From f2d149fc5f200e2e87783ca1aa240ff08fd69f34 Mon Sep 17 00:00:00 2001
From: Felipe Zimmerle <felipe@zimmerle.org>
Date: Thu, 26 Jan 2017 23:13:38 -0300
Subject: [PATCH] Extends the direct access model to other collections

---
 headers/modsecurity/anchored_set_variable.h   |  100 +
 headers/modsecurity/anchored_variable.h       |   68 +
 headers/modsecurity/collection/collection.h   |    4 +-
 headers/modsecurity/collection/collections.h  |    4 +-
 headers/modsecurity/collection/variable.h     |    6 +
 headers/modsecurity/rule.h                    |   44 +-
 headers/modsecurity/rule_message.h            |    2 +-
 headers/modsecurity/rules_properties.h        |    8 +-
 headers/modsecurity/transaction.h             |  179 +-
 src/Makefile.am                               |   16 +-
 src/actions/chain.cc                          |    2 +-
 src/actions/disruptive/block.cc               |    2 +-
 src/actions/disruptive/deny.cc                |    2 +-
 src/actions/disruptive/redirect.cc            |    2 +-
 src/actions/phase.cc                          |    2 +-
 src/actions/rule_id.cc                        |    2 +-
 src/actions/set_var.cc                        |    2 +-
 src/anchored_set_variable.cc                  |   68 +-
 src/anchored_variable.cc                      |  114 +
 .../backend/in_memory-per_process.cc          |    4 +-
 .../backend/in_memory-per_process.h           |    2 +-
 src/collection/backend/lmdb.cc                |    7 +-
 src/collection/backend/lmdb.h                 |    2 +-
 src/collection/collections.cc                 |   13 +-
 src/macro_expansion.cc                        |  226 +-
 src/operators/geo_lookup.cc                   |   39 +-
 src/parser/driver.cc                          |   38 +-
 src/parser/seclang-parser.cc                  | 4878 +++++++++--------
 src/parser/seclang-parser.hh                  | 2567 +++++----
 src/parser/seclang-parser.yy                  | 1097 ++--
 src/parser/seclang-scanner.ll                 |  397 +-
 src/request_body_processor/multipart.cc       |   35 +-
 src/rule.cc                                   |  255 +-
 src/rules.cc                                  |   14 +-
 src/transaction.cc                            |   69 +-
 src/utils/random.cc                           |    3 +
 src/variables/args.h                          |   82 +
 src/variables/args_combined_size.h            |    3 +-
 src/variables/args_get.h                      |   81 +
 src/variables/args_get_names.h                |    3 +-
 src/variables/args_names.h                    |    3 +-
 src/variables/args_post.h                     |   81 +
 src/variables/args_post_names.h               |    3 +-
 src/variables/auth_type.h                     |    3 +-
 src/variables/duration.cc                     |    5 +-
 src/variables/duration.h                      |    3 +-
 src/variables/env.cc                          |    3 +-
 src/variables/env.h                           |    3 +-
 src/variables/files.h                         |   83 +
 src/variables/files_combined_size.h           |    3 +-
 src/variables/files_names.h                   |   84 +
 src/variables/files_sizes.h                   |   83 +
 src/variables/files_tmp_content.h             |   83 +
 src/variables/files_tmp_names.h               |   45 +-
 src/variables/full_request.h                  |    3 +-
 src/variables/full_request_length.h           |    3 +-
 src/variables/geo.h                           |   83 +
 src/variables/global.h                        |   84 +
 src/variables/highest_severity.cc             |    3 +-
 src/variables/highest_severity.h              |    3 +-
 src/variables/inbound_data_error.h            |    3 +-
 src/variables/ip.h                            |   84 +
 src/variables/matched_var.h                   |    3 +-
 src/variables/matched_var_name.h              |    3 +-
 src/variables/matched_vars.h                  |   83 +
 src/variables/matched_vars_names.h            |   83 +
 src/variables/modsec_build.cc                 |    3 +-
 src/variables/modsec_build.h                  |    3 +-
 src/variables/multipart_crlf_lf_lines.h       |    3 +-
 src/variables/multipart_data_after.h          |    3 +-
 src/variables/multipart_file_limit_exceeded.h |    3 +-
 src/variables/multipart_file_name.h           |   83 +
 src/variables/multipart_header_folding.h      |    3 +-
 .../multipart_invalid_header_folding.h        |    3 +-
 src/variables/multipart_invalid_quoting.h     |    3 +-
 src/variables/multipart_name.h                |   83 +
 src/variables/multipart_strict_error.h        |    3 +-
 src/variables/multipart_unmatched_boundary.h  |    3 +-
 src/variables/outbound_data_error.h           |    3 +-
 src/variables/path_info.h                     |    3 +-
 src/variables/query_string.h                  |    3 +-
 src/variables/remote_addr.h                   |    3 +-
 src/variables/remote_host.h                   |    3 +-
 src/variables/remote_port.h                   |    3 +-
 src/variables/remote_user.cc                  |    8 +-
 src/variables/remote_user.h                   |    3 +-
 src/variables/reqbody_error.h                 |    3 +-
 src/variables/reqbody_error_msg.h             |    3 +-
 src/variables/reqbody_processor.h             |    3 +-
 src/variables/reqbody_processor_error.h       |    3 +-
 src/variables/reqbody_processor_error_msg.h   |    3 +-
 src/variables/request_base_name.h             |    3 +-
 src/variables/request_body.h                  |    3 +-
 src/variables/request_body_length.h           |    3 +-
 src/variables/request_cookies.h               |   83 +
 src/variables/request_cookies_names.h         |   83 +
 src/variables/request_file_name.h             |    3 +-
 src/variables/request_headers.h               |   83 +
 src/variables/request_headers_names.h         |    3 +-
 src/variables/request_line.h                  |    3 +-
 src/variables/request_method.h                |    3 +-
 src/variables/request_protocol.h              |    3 +-
 src/variables/request_uri.h                   |    3 +-
 src/variables/request_uri_raw.h               |    3 +-
 src/variables/resource.h                      |    3 +-
 src/variables/response_body.h                 |    3 +-
 src/variables/response_content_length.h       |    3 +-
 src/variables/response_content_type.h         |    3 +-
 src/variables/response_headers.h              |   83 +
 src/variables/response_headers_names.h        |    3 +-
 src/variables/response_protocol.h             |    3 +-
 src/variables/response_status.h               |    3 +-
 src/variables/rule.cc                         |   60 -
 src/variables/rule.h                          |   48 +-
 src/variables/server_addr.h                   |    3 +-
 src/variables/server_name.h                   |    3 +-
 src/variables/server_port.h                   |    3 +-
 src/variables/session.h                       |   84 +
 src/variables/session_id.h                    |    3 +-
 .../{variations/exclusion.cc => status.h}     |   27 +-
 src/variables/time.cc                         |    3 +-
 src/variables/time.h                          |    3 +-
 src/variables/time_day.cc                     |    3 +-
 src/variables/time_day.h                      |    3 +-
 src/variables/time_epoch.cc                   |    3 +-
 src/variables/time_epoch.h                    |    3 +-
 src/variables/time_hour.cc                    |    3 +-
 src/variables/time_hour.h                     |    3 +-
 src/variables/time_min.cc                     |    3 +-
 src/variables/time_min.h                      |    3 +-
 src/variables/time_mon.cc                     |    3 +-
 src/variables/time_mon.h                      |    3 +-
 src/variables/time_sec.cc                     |    3 +-
 src/variables/time_sec.h                      |    3 +-
 src/variables/time_wday.cc                    |    3 +-
 src/variables/time_wday.h                     |    3 +-
 src/variables/time_year.cc                    |    3 +-
 src/variables/time_year.h                     |    3 +-
 src/variables/tx.cc                           |   11 -
 src/variables/tx.h                            |   52 +-
 src/variables/unique_id.h                     |    3 +-
 src/variables/url_encoded_error.h             |    3 +-
 src/variables/user_id.h                       |    3 +-
 src/variables/variable.cc                     |   18 +-
 src/variables/variable.h                      |   72 +-
 src/variables/variations/count.cc             |   61 -
 src/variables/variations/count.h              |   50 -
 src/variables/variations/exclusion.h          |   53 -
 src/variables/xml.cc                          |   13 +-
 src/variables/xml.h                           |   32 +-
 test/optimization/optimization.cc             |   10 +-
 .../config-calling_phases_by_name.json        |    2 +-
 test/test-cases/regression/secruleengine.json |    2 +-
 .../regression/variable-FULL_REQUEST.json     |    2 +-
 .../regression/variable-MATCHED_VAR.json      |    2 +-
 .../variable-MULTIPART_FILENAME.json          |    4 +-
 .../regression/variable-MULTIPART_NAME.json   |    4 +-
 157 files changed, 7711 insertions(+), 4959 deletions(-)
 create mode 100644 headers/modsecurity/anchored_set_variable.h
 create mode 100644 headers/modsecurity/anchored_variable.h
 create mode 100644 src/anchored_variable.cc
 create mode 100644 src/variables/args.h
 create mode 100644 src/variables/args_get.h
 create mode 100644 src/variables/args_post.h
 create mode 100644 src/variables/files.h
 create mode 100644 src/variables/files_names.h
 create mode 100644 src/variables/files_sizes.h
 create mode 100644 src/variables/files_tmp_content.h
 create mode 100644 src/variables/geo.h
 create mode 100644 src/variables/global.h
 create mode 100644 src/variables/ip.h
 create mode 100644 src/variables/matched_vars.h
 create mode 100644 src/variables/matched_vars_names.h
 create mode 100644 src/variables/multipart_file_name.h
 create mode 100644 src/variables/multipart_name.h
 create mode 100644 src/variables/request_cookies.h
 create mode 100644 src/variables/request_cookies_names.h
 create mode 100644 src/variables/request_headers.h
 create mode 100644 src/variables/response_headers.h
 delete mode 100644 src/variables/rule.cc
 create mode 100644 src/variables/session.h
 rename src/variables/{variations/exclusion.cc => status.h} (62%)
 delete mode 100644 src/variables/variations/count.cc
 delete mode 100644 src/variables/variations/count.h
 delete mode 100644 src/variables/variations/exclusion.h

diff --git a/headers/modsecurity/anchored_set_variable.h b/headers/modsecurity/anchored_set_variable.h
new file mode 100644
index 00000000..def3801e
--- /dev/null
+++ b/headers/modsecurity/anchored_set_variable.h
@@ -0,0 +1,100 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#ifdef __cplusplus
+#include <ctime>
+#include <fstream>
+#include <iomanip>
+#include <iostream>
+#include <list>
+#include <map>
+#include <sstream>
+#include <string>
+#include <unordered_map>
+#include <utility>
+#include <vector>
+#include <vector>
+#include <algorithm>
+#include <iostream>
+#endif
+
+#include "modsecurity/collection/variable.h"
+
+#ifndef HEADERS_MODSECURITY_ANCHORED_SET_VARIABLE_H_
+#define HEADERS_MODSECURITY_ANCHORED_SET_VARIABLE_H_
+
+#ifdef __cplusplus
+
+namespace modsecurity {
+class Transaction;
+namespace Utils {
+    class Regex;
+}
+
+
+struct MyEqual {
+    bool operator()(const std::string& Left, const std::string& Right) const {
+        return Left.size() == Right.size()
+             && std::equal(Left.begin(), Left.end(), Right.begin(),
+            [](char a, char b) {
+            return tolower(a) == tolower(b);
+        });
+    }
+};
+
+struct MyHash{
+    size_t operator()(const std::string& Keyval) const {
+        // You might need a better hash function than this
+        size_t h = 0;
+        std::for_each(Keyval.begin(), Keyval.end(), [&](char c) {
+            h += tolower(c);
+        });
+        return h;
+    }
+};
+
+
+class AnchoredSetVariable : public std::unordered_multimap<std::string, collection::Variable *,
+        MyHash, MyEqual> {
+ public:
+    AnchoredSetVariable(Transaction *t, std::string name);
+    ~AnchoredSetVariable();
+
+    void unset();
+
+    void set(const std::string &key, const std::string &value,
+        size_t offset);
+
+    void resolve(std::vector<const collection::Variable *> *l);
+
+    void resolve(const std::string &key,
+        std::vector<const collection::Variable *> *l);
+
+    void resolveRegularExpression(Utils::Regex *r,
+        std::vector<const collection::Variable *> *l);
+
+    std::unique_ptr<std::string> resolveFirst(const std::string &key);
+
+    Transaction *m_transaction;
+    std::string m_name;
+};
+
+}  // namespace modsecurity
+
+#endif
+
+
+#endif  // HEADERS_MODSECURITY_ANCHORED_SET_VARIABLE_H_
+
diff --git a/headers/modsecurity/anchored_variable.h b/headers/modsecurity/anchored_variable.h
new file mode 100644
index 00000000..fa4d8ce3
--- /dev/null
+++ b/headers/modsecurity/anchored_variable.h
@@ -0,0 +1,68 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#ifdef __cplusplus
+#include <ctime>
+#include <fstream>
+#include <iomanip>
+#include <iostream>
+#include <list>
+#include <map>
+#include <sstream>
+#include <string>
+#include <unordered_map>
+#include <utility>
+#include <vector>
+#endif
+
+#include "modsecurity/collection/variable.h"
+
+#ifndef HEADERS_MODSECURITY_ANCHORED_VARIABLE_H_
+#define HEADERS_MODSECURITY_ANCHORED_VARIABLE_H_
+
+#ifdef __cplusplus
+
+
+namespace modsecurity {
+class Transaction;
+
+
+class AnchoredVariable {
+ public:
+    AnchoredVariable(Transaction* t, std::__cxx11::string name);
+    ~AnchoredVariable();
+
+    void unset();
+    void set(const std::string &a, size_t offset);
+    void append(const std::string &a, size_t offset,
+            bool spaceSeparator = false);
+    void evaluate(std::vector<const collection::Variable *> *l);
+    std::string *  evaluate();
+    std::unique_ptr<std::string> resolveFirst();
+
+    Transaction *m_transaction;
+    collection::Variable *m_var;
+    int m_offset;
+    std::string m_name;
+    std::string m_value;
+};
+
+}  // namespace modsecurity
+
+#endif
+
+
+#endif  // HEADERS_MODSECURITY_ANCHORED_SET_VARIABLE_H_
+
diff --git a/headers/modsecurity/collection/collection.h b/headers/modsecurity/collection/collection.h
index 61bf1465..34d4d357 100644
--- a/headers/modsecurity/collection/collection.h
+++ b/headers/modsecurity/collection/collection.h
@@ -50,7 +50,7 @@ class Collection {
 
     virtual void del(const std::string& key) = 0;
 
