github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds actions 'auditlog' and 'noauditlog'

Browse Source
This commit is contained in:
Felipe Zimmerle 2015-07-03 14:17:08 -03:00
parent 71eb27bbe9
commit e44d6e280d
7 changed files with 160 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
headers/modsecurity/assay.h
View File

@ -127,6 +127,9 @@ class Assay {
void debug(int, std::string); void debug(int, std::string);
std::vector<actions::Action *> actions; std::vector<actions::Action *> actions;
bool save_in_auditlog;
bool do_not_save_in_auditlog;
private: private:
std::ofstream myfile; std::ofstream myfile;
Rules *m_rules; Rules *m_rules;

2
src/Makefile.am
View File

@ -31,7 +31,9 @@ pkginclude_HEADERS = \
ACTIONS = \ ACTIONS = \
actions/action.cc \ actions/action.cc \
actions/audit_log.cc \
actions/block.cc \ actions/block.cc \
actions/no_audit_log.cc \
actions/phase.cc \ actions/phase.cc \
actions/redirect.cc \ actions/redirect.cc \
actions/rule_id.cc \ actions/rule_id.cc \

32
src/actions/audit_log.cc Normal file
View File

@ -0,0 +1,32 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include "actions/audit_log.h"
#include <iostream>
#include <string>
#include "modsecurity/assay.h"
namespace ModSecurity {
namespace actions {
bool AuditLog::evaluate(Assay *assay) {
assay->save_in_auditlog = true;
return true;
}
} // namespace actions
} // namespace ModSecurity

44
src/actions/audit_log.h Normal file
View File

@ -0,0 +1,44 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <string>
#include "actions/action.h"
#ifndef SRC_ACTIONS_AUDIT_LOG_H_
#define SRC_ACTIONS_AUDIT_LOG_H_
#ifdef __cplusplus
class Assay;
namespace ModSecurity {
class Assay;
namespace actions {
class AuditLog : public Action {
public:
explicit AuditLog(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Assay *assay) override;
};
} // namespace actions
} // namespace ModSecurity
#endif
#endif // SRC_ACTIONS_AUDIT_LOG_H_

32
src/actions/no_audit_log.cc Normal file
View File

@ -0,0 +1,32 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include "actions/no_audit_log.h"
#include <iostream>
#include <string>
#include "modsecurity/assay.h"
namespace ModSecurity {
namespace actions {
bool NoAuditLog::evaluate(Assay *assay) {
assay->do_not_save_in_auditlog = true;
return true;
}
} // namespace actions
} // namespace ModSecurity

44
src/actions/no_audit_log.h Normal file
View File

@ -0,0 +1,44 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <string>
#include "actions/action.h"
#ifndef SRC_ACTIONS_NO_AUDIT_LOG_H_
#define SRC_ACTIONS_NO_AUDIT_LOG_H_
#ifdef __cplusplus
class Assay;
namespace ModSecurity {
class Assay;
namespace actions {
class NoAuditLog : public Action {
public:
explicit NoAuditLog(std::string action)
: Action(action, RunTimeOnlyIfMatchKind) { }
bool evaluate(Assay *assay) override;
};
} // namespace actions
} // namespace ModSecurity
#endif
#endif // SRC_ACTIONS_NO_AUDIT_LOG_H_

4
src/assay.cc
View File

@ -75,7 +75,9 @@ namespace ModSecurity {
Assay::Assay(ModSecurity *ms, Rules *rules) Assay::Assay(ModSecurity *ms, Rules *rules)
: m_ipAddress(NULL), : m_ipAddress(NULL),
m_uri(NULL), m_uri(NULL),
m_rules(rules) { m_rules(rules),
save_in_auditlog(false),
do_not_save_in_auditlog(false) {
m_rules->incrementReferenceCount(); m_rules->incrementReferenceCount();
this->debug(4, "Initialising transaction"); this->debug(4, "Initialising transaction");
} }