github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix various minor issues on the auditlog schema

Browse Source
This commit is contained in:
Felipe Zimmerle
2015-08-27 17:50:42 -03:00
parent 24b7d72666
commit e89e395a32
5 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/parser/seclang-parser.yy
View File

@@ -17,6 +17,7 @@ class Driver;
}
#include "actions/action.h"
#include "actions/audit_log.h"
#include "actions/set_var.h"
#include "actions/severity.h"
#include "actions/msg.h"
@@ -201,6 +202,7 @@ using ModSecurity::Variables::Variable;
%token <std::string> OPERATOR
%token <std::string> FREE_TEXT
%token <std::string> ACTION
%token <std::string> ACTION_AUDIT_LOG
%token <std::string> ACTION_SEVERITY
%token <std::string> ACTION_SETVAR
%token <std::string> ACTION_MSG
@@ -619,6 +621,10 @@ act:
$$ = setVar;
}
| ACTION_AUDIT_LOG
{
$$ = new ModSecurity::actions::AuditLog($1);
}
| LOG_DATA
{
$$ = new LogData($1);

6
src/parser/seclang-scanner.ll
View File

@@ -23,7 +23,8 @@ using ModSecurity::split;
%}
%option noyywrap nounput batch debug noinput
ACTION (?i:accuracy|allow|append|auditlog|block|capture|chain|deny|deprecatevar|drop|exec|expirevar|id:[0-9]+|id:'[0-9]+'|initcol|log|maturity|multiMatch|noauditlog|nolog|pass|pause|phase:[0-9]+|prepend|proxy|redirect:[A-Z0-9_\|\&\:\/\/\.]+|sanitiseArg|sanitiseMatched|sanitiseMatchedBytes|sanitiseRequestHeader|sanitiseResponseHeader|setuid|setrsc|setsid|setenv|skip|skipAfter|status:[0-9]+|ver|xmlns)
ACTION (?i:accuracy|allow|append|block|capture|chain|deny|deprecatevar|drop|exec|expirevar|id:[0-9]+|id:'[0-9]+'|initcol|log|maturity|multiMatch|noauditlog|nolog|pass|pause|phase:[0-9]+|prepend|proxy|redirect:[A-Z0-9_\|\&\:\/\/\.]+|sanitiseArg|sanitiseMatched|sanitiseMatchedBytes|sanitiseRequestHeader|sanitiseResponseHeader|setuid|setrsc|setsid|setenv|skip|skipAfter|status:[0-9]+|ver|xmlns)
ACTION_AUDIT_LOG (?i:auditlog)
ACTION_SEVERITY (?i:severity)
ACTION_SEVERITY_VALUE (?i:(EMERGENCY|ALERT|CRITICAL|ERROR|WARNING|NOTICE|INFO|DEBUG)|[0-9]+)
ACTION_SETVAR (?i:setvar)
@@ -112,7 +113,7 @@ CONFIG_VALUE_ON On
CONFIG_VALUE_OFF Off
CONFIG_VALUE_DETC DetectionOnly
CONFIG_VALUE_SERIAL Serial
CONFIG_VALUE_PARALLEL Parallel
CONFIG_VALUE_PARALLEL (?i:Parallel|Concurrent)
CONFIG_VALUE_RELEVANT_ONLY RelevantOnly
CONFIG_VALUE_PROCESS_PARTIAL (?i:ProcessPartial)
@@ -247,6 +248,7 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
}
{ACTION} { return yy::seclang_parser::make_ACTION(yytext, *driver.loc.back()); }
{ACTION_AUDIT_LOG} { return yy::seclang_parser::make_ACTION_AUDIT_LOG(yytext, *driver.loc.back()); }
{ACTION_SEVERITY}:{ACTION_SEVERITY_VALUE} { return yy::seclang_parser::make_ACTION_SEVERITY(yytext + 9, *driver.loc.back()); }
{ACTION_SEVERITY}:'{ACTION_SEVERITY_VALUE}' { return yy::seclang_parser::make_ACTION_SEVERITY(std::string(yytext, 10, yyleng - 11), *driver.loc.back()); }