-    virtual std::string* resolveFirst(const std::string& var) = 0;
+    virtual std::unique_ptr<std::string> resolveFirst(const std::string& var) = 0;
 
     virtual void resolveSingleMatch(const std::string& var,
         std::vector<const Variable *> *l) = 0;
@@ -83,7 +83,7 @@ class Collection {
         del(nkey);
     }
 
-    virtual std::string* resolveFirst(const std::string& var,
+    virtual std::unique_ptr<std::string> resolveFirst(const std::string& var,
         std::string compartment) {
         std::string nkey = compartment + "::" + var;
         return resolveFirst(nkey);
diff --git a/headers/modsecurity/collection/collections.h b/headers/modsecurity/collection/collections.h
index 0cb408f7..4a83bb80 100644
--- a/headers/modsecurity/collection/collections.h
+++ b/headers/modsecurity/collection/collections.h
@@ -56,8 +56,8 @@ class Collections :
     bool storeOrUpdateFirst(const std::string &key, const std::string &value);
     bool updateFirst(const std::string &key, const std::string &value);
     void del(const std::string& key);
-    std::string* resolveFirst(const std::string& var);
-    std::string* resolveFirst(const std::string& collectionName,
+    std::unique_ptr<std::string> resolveFirst(const std::string& var);
+    std::unique_ptr<std::string> resolveFirst(const std::string& collectionName,
         const std::string& var);
 
     void resolveSingleMatch(const std::string& var,
diff --git a/headers/modsecurity/collection/variable.h b/headers/modsecurity/collection/variable.h
index 2c3237de..d976c8d6 100644
--- a/headers/modsecurity/collection/variable.h
+++ b/headers/modsecurity/collection/variable.h
@@ -40,22 +40,28 @@ class Variable {
         m_key(key),
         m_value(),
         m_dynamic_value(false),
+        m_dynamic_key(false),
         m_dynamic(true) { }
     Variable(const std::string *key, const std::string *value) :
         m_key(key),
         m_value(value),
         m_dynamic_value(false),
+        m_dynamic_key(false),
         m_dynamic(true) { }
 
     ~Variable() {
         if (m_dynamic_value) {
             delete m_value;
         }
+        if (m_dynamic_key) {
+            delete m_key;
+        }
     }
 
     const std::string *m_key;
     const std::string *m_value;
     bool m_dynamic_value;
+    bool m_dynamic_key;
     bool m_dynamic;
     std::list<std::unique_ptr<VariableOrigin>> m_orign;
 };
diff --git a/headers/modsecurity/rule.h b/headers/modsecurity/rule.h
index 0e0911ea..b9305239 100644
--- a/headers/modsecurity/rule.h
+++ b/headers/modsecurity/rule.h
@@ -48,12 +48,12 @@ class Rule {
             std::vector<actions::Action *> *_actions,
             std::string fileName,
             int lineNumber);
-    explicit Rule(std::string marker);
-
+    Rule(std::__cxx11::string marker);
     ~Rule();
+
     bool evaluate(Transaction *transaction);
     bool evaluateActions(Transaction *transaction);
-    std::vector<const collection::Variable *> getFinalVars(Transaction *trasn);
+    std::vector<std::unique_ptr<collection::Variable>> getFinalVars(Transaction *trasn);
     void executeActionsAfterFullMatch(Transaction *trasn,
         bool containsDisruptive, RuleMessage *ruleMessage);
     std::list<
@@ -73,22 +73,10 @@ class Rule {
     void cleanMatchedVars(Transaction *trasn);
     void updateRulesVariable(Transaction *trasn);
 
-
-    operators::Operator *op;
-    std::vector<actions::Action *> m_actionsConf;
-    std::vector<actions::Action *> m_actionsRuntimePre;
-    std::vector<actions::Action *> m_actionsRuntimePos;
-
     std::vector<std::string> getActionNames();
     std::vector<actions::Action *> getActionsByName(const std::string& name);
     bool containsTag(const std::string& name, Transaction *t);
 
-    std::vector<Variables::Variable *> *variables;
-    int phase;
-    long rule_id;
-
-    Rule *chainedRule;
-    bool chained;
 
     int refCountDecreaseAndCheck() {
         m_referenceCount--;
@@ -99,22 +87,30 @@ class Rule {
         return 0;
     }
 
+
     void refCountIncrease() {
         m_referenceCount++;
     }
 
-    std::string m_rev;
-    std::string m_ver;
 
-    std::string m_marker;
-    bool m_secmarker;
+    int m_accuracy;
+    std::vector<actions::Action *> m_actionsConf;
+    std::vector<actions::Action *> m_actionsRuntimePos;
+    std::vector<actions::Action *> m_actionsRuntimePre;
+    bool m_chained;
+    Rule *m_chainedRule;
     std::string m_fileName;
     int m_lineNumber;
-
-    std::string m_log_data;
-    int m_accuracy;
+    std::string m_logData;
+    std::string m_marker;
     int m_maturity;
-
+    operators::Operator *m_op;
+    int m_phase;
+    std::string m_rev;
+    long m_ruleId;
+    bool m_secMarker;
+    std::vector<Variables::Variable *> *m_variables;
+    std::string m_ver;
  private:
     bool m_unconditional;
     int m_referenceCount;
@@ -126,5 +122,3 @@ class Rule {
 
 
 #endif  // HEADERS_MODSECURITY_RULE_H_
-
-
diff --git a/headers/modsecurity/rule_message.h b/headers/modsecurity/rule_message.h
index 340f4e80..7518b9ba 100644
--- a/headers/modsecurity/rule_message.h
+++ b/headers/modsecurity/rule_message.h
@@ -37,7 +37,7 @@ class RuleMessage {
     explicit RuleMessage(Rule *rule) :
         m_ruleFile(rule->m_fileName),
         m_ruleLine(rule->m_lineNumber),
-        m_ruleId(rule->rule_id),
+        m_ruleId(rule->m_ruleId),
         m_rev(rule->m_rev),
         m_accuracy(rule->m_accuracy),
         m_message(std::string("")),
diff --git a/headers/modsecurity/rules_properties.h b/headers/modsecurity/rules_properties.h
index 22742507..e6c91fcb 100644
--- a/headers/modsecurity/rules_properties.h
+++ b/headers/modsecurity/rules_properties.h
@@ -390,12 +390,12 @@ class RulesProperties {
                 Rule *rule = rules_from->at(j);
                 for (int z = 0; z < rules_to->size(); z++) {
                     Rule *rule_ckc = rules_to->at(z);
-                    if (rule_ckc->rule_id == rule->rule_id &&
-                        rule_ckc->m_secmarker == false &&
-                        rule->m_secmarker == false) {
+                    if (rule_ckc->m_ruleId == rule->m_ruleId &&
+                        rule_ckc->m_secMarker == false &&
+                        rule->m_secMarker == false) {
                         if (err != NULL) {
                             *err << "Rule id: " \
-                                 << std::to_string(rule->rule_id) \
+                                 << std::to_string(rule->m_ruleId) \
                                  << " is duplicated" << std::endl;
                         }
                         return -1;
diff --git a/headers/modsecurity/transaction.h b/headers/modsecurity/transaction.h
index 40bc3c0f..f9e99517 100644
--- a/headers/modsecurity/transaction.h
+++ b/headers/modsecurity/transaction.h
@@ -40,12 +40,15 @@ typedef struct Transaction_t Transaction;
 typedef struct Rules_t Rules;
 #endif
 
+#include "modsecurity/anchored_set_variable.h"
+#include "modsecurity/anchored_variable.h"
 #include "modsecurity/intervention.h"
 #include "modsecurity/collection/collections.h"
 #include "modsecurity/collection/variable.h"
 #include "modsecurity/collection/collection.h"
 #include "modsecurity/variable_origin.h"
 
+
 #define LOGFY_ADD(a, b) \
     yajl_gen_string(g, reinterpret_cast<const unsigned char*>(a), strlen(a)); \
     if (b == NULL) { \
@@ -88,142 +91,6 @@ class Operator;
 }
 
 
-struct MyEqual {
-    bool operator()(const std::string& Left, const std::string& Right) const {
-        return Left.size() == Right.size()
-             && std::equal(Left.begin(), Left.end(), Right.begin(),
-            [](char a, char b) {
-            return tolower(a) == tolower(b);
-        });
-    }
-};
-
-struct MyHash{
-    size_t operator()(const std::string& Keyval) const {
-        // You might need a better hash function than this
-        size_t h = 0;
-        std::for_each(Keyval.begin(), Keyval.end(), [&](char c) {
-            h += tolower(c);
-        });
-        return h;
-    }
-};
-
-class AnchoredSetVariable : public std::unordered_multimap<std::string,
-	collection::Variable *, MyHash, MyEqual> {
- public:
-    AnchoredSetVariable(Transaction *t, std::string name)
-        : m_name(""),
-        m_transaction(t) {
-            m_name.append(name);
-        }
-
-    ~AnchoredSetVariable() {
-        for (const auto& x : *this) {
-            collection::Variable *var = x.second;
-            delete var->m_key;
-            delete var;
-        }
-    }
-
-    void set(const std::string &key, const std::string &value,
-        size_t offset) {
-        std::string *v = new std::string(value);
-        std::string *k = new std::string(m_name + ":" + key);
-
-        collection::Variable *var = new collection::Variable(k, v);
-        var->m_dynamic_value = true;
-        var->m_dynamic = false;
-        emplace(key, var);
-    }
-
-    void resolve(std::vector<const collection::Variable *> *l) {
-        for (const auto& x : *this) {
-            l->insert(l->begin(), x.second);
-        }
-    }
-
-    void resolve(const std::string &key,
-        std::vector<const collection::Variable *> *l) {
-        auto range = this->equal_range(key);
-        for (auto it = range.first; it != range.second; ++it) {
-            l->push_back(it->second);
-        }
-    }
-
-    void resolveRegularExpression(const std::string &var,
-        std::vector<const collection::Variable *> *l);
-
-    Transaction *m_transaction;
-    std::string m_name;
-};
-
-
-class AnchoredVariable {
- public:
-    AnchoredVariable(Transaction *t, std::string name)
-        : m_name(""),
-        m_transaction(t),
-        m_value("") {
-            m_name.append(name);
-            m_var = new collection::Variable(&m_name);
-            m_var->m_dynamic = false;
-            m_var->m_value = &m_value;
-        }
-
-    ~AnchoredVariable() {
-        delete (m_var);
-        m_var = NULL;
-    }
-
-    void set(const std::string &a, size_t offset) {
-        std::unique_ptr<VariableOrigin> origin(
-            new VariableOrigin());
-        m_offset = offset;
-        m_value.assign(a.c_str(), a.size());
-        origin->m_offset = offset;
-        origin->m_length = m_value.size();
-        m_var->m_orign.push_back(std::move(origin));
-    }
-
-    void append(const std::string &a, size_t offset,
-        bool spaceSeparator = false) {
-        std::unique_ptr<VariableOrigin> origin(
-            new VariableOrigin());
-        if (spaceSeparator && !m_value.empty()) {
-            m_value.append(" " + a);
-        } else {
-            m_value.append(a);
-        }
-        m_offset = offset;
-        origin->m_offset = offset;
-        origin->m_length = a.size();
-        m_var->m_orign.push_back(std::move(origin));
-    }
-
-    void evaluate(std::vector<const collection::Variable *> *l) {
-        if (m_name.empty() || m_var->m_key == NULL
-            || m_var->m_value == NULL || m_var->m_key->empty()) {
-            return;
-        }
-        l->push_back(m_var);
-    }
-
-    std::string *evaluate() {
-        if (m_value.empty() == true) {
-            return NULL;
-        }
-        return &m_value;
-    }
-
-    int m_offset;
-    std::string m_value;
-    Transaction *m_transaction;
-    std::string m_name;
-    collection::Variable *m_var;
-};
-
-
 class TransactionAnchoredVariables {
  public:
     explicit TransactionAnchoredVariables(Transaction *t)
@@ -236,7 +103,6 @@ class TransactionAnchoredVariables {
         m_variableARGScombinedSize(t, "ARGS_COMBINED_SIZE"),
         m_variableAuthType(t, "AUTH_TYPE"),
         m_variableFilesCombinedSize(t, "FILES_COMBINED_SIZE"),
-        m_variableFilesTmpNames(t, "FILES_TMPNAMES"),
         m_variableFullRequest(t, "FULL_REQUEST"),
         m_variableFullRequestLength(t, "FULL_REQUEST_LENGTH"),
         m_variableInboundDataError(t, "INBOUND_DATA_ERROR"),
@@ -285,8 +151,25 @@ class TransactionAnchoredVariables {
         m_variableUniqueID(t, "UNIQUE_ID"),
         m_variableUrlEncodedError(t, "URLENCODED_ERROR"),
         m_variableUserID(t, "USERID"),
-        m_variableOffset(0),
-        m_variableArgs(t, "ARGS")
+        m_variableArgs(t, "ARGS"),
+        m_variableArgsGet(t, "ARGS_GET"),
+        m_variableArgsPost(t, "ARGS_POST"),
+        m_variableFilesSizes(t, "FILES_SIZES"),
+        m_variableFilesNames(t, "FILES_NAMES"),
+        m_variableFilesTmpContent(t, "FILES_TMP_CONTENT"),
+        m_variableMultiPartFileName(t, "MULTIPART_FILENAME"),
+        m_variableMultiPartName(t, "MULTIPART_NAME"),
+        m_variableMatchedVarsNames(t, "MATCHED_VARS_NAMES"),
+        m_variableMatchedVars(t, "MATCHED_VARS"),
+        m_variableFiles(t, "FILES"),
+        m_variableRequestCookies(t, "REQUEST_COOKIES"),
+        m_variableRequestHeaders(t, "REQUEST_HEADERS"),
+        m_variableResponseHeaders(t, "RESPONSE_HEADERS"),
+        m_variableGeo(t, "GEO"),
+        m_variableRequestCookiesNames(t, "REQUEST_COOKIES_NAMES"),
+        m_variableRule(t, "RULE"),
+        m_variableFilesTmpNames(t, "FILES_TMPNAMES"),
+        m_variableOffset(0)
         { }
 
