github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 11:16:33 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds support to GeoIP operator and variables.

Browse Source
This commit is contained in:
Felipe Zimmerle
2015-07-20 21:04:21 -03:00
parent 41bf1490b7
commit e189055ec3
17 changed files with 890 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
test/Makefile.am
View File

@@ -24,6 +24,7 @@ unit_tests_SOURCES = \
unit_tests_LDADD = \
$(top_builddir)/src/.libs/libmodsecurity.a \
$(GEOIP_LDADD) \
$(YAJL_LDADD)
unit_tests_CPPFLAGS = \
@@ -32,8 +33,10 @@ unit_tests_CPPFLAGS = \
-O0 \
-g \
-I$(top_builddir)/headers \
$(GEOIP_CFLAGS) \
$(YAJL_CFLAGS)
# regression
regression_tests_SOURCES = \
@@ -43,6 +46,7 @@ regression_tests_SOURCES = \
regression_tests_LDADD = \
$(top_builddir)/src/.libs/libmodsecurity.a \
$(GEOIP_LDADD) \
$(YAJL_LDADD)
regression_tests_CPPFLAGS = \
@@ -51,5 +55,5 @@ regression_tests_CPPFLAGS = \
-O0 \
-g \
-I$(top_builddir)/headers \
$(GEOIP_CFLAGS) \
$(YAJL_CFLAGS)

1
test/benchmark/Makefile.am
View File

@@ -7,6 +7,7 @@ benchmark_SOURCES = \
benchmark_LDADD = \
$(top_builddir)/src/.libs/libmodsecurity.a \
$(GEOIP_LDADD) \
$(YAJL_LDADD)
benchmark_CPPFLAGS = \

BIN
test/test-cases/data/geo/GeoIPCity.dat Normal file
View File

Binary file not shown.

4
test/test-cases/data/geo/README.txt Normal file
View File

@@ -0,0 +1,4 @@
This data was download from:
https://github.com/maxmind/geoip-api-php/tree/master/tests

476
test/test-cases/regression/variable-GEO.json Normal file
View File

@@ -0,0 +1,476 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: GEO:LONGITUDE",
"client":{
"ip":"64.17.254.216",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"protocol":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"-118.403999\" \\(Variable: GEO:LONGITUDE\\)"
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat",
"SecRule REMOTE_ADDR \"@geoLookup\" \"pass,t:trim\"",
"SecRule GEO \"@contains test \" \"pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: GEO:COUNTRY_NAME",
"client":{
"ip":"64.17.254.216",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"protocol":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"United States\" \\(Variable: GEO:COUNTRY_NAME\\)"
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat",
"SecRule REMOTE_ADDR \"@geoLookup\" \"pass,t:trim\"",
"SecRule GEO \"@contains test \" \"pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: GEO:LATITUDE",
"client":{
"ip":"64.17.254.216",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"protocol":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"33.916401\" \\(Variable: GEO:LATITUDE\\)"
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat",
"SecRule REMOTE_ADDR \"@geoLookup\" \"pass,t:trim\"",
"SecRule GEO \"@contains test \" \"pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: GEO:COUNTRY_CODE3",
"client":{
"ip":"64.17.254.216",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"protocol":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"USA\" \\(Variable: GEO:COUNTRY_CODE3\\)"
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat",
"SecRule REMOTE_ADDR \"@geoLookup\" \"pass,t:trim\"",
"SecRule GEO \"@contains test \" \"pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: GEO:COUNTRY_CODE",
"client":{
"ip":"64.17.254.216",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"protocol":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"US\" \\(Variable: GEO:COUNTRY_CODE\\)"
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat",
"SecRule REMOTE_ADDR \"@geoLookup\" \"pass,t:trim\"",
"SecRule GEO \"@contains test \" \"pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: GEO:COUNTRY_CONTINENT",
"client":{
"ip":"64.17.254.216",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"protocol":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"NA\" \\(Variable: GEO:COUNTRY_CONTINENT\\)"
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat",
"SecRule REMOTE_ADDR \"@geoLookup\" \"pass,t:trim\"",
"SecRule GEO \"@contains test \" \"pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: GEO:AREA_CODE",
"client":{
"ip":"64.17.254.216",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"protocol":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"310\" \\(Variable: GEO:AREA_CODE\\)"
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat",
"SecRule REMOTE_ADDR \"@geoLookup\" \"pass,t:trim\"",
"SecRule GEO \"@contains test \" \"pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: GEO:DMA_CODE",
"client":{
"ip":"64.17.254.216",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"protocol":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"803\" \\(Variable: GEO:DMA_CODE\\)"
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat",
"SecRule REMOTE_ADDR \"@geoLookup\" \"pass,t:trim\"",
"SecRule GEO \"@contains test \" \"pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: GEO:POSTAL_CODE",
"client":{
"ip":"64.17.254.216",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"protocol":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"90245\" \\(Variable: GEO:POSTAL_CODE\\)"
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat",
"SecRule REMOTE_ADDR \"@geoLookup\" \"pass,t:trim\"",
"SecRule GEO \"@contains test \" \"pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: GEO:REGION",
"client":{
"ip":"64.17.254.216",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"protocol":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"California\" \\(Variable: GEO:REGION\\)"
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat",
"SecRule REMOTE_ADDR \"@geoLookup\" \"pass,t:trim\"",
"SecRule GEO \"@contains test \" \"pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: GEO:CITY",
"client":{
"ip":"64.17.254.216",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"protocol":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"El Segundo\" \\(Variable: GEO:CITY\\)"
},
"rules":[
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat",
"SecRule REMOTE_ADDR \"@geoLookup\" \"pass,t:trim\"",
"SecRule GEO \"@contains test \" \"pass,t:trim\""
]
}
]