *>;
+using SetVars = std::vector<std::shared_ptr<actions::SetVar> >;
+using SetVarsPtr = std::vector<actions::SetVar *>;
+using MatchActions = std::vector<std::shared_ptr<actions::Action > >;
+using MatchActionsPtr = std::vector<actions::Action *>;
 
 class Rule {
  public:
@@ -73,10 +77,14 @@ class Rule {
         m_phase(modsecurity::Phases::RequestHeadersPhase) {
         }
 
-    virtual bool evaluate(Transaction *transaction) = 0;
+    Rule(const Rule &r)
+        : m_fileName(r.m_fileName),
+        m_lineNumber(r.m_lineNumber),
+        m_phase(r.m_phase) {
 
-    virtual bool evaluate(Transaction *transaction,
-        std::shared_ptr<RuleMessage> rm) = 0;
+    }
+
+    virtual bool evaluate(Transaction *transaction) = 0;
 
     std::shared_ptr<std::string> getFileName() const {
         return m_fileName;
diff --git a/headers/modsecurity/rule_marker.h b/headers/modsecurity/rule_marker.h
index 06d5b499..7069f256 100644
--- a/headers/modsecurity/rule_marker.h
+++ b/headers/modsecurity/rule_marker.h
@@ -45,11 +45,6 @@ class RuleMarker : public Rule {
         m_name(std::make_shared<std::string>(name)) { }
 
 
-    virtual bool evaluate(Transaction *transaction,
-        std::shared_ptr<RuleMessage> rm) override {
-        return evaluate(transaction);
-    }
-
     virtual bool evaluate(Transaction *transaction) override {
         if (transaction->isInsideAMarker()) {
             if (*transaction->getCurrentMarker() == *m_name) {
diff --git a/headers/modsecurity/rule_message.h b/headers/modsecurity/rule_message.h
index b7f23060..71035117 100644
--- a/headers/modsecurity/rule_message.h
+++ b/headers/modsecurity/rule_message.h
@@ -42,67 +42,36 @@ class RuleMessage {
         ClientLogMessageInfo = 4
     };
 
-    /**
-     *
-     * FIXME: RuleMessage is currently too big, doing a lot of
-     * unnecessary data duplication. Needs to be shrink down.
-     *
-     */
-    RuleMessage(RuleWithActions *rule, Transaction *trans) :
-        m_accuracy(rule->m_accuracy),
-        m_clientIpAddress(trans->m_clientIpAddress),
-        m_data(""),
-        m_id(trans->m_id),
-        m_isDisruptive(false),
-        m_match(""),
-        m_maturity(rule->m_maturity),
-        m_message(""),
-        m_noAuditLog(false),
-        m_phase(rule->getPhase() - 1),
-        m_reference(""),
-        m_rev(rule->m_rev),
-        m_rule(rule),
-        m_ruleFile(rule->getFileName()),
-        m_ruleId(rule->m_ruleId),
-        m_ruleLine(rule->getLineNumber()),
-        m_saveMessage(true),
-        m_serverIpAddress(trans->m_serverIpAddress),
-        m_severity(0),
-        m_uriNoQueryStringDecoded(trans->m_uri_no_query_string_decoded),
-        m_ver(rule->m_ver)
+
+    explicit RuleMessage(const RuleMessage &ruleMessage) :
+        m_severity(ruleMessage.m_severity),
+        m_tags(),
+        m_data(ruleMessage.m_data),
+        m_match(ruleMessage.m_match),
+        m_message(ruleMessage.m_message),
+        m_reference(ruleMessage.m_reference),
+        m_transaction(ruleMessage.m_transaction),
+        m_rule(ruleMessage.m_rule)
     { }
 
-    explicit RuleMessage(RuleMessage *rule) :
-        m_accuracy(rule->m_accuracy),
-        m_clientIpAddress(rule->m_clientIpAddress),
-        m_data(rule->m_data),
-        m_id(rule->m_id),
-        m_isDisruptive(rule->m_isDisruptive),
-        m_match(rule->m_match),
-        m_maturity(rule->m_maturity),
-        m_message(rule->m_message),
-        m_noAuditLog(rule->m_noAuditLog),
-        m_phase(rule->m_phase),
-        m_reference(rule->m_reference),
-        m_rev(rule->m_rev),
-        m_rule(rule->m_rule),
-        m_ruleFile(rule->m_ruleFile),
-        m_ruleId(rule->m_ruleId),
-        m_ruleLine(rule->m_ruleLine),
-        m_saveMessage(rule->m_saveMessage),
-        m_serverIpAddress(rule->m_serverIpAddress),
-        m_severity(rule->m_severity),
-        m_uriNoQueryStringDecoded(rule->m_uriNoQueryStringDecoded),
-        m_ver(rule->m_ver)
+
+    explicit RuleMessage(Transaction *transaction) :
+        m_severity(0),
+        m_tags(),
+        m_data(""),
+        m_match(""),
+        m_message(""),
+        m_reference(""),
+        m_transaction(transaction),
+        m_rule(nullptr)
     { }
 
+
     void clean() {
         m_data = "";
         m_match = "";
-        m_isDisruptive = false;
         m_reference = "";
         m_severity = 0;
-        m_ver = "";
     }
 
     std::string log() {
@@ -130,29 +99,122 @@ class RuleMessage {
     static std::string _details(const RuleMessage *rm);
     static std::string _errorLogTail(const RuleMessage *rm);
 
-    int m_accuracy;
-    std::shared_ptr<std::string> m_clientIpAddress;
-    std::string m_data;
-    std::shared_ptr<std::string> m_id;
-    bool m_isDisruptive;
-    std::string m_match;
-    int m_maturity;
-    std::string m_message;
-    bool m_noAuditLog;
-    int m_phase;
-    std::string m_reference;
-    std::string m_rev;
-    RuleWithActions *m_rule;
-    std::shared_ptr<std::string> m_ruleFile;
-    int m_ruleId;
-    int m_ruleLine;
-    bool m_saveMessage;
-    std::shared_ptr<std::string> m_serverIpAddress;
-    int m_severity;
-    std::shared_ptr<std::string> m_uriNoQueryStringDecoded;
-    std::string m_ver;
+    RuleWithActions *getRule() const {
+        return m_rule;
+    }
 
+    void setRule(RuleWithActions *rule) {
+        m_rule = rule;
+    }
+
+    bool isSettle() const {
+        return m_rule != nullptr;
+    }
+
+    int getRuleId() const {
+        if (m_rule) {
+            return m_rule->m_ruleId;
+        }
+        return -1;
+    }
+
+    int getPhase() const {
+        if (m_rule) {
+            return m_rule->getPhase();
+        }
+        return 0;
+    }
+
+    std::string getFileName() const {
+        if (m_rule) {
+            return *m_rule->getFileName().get();
+        }
+        return "";
+    }
+
+    int getLineNumber() const {
+        if (m_rule) {
+            return m_rule->getLineNumber();
+        }
+        return 0;
+    }
+
+    std::string getRev() const {
+        if (m_rule) {
+            return m_rule->getRevision();
+        }
+        return "";
+    }
+
+    std::string getVer() const {
+        if (m_rule) {
+            return m_rule->getRevision();
+        }
+        return "";
+    }
+
+    int getMaturity() const {
+        if (m_rule) {
+            return m_rule->getMaturity();
+        }
+        return 0;
+    }
+
+    int getAccuracy() const {
+        if (m_rule) {
+            return m_rule->getAccuracy();
+        }
+        return 0;
+    }
+
+    std::string getClientIpAddress() const {
+        if (m_transaction) {
+            return *m_transaction->m_clientIpAddress.get();
+        }
+        return "";
+    }
+
+    std::string getServerIpAddress() const {
+        if (m_transaction) {
+            return *m_transaction->m_serverIpAddress.get();
+        }
+        return "";
+    }
+
+    std::string getRequestId() const {
+        if (m_transaction) {
+            return *m_transaction->m_id.get();
+        }
+        return "";
+    }
+
+    std::string getUri() const {
+        if (m_transaction) {
+            return *m_transaction->m_uri_no_query_string_decoded.get();
+        }
+        return "";
+    }
+
+    bool isDisruptive() const {
+        if (m_rule) {
+            return m_rule->hasDisruptiveAction();
+        }
+        return 0;
+    }
+
+    int m_severity;
     std::list<std::string> m_tags;
+
+    // Transaction
+    std::string m_data;
+    std::string m_match;
+
+    std::string m_message;
+    std::string m_reference;
+
+ private:
+    Transaction *m_transaction;
+    RuleWithActions *m_rule;
 };
 
 
diff --git a/headers/modsecurity/rule_unconditional.h b/headers/modsecurity/rule_unconditional.h
index 04abb90a..a10b5993 100644
--- a/headers/modsecurity/rule_unconditional.h
+++ b/headers/modsecurity/rule_unconditional.h
@@ -46,7 +46,11 @@ class RuleUnconditional : public RuleWithActions {
         int lineNumber)
         : RuleWithActions(actions, transformations, std::move(fileName), lineNumber) { }
 
-    virtual bool evaluate(Transaction *transaction, std::shared_ptr<RuleMessage> ruleMessage) override;
+    RuleUnconditional(const RuleUnconditional &r)
+        : RuleWithActions(r)
+        { }
+
+    virtual bool evaluate(Transaction *transaction) override;
 
  private:
 };
diff --git a/headers/modsecurity/rule_with_actions.h b/headers/modsecurity/rule_with_actions.h
index 34004838..8ec68087 100644
--- a/headers/modsecurity/rule_with_actions.h
+++ b/headers/modsecurity/rule_with_actions.h
@@ -37,6 +37,10 @@ namespace modsecurity {
 
 class RuleWithActions : public Rule {
  public:
+    int SEVERITY_NOT_SET = 10;
+    int ACCURACY_NOT_SET = 10;
+    int MATURITY_NOT_SET = 10;
+
     RuleWithActions(
         Actions *a,
         Transformations *t,
@@ -45,24 +49,61 @@ class RuleWithActions : public Rule {
 
     ~RuleWithActions();
 
-    virtual bool evaluate(Transaction *transaction, std::shared_ptr<RuleMessage> ruleMessage) override;
+    RuleWithActions(const RuleWithActions &r)
+        : Rule(r),
+        m_ruleId(r.m_ruleId),
+        m_chainedRuleChild(r.m_chainedRuleChild),
+        m_chainedRuleParent(r.m_chainedRuleParent),
+        m_disruptiveAction(r.m_disruptiveAction),
+        m_logData(r.m_logData),
+        m_msg(r.m_msg),
+        m_actionsRuntimePos(r.m_actionsRuntimePos),
+        m_actionsSetVar(r.m_actionsSetVar),
+        m_actionsTag(r.m_actionsTag),
+        m_defaultActionDisruptiveAction(r.m_defaultActionDisruptiveAction),
+        m_defaultActionLogData(r.m_defaultActionLogData),
+        m_defaultActionMsg(r.m_defaultActionMsg),
+        m_defaultActionActionsRuntimePos(r.m_defaultActionActionsRuntimePos),
+        m_defaultActionActionsSetVar(r.m_defaultActionActionsSetVar),
+        m_defaultActionActionsTag(r.m_defaultActionActionsTag),
+        m_transformations(r.m_transformations),
+        m_defaultTransformations(r.m_defaultTransformations),
+        m_severity(r.m_severity),
+        m_revision(r.m_revision),
+        m_version(r.m_version),
+        m_accuracy(r.m_accuracy),
+        m_maturity(r.m_maturity),
+        m_containsCaptureAction(r.m_containsCaptureAction),
+        m_containsLogAction(r.m_containsLogAction),
+        m_containsNoLogAction(r.m_containsNoLogAction),
+        m_containsMultiMatchAction(r.m_containsMultiMatchAction),
+        m_containsStaticBlockAction(r.m_containsStaticBlockAction),
+        m_defaultSeverity(r.m_defaultSeverity),
+        m_defaultRevision(r.m_defaultRevision),
+        m_defaultVersion(r.m_defaultVersion),
+        m_defaultAccuracy(r.m_defaultAccuracy),
+        m_defaultMaturity(r.m_defaultMaturity),
+        m_defaultContainsCaptureAction(r.m_defaultContainsCaptureAction),
+        m_defaultContainsLogAction(r.m_defaultContainsLogAction),
+        m_defaultContainsNoLogAction(r.m_defaultContainsNoLogAction),
+        m_defaultContainsMultiMatchAction(r.m_defaultContainsMultiMatchAction),
+        m_defaultContainsStaticBlockAction(r.m_defaultContainsStaticBlockAction),
+        m_isChained(r.m_isChained) { };
+
 
     virtual bool evaluate(Transaction *transaction) override;
 
 
     void executeActionsIndependentOfChainedRuleResult(
         Transaction *trasn,
-        bool *containsDisruptive,
-        std::shared_ptr<RuleMessage> ruleMessage);
+        bool *containsDisruptive);
 
     void executeActionsAfterFullMatch(
         Transaction *trasn,
-        bool containsDisruptive,
-        std::shared_ptr<RuleMessage> ruleMessage);
+        bool containsDisruptive);
 
     void executeAction(Transaction *trans,
         bool containsBlock,
-        std::shared_ptr<RuleMessage> ruleMessage,
         actions::Action *a,
         bool context);
 
@@ -79,57 +120,278 @@ class RuleWithActions : public Rule {
         int *nth) const;
 
 
-    void performLogging(Transaction *trans,
-        std::shared_ptr<RuleMessage> ruleMessage,
-        bool lastLog = true,
-        bool chainedParentNull = false);
+    void addAction(actions::Action *a);
+    void addTransformation(std::shared_ptr<actions::transformations::Transformation> t) {
+        m_transformations.push_back(t);
+    }
+    void addDefaultAction(std::shared_ptr<actions::Action>);
+    void addDefaultTransformation(std::shared_ptr<actions::transformations::Transformation> t) {
+        m_defaultTransformations.push_back(t);
+    }
+
 
     std::vector<actions::Action *> getActionsByName(const std::string& name,
         Transaction *t);
-    bool containsTag(const std::string& name, Transaction *t);
+    bool containsTag(const std::string& name, Transaction *t) const;
     bool containsMsg(const std::string& name, Transaction *t);
 
-    inline bool isChained() const { return m_isChained == true; }
-    inline bool hasCaptureAction() const { return m_containsCaptureAction == true; }
-    inline void setChained(bool b) { m_isChained = b; }
-    inline bool hasDisruptiveAction() const { return m_disruptiveAction != NULL; }
-    inline bool hasBlockAction() const { return m_containsStaticBlockAction == true; }
-    inline bool hasMultimatch() const { return m_containsMultiMatchAction == true; }
 
-    inline bool hasLogData() const { return m_logData != NULL; }
-    std::string logData(Transaction *t);
-    inline bool hasMsg() const { return m_msg != NULL; }
-    std::string msg(Transaction *t);
-    inline bool hasSeverity() const { return m_severity != NULL; }
-    int severity() const;
+    void clearDefaultActions() {
+        m_defaultSeverity = SEVERITY_NOT_SET;
+        m_defaultRevision = "";
+        m_defaultVersion = "";
+        m_defaultAccuracy = ACCURACY_NOT_SET;
+        m_defaultMaturity = MATURITY_NOT_SET;
+        m_defaultContainsCaptureAction = false;
+        m_defaultContainsLogAction = false;
+        m_defaultContainsNoLogAction = false;
+        m_defaultContainsMultiMatchAction = false;
+        m_defaultContainsStaticBlockAction = false;
+        m_defaultActionLogData = nullptr;
+        m_defaultActionMsg = nullptr;
+        m_defaultActionActionsSetVar.clear();
+        m_defaultActionActionsTag.clear();
+        m_defaultActionActionsRuntimePos.clear();
+        m_defaultActionDisruptiveAction = nullptr;
+        m_defaultActionActionsRuntimePos.clear();
+        m_defaultTransformations.clear();
+    }
 
-    std::string m_rev;
-    std::string m_ver;
-    int m_accuracy;
-    int m_maturity;
+    Transformations getTransformation() const {
+        Transformations dst;
+        for (auto &a : m_defaultTransformations) {
+            dst.push_back(a);
+        }
+        for (auto &a : m_transformations) {
+            dst.push_back(a);
+        }
+        return dst;
+    }
+
+    TransformationsPtr getTransformationPtr() const {
+        TransformationsPtr dst;
+        for (auto &a : m_defaultTransformations) {
+            dst.push_back(a.get());
+        }
+        for (auto &a : m_transformations) {
+            dst.push_back(a.get());
+        }
+        return dst;
+    }
+
+    SetVars getSetVarsActions() const {
+        SetVars dst;
+        for (auto &a : m_defaultActionActionsSetVar) {
+            dst.push_back(a);
+        }
+        for (auto &a : m_actionsSetVar) {
+            dst.push_back(a);
+        }
+        return dst;
+    }
+
+    SetVarsPtr getSetVarsActionsPtr() const {
+        SetVarsPtr dst;
+        for (auto &a : m_defaultActionActionsSetVar) {
+            dst.push_back(a.get());
+        }
+        for (auto &a : m_actionsSetVar) {
+            dst.push_back(a.get());
+        }
+        return dst;
+    }
+
+    MatchActionsPtr getMatchActionsPtr() const {
+        MatchActionsPtr dst;
+        for (auto &a : m_defaultActionActionsRuntimePos) {
+            dst.push_back(a.get());
+        }
+        for (auto &a : m_actionsRuntimePos) {
+            dst.push_back(a.get());
+        }
+        return dst;
+    }
+
+    MatchActions getMatchActions() const {
+        MatchActions dst;
+        for (auto &a : m_defaultActionActionsRuntimePos) {
+            dst.push_back(a);
+        }
+        for (auto &a : m_actionsRuntimePos) {
+            dst.push_back(a);
+        }
+        return dst;
+    }
+
+    inline bool hasChainAction() const { return m_isChained == true; }
+    inline void setHasChainAction(bool b) { m_isChained = b; }
+    inline bool hasChainedParent() const { return m_chainedRuleParent != nullptr; }
+    inline bool hasChainedChild() const { return m_chainedRuleChild.get() != nullptr; }
+
+    inline bool hasCaptureAction() const { return m_containsCaptureAction || m_defaultContainsCaptureAction; }
+
+    inline bool hasDisruptiveAction() const { return m_disruptiveAction != nullptr || m_defaultActionDisruptiveAction != nullptr; }
+    inline void setDisruptiveAction(std::shared_ptr<actions::Action> a) { m_disruptiveAction = a; }
+    inline std::shared_ptr<actions::Action> getDisruptiveAction() const { return m_disruptiveAction; }
+
+    inline bool hasBlockAction() const { return m_containsStaticBlockAction || m_defaultContainsStaticBlockAction; }
+    inline void setHasBlockAction(bool b) { m_containsStaticBlockAction = b; }
+
+    inline bool hasMultimatchAction() const { return m_containsMultiMatchAction || m_defaultContainsMultiMatchAction; }
+
+    inline bool hasLogAction() const { return m_containsLogAction == true; }
+    inline void setHasLogAction(bool b) { m_containsLogAction = b; }
+    inline bool hasNoLogAction() const { return m_containsNoLogAction == true; }
+    inline void setHasNoLogAction(bool b) { m_containsNoLogAction = b; }
+
+    inline bool hasLogDataAction() const { return m_logData != nullptr || m_defaultActionLogData != nullptr; }
+    inline std::shared_ptr<actions::LogData> getLogDataAction() const { return m_logData; }
+    std::string getLogData(/*const */Transaction *t);
+    inline void setLogDataAction(std::shared_ptr<actions::LogData> data) { m_logData = data; }
+
+    inline bool hasMessageAction() const { return m_msg != nullptr || m_defaultActionMsg != nullptr; }
+    inline std::shared_ptr<actions::Msg> getMessageAction() const { return m_msg; }
+    inline void setMessageAction(std::shared_ptr<actions::Msg> msg) { m_msg = msg; }
+    std::string getMessage(/*const */Transaction *t);
+
+
+    inline bool hasSeverityAction() const { return m_severity != SEVERITY_NOT_SET || m_defaultSeverity != SEVERITY_NOT_SET; }
+    inline int getSeverity() const { return (m_severity != SEVERITY_NOT_SET)?m_severity:m_defaultSeverity; }
+    inline void setDefaultActionSeverity(unsigned int severity) { m_defaultSeverity = severity; }
+    inline void setSeverity(unsigned int severity) { m_severity = severity; }
+
+    inline bool hasRevisionAction() const { return m_revision != ""; }
+    inline std::string getRevision() const { return m_revision; };
+    inline void setRevision(const std::string &revision) { m_revision.assign(revision); }
+
+    inline bool hasVersionAction() const { return m_version != ""; }
+    inline std::string getVersion() const { return m_version; };
+    inline void setVersion(const std::string &version) { m_version.assign(version); }
+
+    inline bool hasAccuracyAction() const { return m_accuracy != ACCURACY_NOT_SET || m_defaultAccuracy != ACCURACY_NOT_SET; }
+    inline int getAccuracy() const { return m_accuracy; }
+    inline void setAccuracy(unsigned int accuracy) { m_accuracy = accuracy; }
+
+    inline bool hasMaturityAction() const { return m_maturity != MATURITY_NOT_SET || m_defaultMaturity != MATURITY_NOT_SET; }
+    inline int getMaturity() const { return m_maturity; }
+    inline void setDefaultActionMaturity(unsigned int maturity) { m_defaultMaturity = maturity; }
+    inline void setMaturity(unsigned int maturity) { m_maturity = maturity; }
+
+    inline bool hasTagAction() const { return m_actionsTag.size() > 0; }
+    inline void setTags(Tags tags) {
+        for (auto tag : tags) {
+            m_actionsTag.push_back(tag);
+        }
+    }
+    inline void cleanTags() {
+        m_actionsTag.clear();
+    }
+    Tags getTagsAction() const {
+        Tags dst;
+        for (auto &a : m_defaultActionActionsTag) {
+            dst.push_back(a);
+        }
+        for (auto &a : m_actionsTag) {
+            dst.push_back(a);
+        }
+        return dst;
+    }
+
+    TagsPtr getTagsActionPtr() const {
+        TagsPtr dst;
+        for (auto &a : m_defaultActionActionsTag) {
+            dst.push_back(a.get());
+        }
+        for (auto &a : m_actionsTag) {
+            dst.push_back(a.get());
+        }
+        return dst;
+    }
 
 
     int64_t m_ruleId;
 
-    std::unique_ptr<RuleWithActions> m_chainedRuleChild;
+    std::shared_ptr<RuleWithActions> m_chainedRuleChild;
     RuleWithActions *m_chainedRuleParent;
 
  private:
     /* actions */
-    actions::Action *m_disruptiveAction;
-    actions::LogData *m_logData;
-    actions::Msg *m_msg;
-    actions::Severity *m_severity;
+    std::shared_ptr<actions::Action> m_disruptiveAction;
+    std::shared_ptr<actions::LogData> m_logData;
+    std::shared_ptr<actions::Msg> m_msg;
     MatchActions m_actionsRuntimePos;
     SetVars m_actionsSetVar;
     Tags m_actionsTag;
 
+    /* actions || SecDefaultAction */
+    std::shared_ptr<actions::Action> m_defaultActionDisruptiveAction;
+    std::shared_ptr<actions::LogData> m_defaultActionLogData;
+    std::shared_ptr<actions::Msg> m_defaultActionMsg;
+    MatchActions m_defaultActionActionsRuntimePos;
+    SetVars m_defaultActionActionsSetVar;
+    Tags m_defaultActionActionsTag;
+
     /* actions > transformations */
     Transformations m_transformations;
 
+    /* actions > transformations || SecDefaultAction */
+    Transformations m_defaultTransformations;
+
+
+    /* || */
+    /**
+     * 0 - EMERGENCY: is generated from correlation of anomaly
+     *                scoring data where there is an inbound
+     *                attack and an outbound leakage.
+     * 1 - ALERT: is generated from correlation where there is
+     *                an inbound attack and an outbound application
+     *                level error.
+     * 2 - CRITICAL: Anomaly Score of 5. Is the highest severity
+     *               level possible without correlation. It is
+     *               normally generated by the web attack rules
+     *               (40 level files).
+     * 3 - ERROR: Error - Anomaly Score of 4. Is generated mostly
+     *            from outbound leakage rules (50 level files).
+     * 4 - WARNING: Anomaly Score of 3. Is generated by malicious
+     *              client rules (35 level files).
+     * 5 - NOTICE: Anomaly Score of 2. Is generated by the Protocol
+     *             policy and anomaly files.
+     * 6 - INFO
+     * 7 - DEBUG
+     **/
+    unsigned int m_severity:3;
+
+    std::string m_revision;
+    std::string m_version;
+
+    /**
+     * 1-9 where 9 is very strong and 1 has many false positives
+     */
+    unsigned int m_accuracy:3;
+    /**
+     * 1-9 where 9 is extensively tested and 1 is a brand new experimental rule
+     */
+    unsigned int m_maturity:3;
+
+
     bool m_containsCaptureAction:1;
+    bool m_containsLogAction:1;
+    bool m_containsNoLogAction:1;
     bool m_containsMultiMatchAction:1;
     bool m_containsStaticBlockAction:1;
+
+    /* || SecDefaultAction */
+    unsigned int m_defaultSeverity:3;
+    std::string m_defaultRevision;
+    std::string m_defaultVersion;
+    unsigned int m_defaultAccuracy:3;
+    unsigned int m_defaultMaturity:3;
+    bool m_defaultContainsCaptureAction:1;
+    bool m_defaultContainsLogAction:1;
+    bool m_defaultContainsNoLogAction:1;
+    bool m_defaultContainsMultiMatchAction:1;
+    bool m_defaultContainsStaticBlockAction:1;
+
     bool m_isChained:1;
 };
 
diff --git a/headers/modsecurity/rule_with_operator.h b/headers/modsecurity/rule_with_operator.h
index 63aff6c4..574744dc 100644
--- a/headers/modsecurity/rule_with_operator.h
+++ b/headers/modsecurity/rule_with_operator.h
@@ -45,10 +45,14 @@ class RuleWithOperator : public RuleWithActions {
         std::unique_ptr<std::string> fileName,
         int lineNumber);
 
+    RuleWithOperator(const RuleWithOperator &op)
+        : RuleWithActions(op),
+        m_variables(op.m_variables),
+        m_operator(op.m_operator) { };
+
     virtual ~RuleWithOperator();
 
-    bool evaluate(Transaction *transaction,
-        std::shared_ptr<RuleMessage> rm) override;
+    bool evaluate(Transaction *transaction) override;
 
     void getVariablesExceptions(Transaction *t,
         variables::Variables *exclusion, variables::Variables *addition);
@@ -56,7 +60,7 @@ class RuleWithOperator : public RuleWithActions {
         variables::Variables *eclusion, Transaction *trans);
 
     bool executeOperatorAt(Transaction *trasn, const std::string &key,
-        std::string value, std::shared_ptr<RuleMessage> rm);
+        std::string value);
 
     static void updateMatchedVars(Transaction *trasn, const std::string &key,
         const std::string &value);
@@ -70,8 +74,8 @@ class RuleWithOperator : public RuleWithActions {
     }
 
  private:
-    modsecurity::variables::Variables *m_variables;
-    operators::Operator *m_operator;
+    std::shared_ptr<modsecurity::variables::Variables> m_variables;
+    std::shared_ptr<operators::Operator> m_operator;
 };
 
 
diff --git a/headers/modsecurity/rules.h b/headers/modsecurity/rules.h
index c7db71ca..683dfdee 100644
--- a/headers/modsecurity/rules.h
+++ b/headers/modsecurity/rules.h
@@ -80,11 +80,14 @@ class Rules {
         return true;
     }
 
+    void fixDefaultActions();
+
     size_t size() const { return m_rules.size(); }
     std::shared_ptr<Rule> operator[](int index) const { return m_rules[index]; }
     std::shared_ptr<Rule> at(int index) const { return m_rules[index]; }
 
     std::vector<std::shared_ptr<actions::Action> > m_defaultActions;
+    std::vector<std::shared_ptr<actions::transformations::Transformation> > m_defaultTransformations;
 
     std::vector<std::shared_ptr<Rule> > m_rules;
 };
diff --git a/headers/modsecurity/transaction.h b/headers/modsecurity/transaction.h
index 2225c532..c986a0da 100644
--- a/headers/modsecurity/transaction.h
+++ b/headers/modsecurity/transaction.h
@@ -102,6 +102,7 @@ class ModSecurity;
 class Transaction;
 class RulesSet;
 class RuleMessage;
+class RuleWithActions;
 namespace actions {
 class Action;
 namespace disruptive {
@@ -316,8 +317,56 @@ class TransactionSecMarkerManagement {
     std::shared_ptr<std::string> m_marker;
 };
 
+class TransactionRuleMessageManagement {
+ public:
+    explicit TransactionRuleMessageManagement(Transaction *t)
+        : m_transaction(t),
+        m_noAuditLog(false) { 
+            messageNew();
+        };
+
+    RuleMessage *messageGetLast();
+    void messageNew();
+
+    void logMatchLastRuleOnTheChain(RuleWithActions *rule);
+
+    void messageSetNoAuditLog(bool a) {
+        m_noAuditLog = a;
+    }
+
+    bool messageSaveAuditLog() const {
+        return m_noAuditLog;
+    }
+
+    std::list<RuleMessage *> messageGetAll() {
+        std::list<RuleMessage *> messages;
+        for (RuleMessage *a : m_rulesMessages) {
+            messages.push_back(a);
+        }
+
+        return messages;
+    }
+
+    void messageClear() {
+        m_rulesMessages.clear();
+    }
+
+ private:
+    /**
+     * This variable holds all the messages asked to be save by the utilization
+     * of the actions: `log_data' and `msg'. These should be included on the
+     * auditlogs.
+     */
+    std::list<RuleMessage *> m_rulesMessages;
+
+    Transaction *m_transaction;
+    bool m_noAuditLog;
+};
+
+
 /** @ingroup ModSecurity_CPP_API */
-class Transaction : public TransactionAnchoredVariables, public TransactionSecMarkerManagement {
+class Transaction : public TransactionAnchoredVariables, public TransactionSecMarkerManagement, \
+    public TransactionRuleMessageManagement {
  public:
     Transaction(ModSecurity *transaction, RulesSet *rules, void *logCbData);
     Transaction(ModSecurity *transaction, RulesSet *rules, char *id,
@@ -397,7 +446,7 @@ class Transaction : public TransactionAnchoredVariables, public TransactionSecMa
 #ifndef NO_LOGS
     void debug(int, std::string) const;
 #endif
-    void serverLog(std::shared_ptr<RuleMessage> rm);
+    void serverLog(RuleMessage *rm);
 
     int getRuleEngineState() const;
 
@@ -526,13 +575,6 @@ class Transaction : public TransactionAnchoredVariables, public TransactionSecMa
      */
     std::list< std::pair<int, std::string> > m_auditLogModifier;
 
