Adds actions 'auditlog' and 'noauditlog'

2025-08-14 05:45:59 +03:00 · 2015-07-03 14:17:08 -03:00 · 2015-07-03 14:17:08 -03:00 · e44d6e280d
commit e44d6e280d
parent 71eb27bbe9
7 changed files with 160 additions and 1 deletions
--- a/headers/modsecurity/assay.h
+++ b/headers/modsecurity/assay.h
@ -127,6 +127,9 @@ class Assay {
    void debug(int, std::string);
    std::vector<actions::Action *> actions;

+    bool save_in_auditlog;
+    bool do_not_save_in_auditlog;
+
 private:
    std::ofstream myfile;
    Rules *m_rules;
--- a/src/Makefile.am
+++ b/src/Makefile.am
@ -31,7 +31,9 @@ pkginclude_HEADERS = \

 ACTIONS = \
 	actions/action.cc \
+	actions/audit_log.cc \
 	actions/block.cc \
+	actions/no_audit_log.cc \
 	actions/phase.cc \
 	actions/redirect.cc \
 	actions/rule_id.cc \
--- a/src/actions/audit_log.cc
+++ b/src/actions/audit_log.cc
@ -0,0 +1,32 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "actions/audit_log.h"
+
+#include <iostream>
+#include <string>
+
+#include "modsecurity/assay.h"
+
+namespace ModSecurity {
+namespace actions {
+
+bool AuditLog::evaluate(Assay *assay) {
+    assay->save_in_auditlog = true;
+    return true;
+}
+
+}  // namespace actions
+}  // namespace ModSecurity
--- a/src/actions/audit_log.h
+++ b/src/actions/audit_log.h
@ -0,0 +1,44 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <string>
+
+#include "actions/action.h"
+
+#ifndef SRC_ACTIONS_AUDIT_LOG_H_
+#define SRC_ACTIONS_AUDIT_LOG_H_
+
+#ifdef __cplusplus
+class Assay;
+
+namespace ModSecurity {
+class Assay;
+
+namespace actions {
+
+
+class AuditLog : public Action {
+ public:
+    explicit AuditLog(std::string action)
+        : Action(action, RunTimeOnlyIfMatchKind) { }
+
+    bool evaluate(Assay *assay) override;
+};
+
+}  // namespace actions
+}  // namespace ModSecurity
+#endif
+
+#endif  // SRC_ACTIONS_AUDIT_LOG_H_
--- a/src/actions/no_audit_log.cc
+++ b/src/actions/no_audit_log.cc
@ -0,0 +1,32 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "actions/no_audit_log.h"
+
+#include <iostream>
+#include <string>
+
+#include "modsecurity/assay.h"
+
+namespace ModSecurity {
+namespace actions {
+
+bool NoAuditLog::evaluate(Assay *assay) {
+    assay->do_not_save_in_auditlog = true;
+    return true;
+}
+
+}  // namespace actions
+}  // namespace ModSecurity
--- a/src/actions/no_audit_log.h
+++ b/src/actions/no_audit_log.h
@ -0,0 +1,44 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <string>
+
+#include "actions/action.h"
+
+#ifndef SRC_ACTIONS_NO_AUDIT_LOG_H_
+#define SRC_ACTIONS_NO_AUDIT_LOG_H_
+
+#ifdef __cplusplus
+class Assay;
+
+namespace ModSecurity {
+class Assay;
+
+namespace actions {
+
+
+class NoAuditLog : public Action {
+ public:
+    explicit NoAuditLog(std::string action)
+        : Action(action, RunTimeOnlyIfMatchKind) { }
+
+    bool evaluate(Assay *assay) override;
+};
+
+}  // namespace actions
+}  // namespace ModSecurity
+#endif
+
+#endif  // SRC_ACTIONS_NO_AUDIT_LOG_H_
--- a/src/assay.cc
+++ b/src/assay.cc
@ -75,7 +75,9 @@ namespace ModSecurity {
 Assay::Assay(ModSecurity *ms, Rules *rules)
    : m_ipAddress(NULL),
    m_uri(NULL),
-    m_rules(rules) {
+    m_rules(rules),
+    save_in_auditlog(false),
+    do_not_save_in_auditlog(false) {
    m_rules->incrementReferenceCount();
    this->debug(4, "Initialising transaction");
 }