     AnchoredVariable m_variableArgsNames;
@@ -298,7 +181,6 @@ class TransactionAnchoredVariables {
     AnchoredVariable m_variableARGScombinedSize;
     AnchoredVariable m_variableAuthType;
     AnchoredVariable m_variableFilesCombinedSize;
-    AnchoredVariable m_variableFilesTmpNames;
     AnchoredVariable m_variableFullRequest;
     AnchoredVariable m_variableFullRequestLength;
     AnchoredVariable m_variableInboundDataError;
@@ -346,6 +228,23 @@ class TransactionAnchoredVariables {
     AnchoredVariable m_variableUserID;
 
     AnchoredSetVariable m_variableArgs;
+    AnchoredSetVariable m_variableArgsGet;
+    AnchoredSetVariable m_variableArgsPost;
+    AnchoredSetVariable m_variableFilesSizes;
+    AnchoredSetVariable m_variableFilesNames;
+    AnchoredSetVariable m_variableFilesTmpContent;
+    AnchoredSetVariable m_variableMultiPartFileName;
+    AnchoredSetVariable m_variableMultiPartName;
+    AnchoredSetVariable m_variableMatchedVarsNames;
+    AnchoredSetVariable m_variableMatchedVars;
+    AnchoredSetVariable m_variableFiles;
+    AnchoredSetVariable m_variableRequestCookies;
+    AnchoredSetVariable m_variableRequestHeaders;
+    AnchoredSetVariable m_variableResponseHeaders;
+    AnchoredSetVariable m_variableGeo;
+    AnchoredSetVariable m_variableRequestCookiesNames;
+    AnchoredSetVariable m_variableRule;
+    AnchoredSetVariable m_variableFilesTmpNames;
 
     int m_variableOffset;
 };
diff --git a/src/Makefile.am b/src/Makefile.am
index 1a73d265..3534b0b2 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -24,16 +24,19 @@ MAINTAINERCLEANFILES = \
 
 
 pkginclude_HEADERS = \
-	../headers/modsecurity/transaction.h \
-	../headers/modsecurity/debug_log.h \
+	../headers/modsecurity/anchored_set_variable.h \
+	../headers/modsecurity/anchored_variable.h \
 	../headers/modsecurity/audit_log.h \
+	../headers/modsecurity/debug_log.h \
 	../headers/modsecurity/intervention.h \
 	../headers/modsecurity/modsecurity.h \
 	../headers/modsecurity/rule.h \
 	../headers/modsecurity/rule_message.h \
 	../headers/modsecurity/rules.h \
+	../headers/modsecurity/rules_exceptions.h \
 	../headers/modsecurity/rules_properties.h \
-	../headers/modsecurity/rules_exceptions.h
+	../headers/modsecurity/transaction.h \
+	../headers/modsecurity/variable_origin.h
 
 
 
@@ -61,7 +64,6 @@ noinst_HEADERS = \
 	request_body_processor/*.h \
 	utils/*.h \
 	variables/*.h \
-	variables/variations/*.h \
 	*.h
 
 
@@ -82,10 +84,7 @@ VARIABLES = \
 	variables/time_year.cc \
 	variables/tx.cc \
 	variables/variable.cc \
-	variables/variations/count.cc \
-	variables/variations/exclusion.cc \
-	variables/xml.cc \
-	variables/rule.cc
+	variables/xml.cc
 
 
 ACTIONS = \
@@ -243,6 +242,7 @@ libmodsecurity_la_SOURCES = \
 	parser/driver.cc \
 	transaction.cc \
 	anchored_set_variable.cc \
+	anchored_variable.cc \
 	audit_log/audit_log.cc \
 	audit_log/writer/writer.cc \
 	audit_log/writer/https.cc \
diff --git a/src/actions/chain.cc b/src/actions/chain.cc
index 3455ffbf..d5642674 100644
--- a/src/actions/chain.cc
+++ b/src/actions/chain.cc
@@ -26,7 +26,7 @@ namespace actions {
 
 
 bool Chain::evaluate(Rule *rule, Transaction *transaction) {
-    rule->chained = true;
+    rule->m_chained = true;
     return true;
 }
 
diff --git a/src/actions/disruptive/block.cc b/src/actions/disruptive/block.cc
index 74d875b1..49939260 100644
--- a/src/actions/disruptive/block.cc
+++ b/src/actions/disruptive/block.cc
@@ -32,7 +32,7 @@ namespace disruptive {
 bool Block::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
     transaction->debug(8, "Marking request as disruptive.");
 
-    for (Action *a : transaction->m_rules->m_defaultActions[rule->phase]) {
+    for (Action *a : transaction->m_rules->m_defaultActions[rule->m_phase]) {
         if (a->isDisruptive() == false) {
             continue;
         }
diff --git a/src/actions/disruptive/deny.cc b/src/actions/disruptive/deny.cc
index 0b780126..1aee87c7 100644
--- a/src/actions/disruptive/deny.cc
+++ b/src/actions/disruptive/deny.cc
@@ -39,7 +39,7 @@ bool Deny::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) {
 
     log.append("Access denied with code %d");
     log.append(" (phase ");
-    log.append(std::to_string(rm->m_rule->phase - 1) + "). ");
+    log.append(std::to_string(rm->m_rule->m_phase - 1) + "). ");
 
     transaction->m_it.disruptive = true;
     intervention::freeLog(&transaction->m_it);
diff --git a/src/actions/disruptive/redirect.cc b/src/actions/disruptive/redirect.cc
index 9784e286..a138fdf1 100644
--- a/src/actions/disruptive/redirect.cc
+++ b/src/actions/disruptive/redirect.cc
@@ -46,7 +46,7 @@ bool Redirect::evaluate(Rule *rule, Transaction *transaction,
     }
     log.append("Access denied with code %d");
     log.append(" (phase ");
-    log.append(std::to_string(rm->m_rule->phase - 1) + "). ");
+    log.append(std::to_string(rm->m_rule->m_phase - 1) + "). ");
 
     intervention::freeUrl(&transaction->m_it);
     transaction->m_it.url = strdup(m_urlExpanded.c_str());
diff --git a/src/actions/phase.cc b/src/actions/phase.cc
index 4f71acae..9cf68f51 100644
--- a/src/actions/phase.cc
+++ b/src/actions/phase.cc
@@ -80,7 +80,7 @@ bool Phase::init(std::string *error) {
 
 
 bool Phase::evaluate(Rule *rule, Transaction *transaction) {
-    rule->phase = m_phase;
+    rule->m_phase = m_phase;
     return true;
 }
 
diff --git a/src/actions/rule_id.cc b/src/actions/rule_id.cc
index 90aa4508..1c92041d 100644
--- a/src/actions/rule_id.cc
+++ b/src/actions/rule_id.cc
@@ -49,7 +49,7 @@ bool RuleId::init(std::string *error) {
 
 
 bool RuleId::evaluate(Rule *rule, Transaction *transaction) {
-    rule->rule_id = m_ruleId;
+    rule->m_ruleId = m_ruleId;
     return true;
 }
 
diff --git a/src/actions/set_var.cc b/src/actions/set_var.cc
index 2b990e32..b965efbe 100644
--- a/src/actions/set_var.cc
+++ b/src/actions/set_var.cc
@@ -128,7 +128,7 @@ bool SetVar::evaluate(Rule *rule, Transaction *transm_parser_payload) {
         }
 
         try {
-            std::string *resolvedValue =
+            std::unique_ptr<std::string> resolvedValue =
                 transm_parser_payload->m_collections.resolveFirst(
                     m_collectionName,
                     m_variableNameExpanded);
diff --git a/src/anchored_set_variable.cc b/src/anchored_set_variable.cc
index 4e31bcc5..924d0018 100644
--- a/src/anchored_set_variable.cc
+++ b/src/anchored_set_variable.cc
@@ -13,7 +13,7 @@
  *
  */
 
-#include "modsecurity/transaction.h"
+#include "modsecurity/anchored_set_variable.h"
 
 #include <ctime>
 #include <iostream>
@@ -28,9 +28,70 @@
 namespace modsecurity {
 
 
-void AnchoredSetVariable::resolveRegularExpression(const std::string &var,
+AnchoredSetVariable::AnchoredSetVariable(Transaction *t, std::string name)
+    : m_transaction(t),
+    m_name(name) { }
+
+
+AnchoredSetVariable::~AnchoredSetVariable() {
+    unset();
+}
+
+
+void AnchoredSetVariable::unset() {
+    for (const auto& x : *this) {
+        collection::Variable *var = x.second;
+        delete var->m_key;
+        var->m_key = NULL;
+        delete var;
+    }
+    clear();
+}
+
+
+void AnchoredSetVariable::set(const std::string &key,
+    const std::string &value, size_t offset) {
+    std::string *v = new std::string(value);
+    std::string *k = new std::string(m_name + ":" + key);
+
+    collection::Variable *var = new collection::Variable(k, v);
+    var->m_dynamic_value = true;
+    var->m_dynamic = false;
+    emplace(key, var);
+}
+
+
+void AnchoredSetVariable::resolve(
+    std::vector<const collection::Variable *> *l) {
+    for (const auto& x : *this) {
+        l->insert(l->begin(), x.second);
+    }
+}
+
+
+void AnchoredSetVariable::resolve(const std::string &key,
+    std::vector<const collection::Variable *> *l) {
+    auto range = this->equal_range(key);
+    for (auto it = range.first; it != range.second; ++it) {
+        l->push_back(it->second);
+    }
+}
+
+
+std::unique_ptr<std::string> AnchoredSetVariable::resolveFirst(
+    const std::string &key) {
+    auto range = equal_range(key);
+    for (auto it = range.first; it != range.second; ++it) {
+        std::unique_ptr<std::string> b(new std::string());
+        b->assign(*it->second->m_value);
+        return b;
+    }
+    return nullptr;
+}
+
+
+void AnchoredSetVariable::resolveRegularExpression(Utils::Regex *r,
     std::vector<const collection::Variable *> *l) {
-    Utils::Regex *r = new Utils::Regex(var);
     for (const auto& x : *this) {
         int ret = Utils::regex_search(x.first, *r);
         if (ret <= 0) {
@@ -38,7 +99,6 @@ void AnchoredSetVariable::resolveRegularExpression(const std::string &var,
         }
         l->insert(l->begin(), x.second);
     }
-    delete r;
 }
 
 
diff --git a/src/anchored_variable.cc b/src/anchored_variable.cc
new file mode 100644
index 00000000..90242836
--- /dev/null
+++ b/src/anchored_variable.cc
@@ -0,0 +1,114 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "modsecurity/anchored_variable.h"
+
+#include <ctime>
+#include <iostream>
+#include <fstream>
+#include <string>
+#include <vector>
+
+#include "modsecurity/modsecurity.h"
+#include "modsecurity/transaction.h"
+#include "src/utils/regex.h"
+
+namespace modsecurity {
+
+
+AnchoredVariable::AnchoredVariable(Transaction *t,
+    std::string name)
+    : m_transaction(t),
+    m_var(NULL),
+    m_offset(0),
+    m_name(""),
+    m_value("") {
+        m_name.append(name);
+        m_var = new collection::Variable(&m_name);
+        m_var->m_dynamic = false;
+        m_var->m_value = &m_value;
+}
+
+
+AnchoredVariable::~AnchoredVariable() {
+    if (m_var) {
+        delete (m_var);
+        m_var = NULL;
+    }
+}
+
+
+void AnchoredVariable::unset() {
+    m_value.clear();
+    m_var->m_orign.clear();
+}
+
+
+void AnchoredVariable::set(const std::string &a, size_t offset) {
+    std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
+
+    m_offset = offset;
+    m_value.assign(a.c_str(), a.size());
+    origin->m_offset = offset;
+    origin->m_length = m_value.size();
+    m_var->m_orign.push_back(std::move(origin));
+}
+
+
+void AnchoredVariable::append(const std::string &a, size_t offset,
+    bool spaceSeparator) {
+    std::unique_ptr<VariableOrigin> origin(
+        new VariableOrigin());
+
+    if (spaceSeparator && !m_value.empty()) {
+        m_value.append(" " + a);
+    } else {
+        m_value.append(a);
+    }
+    m_offset = offset;
+    origin->m_offset = offset;
+    origin->m_length = a.size();
+    m_var->m_orign.push_back(std::move(origin));
+}
+
+
+void AnchoredVariable::evaluate(std::vector<const collection::Variable *> *l) {
+    if (m_name.empty() || m_var == NULL || m_var->m_key == NULL
+            || m_var->m_value == NULL || m_var->m_key->empty()) {
+        return;
+    }
+    l->push_back(m_var);
+}
+
+
+std::string * AnchoredVariable::evaluate() {
+    if (m_value.empty() == true) {
+        return NULL;
+    }
+    return &m_value;
+}
+
+
+std::unique_ptr<std::string> AnchoredVariable::resolveFirst() {
+    if (m_value.empty()) {
+        return nullptr;
+    }
+    std::unique_ptr<std::string> a(new std::string());
+    a->append(m_value);
+    return a;
+}
+
+
+}  // namespace modsecurity
diff --git a/src/collection/backend/in_memory-per_process.cc b/src/collection/backend/in_memory-per_process.cc
index 9b302385..71abeaee 100644
--- a/src/collection/backend/in_memory-per_process.cc
+++ b/src/collection/backend/in_memory-per_process.cc
@@ -155,11 +155,11 @@ void InMemoryPerProcess::resolveRegularExpression(const std::string& var,
 }
 