-    /**
-     * This variable holds all the messages asked to be save by the utilization
-     * of the actions: `log_data' and `msg'. These should be included on the
-     * auditlogs.
-     */
-    std::list<modsecurity::RuleMessage> m_rulesMessages;
-
     /**
      * Holds the request body, in case of any.
      */
diff --git a/src/actions/accuracy.cc b/src/actions/accuracy.cc
index 58a26f37..7db62c21 100644
--- a/src/actions/accuracy.cc
+++ b/src/actions/accuracy.cc
@@ -40,7 +40,6 @@ bool Accuracy::init(std::string *error) {
 
 
 bool Accuracy::evaluate(RuleWithActions *rule, Transaction *transaction) {
-    rule->m_accuracy = m_accuracy;
     return true;
 }
 
diff --git a/src/actions/accuracy.h b/src/actions/accuracy.h
index 761a0bcc..179f4d7d 100644
--- a/src/actions/accuracy.h
+++ b/src/actions/accuracy.h
@@ -35,6 +35,7 @@ class Accuracy : public Action {
 
     bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
     bool init(std::string *error) override;
+    int getAccuracy() const { return m_accuracy; }
 
  private:
     int m_accuracy;
diff --git a/src/actions/audit_log.cc b/src/actions/audit_log.cc
index e0af6a74..4588d960 100644
--- a/src/actions/audit_log.cc
+++ b/src/actions/audit_log.cc
@@ -28,11 +28,8 @@ namespace actions {
 
 
 bool AuditLog::evaluate(RuleWithActions *rule, Transaction *transaction,
-    std::shared_ptr<RuleMessage> rm) {
-    rm->m_noAuditLog = false;
-    ms_dbg_a(transaction, 9, "Saving transaction to logs");
-    rm->m_saveMessage = true;
-
+    RuleMessage &rm) {
+    transaction->messageSetNoAuditLog(false);
     return true;
 }
 
diff --git a/src/actions/audit_log.h b/src/actions/audit_log.h
index c0b3b849..bc314219 100644
--- a/src/actions/audit_log.h
+++ b/src/actions/audit_log.h
@@ -36,7 +36,7 @@ class AuditLog : public Action {
         : Action(action, RunTimeOnlyIfMatchKind) { }
 
     bool evaluate(RuleWithActions *rule, Transaction *transaction,
-        std::shared_ptr<RuleMessage> rm) override;
+        RuleMessage &rm) override;
 };
 
 
diff --git a/src/actions/block.cc b/src/actions/block.cc
index 5b0c0a53..25a9a403 100644
--- a/src/actions/block.cc
+++ b/src/actions/block.cc
@@ -30,16 +30,8 @@ namespace actions {
 
 
 bool Block::evaluate(RuleWithActions *rule, Transaction *transaction,
-    std::shared_ptr<RuleMessage> rm) {
+    RuleMessage &rm) {
     ms_dbg_a(transaction, 8, "Marking request as disruptive.");
-
-    for (auto &a : transaction->m_rules->m_rulesSetPhases[rule->getPhase()]->m_defaultActions) {
-        if (a->isDisruptive() == false) {
-            continue;
-        }
-        a->evaluate(rule, transaction, rm);
-    }
-
     return true;
 }
 
diff --git a/src/actions/block.h b/src/actions/block.h
index b5f33b47..e1a856dd 100644
--- a/src/actions/block.h
+++ b/src/actions/block.h
@@ -36,7 +36,7 @@ class Block : public Action {
     explicit Block(const std::string &action) : Action(action) { }
 
     bool evaluate(RuleWithActions *rule, Transaction *transaction,
-        std::shared_ptr<RuleMessage> rm) override;
+        RuleMessage &rm) override;
 };
 
 
diff --git a/src/actions/chain.cc b/src/actions/chain.cc
index 06419c34..8b230dde 100644
--- a/src/actions/chain.cc
+++ b/src/actions/chain.cc
@@ -26,7 +26,7 @@ namespace actions {
 
 
 bool Chain::evaluate(RuleWithActions *rule, Transaction *transaction) {
-    rule->setChained(true);
+    rule->setHasChainAction(true);
     return true;
 }
 
diff --git a/src/actions/data/status.cc b/src/actions/data/status.cc
index 1317b1d3..187be4a2 100644
--- a/src/actions/data/status.cc
+++ b/src/actions/data/status.cc
@@ -39,7 +39,7 @@ bool Status::init(std::string *error) {
 
 
 bool Status::evaluate(RuleWithActions *rule, Transaction *transaction,
-    std::shared_ptr<RuleMessage> rm) {
+    RuleMessage &rm) {
     transaction->m_it.status = m_status;
     return true;
 }
diff --git a/src/actions/data/status.h b/src/actions/data/status.h
index 214cbcff..3fd5293c 100644
--- a/src/actions/data/status.h
+++ b/src/actions/data/status.h
@@ -38,7 +38,7 @@ class Status : public Action {
 
     bool init(std::string *error) override;
     bool evaluate(RuleWithActions *rule, Transaction *transaction,
-        std::shared_ptr<RuleMessage> rm) override;
+        RuleMessage &rm) override;
 
     int m_status;
 };
diff --git a/src/actions/disruptive/deny.cc b/src/actions/disruptive/deny.cc
index 40572ede..1376d285 100644
--- a/src/actions/disruptive/deny.cc
+++ b/src/actions/disruptive/deny.cc
@@ -29,7 +29,7 @@ namespace disruptive {
 
 
 bool Deny::evaluate(RuleWithActions *rule, Transaction *transaction,
-    std::shared_ptr<RuleMessage> rm) {
+    RuleMessage &rm) {
     ms_dbg_a(transaction, 8, "Running action deny");
 
     if (transaction->m_it.status == 200) {
@@ -38,9 +38,9 @@ bool Deny::evaluate(RuleWithActions *rule, Transaction *transaction,
 
     transaction->m_it.disruptive = true;
     intervention::freeLog(&transaction->m_it);
-    rm->m_isDisruptive = true;
+    rm.setRule(rule);
     transaction->m_it.log = strdup(
-        rm->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
+        rm.log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
 
     return true;
 }
diff --git a/src/actions/disruptive/deny.h b/src/actions/disruptive/deny.h
index 4e72ba17..085b7db7 100644
--- a/src/actions/disruptive/deny.h
+++ b/src/actions/disruptive/deny.h
@@ -34,7 +34,7 @@ class Deny : public Action {
     explicit Deny(const std::string &action) : Action(action) { }
 
     bool evaluate(RuleWithActions *rule, Transaction *transaction,
-        std::shared_ptr<RuleMessage> rm) override;
+        RuleMessage &rm) override;
     bool isDisruptive() override { return true; }
 };
 
diff --git a/src/actions/disruptive/drop.cc b/src/actions/disruptive/drop.cc
index 097bd568..da7e2d75 100644
--- a/src/actions/disruptive/drop.cc
+++ b/src/actions/disruptive/drop.cc
@@ -33,7 +33,7 @@ namespace disruptive {
 
 
 bool Drop::evaluate(RuleWithActions *rule, Transaction *transaction,
-    std::shared_ptr<RuleMessage> rm) {
+    RuleMessage &rm) {
     ms_dbg_a(transaction, 8, "Running action drop " \
         "[executing deny instead of drop.]");
 
@@ -43,9 +43,9 @@ bool Drop::evaluate(RuleWithActions *rule, Transaction *transaction,
 
     transaction->m_it.disruptive = true;
     intervention::freeLog(&transaction->m_it);
-    rm->m_isDisruptive = true;
+    rm.setRule(rule);
     transaction->m_it.log = strdup(
-        rm->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
+        rm.log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
 
     return true;
 }
diff --git a/src/actions/disruptive/drop.h b/src/actions/disruptive/drop.h
index 2da823c8..66fe45f1 100644
--- a/src/actions/disruptive/drop.h
+++ b/src/actions/disruptive/drop.h
@@ -33,7 +33,7 @@ class Drop : public Action {
     explicit Drop(const std::string &action) : Action(action) { }
 
     bool evaluate(RuleWithActions *rule, Transaction *transaction,
-        std::shared_ptr<RuleMessage> rm) override;
+        RuleMessage &rm) override;
     bool isDisruptive() override { return true; }
 };
 
diff --git a/src/actions/disruptive/pass.cc b/src/actions/disruptive/pass.cc
index 4b4c8fad..28b3bc94 100644
--- a/src/actions/disruptive/pass.cc
+++ b/src/actions/disruptive/pass.cc
@@ -30,7 +30,7 @@ namespace disruptive {
 
 
 bool Pass::evaluate(RuleWithActions *rule, Transaction *transaction,
-    std::shared_ptr<RuleMessage> rm) {
+    RuleMessage &rm) {
     intervention::free(&transaction->m_it);
     intervention::reset(&transaction->m_it);
 
diff --git a/src/actions/disruptive/pass.h b/src/actions/disruptive/pass.h
index dc1f6a58..035cc24e 100644
--- a/src/actions/disruptive/pass.h
+++ b/src/actions/disruptive/pass.h
@@ -32,7 +32,7 @@ class Pass : public Action {
     explicit Pass(const std::string &action) : Action(action) { }
 
     bool evaluate(RuleWithActions *rule, Transaction *transaction,
-        std::shared_ptr<RuleMessage> rm) override;
+        RuleMessage &rm) override;
     bool isDisruptive() override { return true; }
 };
 
diff --git a/src/actions/disruptive/redirect.cc b/src/actions/disruptive/redirect.cc
index 07ac2625..0b0fc0dd 100644
--- a/src/actions/disruptive/redirect.cc
+++ b/src/actions/disruptive/redirect.cc
@@ -35,7 +35,7 @@ bool Redirect::init(std::string *error) {
 
 
 bool Redirect::evaluate(RuleWithActions *rule, Transaction *transaction,
-    std::shared_ptr<RuleMessage> rm) {
+    RuleMessage &rm) {
     std::string m_urlExpanded(m_string->evaluate(transaction));
     /* if it was changed before, lets keep it. */
     if (transaction->m_it.status == 200
@@ -47,9 +47,9 @@ bool Redirect::evaluate(RuleWithActions *rule, Transaction *transaction,
     transaction->m_it.url = strdup(m_urlExpanded.c_str());
     transaction->m_it.disruptive = true;
     intervention::freeLog(&transaction->m_it);
-    rm->m_isDisruptive = true;
+    rm.setRule(rule);
     transaction->m_it.log = strdup(
-        rm->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
+        rm.log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
 
     return true;
 }
diff --git a/src/actions/disruptive/redirect.h b/src/actions/disruptive/redirect.h
index 69889541..8a2d9418 100644
--- a/src/actions/disruptive/redirect.h
+++ b/src/actions/disruptive/redirect.h
@@ -47,7 +47,7 @@ class Redirect : public Action {
             m_string(std::move(z)) { }
 
     bool evaluate(RuleWithActions *rule, Transaction *transaction,
-        std::shared_ptr<RuleMessage> rm) override;
+        RuleMessage &rm) override;
     bool init(std::string *error) override;
     bool isDisruptive() override { return true; }
 
diff --git a/src/actions/init_col.h b/src/actions/init_col.h
index a7086204..0848561c 100644
--- a/src/actions/init_col.h
+++ b/src/actions/init_col.h
@@ -42,7 +42,7 @@ class InitCol : public Action {
     bool init(std::string *error) override;
  private:
     std::string m_collection_key;
-    std::unique_ptr<RunTimeString> m_string;
+    std::shared_ptr<RunTimeString> m_string;
 };
 
 
diff --git a/src/actions/log.cc b/src/actions/log.cc
index 320c0bf4..127c9c69 100644
--- a/src/actions/log.cc
+++ b/src/actions/log.cc
@@ -29,9 +29,7 @@ namespace actions {
 
 
 bool Log::evaluate(RuleWithActions *rule, Transaction *transaction,
-    std::shared_ptr<RuleMessage> rm) {
-    ms_dbg_a(transaction, 9, "Saving transaction to logs");
-    rm->m_saveMessage = true;
+    RuleMessage &rm) {
     return true;
 }
 
diff --git a/src/actions/log.h b/src/actions/log.h
index 07726ad9..d3496932 100644
--- a/src/actions/log.h
+++ b/src/actions/log.h
@@ -34,7 +34,7 @@ class Log : public Action {
         : Action(action, RunTimeOnlyIfMatchKind) { }
 
     bool evaluate(RuleWithActions *rule, Transaction *transaction,
-        std::shared_ptr<RuleMessage> rm) override;
+        RuleMessage &rm) override;
 };
 
 }  // namespace actions
diff --git a/src/actions/log_data.cc b/src/actions/log_data.cc
index 359dd299..a0fba217 100644
--- a/src/actions/log_data.cc
+++ b/src/actions/log_data.cc
@@ -30,8 +30,8 @@ namespace actions {
 
 
 bool LogData::evaluate(RuleWithActions *rule, Transaction *transaction,
-    std::shared_ptr<RuleMessage> rm) {
-    rm->m_data = data(transaction);
+    RuleMessage &rm) {
+    rm.m_data = data(transaction);
 
     return true;
 }
diff --git a/src/actions/log_data.h b/src/actions/log_data.h
index 486d826b..13f015bb 100644
--- a/src/actions/log_data.h
+++ b/src/actions/log_data.h
@@ -40,11 +40,11 @@ class LogData : public Action {
             m_string(std::move(z)) { }
 
     bool evaluate(RuleWithActions *rule, Transaction *transaction,
-       std::shared_ptr<RuleMessage> rm) override;
+       RuleMessage &rm) override;
 
     std::string data(Transaction *Transaction);
 
-    std::unique_ptr<RunTimeString> m_string;
+    std::shared_ptr<RunTimeString> m_string;
 };
 
 
diff --git a/src/actions/maturity.cc b/src/actions/maturity.cc
index b601208d..921fedbc 100644
--- a/src/actions/maturity.cc
+++ b/src/actions/maturity.cc
@@ -40,7 +40,6 @@ bool Maturity::init(std::string *error) {
 
 
 bool Maturity::evaluate(RuleWithActions *rule, Transaction *transaction) {
-    rule->m_maturity = m_maturity;
     return true;
 }
 
diff --git a/src/actions/maturity.h b/src/actions/maturity.h
index 4fa5a5ed..38954d18 100644
--- a/src/actions/maturity.h
+++ b/src/actions/maturity.h
@@ -35,6 +35,7 @@ class Maturity : public Action {
 
     bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
     bool init(std::string *error) override;
+    int getMaturity() const { return m_maturity; }
 
  private:
     int m_maturity;
diff --git a/src/actions/msg.cc b/src/actions/msg.cc
index c553b1d6..20d1a202 100644
--- a/src/actions/msg.cc
+++ b/src/actions/msg.cc
@@ -47,9 +47,9 @@ namespace actions {
 
 
 bool Msg::evaluate(RuleWithActions *rule, Transaction *transaction,
-    std::shared_ptr<RuleMessage> rm) {
+    RuleMessage &rm) {
     std::string msg = data(transaction);
-    rm->m_message = msg;
+    rm.m_message = msg;
     ms_dbg_a(transaction, 9, "Saving msg: " + msg);
 
     return true;
diff --git a/src/actions/msg.h b/src/actions/msg.h
index 8f6ad06f..6414c984 100644
--- a/src/actions/msg.h
+++ b/src/actions/msg.h
@@ -41,10 +41,10 @@ class Msg : public Action {
             m_string(std::move(z)) { }
 
     bool evaluate(RuleWithActions *rule, Transaction *transaction,
-        std::shared_ptr<RuleMessage> rm) override;
+        RuleMessage &rm) override;
 
     std::string data(Transaction *Transaction);
-    std::unique_ptr<RunTimeString> m_string;
+    std::shared_ptr<RunTimeString> m_string;
 };
 
 
diff --git a/src/actions/no_audit_log.cc b/src/actions/no_audit_log.cc
index ef5d8bb2..4db9f7ac 100644
--- a/src/actions/no_audit_log.cc
+++ b/src/actions/no_audit_log.cc
@@ -27,10 +27,8 @@ namespace actions {
 
 
 bool NoAuditLog::evaluate(RuleWithActions *rule, Transaction *transaction,
-    std::shared_ptr<RuleMessage> rm) {
-    rm->m_noAuditLog = true;
-    rm->m_saveMessage = false;
-
+    RuleMessage &rm) {
+    transaction->messageSetNoAuditLog(true);
     return true;
 }
 
diff --git a/src/actions/no_audit_log.h b/src/actions/no_audit_log.h
index fbcac6d6..456b065e 100644
--- a/src/actions/no_audit_log.h
+++ b/src/actions/no_audit_log.h
@@ -36,7 +36,7 @@ class NoAuditLog : public Action {
         : Action(action, RunTimeOnlyIfMatchKind) { }
 
     bool evaluate(RuleWithActions *rule, Transaction *transaction,
-        std::shared_ptr<RuleMessage> rm) override;
+        RuleMessage &rm) override;
 };
 
 }  // namespace actions
diff --git a/src/actions/no_log.cc b/src/actions/no_log.cc
index 4b282406..0346b16c 100644
--- a/src/actions/no_log.cc
+++ b/src/actions/no_log.cc
@@ -30,8 +30,7 @@ namespace actions {
 
 
 bool NoLog::evaluate(RuleWithActions *rule, Transaction *transaction,
-    std::shared_ptr<RuleMessage> rm) {
-    rm->m_saveMessage = false;
+    RuleMessage &rm) {
     return true;
 }
 
diff --git a/src/actions/no_log.h b/src/actions/no_log.h
index 78e1892d..97fdc9df 100644
--- a/src/actions/no_log.h
+++ b/src/actions/no_log.h
@@ -34,7 +34,7 @@ class NoLog : public Action {
         : Action(action, RunTimeOnlyIfMatchKind) { }
 
     bool evaluate(RuleWithActions *rule, Transaction *transaction,
-        std::shared_ptr<RuleMessage> rm) override;
+        RuleMessage &rm) override;
 };
 
 }  // namespace actions
diff --git a/src/actions/rev.cc b/src/actions/rev.cc
index 7d886b96..418b04e9 100644
--- a/src/actions/rev.cc
+++ b/src/actions/rev.cc
@@ -34,7 +34,6 @@ bool Rev::init(std::string *error) {
 
 
 bool Rev::evaluate(RuleWithActions *rule, Transaction *transaction) {
-    rule->m_rev = m_rev;
     return true;
 }
 
diff --git a/src/actions/rev.h b/src/actions/rev.h
index feb1012d..f39d4a10 100644
--- a/src/actions/rev.h
+++ b/src/actions/rev.h
@@ -33,9 +33,10 @@ class Rev : public Action {
 
     bool evaluate(RuleWithActions *rule, Transaction *transaction) override;
     bool init(std::string *error) override;
+   std::string getRevision() const { return m_rev; }
 
  private:
-    std::string m_rev;
+   std::string m_rev;
 };
 
 
diff --git a/src/actions/set_env.h b/src/actions/set_env.h
index fcfc411f..57223873 100644
--- a/src/actions/set_env.h
+++ b/src/actions/set_env.h
@@ -43,7 +43,7 @@ class SetENV : public Action {
     bool init(std::string *error) override;
 
  private:
-    std::unique_ptr<RunTimeString> m_string;
+    std::shared_ptr<RunTimeString> m_string;
 };
 
 
diff --git a/src/actions/set_rsc.h b/src/actions/set_rsc.h
index 013e0662..fcf0e426 100644
--- a/src/actions/set_rsc.h
+++ b/src/actions/set_rsc.h
@@ -43,7 +43,7 @@ class SetRSC : public Action {
     bool init(std::string *error) override;
 
  private:
-    std::unique_ptr<RunTimeString> m_string;
+    std::shared_ptr<RunTimeString> m_string;
 };
 
 
diff --git a/src/actions/set_sid.h b/src/actions/set_sid.h
index c8353854..612db849 100644
--- a/src/actions/set_sid.h
+++ b/src/actions/set_sid.h
@@ -43,7 +43,7 @@ class SetSID : public Action {
     bool init(std::string *error) override;
 
  private:
-    std::unique_ptr<RunTimeString> m_string;
+    std::shared_ptr<RunTimeString> m_string;
 };
 
 
diff --git a/src/actions/set_uid.h b/src/actions/set_uid.h
index b2f341a6..f53bba54 100644
--- a/src/actions/set_uid.h
+++ b/src/actions/set_uid.h
@@ -43,7 +43,7 @@ class SetUID : public Action {
     bool init(std::string *error) override;
 
  private:
-    std::unique_ptr<RunTimeString> m_string;
+    std::shared_ptr<RunTimeString> m_string;
 };
 
 
diff --git a/src/actions/set_var.h b/src/actions/set_var.h
index 22905a8c..c64a0369 100644
--- a/src/actions/set_var.h
+++ b/src/actions/set_var.h
@@ -63,8 +63,8 @@ class SetVar : public Action {
 
  private:
     SetVarOperation m_operation;
-    std::unique_ptr<modsecurity::variables::Variable> m_variable;
-    std::unique_ptr<RunTimeString> m_string;
+    std::shared_ptr<modsecurity::variables::Variable> m_variable;
+    std::shared_ptr<RunTimeString> m_string;
 };
 
 }  // namespace actions
diff --git a/src/actions/severity.cc b/src/actions/severity.cc
index f7db6bbd..a457bf67 100644
--- a/src/actions/severity.cc
+++ b/src/actions/severity.cc
@@ -72,17 +72,7 @@ bool Severity::init(std::string *error) {
 
 
 bool Severity::evaluate(RuleWithActions *rule, Transaction *transaction,
-    std::shared_ptr<RuleMessage> rm) {
-    ms_dbg_a(transaction, 9, "This rule severity is: " + \
-        std::to_string(this->m_severity) + " current transaction is: " + \
-        std::to_string(transaction->m_highestSeverityAction));
-
-    rm->m_severity = m_severity;
-
-    if (transaction->m_highestSeverityAction > this->m_severity) {
-        transaction->m_highestSeverityAction = this->m_severity;
-    }
-
+    RuleMessage &rm) {
     return true;
 }
 
diff --git a/src/actions/severity.h b/src/actions/severity.h
index b9cd8120..96ab3325 100644
--- a/src/actions/severity.h
+++ b/src/actions/severity.h
@@ -36,7 +36,7 @@ class Severity : public Action {
         m_severity(0) { }
 
     bool evaluate(RuleWithActions *rule, Transaction *transaction,
-        std::shared_ptr<RuleMessage> rm) override;
+        RuleMessage &rm) override;
     bool init(std::string *error) override;
 
     int m_severity;
diff --git a/src/actions/tag.cc b/src/actions/tag.cc
index 3ec06cd1..f61c7ff8 100644
--- a/src/actions/tag.cc
+++ b/src/actions/tag.cc
@@ -57,11 +57,11 @@ std::string Tag::getName(Transaction *transaction) {
 
 
 bool Tag::evaluate(RuleWithActions *rule, Transaction *transaction,
-    std::shared_ptr<RuleMessage> rm) {
+    RuleMessage &rm) {
     std::string tag = getName(transaction);
     ms_dbg_a(transaction, 9, "Rule tag: " + tag);
 
-    rm->m_tags.push_back(tag);
+    rm.m_tags.push_back(tag);
 
     return true;
 }
diff --git a/src/actions/tag.h b/src/actions/tag.h
index 45d77892..03c43331 100644
--- a/src/actions/tag.h
+++ b/src/actions/tag.h
@@ -39,10 +39,10 @@ class Tag : public Action {
     std::string getName(Transaction *transaction);
 
     bool evaluate(RuleWithActions *rule, Transaction *transaction,
-        std::shared_ptr<RuleMessage> rm) override;
+        RuleMessage &rm) override;
 
  protected:
-    std::unique_ptr<RunTimeString> m_string;
+    std::shared_ptr<RunTimeString> m_string;
 };
 
 
diff --git a/src/actions/ver.cc b/src/actions/ver.cc
index 5b4fd13b..d2b7ad72 100644
--- a/src/actions/ver.cc
+++ b/src/actions/ver.cc
@@ -28,7 +28,6 @@ namespace actions {
 
 
 bool Ver::evaluate(RuleWithActions *rule, Transaction *transaction) {
-    rule->m_ver = m_parser_payload;
     return true;
 }
 
diff --git a/src/audit_log/audit_log.cc b/src/audit_log/audit_log.cc
index f65d38b6..e3c220d4 100644
--- a/src/audit_log/audit_log.cc
+++ b/src/audit_log/audit_log.cc
@@ -295,12 +295,7 @@ bool AuditLog::saveIfRelevant(Transaction *transaction, int parts) {
         return true;
     }
 
-    for (RuleMessage &i : transaction->m_rulesMessages) {
-        if (i.m_noAuditLog == false) {
-            saveAnyway = true;
-            break;
-        }
-    }
+    saveAnyway = transaction->messageSaveAuditLog();
 
     if ((m_status == RelevantOnlyAuditLogStatus
         && this->isRelevant(transaction->m_httpCodeReturned) == false)
diff --git a/src/modsecurity.cc b/src/modsecurity.cc
index ac8e5256..74f1df00 100644
--- a/src/modsecurity.cc
+++ b/src/modsecurity.cc
@@ -188,7 +188,7 @@ const std::string& ModSecurity::getConnectorInformation() const {
     return m_connector;
 }
 
-void ModSecurity::serverLog(void *data, std::shared_ptr<RuleMessage> rm) {
+void ModSecurity::serverLog(void *data, RuleMessage *rm) {
     if (m_logCb == NULL) {
         std::cerr << "Server log callback is not set -- " << rm->errorLog();
         std::cerr << std::endl;
@@ -207,7 +207,7 @@ void ModSecurity::serverLog(void *data, std::shared_ptr<RuleMessage> rm) {
     }
 
     if (m_logProperties & RuleMessageLogProperty) {
-        const void *a = static_cast<const void *>(rm.get());
+        const void *a = static_cast<const void *>(rm);
         if (m_logProperties & IncludeFullHighlightLogProperty) {
             m_logCb(data, a);
             return;
diff --git a/src/operators/begins_with.cc b/src/operators/begins_with.cc
index e2766ec3..32718235 100644
--- a/src/operators/begins_with.cc
+++ b/src/operators/begins_with.cc
@@ -25,7 +25,7 @@ namespace operators {
 
 
 bool BeginsWith::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &str, RuleMessage *ruleMessage) {
     std::string p(m_string->evaluate(transaction));
 
     if (str.size() < p.size()) {
diff --git a/src/operators/begins_with.h b/src/operators/begins_with.h
index e8470d98..40eb0c45 100644
--- a/src/operators/begins_with.h
+++ b/src/operators/begins_with.h
@@ -33,7 +33,7 @@ class BeginsWith : public Operator {
         : Operator("BeginsWith", std::move(param)) { }
 
     bool evaluate(Transaction *transaction, RuleWithActions *rule, const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 };
 
 }  // namespace operators
diff --git a/src/operators/contains.cc b/src/operators/contains.cc
index e63e8adc..a1d7bf4c 100644
--- a/src/operators/contains.cc
+++ b/src/operators/contains.cc
@@ -22,7 +22,7 @@ namespace modsecurity {
 namespace operators {
 
 bool Contains::evaluate(Transaction *transaction, RuleWithActions *rule,
-        const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
+        const std::string &input, RuleMessage *ruleMessage) {
     std::string p(m_string->evaluate(transaction));
     size_t offset = input.find(p);
 
diff --git a/src/operators/contains.h b/src/operators/contains.h
index 8bab0852..ab4307bb 100644
--- a/src/operators/contains.h
+++ b/src/operators/contains.h
@@ -36,7 +36,7 @@ class Contains : public Operator {
         : Operator("Contains", std::move(param)) { }
     bool evaluate(Transaction *transaction, RuleWithActions *rule,
         const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 };
 
 }  // namespace operators
diff --git a/src/operators/contains_word.cc b/src/operators/contains_word.cc
index 262b9b19..ac0f974b 100644
--- a/src/operators/contains_word.cc
+++ b/src/operators/contains_word.cc
@@ -37,7 +37,7 @@ bool ContainsWord::acceptableChar(const std::string& a, size_t pos) {
 }
 
 bool ContainsWord::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &str, RuleMessage *ruleMessage) {
     std::string paramTarget(m_string->evaluate(transaction));
 
     if (paramTarget.empty()) {
diff --git a/src/operators/contains_word.h b/src/operators/contains_word.h
index c9698d21..2697c674 100644
--- a/src/operators/contains_word.h
+++ b/src/operators/contains_word.h
@@ -34,7 +34,7 @@ class ContainsWord : public Operator {
 
     bool evaluate(Transaction *transaction, RuleWithActions *rule,
         const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 
  private:
     static bool acceptableChar(const std::string& a, size_t pos);
diff --git a/src/operators/detect_sqli.cc b/src/operators/detect_sqli.cc
index 16f31c18..29d0f061 100644
--- a/src/operators/detect_sqli.cc
+++ b/src/operators/detect_sqli.cc
@@ -26,7 +26,7 @@ namespace operators {
 
 
 bool DetectSQLi::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage *ruleMessage) {
     char fingerprint[8];
     int issqli;
 
diff --git a/src/operators/detect_sqli.h b/src/operators/detect_sqli.h
index 2dc0d748..ca391fae 100644
--- a/src/operators/detect_sqli.h
+++ b/src/operators/detect_sqli.h
@@ -34,7 +34,7 @@ class DetectSQLi : public Operator {
 
     bool evaluate(Transaction *t, RuleWithActions *rule,
         const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 };
 
 }  // namespace operators
diff --git a/src/operators/detect_xss.cc b/src/operators/detect_xss.cc
index 7386f365..d2543dd3 100644
--- a/src/operators/detect_xss.cc
+++ b/src/operators/detect_xss.cc
@@ -26,7 +26,7 @@ namespace operators {
 
 
 bool DetectXSS::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage *ruleMessage) {
     int is_xss;
 
     is_xss = libinjection_xss(input.c_str(), input.length());
diff --git a/src/operators/detect_xss.h b/src/operators/detect_xss.h
index 266fdf36..d86b5180 100644
--- a/src/operators/detect_xss.h
+++ b/src/operators/detect_xss.h
@@ -33,7 +33,7 @@ class DetectXSS : public Operator {
 
     bool evaluate(Transaction *t, RuleWithActions *rule,
         const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 };
 
 }  // namespace operators
diff --git a/src/operators/ends_with.cc b/src/operators/ends_with.cc
index 632fc8fe..b6f83906 100644
--- a/src/operators/ends_with.cc
+++ b/src/operators/ends_with.cc
@@ -24,7 +24,7 @@ namespace operators {
 
 
 bool EndsWith::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &str, RuleMessage *ruleMessage) {
     bool ret = false;
     std::string p(m_string->evaluate(transaction));
 
diff --git a/src/operators/ends_with.h b/src/operators/ends_with.h
index c5352618..1706dd50 100644
--- a/src/operators/ends_with.h
+++ b/src/operators/ends_with.h
@@ -35,7 +35,7 @@ class EndsWith : public Operator {
         }
     bool evaluate(Transaction *transaction, RuleWithActions *rule,
         const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 };
 
 
diff --git a/src/operators/operator.cc b/src/operators/operator.cc
index 3bb12ce8..81d389b2 100644
--- a/src/operators/operator.cc
+++ b/src/operators/operator.cc
@@ -70,7 +70,7 @@ namespace operators {
 
 
 bool Operator::evaluateInternal(Transaction *transaction,
-    RuleWithActions *rule, const std::string& a, std::shared_ptr<RuleMessage> rm) {
+    RuleWithActions *rule, const std::string& a, RuleMessage *rm) {
     bool res = evaluate(transaction, rule, a, rm);
 
     if (m_negation) {
diff --git a/src/operators/operator.h b/src/operators/operator.h
index 523b9209..0e223020 100644
--- a/src/operators/operator.h
+++ b/src/operators/operator.h
@@ -114,7 +114,7 @@ class Operator {
     bool evaluateInternal(Transaction *t, RuleWithActions *rule,
         const std::string& a);
     bool evaluateInternal(Transaction *t, RuleWithActions *rule,
-        const std::string& a, std::shared_ptr<RuleMessage> ruleMessage);
+        const std::string& a, RuleMessage *ruleMessage);
 
 
     virtual bool evaluate(Transaction *transaction, const std::string &str);
@@ -123,11 +123,11 @@ class Operator {
         return evaluate(transaction, str);
     }
     virtual bool evaluate(Transaction *transaction, RuleWithActions *rule,
-        const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+        const std::string &str, RuleMessage *ruleMessage) {
         return evaluate(transaction, str);
     }
 
-    static void logOffset(std::shared_ptr<RuleMessage> ruleMessage, int offset, int len) {
+    static void logOffset(RuleMessage *ruleMessage, int offset, int len) {
         if (ruleMessage) {
             ruleMessage->m_reference.append("o"
                 + std::to_string(offset) + ","
diff --git a/src/operators/pm.cc b/src/operators/pm.cc
index 8c747ed3..5622df69 100644
--- a/src/operators/pm.cc
+++ b/src/operators/pm.cc
@@ -82,8 +82,8 @@ void Pm::postOrderTraversal(acmp_btree_node_t *node) {
 
 
 bool Pm::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
-    int rc;
+    const std::string &input, RuleMessage *ruleMessage) {
+    int rc = -1;
     ACMPT pt;
     pt.parser = m_p;
     pt.ptr = NULL;
diff --git a/src/operators/pm.h b/src/operators/pm.h
index 0c2e58f3..99ca8dce 100644
--- a/src/operators/pm.h
+++ b/src/operators/pm.h
@@ -43,7 +43,7 @@ class Pm : public Operator {
     ~Pm();
     bool evaluate(Transaction *transaction, RuleWithActions *rule,
         const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 
 
     bool init(const std::string &file, std::string *error) override;
diff --git a/src/operators/rbl.cc b/src/operators/rbl.cc
index 6753435f..0936fff3 100644
--- a/src/operators/rbl.cc
+++ b/src/operators/rbl.cc
@@ -202,7 +202,7 @@ void Rbl::furtherInfo(struct sockaddr_in *sin, const std::string &ipStr,
 
 bool Rbl::evaluate(Transaction *t, RuleWithActions *rule,
         const std::string& ipStr,
-        std::shared_ptr<RuleMessage> ruleMessage) {
+        RuleMessage *ruleMessage) {
     struct addrinfo *info = NULL;
     std::string host = Rbl::mapIpToAddress(ipStr, t);
     int rc = 0;
diff --git a/src/operators/rbl.h b/src/operators/rbl.h
index 4cc1fc25..56850141 100644
--- a/src/operators/rbl.h
+++ b/src/operators/rbl.h
@@ -78,7 +78,7 @@ class Rbl : public Operator {
         }
     bool evaluate(Transaction *transaction, RuleWithActions *rule,
         const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 
     std::string mapIpToAddress(const std::string &ipStr, Transaction *trans) const;
 
diff --git a/src/operators/rx.cc b/src/operators/rx.cc
index b4fc6ff4..b1d54471 100644
--- a/src/operators/rx.cc
+++ b/src/operators/rx.cc
@@ -37,7 +37,7 @@ bool Rx::init(const std::string &arg, std::string *error) {
 
 
 bool Rx::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage *ruleMessage) {
     Regex *re;
 
     if (m_param.empty() && !m_string->m_containsMacro) {
diff --git a/src/operators/rx.h b/src/operators/rx.h
index 97cc12a3..c3a9dfce 100644
--- a/src/operators/rx.h
+++ b/src/operators/rx.h
@@ -51,7 +51,7 @@ class Rx : public Operator {
 
     bool evaluate(Transaction *transaction, RuleWithActions *rule,
         const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 
     bool init(const std::string &arg, std::string *error) override;
 
diff --git a/src/operators/validate_byte_range.cc b/src/operators/validate_byte_range.cc
index 47f67b5c..2addcf27 100644
--- a/src/operators/validate_byte_range.cc
+++ b/src/operators/validate_byte_range.cc
@@ -111,7 +111,7 @@ bool ValidateByteRange::init(const std::string &file,
 
 
 bool ValidateByteRange::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &input, RuleMessage *ruleMessage) {
     bool ret = true;
 
     size_t count = 0;
diff --git a/src/operators/validate_byte_range.h b/src/operators/validate_byte_range.h
index d50f2997..4015280b 100644
--- a/src/operators/validate_byte_range.h
+++ b/src/operators/validate_byte_range.h
@@ -39,7 +39,7 @@ class ValidateByteRange : public Operator {
 
     bool evaluate(Transaction *transaction, RuleWithActions *rule,
         const std::string &input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
     bool getRange(const std::string &rangeRepresentation, std::string *error);
     bool init(const std::string& file, std::string *error) override;
  private:
diff --git a/src/operators/validate_url_encoding.cc b/src/operators/validate_url_encoding.cc
index f04a5fa7..1f5797a3 100644
--- a/src/operators/validate_url_encoding.cc
+++ b/src/operators/validate_url_encoding.cc
@@ -69,7 +69,7 @@ int ValidateUrlEncoding::validate_url_encoding(const char *input,
 
 
 bool ValidateUrlEncoding::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &input, RuleMessage *ruleMessage) {
     size_t offset = 0;
     bool res = false;
 
diff --git a/src/operators/validate_url_encoding.h b/src/operators/validate_url_encoding.h
index 80d61b96..90c11153 100644
--- a/src/operators/validate_url_encoding.h
+++ b/src/operators/validate_url_encoding.h
@@ -33,7 +33,7 @@ class ValidateUrlEncoding : public Operator {
 
     bool evaluate(Transaction *transaction, RuleWithActions *rule,
         const std::string &input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 
     static int validate_url_encoding(const char *input, uint64_t input_length,
         size_t *offset);
diff --git a/src/operators/validate_utf8_encoding.cc b/src/operators/validate_utf8_encoding.cc
index 9374116a..ce1150e9 100644
--- a/src/operators/validate_utf8_encoding.cc
+++ b/src/operators/validate_utf8_encoding.cc
@@ -114,7 +114,7 @@ int ValidateUtf8Encoding::detect_utf8_character(
 }
 
 bool ValidateUtf8Encoding::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &str, RuleMessage *ruleMessage) {
     unsigned int i, bytes_left;
 
     const char *str_c = str.c_str();
diff --git a/src/operators/validate_utf8_encoding.h b/src/operators/validate_utf8_encoding.h
index e01c19a2..a39207ac 100644
--- a/src/operators/validate_utf8_encoding.h
+++ b/src/operators/validate_utf8_encoding.h
@@ -40,7 +40,7 @@ class ValidateUtf8Encoding : public Operator {
 
     bool evaluate(Transaction *transaction, RuleWithActions *rule,
         const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 
     static int detect_utf8_character(const unsigned char *p_read,
         unsigned int length);
diff --git a/src/operators/verify_cc.cc b/src/operators/verify_cc.cc
index 2976bd28..a21eb509 100644
--- a/src/operators/verify_cc.cc
+++ b/src/operators/verify_cc.cc
@@ -118,7 +118,7 @@ bool VerifyCC::init(const std::string &param2, std::string *error) {
 
 
 bool VerifyCC::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& i, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& i, RuleMessage *ruleMessage) {
     int offset = 0;
     int target_length = i.length();
 
diff --git a/src/operators/verify_cc.h b/src/operators/verify_cc.h
index ee97f2b4..0e8a0932 100644
--- a/src/operators/verify_cc.h
+++ b/src/operators/verify_cc.h
@@ -37,7 +37,7 @@ class VerifyCC : public Operator {
 
     bool evaluate(Transaction *t, RuleWithActions *rule,
         const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage)  override;
+        RuleMessage *ruleMessage)  override;
     bool init(const std::string &param, std::string *error) override;
  private:
     pcre *m_pc;
diff --git a/src/operators/verify_cpf.cc b/src/operators/verify_cpf.cc
index 0ec49ac4..f5d5a140 100644
--- a/src/operators/verify_cpf.cc
+++ b/src/operators/verify_cpf.cc
@@ -109,7 +109,7 @@ bool VerifyCPF::verify(const char *cpfnumber, int len) {
 
 
 bool VerifyCPF::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage *ruleMessage) {
     std::list<SMatch> matches;
     bool is_cpf = false;
     int i;
diff --git a/src/operators/verify_cpf.h b/src/operators/verify_cpf.h
index c5b0dfa5..624b00dc 100644
--- a/src/operators/verify_cpf.h
+++ b/src/operators/verify_cpf.h
@@ -48,7 +48,7 @@ class VerifyCPF : public Operator {
 
     bool evaluate(Transaction *transaction, RuleWithActions *rule,
         const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 
     bool verify(const char *ssnumber, int len);
 
diff --git a/src/operators/verify_ssn.cc b/src/operators/verify_ssn.cc
index 00b0c5c2..e65520a7 100644
--- a/src/operators/verify_ssn.cc
+++ b/src/operators/verify_ssn.cc
@@ -111,7 +111,7 @@ invalid:
 
 
 bool VerifySSN::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage *ruleMessage) {
     std::list<SMatch> matches;
     bool is_ssn = false;
     int i;
diff --git a/src/operators/verify_ssn.h b/src/operators/verify_ssn.h
index 86f33413..d6f202f2 100644
--- a/src/operators/verify_ssn.h
+++ b/src/operators/verify_ssn.h
@@ -48,7 +48,7 @@ class VerifySSN : public Operator {
 
     bool evaluate(Transaction *transaction, RuleWithActions *rule,
         const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 
 
 
diff --git a/src/operators/verify_svnr.cc b/src/operators/verify_svnr.cc
index 248e6b4e..f9f4174c 100644
--- a/src/operators/verify_svnr.cc
+++ b/src/operators/verify_svnr.cc
@@ -78,7 +78,7 @@ bool VerifySVNR::verify(const char *svnrnumber, int len) {
 
 
 bool VerifySVNR::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage* ruleMessage) {
     std::list<SMatch> matches;
     bool is_svnr = false;
     int i;
diff --git a/src/operators/verify_svnr.h b/src/operators/verify_svnr.h
index 6fe9df9a..898bee79 100644
--- a/src/operators/verify_svnr.h
+++ b/src/operators/verify_svnr.h
@@ -34,7 +34,7 @@ class VerifySVNR : public Operator {
 
     bool evaluate(Transaction *transaction, RuleWithActions *rule,
         const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage *ruleMessage) override;
 
     bool verify(const char *ssnumber, int len);
 
diff --git a/src/operators/within.cc b/src/operators/within.cc
index f83f53a7..4a8032ee 100644
--- a/src/operators/within.cc
+++ b/src/operators/within.cc
@@ -25,7 +25,7 @@ namespace operators {
 
 
 bool Within::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &str, RuleMessage *ruleMessage) {
     bool res = false;
     size_t pos = 0;
     std::string paramTarget(m_string->evaluate(transaction));
diff --git a/src/operators/within.h b/src/operators/within.h
index 1a03aa68..7c1e1b69 100644
--- a/src/operators/within.h
+++ b/src/operators/within.h
@@ -34,7 +34,7 @@ class Within : public Operator {
             m_couldContainsMacro = true;
         }
     bool evaluate(Transaction *transaction, RuleWithActions *rule,
-        const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) override;
+        const std::string &str, RuleMessage *ruleMessage) override;
 };
 
 }  // namespace operators
diff --git a/src/parser/driver.cc b/src/parser/driver.cc
index 6e97ae0f..3524d7e1 100644
--- a/src/parser/driver.cc
+++ b/src/parser/driver.cc
@@ -81,7 +81,7 @@ int Driver::addSecRule(std::unique_ptr<RuleWithActions> r) {
     }
 
     /* is it a chained rule? */
-    if (m_lastRule != nullptr && m_lastRule->isChained()) {
+    if (m_lastRule != nullptr && m_lastRule->hasChainAction()) {
         r->setPhase(m_lastRule->getPhase());
         if (r->hasDisruptiveAction()) {
             m_parserError << "Disruptive actions can only be specified by";
@@ -91,6 +91,74 @@ int Driver::addSecRule(std::unique_ptr<RuleWithActions> r) {
         m_lastRule->m_chainedRuleChild = std::move(r);
         m_lastRule->m_chainedRuleChild->m_chainedRuleParent = m_lastRule;
         m_lastRule = m_lastRule->m_chainedRuleChild.get();
+
+        /* Lets set all meta-data to the first rule */
+        RuleWithActions *firstRule = m_lastRule;
+        if (!firstRule->hasChainAction()) {
+            while (firstRule->m_chainedRuleParent != nullptr) {
+                if (firstRule->hasMessageAction()) {
+                    firstRule->m_chainedRuleParent->setMessageAction(
+                        firstRule->getMessageAction()
+                    );
+                    firstRule->setMessageAction(nullptr);
+                }
+                if (firstRule->hasLogDataAction()) {
+                    firstRule->m_chainedRuleParent->setLogDataAction(
+                        firstRule->getLogDataAction()
+                    );
+                    firstRule->setLogDataAction(nullptr);
+                }
+                if (firstRule->hasSeverityAction()) {
+                    firstRule->m_chainedRuleParent->setSeverity(
+                        firstRule->getSeverity()
+                    );
+                }
+                if (firstRule->hasRevisionAction()) {
+                    firstRule->m_chainedRuleParent->setRevision(
+                        firstRule->getRevision()
+                    );
+                }
+                if (firstRule->hasVersionAction()) {
+                    firstRule->m_chainedRuleParent->setVersion(
+                        firstRule->getVersion()
+                    );
+                }
+                if (firstRule->hasAccuracyAction()) {
+                    firstRule->m_chainedRuleParent->setAccuracy(
+                        firstRule->getAccuracy()
+                    );
+                }
+                if (firstRule->hasMaturityAction()) {
+                    firstRule->m_chainedRuleParent->setMaturity(
+                        firstRule->getMaturity()
+                    );
+                }
+
+                if (firstRule->hasTagAction()) {
+                    firstRule->m_chainedRuleParent->setTags(
+                        firstRule->getTagsAction()
+                    );
+                    firstRule->cleanTags();
+                }
+
+                if (firstRule->hasDisruptiveAction()) {
+                    firstRule->m_chainedRuleParent->setDisruptiveAction(
+                        firstRule->getDisruptiveAction()
+                    );
+                    firstRule->setDisruptiveAction(nullptr);
+                }
+                firstRule->m_chainedRuleParent->setHasBlockAction(
+                    firstRule->hasBlockAction()
+                );
+                firstRule->m_chainedRuleParent->setHasLogAction(
+                    firstRule->hasLogAction()
+                );
+                firstRule->m_chainedRuleParent->setHasLogAction(
+                    firstRule->hasNoLogAction()
+                );
+                firstRule = firstRule->m_chainedRuleParent;
+            }
+        }
         return true;
     }
 
@@ -119,6 +187,7 @@ int Driver::addSecRule(std::unique_ptr<RuleWithActions> r) {
     }
 
     m_lastRule = rule.get();
+
     m_rulesSetPhases.insert(rule);
 
     return true;
diff --git a/src/parser/seclang-parser.cc b/src/parser/seclang-parser.cc
index b9188deb..f065ad98 100644
--- a/src/parser/seclang-parser.cc
+++ b/src/parser/seclang-parser.cc
@@ -2274,10 +2274,12 @@ namespace yy {
 #line 1068 "seclang-parser.yy"
       {
         std::vector<actions::Action *> *a = new std::vector<actions::Action *>();
-        std::vector<actions::transformations::Transformation *> *t = new std::vector<actions::transformations::Transformation *>();
+        std::vector<std::shared_ptr<actions::transformations::Transformation> > *t = new std::vector<std::shared_ptr<actions::transformations::Transformation> >();
         for (auto &i : *yystack_[0].value.as < std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > ().get()) {
             if (dynamic_cast<actions::transformations::Transformation *>(i.get())) {
-              t->push_back(dynamic_cast<actions::transformations::Transformation *>(i.release()));
+              std::shared_ptr<actions::Action> at = std::move(i);
+              std::shared_ptr<actions::transformations::Transformation> t2 = std::static_pointer_cast<actions::transformations::Transformation>(std::move(at));
+              t->push_back(std::move(t2));
             } else {
               a->push_back(i.release());
             }
@@ -2301,11 +2303,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 2305 "seclang-parser.cc"
+#line 2307 "seclang-parser.cc"
     break;
 
   case 75:
-#line 1098 "seclang-parser.yy"
+#line 1100 "seclang-parser.yy"
       {
         variables::Variables *v = new variables::Variables();
         for (auto &i : *yystack_[1].value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ().get()) {
@@ -2324,17 +2326,19 @@ namespace yy {
             YYERROR;
         }
       }
-#line 2328 "seclang-parser.cc"
+#line 2330 "seclang-parser.cc"
     break;
 
   case 76:
-#line 1117 "seclang-parser.yy"
+#line 1119 "seclang-parser.yy"
       {
         std::vector<actions::Action *> *a = new std::vector<actions::Action *>();
-        std::vector<actions::transformations::Transformation *> *t = new std::vector<actions::transformations::Transformation *>();
+        std::vector<std::shared_ptr<actions::transformations::Transformation> > *t = new std::vector<std::shared_ptr<actions::transformations::Transformation> >();
         for (auto &i : *yystack_[0].value.as < std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > ().get()) {
             if (dynamic_cast<actions::transformations::Transformation *>(i.get())) {
-              t->push_back(dynamic_cast<actions::transformations::Transformation *>(i.release()));
+              std::shared_ptr<actions::Action> at = std::move(i);
+              std::shared_ptr<actions::transformations::Transformation> t2 = std::static_pointer_cast<actions::transformations::Transformation>(std::move(at));
+              t->push_back(std::move(t2));
             } else {
               a->push_back(i.release());
             }
@@ -2347,18 +2351,20 @@ namespace yy {
             ));
         driver.addSecAction(std::move(rule));
       }
-#line 2351 "seclang-parser.cc"
+#line 2355 "seclang-parser.cc"
     break;
 
   case 77:
-#line 1136 "seclang-parser.yy"
+#line 1140 "seclang-parser.yy"
       {
         std::string err;
         std::vector<actions::Action *> *a = new std::vector<actions::Action *>();
-        std::vector<actions::transformations::Transformation *> *t = new std::vector<actions::transformations::Transformation *>();
+        std::vector<std::shared_ptr<actions::transformations::Transformation> > *t = new std::vector<std::shared_ptr<actions::transformations::Transformation> >();
         for (auto &i : *yystack_[0].value.as < std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > ().get()) {
             if (dynamic_cast<actions::transformations::Transformation *>(i.get())) {
-              t->push_back(dynamic_cast<actions::transformations::Transformation *>(i.release()));
+              std::shared_ptr<actions::Action> at = std::move(i);
+              std::shared_ptr<actions::transformations::Transformation> t2 = std::static_pointer_cast<actions::transformations::Transformation>(std::move(at));
+              t->push_back(std::move(t2));
             } else {
               a->push_back(i.release());
             }
@@ -2379,11 +2385,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 2383 "seclang-parser.cc"
+#line 2389 "seclang-parser.cc"
     break;
 
   case 78:
-#line 1164 "seclang-parser.yy"
+#line 1170 "seclang-parser.yy"
       {
         bool hasDisruptive = false;
         std::vector<actions::Action *> *actions = new std::vector<actions::Action *>();
@@ -2434,84 +2440,89 @@ namespace yy {
         }
 
         for (actions::Action *a : checkedActions) {
-            driver.m_rulesSetPhases[definedPhase]->m_defaultActions.push_back(
-                std::unique_ptr<actions::Action>(a));
+            if (dynamic_cast<actions::transformations::Transformation *>(a)) {
+              driver.m_rulesSetPhases[definedPhase]->m_defaultTransformations.push_back(
+                std::shared_ptr<actions::transformations::Transformation>(
+                dynamic_cast<actions::transformations::Transformation *>(a)));
+            } else {
+              driver.m_rulesSetPhases[definedPhase]->m_defaultActions.push_back(std::unique_ptr<Action>(a));
+            }
         }
 
         delete actions;
       }
-#line 2444 "seclang-parser.cc"
+#line 2455 "seclang-parser.cc"
     break;
 
   case 79:
-#line 1221 "seclang-parser.yy"
+#line 1232 "seclang-parser.yy"
       {
         driver.addSecMarker(modsecurity::utils::string::removeBracketsIfNeeded(yystack_[0].value.as < std::string > ()),
             /* file name */ std::unique_ptr<std::string>(new std::string(*yystack_[0].location.end.filename)),
             /* line number */ yystack_[0].location.end.line
         );
       }
-#line 2455 "seclang-parser.cc"
+#line 2466 "seclang-parser.cc"
     break;
 
   case 80:
-#line 1228 "seclang-parser.yy"
+#line 1239 "seclang-parser.yy"
       {
         driver.m_secRuleEngine = modsecurity::RulesSet::DisabledRuleEngine;
       }
-#line 2463 "seclang-parser.cc"
+#line 2474 "seclang-parser.cc"
     break;
 
   case 81:
-#line 1232 "seclang-parser.yy"
+#line 1243 "seclang-parser.yy"
       {
         driver.m_secRuleEngine = modsecurity::RulesSet::EnabledRuleEngine;
       }
-#line 2471 "seclang-parser.cc"
+#line 2482 "seclang-parser.cc"
     break;
 
   case 82:
-#line 1236 "seclang-parser.yy"
+#line 1247 "seclang-parser.yy"
       {
         driver.m_secRuleEngine = modsecurity::RulesSet::DetectionOnlyRuleEngine;
       }
-#line 2479 "seclang-parser.cc"
+#line 2490 "seclang-parser.cc"
     break;
 
   case 83:
-#line 1240 "seclang-parser.yy"
+#line 1251 "seclang-parser.yy"
       {
         driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
       }
-#line 2487 "seclang-parser.cc"
+#line 2498 "seclang-parser.cc"
     break;
 
   case 84:
-#line 1244 "seclang-parser.yy"
+#line 1255 "seclang-parser.yy"
       {
         driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::FalseConfigBoolean;
       }
-#line 2495 "seclang-parser.cc"
+#line 2506 "seclang-parser.cc"
     break;
 
   case 85:
-#line 1248 "seclang-parser.yy"
+#line 1259 "seclang-parser.yy"
       {
         driver.m_secResponseBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
       }
-#line 2503 "seclang-parser.cc"
+#line 2514 "seclang-parser.cc"
     break;
 
   case 86:
-#line 1252 "seclang-parser.yy"
+#line 1263 "seclang-parser.yy"
       {
         driver.m_secResponseBodyAccess = modsecurity::RulesSetProperties::FalseConfigBoolean;
       }
-#line 2511 "seclang-parser.cc"
+#line 2522 "seclang-parser.cc"
     break;
 
   case 87:
-#line 1256 "seclang-parser.yy"
+#line 1267 "seclang-parser.yy"
       {
         if (yystack_[0].value.as < std::string > ().length() != 1) {
           driver.error(yystack_[1].location, "Argument separator should be set to a single character.");
@@ -2520,259 +2531,259 @@ namespace yy {
         driver.m_secArgumentSeparator.m_value = yystack_[0].value.as < std::string > ();
         driver.m_secArgumentSeparator.m_set = true;
       }
-#line 2524 "seclang-parser.cc"
+#line 2535 "seclang-parser.cc"
     break;
 
   case 88:
-#line 1265 "seclang-parser.yy"
+#line 1276 "seclang-parser.yy"
       {
         driver.m_components.push_back(yystack_[0].value.as < std::string > ());
       }
-#line 2532 "seclang-parser.cc"
+#line 2543 "seclang-parser.cc"
     break;
 
   case 89:
-#line 1269 "seclang-parser.yy"
+#line 1280 "seclang-parser.yy"
       {
         driver.error(yystack_[2].location, "SecConnEngine is not yet supported.");
         YYERROR;
       }
-#line 2541 "seclang-parser.cc"
+#line 2552 "seclang-parser.cc"
     break;
 
   case 90:
-#line 1274 "seclang-parser.yy"
+#line 1285 "seclang-parser.yy"
       {
       }
-#line 2548 "seclang-parser.cc"
+#line 2559 "seclang-parser.cc"
     break;
 
   case 91:
-#line 1277 "seclang-parser.yy"
+#line 1288 "seclang-parser.yy"
       {
         driver.m_secWebAppId.m_value = yystack_[0].value.as < std::string > ();
         driver.m_secWebAppId.m_set = true;
       }
-#line 2557 "seclang-parser.cc"
+#line 2568 "seclang-parser.cc"
     break;
 
   case 92:
-#line 1282 "seclang-parser.yy"
+#line 1293 "seclang-parser.yy"
       {
         driver.error(yystack_[1].location, "SecServerSignature is not supported.");
         YYERROR;
       }
-#line 2566 "seclang-parser.cc"
+#line 2577 "seclang-parser.cc"
     break;
 
   case 93:
-#line 1287 "seclang-parser.yy"
+#line 1298 "seclang-parser.yy"
       {
         driver.error(yystack_[1].location, "SecCacheTransformations is not supported.");
         YYERROR;
       }
-#line 2575 "seclang-parser.cc"
+#line 2586 "seclang-parser.cc"
     break;
 
   case 94:
-#line 1292 "seclang-parser.yy"
+#line 1303 "seclang-parser.yy"
       {
         driver.error(yystack_[2].location, "SecDisableBackendCompression is not supported.");
         YYERROR;
       }
-#line 2584 "seclang-parser.cc"
+#line 2595 "seclang-parser.cc"
     break;
 
   case 95:
-#line 1297 "seclang-parser.yy"
+#line 1308 "seclang-parser.yy"
       {
       }
-#line 2591 "seclang-parser.cc"
+#line 2602 "seclang-parser.cc"
     break;
 
   case 96:
-#line 1300 "seclang-parser.yy"
+#line 1311 "seclang-parser.yy"
       {
         driver.error(yystack_[2].location, "SecContentInjection is not yet supported.");
         YYERROR;
       }
-#line 2600 "seclang-parser.cc"
+#line 2611 "seclang-parser.cc"
     break;
 
   case 97:
-#line 1305 "seclang-parser.yy"
+#line 1316 "seclang-parser.yy"
       {
       }
-#line 2607 "seclang-parser.cc"
+#line 2618 "seclang-parser.cc"
     break;
 
   case 98:
-#line 1308 "seclang-parser.yy"
+#line 1319 "seclang-parser.yy"
       {
         driver.error(yystack_[1].location, "SecChrootDir is not supported.");
         YYERROR;
       }
-#line 2616 "seclang-parser.cc"
+#line 2627 "seclang-parser.cc"
     break;
 
   case 99:
-#line 1313 "seclang-parser.yy"
+#line 1324 "seclang-parser.yy"
       {
         driver.error(yystack_[2].location, "SecHashEngine is not yet supported.");
         YYERROR;
       }
-#line 2625 "seclang-parser.cc"
+#line 2636 "seclang-parser.cc"
     break;
 
   case 100:
-#line 1318 "seclang-parser.yy"
+#line 1329 "seclang-parser.yy"
       {
       }
-#line 2632 "seclang-parser.cc"
+#line 2643 "seclang-parser.cc"
     break;
 
   case 101:
-#line 1321 "seclang-parser.yy"
+#line 1332 "seclang-parser.yy"
       {
         driver.error(yystack_[1].location, "SecHashKey is not yet supported.");
         YYERROR;
       }
-#line 2641 "seclang-parser.cc"
+#line 2652 "seclang-parser.cc"
     break;
 
   case 102:
-#line 1326 "seclang-parser.yy"
+#line 1337 "seclang-parser.yy"
       {
         driver.error(yystack_[1].location, "SecHashParam is not yet supported.");
         YYERROR;
       }
-#line 2650 "seclang-parser.cc"
+#line 2661 "seclang-parser.cc"
     break;
 
   case 103:
-#line 1331 "seclang-parser.yy"
+#line 1342 "seclang-parser.yy"
       {
         driver.error(yystack_[1].location, "SecHashMethodRx is not yet supported.");
         YYERROR;
       }
-#line 2659 "seclang-parser.cc"
+#line 2670 "seclang-parser.cc"
     break;
 
   case 104:
-#line 1336 "seclang-parser.yy"
+#line 1347 "seclang-parser.yy"
       {
         driver.error(yystack_[1].location, "SecHashMethodPm is not yet supported.");
         YYERROR;
       }
-#line 2668 "seclang-parser.cc"
+#line 2679 "seclang-parser.cc"
     break;
 
   case 105:
-#line 1341 "seclang-parser.yy"
+#line 1352 "seclang-parser.yy"
       {
         driver.error(yystack_[1].location, "SecGsbLookupDb is not supported.");
         YYERROR;
       }
-#line 2677 "seclang-parser.cc"
+#line 2688 "seclang-parser.cc"
     break;
 
   case 106:
-#line 1346 "seclang-parser.yy"
+#line 1357 "seclang-parser.yy"
       {
         driver.error(yystack_[1].location, "SecGuardianLog is not supported.");
         YYERROR;
       }
-#line 2686 "seclang-parser.cc"
+#line 2697 "seclang-parser.cc"
     break;
 
   case 107:
-#line 1351 "seclang-parser.yy"
+#line 1362 "seclang-parser.yy"
       {
         driver.error(yystack_[2].location, "SecInterceptOnError is not yet supported.");
         YYERROR;
       }
-#line 2695 "seclang-parser.cc"
+#line 2706 "seclang-parser.cc"
     break;
 
   case 108:
-#line 1356 "seclang-parser.yy"
+#line 1367 "seclang-parser.yy"
       {
       }
-#line 2702 "seclang-parser.cc"
+#line 2713 "seclang-parser.cc"
     break;
 
   case 109:
-#line 1359 "seclang-parser.yy"
+#line 1370 "seclang-parser.yy"
       {
         driver.error(yystack_[1].location, "SecConnReadStateLimit is not yet supported.");
         YYERROR;
       }
-#line 2711 "seclang-parser.cc"
+#line 2722 "seclang-parser.cc"
     break;
 
   case 110:
-#line 1364 "seclang-parser.yy"
+#line 1375 "seclang-parser.yy"
       {
         driver.error(yystack_[1].location, "SecConnWriteStateLimit is not yet supported.");
         YYERROR;
       }
-#line 2720 "seclang-parser.cc"
+#line 2731 "seclang-parser.cc"
     break;
 
   case 111:
-#line 1369 "seclang-parser.yy"
+#line 1380 "seclang-parser.yy"
       {
         driver.error(yystack_[1].location, "SecSensorId is not yet supported.");
         YYERROR;
       }
-#line 2729 "seclang-parser.cc"
+#line 2740 "seclang-parser.cc"
     break;
 
   case 112:
-#line 1374 "seclang-parser.yy"
+#line 1385 "seclang-parser.yy"
       {
         driver.error(yystack_[2].location, "SecRuleInheritance is not yet supported.");
         YYERROR;
       }
-#line 2738 "seclang-parser.cc"
+#line 2749 "seclang-parser.cc"
     break;
 
   case 113:
-#line 1379 "seclang-parser.yy"
+#line 1390 "seclang-parser.yy"
       {
       }
-#line 2745 "seclang-parser.cc"
+#line 2756 "seclang-parser.cc"
     break;
 
   case 114:
-#line 1382 "seclang-parser.yy"
+#line 1393 "seclang-parser.yy"
       {
         driver.error(yystack_[1].location, "SecRulePerfTime is not yet supported.");
         YYERROR;
       }
-#line 2754 "seclang-parser.cc"
+#line 2765 "seclang-parser.cc"
     break;
 
   case 115:
-#line 1387 "seclang-parser.yy"
+#line 1398 "seclang-parser.yy"
       {
         driver.error(yystack_[1].location, "SecStreamInBodyInspection is not supported.");
         YYERROR;
       }
-#line 2763 "seclang-parser.cc"
+#line 2774 "seclang-parser.cc"
     break;
 
   case 116:
-#line 1392 "seclang-parser.yy"
+#line 1403 "seclang-parser.yy"
       {
         driver.error(yystack_[1].location, "SecStreamOutBodyInspection is not supported.");
         YYERROR;
       }
-#line 2772 "seclang-parser.cc"
+#line 2783 "seclang-parser.cc"
     break;
 
   case 117:
-#line 1397 "seclang-parser.yy"
+#line 1408 "seclang-parser.yy"
       {
         std::string error;
         if (driver.m_exceptions.load(yystack_[0].value.as < std::string > (), &error) == false) {
@@ -2785,11 +2796,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 2789 "seclang-parser.cc"
+#line 2800 "seclang-parser.cc"
     break;
 
   case 118:
-#line 1410 "seclang-parser.yy"
+#line 1421 "seclang-parser.yy"
       {
         std::string error;
         if (driver.m_exceptions.loadRemoveRuleByTag(yystack_[0].value.as < std::string > (), &error) == false) {
@@ -2802,11 +2813,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 2806 "seclang-parser.cc"
+#line 2817 "seclang-parser.cc"
     break;
 
   case 119:
-#line 1423 "seclang-parser.yy"
+#line 1434 "seclang-parser.yy"
       {
         std::string error;
         if (driver.m_exceptions.loadRemoveRuleByMsg(yystack_[0].value.as < std::string > (), &error) == false) {
@@ -2819,11 +2830,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 2823 "seclang-parser.cc"
+#line 2834 "seclang-parser.cc"
     break;
 
   case 120:
-#line 1436 "seclang-parser.yy"
+#line 1447 "seclang-parser.yy"
       {
         std::string error;
         if (driver.m_exceptions.loadUpdateTargetByTag(yystack_[1].value.as < std::string > (), std::move(yystack_[0].value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ()), &error) == false) {
@@ -2836,11 +2847,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 2840 "seclang-parser.cc"
+#line 2851 "seclang-parser.cc"
     break;
 
   case 121:
-#line 1449 "seclang-parser.yy"
+#line 1460 "seclang-parser.yy"
       {
         std::string error;
         if (driver.m_exceptions.loadUpdateTargetByMsg(yystack_[1].value.as < std::string > (), std::move(yystack_[0].value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ()), &error) == false) {
@@ -2853,11 +2864,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 2857 "seclang-parser.cc"
+#line 2868 "seclang-parser.cc"
     break;
 
   case 122:
-#line 1462 "seclang-parser.yy"
+#line 1473 "seclang-parser.yy"
       {
         std::string error;
         double ruleId;
@@ -2883,11 +2894,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 2887 "seclang-parser.cc"
+#line 2898 "seclang-parser.cc"
     break;
 
   case 123:
-#line 1488 "seclang-parser.yy"
+#line 1499 "seclang-parser.yy"
       {
         std::string error;
         double ruleId;
@@ -2914,11 +2925,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 2918 "seclang-parser.cc"
+#line 2929 "seclang-parser.cc"
     break;
 
   case 124:
-#line 1516 "seclang-parser.yy"
+#line 1527 "seclang-parser.yy"
       {
         if (driver.m_debugLog != NULL) {
           driver.m_debugLog->setDebugLogLevel(atoi(yystack_[0].value.as < std::string > ().c_str()));
@@ -2930,11 +2941,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 2934 "seclang-parser.cc"
+#line 2945 "seclang-parser.cc"
     break;
 
   case 125:
-#line 1528 "seclang-parser.yy"
+#line 1539 "seclang-parser.yy"
       {
         if (driver.m_debugLog != NULL) {
             std::string error;
@@ -2953,11 +2964,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 2957 "seclang-parser.cc"
+#line 2968 "seclang-parser.cc"
     break;
 
   case 126:
-#line 1548 "seclang-parser.yy"
+#line 1559 "seclang-parser.yy"
       {
 #if defined(WITH_GEOIP) or defined(WITH_MAXMIND)
         std::string err;
@@ -2984,38 +2995,38 @@ namespace yy {
         YYERROR;
 #endif  // WITH_GEOIP
       }
-#line 2988 "seclang-parser.cc"
+#line 2999 "seclang-parser.cc"
     break;
 
   case 127:
-#line 1575 "seclang-parser.yy"
+#line 1586 "seclang-parser.yy"
       {
         driver.m_argumentsLimit.m_set = true;
         driver.m_argumentsLimit.m_value = atoi(yystack_[0].value.as < std::string > ().c_str());
       }
-#line 2997 "seclang-parser.cc"
+#line 3008 "seclang-parser.cc"
     break;
 
   case 128:
-#line 1581 "seclang-parser.yy"
+#line 1592 "seclang-parser.yy"
       {
         driver.m_requestBodyLimit.m_set = true;
         driver.m_requestBodyLimit.m_value = atoi(yystack_[0].value.as < std::string > ().c_str());
       }
-#line 3006 "seclang-parser.cc"
+#line 3017 "seclang-parser.cc"
     break;
 
   case 129:
-#line 1586 "seclang-parser.yy"
+#line 1597 "seclang-parser.yy"
       {
         driver.m_requestBodyNoFilesLimit.m_set = true;
         driver.m_requestBodyNoFilesLimit.m_value = atoi(yystack_[0].value.as < std::string > ().c_str());
       }
-#line 3015 "seclang-parser.cc"
+#line 3026 "seclang-parser.cc"
     break;
 