 
-std::string* InMemoryPerProcess::resolveFirst(const std::string& var) {
+std::unique_ptr<std::string> InMemoryPerProcess::resolveFirst(const std::string& var) {
     auto range = equal_range(var);
 
     for (auto it = range.first; it != range.second; ++it) {
-        return &it->second;
+        return std::unique_ptr<std::string>(new std::string(it->second));
     }
 
     return NULL;
diff --git a/src/collection/backend/in_memory-per_process.h b/src/collection/backend/in_memory-per_process.h
index c9e2abcf..f654541f 100644
--- a/src/collection/backend/in_memory-per_process.h
+++ b/src/collection/backend/in_memory-per_process.h
@@ -82,7 +82,7 @@ class InMemoryPerProcess :
 
     void del(const std::string& key) override;
 
-    std::string* resolveFirst(const std::string& var) override;
+    std::unique_ptr<std::string> resolveFirst(const std::string& var) override;
 
     void resolveSingleMatch(const std::string& var,
         std::vector<const Variable *> *l) override;
diff --git a/src/collection/backend/lmdb.cc b/src/collection/backend/lmdb.cc
index 4f991fad..5d98f2b0 100644
--- a/src/collection/backend/lmdb.cc
+++ b/src/collection/backend/lmdb.cc
@@ -161,7 +161,7 @@ void LMDB::lmdb_debug(int rc, std::string op, std::string scope) {
 }
 
 
-std::string* LMDB::resolveFirst(const std::string& var) {
+std::unique_ptr<std::string> LMDB::resolveFirst(const std::string& var) {
     int rc;
     MDB_val mdb_key;
     MDB_val mdb_value;
@@ -188,10 +188,9 @@ std::string* LMDB::resolveFirst(const std::string& var) {
         goto end_get;
     }
 
-    // FIXME: Memory leak here.
-    ret = new std::string(
+    ret = std::unique_ptr<std::string>(new std::string(
         reinterpret_cast<char *>(mdb_value_ret.mv_data),
-        mdb_value_ret.mv_size);
+        mdb_value_ret.mv_size));
 
 end_get:
     mdb_dbi_close(m_env, dbi);
diff --git a/src/collection/backend/lmdb.h b/src/collection/backend/lmdb.h
index 26b4d929..ee1be5de 100644
--- a/src/collection/backend/lmdb.h
+++ b/src/collection/backend/lmdb.h
@@ -61,7 +61,7 @@ class LMDB :
 
     void del(const std::string& key) override;
 
-    std::string* resolveFirst(const std::string& var) override;
+    std::unique_ptr<std::string> resolveFirst(const std::string& var) override;
 
     void resolveSingleMatch(const std::string& var,
         std::vector<const Variable *> *l) override;
diff --git a/src/collection/collections.cc b/src/collection/collections.cc
index 4ed633cf..aaf7d70c 100644
--- a/src/collection/collections.cc
+++ b/src/collection/collections.cc
@@ -125,26 +125,27 @@ void Collections::del(const std::string& key) {
 }
 
 
-std::string* Collections::resolveFirst(const std::string& var) {
-    std::string *transientVar = m_transient->resolveFirst(var);
+std::unique_ptr<std::string> Collections::resolveFirst(const std::string& var) {
+    std::unique_ptr<std::string> transientVar = m_transient->resolveFirst(var);
 
     if (transientVar != NULL) {
         return transientVar;
     }
 
     for (auto &a : *this) {
-        std::string *res = a.second->resolveFirst(
+        std::unique_ptr<std::string> res = a.second->resolveFirst(
             utils::string::toupper(a.first) + ":" + var);
+
         if (res != NULL) {
             return res;
         }
     }
 
-    return NULL;
+    return nullptr;
 }
 
 
-std::string* Collections::resolveFirst(const std::string& collectionName,
+std::unique_ptr<std::string> Collections::resolveFirst(const std::string& collectionName,
         const std::string& var) {
         if (utils::string::tolower(collectionName) == "ip"
             && !m_ip_collection_key.empty()) {
@@ -177,7 +178,7 @@ std::string* Collections::resolveFirst(const std::string& collectionName,
         for (auto &a : *this) {
             if (utils::string::tolower(a.first)
                 == utils::string::tolower(collectionName)) {
-                std::string *res = a.second->resolveFirst(
+                std::unique_ptr<std::string> res = a.second->resolveFirst(
                     utils::string::toupper(a.first)
                     + ":" + var);
                 if (res != NULL) {
diff --git a/src/macro_expansion.cc b/src/macro_expansion.cc
index 35ea5262..f76580e7 100644
--- a/src/macro_expansion.cc
+++ b/src/macro_expansion.cc
@@ -63,11 +63,174 @@ std::string MacroExpansion::expand(const std::string& input,
             return res;
         }
         std::string variable(res, start + 2, end - (start + 2));
-        std::string *variableValue = NULL;
+        std::unique_ptr<std::string> variableValue = nullptr;
         size_t collection = variable.find(".");
         if (collection == std::string::npos) {
-            if (utils::string::toupper(variable) == "MATCHED_VAR") {
-                variableValue = transaction->m_variableMatchedVar.evaluate();
+            collection = variable.find(":");
+        }
+        variable = utils::string::toupper(variable);
+        if (collection == std::string::npos) {
+            if (variable == "ARGS_NAMES") {
+                variableValue = transaction->m_variableArgsNames.resolveFirst();
+            }
+            else if (variable == "ARGS_GET_NAMES") {
+                variableValue = transaction->m_variableArgGetNames.resolveFirst();
+            }
+            else if (variable == "ARGS_POST_NAMES") {
+                variableValue = transaction->m_variableArgPostNames.resolveFirst();
+            }
+            else if (variable == "REQUEST_HEADERS_NAMES") {
+                variableValue = transaction->m_variableRequestHeadersNames.resolveFirst();
+            }
+            else if (variable == "RESPONSE_CONTENT_TYPE") {
+                variableValue = transaction->m_variableResponseContentType.resolveFirst();
+            }
+            else if (variable == "RESPONSE_HEADERS_NAMES") {
+                variableValue = transaction->m_variableResponseHeadersNames.resolveFirst();
+            }
+            else if (variable == "ARGS_COMBINED_SIZE") {
+                variableValue = transaction->m_variableARGScombinedSize.resolveFirst();
+            }
+            else if (variable == "AUTH_TYPE") {
+                variableValue = transaction->m_variableAuthType.resolveFirst();
+            }
+            else if (variable == "FILES_COMBINED_SIZE") {
+                variableValue = transaction->m_variableFilesCombinedSize.resolveFirst();
+            }
+            else if (variable == "FULL_REQUEST") {
+                variableValue = transaction->m_variableFullRequest.resolveFirst();
+            }
+            else if (variable == "FULL_REQUEST_LENGTH") {
+                variableValue = transaction->m_variableFullRequestLength.resolveFirst();
+            }
+            else if (variable == "INBOUND_DATA_ERROR") {
+                variableValue = transaction->m_variableInboundDataError.resolveFirst();
+            }
+            else if (variable == "MATCHED_VAR") {
+                variableValue = transaction->m_variableMatchedVar.resolveFirst();
+            }
+            else if (variable == "MATCHED_VAR_NAME") {
+                variableValue = transaction->m_variableMatchedVarName.resolveFirst();
+            }
+            else if (variable == "MULTIPART_CRLF_LF_LINES") {
+                variableValue = transaction->m_variableMultipartCrlfLFLines.resolveFirst();
+            }
+            else if (variable == "MULTIPART_DATA_AFTER") {
+                variableValue = transaction->m_variableMultipartDataAfter.resolveFirst();
+            }
+            else if (variable == "MULTIPART_FILE_LIMIT_EXCEEDED") {
+                variableValue = transaction->m_variableMultipartFileLimitExceeded.resolveFirst();
+            }
+            else if (variable == "MULTIPART_STRICT_ERROR") {
+                variableValue = transaction->m_variableMultipartStrictError.resolveFirst();
+            }
+            else if (variable == "MULTIPART_HEADER_FOLDING") {
+                variableValue = transaction->m_variableMultipartHeaderFolding.resolveFirst();
+            }
+            else if (variable == "MULTIPART_INVALID_QUOTING") {
+                variableValue = transaction->m_variableMultipartInvalidQuoting.resolveFirst();
+            }
+            else if (variable == "MULTIPART_INVALID_HEADER_FOLDING") {
+                variableValue = transaction->m_variableMultipartInvalidHeaderFolding.resolveFirst();
+            }
+            else if (variable == "MULTIPART_UNMATCHED_BOUNDARY") {
+                variableValue = transaction->m_variableMultipartUnmatchedBoundary.resolveFirst();
+            }
+            else if (variable == "OUTBOUND_DATA_ERROR") {
+                variableValue = transaction->m_variableOutboundDataError.resolveFirst();
+            }
+            else if (variable == "PATH_INFO") {
+                variableValue = transaction->m_variablePathInfo.resolveFirst();
+            }
+            else if (variable == "QUERY_STRING") {
+                variableValue = transaction->m_variableQueryString.resolveFirst();
+            }
+            else if (variable == "REMOTE_ADDR") {
+                variableValue = transaction->m_variableRemoteAddr.resolveFirst();
+            }
+            else if (variable == "REMOTE_HOST") {
+                variableValue = transaction->m_variableRemoteHost.resolveFirst();
+            }
+            else if (variable == "REMOTE_PORT") {
+                variableValue = transaction->m_variableRemotePort.resolveFirst();
+            }
+            else if (variable == "REQBODY_ERROR") {
+                variableValue = transaction->m_variableReqbodyError.resolveFirst();
+            }
+            else if (variable == "REQBODY_ERROR_MSG") {
+                variableValue = transaction->m_variableReqbodyErrorMsg.resolveFirst();
+            }
+            else if (variable == "REQBODY_PROCESSOR_ERROR_MSG") {
+                variableValue = transaction->m_variableReqbodyProcessorErrorMsg.resolveFirst();
+            }
+            else if (variable == "REQBODY_PROCESSOR_ERROR") {
+                variableValue = transaction->m_variableReqbodyProcessorError.resolveFirst();
+            }
+            else if (variable == "REQBODY_PROCESSOR") {
+                variableValue = transaction->m_variableReqbodyProcessor.resolveFirst();
+            }
+            else if (variable == "REQUEST_BASENAME") {
+                variableValue = transaction->m_variableRequestBasename.resolveFirst();
+            }
+            else if (variable == "REQUEST_BODY") {
+                variableValue = transaction->m_variableRequestBody.resolveFirst();
+            }
+            else if (variable == "REQUEST_BODY_LENGTH") {
+                variableValue = transaction->m_variableRequestBodyLength.resolveFirst();
+            }
+            else if (variable == "REQUEST_FILENAME") {
+                variableValue = transaction->m_variableRequestFilename.resolveFirst();
+            }
+            else if (variable == "REQUEST_LINE") {
+                variableValue = transaction->m_variableRequestLine.resolveFirst();
+            }
+            else if (variable == "REQUEST_METHOD") {
+                variableValue = transaction->m_variableRequestMethod.resolveFirst();
+            }
+            else if (variable == "REQUEST_PROTOCOL") {
+                variableValue = transaction->m_variableRequestProtocol.resolveFirst();
+            }
+            else if (variable == "REQUEST_URI") {
+                variableValue = transaction->m_variableRequestURI.resolveFirst();
+            }
+            else if (variable == "REQUEST_URI_RAW") {
+                variableValue = transaction->m_variableRequestURIRaw.resolveFirst();
+            }
+            else if (variable == "RESOURCE") {
+                variableValue = transaction->m_variableResource.resolveFirst();
+            }
+            else if (variable == "RESPONSE_BODY") {
+                variableValue = transaction->m_variableResponseBody.resolveFirst();
+            }
+            else if (variable == "RESPONSE_CONTENT_LENGTH") {
+                variableValue = transaction->m_variableResponseContentLength.resolveFirst();
+            }
+            else if (variable == "RESPONSE_PROTOCOL") {
+                variableValue = transaction->m_variableResponseProtocol.resolveFirst();
+            }
+            else if (variable == "RESPONSE_STATUS") {
+                variableValue = transaction->m_variableResponseStatus.resolveFirst();
+            }
+            else if (variable == "SERVER_ADDR") {
+                variableValue = transaction->m_variableServerAddr.resolveFirst();
+            }
+            else if (variable == "SERVER_NAME") {
+                variableValue = transaction->m_variableServerName.resolveFirst();
+            }
+            else if (variable == "SERVER_PORT") {
+                variableValue = transaction->m_variableServerPort.resolveFirst();
+            }
+            else if (variable == "SESSIONID") {
+                variableValue = transaction->m_variableSessionID.resolveFirst();
+            }
+            else if (variable == "UNIQUE_ID") {
+                variableValue = transaction->m_variableUniqueID.resolveFirst();
+            }
+            else if (variable == "URLENCODED_ERROR") {
+                variableValue = transaction->m_variableUrlEncodedError.resolveFirst();
+            }
+            else if (variable == "USERID") {
+                variableValue = transaction->m_variableUserID.resolveFirst();
             } else {
                 variableValue = transaction->m_collections.resolveFirst(
                     variable);
@@ -76,10 +239,61 @@ std::string MacroExpansion::expand(const std::string& input,
             std::string col = std::string(variable, 0, collection);
             std::string var = std::string(variable, collection + 1,
                 variable.length() - (collection + 1));
+            col = utils::string::toupper(col);
 