   case 130:
-#line 1591 "seclang-parser.yy"
+#line 1602 "seclang-parser.yy"
       {
         std::stringstream ss;
         ss << "As of ModSecurity version 3.0, SecRequestBodyInMemoryLimit is no longer ";
@@ -3024,68 +3035,68 @@ namespace yy {
         driver.error(yystack_[1].location, ss.str());
         YYERROR;
       }
-#line 3028 "seclang-parser.cc"
+#line 3039 "seclang-parser.cc"
     break;
 
   case 131:
-#line 1600 "seclang-parser.yy"
+#line 1611 "seclang-parser.yy"
       {
         driver.m_responseBodyLimit.m_set = true;
         driver.m_responseBodyLimit.m_value = atoi(yystack_[0].value.as < std::string > ().c_str());
       }
-#line 3037 "seclang-parser.cc"
+#line 3048 "seclang-parser.cc"
     break;
 
   case 132:
-#line 1605 "seclang-parser.yy"
+#line 1616 "seclang-parser.yy"
       {
         driver.m_requestBodyLimitAction = modsecurity::RulesSet::BodyLimitAction::ProcessPartialBodyLimitAction;
       }
-#line 3045 "seclang-parser.cc"
+#line 3056 "seclang-parser.cc"
     break;
 
   case 133:
-#line 1609 "seclang-parser.yy"
+#line 1620 "seclang-parser.yy"
       {
         driver.m_requestBodyLimitAction = modsecurity::RulesSet::BodyLimitAction::RejectBodyLimitAction;
       }
-#line 3053 "seclang-parser.cc"
+#line 3064 "seclang-parser.cc"
     break;
 
   case 134:
-#line 1613 "seclang-parser.yy"
+#line 1624 "seclang-parser.yy"
       {
         driver.m_responseBodyLimitAction = modsecurity::RulesSet::BodyLimitAction::ProcessPartialBodyLimitAction;
       }
-#line 3061 "seclang-parser.cc"
+#line 3072 "seclang-parser.cc"
     break;
 
   case 135:
-#line 1617 "seclang-parser.yy"
+#line 1628 "seclang-parser.yy"
       {
         driver.m_responseBodyLimitAction = modsecurity::RulesSet::BodyLimitAction::RejectBodyLimitAction;
       }
-#line 3069 "seclang-parser.cc"
+#line 3080 "seclang-parser.cc"
     break;
 
   case 136:
-#line 1621 "seclang-parser.yy"
+#line 1632 "seclang-parser.yy"
       {
         driver.m_remoteRulesActionOnFailed = RulesSet::OnFailedRemoteRulesAction::AbortOnFailedRemoteRulesAction;
       }
-#line 3077 "seclang-parser.cc"
+#line 3088 "seclang-parser.cc"
     break;
 
   case 137:
-#line 1625 "seclang-parser.yy"
+#line 1636 "seclang-parser.yy"
       {
         driver.m_remoteRulesActionOnFailed = RulesSet::OnFailedRemoteRulesAction::WarnOnFailedRemoteRulesAction;
       }
-#line 3085 "seclang-parser.cc"
+#line 3096 "seclang-parser.cc"
     break;
 
   case 140:
-#line 1639 "seclang-parser.yy"
+#line 1650 "seclang-parser.yy"
       {
         std::istringstream buf(yystack_[0].value.as < std::string > ());
         std::istream_iterator<std::string> beg(buf), end;
@@ -3097,37 +3108,37 @@ namespace yy {
             driver.m_responseBodyTypeToBeInspected.m_value.insert(*it);
         }
       }
-#line 3101 "seclang-parser.cc"
+#line 3112 "seclang-parser.cc"
     break;
 
   case 141:
-#line 1651 "seclang-parser.yy"
+#line 1662 "seclang-parser.yy"
       {
         driver.m_responseBodyTypeToBeInspected.m_set = true;
         driver.m_responseBodyTypeToBeInspected.m_clear = true;
         driver.m_responseBodyTypeToBeInspected.m_value.clear();
       }
-#line 3111 "seclang-parser.cc"
+#line 3122 "seclang-parser.cc"
     break;
 
   case 142:
-#line 1657 "seclang-parser.yy"
+#line 1668 "seclang-parser.yy"
       {
         driver.m_secXMLExternalEntity = modsecurity::RulesSetProperties::FalseConfigBoolean;
       }
-#line 3119 "seclang-parser.cc"
+#line 3130 "seclang-parser.cc"
     break;
 
   case 143:
-#line 1661 "seclang-parser.yy"
+#line 1672 "seclang-parser.yy"
       {
         driver.m_secXMLExternalEntity = modsecurity::RulesSetProperties::TrueConfigBoolean;
       }
-#line 3127 "seclang-parser.cc"
+#line 3138 "seclang-parser.cc"
     break;
 
   case 144:
-#line 1665 "seclang-parser.yy"
+#line 1676 "seclang-parser.yy"
       {
 /* Parser error disabled to avoid breaking default installations with modsecurity.conf-recommended
         std::stringstream ss;
@@ -3138,31 +3149,31 @@ namespace yy {
         YYERROR;
 */
       }
-#line 3142 "seclang-parser.cc"
+#line 3153 "seclang-parser.cc"
     break;
 
   case 147:
-#line 1686 "seclang-parser.yy"
+#line 1697 "seclang-parser.yy"
       {
         if (atoi(yystack_[0].value.as < std::string > ().c_str()) == 1) {
           driver.error(yystack_[1].location, "SecCookieFormat 1 is not yet supported.");
           YYERROR;
         }
       }
-#line 3153 "seclang-parser.cc"
+#line 3164 "seclang-parser.cc"
     break;
 
   case 148:
-#line 1693 "seclang-parser.yy"
+#line 1704 "seclang-parser.yy"
       {
         driver.error(yystack_[1].location, "SecCookieV0Separator is not yet supported.");
         YYERROR;
       }
-#line 3162 "seclang-parser.cc"
+#line 3173 "seclang-parser.cc"
     break;
 
   case 150:
-#line 1703 "seclang-parser.yy"
+#line 1714 "seclang-parser.yy"
       {
         std::string error;
         std::vector<std::string> param;
@@ -3216,31 +3227,31 @@ namespace yy {
         }
 
       }
-#line 3220 "seclang-parser.cc"
+#line 3231 "seclang-parser.cc"
     break;
 
   case 151:
-#line 1757 "seclang-parser.yy"
+#line 1768 "seclang-parser.yy"
       {
 /* Parser error disabled to avoid breaking default CRS installations with crs-setup.conf-recommended
         driver.error(@0, "SecCollectionTimeout is not yet supported.");
         YYERROR;
 */
       }
-#line 3231 "seclang-parser.cc"
+#line 3242 "seclang-parser.cc"
     break;
 
   case 152:
-#line 1764 "seclang-parser.yy"
+#line 1775 "seclang-parser.yy"
       {
         driver.m_httpblKey.m_set = true;
         driver.m_httpblKey.m_value = yystack_[0].value.as < std::string > ();
       }
-#line 3240 "seclang-parser.cc"
+#line 3251 "seclang-parser.cc"
     break;
 
   case 153:
-#line 1772 "seclang-parser.yy"
+#line 1783 "seclang-parser.yy"
       {
         std::unique_ptr<std::vector<std::unique_ptr<Variable> > > originalList = std::move(yystack_[0].value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ());
         std::unique_ptr<std::vector<std::unique_ptr<Variable>>> newList(new std::vector<std::unique_ptr<Variable>>());
@@ -3274,2363 +3285,2363 @@ namespace yy {
         }
         yylhs.value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > () = std::move(newNewList);
       }
-#line 3278 "seclang-parser.cc"
+#line 3289 "seclang-parser.cc"
     break;
 
   case 154:
-#line 1809 "seclang-parser.yy"
+#line 1820 "seclang-parser.yy"
       {
         yylhs.value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > () = std::move(yystack_[0].value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ());
       }
-#line 3286 "seclang-parser.cc"
+#line 3297 "seclang-parser.cc"
     break;
 
   case 155:
-#line 1813 "seclang-parser.yy"
+#line 1824 "seclang-parser.yy"
       {
         yylhs.value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > () = std::move(yystack_[1].value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ());
       }
-#line 3294 "seclang-parser.cc"
+#line 3305 "seclang-parser.cc"
     break;
 
   case 156:
-#line 1820 "seclang-parser.yy"
+#line 1831 "seclang-parser.yy"
       {
         yystack_[2].value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ()->push_back(std::move(yystack_[0].value.as < std::unique_ptr<Variable> > ()));
         yylhs.value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > () = std::move(yystack_[2].value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ());
       }
-#line 3303 "seclang-parser.cc"
+#line 3314 "seclang-parser.cc"
     break;
 
   case 157:
-#line 1825 "seclang-parser.yy"
+#line 1836 "seclang-parser.yy"
       {
         std::unique_ptr<Variable> c(new VariableModificatorExclusion(std::move(yystack_[0].value.as < std::unique_ptr<Variable> > ())));
         yystack_[3].value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ()->push_back(std::move(c));
         yylhs.value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > () = std::move(yystack_[3].value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ());
       }
-#line 3313 "seclang-parser.cc"
+#line 3324 "seclang-parser.cc"
     break;
 
   case 158:
-#line 1831 "seclang-parser.yy"
+#line 1842 "seclang-parser.yy"
       {
         std::unique_ptr<Variable> c(new VariableModificatorCount(std::move(yystack_[0].value.as < std::unique_ptr<Variable> > ())));
         yystack_[3].value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ()->push_back(std::move(c));
         yylhs.value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > () = std::move(yystack_[3].value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ());
       }
-#line 3323 "seclang-parser.cc"
+#line 3334 "seclang-parser.cc"
     break;
 
   case 159:
-#line 1837 "seclang-parser.yy"
+#line 1848 "seclang-parser.yy"
       {
         std::unique_ptr<std::vector<std::unique_ptr<Variable>>> b(new std::vector<std::unique_ptr<Variable>>());
         b->push_back(std::move(yystack_[0].value.as < std::unique_ptr<Variable> > ()));
         yylhs.value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > () = std::move(b);
       }
-#line 3333 "seclang-parser.cc"
-    break;
-
-  case 160:
-#line 1843 "seclang-parser.yy"
-      {
-        std::unique_ptr<std::vector<std::unique_ptr<Variable>>> b(new std::vector<std::unique_ptr<Variable>>());
-        std::unique_ptr<Variable> c(new VariableModificatorExclusion(std::move(yystack_[0].value.as < std::unique_ptr<Variable> > ())));
-        b->push_back(std::move(c));
-        yylhs.value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > () = std::move(b);
-      }
 #line 3344 "seclang-parser.cc"
     break;
 
-  case 161:
-#line 1850 "seclang-parser.yy"
+  case 160:
+#line 1854 "seclang-parser.yy"
       {
         std::unique_ptr<std::vector<std::unique_ptr<Variable>>> b(new std::vector<std::unique_ptr<Variable>>());
-        std::unique_ptr<Variable> c(new VariableModificatorCount(std::move(yystack_[0].value.as < std::unique_ptr<Variable> > ())));
+        std::unique_ptr<Variable> c(new VariableModificatorExclusion(std::move(yystack_[0].value.as < std::unique_ptr<Variable> > ())));
         b->push_back(std::move(c));
         yylhs.value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > () = std::move(b);
       }
 #line 3355 "seclang-parser.cc"
     break;
 
+  case 161:
+#line 1861 "seclang-parser.yy"
+      {
+        std::unique_ptr<std::vector<std::unique_ptr<Variable>>> b(new std::vector<std::unique_ptr<Variable>>());
+        std::unique_ptr<Variable> c(new VariableModificatorCount(std::move(yystack_[0].value.as < std::unique_ptr<Variable> > ())));
+        b->push_back(std::move(c));
+        yylhs.value.as < std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > () = std::move(b);
+      }
+#line 3366 "seclang-parser.cc"
+    break;
+
   case 162:
-#line 1860 "seclang-parser.yy"
+#line 1871 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Args_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3363 "seclang-parser.cc"
+#line 3374 "seclang-parser.cc"
     break;
 
   case 163:
-#line 1864 "seclang-parser.yy"
+#line 1875 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Args_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3371 "seclang-parser.cc"
+#line 3382 "seclang-parser.cc"
     break;
 
   case 164:
-#line 1868 "seclang-parser.yy"
+#line 1879 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Args_NoDictElement());
       }
-#line 3379 "seclang-parser.cc"
+#line 3390 "seclang-parser.cc"
     break;
 
   case 165:
-#line 1872 "seclang-parser.yy"
+#line 1883 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ArgsPost_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3387 "seclang-parser.cc"
+#line 3398 "seclang-parser.cc"
     break;
 
   case 166:
-#line 1876 "seclang-parser.yy"
+#line 1887 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ArgsPost_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3395 "seclang-parser.cc"
+#line 3406 "seclang-parser.cc"
     break;
 
   case 167:
-#line 1880 "seclang-parser.yy"
+#line 1891 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ArgsPost_NoDictElement());
       }
-#line 3403 "seclang-parser.cc"
+#line 3414 "seclang-parser.cc"
     break;
 
   case 168:
-#line 1884 "seclang-parser.yy"
+#line 1895 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ArgsGet_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3411 "seclang-parser.cc"
+#line 3422 "seclang-parser.cc"
     break;
 
   case 169:
-#line 1888 "seclang-parser.yy"
+#line 1899 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ArgsGet_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3419 "seclang-parser.cc"
+#line 3430 "seclang-parser.cc"
     break;
 
   case 170:
-#line 1892 "seclang-parser.yy"
+#line 1903 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ArgsGet_NoDictElement());
       }
-#line 3427 "seclang-parser.cc"
+#line 3438 "seclang-parser.cc"
     break;
 
   case 171:
-#line 1896 "seclang-parser.yy"
+#line 1907 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::FilesSizes_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3435 "seclang-parser.cc"
+#line 3446 "seclang-parser.cc"
     break;
 
   case 172:
-#line 1900 "seclang-parser.yy"
+#line 1911 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::FilesSizes_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3443 "seclang-parser.cc"
+#line 3454 "seclang-parser.cc"
     break;
 
   case 173:
-#line 1904 "seclang-parser.yy"
+#line 1915 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::FilesSizes_NoDictElement());
       }
-#line 3451 "seclang-parser.cc"
+#line 3462 "seclang-parser.cc"
     break;
 
   case 174:
-#line 1908 "seclang-parser.yy"
+#line 1919 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::FilesNames_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3459 "seclang-parser.cc"
+#line 3470 "seclang-parser.cc"
     break;
 
   case 175:
-#line 1912 "seclang-parser.yy"
+#line 1923 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::FilesNames_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3467 "seclang-parser.cc"
+#line 3478 "seclang-parser.cc"
     break;
 
   case 176:
-#line 1916 "seclang-parser.yy"
+#line 1927 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::FilesNames_NoDictElement());
       }
-#line 3475 "seclang-parser.cc"
+#line 3486 "seclang-parser.cc"
     break;
 
   case 177:
-#line 1920 "seclang-parser.yy"
+#line 1931 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::FilesTmpContent_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3483 "seclang-parser.cc"
+#line 3494 "seclang-parser.cc"
     break;
 
   case 178:
-#line 1924 "seclang-parser.yy"
+#line 1935 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::FilesTmpContent_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3491 "seclang-parser.cc"
+#line 3502 "seclang-parser.cc"
     break;
 
   case 179:
-#line 1928 "seclang-parser.yy"
+#line 1939 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::FilesTmpContent_NoDictElement());
       }
-#line 3499 "seclang-parser.cc"
+#line 3510 "seclang-parser.cc"
     break;
 
   case 180:
-#line 1932 "seclang-parser.yy"
+#line 1943 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultiPartFileName_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3507 "seclang-parser.cc"
+#line 3518 "seclang-parser.cc"
     break;
 
   case 181:
-#line 1936 "seclang-parser.yy"
+#line 1947 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultiPartFileName_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3515 "seclang-parser.cc"
+#line 3526 "seclang-parser.cc"
     break;
 
   case 182:
-#line 1940 "seclang-parser.yy"
+#line 1951 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultiPartFileName_NoDictElement());
       }
-#line 3523 "seclang-parser.cc"
+#line 3534 "seclang-parser.cc"
     break;
 
   case 183:
-#line 1944 "seclang-parser.yy"
+#line 1955 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultiPartName_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3531 "seclang-parser.cc"
+#line 3542 "seclang-parser.cc"
     break;
 
   case 184:
-#line 1948 "seclang-parser.yy"
+#line 1959 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultiPartName_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3539 "seclang-parser.cc"
+#line 3550 "seclang-parser.cc"
     break;
 
   case 185:
-#line 1952 "seclang-parser.yy"
+#line 1963 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultiPartName_NoDictElement());
       }
-#line 3547 "seclang-parser.cc"
+#line 3558 "seclang-parser.cc"
     break;
 
   case 186:
-#line 1956 "seclang-parser.yy"
+#line 1967 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MatchedVarsNames_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3555 "seclang-parser.cc"
+#line 3566 "seclang-parser.cc"
     break;
 
   case 187:
-#line 1960 "seclang-parser.yy"
+#line 1971 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MatchedVarsNames_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3563 "seclang-parser.cc"
+#line 3574 "seclang-parser.cc"
     break;
 
   case 188:
-#line 1964 "seclang-parser.yy"
+#line 1975 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MatchedVarsNames_NoDictElement());
       }
-#line 3571 "seclang-parser.cc"
+#line 3582 "seclang-parser.cc"
     break;
 
   case 189:
-#line 1968 "seclang-parser.yy"
+#line 1979 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MatchedVars_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3579 "seclang-parser.cc"
+#line 3590 "seclang-parser.cc"
     break;
 
   case 190:
-#line 1972 "seclang-parser.yy"
+#line 1983 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MatchedVars_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3587 "seclang-parser.cc"
+#line 3598 "seclang-parser.cc"
     break;
 
   case 191:
-#line 1976 "seclang-parser.yy"
+#line 1987 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MatchedVars_NoDictElement());
       }
-#line 3595 "seclang-parser.cc"
+#line 3606 "seclang-parser.cc"
     break;
 
   case 192:
-#line 1980 "seclang-parser.yy"
+#line 1991 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Files_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3603 "seclang-parser.cc"
+#line 3614 "seclang-parser.cc"
     break;
 
   case 193:
-#line 1984 "seclang-parser.yy"
+#line 1995 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Files_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3611 "seclang-parser.cc"
+#line 3622 "seclang-parser.cc"
     break;
 
   case 194:
-#line 1988 "seclang-parser.yy"
+#line 1999 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Files_NoDictElement());
       }
-#line 3619 "seclang-parser.cc"
+#line 3630 "seclang-parser.cc"
     break;
 
   case 195:
-#line 1992 "seclang-parser.yy"
+#line 2003 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestCookies_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3627 "seclang-parser.cc"
+#line 3638 "seclang-parser.cc"
     break;
 
   case 196:
-#line 1996 "seclang-parser.yy"
+#line 2007 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestCookies_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3635 "seclang-parser.cc"
+#line 3646 "seclang-parser.cc"
     break;
 
   case 197:
-#line 2000 "seclang-parser.yy"
+#line 2011 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestCookies_NoDictElement());
       }
-#line 3643 "seclang-parser.cc"
+#line 3654 "seclang-parser.cc"
     break;
 
   case 198:
-#line 2004 "seclang-parser.yy"
+#line 2015 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestHeaders_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3651 "seclang-parser.cc"
+#line 3662 "seclang-parser.cc"
     break;
 
   case 199:
-#line 2008 "seclang-parser.yy"
+#line 2019 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestHeaders_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3659 "seclang-parser.cc"
+#line 3670 "seclang-parser.cc"
     break;
 
   case 200:
-#line 2012 "seclang-parser.yy"
+#line 2023 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestHeaders_NoDictElement());
       }
-#line 3667 "seclang-parser.cc"
+#line 3678 "seclang-parser.cc"
     break;
 
   case 201:
-#line 2016 "seclang-parser.yy"
+#line 2027 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ResponseHeaders_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3675 "seclang-parser.cc"
+#line 3686 "seclang-parser.cc"
     break;
 
   case 202:
-#line 2020 "seclang-parser.yy"
+#line 2031 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ResponseHeaders_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3683 "seclang-parser.cc"
+#line 3694 "seclang-parser.cc"
     break;
 
   case 203:
-#line 2024 "seclang-parser.yy"
+#line 2035 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ResponseHeaders_NoDictElement());
       }
-#line 3691 "seclang-parser.cc"
+#line 3702 "seclang-parser.cc"
     break;
 
   case 204:
-#line 2028 "seclang-parser.yy"
+#line 2039 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Geo_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3699 "seclang-parser.cc"
+#line 3710 "seclang-parser.cc"
     break;
 
   case 205:
-#line 2032 "seclang-parser.yy"
+#line 2043 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Geo_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3707 "seclang-parser.cc"
+#line 3718 "seclang-parser.cc"
     break;
 
   case 206:
-#line 2036 "seclang-parser.yy"
+#line 2047 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Geo_NoDictElement());
       }
-#line 3715 "seclang-parser.cc"
+#line 3726 "seclang-parser.cc"
     break;
 
   case 207:
-#line 2040 "seclang-parser.yy"
+#line 2051 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestCookiesNames_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3723 "seclang-parser.cc"
+#line 3734 "seclang-parser.cc"
     break;
 
   case 208:
-#line 2044 "seclang-parser.yy"
+#line 2055 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestCookiesNames_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3731 "seclang-parser.cc"
+#line 3742 "seclang-parser.cc"
     break;
 
   case 209:
-#line 2048 "seclang-parser.yy"
+#line 2059 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestCookiesNames_NoDictElement());
       }
-#line 3739 "seclang-parser.cc"
+#line 3750 "seclang-parser.cc"
     break;
 
   case 210:
-#line 2052 "seclang-parser.yy"
+#line 2063 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Rule_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3747 "seclang-parser.cc"
+#line 3758 "seclang-parser.cc"
     break;
 
   case 211:
-#line 2056 "seclang-parser.yy"
+#line 2067 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Rule_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3755 "seclang-parser.cc"
+#line 3766 "seclang-parser.cc"
     break;
 
   case 212:
-#line 2060 "seclang-parser.yy"
+#line 2071 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Rule_NoDictElement());
       }
-#line 3763 "seclang-parser.cc"
+#line 3774 "seclang-parser.cc"
     break;
 
   case 213:
-#line 2064 "seclang-parser.yy"
+#line 2075 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Env("ENV:" + yystack_[0].value.as < std::string > ()));
       }
-#line 3771 "seclang-parser.cc"
+#line 3782 "seclang-parser.cc"
     break;
 
   case 214:
-#line 2068 "seclang-parser.yy"
+#line 2079 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Env("ENV:" + yystack_[0].value.as < std::string > ()));
       }
-#line 3779 "seclang-parser.cc"
+#line 3790 "seclang-parser.cc"
     break;
 
   case 215:
-#line 2072 "seclang-parser.yy"
+#line 2083 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Env("ENV"));
       }
-#line 3787 "seclang-parser.cc"
+#line 3798 "seclang-parser.cc"
     break;
 
   case 216:
-#line 2076 "seclang-parser.yy"
+#line 2087 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::XML("XML:" + yystack_[0].value.as < std::string > ()));
       }
-#line 3795 "seclang-parser.cc"
+#line 3806 "seclang-parser.cc"
     break;
 
   case 217:
-#line 2080 "seclang-parser.yy"
+#line 2091 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::XML("XML:" + yystack_[0].value.as < std::string > ()));
       }
-#line 3803 "seclang-parser.cc"
+#line 3814 "seclang-parser.cc"
     break;
 
   case 218:
-#line 2084 "seclang-parser.yy"
+#line 2095 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::XML_NoDictElement());
       }
-#line 3811 "seclang-parser.cc"
+#line 3822 "seclang-parser.cc"
     break;
 
   case 219:
-#line 2088 "seclang-parser.yy"
+#line 2099 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::FilesTmpNames_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3819 "seclang-parser.cc"
+#line 3830 "seclang-parser.cc"
     break;
 
   case 220:
-#line 2092 "seclang-parser.yy"
+#line 2103 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::FilesTmpNames_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3827 "seclang-parser.cc"
+#line 3838 "seclang-parser.cc"
     break;
 
   case 221:
-#line 2096 "seclang-parser.yy"
+#line 2107 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::FilesTmpNames_NoDictElement());
       }
-#line 3835 "seclang-parser.cc"
+#line 3846 "seclang-parser.cc"
     break;
 
   case 222:
-#line 2100 "seclang-parser.yy"
+#line 2111 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Resource_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 3843 "seclang-parser.cc"
+#line 3854 "seclang-parser.cc"
     break;
 
   case 223:
-#line 2104 "seclang-parser.yy"
+#line 2115 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Resource_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3851 "seclang-parser.cc"
+#line 3862 "seclang-parser.cc"
     break;
 
   case 224:
-#line 2108 "seclang-parser.yy"
+#line 2119 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Resource_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3859 "seclang-parser.cc"
+#line 3870 "seclang-parser.cc"
     break;
 
   case 225:
-#line 2112 "seclang-parser.yy"
+#line 2123 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Resource_NoDictElement());
       }
-#line 3867 "seclang-parser.cc"
+#line 3878 "seclang-parser.cc"
     break;
 
   case 226:
-#line 2116 "seclang-parser.yy"
+#line 2127 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Ip_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 3875 "seclang-parser.cc"
+#line 3886 "seclang-parser.cc"
     break;
 
   case 227:
-#line 2120 "seclang-parser.yy"
+#line 2131 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Ip_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3883 "seclang-parser.cc"
+#line 3894 "seclang-parser.cc"
     break;
 
   case 228:
-#line 2124 "seclang-parser.yy"
+#line 2135 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Ip_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3891 "seclang-parser.cc"
+#line 3902 "seclang-parser.cc"
     break;
 
   case 229:
-#line 2128 "seclang-parser.yy"
+#line 2139 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Ip_NoDictElement());
       }
-#line 3899 "seclang-parser.cc"
+#line 3910 "seclang-parser.cc"
     break;
 
   case 230:
-#line 2132 "seclang-parser.yy"
+#line 2143 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Global_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 3907 "seclang-parser.cc"
+#line 3918 "seclang-parser.cc"
     break;
 
   case 231:
-#line 2136 "seclang-parser.yy"
+#line 2147 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Global_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3915 "seclang-parser.cc"
+#line 3926 "seclang-parser.cc"
     break;
 
   case 232:
-#line 2140 "seclang-parser.yy"
+#line 2151 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Global_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3923 "seclang-parser.cc"
+#line 3934 "seclang-parser.cc"
     break;
 
   case 233:
-#line 2144 "seclang-parser.yy"
+#line 2155 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Global_NoDictElement());
       }
-#line 3931 "seclang-parser.cc"
+#line 3942 "seclang-parser.cc"
     break;
 
   case 234:
-#line 2148 "seclang-parser.yy"
+#line 2159 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::User_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 3939 "seclang-parser.cc"
+#line 3950 "seclang-parser.cc"
     break;
 
   case 235:
-#line 2152 "seclang-parser.yy"
+#line 2163 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::User_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3947 "seclang-parser.cc"
+#line 3958 "seclang-parser.cc"
     break;
 
   case 236:
-#line 2156 "seclang-parser.yy"
+#line 2167 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::User_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3955 "seclang-parser.cc"
+#line 3966 "seclang-parser.cc"
     break;
 
   case 237:
-#line 2160 "seclang-parser.yy"
+#line 2171 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::User_NoDictElement());
       }
-#line 3963 "seclang-parser.cc"
+#line 3974 "seclang-parser.cc"
     break;
 
   case 238:
-#line 2164 "seclang-parser.yy"
+#line 2175 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Tx_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 3971 "seclang-parser.cc"
+#line 3982 "seclang-parser.cc"
     break;
 
   case 239:
-#line 2168 "seclang-parser.yy"
+#line 2179 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Tx_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 3979 "seclang-parser.cc"
+#line 3990 "seclang-parser.cc"
     break;
 
   case 240:
-#line 2172 "seclang-parser.yy"
+#line 2183 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Tx_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 3987 "seclang-parser.cc"
+#line 3998 "seclang-parser.cc"
     break;
 
   case 241:
-#line 2176 "seclang-parser.yy"
+#line 2187 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Tx_NoDictElement());
       }
-#line 3995 "seclang-parser.cc"
+#line 4006 "seclang-parser.cc"
     break;
 
   case 242:
-#line 2180 "seclang-parser.yy"
+#line 2191 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Session_DynamicElement(std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 4003 "seclang-parser.cc"
+#line 4014 "seclang-parser.cc"
     break;
 
   case 243:
-#line 2184 "seclang-parser.yy"
+#line 2195 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Session_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 4011 "seclang-parser.cc"
+#line 4022 "seclang-parser.cc"
     break;
 
   case 244:
-#line 2188 "seclang-parser.yy"
+#line 2199 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Session_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 4019 "seclang-parser.cc"
+#line 4030 "seclang-parser.cc"
     break;
 
   case 245:
-#line 2192 "seclang-parser.yy"
+#line 2203 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Session_NoDictElement());
       }
-#line 4027 "seclang-parser.cc"
+#line 4038 "seclang-parser.cc"
     break;
 
   case 246:
-#line 2196 "seclang-parser.yy"
+#line 2207 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ArgsNames_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 4035 "seclang-parser.cc"
+#line 4046 "seclang-parser.cc"
     break;
 
   case 247:
-#line 2200 "seclang-parser.yy"
+#line 2211 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ArgsNames_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 4043 "seclang-parser.cc"
+#line 4054 "seclang-parser.cc"
     break;
 
   case 248:
-#line 2204 "seclang-parser.yy"
+#line 2215 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ArgsNames_NoDictElement());
       }
-#line 4051 "seclang-parser.cc"
+#line 4062 "seclang-parser.cc"
     break;
 
   case 249:
-#line 2208 "seclang-parser.yy"
+#line 2219 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ArgsGetNames_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 4059 "seclang-parser.cc"
+#line 4070 "seclang-parser.cc"
     break;
 
   case 250:
-#line 2212 "seclang-parser.yy"
+#line 2223 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ArgsGetNames_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 4067 "seclang-parser.cc"
+#line 4078 "seclang-parser.cc"
     break;
 
   case 251:
-#line 2216 "seclang-parser.yy"
+#line 2227 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ArgsGetNames_NoDictElement());
       }
-#line 4075 "seclang-parser.cc"
+#line 4086 "seclang-parser.cc"
     break;
 
   case 252:
-#line 2221 "seclang-parser.yy"
+#line 2232 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ArgsPostNames_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 4083 "seclang-parser.cc"
+#line 4094 "seclang-parser.cc"
     break;
 
   case 253:
-#line 2225 "seclang-parser.yy"
+#line 2236 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ArgsPostNames_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 4091 "seclang-parser.cc"
+#line 4102 "seclang-parser.cc"
     break;
 
   case 254:
-#line 2229 "seclang-parser.yy"
+#line 2240 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ArgsPostNames_NoDictElement());
       }
-#line 4099 "seclang-parser.cc"
+#line 4110 "seclang-parser.cc"
     break;
 
   case 255:
-#line 2234 "seclang-parser.yy"
+#line 2245 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestHeadersNames_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 4107 "seclang-parser.cc"
+#line 4118 "seclang-parser.cc"
     break;
 
   case 256:
-#line 2238 "seclang-parser.yy"
+#line 2249 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestHeadersNames_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 4115 "seclang-parser.cc"
+#line 4126 "seclang-parser.cc"
     break;
 
   case 257:
-#line 2242 "seclang-parser.yy"
+#line 2253 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestHeadersNames_NoDictElement());
       }
-#line 4123 "seclang-parser.cc"
+#line 4134 "seclang-parser.cc"
     break;
 
   case 258:
-#line 2247 "seclang-parser.yy"
+#line 2258 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ResponseContentType());
       }
-#line 4131 "seclang-parser.cc"
+#line 4142 "seclang-parser.cc"
     break;
 
   case 259:
-#line 2252 "seclang-parser.yy"
+#line 2263 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ResponseHeadersNames_DictElement(yystack_[0].value.as < std::string > ()));
       }
-#line 4139 "seclang-parser.cc"
+#line 4150 "seclang-parser.cc"
     break;
 
   case 260:
-#line 2256 "seclang-parser.yy"
+#line 2267 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ResponseHeadersNames_DictElementRegexp(yystack_[0].value.as < std::string > ()));
       }
-#line 4147 "seclang-parser.cc"
+#line 4158 "seclang-parser.cc"
     break;
 
   case 261:
-#line 2260 "seclang-parser.yy"
+#line 2271 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ResponseHeadersNames_NoDictElement());
       }
-#line 4155 "seclang-parser.cc"
+#line 4166 "seclang-parser.cc"
     break;
 
   case 262:
-#line 2264 "seclang-parser.yy"
+#line 2275 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ArgsCombinedSize());
       }
-#line 4163 "seclang-parser.cc"
+#line 4174 "seclang-parser.cc"
     break;
 
   case 263:
-#line 2268 "seclang-parser.yy"
+#line 2279 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::AuthType());
       }
-#line 4171 "seclang-parser.cc"
+#line 4182 "seclang-parser.cc"
     break;
 
   case 264:
-#line 2272 "seclang-parser.yy"
+#line 2283 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::FilesCombinedSize());
       }
-#line 4179 "seclang-parser.cc"
+#line 4190 "seclang-parser.cc"
     break;
 
   case 265:
-#line 2276 "seclang-parser.yy"
+#line 2287 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::FullRequest());
       }
-#line 4187 "seclang-parser.cc"
+#line 4198 "seclang-parser.cc"
     break;
 
   case 266:
-#line 2280 "seclang-parser.yy"
+#line 2291 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::FullRequestLength());
       }
-#line 4195 "seclang-parser.cc"
+#line 4206 "seclang-parser.cc"
     break;
 
   case 267:
-#line 2284 "seclang-parser.yy"
+#line 2295 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::InboundDataError());
       }
-#line 4203 "seclang-parser.cc"
+#line 4214 "seclang-parser.cc"
     break;
 
   case 268:
-#line 2288 "seclang-parser.yy"
+#line 2299 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MatchedVar());
       }
-#line 4211 "seclang-parser.cc"
+#line 4222 "seclang-parser.cc"
     break;
 
   case 269:
-#line 2292 "seclang-parser.yy"
+#line 2303 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MatchedVarName());
       }
-#line 4219 "seclang-parser.cc"
+#line 4230 "seclang-parser.cc"
     break;
 
   case 270:
-#line 2296 "seclang-parser.yy"
+#line 2307 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultipartBoundaryQuoted());
       }
-#line 4227 "seclang-parser.cc"
+#line 4238 "seclang-parser.cc"
     break;
 
   case 271:
-#line 2300 "seclang-parser.yy"
+#line 2311 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultipartBoundaryWhiteSpace());
       }
-#line 4235 "seclang-parser.cc"
+#line 4246 "seclang-parser.cc"
     break;
 
   case 272:
-#line 2304 "seclang-parser.yy"
+#line 2315 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultipartCrlfLFLines());
       }
-#line 4243 "seclang-parser.cc"
+#line 4254 "seclang-parser.cc"
     break;
 
   case 273:
-#line 2308 "seclang-parser.yy"
+#line 2319 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultipartDateAfter());
       }
-#line 4251 "seclang-parser.cc"
+#line 4262 "seclang-parser.cc"
     break;
 
   case 274:
-#line 2312 "seclang-parser.yy"
+#line 2323 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultipartDateBefore());
       }
-#line 4259 "seclang-parser.cc"
+#line 4270 "seclang-parser.cc"
     break;
 
   case 275:
-#line 2316 "seclang-parser.yy"
+#line 2327 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultipartFileLimitExceeded());
       }
-#line 4267 "seclang-parser.cc"
+#line 4278 "seclang-parser.cc"
     break;
 
   case 276:
-#line 2320 "seclang-parser.yy"
+#line 2331 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultipartHeaderFolding());
       }
-#line 4275 "seclang-parser.cc"
+#line 4286 "seclang-parser.cc"
     break;
 
   case 277:
-#line 2324 "seclang-parser.yy"
+#line 2335 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultipartInvalidHeaderFolding());
       }
-#line 4283 "seclang-parser.cc"
+#line 4294 "seclang-parser.cc"
     break;
 
   case 278:
-#line 2328 "seclang-parser.yy"
+#line 2339 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultipartInvalidPart());
       }
-#line 4291 "seclang-parser.cc"
+#line 4302 "seclang-parser.cc"
     break;
 
   case 279:
-#line 2332 "seclang-parser.yy"
+#line 2343 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultipartInvalidQuoting());
       }
-#line 4299 "seclang-parser.cc"
+#line 4310 "seclang-parser.cc"
     break;
 
   case 280:
-#line 2336 "seclang-parser.yy"
+#line 2347 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultipartLFLine());
       }
-#line 4307 "seclang-parser.cc"
+#line 4318 "seclang-parser.cc"
     break;
 
   case 281:
-#line 2340 "seclang-parser.yy"
+#line 2351 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultipartMissingSemicolon());
       }
-#line 4315 "seclang-parser.cc"
+#line 4326 "seclang-parser.cc"
     break;
 
   case 282:
-#line 2344 "seclang-parser.yy"
+#line 2355 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultipartMissingSemicolon());
       }
-#line 4323 "seclang-parser.cc"
+#line 4334 "seclang-parser.cc"
     break;
 
   case 283:
-#line 2348 "seclang-parser.yy"
+#line 2359 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultipartStrictError());
       }
-#line 4331 "seclang-parser.cc"
+#line 4342 "seclang-parser.cc"
     break;
 
   case 284:
-#line 2352 "seclang-parser.yy"
+#line 2363 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::MultipartUnmatchedBoundary());
       }
-#line 4339 "seclang-parser.cc"
+#line 4350 "seclang-parser.cc"
     break;
 
   case 285:
-#line 2356 "seclang-parser.yy"
+#line 2367 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::OutboundDataError());
       }
-#line 4347 "seclang-parser.cc"
+#line 4358 "seclang-parser.cc"
     break;
 
   case 286:
-#line 2360 "seclang-parser.yy"
+#line 2371 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::PathInfo());
       }
-#line 4355 "seclang-parser.cc"
+#line 4366 "seclang-parser.cc"
     break;
 
   case 287:
-#line 2364 "seclang-parser.yy"
+#line 2375 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::QueryString());
       }
-#line 4363 "seclang-parser.cc"
+#line 4374 "seclang-parser.cc"
     break;
 
   case 288:
-#line 2368 "seclang-parser.yy"
+#line 2379 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RemoteAddr());
       }
-#line 4371 "seclang-parser.cc"
+#line 4382 "seclang-parser.cc"
     break;
 
   case 289:
-#line 2372 "seclang-parser.yy"
+#line 2383 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RemoteHost());
       }
-#line 4379 "seclang-parser.cc"
+#line 4390 "seclang-parser.cc"
     break;
 
   case 290:
-#line 2376 "seclang-parser.yy"
+#line 2387 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RemotePort());
       }
-#line 4387 "seclang-parser.cc"
+#line 4398 "seclang-parser.cc"
     break;
 
   case 291:
-#line 2380 "seclang-parser.yy"
+#line 2391 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ReqbodyError());
       }
-#line 4395 "seclang-parser.cc"
+#line 4406 "seclang-parser.cc"
     break;
 
   case 292:
-#line 2384 "seclang-parser.yy"
+#line 2395 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ReqbodyErrorMsg());
       }
-#line 4403 "seclang-parser.cc"
+#line 4414 "seclang-parser.cc"
     break;
 
   case 293:
-#line 2388 "seclang-parser.yy"
+#line 2399 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ReqbodyProcessor());
       }
-#line 4411 "seclang-parser.cc"
+#line 4422 "seclang-parser.cc"
     break;
 
   case 294:
-#line 2392 "seclang-parser.yy"
+#line 2403 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ReqbodyProcessorError());
       }
-#line 4419 "seclang-parser.cc"
+#line 4430 "seclang-parser.cc"
     break;
 
   case 295:
-#line 2396 "seclang-parser.yy"
+#line 2407 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ReqbodyProcessorErrorMsg());
       }
-#line 4427 "seclang-parser.cc"
+#line 4438 "seclang-parser.cc"
     break;
 
   case 296:
-#line 2400 "seclang-parser.yy"
+#line 2411 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestBasename());
       }
-#line 4435 "seclang-parser.cc"
+#line 4446 "seclang-parser.cc"
     break;
 
   case 297:
-#line 2404 "seclang-parser.yy"
+#line 2415 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestBody());
       }
-#line 4443 "seclang-parser.cc"
+#line 4454 "seclang-parser.cc"
     break;
 
   case 298:
-#line 2408 "seclang-parser.yy"
+#line 2419 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestBodyLength());
       }
-#line 4451 "seclang-parser.cc"
+#line 4462 "seclang-parser.cc"
     break;
 
   case 299:
-#line 2412 "seclang-parser.yy"
+#line 2423 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestFilename());
       }
-#line 4459 "seclang-parser.cc"
+#line 4470 "seclang-parser.cc"
     break;
 
   case 300:
-#line 2416 "seclang-parser.yy"
+#line 2427 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestLine());
       }
-#line 4467 "seclang-parser.cc"
+#line 4478 "seclang-parser.cc"
     break;
 
   case 301:
-#line 2420 "seclang-parser.yy"
+#line 2431 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestMethod());
       }
-#line 4475 "seclang-parser.cc"
+#line 4486 "seclang-parser.cc"
     break;
 
   case 302:
-#line 2424 "seclang-parser.yy"
+#line 2435 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestProtocol());
       }
-#line 4483 "seclang-parser.cc"
+#line 4494 "seclang-parser.cc"
     break;
 
   case 303:
-#line 2428 "seclang-parser.yy"
+#line 2439 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestURI());
       }
-#line 4491 "seclang-parser.cc"
+#line 4502 "seclang-parser.cc"
     break;
 
   case 304:
-#line 2432 "seclang-parser.yy"
+#line 2443 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::RequestURIRaw());
       }
-#line 4499 "seclang-parser.cc"
+#line 4510 "seclang-parser.cc"
     break;
 
   case 305:
-#line 2436 "seclang-parser.yy"
+#line 2447 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ResponseBody());
       }
-#line 4507 "seclang-parser.cc"
+#line 4518 "seclang-parser.cc"
     break;
 
   case 306:
-#line 2440 "seclang-parser.yy"
+#line 2451 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ResponseContentLength());
       }
-#line 4515 "seclang-parser.cc"
+#line 4526 "seclang-parser.cc"
     break;
 
   case 307:
-#line 2444 "seclang-parser.yy"
+#line 2455 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ResponseProtocol());
       }
-#line 4523 "seclang-parser.cc"
+#line 4534 "seclang-parser.cc"
     break;
 
   case 308:
-#line 2448 "seclang-parser.yy"
+#line 2459 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ResponseStatus());
       }
-#line 4531 "seclang-parser.cc"
+#line 4542 "seclang-parser.cc"
     break;
 
   case 309:
-#line 2452 "seclang-parser.yy"
+#line 2463 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ServerAddr());
       }
-#line 4539 "seclang-parser.cc"
+#line 4550 "seclang-parser.cc"
     break;
 
   case 310:
-#line 2456 "seclang-parser.yy"
+#line 2467 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ServerName());
       }
-#line 4547 "seclang-parser.cc"
+#line 4558 "seclang-parser.cc"
     break;
 
   case 311:
-#line 2460 "seclang-parser.yy"
+#line 2471 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::ServerPort());
       }
-#line 4555 "seclang-parser.cc"
+#line 4566 "seclang-parser.cc"
     break;
 
   case 312:
-#line 2464 "seclang-parser.yy"
+#line 2475 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::SessionID());
       }
-#line 4563 "seclang-parser.cc"
+#line 4574 "seclang-parser.cc"
     break;
 
   case 313:
-#line 2468 "seclang-parser.yy"
+#line 2479 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::UniqueID());
       }
-#line 4571 "seclang-parser.cc"
+#line 4582 "seclang-parser.cc"
     break;
 
   case 314:
-#line 2472 "seclang-parser.yy"
+#line 2483 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::UrlEncodedError());
       }
-#line 4579 "seclang-parser.cc"
+#line 4590 "seclang-parser.cc"
     break;
 
   case 315:
-#line 2476 "seclang-parser.yy"
+#line 2487 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::UserID());
       }
-#line 4587 "seclang-parser.cc"
+#line 4598 "seclang-parser.cc"
     break;
 
   case 316:
-#line 2480 "seclang-parser.yy"
+#line 2491 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Status());
       }
-#line 4595 "seclang-parser.cc"
+#line 4606 "seclang-parser.cc"
     break;
 
   case 317:
-#line 2484 "seclang-parser.yy"
+#line 2495 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::Status());
       }
-#line 4603 "seclang-parser.cc"
+#line 4614 "seclang-parser.cc"
     break;
 
   case 318:
-#line 2488 "seclang-parser.yy"
+#line 2499 "seclang-parser.yy"
       {
         VARIABLE_CONTAINER(yylhs.value.as < std::unique_ptr<Variable> > (), new variables::WebAppId());
       }
-#line 4611 "seclang-parser.cc"
+#line 4622 "seclang-parser.cc"
     break;
 
   case 319:
-#line 2492 "seclang-parser.yy"
+#line 2503 "seclang-parser.yy"
       {
         std::string name(yystack_[0].value.as < std::string > ());
         char z = name.at(0);
         std::unique_ptr<Variable> c(new Duration(name));
         yylhs.value.as < std::unique_ptr<Variable> > () = std::move(c);
       }
-#line 4622 "seclang-parser.cc"
+#line 4633 "seclang-parser.cc"
     break;
 
   case 320:
-#line 2500 "seclang-parser.yy"
+#line 2511 "seclang-parser.yy"
       {
         std::string name(yystack_[0].value.as < std::string > ());
         char z = name.at(0);
         std::unique_ptr<Variable> c(new ModsecBuild(name));
         yylhs.value.as < std::unique_ptr<Variable> > () = std::move(c);
       }
-#line 4633 "seclang-parser.cc"
+#line 4644 "seclang-parser.cc"
     break;
 
   case 321:
-#line 2507 "seclang-parser.yy"
+#line 2518 "seclang-parser.yy"
       {
         std::string name(yystack_[0].value.as < std::string > ());
         char z = name.at(0);
         std::unique_ptr<Variable> c(new HighestSeverity(name));
         yylhs.value.as < std::unique_ptr<Variable> > () = std::move(c);
       }
-#line 4644 "seclang-parser.cc"
+#line 4655 "seclang-parser.cc"
     break;
 
   case 322:
-#line 2514 "seclang-parser.yy"
+#line 2525 "seclang-parser.yy"
       {
         std::string name(yystack_[0].value.as < std::string > ());
         char z = name.at(0);
         std::unique_ptr<Variable> c(new RemoteUser(name));
         yylhs.value.as < std::unique_ptr<Variable> > () = std::move(c);
       }
-#line 4655 "seclang-parser.cc"
+#line 4666 "seclang-parser.cc"
     break;
 
   case 323:
-#line 2521 "seclang-parser.yy"
+#line 2532 "seclang-parser.yy"
       {
         std::string name(yystack_[0].value.as < std::string > ());
         char z = name.at(0);
         std::unique_ptr<Variable> c(new Time(name));
         yylhs.value.as < std::unique_ptr<Variable> > () = std::move(c);
       }
-#line 4666 "seclang-parser.cc"
+#line 4677 "seclang-parser.cc"
     break;
 
   case 324:
-#line 2528 "seclang-parser.yy"
+#line 2539 "seclang-parser.yy"
       {
         std::string name(yystack_[0].value.as < std::string > ());
         char z = name.at(0);
         std::unique_ptr<Variable> c(new TimeDay(name));
         yylhs.value.as < std::unique_ptr<Variable> > () = std::move(c);
       }
-#line 4677 "seclang-parser.cc"
+#line 4688 "seclang-parser.cc"
     break;
 
   case 325:
-#line 2535 "seclang-parser.yy"
+#line 2546 "seclang-parser.yy"
       {
         std::string name(yystack_[0].value.as < std::string > ());
         char z = name.at(0);
         std::unique_ptr<Variable> c(new TimeEpoch(name));
         yylhs.value.as < std::unique_ptr<Variable> > () = std::move(c);
       }
-#line 4688 "seclang-parser.cc"
+#line 4699 "seclang-parser.cc"
     break;
 
   case 326:
-#line 2542 "seclang-parser.yy"
+#line 2553 "seclang-parser.yy"
       {
         std::string name(yystack_[0].value.as < std::string > ());
         char z = name.at(0);
         std::unique_ptr<Variable> c(new TimeHour(name));
         yylhs.value.as < std::unique_ptr<Variable> > () = std::move(c);
       }
-#line 4699 "seclang-parser.cc"
+#line 4710 "seclang-parser.cc"
     break;
 
   case 327:
-#line 2549 "seclang-parser.yy"
+#line 2560 "seclang-parser.yy"
       {
         std::string name(yystack_[0].value.as < std::string > ());
         char z = name.at(0);
         std::unique_ptr<Variable> c(new TimeMin(name));
         yylhs.value.as < std::unique_ptr<Variable> > () = std::move(c);
       }
-#line 4710 "seclang-parser.cc"
+#line 4721 "seclang-parser.cc"
     break;
 
   case 328:
-#line 2556 "seclang-parser.yy"
+#line 2567 "seclang-parser.yy"
       {
         std::string name(yystack_[0].value.as < std::string > ());
         char z = name.at(0);
         std::unique_ptr<Variable> c(new TimeMon(name));
         yylhs.value.as < std::unique_ptr<Variable> > () = std::move(c);
       }
-#line 4721 "seclang-parser.cc"
+#line 4732 "seclang-parser.cc"
     break;
 
   case 329:
-#line 2563 "seclang-parser.yy"
+#line 2574 "seclang-parser.yy"
       {
         std::string name(yystack_[0].value.as < std::string > ());
         char z = name.at(0);
             std::unique_ptr<Variable> c(new TimeSec(name));
             yylhs.value.as < std::unique_ptr<Variable> > () = std::move(c);
       }
-#line 4732 "seclang-parser.cc"
+#line 4743 "seclang-parser.cc"
     break;
 
   case 330:
-#line 2570 "seclang-parser.yy"
+#line 2581 "seclang-parser.yy"
       {
         std::string name(yystack_[0].value.as < std::string > ());
         char z = name.at(0);
         std::unique_ptr<Variable> c(new TimeWDay(name));
         yylhs.value.as < std::unique_ptr<Variable> > () = std::move(c);
       }
-#line 4743 "seclang-parser.cc"
+#line 4754 "seclang-parser.cc"
     break;
 
   case 331:
-#line 2577 "seclang-parser.yy"
+#line 2588 "seclang-parser.yy"
       {
         std::string name(yystack_[0].value.as < std::string > ());
         char z = name.at(0);
         std::unique_ptr<Variable> c(new TimeYear(name));
         yylhs.value.as < std::unique_ptr<Variable> > () = std::move(c);
       }
-#line 4754 "seclang-parser.cc"
+#line 4765 "seclang-parser.cc"
     break;
 
   case 332:
-#line 2587 "seclang-parser.yy"
+#line 2598 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Accuracy(yystack_[0].value.as < std::string > ()));
       }
-#line 4762 "seclang-parser.cc"
+#line 4773 "seclang-parser.cc"
     break;
 
   case 333:
-#line 2591 "seclang-parser.yy"
+#line 2602 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::disruptive::Allow(yystack_[0].value.as < std::string > ()));
       }
-#line 4770 "seclang-parser.cc"
+#line 4781 "seclang-parser.cc"
     break;
 
   case 334:
-#line 2595 "seclang-parser.yy"
+#line 2606 "seclang-parser.yy"
       {
         ACTION_NOT_SUPPORTED("Append", yystack_[1].location);
       }
-#line 4778 "seclang-parser.cc"
+#line 4789 "seclang-parser.cc"
     break;
 
   case 335:
-#line 2599 "seclang-parser.yy"
+#line 2610 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::AuditLog(yystack_[0].value.as < std::string > ()));
       }
-#line 4786 "seclang-parser.cc"
+#line 4797 "seclang-parser.cc"
     break;
 
   case 336:
-#line 2603 "seclang-parser.yy"
+#line 2614 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Block(yystack_[0].value.as < std::string > ()));
       }
-#line 4794 "seclang-parser.cc"
+#line 4805 "seclang-parser.cc"
     break;
 
   case 337:
-#line 2607 "seclang-parser.yy"
+#line 2618 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Capture(yystack_[0].value.as < std::string > ()));
       }
-#line 4802 "seclang-parser.cc"
+#line 4813 "seclang-parser.cc"
     break;
 
   case 338:
-#line 2611 "seclang-parser.yy"
+#line 2622 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Chain(yystack_[0].value.as < std::string > ()));
       }
-#line 4810 "seclang-parser.cc"
+#line 4821 "seclang-parser.cc"
     break;
 
   case 339:
-#line 2615 "seclang-parser.yy"
+#line 2626 "seclang-parser.yy"
       {
         //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0);
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as < std::string > ()));
       }
-#line 4819 "seclang-parser.cc"
+#line 4830 "seclang-parser.cc"
     break;
 
   case 340:
-#line 2620 "seclang-parser.yy"
+#line 2631 "seclang-parser.yy"
       {
         //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0);
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as < std::string > ()));
       }
-#line 4828 "seclang-parser.cc"
+#line 4839 "seclang-parser.cc"
     break;
 
   case 341:
-#line 2625 "seclang-parser.yy"
+#line 2636 "seclang-parser.yy"
       {
         //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0);
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as < std::string > ()));
       }
-#line 4837 "seclang-parser.cc"
+#line 4848 "seclang-parser.cc"
     break;
 
   case 342:
-#line 2630 "seclang-parser.yy"
+#line 2641 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::ctl::AuditLogParts(yystack_[0].value.as < std::string > ()));
       }
-#line 4845 "seclang-parser.cc"
+#line 4856 "seclang-parser.cc"
     break;
 
   case 343:
-#line 2634 "seclang-parser.yy"
+#line 2645 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::ctl::RequestBodyProcessorJSON(yystack_[0].value.as < std::string > ()));
       }
-#line 4853 "seclang-parser.cc"
+#line 4864 "seclang-parser.cc"
     break;
 
   case 344:
-#line 2638 "seclang-parser.yy"
+#line 2649 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::ctl::RequestBodyProcessorXML(yystack_[0].value.as < std::string > ()));
       }
-#line 4861 "seclang-parser.cc"
+#line 4872 "seclang-parser.cc"
     break;
 
   case 345:
-#line 2642 "seclang-parser.yy"
+#line 2653 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::ctl::RequestBodyProcessorURLENCODED(yystack_[0].value.as < std::string > ()));
       }
-#line 4869 "seclang-parser.cc"
+#line 4880 "seclang-parser.cc"
     break;
 
   case 346:
-#line 2646 "seclang-parser.yy"
+#line 2657 "seclang-parser.yy"
       {
         //ACTION_NOT_SUPPORTED("CtlForceReequestBody", @0);
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as < std::string > ()));
       }
-#line 4878 "seclang-parser.cc"
+#line 4889 "seclang-parser.cc"
     break;
 
   case 347:
-#line 2651 "seclang-parser.yy"
+#line 2662 "seclang-parser.yy"
       {
         //ACTION_NOT_SUPPORTED("CtlForceReequestBody", @0);
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as < std::string > ()));
       }
-#line 4887 "seclang-parser.cc"
+#line 4898 "seclang-parser.cc"
     break;
 
   case 348:
-#line 2656 "seclang-parser.yy"
+#line 2667 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::ctl::RequestBodyAccess(yystack_[1].value.as < std::string > () + "true"));
       }
-#line 4895 "seclang-parser.cc"
+#line 4906 "seclang-parser.cc"
     break;
 
   case 349:
-#line 2660 "seclang-parser.yy"
+#line 2671 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::ctl::RequestBodyAccess(yystack_[1].value.as < std::string > () + "false"));
       }
-#line 4903 "seclang-parser.cc"
+#line 4914 "seclang-parser.cc"
     break;
 
   case 350:
-#line 2664 "seclang-parser.yy"
+#line 2675 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::ctl::RuleEngine("ctl:RuleEngine=on"));
       }
-#line 4911 "seclang-parser.cc"
+#line 4922 "seclang-parser.cc"
     break;
 
   case 351:
-#line 2668 "seclang-parser.yy"
+#line 2679 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::ctl::RuleEngine("ctl:RuleEngine=off"));
       }
-#line 4919 "seclang-parser.cc"
+#line 4930 "seclang-parser.cc"
     break;
 
   case 352:
-#line 2672 "seclang-parser.yy"
+#line 2683 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::ctl::RuleEngine("ctl:RuleEngine=detectiononly"));
       }
-#line 4927 "seclang-parser.cc"
+#line 4938 "seclang-parser.cc"
     break;
 
   case 353:
-#line 2676 "seclang-parser.yy"
+#line 2687 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::ctl::RuleRemoveById(yystack_[0].value.as < std::string > ()));
       }
-#line 4935 "seclang-parser.cc"
+#line 4946 "seclang-parser.cc"
     break;
 
   case 354:
-#line 2680 "seclang-parser.yy"
+#line 2691 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::ctl::RuleRemoveByTag(yystack_[0].value.as < std::string > ()));
       }
-#line 4943 "seclang-parser.cc"
+#line 4954 "seclang-parser.cc"
     break;
 
   case 355:
-#line 2684 "seclang-parser.yy"
+#line 2695 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::ctl::RuleRemoveTargetById(yystack_[0].value.as < std::string > ()));
       }
-#line 4951 "seclang-parser.cc"
+#line 4962 "seclang-parser.cc"
     break;
 
   case 356:
-#line 2688 "seclang-parser.yy"
+#line 2699 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::ctl::RuleRemoveTargetByTag(yystack_[0].value.as < std::string > ()));
       }
-#line 4959 "seclang-parser.cc"
+#line 4970 "seclang-parser.cc"
     break;
 
   case 357:
-#line 2692 "seclang-parser.yy"
+#line 2703 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::disruptive::Deny(yystack_[0].value.as < std::string > ()));
       }
-#line 4967 "seclang-parser.cc"
+#line 4978 "seclang-parser.cc"
     break;
 
   case 358:
-#line 2696 "seclang-parser.yy"
+#line 2707 "seclang-parser.yy"
       {
         ACTION_NOT_SUPPORTED("DeprecateVar", yystack_[1].location);
       }
-#line 4975 "seclang-parser.cc"
+#line 4986 "seclang-parser.cc"
     break;
 
   case 359:
-#line 2700 "seclang-parser.yy"
+#line 2711 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::disruptive::Drop(yystack_[0].value.as < std::string > ()));
       }
-#line 4983 "seclang-parser.cc"
+#line 4994 "seclang-parser.cc"
     break;
 
   case 360:
-#line 2704 "seclang-parser.yy"
+#line 2715 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Exec(yystack_[0].value.as < std::string > ()));
       }
-#line 4991 "seclang-parser.cc"
+#line 5002 "seclang-parser.cc"
     break;
 
   case 361:
-#line 2708 "seclang-parser.yy"
+#line 2719 "seclang-parser.yy"
       {
         //ACTION_NOT_SUPPORTED("ExpireVar", @0);
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[0].value.as < std::string > ()));
       }
-#line 5000 "seclang-parser.cc"
+#line 5011 "seclang-parser.cc"
     break;
 
   case 362:
-#line 2713 "seclang-parser.yy"
+#line 2724 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::RuleId(yystack_[0].value.as < std::string > ()));
       }
-#line 5008 "seclang-parser.cc"
+#line 5019 "seclang-parser.cc"
     break;
 
   case 363:
-#line 2717 "seclang-parser.yy"
+#line 2728 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::InitCol(yystack_[1].value.as < std::string > (), std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 5016 "seclang-parser.cc"
+#line 5027 "seclang-parser.cc"
     break;
 
   case 364:
-#line 2721 "seclang-parser.yy"
+#line 2732 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::LogData(std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 5024 "seclang-parser.cc"
+#line 5035 "seclang-parser.cc"
     break;
 
   case 365:
-#line 2725 "seclang-parser.yy"
+#line 2736 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Log(yystack_[0].value.as < std::string > ()));
       }
-#line 5032 "seclang-parser.cc"
+#line 5043 "seclang-parser.cc"
     break;
 
   case 366:
-#line 2729 "seclang-parser.yy"
+#line 2740 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Maturity(yystack_[0].value.as < std::string > ()));
       }
-#line 5040 "seclang-parser.cc"
+#line 5051 "seclang-parser.cc"
     break;
 
   case 367:
-#line 2733 "seclang-parser.yy"
+#line 2744 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Msg(std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 5048 "seclang-parser.cc"
+#line 5059 "seclang-parser.cc"
     break;
 
   case 368:
-#line 2737 "seclang-parser.yy"
+#line 2748 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::MultiMatch(yystack_[0].value.as < std::string > ()));
       }
-#line 5056 "seclang-parser.cc"
+#line 5067 "seclang-parser.cc"
     break;
 
   case 369:
-#line 2741 "seclang-parser.yy"
+#line 2752 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::NoAuditLog(yystack_[0].value.as < std::string > ()));
       }
-#line 5064 "seclang-parser.cc"
+#line 5075 "seclang-parser.cc"
     break;
 
   case 370:
-#line 2745 "seclang-parser.yy"
+#line 2756 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::NoLog(yystack_[0].value.as < std::string > ()));
       }
-#line 5072 "seclang-parser.cc"
+#line 5083 "seclang-parser.cc"
     break;
 
   case 371:
-#line 2749 "seclang-parser.yy"
+#line 2760 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::disruptive::Pass(yystack_[0].value.as < std::string > ()));
       }
-#line 5080 "seclang-parser.cc"
+#line 5091 "seclang-parser.cc"
     break;
 
   case 372:
-#line 2753 "seclang-parser.yy"
+#line 2764 "seclang-parser.yy"
       {
         ACTION_NOT_SUPPORTED("Pause", yystack_[1].location);
       }
-#line 5088 "seclang-parser.cc"
+#line 5099 "seclang-parser.cc"
     break;
 
   case 373:
-#line 2757 "seclang-parser.yy"
+#line 2768 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Phase(yystack_[0].value.as < std::string > ()));
       }
-#line 5096 "seclang-parser.cc"
+#line 5107 "seclang-parser.cc"
     break;
 
   case 374:
-#line 2761 "seclang-parser.yy"
+#line 2772 "seclang-parser.yy"
       {
         ACTION_NOT_SUPPORTED("Prepend", yystack_[1].location);
       }
-#line 5104 "seclang-parser.cc"
+#line 5115 "seclang-parser.cc"
     break;
 
   case 375:
-#line 2765 "seclang-parser.yy"
+#line 2776 "seclang-parser.yy"
       {
         ACTION_NOT_SUPPORTED("Proxy", yystack_[1].location);
       }
-#line 5112 "seclang-parser.cc"
+#line 5123 "seclang-parser.cc"
     break;
 
   case 376:
-#line 2769 "seclang-parser.yy"
+#line 2780 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::disruptive::Redirect(std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 5120 "seclang-parser.cc"
+#line 5131 "seclang-parser.cc"
     break;
 
   case 377:
-#line 2773 "seclang-parser.yy"
+#line 2784 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Rev(yystack_[0].value.as < std::string > ()));
       }
-#line 5128 "seclang-parser.cc"
+#line 5139 "seclang-parser.cc"
     break;
 
   case 378:
-#line 2777 "seclang-parser.yy"
+#line 2788 "seclang-parser.yy"
       {
         ACTION_NOT_SUPPORTED("SanitiseArg", yystack_[1].location);
       }
-#line 5136 "seclang-parser.cc"
+#line 5147 "seclang-parser.cc"
     break;
 
   case 379:
-#line 2781 "seclang-parser.yy"
+#line 2792 "seclang-parser.yy"
       {
         ACTION_NOT_SUPPORTED("SanitiseMatched", yystack_[1].location);
       }
-#line 5144 "seclang-parser.cc"
+#line 5155 "seclang-parser.cc"
     break;
 
   case 380:
-#line 2785 "seclang-parser.yy"
+#line 2796 "seclang-parser.yy"
       {
         ACTION_NOT_SUPPORTED("SanitiseMatchedBytes", yystack_[1].location);
       }
-#line 5152 "seclang-parser.cc"
+#line 5163 "seclang-parser.cc"
     break;
 
   case 381:
-#line 2789 "seclang-parser.yy"
+#line 2800 "seclang-parser.yy"
       {
         ACTION_NOT_SUPPORTED("SanitiseRequestHeader", yystack_[1].location);
       }
-#line 5160 "seclang-parser.cc"
+#line 5171 "seclang-parser.cc"
     break;
 
   case 382:
-#line 2793 "seclang-parser.yy"
+#line 2804 "seclang-parser.yy"
       {
         ACTION_NOT_SUPPORTED("SanitiseResponseHeader", yystack_[1].location);
       }
-#line 5168 "seclang-parser.cc"
+#line 5179 "seclang-parser.cc"
     break;
 
   case 383:
-#line 2797 "seclang-parser.yy"
+#line 2808 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::SetENV(std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 5176 "seclang-parser.cc"
+#line 5187 "seclang-parser.cc"
     break;
 
   case 384:
-#line 2801 "seclang-parser.yy"
+#line 2812 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::SetRSC(std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 5184 "seclang-parser.cc"
+#line 5195 "seclang-parser.cc"
     break;
 
   case 385:
-#line 2805 "seclang-parser.yy"
+#line 2816 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::SetSID(std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 5192 "seclang-parser.cc"
+#line 5203 "seclang-parser.cc"
     break;
 
   case 386:
-#line 2809 "seclang-parser.yy"
+#line 2820 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::SetUID(std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 5200 "seclang-parser.cc"
+#line 5211 "seclang-parser.cc"
     break;
 
   case 387:
-#line 2813 "seclang-parser.yy"
+#line 2824 "seclang-parser.yy"
       {
         yylhs.value.as < std::unique_ptr<actions::Action> > () = std::move(yystack_[0].value.as < std::unique_ptr<actions::Action> > ());
       }
-#line 5208 "seclang-parser.cc"
+#line 5219 "seclang-parser.cc"
     break;
 
   case 388:
-#line 2817 "seclang-parser.yy"
+#line 2828 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Severity(yystack_[0].value.as < std::string > ()));
       }
-#line 5216 "seclang-parser.cc"
+#line 5227 "seclang-parser.cc"
     break;
 
   case 389:
-#line 2821 "seclang-parser.yy"
+#line 2832 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Skip(yystack_[0].value.as < std::string > ()));
       }
-#line 5224 "seclang-parser.cc"
+#line 5235 "seclang-parser.cc"
     break;
 