-            if (utils::string::toupper(col) == "RULE") {
-                variableValue = transaction->m_collections.resolveFirst(
-                    "RULE:" + var);
+            if (col == "ARGS") {
+                variableValue = transaction->m_variableArgs.resolveFirst(var);
+            }
+            else if (col == "RULE") {
+                variableValue = transaction->m_variableRule.resolveFirst(var);
+            }
+            else if (col == "ARGS_GET") {
+                variableValue = transaction->m_variableArgsGet.resolveFirst(var);
+            }
+            else if (col == "ARGS_POST") {
+                variableValue = transaction->m_variableArgsPost.resolveFirst(var);
+            }
+            else if (col == "FILES_SIZES") {
+                variableValue = transaction->m_variableFilesSizes.resolveFirst(var);
+            }
+            else if (col == "FILES_NAMES") {
+                variableValue = transaction->m_variableFilesNames.resolveFirst(var);
+            }
+            else if (col == "FILES_TMP_CONTENT") {
+                variableValue = transaction->m_variableFilesTmpContent.resolveFirst(var);
+            }
+            else if (col == "MULTIPART_FILENAME") {
+                variableValue = transaction->m_variableMultiPartFileName.resolveFirst(var);
+            }
+            else if (col == "MULTIPART_NAME") {
+                variableValue = transaction->m_variableMultiPartName.resolveFirst(var);
+            }
+            else if (col == "MATCHED_VARS_NAMES") {
+                variableValue = transaction->m_variableMatchedVarsNames.resolveFirst(var);
+            }
+            else if (col == "MATCHED_VARS") {
+                variableValue = transaction->m_variableMatchedVars.resolveFirst(var);
+            }
+            else if (col == "FILES") {
+                variableValue = transaction->m_variableFiles.resolveFirst(var);
+            }
+            else if (col == "REQUEST_COOKIES") {
+                variableValue = transaction->m_variableRequestCookies.resolveFirst(var);
+            }
+            else if (col == "REQUEST_HEADERS") {
+                variableValue = transaction->m_variableRequestHeaders.resolveFirst(var);
+            }
+            else if (col == "RESPONSE_HEADERS") {
+                variableValue = transaction->m_variableResponseHeaders.resolveFirst(var);
+            }
+            else if (col == "GEO") {
+                variableValue = transaction->m_variableGeo.resolveFirst(var);
+            }
+            else if (col == "REQUEST_COOKIES_NAMES") {
+                variableValue = transaction->m_variableRequestCookiesNames.resolveFirst(var);
+            }
+            else if (col == "FILES_TMPNAMES") {
+                variableValue = transaction->m_variableFilesTmpNames.resolveFirst(var);
             } else {
                 variableValue = transaction->m_collections.resolveFirst(col,
                     var);
diff --git a/src/operators/geo_lookup.cc b/src/operators/geo_lookup.cc
index 954c6c70..91241f66 100644
--- a/src/operators/geo_lookup.cc
+++ b/src/operators/geo_lookup.cc
@@ -47,43 +47,48 @@ bool GeoLookup::evaluate(Transaction *trans, const std::string &exp) {
     }
     if (ret && gir) {
         if (gir->country_code) {
-            trans->m_collections.store("GEO:COUNTRY_CODE", gir->country_code);
+            trans->m_variableGeo.set("COUNTRY_CODE",
+                std::string(gir->country_code), 0);
         }
         if (gir->country_code3) {
-            trans->m_collections.store("GEO:COUNTRY_CODE3", gir->country_code3);
+            trans->m_variableGeo.set("COUNTRY_CODE3",
+                std::string(gir->country_code3), 0);
         }
         if (gir->country_name) {
-            trans->m_collections.store("GEO:COUNTRY_NAME", gir->country_name);
+            trans->m_variableGeo.set("COUNTRY_NAME",
+                std::string(gir->country_name), 0);
         }
         if (gir->continent_code) {
-            trans->m_collections.store("GEO:COUNTRY_CONTINENT",
-                gir->continent_code);
+            trans->m_variableGeo.set("COUNTRY_CONTINENT",
+                std::string(gir->continent_code), 0);
         }
         if (gir->country_code && gir->region) {
-            trans->m_collections.store("GEO:REGION",
-                GeoIP_region_name_by_code(gir->country_code, gir->region));
+            trans->m_variableGeo.set("REGION",
+                std::string(GeoIP_region_name_by_code(gir->country_code,
+                    gir->region)), 0);
         }
         if (gir->city) {
-            trans->m_collections.store("GEO:CITY", gir->city);
+            trans->m_variableGeo.set("CITY", std::string(gir->city), 0);
         }
         if (gir->postal_code) {
-            trans->m_collections.store("GEO:POSTAL_CODE", gir->postal_code);
+            trans->m_variableGeo.set("POSTAL_CODE",
+                std::string(gir->postal_code), 0);
         }
         if (gir->latitude) {
-            trans->m_collections.store("GEO:LATITUDE",
-                std::to_string(gir->latitude));
+            trans->m_variableGeo.set("LATITUDE",
+                std::to_string(gir->latitude), 0);
         }
         if (gir->longitude) {
-            trans->m_collections.store("GEO:LONGITUDE",
-                std::to_string(gir->longitude));
+            trans->m_variableGeo.set("LONGITUDE",
+                std::to_string(gir->longitude), 0);
         }
         if (gir->metro_code) {
-            trans->m_collections.store("GEO:DMA_CODE",
-                std::to_string(gir->metro_code));
+            trans->m_variableGeo.set("DMA_CODE",
+                std::to_string(gir->metro_code), 0);
         }
         if (gir->area_code) {
-            trans->m_collections.store("GEO:AREA_CODE",
-                std::to_string(gir->area_code));
+            trans->m_variableGeo.set("AREA_CODE",
+                std::to_string(gir->area_code), 0);
         }
 
         GeoIPRecord_delete(gir);
diff --git a/src/parser/driver.cc b/src/parser/driver.cc
index f3b8bb31..53dca136 100644
--- a/src/parser/driver.cc
+++ b/src/parser/driver.cc
@@ -44,7 +44,7 @@ Driver::~Driver() {
 int Driver::addSecMarker(std::string marker) {
     for (int i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) {
         Rule *rule = new Rule(marker);
-        rule->phase = i;
+        rule->m_phase = i;
         m_rules[i].push_back(rule);
     }
     return 0;
@@ -52,37 +52,37 @@ int Driver::addSecMarker(std::string marker) {
 
 
 int Driver::addSecAction(Rule *rule) {
-    if (rule->phase > modsecurity::Phases::NUMBER_OF_PHASES) {
-        m_parserError << "Unknown phase: " << std::to_string(rule->phase);
+    if (rule->m_phase > modsecurity::Phases::NUMBER_OF_PHASES) {
+        m_parserError << "Unknown phase: " << std::to_string(rule->m_phase);
         m_parserError << std::endl;
         return false;
     }
 
-    m_rules[rule->phase].push_back(rule);
+    m_rules[rule->m_phase].push_back(rule);
 
     return true;
 }
 
 int Driver::addSecRule(Rule *rule) {
-    if (rule->phase > modsecurity::Phases::NUMBER_OF_PHASES) {
-        m_parserError << "Unknown phase: " << std::to_string(rule->phase);
+    if (rule->m_phase > modsecurity::Phases::NUMBER_OF_PHASES) {
+        m_parserError << "Unknown phase: " << std::to_string(rule->m_phase);
         m_parserError << std::endl;
         return false;
     }
 
-    if (lastRule && lastRule->chained && lastRule->chainedRule == NULL) {
-        rule->phase = lastRule->phase;
-        lastRule->chainedRule = rule;
+    if (lastRule && lastRule->m_chained && lastRule->m_chainedRule == NULL) {
+        rule->m_phase = lastRule->m_phase;
+        lastRule->m_chainedRule = rule;
         return true;
     }
 
-    if (lastRule && lastRule->chained && lastRule->chainedRule != NULL) {
-        Rule *a = lastRule->chainedRule;
-        while (a->chained && a->chainedRule != NULL) {
-            a = a->chainedRule;
+    if (lastRule && lastRule->m_chained && lastRule->m_chainedRule != NULL) {
+        Rule *a = lastRule->m_chainedRule;
+        while (a->m_chained && a->m_chainedRule != NULL) {
+            a = a->m_chainedRule;
         }
-        if (a->chained && a->chainedRule == NULL) {
-            a->chainedRule = rule;
+        if (a->m_chained && a->m_chainedRule == NULL) {
+            a->m_chainedRule = rule;
             return true;
         }
     }
@@ -91,7 +91,7 @@ int Driver::addSecRule(Rule *rule) {
      * Checking if the rule has an ID and also checking if this ID is not used
      * by other rule
      */
-    if (rule->rule_id == 0) {
+    if (rule->m_ruleId == 0) {
         m_parserError << "Rules must have an ID. File: ";
         m_parserError << rule->m_fileName << " at line: ";
         m_parserError << std::to_string(rule->m_lineNumber) << std::endl;
@@ -100,8 +100,8 @@ int Driver::addSecRule(Rule *rule) {
     for (int i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) {
         std::vector<Rule *> rules = m_rules[i];
         for (int j = 0; j < rules.size(); j++) {
-            if (rules[j]->rule_id == rule->rule_id) {
-                m_parserError << "Rule id: " << std::to_string(rule->rule_id) \
+            if (rules[j]->m_ruleId == rule->m_ruleId) {
+                m_parserError << "Rule id: " << std::to_string(rule->m_ruleId) \
                     << " is duplicated" << std::endl;
                 return false;
             }
@@ -109,7 +109,7 @@ int Driver::addSecRule(Rule *rule) {
     }
 
     lastRule = rule;
-    m_rules[rule->phase].push_back(rule);
+    m_rules[rule->m_phase].push_back(rule);
     return true;
 }
 
diff --git a/src/parser/seclang-parser.cc b/src/parser/seclang-parser.cc
index 846e33e5..3fe239db 100644
--- a/src/parser/seclang-parser.cc
+++ b/src/parser/seclang-parser.cc
@@ -49,7 +49,7 @@
 
 #line 51 "seclang-parser.cc" // lalr1.cc:412
 // Unqualified %code blocks.
-#line 310 "seclang-parser.yy" // lalr1.cc:413
+#line 345 "seclang-parser.yy" // lalr1.cc:413
 
 #include "src/parser/driver.h"
 