   case 390:
-#line 2825 "seclang-parser.yy"
+#line 2836 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::SkipAfter(yystack_[0].value.as < std::string > ()));
       }
-#line 5232 "seclang-parser.cc"
+#line 5243 "seclang-parser.cc"
     break;
 
   case 391:
-#line 2829 "seclang-parser.yy"
+#line 2840 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::data::Status(yystack_[0].value.as < std::string > ()));
       }
-#line 5240 "seclang-parser.cc"
+#line 5251 "seclang-parser.cc"
     break;
 
   case 392:
-#line 2833 "seclang-parser.yy"
+#line 2844 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Tag(std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 5248 "seclang-parser.cc"
+#line 5259 "seclang-parser.cc"
     break;
 
   case 393:
-#line 2837 "seclang-parser.yy"
+#line 2848 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::Ver(yystack_[0].value.as < std::string > ()));
       }
-#line 5256 "seclang-parser.cc"
+#line 5267 "seclang-parser.cc"
     break;
 
   case 394:
-#line 2841 "seclang-parser.yy"
+#line 2852 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::XmlNS(yystack_[0].value.as < std::string > ()));
       }
-#line 5264 "seclang-parser.cc"
+#line 5275 "seclang-parser.cc"
     break;
 
   case 395:
-#line 2845 "seclang-parser.yy"
+#line 2856 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::ParityZero7bit(yystack_[0].value.as < std::string > ()));
       }
-#line 5272 "seclang-parser.cc"
+#line 5283 "seclang-parser.cc"
     break;
 
   case 396:
-#line 2849 "seclang-parser.yy"
+#line 2860 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::ParityOdd7bit(yystack_[0].value.as < std::string > ()));
       }
-#line 5280 "seclang-parser.cc"
+#line 5291 "seclang-parser.cc"
     break;
 
   case 397:
-#line 2853 "seclang-parser.yy"
+#line 2864 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::ParityEven7bit(yystack_[0].value.as < std::string > ()));
       }
-#line 5288 "seclang-parser.cc"
+#line 5299 "seclang-parser.cc"
     break;
 
   case 398:
-#line 2857 "seclang-parser.yy"
+#line 2868 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::SqlHexDecode(yystack_[0].value.as < std::string > ()));
       }
-#line 5296 "seclang-parser.cc"
+#line 5307 "seclang-parser.cc"
     break;
 
   case 399:
-#line 2861 "seclang-parser.yy"
+#line 2872 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::Base64Encode(yystack_[0].value.as < std::string > ()));
       }
-#line 5304 "seclang-parser.cc"
+#line 5315 "seclang-parser.cc"
     break;
 
   case 400:
-#line 2865 "seclang-parser.yy"
+#line 2876 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::Base64Decode(yystack_[0].value.as < std::string > ()));
       }
-#line 5312 "seclang-parser.cc"
+#line 5323 "seclang-parser.cc"
     break;
 
   case 401:
-#line 2869 "seclang-parser.yy"
+#line 2880 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::Base64DecodeExt(yystack_[0].value.as < std::string > ()));
       }
-#line 5320 "seclang-parser.cc"
+#line 5331 "seclang-parser.cc"
     break;
 
   case 402:
-#line 2873 "seclang-parser.yy"
+#line 2884 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::CmdLine(yystack_[0].value.as < std::string > ()));
       }
-#line 5328 "seclang-parser.cc"
+#line 5339 "seclang-parser.cc"
     break;
 
   case 403:
-#line 2877 "seclang-parser.yy"
+#line 2888 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::Sha1(yystack_[0].value.as < std::string > ()));
       }
-#line 5336 "seclang-parser.cc"
+#line 5347 "seclang-parser.cc"
     break;
 
   case 404:
-#line 2881 "seclang-parser.yy"
+#line 2892 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::Md5(yystack_[0].value.as < std::string > ()));
       }
-#line 5344 "seclang-parser.cc"
+#line 5355 "seclang-parser.cc"
     break;
 
   case 405:
-#line 2885 "seclang-parser.yy"
+#line 2896 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::EscapeSeqDecode(yystack_[0].value.as < std::string > ()));
       }
-#line 5352 "seclang-parser.cc"
+#line 5363 "seclang-parser.cc"
     break;
 
   case 406:
-#line 2889 "seclang-parser.yy"
+#line 2900 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::HexEncode(yystack_[0].value.as < std::string > ()));
       }
-#line 5360 "seclang-parser.cc"
+#line 5371 "seclang-parser.cc"
     break;
 
   case 407:
-#line 2893 "seclang-parser.yy"
+#line 2904 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::HexDecode(yystack_[0].value.as < std::string > ()));
       }
-#line 5368 "seclang-parser.cc"
+#line 5379 "seclang-parser.cc"
     break;
 
   case 408:
-#line 2897 "seclang-parser.yy"
+#line 2908 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::LowerCase(yystack_[0].value.as < std::string > ()));
       }
-#line 5376 "seclang-parser.cc"
+#line 5387 "seclang-parser.cc"
     break;
 
   case 409:
-#line 2901 "seclang-parser.yy"
+#line 2912 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::UpperCase(yystack_[0].value.as < std::string > ()));
       }
-#line 5384 "seclang-parser.cc"
+#line 5395 "seclang-parser.cc"
     break;
 
   case 410:
-#line 2905 "seclang-parser.yy"
+#line 2916 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::UrlDecodeUni(yystack_[0].value.as < std::string > ()));
       }
-#line 5392 "seclang-parser.cc"
+#line 5403 "seclang-parser.cc"
     break;
 
   case 411:
-#line 2909 "seclang-parser.yy"
+#line 2920 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::UrlDecode(yystack_[0].value.as < std::string > ()));
       }
-#line 5400 "seclang-parser.cc"
+#line 5411 "seclang-parser.cc"
     break;
 
   case 412:
-#line 2913 "seclang-parser.yy"
+#line 2924 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::UrlEncode(yystack_[0].value.as < std::string > ()));
       }
-#line 5408 "seclang-parser.cc"
+#line 5419 "seclang-parser.cc"
     break;
 
   case 413:
-#line 2917 "seclang-parser.yy"
+#line 2928 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::None(yystack_[0].value.as < std::string > ()));
       }
-#line 5416 "seclang-parser.cc"
+#line 5427 "seclang-parser.cc"
     break;
 
   case 414:
-#line 2921 "seclang-parser.yy"
+#line 2932 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::CompressWhitespace(yystack_[0].value.as < std::string > ()));
       }
-#line 5424 "seclang-parser.cc"
+#line 5435 "seclang-parser.cc"
     break;
 
   case 415:
-#line 2925 "seclang-parser.yy"
+#line 2936 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::RemoveWhitespace(yystack_[0].value.as < std::string > ()));
       }
-#line 5432 "seclang-parser.cc"
+#line 5443 "seclang-parser.cc"
     break;
 
   case 416:
-#line 2929 "seclang-parser.yy"
+#line 2940 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::ReplaceNulls(yystack_[0].value.as < std::string > ()));
       }
-#line 5440 "seclang-parser.cc"
+#line 5451 "seclang-parser.cc"
     break;
 
   case 417:
-#line 2933 "seclang-parser.yy"
+#line 2944 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::RemoveNulls(yystack_[0].value.as < std::string > ()));
       }
-#line 5448 "seclang-parser.cc"
+#line 5459 "seclang-parser.cc"
     break;
 
   case 418:
-#line 2937 "seclang-parser.yy"
+#line 2948 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::HtmlEntityDecode(yystack_[0].value.as < std::string > ()));
       }
-#line 5456 "seclang-parser.cc"
+#line 5467 "seclang-parser.cc"
     break;
 
   case 419:
-#line 2941 "seclang-parser.yy"
+#line 2952 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::JsDecode(yystack_[0].value.as < std::string > ()));
       }
-#line 5464 "seclang-parser.cc"
+#line 5475 "seclang-parser.cc"
     break;
 
   case 420:
-#line 2945 "seclang-parser.yy"
+#line 2956 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::CssDecode(yystack_[0].value.as < std::string > ()));
       }
-#line 5472 "seclang-parser.cc"
+#line 5483 "seclang-parser.cc"
     break;
 
   case 421:
-#line 2949 "seclang-parser.yy"
+#line 2960 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::Trim(yystack_[0].value.as < std::string > ()));
       }
-#line 5480 "seclang-parser.cc"
+#line 5491 "seclang-parser.cc"
     break;
 
   case 422:
-#line 2953 "seclang-parser.yy"
+#line 2964 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::TrimLeft(yystack_[0].value.as < std::string > ()));
       }
-#line 5488 "seclang-parser.cc"
+#line 5499 "seclang-parser.cc"
     break;
 
   case 423:
-#line 2957 "seclang-parser.yy"
+#line 2968 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::TrimRight(yystack_[0].value.as < std::string > ()));
       }
-#line 5496 "seclang-parser.cc"
+#line 5507 "seclang-parser.cc"
     break;
 
   case 424:
-#line 2961 "seclang-parser.yy"
+#line 2972 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::NormalisePathWin(yystack_[0].value.as < std::string > ()));
       }
-#line 5504 "seclang-parser.cc"
+#line 5515 "seclang-parser.cc"
     break;
 
   case 425:
-#line 2965 "seclang-parser.yy"
+#line 2976 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::NormalisePath(yystack_[0].value.as < std::string > ()));
       }
-#line 5512 "seclang-parser.cc"
+#line 5523 "seclang-parser.cc"
     break;
 
   case 426:
-#line 2969 "seclang-parser.yy"
+#line 2980 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::Length(yystack_[0].value.as < std::string > ()));
       }
-#line 5520 "seclang-parser.cc"
+#line 5531 "seclang-parser.cc"
     break;
 
   case 427:
-#line 2973 "seclang-parser.yy"
+#line 2984 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::Utf8ToUnicode(yystack_[0].value.as < std::string > ()));
       }
-#line 5528 "seclang-parser.cc"
+#line 5539 "seclang-parser.cc"
     break;
 
   case 428:
-#line 2977 "seclang-parser.yy"
+#line 2988 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::RemoveCommentsChar(yystack_[0].value.as < std::string > ()));
       }
-#line 5536 "seclang-parser.cc"
+#line 5547 "seclang-parser.cc"
     break;
 
   case 429:
-#line 2981 "seclang-parser.yy"
+#line 2992 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::RemoveComments(yystack_[0].value.as < std::string > ()));
       }
-#line 5544 "seclang-parser.cc"
+#line 5555 "seclang-parser.cc"
     break;
 
   case 430:
-#line 2985 "seclang-parser.yy"
+#line 2996 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::transformations::ReplaceComments(yystack_[0].value.as < std::string > ()));
       }
-#line 5552 "seclang-parser.cc"
+#line 5563 "seclang-parser.cc"
     break;
 
   case 431:
-#line 2992 "seclang-parser.yy"
+#line 3003 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::SetVar(actions::SetVarOperation::unsetOperation, std::move(yystack_[0].value.as < std::unique_ptr<Variable> > ())));
       }
-#line 5560 "seclang-parser.cc"
+#line 5571 "seclang-parser.cc"
     break;
 
   case 432:
-#line 2996 "seclang-parser.yy"
+#line 3007 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::SetVar(actions::SetVarOperation::setToOneOperation, std::move(yystack_[0].value.as < std::unique_ptr<Variable> > ())));
       }
-#line 5568 "seclang-parser.cc"
+#line 5579 "seclang-parser.cc"
     break;
 
   case 433:
-#line 3000 "seclang-parser.yy"
+#line 3011 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::SetVar(actions::SetVarOperation::setOperation, std::move(yystack_[2].value.as < std::unique_ptr<Variable> > ()), std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 5576 "seclang-parser.cc"
+#line 5587 "seclang-parser.cc"
     break;
 
   case 434:
-#line 3004 "seclang-parser.yy"
+#line 3015 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::SetVar(actions::SetVarOperation::sumAndSetOperation, std::move(yystack_[2].value.as < std::unique_ptr<Variable> > ()), std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 5584 "seclang-parser.cc"
+#line 5595 "seclang-parser.cc"
     break;
 
   case 435:
-#line 3008 "seclang-parser.yy"
+#line 3019 "seclang-parser.yy"
       {
         ACTION_CONTAINER(yylhs.value.as < std::unique_ptr<actions::Action> > (), new actions::SetVar(actions::SetVarOperation::substractAndSetOperation, std::move(yystack_[2].value.as < std::unique_ptr<Variable> > ()), std::move(yystack_[0].value.as < std::unique_ptr<RunTimeString> > ())));
       }
-#line 5592 "seclang-parser.cc"
+#line 5603 "seclang-parser.cc"
     break;
 
   case 436:
-#line 3015 "seclang-parser.yy"
+#line 3026 "seclang-parser.yy"
       {
         yystack_[1].value.as < std::unique_ptr<RunTimeString> > ()->appendText(yystack_[0].value.as < std::string > ());
         yylhs.value.as < std::unique_ptr<RunTimeString> > () = std::move(yystack_[1].value.as < std::unique_ptr<RunTimeString> > ());
       }
-#line 5601 "seclang-parser.cc"
+#line 5612 "seclang-parser.cc"
     break;
 
   case 437:
-#line 3020 "seclang-parser.yy"
+#line 3031 "seclang-parser.yy"
       {
         yystack_[1].value.as < std::unique_ptr<RunTimeString> > ()->appendVar(std::move(yystack_[0].value.as < std::unique_ptr<Variable> > ()));
         yylhs.value.as < std::unique_ptr<RunTimeString> > () = std::move(yystack_[1].value.as < std::unique_ptr<RunTimeString> > ());
       }
-#line 5610 "seclang-parser.cc"
+#line 5621 "seclang-parser.cc"
     break;
 
   case 438:
-#line 3025 "seclang-parser.yy"
+#line 3036 "seclang-parser.yy"
       {
         std::unique_ptr<RunTimeString> r(new RunTimeString());
         r->appendText(yystack_[0].value.as < std::string > ());
         yylhs.value.as < std::unique_ptr<RunTimeString> > () = std::move(r);
       }
-#line 5620 "seclang-parser.cc"
+#line 5631 "seclang-parser.cc"
     break;
 
   case 439:
-#line 3031 "seclang-parser.yy"
+#line 3042 "seclang-parser.yy"
       {
         std::unique_ptr<RunTimeString> r(new RunTimeString());
         r->appendVar(std::move(yystack_[0].value.as < std::unique_ptr<Variable> > ()));
         yylhs.value.as < std::unique_ptr<RunTimeString> > () = std::move(r);
       }
-#line 5630 "seclang-parser.cc"
+#line 5641 "seclang-parser.cc"
     break;
 
 
-#line 5634 "seclang-parser.cc"
+#line 5645 "seclang-parser.cc"
 
             default:
               break;
@@ -7127,43 +7138,43 @@ namespace yy {
      921,   925,   929,   933,   937,   941,   945,   950,   954,   958,
      962,   966,   970,   975,   980,   984,   988,   992,   996,  1000,
     1004,  1008,  1012,  1016,  1020,  1024,  1028,  1032,  1036,  1040,
-    1044,  1048,  1052,  1066,  1067,  1097,  1116,  1135,  1163,  1220,
-    1227,  1231,  1235,  1239,  1243,  1247,  1251,  1255,  1264,  1268,
-    1273,  1276,  1281,  1286,  1291,  1296,  1299,  1304,  1307,  1312,
-    1317,  1320,  1325,  1330,  1335,  1340,  1345,  1350,  1355,  1358,
-    1363,  1368,  1373,  1378,  1381,  1386,  1391,  1396,  1409,  1422,
-    1435,  1448,  1461,  1487,  1515,  1527,  1547,  1574,  1580,  1585,
-    1590,  1599,  1604,  1608,  1612,  1616,  1620,  1624,  1628,  1633,
-    1638,  1650,  1656,  1660,  1664,  1675,  1684,  1685,  1692,  1697,
-    1702,  1756,  1763,  1771,  1808,  1812,  1819,  1824,  1830,  1836,
-    1842,  1849,  1859,  1863,  1867,  1871,  1875,  1879,  1883,  1887,
-    1891,  1895,  1899,  1903,  1907,  1911,  1915,  1919,  1923,  1927,
-    1931,  1935,  1939,  1943,  1947,  1951,  1955,  1959,  1963,  1967,
-    1971,  1975,  1979,  1983,  1987,  1991,  1995,  1999,  2003,  2007,
-    2011,  2015,  2019,  2023,  2027,  2031,  2035,  2039,  2043,  2047,
-    2051,  2055,  2059,  2063,  2067,  2071,  2075,  2079,  2083,  2087,
-    2091,  2095,  2099,  2103,  2107,  2111,  2115,  2119,  2123,  2127,
-    2131,  2135,  2139,  2143,  2147,  2151,  2155,  2159,  2163,  2167,
-    2171,  2175,  2179,  2183,  2187,  2191,  2195,  2199,  2203,  2207,
-    2211,  2215,  2220,  2224,  2228,  2233,  2237,  2241,  2246,  2251,
-    2255,  2259,  2263,  2267,  2271,  2275,  2279,  2283,  2287,  2291,
-    2295,  2299,  2303,  2307,  2311,  2315,  2319,  2323,  2327,  2331,
-    2335,  2339,  2343,  2347,  2351,  2355,  2359,  2363,  2367,  2371,
-    2375,  2379,  2383,  2387,  2391,  2395,  2399,  2403,  2407,  2411,
-    2415,  2419,  2423,  2427,  2431,  2435,  2439,  2443,  2447,  2451,
-    2455,  2459,  2463,  2467,  2471,  2475,  2479,  2483,  2487,  2491,
-    2499,  2506,  2513,  2520,  2527,  2534,  2541,  2548,  2555,  2562,
-    2569,  2576,  2586,  2590,  2594,  2598,  2602,  2606,  2610,  2614,
-    2619,  2624,  2629,  2633,  2637,  2641,  2645,  2650,  2655,  2659,
-    2663,  2667,  2671,  2675,  2679,  2683,  2687,  2691,  2695,  2699,
-    2703,  2707,  2712,  2716,  2720,  2724,  2728,  2732,  2736,  2740,
-    2744,  2748,  2752,  2756,  2760,  2764,  2768,  2772,  2776,  2780,
-    2784,  2788,  2792,  2796,  2800,  2804,  2808,  2812,  2816,  2820,
-    2824,  2828,  2832,  2836,  2840,  2844,  2848,  2852,  2856,  2860,
-    2864,  2868,  2872,  2876,  2880,  2884,  2888,  2892,  2896,  2900,
-    2904,  2908,  2912,  2916,  2920,  2924,  2928,  2932,  2936,  2940,
-    2944,  2948,  2952,  2956,  2960,  2964,  2968,  2972,  2976,  2980,
-    2984,  2991,  2995,  2999,  3003,  3007,  3014,  3019,  3024,  3030
+    1044,  1048,  1052,  1066,  1067,  1099,  1118,  1139,  1169,  1231,
+    1238,  1242,  1246,  1250,  1254,  1258,  1262,  1266,  1275,  1279,
+    1284,  1287,  1292,  1297,  1302,  1307,  1310,  1315,  1318,  1323,
+    1328,  1331,  1336,  1341,  1346,  1351,  1356,  1361,  1366,  1369,
+    1374,  1379,  1384,  1389,  1392,  1397,  1402,  1407,  1420,  1433,
+    1446,  1459,  1472,  1498,  1526,  1538,  1558,  1585,  1591,  1596,
+    1601,  1610,  1615,  1619,  1623,  1627,  1631,  1635,  1639,  1644,
+    1649,  1661,  1667,  1671,  1675,  1686,  1695,  1696,  1703,  1708,
+    1713,  1767,  1774,  1782,  1819,  1823,  1830,  1835,  1841,  1847,
+    1853,  1860,  1870,  1874,  1878,  1882,  1886,  1890,  1894,  1898,
+    1902,  1906,  1910,  1914,  1918,  1922,  1926,  1930,  1934,  1938,
+    1942,  1946,  1950,  1954,  1958,  1962,  1966,  1970,  1974,  1978,
+    1982,  1986,  1990,  1994,  1998,  2002,  2006,  2010,  2014,  2018,
+    2022,  2026,  2030,  2034,  2038,  2042,  2046,  2050,  2054,  2058,
+    2062,  2066,  2070,  2074,  2078,  2082,  2086,  2090,  2094,  2098,
+    2102,  2106,  2110,  2114,  2118,  2122,  2126,  2130,  2134,  2138,
+    2142,  2146,  2150,  2154,  2158,  2162,  2166,  2170,  2174,  2178,
+    2182,  2186,  2190,  2194,  2198,  2202,  2206,  2210,  2214,  2218,
+    2222,  2226,  2231,  2235,  2239,  2244,  2248,  2252,  2257,  2262,
+    2266,  2270,  2274,  2278,  2282,  2286,  2290,  2294,  2298,  2302,
+    2306,  2310,  2314,  2318,  2322,  2326,  2330,  2334,  2338,  2342,
+    2346,  2350,  2354,  2358,  2362,  2366,  2370,  2374,  2378,  2382,
+    2386,  2390,  2394,  2398,  2402,  2406,  2410,  2414,  2418,  2422,
+    2426,  2430,  2434,  2438,  2442,  2446,  2450,  2454,  2458,  2462,
+    2466,  2470,  2474,  2478,  2482,  2486,  2490,  2494,  2498,  2502,
+    2510,  2517,  2524,  2531,  2538,  2545,  2552,  2559,  2566,  2573,
+    2580,  2587,  2597,  2601,  2605,  2609,  2613,  2617,  2621,  2625,
+    2630,  2635,  2640,  2644,  2648,  2652,  2656,  2661,  2666,  2670,
+    2674,  2678,  2682,  2686,  2690,  2694,  2698,  2702,  2706,  2710,
+    2714,  2718,  2723,  2727,  2731,  2735,  2739,  2743,  2747,  2751,
+    2755,  2759,  2763,  2767,  2771,  2775,  2779,  2783,  2787,  2791,
+    2795,  2799,  2803,  2807,  2811,  2815,  2819,  2823,  2827,  2831,
+    2835,  2839,  2843,  2847,  2851,  2855,  2859,  2863,  2867,  2871,
+    2875,  2879,  2883,  2887,  2891,  2895,  2899,  2903,  2907,  2911,
+    2915,  2919,  2923,  2927,  2931,  2935,  2939,  2943,  2947,  2951,
+    2955,  2959,  2963,  2967,  2971,  2975,  2979,  2983,  2987,  2991,
+    2995,  3002,  3006,  3010,  3014,  3018,  3025,  3030,  3035,  3041
   };
 
   void
@@ -7195,9 +7206,9 @@ namespace yy {
 
 
 } // yy
-#line 7199 "seclang-parser.cc"
+#line 7210 "seclang-parser.cc"
 
-#line 3037 "seclang-parser.yy"
+#line 3048 "seclang-parser.yy"
 
 
 void yy::seclang_parser::error (const location_type& l, const std::string& m) {
diff --git a/src/parser/seclang-parser.yy b/src/parser/seclang-parser.yy
index 1e71c4fd..b59401e8 100644
--- a/src/parser/seclang-parser.yy
+++ b/src/parser/seclang-parser.yy
@@ -1067,10 +1067,12 @@ expression:
     | DIRECTIVE variables op actions
       {
         std::vector<actions::Action *> *a = new std::vector<actions::Action *>();
-        std::vector<actions::transformations::Transformation *> *t = new std::vector<actions::transformations::Transformation *>();
+        std::vector<std::shared_ptr<actions::transformations::Transformation> > *t = new std::vector<std::shared_ptr<actions::transformations::Transformation> >();
         for (auto &i : *$4.get()) {
             if (dynamic_cast<actions::transformations::Transformation *>(i.get())) {
-              t->push_back(dynamic_cast<actions::transformations::Transformation *>(i.release()));
+              std::shared_ptr<actions::Action> at = std::move(i);
+              std::shared_ptr<actions::transformations::Transformation> t2 = std::static_pointer_cast<actions::transformations::Transformation>(std::move(at));
+              t->push_back(std::move(t2));
             } else {
               a->push_back(i.release());
             }
@@ -1116,10 +1118,12 @@ expression:
     | CONFIG_DIR_SEC_ACTION actions
       {
         std::vector<actions::Action *> *a = new std::vector<actions::Action *>();
-        std::vector<actions::transformations::Transformation *> *t = new std::vector<actions::transformations::Transformation *>();
+        std::vector<std::shared_ptr<actions::transformations::Transformation> > *t = new std::vector<std::shared_ptr<actions::transformations::Transformation> >();
         for (auto &i : *$2.get()) {
             if (dynamic_cast<actions::transformations::Transformation *>(i.get())) {
-              t->push_back(dynamic_cast<actions::transformations::Transformation *>(i.release()));
+              std::shared_ptr<actions::Action> at = std::move(i);
+              std::shared_ptr<actions::transformations::Transformation> t2 = std::static_pointer_cast<actions::transformations::Transformation>(std::move(at));
+              t->push_back(std::move(t2));
             } else {
               a->push_back(i.release());
             }
@@ -1136,10 +1140,12 @@ expression:
       {
         std::string err;
         std::vector<actions::Action *> *a = new std::vector<actions::Action *>();
-        std::vector<actions::transformations::Transformation *> *t = new std::vector<actions::transformations::Transformation *>();
+        std::vector<std::shared_ptr<actions::transformations::Transformation> > *t = new std::vector<std::shared_ptr<actions::transformations::Transformation> >();
         for (auto &i : *$2.get()) {
             if (dynamic_cast<actions::transformations::Transformation *>(i.get())) {
-              t->push_back(dynamic_cast<actions::transformations::Transformation *>(i.release()));
+              std::shared_ptr<actions::Action> at = std::move(i);
+              std::shared_ptr<actions::transformations::Transformation> t2 = std::static_pointer_cast<actions::transformations::Transformation>(std::move(at));
+              t->push_back(std::move(t2));
             } else {
               a->push_back(i.release());
             }
@@ -1211,8 +1217,13 @@ expression:
         }
 
         for (actions::Action *a : checkedActions) {
-            driver.m_rulesSetPhases[definedPhase]->m_defaultActions.push_back(
-                std::unique_ptr<actions::Action>(a));
+            if (dynamic_cast<actions::transformations::Transformation *>(a)) {
+              driver.m_rulesSetPhases[definedPhase]->m_defaultTransformations.push_back(
+                std::shared_ptr<actions::transformations::Transformation>(
+                dynamic_cast<actions::transformations::Transformation *>(a)));
+            } else {
+              driver.m_rulesSetPhases[definedPhase]->m_defaultActions.push_back(std::unique_ptr<Action>(a));
+            }
         }
 
         delete actions;
diff --git a/src/rule_message.cc b/src/rule_message.cc
index 7e394c14..40c505de 100644
--- a/src/rule_message.cc
+++ b/src/rule_message.cc
@@ -26,27 +26,25 @@ namespace modsecurity {
 std::string RuleMessage::_details(const RuleMessage *rm) {
     std::string msg;
 
-    msg.append(" [file \"" + std::string(*rm->m_ruleFile.get()) + "\"]");
-    msg.append(" [line \"" + std::to_string(rm->m_ruleLine) + "\"]");
-    msg.append(" [id \"" + std::to_string(rm->m_ruleId) + "\"]");
-    msg.append(" [rev \"" + rm->m_rev + "\"]");
+    msg.append(" [file \"" + rm->getFileName() + "\"]");
+    msg.append(" [line \"" + std::to_string(rm->getLineNumber()) + "\"]");
+    msg.append(" [id \"" + std::to_string(rm->getRuleId()) + "\"]");
+    msg.append(" [rev \"" + rm->getRev() + "\"]");
     msg.append(" [msg \"" + rm->m_message + "\"]");
     msg.append(" [data \"" + utils::string::limitTo(200, rm->m_data) + "\"]");
     msg.append(" [severity \"" +
         std::to_string(rm->m_severity) + "\"]");
-    msg.append(" [ver \"" + rm->m_ver + "\"]");
-    msg.append(" [maturity \"" + std::to_string(rm->m_maturity) + "\"]");
-    msg.append(" [accuracy \"" + std::to_string(rm->m_accuracy) + "\"]");
 
+    msg.append(" [ver \"" + rm->getVer() + "\"]");
+    msg.append(" [maturity \"" + std::to_string(rm->getMaturity()) + "\"]");
+    msg.append(" [accuracy \"" + std::to_string(rm->getAccuracy()) + "\"]");
     for (auto &a : rm->m_tags) {
         msg.append(" [tag \"" + a + "\"]");
     }
-
-    msg.append(" [hostname \"" + *rm->m_serverIpAddress.get() \
-        + "\"]");
-    msg.append(" [uri \"" + utils::string::limitTo(200, *rm->m_uriNoQueryStringDecoded.get()) + "\"]");
-    msg.append(" [unique_id \"" + *rm->m_id + "\"]");
-    msg.append(" [ref \"" + utils::string::limitTo(200, rm->m_reference) + "\"]");
+    msg.append(" [hostname \"" + rm->getServerIpAddress() + "\"]");
+    msg.append(" [uri \"" + utils::string::limitTo(200, rm->getUri()) + "\"]");
+    msg.append(" [unique_id \"" + rm->getRequestId() + "\"]");
+    msg.append(" [ref \"" + rm->m_reference + "\"]");
 
     return msg;
 }
@@ -55,9 +53,9 @@ std::string RuleMessage::_details(const RuleMessage *rm) {
 std::string RuleMessage::_errorLogTail(const RuleMessage *rm) {
     std::string msg;
 
-    msg.append("[hostname \"" + *rm->m_serverIpAddress.get() + "\"]");
-    msg.append(" [uri \"" + utils::string::limitTo(200, *rm->m_uriNoQueryStringDecoded.get()) + "\"]");
-    msg.append(" [unique_id \"" + *rm->m_id + "\"]");
+    msg.append("[hostname \"" + rm->getServerIpAddress() + "\"]");
+    msg.append(" [uri \"" + rm->getUri() + "\"]");
+    msg.append(" [unique_id \"" + rm->getRequestId() + "\"]");
 
     return msg;
 }
@@ -68,10 +66,11 @@ std::string RuleMessage::log(const RuleMessage *rm, int props, int code) {
     msg.reserve(2048);
 
     if (props & ClientLogMessageInfo) {
-        msg.append("[client " + std::string(*rm->m_clientIpAddress.get()) + "] ");
+        msg.append("[client " + rm->getClientIpAddress() + "] ");
     }
 
-    if (rm->m_isDisruptive) {
+    if (rm->isDisruptive()
+        && (rm->m_transaction->getRuleEngineState() == RulesSet::EnabledRuleEngine)) {
         msg.append("ModSecurity: Access denied with code ");
         if (code == -1) {
             msg.append("%d");
@@ -79,7 +78,7 @@ std::string RuleMessage::log(const RuleMessage *rm, int props, int code) {
             msg.append(std::to_string(code));
         }
         msg.append(" (phase ");
-        msg.append(std::to_string(rm->m_rule->getPhase() - 1) + "). ");
+        msg.append(std::to_string(rm->getPhase() - 1) + "). ");
     } else {
         msg.append("ModSecurity: Warning. ");
     }
diff --git a/src/rule_script.cc b/src/rule_script.cc
index e4ce5315..bd0bef67 100644
--- a/src/rule_script.cc
+++ b/src/rule_script.cc
@@ -19,23 +19,22 @@
 namespace modsecurity {
 
 bool RuleScript::init(std::string *err) {
-    return m_lua.load(m_name, err);
+    return m_lua->load(m_name, err);
 }
 
-bool RuleScript::evaluate(Transaction *trans,
-    std::shared_ptr<RuleMessage> ruleMessage) {
+bool RuleScript::evaluate(Transaction *trans) {
 
     ms_dbg_a(trans, 4, " Executing script: " + m_name + ".");
 
     bool containsDisruptive = false;
 
     executeActionsIndependentOfChainedRuleResult(trans,
-        &containsDisruptive, ruleMessage);
+        &containsDisruptive);
 
-    bool ret = m_lua.run(trans);
+    bool ret = m_lua->run(trans);
 
     if (ret) {
-        executeActionsAfterFullMatch(trans, containsDisruptive, ruleMessage);
+        executeActionsAfterFullMatch(trans, containsDisruptive);
     }
 
     return ret;
diff --git a/src/rule_script.h b/src/rule_script.h
index f8b79305..352fa483 100644
--- a/src/rule_script.h
+++ b/src/rule_script.h
@@ -50,15 +50,20 @@ class RuleScript : public RuleWithActions {
         std::unique_ptr<std::string> fileName,
         int lineNumber)
             : RuleWithActions(actions, t, std::move(fileName), lineNumber),
-        m_name(name) { }
+        m_name(name),
+        m_lua(std::unique_ptr<engine::Lua>(new engine::Lua())) { }
+
+    RuleScript(const RuleScript &rs)
+        : RuleWithActions(rs),
+        m_name(rs.m_name),
+        m_lua(rs.m_lua) { }
+
 
     bool init(std::string *err);
-    bool evaluate(Transaction *trans,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
-
+    bool evaluate(Transaction *trans) override;
 
     std::string m_name;
-    engine::Lua m_lua;
+    std::shared_ptr<engine::Lua> m_lua;
 };
 
 }  // namespace modsecurity
diff --git a/src/rule_unconditional.cc b/src/rule_unconditional.cc
index 17532c67..26d52651 100644
--- a/src/rule_unconditional.cc
+++ b/src/rule_unconditional.cc
@@ -19,9 +19,8 @@
 namespace modsecurity {
 
 
-bool RuleUnconditional::evaluate(Transaction *trans,
-    std::shared_ptr<RuleMessage> ruleMessage) {
-    RuleWithActions::evaluate(trans, ruleMessage);
+bool RuleUnconditional::evaluate(Transaction *trans) {
+    RuleWithActions::evaluate(trans);
 
     // FIXME: This needs to be romeved on the runtime exeption review.
     bool containsBlock = false;
@@ -30,11 +29,11 @@ bool RuleUnconditional::evaluate(Transaction *trans,
         + ") Executing unconditional rule...");
 
     executeActionsIndependentOfChainedRuleResult(trans,
-        &containsBlock, ruleMessage);
+        &containsBlock);
 
-    executeActionsAfterFullMatch(trans, containsBlock, ruleMessage);
+    executeActionsAfterFullMatch(trans, containsBlock);
 
-    performLogging(trans, ruleMessage);
+    trans->logMatchLastRuleOnTheChain(this);
 
     return true;
 }
diff --git a/src/rule_with_actions.cc b/src/rule_with_actions.cc
index bc9360b6..8b541b78 100644
--- a/src/rule_with_actions.cc
+++ b/src/rule_with_actions.cc
@@ -34,8 +34,13 @@
 #include "src/utils/string.h"
 #include "modsecurity/rule_message.h"
 #include "modsecurity/rule_with_actions.h"
+#include "src/actions/accuracy.h"
+#include "src/actions/maturity.h"
 #include "src/actions/msg.h"
+#include "src/actions/log.h"
+#include "src/actions/no_log.h"
 #include "src/actions/log_data.h"
+#include "src/actions/rev.h"
 #include "src/actions/severity.h"
 #include "src/actions/capture.h"
 #include "src/actions/multi_match.h"
@@ -60,126 +65,182 @@ RuleWithActions::RuleWithActions(
     std::unique_ptr<std::string> fileName,
     int lineNumber)
     : Rule(std::move(fileName), lineNumber),
-    m_rev(""),
-    m_ver(""),
-    m_accuracy(0),
-    m_maturity(0),
     m_ruleId(0),
     m_chainedRuleChild(nullptr),
     m_chainedRuleParent(nullptr),
     m_disruptiveAction(nullptr),
     m_logData(nullptr),
     m_msg(nullptr),
-    m_severity(nullptr),
     m_actionsRuntimePos(),
     m_actionsSetVar(),
     m_actionsTag(),
-    m_transformations(transformations != NULL ? *transformations : Transformations()),
+    m_defaultActionDisruptiveAction(nullptr),
+    m_defaultActionLogData(nullptr),
+    m_defaultActionMsg(nullptr),
+    m_defaultActionActionsRuntimePos(),
+    m_defaultActionActionsSetVar(),
+    m_defaultActionActionsTag(),
+    m_transformations(transformations != nullptr ? *transformations : Transformations()),
+    m_defaultTransformations(),
+    m_severity(SEVERITY_NOT_SET),
+    m_revision(""),
+    m_version(""),
+    m_accuracy(ACCURACY_NOT_SET),
+    m_maturity(MATURITY_NOT_SET),
     m_containsCaptureAction(false),
+    m_containsLogAction(false),
+    m_containsNoLogAction(false),
     m_containsMultiMatchAction(false),
     m_containsStaticBlockAction(false),
+    m_defaultSeverity(SEVERITY_NOT_SET),
+    m_defaultRevision(""),
+    m_defaultVersion(""),
+    m_defaultAccuracy(ACCURACY_NOT_SET),
+    m_defaultMaturity(MATURITY_NOT_SET),
+    m_defaultContainsCaptureAction(false),
+    m_defaultContainsLogAction(false),
+    m_defaultContainsNoLogAction(false),
+    m_defaultContainsMultiMatchAction(false),
+    m_defaultContainsStaticBlockAction(false),
     m_isChained(false) {
 
     if (actions) {
-        for (Action *a : *actions) {
-            if (a->action_kind == Action::ConfigurationKind) {
-                a->evaluate(this, NULL);
-                delete a;
-
-            } else if (a->action_kind == Action::RunTimeOnlyIfMatchKind) {
-                if (dynamic_cast<actions::Capture *>(a)) {
-                    m_containsCaptureAction = true;
-                    delete a;
-                } else if (dynamic_cast<actions::MultiMatch *>(a)) {
-                    m_containsMultiMatchAction = true;
-                    delete a;
-                } else if (dynamic_cast<actions::Severity *>(a)) {
-                    m_severity = dynamic_cast<actions::Severity *>(a);
-                } else if (dynamic_cast<actions::LogData *>(a)) {
-                    m_logData = dynamic_cast<actions::LogData*>(a);
-                } else if (dynamic_cast<actions::Msg *>(a)) {
-                    m_msg = dynamic_cast<actions::Msg*>(a);
-                } else if (dynamic_cast<actions::SetVar *>(a)) {
-                    m_actionsSetVar.push_back(
-                        dynamic_cast<actions::SetVar *>(a));
-                } else if (dynamic_cast<actions::Tag *>(a)) {
-                    m_actionsTag.push_back(dynamic_cast<actions::Tag *>(a));
-                } else if (dynamic_cast<actions::Block *>(a)) {
-                    m_actionsRuntimePos.push_back(a);
-                    m_containsStaticBlockAction = true;
-                } else if (a->isDisruptive() == true) {
-                    if (m_disruptiveAction != nullptr) {
-                        delete m_disruptiveAction;
-                        m_disruptiveAction = nullptr;
-                    }
-                    m_disruptiveAction = a;
-                } else {
-                    m_actionsRuntimePos.push_back(a);
-                }
-            } else {
-                delete a;
-                std::cout << "General failure, action: " << a->m_name;
-                std::cout << " has an unknown type." << std::endl;
-                throw;
-            }
+        for (actions::Action *a : *actions) {
+            addAction(a);
         }
-        delete actions;
     }
 }
 
-RuleWithActions::~RuleWithActions() {
-    if (m_severity) {
-        delete m_severity;
-        m_severity = nullptr;
+void RuleWithActions::addDefaultAction(std::shared_ptr<actions::Action> a) {
+    if (a->action_kind == Action::ConfigurationKind) {
+        a->evaluate(this, NULL);
+        return;
     }
-    if (m_logData) {
-        delete m_logData;
-        m_logData = nullptr;
+
+    if (a->action_kind == Action::ConfigurationKind) {
+        if (dynamic_cast<actions::Accuracy *>(a.get())) {
+            actions::Accuracy *accuracy = dynamic_cast<actions::Accuracy *>(a.get());
+            m_defaultAccuracy = accuracy->getAccuracy();
+        } else if (dynamic_cast<actions::Rev *>(a.get())) {
+            actions::Rev *rev = dynamic_cast<actions::Rev *>(a.get());
+            m_defaultRevision = rev->getRevision();
+        } else {
+            a->evaluate(this, NULL);
+        }
+        return;
     }
-    if (m_msg) {
-        delete m_msg;
-        m_msg = nullptr;
-    }
-    while (m_transformations.empty() == false) {
-        auto *a = m_transformations.back();
-        m_transformations.pop_back();
-        delete a;
-    }
-    while (m_actionsRuntimePos.empty() == false) {
-        auto *a = m_actionsRuntimePos.back();
-        m_actionsRuntimePos.pop_back();
-        delete a;
-    }
-    while (m_actionsSetVar.empty() == false) {
-        auto *a = m_actionsSetVar.back();
-        m_actionsSetVar.pop_back();
-        delete a;
-    }
-    while (m_actionsTag.empty() == false) {
-        auto *a = m_actionsTag.back();
-        m_actionsTag.pop_back();
-        delete a;
-    }
-    if (m_disruptiveAction != nullptr) {
-        delete m_disruptiveAction;
-        m_disruptiveAction = nullptr;
+
+    if (a->action_kind == Action::RunTimeOnlyIfMatchKind) {
+        if (dynamic_cast<actions::Capture *>(a.get())) {
+            m_defaultContainsCaptureAction = true;
+        } else if (dynamic_cast<actions::MultiMatch *>(a.get())) {
+            m_defaultContainsMultiMatchAction = true;
+        } else if (dynamic_cast<actions::Severity *>(a.get())) {
+            actions::Severity *severity = dynamic_cast<actions::Severity *>(a.get());
+            setDefaultActionSeverity(severity->m_severity);
+        } else if (dynamic_cast<actions::Maturity *>(a.get())) {
+            actions::Maturity *maturity = dynamic_cast<actions::Maturity *>(a.get());
+            setDefaultActionMaturity(maturity->getMaturity());
+        } else if (dynamic_cast<actions::LogData *>(a.get())) {
+            m_defaultActionLogData = std::static_pointer_cast<actions::LogData>(a);
+        } else if (dynamic_cast<actions::Msg *>(a.get())) {
+            m_defaultActionMsg = std::static_pointer_cast<actions::Msg>(a);
+        } else if (dynamic_cast<actions::SetVar *>(a.get())) {
+            m_defaultActionActionsSetVar.push_back(std::static_pointer_cast<actions::SetVar>(a));
+        } else if (dynamic_cast<actions::Tag *>(a.get())) {
+            m_defaultActionActionsTag.push_back(std::static_pointer_cast<actions::Tag>(a));
+        } else if (dynamic_cast<actions::Log *>(a.get())) {
+            m_defaultContainsLogAction = true;
+        } else if (dynamic_cast<actions::NoLog *>(a.get())) {
+            m_defaultContainsNoLogAction = true;
+        } else if (dynamic_cast<actions::Block *>(a.get())) {
+            m_defaultActionActionsRuntimePos.push_back(a);
+            m_defaultContainsStaticBlockAction = true;
+        } else if (a->isDisruptive() == true) {
+            m_defaultActionDisruptiveAction = a;
+        } else {
+            m_defaultActionActionsRuntimePos.push_back(a);
+        }
+        return;
     }
+
+    std::cout << "General failure, action: " << *a->m_name;
+    std::cout << " has an unknown type." << std::endl;
+    throw;
+
 }
 
+void RuleWithActions::addAction(actions::Action *a) {
+    if (a->action_kind == Action::ConfigurationKind) {
+        if (dynamic_cast<actions::Accuracy *>(a)) {
+            actions::Accuracy *accuracy = dynamic_cast<actions::Accuracy *>(a);
+            m_accuracy = accuracy->getAccuracy();
+        } else if (dynamic_cast<actions::Rev *>(a)) {
+            actions::Rev *rev = dynamic_cast<actions::Rev *>(a);
+            m_revision = rev->getRevision();
+        } else {
+            a->evaluate(this, NULL);
+        }
+        delete a;
+        return;
+    }
+
+    if (a->action_kind == Action::RunTimeOnlyIfMatchKind) {
+        if (dynamic_cast<actions::Capture *>(a)) {
+            m_containsCaptureAction = true;
+            delete a;
+        } else if (dynamic_cast<actions::MultiMatch *>(a)) {
+            m_containsMultiMatchAction = true;
+            delete a;
+        } else if (dynamic_cast<actions::Severity *>(a)) {
+            actions::Severity *severity = dynamic_cast<actions::Severity *>(a);
+            setSeverity(severity->m_severity);
+            delete a;
+        } else if (dynamic_cast<actions::LogData *>(a)) {
+            m_logData = std::unique_ptr<actions::LogData>(dynamic_cast<actions::LogData*>(a));
+        } else if (dynamic_cast<actions::Msg *>(a)) {
+            m_msg = std::unique_ptr<actions::Msg>(dynamic_cast<actions::Msg*>(a));
+        } else if (dynamic_cast<actions::SetVar *>(a)) {
+            m_actionsSetVar.push_back(std::unique_ptr<actions::SetVar>(dynamic_cast<actions::SetVar *>(a)));
+        } else if (dynamic_cast<actions::Maturity *>(a)) {
+            actions::Maturity *maturity = dynamic_cast<actions::Maturity *>(a);
+            m_maturity = maturity->getMaturity();
+            delete a;
+        } else if (dynamic_cast<actions::Log *>(a)) {
+            m_containsLogAction = true;
+            delete a;
+        } else if (dynamic_cast<actions::NoLog *>(a)) {
+            m_containsNoLogAction = true;
+            delete a;
+        } else if (dynamic_cast<actions::Tag *>(a)) {
+            m_actionsTag.push_back(std::unique_ptr<actions::Tag>(dynamic_cast<actions::Tag *>(a)));
+        } else if (dynamic_cast<actions::Block *>(a)) {
+            m_actionsRuntimePos.push_back(std::unique_ptr<actions::Block>(dynamic_cast<actions::Block*>(a)));
+            m_containsStaticBlockAction = true;
+        } else if (a->isDisruptive() == true) {
+            m_disruptiveAction = std::unique_ptr<Action>(a);
+        } else {
+            m_actionsRuntimePos.push_back(std::unique_ptr<Action>(a));
+        }
+        return;
+    }
+
+    std::cout << "General failure, action: " << *a->m_name;
+    std::cout << " has an unknown type." << std::endl;
+    delete a;
+    throw;
+
+}
+
+
+RuleWithActions::~RuleWithActions() { }
+
 
 bool RuleWithActions::evaluate(Transaction *transaction) {
-    RuleMessage rm(this, transaction);
-    std::shared_ptr<RuleMessage> rm2 = std::make_shared<RuleMessage>(&rm);
-    return evaluate(transaction, rm2);
-}
-
-
-bool RuleWithActions::evaluate(Transaction *transaction,
-    std::shared_ptr<RuleMessage> ruleMessage) {
 
     /* Rule evaluate is pure virtual.
      *
-     * Rule::evaluate(transaction, ruleMessage);
+     * Rule::evaluate(transaction);
      */
 
     /* Matched vars needs to be clear at every new rule execution */
@@ -190,9 +251,9 @@ bool RuleWithActions::evaluate(Transaction *transaction,
 
 
 void RuleWithActions::executeActionsIndependentOfChainedRuleResult(Transaction *trans,
-    bool *containsBlock, std::shared_ptr<RuleMessage> ruleMessage) {
+    bool *containsBlock) {
 
-    for (actions::SetVar *a : m_actionsSetVar) {
+    for (actions::SetVar *a : getSetVarsActionsPtr()) {
         ms_dbg_a(trans, 4, "Running [independent] (non-disruptive) " \
             "action: " + *a->m_name.get());
 
@@ -211,41 +272,43 @@ void RuleWithActions::executeActionsIndependentOfChainedRuleResult(Transaction *
         } else if (*a->m_name.get() == "setvar") {
             ms_dbg_a(trans, 4, "Running [independent] (non-disruptive) " \
                 "action: " + *a->m_name.get());
-            a->evaluate(this, trans, ruleMessage);
+            a->evaluate(this, trans, *trans->messageGetLast());
         }
     }
 
-    if (m_severity) {
-        m_severity->evaluate(this, trans, ruleMessage);
-    }
-
     if (m_logData) {
-        m_logData->evaluate(this, trans, ruleMessage);
+        m_logData->evaluate(this, trans, *trans->messageGetLast());
+    } else if (m_defaultActionLogData) {
+        m_defaultActionLogData->evaluate(this, trans, *trans->messageGetLast());
     }
 
     if (m_msg) {
-        m_msg->evaluate(this, trans, ruleMessage);
+        m_msg->evaluate(this, trans, *trans->messageGetLast());
+    } else if (m_defaultActionMsg) {
+        m_defaultActionMsg->evaluate(this, trans, *trans->messageGetLast());
     }
 }
 
 
 void RuleWithActions::executeActionsAfterFullMatch(Transaction *trans,
-    bool containsBlock, std::shared_ptr<RuleMessage> ruleMessage) {
+    bool containsBlock) {
     bool disruptiveAlreadyExecuted = false;
 
-    for (auto &a : trans->m_rules->m_rulesSetPhases[getPhase()]->m_defaultActions) {
+#if 0
+    for (auto &a : trans->m_rules->m_defaultActions[getPhase()]) {
         if (a.get()->action_kind != actions::Action::RunTimeOnlyIfMatchKind) {
             continue;
         }
         if (!a.get()->isDisruptive()) {
-            executeAction(trans, containsBlock, ruleMessage, a.get(), true);
+            executeAction(trans, containsBlock, a.get(), true);
         }
     }
+#endif
 
-    for (actions::Tag *a : this->m_actionsTag) {
+    for (actions::Tag *a : getTagsActionPtr()) {
         ms_dbg_a(trans, 4, "Running (non-disruptive) action: " \
             + *a->m_name.get());
-        a->evaluate(this, trans, ruleMessage);
+        a->evaluate(this, trans, *trans->messageGetLast());
     }
 
     for (auto &b :
@@ -254,30 +317,34 @@ void RuleWithActions::executeActionsAfterFullMatch(Transaction *trans,
             continue;
         }
         actions::Action *a = dynamic_cast<actions::Action*>(b.second.get());
-        executeAction(trans, containsBlock, ruleMessage, a, false);
+        executeAction(trans, containsBlock, a, false);
         disruptiveAlreadyExecuted = true;
     }
-    for (Action *a : this->m_actionsRuntimePos) {
+    for (auto &a : getMatchActionsPtr()) {
         if (!a->isDisruptive()
                 && !(disruptiveAlreadyExecuted
                 && dynamic_cast<actions::Block *>(a))) {
-            executeAction(trans, containsBlock, ruleMessage, a, false);
+            executeAction(trans, containsBlock, a, false);
         }
     }
     if (!disruptiveAlreadyExecuted && m_disruptiveAction != nullptr) {
-        executeAction(trans, containsBlock, ruleMessage,
-            m_disruptiveAction, false);
+        executeAction(trans, containsBlock,
+            m_disruptiveAction.get(), false);
+    } else if  (!disruptiveAlreadyExecuted && hasBlockAction()
+        && m_defaultActionDisruptiveAction != nullptr) {
+        executeAction(trans, containsBlock,
+            m_defaultActionDisruptiveAction.get(), false);
     }
 }
 
 
 void RuleWithActions::executeAction(Transaction *trans,
-    bool containsBlock, std::shared_ptr<RuleMessage> ruleMessage,
+    bool containsBlock,
     Action *a, bool defaultContext) {
     if (a->isDisruptive() == false && *a->m_name.get() != "block") {
         ms_dbg_a(trans, 9, "Running " \
             "action: " + *a->m_name.get());
-        a->evaluate(this, trans, ruleMessage);
+        a->evaluate(this, trans, *trans->messageGetLast());
         return;
     }
 
@@ -290,7 +357,7 @@ void RuleWithActions::executeAction(Transaction *trans,
     if (trans->getRuleEngineState() == RulesSet::EnabledRuleEngine) {
         ms_dbg_a(trans, 4, "Running (disruptive)     action: " + *a->m_name.get() + \
             ".");
-        a->evaluate(this, trans, ruleMessage);
+        a->evaluate(this, trans, *trans->messageGetLast());
         return;
     }
 
@@ -339,37 +406,20 @@ void RuleWithActions::executeTransformations(
     std::shared_ptr<std::string> value =
         std::shared_ptr<std::string>(new std::string(in));
 
-    if (m_containsMultiMatchAction == true) {
+    if (hasMultimatchAction()) {
         /* keep the original value */
         ret.push_back(std::make_pair(
             std::shared_ptr<std::string>(new std::string(*value)),
             std::shared_ptr<std::string>(new std::string(path))));
     }
 
-    for (Action *a : m_transformations) {
+    for (Action *a : getTransformationPtr()) {
         if (a->m_isNone) {
             none++;
         }
     }
 
-    // Check for transformations on the SecDefaultAction
-    // Notice that first we make sure that won't be a t:none
-    // on the target rule.
-    if (none == 0) {
-        for (auto &a : trans->m_rules->m_rulesSetPhases[getPhase()]->m_defaultActions) {
-            if (a->action_kind \
-                != actions::Action::RunTimeBeforeMatchAttemptKind) {
-                continue;
-            }
-
-            // FIXME: here the object needs to be a transformation already.
-            Transformation *t = dynamic_cast<Transformation *>(a.get());
-            executeTransformation(t, &value, trans, &ret, &path,
-                &transformations);
-        }
-    }
-
-    for (Transformation *a : m_transformations) {
+    for (Transformation *a : getTransformationPtr()) {
         if (none == 0) {
             Transformation *t = dynamic_cast<Transformation *>(a);
             executeTransformation(t, &value, trans, &ret, &path,
@@ -423,8 +473,8 @@ void RuleWithActions::executeTransformations(
 }
 
 
-bool RuleWithActions::containsTag(const std::string& name, Transaction *t) {
-    for (auto &tag : m_actionsTag) {
+bool RuleWithActions::containsTag(const std::string& name, Transaction *t) const {
+    for (auto &tag : getTagsAction()) {
         if (tag != NULL && tag->getName(t) == name) {
             return true;
         }
@@ -441,12 +491,12 @@ bool RuleWithActions::containsMsg(const std::string& name, Transaction *t) {
 std::vector<actions::Action *> RuleWithActions::getActionsByName(const std::string& name,
     Transaction *trans) {
     std::vector<actions::Action *> ret;
-    for (auto &z : m_actionsRuntimePos) {
+    for (auto &z : getMatchActionsPtr()) {
         if (*z->m_name.get() == name) {
             ret.push_back(z);
         }
     }
-    for (auto &z : m_transformations) {
+    for (auto &z : getTransformationPtr()) {
         if (*z->m_name.get() == name) {
             ret.push_back(z);
         }
@@ -474,76 +524,9 @@ std::vector<actions::Action *> RuleWithActions::getActionsByName(const std::stri
     return ret;
 }
 
-void RuleWithActions::performLogging(Transaction *trans,
-    std::shared_ptr<RuleMessage> ruleMessage,
-    bool lastLog,
-    bool chainedParentNull) {
+std::string RuleWithActions::getLogData(Transaction *t) { return m_logData->data(t); }
+std::string RuleWithActions::getMessage(Transaction *t) { return m_msg->data(t); }
 
-    /* last rule in the chain. */
-    bool isItToBeLogged = ruleMessage->m_saveMessage;
-
-    /**
-    *
-    * RuleMessage is stacked allocated for the rule execution,
-    * anything beyond this may lead to invalid pointer access.
-    *
-    * In case of a warning, o set of messages is saved to be read
-    * at audit log generation. Therefore demands a copy here.
-    *
-    * FIXME: Study an way to avoid the copy.
-    *
-    **/
-    if (lastLog) {
-        if (chainedParentNull) {
-            isItToBeLogged = (ruleMessage->m_saveMessage && (m_chainedRuleParent == nullptr));
-            if (isItToBeLogged && !hasMultimatch()) {
-                /* warn */
-                trans->m_rulesMessages.push_back(*ruleMessage);
-
-                /* error */
-                if (!ruleMessage->m_isDisruptive) {
-                    trans->serverLog(ruleMessage);
-                }
-            }
-        } else if (hasBlockAction() && !hasMultimatch()) {
-            /* warn */
-            trans->m_rulesMessages.push_back(*ruleMessage);
-            /* error */
-            if (!ruleMessage->m_isDisruptive) {
-                trans->serverLog(ruleMessage);
-            }
-        } else {
-            if (isItToBeLogged && !hasMultimatch()
-                && !ruleMessage->m_message.empty()) {
-                /* warn */
-                trans->m_rulesMessages.push_back(*ruleMessage);
-
-                /* error */
-                if (!ruleMessage->m_isDisruptive) {
-                    trans->serverLog(ruleMessage);
-                }
-            }
-        }
-    } else {
-        if (hasMultimatch() && isItToBeLogged) {
-            /* warn */
-            trans->m_rulesMessages.push_back(*ruleMessage.get());
-
-            /* error */
-            if (!ruleMessage->m_isDisruptive) {
-                trans->serverLog(ruleMessage);
-            }
-
-            RuleMessage *rm = new RuleMessage(this, trans);
-            rm->m_saveMessage = ruleMessage->m_saveMessage;
-            ruleMessage.reset(rm);
-        }
-    }
-}
-
-std::string RuleWithActions::logData(Transaction *t) { return m_logData->data(t); }
-std::string RuleWithActions::msg(Transaction *t) { return m_msg->data(t); }
-int RuleWithActions::severity() const { return m_severity->m_severity; }
 
 
 }  // namespace modsecurity
diff --git a/src/rule_with_operator.cc b/src/rule_with_operator.cc
index 9e8305b9..7cf30079 100644
--- a/src/rule_with_operator.cc
+++ b/src/rule_with_operator.cc
@@ -58,24 +58,13 @@ RuleWithOperator::RuleWithOperator(Operator *op,
     std::unique_ptr<std::string> fileName,
     int lineNumber)
     : RuleWithActions(actions, transformations, std::move(fileName), lineNumber),
-    m_variables(_variables),
-    m_operator(op) { /* */ }
+    m_variables(std::unique_ptr<variables::Variables>(_variables)),
+    m_operator(std::unique_ptr<Operator>(op)) { /* */ }
+
+
 
 
 RuleWithOperator::~RuleWithOperator() {
-    if (m_operator != NULL) {
-        delete m_operator;
-    }
-
-    while (m_variables != NULL && m_variables->empty() == false) {
-        auto *a = m_variables->back();
-        m_variables->pop_back();
-        delete a;
-    }
-
-    if (m_variables != NULL) {
-        delete m_variables;
-    }
 }
 
 
@@ -101,7 +90,7 @@ void RuleWithOperator::cleanMatchedVars(Transaction *trans) {
 
 
 bool RuleWithOperator::executeOperatorAt(Transaction *trans, const std::string &key,
-    std::string value, std::shared_ptr<RuleMessage> ruleMessage) {
+    std::string value) {
 #if MSC_EXEC_CLOCK_ENABLED
     clock_t begin = clock();
     clock_t end;
@@ -113,7 +102,7 @@ bool RuleWithOperator::executeOperatorAt(Transaction *trans, const std::string &
         utils::string::toHexIfNeeded(value)) \
         + "\" (Variable: " + key + ")");
 
-    ret = this->m_operator->evaluateInternal(trans, this, value, ruleMessage);
+    ret = m_operator->evaluateInternal(trans, this, value, trans->messageGetLast());
 
     if (ret == false) {
         return false;
@@ -213,10 +202,9 @@ inline void RuleWithOperator::getFinalVars(variables::Variables *vars,
 }
 
 
-bool RuleWithOperator::evaluate(Transaction *trans,
-    std::shared_ptr<RuleMessage> ruleMessage) {
+bool RuleWithOperator::evaluate(Transaction *trans) {
     bool globalRet = false;
-    variables::Variables *variables = this->m_variables;
+    variables::Variables *variables = m_variables.get();
     bool recursiveGlobalRet;
     bool containsBlock = hasBlockAction();
     std::string eparam;
@@ -224,8 +212,7 @@ bool RuleWithOperator::evaluate(Transaction *trans,
     vars.reserve(4);
     variables::Variables exclusion;
 
-    RuleWithActions::evaluate(trans, ruleMessage);
-
+    RuleWithActions::evaluate(trans);
 
     // FIXME: Make a class runTimeException to handle this cases.
     for (auto &i : trans->m_ruleRemoveById) {
@@ -311,21 +298,21 @@ bool RuleWithOperator::evaluate(Transaction *trans,
                 bool ret;
                 std::string valueAfterTrans = std::move(*valueTemp.first);
 
-                ret = executeOperatorAt(trans, key, valueAfterTrans, ruleMessage);
+                ret = executeOperatorAt(trans, key, valueAfterTrans);
 
                 if (ret == true) {
-                    ruleMessage->m_match = m_operator->resolveMatchMessage(trans,
+                    trans->messageGetLast()->m_match = m_operator->resolveMatchMessage(trans,
                         key, value);
+
                     for (auto &i : v->getOrigin()) {
-                        ruleMessage->m_reference.append(i->toText());
+                        trans->messageGetLast()->m_reference.append(i->toText());
                     }
 
-                    ruleMessage->m_reference.append(*valueTemp.second);
+                    trans->messageGetLast()->m_reference.append(*valueTemp.second);
+
                     updateMatchedVars(trans, key, valueAfterTrans);
                     executeActionsIndependentOfChainedRuleResult(trans,
-                        &containsBlock, ruleMessage);
-
-                    performLogging(trans, ruleMessage, false);
+                        &containsBlock);
 
                     globalRet = true;
                 }
@@ -344,7 +331,7 @@ bool RuleWithOperator::evaluate(Transaction *trans,
     }
     ms_dbg_a(trans, 4, "Rule returned 1.");
 
-    if (this->isChained() == false) {
+    if (this->hasChainAction() == false) {
         goto end_exec;
     }
 
@@ -356,7 +343,7 @@ bool RuleWithOperator::evaluate(Transaction *trans,
     }
 
     ms_dbg_a(trans, 4, "Executing chained rule.");
-    recursiveGlobalRet = m_chainedRuleChild->evaluate(trans, ruleMessage);
+    recursiveGlobalRet = m_chainedRuleChild->evaluate(trans);
 
     if (recursiveGlobalRet == true) {
         goto end_exec;
@@ -366,10 +353,21 @@ end_clean:
     return false;
 
 end_exec:
-    executeActionsAfterFullMatch(trans, containsBlock, ruleMessage);
+    executeActionsAfterFullMatch(trans, containsBlock);
 
     /* last rule in the chain. */
-    performLogging(trans, ruleMessage, true, true);
+    trans->logMatchLastRuleOnTheChain(this);
+
+    if (hasSeverityAction()) {
+        ms_dbg_a(trans, 9, "This rule severity is: " + \
+            std::to_string(getSeverity()) + " current transaction is: " + \
+            std::to_string(trans->m_highestSeverityAction));
+
+        if (trans->m_highestSeverityAction > getSeverity()) {
+            trans->m_highestSeverityAction = getSeverity();
+        }
+    }
+
     return true;
 }
 
diff --git a/src/rules_set.cc b/src/rules_set.cc
index 11f25e9a..389aa5ed 100644
--- a/src/rules_set.cc
+++ b/src/rules_set.cc
@@ -31,6 +31,46 @@ using modsecurity::Utils::HttpsClient;
 
 namespace modsecurity {
 
+    void Rules::fixDefaultActions() {
+        for (size_t i = 0; i < m_rules.size(); i++) {
+            auto &rule = m_rules[i];
+
+            RuleWithActions *r = dynamic_cast<RuleWithActions *>(rule.get());
+            if (!r) {
+                continue;
+            }
+
+            if (dynamic_cast<RuleWithOperator *>(rule.get())) {
+                RuleWithOperator *op = new RuleWithOperator(*dynamic_cast<RuleWithOperator *>(rule.get()));
+                std::unique_ptr<RuleWithOperator> nrp(op);
+                m_rules[i] = std::move(nrp);
+            } else if (dynamic_cast<RuleUnconditional *>(rule.get())) {
+                RuleUnconditional *un = new RuleUnconditional(*dynamic_cast<RuleUnconditional *>(rule.get()));
+                std::unique_ptr<RuleUnconditional> nrp(un);
+                m_rules[i] = std::move(nrp);
+            } else if (dynamic_cast<RuleScript *>(rule.get())) {
+                RuleScript *rs = new RuleScript(*dynamic_cast<RuleScript *>(rule.get()));
+                std::unique_ptr<RuleScript> nrp(rs);
+                m_rules[i] = std::move(nrp);
+            } else {
+                RuleWithActions *nr = new RuleWithActions(*dynamic_cast<RuleWithActions *>(rule.get()));
+                std::unique_ptr<RuleWithActions> nrp(nr);
+                m_rules[i] = std::move(nrp);
+            }
+
+            RuleWithActions *nr = dynamic_cast<RuleWithActions *>(m_rules[i].get());
+            nr->clearDefaultActions();
+            for (auto a : m_defaultActions) {
+                nr->addDefaultAction(a);
+            }
+            for (auto a : m_defaultTransformations) {
+                nr->addDefaultTransformation(a);
+            }
+
+
+        }
+    }
+
 
 /**
  * @name    loadFromUri
diff --git a/src/rules_set_phases.cc b/src/rules_set_phases.cc
index 92086b00..39670177 100644
--- a/src/rules_set_phases.cc
+++ b/src/rules_set_phases.cc
@@ -62,11 +62,27 @@ int RulesSetPhases::append(RulesSetPhases *from, std::ostringstream *err) {
         }
         amount_of_rules = amount_of_rules + res;
 
-        std::vector<std::shared_ptr<actions::Action> > *actions_from = &from->at(phase)->m_defaultActions;
-        std::vector<std::shared_ptr<actions::Action> > *actions_to = &at(phase)->m_defaultActions;
 