@@ -251,227 +251,221 @@ namespace yy {
   {
       switch (that.type_get ())
     {
-      case 67: // "Accuracy"
-      case 68: // "Allow"
-      case 69: // "Append"
-      case 70: // "AuditLog"
-      case 71: // "Block"
-      case 72: // "Capture"
-      case 73: // "Chain"
-      case 74: // "ACTION_CTL_AUDIT_ENGINE"
-      case 75: // "ACTION_CTL_AUDIT_LOG_PARTS"
-      case 76: // "ACTION_CTL_BDY_JSON"
-      case 77: // "ACTION_CTL_BDY_XML"
-      case 78: // "ACTION_CTL_FORCE_REQ_BODY_VAR"
-      case 79: // "ACTION_CTL_REQUEST_BODY_ACCESS"
-      case 80: // "ACTION_CTL_RULE_ENGINE"
-      case 81: // "ACTION_CTL_RULE_REMOVE_BY_ID"
-      case 82: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID"
-      case 83: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG"
-      case 84: // "Deny"
-      case 85: // "DeprecateVar"
-      case 86: // "Drop"
-      case 87: // "Exec"
-      case 88: // "ExpireVar"
-      case 89: // "Id"
-      case 90: // "InitCol"
-      case 91: // "Log"
-      case 92: // "LogData"
-      case 93: // "Maturity"
-      case 94: // "Msg"
-      case 95: // "MultiMatch"
-      case 96: // "NoAuditLog"
-      case 97: // "NoLog"
-      case 98: // "Pass"
-      case 99: // "Pause"
-      case 100: // "Phase"
-      case 101: // "Prepend"
-      case 102: // "Proxy"
-      case 103: // "Redirect"
-      case 104: // "Rev"
-      case 105: // "SanatiseArg"
-      case 106: // "SanatiseMatched"
-      case 107: // "SanatiseMatchedBytes"
-      case 108: // "SanatiseRequestHeader"
-      case 109: // "SanatiseResponseHeader"
-      case 110: // "SetEnv"
-      case 111: // "SetSrc"
-      case 112: // "SetSid"
-      case 113: // "SetUID"
-      case 114: // "Severity"
-      case 115: // "Skip"
-      case 116: // "SkipAfter"
-      case 117: // "Status"
-      case 118: // "Tag"
-      case 119: // "ACTION_TRANSFORMATION_CMD_LINE"
-      case 120: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE"
-      case 121: // "ACTION_TRANSFORMATION_CSS_DECODE"
-      case 122: // "ACTION_TRANSFORMATION_HEX_ENCODE"
-      case 123: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE"
-      case 124: // "ACTION_TRANSFORMATION_JS_DECODE"
-      case 125: // "ACTION_TRANSFORMATION_LENGTH"
-      case 126: // "ACTION_TRANSFORMATION_LOWERCASE"
-      case 127: // "ACTION_TRANSFORMATION_MD5"
-      case 128: // "ACTION_TRANSFORMATION_NONE"
-      case 129: // "ACTION_TRANSFORMATION_NORMALISE_PATH"
-      case 130: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN"
-      case 131: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT"
-      case 132: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT"
-      case 133: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT"
-      case 134: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS"
-      case 135: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR"
-      case 136: // "ACTION_TRANSFORMATION_REMOVE_NULLS"
-      case 137: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE"
-      case 138: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS"
-      case 139: // "ACTION_TRANSFORMATION_REPLACE_NULLS"
-      case 140: // "ACTION_TRANSFORMATION_SHA1"
-      case 141: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE"
-      case 142: // "ACTION_TRANSFORMATION_TRIM"
-      case 143: // "ACTION_TRANSFORMATION_URL_DECODE"
-      case 144: // "ACTION_TRANSFORMATION_URL_DECODE_UNI"
-      case 145: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE"
-      case 146: // "Ver"
-      case 147: // "xmlns"
-      case 148: // "CONFIG_COMPONENT_SIG"
-      case 149: // "CONFIG_DIR_AUDIT_DIR"
-      case 150: // "CONFIG_DIR_AUDIT_DIR_MOD"
-      case 151: // "CONFIG_DIR_AUDIT_ENG"
-      case 152: // "CONFIG_DIR_AUDIT_FLE_MOD"
-      case 153: // "CONFIG_DIR_AUDIT_LOG"
-      case 154: // "CONFIG_DIR_AUDIT_LOG2"
-      case 155: // "CONFIG_DIR_AUDIT_LOG_P"
-      case 156: // "CONFIG_DIR_AUDIT_STS"
-      case 157: // "CONFIG_DIR_AUDIT_TPE"
-      case 158: // "CONFIG_DIR_DEBUG_LOG"
-      case 159: // "CONFIG_DIR_DEBUG_LVL"
-      case 160: // "CONFIG_DIR_GEO_DB"
-      case 161: // "CONFIG_DIR_PCRE_MATCH_LIMIT"
-      case 162: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION"
-      case 163: // "CONFIG_DIR_REQ_BODY"
-      case 164: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
-      case 165: // "CONFIG_DIR_REQ_BODY_LIMIT"
-      case 166: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION"
-      case 167: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT"
-      case 168: // "CONFIG_DIR_RES_BODY"
-      case 169: // "CONFIG_DIR_RES_BODY_LIMIT"
-      case 170: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION"
-      case 171: // "CONFIG_DIR_RULE_ENG"
-      case 172: // "CONFIG_DIR_SEC_ACTION"
-      case 173: // "CONFIG_DIR_SEC_DEFAULT_ACTION"
-      case 174: // "CONFIG_DIR_SEC_MARKER"
-      case 175: // "CONFIG_DIR_UNICODE_MAP_FILE"
-      case 176: // "CONFIG_SEC_COLLECTION_TIMEOUT"
-      case 177: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION"
-      case 178: // "CONFIG_SEC_RULE_REMOVE_BY_ID"
-      case 179: // "CONFIG_UPDLOAD_KEEP_FILES"
-      case 180: // "CONFIG_UPDLOAD_SAVE_TMP_FILES"
-      case 181: // "CONFIG_UPLOAD_DIR"
-      case 182: // "CONFIG_UPLOAD_FILE_LIMIT"
-      case 183: // "CONFIG_UPLOAD_FILE_MODE"
-      case 184: // "CONFIG_VALUE_ABORT"
-      case 185: // "CONFIG_VALUE_DETC"
-      case 186: // "CONFIG_VALUE_HTTPS"
-      case 187: // "CONFIG_VALUE_OFF"
-      case 188: // "CONFIG_VALUE_ON"
-      case 189: // "CONFIG_VALUE_PARALLEL"
-      case 190: // "CONFIG_VALUE_PROCESS_PARTIAL"
-      case 191: // "CONFIG_VALUE_REJECT"
-      case 192: // "CONFIG_VALUE_RELEVANT_ONLY"
-      case 193: // "CONFIG_VALUE_SERIAL"
-      case 194: // "CONFIG_VALUE_WARN"
-      case 195: // "CONFIG_XML_EXTERNAL_ENTITY"
-      case 196: // "CONGIG_DIR_RESPONSE_BODY_MP"
-      case 197: // "CONGIG_DIR_SEC_ARG_SEP"
-      case 198: // "CONGIG_DIR_SEC_COOKIE_FORMAT"
-      case 199: // "CONGIG_DIR_SEC_DATA_DIR"
-      case 200: // "CONGIG_DIR_SEC_STATUS_ENGINE"
-      case 201: // "CONGIG_DIR_SEC_TMP_DIR"
-      case 202: // "DIRECTIVE"
-      case 203: // "DIRECTIVE_SECRULESCRIPT"
-      case 204: // "FREE_TEXT"
-      case 205: // "OPERATOR"
-      case 206: // "OPERATOR_BEGINS_WITH"
-      case 207: // "OPERATOR_CONTAINS"
-      case 208: // "OPERATOR_CONTAINS_WORD"
-      case 209: // "OPERATOR_DETECT_SQLI"
-      case 210: // "OPERATOR_DETECT_XSS"
-      case 211: // "OPERATOR_ENDS_WITH"
-      case 212: // "OPERATOR_EQ"
-      case 213: // "OPERATOR_FUZZY_HASH"
-      case 214: // "OPERATOR_GE"
-      case 215: // "OPERATOR_GEOLOOKUP"
-      case 216: // "OPERATOR_GSB_LOOKUP"
-      case 217: // "OPERATOR_GT"
-      case 218: // "OPERATOR_INSPECT_FILE"
-      case 219: // "OPERATOR_IP_MATCH"
-      case 220: // "OPERATOR_IP_MATCH_FROM_FILE"
-      case 221: // "OPERATOR_LE"
-      case 222: // "OPERATOR_LT"
-      case 223: // "OPERATOR_PM"
-      case 224: // "OPERATOR_PM_FROM_FILE"
-      case 225: // "OPERATOR_RBL"
-      case 226: // "OPERATOR_RSUB"
-      case 227: // "OPERATOR_RX"
-      case 228: // "Operator Rx"
-      case 229: // "OPERATOR_STR_EQ"
-      case 230: // "OPERATOR_STR_MATCH"
-      case 231: // "OPERATOR_UNCONDITIONAL_MATCH"
-      case 232: // "OPERATOR_VALIDATE_BYTE_RANGE"
-      case 233: // "OPERATOR_VALIDATE_DTD"
-      case 234: // "OPERATOR_VALIDATE_HASH"
-      case 235: // "OPERATOR_VALIDATE_SCHEMA"
-      case 236: // "OPERATOR_VALIDATE_URL_ENCODING"
-      case 237: // "OPERATOR_VALIDATE_UTF8_ENCODING"
-      case 238: // "OPERATOR_VERIFY_CC"
-      case 239: // "OPERATOR_VERIFY_CPF"
-      case 240: // "OPERATOR_VERIFY_SSN"
-      case 241: // "OPERATOR_WITHIN"
-      case 242: // "OP_QUOTE"
-      case 243: // "QUOTATION_MARK"
-      case 244: // "RUN_TIME_VAR_BLD"
-      case 245: // "RUN_TIME_VAR_DUR"
-      case 246: // "RUN_TIME_VAR_ENV"
-      case 247: // "RUN_TIME_VAR_HSV"
-      case 248: // "RUN_TIME_VAR_REMOTE_USER"
-      case 249: // "RUN_TIME_VAR_RULE"
-      case 250: // "RUN_TIME_VAR_TIME"
-      case 251: // "RUN_TIME_VAR_TIME_DAY"
-      case 252: // "RUN_TIME_VAR_TIME_EPOCH"
-      case 253: // "RUN_TIME_VAR_TIME_HOUR"
-      case 254: // "RUN_TIME_VAR_TIME_MIN"
-      case 255: // "RUN_TIME_VAR_TIME_MON"
-      case 256: // "RUN_TIME_VAR_TIME_SEC"
-      case 257: // "RUN_TIME_VAR_TIME_WDAY"
-      case 258: // "RUN_TIME_VAR_TIME_YEAR"
-      case 259: // "RUN_TIME_VAR_XML"
-      case 260: // "VARIABLE"
-      case 261: // "VARIABLE_COL"
-      case 262: // "VARIABLE_STATUS"
-      case 263: // "VARIABLE_TX"
-      case 264: // "Dictionary element"
-      case 265: // "Dictionary element, selected by regexp"
+      case 93: // "Accuracy"
+      case 94: // "Allow"
+      case 95: // "Append"
+      case 96: // "AuditLog"
+      case 97: // "Block"
+      case 98: // "Capture"
+      case 99: // "Chain"
+      case 100: // "ACTION_CTL_AUDIT_ENGINE"
+      case 101: // "ACTION_CTL_AUDIT_LOG_PARTS"
+      case 102: // "ACTION_CTL_BDY_JSON"
+      case 103: // "ACTION_CTL_BDY_XML"
+      case 104: // "ACTION_CTL_FORCE_REQ_BODY_VAR"
+      case 105: // "ACTION_CTL_REQUEST_BODY_ACCESS"
+      case 106: // "ACTION_CTL_RULE_ENGINE"
+      case 107: // "ACTION_CTL_RULE_REMOVE_BY_ID"
+      case 108: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID"
+      case 109: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG"
+      case 110: // "Deny"
+      case 111: // "DeprecateVar"
+      case 112: // "Drop"
+      case 113: // "Exec"
+      case 114: // "ExpireVar"
+      case 115: // "Id"
+      case 116: // "InitCol"
+      case 117: // "Log"
+      case 118: // "LogData"
+      case 119: // "Maturity"
+      case 120: // "Msg"
+      case 121: // "MultiMatch"
+      case 122: // "NoAuditLog"
+      case 123: // "NoLog"
+      case 124: // "Pass"
+      case 125: // "Pause"
+      case 126: // "Phase"
+      case 127: // "Prepend"
+      case 128: // "Proxy"
+      case 129: // "Redirect"
+      case 130: // "Rev"
+      case 131: // "SanatiseArg"
+      case 132: // "SanatiseMatched"
+      case 133: // "SanatiseMatchedBytes"
+      case 134: // "SanatiseRequestHeader"
+      case 135: // "SanatiseResponseHeader"
+      case 136: // "SetEnv"
+      case 137: // "SetSrc"
+      case 138: // "SetSid"
+      case 139: // "SetUID"
+      case 140: // "Severity"
+      case 141: // "Skip"
+      case 142: // "SkipAfter"
+      case 143: // "Status"
+      case 144: // "Tag"
+      case 145: // "ACTION_TRANSFORMATION_CMD_LINE"
+      case 146: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE"
+      case 147: // "ACTION_TRANSFORMATION_CSS_DECODE"
+      case 148: // "ACTION_TRANSFORMATION_HEX_ENCODE"
+      case 149: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE"
+      case 150: // "ACTION_TRANSFORMATION_JS_DECODE"
+      case 151: // "ACTION_TRANSFORMATION_LENGTH"
+      case 152: // "ACTION_TRANSFORMATION_LOWERCASE"
+      case 153: // "ACTION_TRANSFORMATION_MD5"
+      case 154: // "ACTION_TRANSFORMATION_NONE"
+      case 155: // "ACTION_TRANSFORMATION_NORMALISE_PATH"
+      case 156: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN"
+      case 157: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT"
+      case 158: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT"
+      case 159: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT"
+      case 160: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS"
+      case 161: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR"
+      case 162: // "ACTION_TRANSFORMATION_REMOVE_NULLS"
+      case 163: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE"
+      case 164: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS"
+      case 165: // "ACTION_TRANSFORMATION_REPLACE_NULLS"
+      case 166: // "ACTION_TRANSFORMATION_SHA1"
+      case 167: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE"
+      case 168: // "ACTION_TRANSFORMATION_TRIM"
+      case 169: // "ACTION_TRANSFORMATION_URL_DECODE"
+      case 170: // "ACTION_TRANSFORMATION_URL_DECODE_UNI"
+      case 171: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE"
+      case 172: // "Ver"
+      case 173: // "xmlns"
+      case 174: // "CONFIG_COMPONENT_SIG"
+      case 175: // "CONFIG_DIR_AUDIT_DIR"
+      case 176: // "CONFIG_DIR_AUDIT_DIR_MOD"
+      case 177: // "CONFIG_DIR_AUDIT_ENG"
+      case 178: // "CONFIG_DIR_AUDIT_FLE_MOD"
+      case 179: // "CONFIG_DIR_AUDIT_LOG"
+      case 180: // "CONFIG_DIR_AUDIT_LOG2"
+      case 181: // "CONFIG_DIR_AUDIT_LOG_P"
+      case 182: // "CONFIG_DIR_AUDIT_STS"
+      case 183: // "CONFIG_DIR_AUDIT_TPE"
+      case 184: // "CONFIG_DIR_DEBUG_LOG"
+      case 185: // "CONFIG_DIR_DEBUG_LVL"
+      case 186: // "CONFIG_DIR_GEO_DB"
+      case 187: // "CONFIG_DIR_PCRE_MATCH_LIMIT"
+      case 188: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION"
+      case 189: // "CONFIG_DIR_REQ_BODY"
+      case 190: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
+      case 191: // "CONFIG_DIR_REQ_BODY_LIMIT"
+      case 192: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION"
+      case 193: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT"
+      case 194: // "CONFIG_DIR_RES_BODY"
+      case 195: // "CONFIG_DIR_RES_BODY_LIMIT"
+      case 196: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION"
+      case 197: // "CONFIG_DIR_RULE_ENG"
+      case 198: // "CONFIG_DIR_SEC_ACTION"
+      case 199: // "CONFIG_DIR_SEC_DEFAULT_ACTION"
+      case 200: // "CONFIG_DIR_SEC_MARKER"
+      case 201: // "CONFIG_DIR_UNICODE_MAP_FILE"
+      case 202: // "CONFIG_SEC_COLLECTION_TIMEOUT"
+      case 203: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION"
+      case 204: // "CONFIG_SEC_RULE_REMOVE_BY_ID"
+      case 205: // "CONFIG_UPDLOAD_KEEP_FILES"
+      case 206: // "CONFIG_UPDLOAD_SAVE_TMP_FILES"
+      case 207: // "CONFIG_UPLOAD_DIR"
+      case 208: // "CONFIG_UPLOAD_FILE_LIMIT"
+      case 209: // "CONFIG_UPLOAD_FILE_MODE"
+      case 210: // "CONFIG_VALUE_ABORT"
+      case 211: // "CONFIG_VALUE_DETC"
+      case 212: // "CONFIG_VALUE_HTTPS"
+      case 213: // "CONFIG_VALUE_OFF"
+      case 214: // "CONFIG_VALUE_ON"
+      case 215: // "CONFIG_VALUE_PARALLEL"
+      case 216: // "CONFIG_VALUE_PROCESS_PARTIAL"
+      case 217: // "CONFIG_VALUE_REJECT"
+      case 218: // "CONFIG_VALUE_RELEVANT_ONLY"
+      case 219: // "CONFIG_VALUE_SERIAL"
+      case 220: // "CONFIG_VALUE_WARN"
+      case 221: // "CONFIG_XML_EXTERNAL_ENTITY"
+      case 222: // "CONGIG_DIR_RESPONSE_BODY_MP"
+      case 223: // "CONGIG_DIR_SEC_ARG_SEP"
+      case 224: // "CONGIG_DIR_SEC_COOKIE_FORMAT"
+      case 225: // "CONGIG_DIR_SEC_DATA_DIR"
+      case 226: // "CONGIG_DIR_SEC_STATUS_ENGINE"
+      case 227: // "CONGIG_DIR_SEC_TMP_DIR"
+      case 228: // "DIRECTIVE"
+      case 229: // "DIRECTIVE_SECRULESCRIPT"
+      case 230: // "FREE_TEXT"
+      case 231: // "OPERATOR"
+      case 232: // "OPERATOR_BEGINS_WITH"
+      case 233: // "OPERATOR_CONTAINS"
+      case 234: // "OPERATOR_CONTAINS_WORD"
+      case 235: // "OPERATOR_DETECT_SQLI"
+      case 236: // "OPERATOR_DETECT_XSS"
+      case 237: // "OPERATOR_ENDS_WITH"
+      case 238: // "OPERATOR_EQ"
+      case 239: // "OPERATOR_FUZZY_HASH"
+      case 240: // "OPERATOR_GE"
+      case 241: // "OPERATOR_GEOLOOKUP"
+      case 242: // "OPERATOR_GSB_LOOKUP"
+      case 243: // "OPERATOR_GT"
+      case 244: // "OPERATOR_INSPECT_FILE"
+      case 245: // "OPERATOR_IP_MATCH"
+      case 246: // "OPERATOR_IP_MATCH_FROM_FILE"
+      case 247: // "OPERATOR_LE"
+      case 248: // "OPERATOR_LT"
+      case 249: // "OPERATOR_PM"
+      case 250: // "OPERATOR_PM_FROM_FILE"
+      case 251: // "OPERATOR_RBL"
+      case 252: // "OPERATOR_RSUB"
+      case 253: // "OPERATOR_RX"
+      case 254: // "Operator Rx"
+      case 255: // "OPERATOR_STR_EQ"
+      case 256: // "OPERATOR_STR_MATCH"
+      case 257: // "OPERATOR_UNCONDITIONAL_MATCH"
+      case 258: // "OPERATOR_VALIDATE_BYTE_RANGE"
+      case 259: // "OPERATOR_VALIDATE_DTD"
+      case 260: // "OPERATOR_VALIDATE_HASH"
+      case 261: // "OPERATOR_VALIDATE_SCHEMA"
+      case 262: // "OPERATOR_VALIDATE_URL_ENCODING"
+      case 263: // "OPERATOR_VALIDATE_UTF8_ENCODING"
+      case 264: // "OPERATOR_VERIFY_CC"
+      case 265: // "OPERATOR_VERIFY_CPF"
+      case 266: // "OPERATOR_VERIFY_SSN"
+      case 267: // "OPERATOR_WITHIN"
+      case 268: // "OP_QUOTE"
+      case 269: // "QUOTATION_MARK"
+      case 270: // "RUN_TIME_VAR_BLD"
+      case 271: // "RUN_TIME_VAR_DUR"
+      case 272: // "RUN_TIME_VAR_HSV"
+      case 273: // "RUN_TIME_VAR_REMOTE_USER"
+      case 274: // "RUN_TIME_VAR_TIME"
+      case 275: // "RUN_TIME_VAR_TIME_DAY"
+      case 276: // "RUN_TIME_VAR_TIME_EPOCH"
+      case 277: // "RUN_TIME_VAR_TIME_HOUR"
+      case 278: // "RUN_TIME_VAR_TIME_MIN"
+      case 279: // "RUN_TIME_VAR_TIME_MON"
+      case 280: // "RUN_TIME_VAR_TIME_SEC"
+      case 281: // "RUN_TIME_VAR_TIME_WDAY"
+      case 282: // "RUN_TIME_VAR_TIME_YEAR"
+      case 283: // "VARIABLE"
+      case 284: // "Dictionary element"
+      case 285: // "Dictionary element, selected by regexp"
         value.move< std::string > (that.value);
         break;
 