-        for (size_t j = 0; j < actions_from->size(); j++) {
-            actions_to->push_back(actions_from->at(j));
+        /**
+         * An action set in a child will overwrite an action set on a parent.
+         *
+         */
+        std::vector<std::shared_ptr<actions::Action> > *actions_to = &at(phase)->m_defaultActions;
+        std::vector<std::shared_ptr<actions::transformations::Transformation> > *actions_t_to = &at(phase)->m_defaultTransformations;
+        if (actions_to->size() == 0 || actions_t_to->size() == 0) {
+            std::vector<std::shared_ptr<actions::Action> > *actions_from = &from->at(phase)->m_defaultActions;
+
+            actions_to->clear();
+            for (size_t j = 0; j < actions_from->size(); j++) {
+                actions_to->push_back(actions_from->at(j));
+            }
+
+            std::vector<std::shared_ptr<actions::transformations::Transformation> > *actions_t_from = &from->at(phase)->m_defaultTransformations;
+            actions_t_to->clear();
+            for (size_t j = 0; j < actions_t_from->size(); j++) {
+                actions_t_to->push_back(actions_t_from->at(j));
+            }
+            at(phase)->fixDefaultActions();
         }
     }
 
diff --git a/src/transaction.cc b/src/transaction.cc
index 9d608ecb..0c4a1727 100644
--- a/src/transaction.cc
+++ b/src/transaction.cc
@@ -61,6 +61,34 @@ using modsecurity::RequestBodyProcessor::XML;
 
 namespace modsecurity {
 
+
+RuleMessage *TransactionRuleMessageManagement::messageGetLast() {
+    return m_rulesMessages.back();
+}
+
+void TransactionRuleMessageManagement::logMatchLastRuleOnTheChain(RuleWithActions *rule) {
+    RuleMessage *rm = m_rulesMessages.back();
+
+    rm->setRule(rule);
+
+    if (rule->hasDisruptiveAction() && 
+        (m_transaction->getRuleEngineState() == RulesSet::DetectionOnlyRuleEngine)) {
+        /* error */
+        // The error goes over the disruptive massage. We don't need it here.
+        //m_transaction->serverLog(rm);
+    } else if (rule->hasBlockAction() && (!rule->hasNoLogAction()) || rule->hasLogAction()) {
+        /* Log as warning. */
+        m_transaction->serverLog(rm);
+    }
+
+    messageNew();
+}
+
+void TransactionRuleMessageManagement::messageNew() {
+    m_rulesMessages.push_back(new RuleMessage(m_transaction));
+}
+
+
 /**
  * @name    Transaction
  * @brief   Represents the inspection on an entire request.
@@ -122,7 +150,6 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, void *logCbData)
     m_ruleRemoveTargetById(),
     m_requestBodyAccess(RulesSet::PropertyNotSetConfigBoolean),
     m_auditLogModifier(),
-    m_rulesMessages(),
     m_requestBody(),
     m_responseBody(),
     /* m_id(), */
@@ -160,7 +187,8 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, void *logCbData)
     m_variableTimeWDay(""),
     m_variableTimeYear(""),
     m_logCbData(logCbData),
-    TransactionAnchoredVariables(this) {
+    TransactionAnchoredVariables(this),
+    TransactionRuleMessageManagement(this) {
     m_id = std::unique_ptr<std::string>(
         new std::string(
             std::to_string(m_timeStamp)));
@@ -195,7 +223,6 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, char *id, void *logCb
     m_ruleRemoveTargetById(),
     m_requestBodyAccess(RulesSet::PropertyNotSetConfigBoolean),
     m_auditLogModifier(),
-    m_rulesMessages(),
     m_requestBody(),
     m_responseBody(),
     m_id(std::unique_ptr<std::string>(new std::string(id))),
@@ -233,7 +260,8 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, char *id, void *logCb
     m_variableTimeWDay(""),
     m_variableTimeYear(""),
     m_logCbData(logCbData),
-    TransactionAnchoredVariables(this) {
+    TransactionAnchoredVariables(this),
+    TransactionRuleMessageManagement(this) {
 
     m_variableUrlEncodedError.set("0", 0);
 
@@ -250,7 +278,7 @@ Transaction::~Transaction() {
     m_requestBody.str(std::string());
     m_requestBody.clear();
 
-    m_rulesMessages.clear();
+    messageClear();
 
     intervention::free(&m_it);
     intervention::clean(&m_it);
@@ -1590,8 +1618,8 @@ std::string Transaction::toOldAuditLogFormat(int parts,
     }
     if (parts & audit_log::AuditLog::HAuditLogPart) {
         audit_log << "--" << trailer << "-" << "H--" << std::endl;
-        for (auto a : m_rulesMessages) {
-            audit_log << a.log(0, m_httpCodeReturned) << std::endl;
+        for (auto a : messageGetAll()) {
+            audit_log << a->log(0, m_httpCodeReturned) << std::endl;
         }
         audit_log << std::endl;
         /** TODO: write audit_log H part. */
@@ -1753,36 +1781,36 @@ std::string Transaction::toJSON(int parts) {
             reinterpret_cast<const unsigned char*>("messages"),
             strlen("messages"));
         yajl_gen_array_open(g);
-        for (auto a : m_rulesMessages) {
+        for (auto a : messageGetAll()) {
             yajl_gen_map_open(g);
-            LOGFY_ADD("message", a.m_message.c_str());
+            LOGFY_ADD("message", a->m_message.c_str());
             yajl_gen_string(g,
                 reinterpret_cast<const unsigned char*>("details"),
                 strlen("details"));
             yajl_gen_map_open(g);
-            LOGFY_ADD("match", a.m_match.c_str());
-            LOGFY_ADD("reference", a.m_reference.c_str());
-            LOGFY_ADD("ruleId", std::to_string(a.m_ruleId).c_str());
-            LOGFY_ADD("file", a.m_ruleFile->c_str());
-            LOGFY_ADD("lineNumber", std::to_string(a.m_ruleLine).c_str());
-            LOGFY_ADD("data", a.m_data.c_str());
-            LOGFY_ADD("severity", std::to_string(a.m_severity).c_str());
-            LOGFY_ADD("ver", a.m_ver.c_str());
-            LOGFY_ADD("rev", a.m_rev.c_str());
+            LOGFY_ADD("match", a->m_match.c_str());
+            LOGFY_ADD("reference", a->m_reference.c_str());
+            LOGFY_ADD("ruleId", std::to_string(a->getRuleId()).c_str());
+            LOGFY_ADD("file", a->getFileName().c_str());
+            LOGFY_ADD("lineNumber", std::to_string(a->getLineNumber()).c_str());
+            LOGFY_ADD("data", a->m_data.c_str());
+            LOGFY_ADD("severity", std::to_string(a->m_severity).c_str());
+            LOGFY_ADD("ver", a->getVer().c_str());
+            LOGFY_ADD("rev", a->getRev().c_str());
 
             yajl_gen_string(g,
                 reinterpret_cast<const unsigned char*>("tags"),
                 strlen("tags"));
             yajl_gen_array_open(g);
-            for (auto b : a.m_tags) {
+           for (auto b : a->m_tags) {
                 yajl_gen_string(g,
                     reinterpret_cast<const unsigned char*>(b.c_str()),
                     strlen(b.c_str()));
             }
             yajl_gen_array_close(g);
 
-            LOGFY_ADD("maturity", std::to_string(a.m_maturity).c_str());
-            LOGFY_ADD("accuracy", std::to_string(a.m_accuracy).c_str());
+            LOGFY_ADD("maturity", std::to_string(a->getMaturity()).c_str());
+            LOGFY_ADD("accuracy", std::to_string(a->getAccuracy()).c_str());
             yajl_gen_map_close(g);
             yajl_gen_map_close(g);
         }
@@ -1811,7 +1839,7 @@ std::string Transaction::toJSON(int parts) {
 }
 
 
-void Transaction::serverLog(std::shared_ptr<RuleMessage> rm) {
+void Transaction::serverLog(RuleMessage *rm) {
     m_ms->serverLog(m_logCbData, rm);
 }
 
diff --git a/src/variables/rule.h b/src/variables/rule.h
index 969fd030..8a9171a6 100644
--- a/src/variables/rule.h
+++ b/src/variables/rule.h
@@ -42,10 +42,6 @@ class Rule_DictElement : public VariableDictElement { \
         std::vector<const VariableValue *> *l) {
         RuleWithActions *r = rule;
 
-        while (r && r->m_ruleId == 0) {
-            r = r->m_chainedRuleParent;
-        }
-
         if (!r || r->m_ruleId == 0) {
             return;
         }
@@ -67,24 +63,22 @@ class Rule_DictElement : public VariableDictElement { \
         std::vector<const VariableValue *> *l) {
         RuleWithActions *r = rule;
 
-        while (r && r->m_rev.empty()) {
-            r = r->m_chainedRuleParent;
-        }
-
         if (!r) {
             return;
         }
 
-        std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
-        std::string *a = new std::string(r->m_rev);
-        VariableValue *var = new VariableValue(&m_rule, &m_rule_rev,
-            a
-        );
-        delete a;
-        origin->m_offset = 0;
-        origin->m_length = 0;
-        var->addOrigin(std::move(origin));
-        l->push_back(var);
+        if (r->hasRevisionAction()) {
+            std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
+            std::string *a = new std::string(r->getRevision());
+            VariableValue *var = new VariableValue(&m_rule, &m_rule_rev,
+                a
+            );
+            delete a;
+            origin->m_offset = 0;
+            origin->m_length = 0;
+            var->addOrigin(std::move(origin));
+            l->push_back(var);
+        }
     }
 
 
@@ -93,13 +87,13 @@ class Rule_DictElement : public VariableDictElement { \
         std::vector<const VariableValue *> *l) {
         RuleWithActions *r = rule;
 
-        while (r && !r->hasSeverity()) {
-            r = r->m_chainedRuleParent;
+        if (!r) {
+            return;
         }
 
-        if (r && r->hasSeverity()) {
+        if (r->hasSeverityAction()) {
             std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
-            std::string *a = new std::string(std::to_string(r->severity()));
+            std::string *a = new std::string(std::to_string(r->getSeverity()));
             VariableValue *var = new VariableValue(&m_rule, &m_rule_severity,
                 a
             );
@@ -117,13 +111,13 @@ class Rule_DictElement : public VariableDictElement { \
         std::vector<const VariableValue *> *l) {
         RuleWithActions *r = rule;
 
-        while (r && !r->hasLogData()) {
-            r = r->m_chainedRuleParent;
+        if (!r) {
+            return;
         }
 
-        if (r && r->hasLogData()) {
+        if (r->hasLogDataAction()) {
             std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
-            std::string *a = new std::string(r->logData(t));
+            std::string *a = new std::string(r->getLogData(t));
             VariableValue *var = new VariableValue(&m_rule, &m_rule_logdata,
                 a
             );
@@ -140,13 +134,13 @@ class Rule_DictElement : public VariableDictElement { \
         std::vector<const VariableValue *> *l) {
         RuleWithActions *r = rule;
 
-        while (r && !r->hasMsg()) {
-            r = r->m_chainedRuleParent;
+        if (!r) {
+            return;
         }
 
-        if (r && r->hasMsg()) {
+        if (r->hasMessageAction()) {
             std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
-            std::string *a = new std::string(r->msg(t));
+            std::string *a = new std::string(r->getMessage(t));
             VariableValue *var = new VariableValue(&m_rule, &m_rule_msg,
                 a
             );
@@ -165,11 +159,11 @@ class Rule_DictElement : public VariableDictElement { \
             id(t, rule, l);
             return;
         }
-        if (rule && m_dictElement == "rev") {
+        if (m_dictElement == "rev") {
             rev(t, rule, l);
             return;
         }
-        if (rule && m_dictElement == "severity") {
+        if (m_dictElement == "severity") {
             severity(t, rule, l);
             return;
         }
diff --git a/test/cppcheck_suppressions.txt b/test/cppcheck_suppressions.txt
index 0336b6aa..43fe9afd 100644
--- a/test/cppcheck_suppressions.txt
+++ b/test/cppcheck_suppressions.txt
@@ -27,6 +27,8 @@ shiftNegative:src/utils/msc_tree.cc
 *:src/utils/msc_tree.cc
 invalidScanfArgType_int:src/rules_set_properties.cc:101
 invalidScanfArgType_int:src/rules_set_properties.cc:102
+redundantAssignment:src/operators/pm.cc:94
+
 
 
 // 
@@ -35,7 +37,7 @@ invalidScanfArgType_int:src/rules_set_properties.cc:102
 unmatchedSuppression:src/utils/geo_lookup.cc:82
 useInitializationList:src/utils/shared_files.h:87
 unmatchedSuppression:src/utils/msc_tree.cc
-functionStatic:headers/modsecurity/transaction.h:404
+functionStatic:headers/modsecurity/transaction.h:453
 duplicateBranch:src/audit_log/audit_log.cc:223
 unreadVariable:src/request_body_processor/multipart.cc:435
 stlcstrParam:src/audit_log/writer/parallel.cc:145
diff --git a/test/test-cases/regression/config-update-action-by-id.json b/test/test-cases/regression/config-update-action-by-id.json
index 4e1a3fc2..6e343be5 100644
--- a/test/test-cases/regression/config-update-action-by-id.json
+++ b/test/test-cases/regression/config-update-action-by-id.json
@@ -122,7 +122,7 @@
     },
     "expected":{
       "http_code": 200,
-      "debug_log": "Running action: log"
+      "debug_log": "Rule returned 1"
     },
     "rules":[
         "SecRuleEngine On",
@@ -167,7 +167,7 @@
     },
     "expected":{
       "http_code": 200,
-      "debug_log": "Running action: log"
+      "debug_log": "Rule returned 1"
     },
     "rules":[
         "SecRuleEngine On",
diff --git a/test/test-cases/regression/issue-1528.json b/test/test-cases/regression/issue-1528.json
index f2257055..74f2c3db 100644
--- a/test/test-cases/regression/issue-1528.json
+++ b/test/test-cases/regression/issue-1528.json
@@ -31,8 +31,8 @@
   },
   "rules": [
     "SecRuleEngine On",
-    "SecAction \"id:1, nolog, setvar:tx.bad_value=attack\"",
-    "SecRule ARGS:param \"@rx ^%{tx.bad_value}$\" \"id:2,block\""
+    "SecAction \"id:1, setvar:tx.bad_value=attack\"",
+    "SecRule ARGS:param \"@rx ^%{tx.bad_value}$\" \"id:2,log\""
   ]
 }
 ]
diff --git a/test/test-cases/regression/issue-1844.json b/test/test-cases/regression/issue-1844.json
index 6ccb1f5e..df1a4ec6 100644
--- a/test/test-cases/regression/issue-1844.json
+++ b/test/test-cases/regression/issue-1844.json
@@ -37,10 +37,12 @@
       ]
     },
     "expected":{
-      "error_log":"line \"29\""
+      "error_log":"line \"29\"",
+      "http_code": 403
     },
     "rules":[
       "SecRuleEngine On",
+      "SecDefaultAction \"phase:request,deny\"",
       "SecRule WEBAPPID \"@contains test1\" \"id:1,phase:3,pass,t:trim\"",
       "Include test-cases/data/big-file.conf"
     ]
@@ -129,10 +131,12 @@
       ]
     },
     "expected":{
-      "error_log":"line \"84\""
+      "error_log":"line \"84\"",
+      "http_code": 403
     },
     "rules":[
       "SecRuleEngine On",
+      "SecDefaultAction \"phase:request,deny\"",
       "SecRule WEBAPPID \"@contains test3\" \"id:1,phase:3,pass,t:trim\"",
       "Include test-cases/data/big-file.conf"
     ]
@@ -175,11 +179,13 @@
       ]
     },
     "expected":{
-      "error_log":"line \"116\""
+      "error_log":"line \"116\"",
+      "http_code":403
     },
     "rules":[
       "SecRuleEngine On",
-      "SecRule WEBAPPID \"@contains test3\" \"id:1,phase:3,pass,t:trim\"",
+      "SecDefaultAction \"phase:request,deny\"",
+      "SecRule WEBAPPID \"@contains test3\" \"id:1,phase:3,deny,t:trim\"",
       "Include test-cases/data/big-file.conf"
     ]
   },
@@ -221,10 +227,12 @@
       ]
     },
     "expected":{
-      "error_log":"line \"174\""
+      "error_log":"line \"174\"",
+      "http_code":403
     },
     "rules":[
       "SecRuleEngine On",
+      "SecDefaultAction \"phase:request,deny\"",
       "SecRule WEBAPPID \"@contains test3\" \"id:1,phase:3,pass,t:trim\"",
       "Include test-cases/data/big-file.conf"
     ]
@@ -267,10 +275,12 @@
       ]
     },
     "expected":{
-      "error_log":"line \"174\""
+      "error_log":"line \"174\"",
+      "http_code":403
     },
     "rules":[
       "SecRuleEngine On",
+      "SecDefaultAction \"phase:request,deny\"",
       "SecRule WEBAPPID \"@contains test3\" \"id:1,phase:3,pass,t:trim\"",
       "Include test-cases/data/not-so-big-file.conf"
     ]
diff --git a/test/test-cases/regression/offset-variable.json b/test/test-cases/regression/offset-variable.json
index 99c9e19a..6f6b1233 100644
--- a/test/test-cases/regression/offset-variable.json
+++ b/test/test-cases/regression/offset-variable.json
@@ -22,10 +22,12 @@
       ]
     },
     "expected":{
-      "error_log":"o0,3v23,6t:trim"
+      "error_log":"o0,3v23,6t:trim",
+      "http_code": 403
     },
     "rules":[
-      "SecRule ARGS \"@rx val\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule ARGS \"@rx val\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny,log\""
     ]
   },
   {
@@ -51,10 +53,12 @@
       ]
     },
     "expected":{
-      "error_log":"o3,3v37,6t:trim"
+      "error_log":"o3,3v37,6t:trim",
+      "http_code":403
     },
     "rules":[
-      "SecRule ARGS_GET \"@rx ue2\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule ARGS_GET \"@rx ue2\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
   {
@@ -83,11 +87,13 @@
       ]
     },
     "expected":{
-      "error_log":"o3,3v142,6t:trim"
+      "error_log":"o3,3v142,6t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule ARGS_POST \"@rx ue1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule ARGS_POST \"@rx ue1\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
   {
@@ -116,11 +122,13 @@
       ]
     },
     "expected":{
-      "error_log":"o3,3v156,6t:trim"
+      "error_log":"o3,3v156,6t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule ARGS_POST \"@rx ue2\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule ARGS_POST \"@rx ue2\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
   {
@@ -149,11 +157,13 @@
       ]
     },
     "expected":{
-      "error_log":"o0,6v17,6t:trim"
+      "error_log":"o0,6v17,6t:trim",
+      "http_code":403
     },
     "rules":[
+      "SecRuleEngine On",
       "SecRequestBodyAccess On",
-      "SecRule ARGS_GET_NAMES \"@rx param1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRule ARGS_GET_NAMES \"@rx param1\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
   {
@@ -182,11 +192,13 @@
       ]
     },
     "expected":{
-      "error_log":"o0,6v31,6t:trim"
+      "error_log":"o0,6v31,6t:trim",
+      "http_code":403
     },
     "rules":[
+      "SecRuleEngine On",
       "SecRequestBodyAccess On",
-      "SecRule ARGS_GET_NAMES \"@rx param2\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRule ARGS_GET_NAMES \"@rx param2\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
   {
@@ -219,7 +231,7 @@
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule ARGS_GET_NAMES \"@rx am1 par\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRule ARGS_GET_NAMES \"@rx am1 par\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
   {
@@ -252,7 +264,7 @@
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule ARGS_GET_NAMES \"@rx am1 param2 par\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRule ARGS_GET_NAMES \"@rx am1 param2 par\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
   {
@@ -281,11 +293,13 @@
       ]
     },
     "expected":{
-      "error_log": "0,6v149,6t:trim"
+      "error_log": "0,6v149,6t:trim",
+      "http_code": 403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule ARGS_POST_NAMES \"@rx param1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule ARGS_POST_NAMES \"@rx param1\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
   {
@@ -314,11 +328,13 @@
       ]
     },
     "expected":{
-      "error_log":"o0,6v17,6t:trim"
+      "error_log":"o0,6v17,6t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule ARGS_NAMES \"@rx param1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule ARGS_NAMES \"@rx param1\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
     {
@@ -344,11 +360,13 @@
       ]
     },
     "expected":{
-      "error_log":"v16,6v23,6v30,6v37,6v44,6v51,6t:trim"
+      "error_log":"v16,6v23,6v30,6v37,6v44,6v51,6t:trim",
+      "http_code": 403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule ARGS_COMBINED_SIZE \"@gt 1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule ARGS_COMBINED_SIZE \"@gt 1\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
     },
     {
@@ -374,11 +392,13 @@
       ]
     },
     "expected":{
-      "error_log":"v16,6v23,6v30,6v37,6v44,6v51,6t:trim"
+      "error_log":"v16,6v23,6v30,6v37,6v44,6v51,6t:trim",
+      "http_code": 403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule ARGS_COMBINED_SIZE \"@gt 1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule ARGS_COMBINED_SIZE \"@gt 1\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
     {
@@ -405,11 +425,13 @@
       ]
     },
     "expected":{
-      "error_log":"o23,6v0,63t:trim"
+      "error_log":"o23,6v0,63t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_LINE \"value1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_LINE \"value1\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
     {
@@ -437,11 +459,13 @@
       ]
     },
     "expected":{
-      "error_log":"o0,3v0,3t:trim"
+      "error_log":"o0,3v0,3t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_METHOD \"GET\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_METHOD \"GET\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
   {
@@ -469,11 +493,13 @@
       ]
     },
     "expected":{
-      "error_log":"o5,3v58,8t:trim"
+      "error_log":"o5,3v58,8t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_PROTOCOL \"1.1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_PROTOCOL \"1.1\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
   {
@@ -501,11 +527,13 @@
       ]
     },
     "expected":{
-      "error_log":"o1,5v4,11t:trim"
+      "error_log":"o1,5v4,11t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule PATH_INFO \"index\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule PATH_INFO \"index\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
   {
@@ -533,11 +561,13 @@
       ]
     },
     "expected":{
-      "error_log":"o7,6v16,41t:trim"
+      "error_log":"o7,6v16,41t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule QUERY_STRING \"value1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule QUERY_STRING \"value1\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
   {
@@ -565,11 +595,13 @@
       ]
     },
     "expected":{
-      "error_log":"o6,4v5,10t:trim"
+      "error_log":"o6,4v5,10t:trim",
+      "http_code": 403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_BASENAME \"html\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_BASENAME \"html\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
   {
@@ -597,11 +629,13 @@
       ]
     },
     "expected":{
-      "error_log":"o7,4v4,59t:trim"
+      "error_log":"o7,4v4,59t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_URI \"html\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_URI \"html\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
   {
@@ -629,11 +663,14 @@
       ]
     },
     "expected":{
-      "error_log":"o7,4v4,59t:trim"
+      "error_log":"o7,4v4,59t:trim",
+      "http_code": 403
+
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_URI_RAW \"html\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_URI_RAW \"html\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
 
@@ -661,11 +698,13 @@
       ]
     },
     "expected":{
-      "error_log":"o0,9v89,9t:trim"
+      "error_log":"o0,9v89,9t:trim",
+      "http_code": 403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_HEADERS \"localhost\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_HEADERS \"localhost\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
 
@@ -693,11 +732,13 @@
       ]
     },
     "expected":{
-      "error_log":"o14,3v163,33t:trim"
+      "error_log":"o14,3v163,33t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_HEADERS \"www\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_HEADERS \"www\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
   },
       {
@@ -724,11 +765,13 @@
       ]
     },
     "expected":{
-      "error_log":"o0,5v162,5t:trim"
+      "error_log":"o0,5v162,5t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule AUTH_TYPE \"Basic\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule AUTH_TYPE \"Basic\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
     },
     {
@@ -755,11 +798,13 @@
       ]
     },
     "expected":{
-      "error_log":"o0,5v79,5t:trim"
+      "error_log":"o0,5v79,5t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule AUTH_TYPE \"Basic\" \"id:1,phase:2,pass,t:trim,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule AUTH_TYPE \"Basic\" \"id:1,phase:2,pass,t:trim,msg:'ops',deny\""
     ]
     },
     {
@@ -786,11 +831,13 @@
       ]
     },
     "expected":{
-      "error_log":"o0,4v64,13t:lowercase"
+      "error_log":"o0,4v64,13t:lowercase",
+      "http_code": 403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_HEADERS_NAMES \"auth\" \"id:1,phase:2,pass,t:lowercase,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_HEADERS_NAMES \"auth\" \"id:1,phase:2,pass,t:lowercase,msg:'ops',deny\""
     ]
     },
     {
@@ -818,11 +865,13 @@
       ]
     },
     "expected":{
-      "error_log":"o1,2v216,3t:lowercase"
+      "error_log":"o1,2v216,3t:lowercase",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_COOKIES \"es\" \"id:1,phase:2,pass,t:lowercase,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_COOKIES \"es\" \"id:1,phase:2,pass,t:lowercase,msg:'ops',deny\""
     ]
     },
     {
@@ -850,11 +899,13 @@
       ]
     },
     "expected":{
-      "error_log":"o0,1v223,1t:lowercase"
+      "error_log":"o0,1v223,1t:lowercase",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_COOKIES \"z\" \"id:1,phase:2,pass,t:lowercase,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_COOKIES \"z\" \"id:1,phase:2,pass,t:lowercase,msg:'ops',deny\""
     ]
     },
     {
@@ -882,11 +933,13 @@
       ]
     },
     "expected":{
-      "error_log":"o0,1v228,1t:lowercase"
+      "error_log":"o0,1v228,1t:lowercase",
+      "http_code": 403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_COOKIES \"b\" \"id:1,phase:2,pass,t:lowercase,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_COOKIES \"b\" \"id:1,phase:2,pass,t:lowercase,msg:'ops',deny\""
     ]
     },
     {
@@ -914,11 +967,13 @@
       ]
     },
     "expected":{
-      "error_log":"o0,1v226,1"
+      "error_log":"o0,1v226,1",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_COOKIES_NAMES \"t\" \"id:1,phase:2,pass,msg:'ops'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_COOKIES_NAMES \"t\" \"id:1,phase:2,pass,msg:'ops',deny\""
     ]
   },
   {
@@ -956,11 +1011,12 @@
       ]
     },
     "expected":{
-      "error_log":"o0,7v198,30t:trim"
+      "error_log":"o0,7v198,30t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRuleEngine On",
-      "SecRule REMOTE_USER \"Aladdin\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRule REMOTE_USER \"Aladdin\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1005,11 +1061,13 @@
       ]
     },
     "expected":{
-      "error_log":"o45,30v193,516t:trim"
+      "error_log":"o45,30v193,516t:trim",
+      "http_code": 403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_BODY \"Content-Disposition: form-data\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_BODY \"Content-Disposition: form-data\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1054,11 +1112,13 @@
       ]
     },
     "expected":{
-      "error_log":"o45,30v193,516t:trim"
+      "error_log":"o45,30v193,516t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_BODY \"Content-Disposition: form-data\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_BODY \"Content-Disposition: form-data\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1103,11 +1163,13 @@
       ]
     },
     "expected":{
-      "error_log":"v193,516t:trim"
+      "error_log":"v193,516t:trim",
+      "http_code": 403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_BODY_LENGTH \"@gt 5\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_BODY_LENGTH \"@gt 5\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1152,11 +1214,13 @@
       ]
     },
     "expected":{
-      "error_log":"o6,5v5,11t:trim"
+      "error_log":"o6,5v5,11t:trim",
+      "http_code": 403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_FILENAME \"/file\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_FILENAME \"/file\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1201,11 +1265,13 @@
       ]
     },
     "expected":{
-      "error_log":"o6,8v5,23t:trim"
+      "error_log":"o6,8v5,23t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_FILENAME \"/f i l e\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_FILENAME \"/f i l e\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1250,11 +1316,13 @@
       ]
     },
     "expected":{
-      "error_log":"o6,8v5,23t:trim"
+      "error_log":"o6,8v5,23t:trim",
+      "http_code": 403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule REQUEST_FILENAME \"/f i l e\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRuleEngine On",
+      "SecRule REQUEST_FILENAME \"/f i l e\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1299,11 +1367,13 @@
       ]
     },
     "expected":{
-      "error_log":"o0,4v306,4t:trim"
+      "error_log":"o0,4v306,4t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule ARGS \"test\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRuleEngine On",
+      "SecRule ARGS \"test\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1352,11 +1422,13 @@
       ]
     },
     "expected":{
-      "error_log":"o0,5v402,5t:trim"
+      "error_log":"o0,5v402,5t:trim",
+      "http_code": 403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule ARGS \"test2\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRuleEngine On",
+      "SecRule ARGS \"test2\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1405,11 +1477,13 @@
       ]
     },
     "expected":{
-      "error_log":"o0,16v680,20t:trim"
+      "error_log":"o0,16v680,20t:trim",
+      "http_code": 403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule FILES \"small_text_file2\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRuleEngine On",
+      "SecRule FILES \"small_text_file2\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1458,11 +1532,13 @@
       ]
     },
     "expected":{
-      "error_log":"o0,16v512,20t:trim"
+      "error_log":"o0,16v512,20t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule FILES \"small_text_file1\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRuleEngine On",
+      "SecRule FILES \"small_text_file1\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1511,11 +1587,13 @@
       ]
     },
     "expected":{
-      "error_log":"o0,8o0,8v491,8t:trimo0,16o0,16v709,16t:trim"
+      "error_log":"o0,8o0,8v491,8t:trimo0,16o0,16v709,16t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule FILES_NAMES \"(fiasdfasdfledata|filedata)\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRuleEngine On",
+      "SecRule FILES_NAMES \"(fiasdfasdfledata|filedata)\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1564,11 +1642,13 @@
       ]
     },
     "expected":{
-      "error_log":"v560,32t:trim"
+      "error_log":"v560,32t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule FILES_SIZES:filedata \"@gt 0\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRuleEngine On",
+      "SecRule FILES_SIZES:filedata \"@gt 0\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1617,11 +1697,13 @@
       ]
     },
     "expected":{
-      "error_log":"v754,38t:trim"
+      "error_log":"v754,38t:trim",
+      "http_code": 403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule FILES_SIZES:fiasdfasdfledata \"@gt 0\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRuleEngine On",
+      "SecRule FILES_SIZES:fiasdfasdfledata \"@gt 0\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1670,11 +1752,13 @@
       ]
     },
     "expected":{
-      "error_log":"v560,32v754,38t:trim"
+      "error_log":"v560,32v754,38t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
-      "SecRule FILES_COMBINED_SIZE \"@gt 0\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRuleEngine On",
+      "SecRule FILES_COMBINED_SIZE \"@gt 0\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1723,13 +1807,15 @@
       ]
     },
     "expected":{
-      "error_log":"o8,7v754,38t:trim"
+      "error_log":"o8,7v754,38t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
       "SecUploadKeepFiles On",
+      "SecRuleEngine On",
       "SecUploadDir /tmp",
-      "SecRule FILES_TMP_CONTENT \"another\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRule FILES_TMP_CONTENT \"another\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1778,13 +1864,15 @@
       ]
     },
     "expected":{
-      "error_log":"o15,5v560,32t:trim"
+      "error_log":"o15,5v560,32t:trim",
+      "http_code": 403
     },
     "rules":[
       "SecRequestBodyAccess On",
       "SecUploadKeepFiles On",
+      "SecRuleEngine On",
       "SecUploadDir /tmp",
-      "SecRule FILES_TMP_CONTENT:small_text_file1.txt \"small\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRule FILES_TMP_CONTENT:small_text_file1.txt \"small\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1833,13 +1921,15 @@
       ]
     },
     "expected":{
-      "error_log":"o6,4v5,23t:trim"
+      "error_log":"o6,4v5,23t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
       "SecUploadKeepFiles On",
+      "SecRuleEngine On",
       "SecUploadDir /tmp",
-      "SecRule PATH_INFO \"/f i\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRule PATH_INFO \"/f i\" \"id:1,phase:3,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1888,13 +1978,15 @@
       ]
     },
     "expected":{
-      "error_log":"o0,20v680,20t:trim"
+      "error_log":"o0,20v680,20t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
       "SecUploadKeepFiles On",
+      "SecRuleEngine On",
       "SecUploadDir /tmp",
-      "SecRule MULTIPART_FILENAME \"small_text_file2.txt\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRule MULTIPART_FILENAME \"small_text_file2.txt\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   },
   {
@@ -1943,13 +2035,15 @@
       ]
     },
     "expected":{
-      "error_log":"o0,16v709,16t:trim"
+      "error_log":"o0,16v709,16t:trim",
+      "http_code":403
     },
     "rules":[
       "SecRequestBodyAccess On",
       "SecUploadKeepFiles On",
+      "SecRuleEngine On",
       "SecUploadDir /tmp",
-      "SecRule MULTIPART_NAME \"fiasdfasdfledata\" \"id:1,phase:3,pass,t:trim,msg:'s'\""
+      "SecRule MULTIPART_NAME \"fiasdfasdfledata\" \"id:1,phase:3,pass,t:trim,msg:'s',deny\""
     ]
   }
 ]
diff --git a/test/test-cases/regression/operator-rx.json b/test/test-cases/regression/operator-rx.json
index d6b9839f..e0771573 100644
--- a/test/test-cases/regression/operator-rx.json
+++ b/test/test-cases/regression/operator-rx.json
@@ -79,11 +79,12 @@
     },
     "expected":{
       "debug_log":"Executing operator \"Rx\" with param \"\\^0\\$\"",
-      "error_log":"Matched \"Operator `Rx' with parameter `\\^0\\$'"
+      "error_log":"Matched \"Operator `Rx' with parameter `\\^0\\$'",
+      "http_code": 403
     },
     "rules":[
       "SecRuleEngine On",
-      "SecRule REQUEST_HEADERS:Content-Length \"!^0$\" \"id:1,phase:2,pass,t:trim,block\""
+      "SecRule REQUEST_HEADERS:Content-Length \"!^0$\" \"id:1,phase:2,pass,t:trim,deny\""
     ]
   }
 ]