-      case 272: // op
-      case 273: // op_before_init
+      case 292: // op
+      case 293: // op_before_init
         value.move< std::unique_ptr<Operator> > (that.value);
         break;
 
-      case 276: // var
+      case 296: // var
         value.move< std::unique_ptr<Variable> > (that.value);
         break;
 
-      case 277: // act
+      case 297: // act
         value.move< std::unique_ptr<actions::Action> > (that.value);
         break;
 
-      case 275: // variables
+      case 295: // variables
         value.move< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > (that.value);
         break;
 
-      case 270: // actions
-      case 271: // actions_may_quoted
+      case 290: // actions
+      case 291: // actions_may_quoted
         value.move< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > (that.value);
         break;
 
@@ -490,227 +484,221 @@ namespace yy {
     state = that.state;
       switch (that.type_get ())
     {
-      case 67: // "Accuracy"
-      case 68: // "Allow"
-      case 69: // "Append"
-      case 70: // "AuditLog"
-      case 71: // "Block"
-      case 72: // "Capture"
-      case 73: // "Chain"
-      case 74: // "ACTION_CTL_AUDIT_ENGINE"
-      case 75: // "ACTION_CTL_AUDIT_LOG_PARTS"
-      case 76: // "ACTION_CTL_BDY_JSON"
-      case 77: // "ACTION_CTL_BDY_XML"
-      case 78: // "ACTION_CTL_FORCE_REQ_BODY_VAR"
-      case 79: // "ACTION_CTL_REQUEST_BODY_ACCESS"
-      case 80: // "ACTION_CTL_RULE_ENGINE"
-      case 81: // "ACTION_CTL_RULE_REMOVE_BY_ID"
-      case 82: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID"
-      case 83: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG"
-      case 84: // "Deny"
-      case 85: // "DeprecateVar"
-      case 86: // "Drop"
-      case 87: // "Exec"
-      case 88: // "ExpireVar"
-      case 89: // "Id"
-      case 90: // "InitCol"
-      case 91: // "Log"
-      case 92: // "LogData"
-      case 93: // "Maturity"
-      case 94: // "Msg"
-      case 95: // "MultiMatch"
-      case 96: // "NoAuditLog"
-      case 97: // "NoLog"
-      case 98: // "Pass"
-      case 99: // "Pause"
-      case 100: // "Phase"
-      case 101: // "Prepend"
-      case 102: // "Proxy"
-      case 103: // "Redirect"
-      case 104: // "Rev"
-      case 105: // "SanatiseArg"
-      case 106: // "SanatiseMatched"
-      case 107: // "SanatiseMatchedBytes"
-      case 108: // "SanatiseRequestHeader"
-      case 109: // "SanatiseResponseHeader"
-      case 110: // "SetEnv"
-      case 111: // "SetSrc"
-      case 112: // "SetSid"
-      case 113: // "SetUID"
-      case 114: // "Severity"
-      case 115: // "Skip"
-      case 116: // "SkipAfter"
-      case 117: // "Status"
-      case 118: // "Tag"
-      case 119: // "ACTION_TRANSFORMATION_CMD_LINE"
-      case 120: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE"
-      case 121: // "ACTION_TRANSFORMATION_CSS_DECODE"
-      case 122: // "ACTION_TRANSFORMATION_HEX_ENCODE"
-      case 123: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE"
-      case 124: // "ACTION_TRANSFORMATION_JS_DECODE"
-      case 125: // "ACTION_TRANSFORMATION_LENGTH"
-      case 126: // "ACTION_TRANSFORMATION_LOWERCASE"
-      case 127: // "ACTION_TRANSFORMATION_MD5"
-      case 128: // "ACTION_TRANSFORMATION_NONE"
-      case 129: // "ACTION_TRANSFORMATION_NORMALISE_PATH"
-      case 130: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN"
-      case 131: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT"
-      case 132: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT"
-      case 133: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT"
-      case 134: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS"
-      case 135: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR"
-      case 136: // "ACTION_TRANSFORMATION_REMOVE_NULLS"
-      case 137: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE"
-      case 138: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS"
-      case 139: // "ACTION_TRANSFORMATION_REPLACE_NULLS"
-      case 140: // "ACTION_TRANSFORMATION_SHA1"
-      case 141: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE"
-      case 142: // "ACTION_TRANSFORMATION_TRIM"
-      case 143: // "ACTION_TRANSFORMATION_URL_DECODE"
-      case 144: // "ACTION_TRANSFORMATION_URL_DECODE_UNI"
-      case 145: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE"
-      case 146: // "Ver"
-      case 147: // "xmlns"
-      case 148: // "CONFIG_COMPONENT_SIG"
-      case 149: // "CONFIG_DIR_AUDIT_DIR"
-      case 150: // "CONFIG_DIR_AUDIT_DIR_MOD"
-      case 151: // "CONFIG_DIR_AUDIT_ENG"
-      case 152: // "CONFIG_DIR_AUDIT_FLE_MOD"
-      case 153: // "CONFIG_DIR_AUDIT_LOG"
-      case 154: // "CONFIG_DIR_AUDIT_LOG2"
-      case 155: // "CONFIG_DIR_AUDIT_LOG_P"
-      case 156: // "CONFIG_DIR_AUDIT_STS"
-      case 157: // "CONFIG_DIR_AUDIT_TPE"
-      case 158: // "CONFIG_DIR_DEBUG_LOG"
-      case 159: // "CONFIG_DIR_DEBUG_LVL"
-      case 160: // "CONFIG_DIR_GEO_DB"
-      case 161: // "CONFIG_DIR_PCRE_MATCH_LIMIT"
-      case 162: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION"
-      case 163: // "CONFIG_DIR_REQ_BODY"
-      case 164: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
-      case 165: // "CONFIG_DIR_REQ_BODY_LIMIT"
-      case 166: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION"
-      case 167: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT"
-      case 168: // "CONFIG_DIR_RES_BODY"
-      case 169: // "CONFIG_DIR_RES_BODY_LIMIT"
-      case 170: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION"
-      case 171: // "CONFIG_DIR_RULE_ENG"
-      case 172: // "CONFIG_DIR_SEC_ACTION"
-      case 173: // "CONFIG_DIR_SEC_DEFAULT_ACTION"
-      case 174: // "CONFIG_DIR_SEC_MARKER"
-      case 175: // "CONFIG_DIR_UNICODE_MAP_FILE"
-      case 176: // "CONFIG_SEC_COLLECTION_TIMEOUT"
-      case 177: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION"
-      case 178: // "CONFIG_SEC_RULE_REMOVE_BY_ID"
-      case 179: // "CONFIG_UPDLOAD_KEEP_FILES"
-      case 180: // "CONFIG_UPDLOAD_SAVE_TMP_FILES"
-      case 181: // "CONFIG_UPLOAD_DIR"
-      case 182: // "CONFIG_UPLOAD_FILE_LIMIT"
-      case 183: // "CONFIG_UPLOAD_FILE_MODE"
-      case 184: // "CONFIG_VALUE_ABORT"
-      case 185: // "CONFIG_VALUE_DETC"
-      case 186: // "CONFIG_VALUE_HTTPS"
-      case 187: // "CONFIG_VALUE_OFF"
-      case 188: // "CONFIG_VALUE_ON"
-      case 189: // "CONFIG_VALUE_PARALLEL"
-      case 190: // "CONFIG_VALUE_PROCESS_PARTIAL"
-      case 191: // "CONFIG_VALUE_REJECT"
-      case 192: // "CONFIG_VALUE_RELEVANT_ONLY"
-      case 193: // "CONFIG_VALUE_SERIAL"
-      case 194: // "CONFIG_VALUE_WARN"
-      case 195: // "CONFIG_XML_EXTERNAL_ENTITY"
-      case 196: // "CONGIG_DIR_RESPONSE_BODY_MP"
-      case 197: // "CONGIG_DIR_SEC_ARG_SEP"
-      case 198: // "CONGIG_DIR_SEC_COOKIE_FORMAT"
-      case 199: // "CONGIG_DIR_SEC_DATA_DIR"
-      case 200: // "CONGIG_DIR_SEC_STATUS_ENGINE"
-      case 201: // "CONGIG_DIR_SEC_TMP_DIR"
-      case 202: // "DIRECTIVE"
-      case 203: // "DIRECTIVE_SECRULESCRIPT"
-      case 204: // "FREE_TEXT"
-      case 205: // "OPERATOR"
-      case 206: // "OPERATOR_BEGINS_WITH"
-      case 207: // "OPERATOR_CONTAINS"
-      case 208: // "OPERATOR_CONTAINS_WORD"
-      case 209: // "OPERATOR_DETECT_SQLI"
-      case 210: // "OPERATOR_DETECT_XSS"
-      case 211: // "OPERATOR_ENDS_WITH"
-      case 212: // "OPERATOR_EQ"
-      case 213: // "OPERATOR_FUZZY_HASH"
-      case 214: // "OPERATOR_GE"
-      case 215: // "OPERATOR_GEOLOOKUP"
-      case 216: // "OPERATOR_GSB_LOOKUP"
-      case 217: // "OPERATOR_GT"
-      case 218: // "OPERATOR_INSPECT_FILE"
-      case 219: // "OPERATOR_IP_MATCH"
-      case 220: // "OPERATOR_IP_MATCH_FROM_FILE"
-      case 221: // "OPERATOR_LE"
-      case 222: // "OPERATOR_LT"
-      case 223: // "OPERATOR_PM"
-      case 224: // "OPERATOR_PM_FROM_FILE"
-      case 225: // "OPERATOR_RBL"
-      case 226: // "OPERATOR_RSUB"
-      case 227: // "OPERATOR_RX"
-      case 228: // "Operator Rx"
-      case 229: // "OPERATOR_STR_EQ"
-      case 230: // "OPERATOR_STR_MATCH"
-      case 231: // "OPERATOR_UNCONDITIONAL_MATCH"
-      case 232: // "OPERATOR_VALIDATE_BYTE_RANGE"
-      case 233: // "OPERATOR_VALIDATE_DTD"
-      case 234: // "OPERATOR_VALIDATE_HASH"
-      case 235: // "OPERATOR_VALIDATE_SCHEMA"
-      case 236: // "OPERATOR_VALIDATE_URL_ENCODING"
-      case 237: // "OPERATOR_VALIDATE_UTF8_ENCODING"
-      case 238: // "OPERATOR_VERIFY_CC"
-      case 239: // "OPERATOR_VERIFY_CPF"
-      case 240: // "OPERATOR_VERIFY_SSN"
-      case 241: // "OPERATOR_WITHIN"
-      case 242: // "OP_QUOTE"
-      case 243: // "QUOTATION_MARK"
-      case 244: // "RUN_TIME_VAR_BLD"
-      case 245: // "RUN_TIME_VAR_DUR"
-      case 246: // "RUN_TIME_VAR_ENV"
-      case 247: // "RUN_TIME_VAR_HSV"
-      case 248: // "RUN_TIME_VAR_REMOTE_USER"
-      case 249: // "RUN_TIME_VAR_RULE"
-      case 250: // "RUN_TIME_VAR_TIME"
-      case 251: // "RUN_TIME_VAR_TIME_DAY"
-      case 252: // "RUN_TIME_VAR_TIME_EPOCH"
-      case 253: // "RUN_TIME_VAR_TIME_HOUR"
-      case 254: // "RUN_TIME_VAR_TIME_MIN"
-      case 255: // "RUN_TIME_VAR_TIME_MON"
-      case 256: // "RUN_TIME_VAR_TIME_SEC"
-      case 257: // "RUN_TIME_VAR_TIME_WDAY"
-      case 258: // "RUN_TIME_VAR_TIME_YEAR"
-      case 259: // "RUN_TIME_VAR_XML"
-      case 260: // "VARIABLE"
-      case 261: // "VARIABLE_COL"
-      case 262: // "VARIABLE_STATUS"
-      case 263: // "VARIABLE_TX"
-      case 264: // "Dictionary element"
-      case 265: // "Dictionary element, selected by regexp"
+      case 93: // "Accuracy"
+      case 94: // "Allow"
+      case 95: // "Append"
+      case 96: // "AuditLog"
+      case 97: // "Block"
+      case 98: // "Capture"
+      case 99: // "Chain"
+      case 100: // "ACTION_CTL_AUDIT_ENGINE"
+      case 101: // "ACTION_CTL_AUDIT_LOG_PARTS"
+      case 102: // "ACTION_CTL_BDY_JSON"
+      case 103: // "ACTION_CTL_BDY_XML"
+      case 104: // "ACTION_CTL_FORCE_REQ_BODY_VAR"
+      case 105: // "ACTION_CTL_REQUEST_BODY_ACCESS"
+      case 106: // "ACTION_CTL_RULE_ENGINE"
+      case 107: // "ACTION_CTL_RULE_REMOVE_BY_ID"
+      case 108: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID"
+      case 109: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG"
+      case 110: // "Deny"
+      case 111: // "DeprecateVar"
+      case 112: // "Drop"
+      case 113: // "Exec"
+      case 114: // "ExpireVar"
+      case 115: // "Id"
+      case 116: // "InitCol"
+      case 117: // "Log"
+      case 118: // "LogData"
+      case 119: // "Maturity"
+      case 120: // "Msg"
+      case 121: // "MultiMatch"
+      case 122: // "NoAuditLog"
+      case 123: // "NoLog"
+      case 124: // "Pass"
+      case 125: // "Pause"
+      case 126: // "Phase"
+      case 127: // "Prepend"
+      case 128: // "Proxy"
+      case 129: // "Redirect"
+      case 130: // "Rev"
+      case 131: // "SanatiseArg"
+      case 132: // "SanatiseMatched"
+      case 133: // "SanatiseMatchedBytes"
+      case 134: // "SanatiseRequestHeader"
+      case 135: // "SanatiseResponseHeader"
+      case 136: // "SetEnv"
+      case 137: // "SetSrc"
+      case 138: // "SetSid"
+      case 139: // "SetUID"
+      case 140: // "Severity"
+      case 141: // "Skip"
+      case 142: // "SkipAfter"
+      case 143: // "Status"
+      case 144: // "Tag"
+      case 145: // "ACTION_TRANSFORMATION_CMD_LINE"
+      case 146: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE"
+      case 147: // "ACTION_TRANSFORMATION_CSS_DECODE"
+      case 148: // "ACTION_TRANSFORMATION_HEX_ENCODE"
+      case 149: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE"
+      case 150: // "ACTION_TRANSFORMATION_JS_DECODE"
+      case 151: // "ACTION_TRANSFORMATION_LENGTH"
+      case 152: // "ACTION_TRANSFORMATION_LOWERCASE"
+      case 153: // "ACTION_TRANSFORMATION_MD5"
+      case 154: // "ACTION_TRANSFORMATION_NONE"
+      case 155: // "ACTION_TRANSFORMATION_NORMALISE_PATH"
+      case 156: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN"
+      case 157: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT"
+      case 158: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT"
+      case 159: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT"
+      case 160: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS"
+      case 161: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR"
+      case 162: // "ACTION_TRANSFORMATION_REMOVE_NULLS"
+      case 163: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE"
+      case 164: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS"
+      case 165: // "ACTION_TRANSFORMATION_REPLACE_NULLS"
+      case 166: // "ACTION_TRANSFORMATION_SHA1"
+      case 167: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE"
+      case 168: // "ACTION_TRANSFORMATION_TRIM"
+      case 169: // "ACTION_TRANSFORMATION_URL_DECODE"
+      case 170: // "ACTION_TRANSFORMATION_URL_DECODE_UNI"
+      case 171: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE"
+      case 172: // "Ver"
+      case 173: // "xmlns"
+      case 174: // "CONFIG_COMPONENT_SIG"
+      case 175: // "CONFIG_DIR_AUDIT_DIR"
+      case 176: // "CONFIG_DIR_AUDIT_DIR_MOD"
+      case 177: // "CONFIG_DIR_AUDIT_ENG"
+      case 178: // "CONFIG_DIR_AUDIT_FLE_MOD"
+      case 179: // "CONFIG_DIR_AUDIT_LOG"
+      case 180: // "CONFIG_DIR_AUDIT_LOG2"
+      case 181: // "CONFIG_DIR_AUDIT_LOG_P"
+      case 182: // "CONFIG_DIR_AUDIT_STS"
+      case 183: // "CONFIG_DIR_AUDIT_TPE"
+      case 184: // "CONFIG_DIR_DEBUG_LOG"
+      case 185: // "CONFIG_DIR_DEBUG_LVL"
+      case 186: // "CONFIG_DIR_GEO_DB"
+      case 187: // "CONFIG_DIR_PCRE_MATCH_LIMIT"
+      case 188: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION"
+      case 189: // "CONFIG_DIR_REQ_BODY"
+      case 190: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
+      case 191: // "CONFIG_DIR_REQ_BODY_LIMIT"
+      case 192: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION"
+      case 193: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT"
+      case 194: // "CONFIG_DIR_RES_BODY"
+      case 195: // "CONFIG_DIR_RES_BODY_LIMIT"
+      case 196: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION"
+      case 197: // "CONFIG_DIR_RULE_ENG"
+      case 198: // "CONFIG_DIR_SEC_ACTION"
+      case 199: // "CONFIG_DIR_SEC_DEFAULT_ACTION"
+      case 200: // "CONFIG_DIR_SEC_MARKER"
+      case 201: // "CONFIG_DIR_UNICODE_MAP_FILE"
+      case 202: // "CONFIG_SEC_COLLECTION_TIMEOUT"
+      case 203: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION"
+      case 204: // "CONFIG_SEC_RULE_REMOVE_BY_ID"
+      case 205: // "CONFIG_UPDLOAD_KEEP_FILES"
+      case 206: // "CONFIG_UPDLOAD_SAVE_TMP_FILES"
+      case 207: // "CONFIG_UPLOAD_DIR"
+      case 208: // "CONFIG_UPLOAD_FILE_LIMIT"
+      case 209: // "CONFIG_UPLOAD_FILE_MODE"
+      case 210: // "CONFIG_VALUE_ABORT"
+      case 211: // "CONFIG_VALUE_DETC"
+      case 212: // "CONFIG_VALUE_HTTPS"
+      case 213: // "CONFIG_VALUE_OFF"
+      case 214: // "CONFIG_VALUE_ON"
+      case 215: // "CONFIG_VALUE_PARALLEL"
+      case 216: // "CONFIG_VALUE_PROCESS_PARTIAL"
+      case 217: // "CONFIG_VALUE_REJECT"
+      case 218: // "CONFIG_VALUE_RELEVANT_ONLY"
+      case 219: // "CONFIG_VALUE_SERIAL"
+      case 220: // "CONFIG_VALUE_WARN"
+      case 221: // "CONFIG_XML_EXTERNAL_ENTITY"
+      case 222: // "CONGIG_DIR_RESPONSE_BODY_MP"
+      case 223: // "CONGIG_DIR_SEC_ARG_SEP"
+      case 224: // "CONGIG_DIR_SEC_COOKIE_FORMAT"
+      case 225: // "CONGIG_DIR_SEC_DATA_DIR"
+      case 226: // "CONGIG_DIR_SEC_STATUS_ENGINE"
+      case 227: // "CONGIG_DIR_SEC_TMP_DIR"
+      case 228: // "DIRECTIVE"
+      case 229: // "DIRECTIVE_SECRULESCRIPT"
+      case 230: // "FREE_TEXT"
+      case 231: // "OPERATOR"
+      case 232: // "OPERATOR_BEGINS_WITH"
+      case 233: // "OPERATOR_CONTAINS"
+      case 234: // "OPERATOR_CONTAINS_WORD"
+      case 235: // "OPERATOR_DETECT_SQLI"
+      case 236: // "OPERATOR_DETECT_XSS"
+      case 237: // "OPERATOR_ENDS_WITH"
+      case 238: // "OPERATOR_EQ"
+      case 239: // "OPERATOR_FUZZY_HASH"
+      case 240: // "OPERATOR_GE"
+      case 241: // "OPERATOR_GEOLOOKUP"
+      case 242: // "OPERATOR_GSB_LOOKUP"
+      case 243: // "OPERATOR_GT"
+      case 244: // "OPERATOR_INSPECT_FILE"
+      case 245: // "OPERATOR_IP_MATCH"
+      case 246: // "OPERATOR_IP_MATCH_FROM_FILE"
+      case 247: // "OPERATOR_LE"
+      case 248: // "OPERATOR_LT"
+      case 249: // "OPERATOR_PM"
+      case 250: // "OPERATOR_PM_FROM_FILE"
+      case 251: // "OPERATOR_RBL"
+      case 252: // "OPERATOR_RSUB"
+      case 253: // "OPERATOR_RX"
+      case 254: // "Operator Rx"
+      case 255: // "OPERATOR_STR_EQ"
+      case 256: // "OPERATOR_STR_MATCH"
+      case 257: // "OPERATOR_UNCONDITIONAL_MATCH"
+      case 258: // "OPERATOR_VALIDATE_BYTE_RANGE"
+      case 259: // "OPERATOR_VALIDATE_DTD"
+      case 260: // "OPERATOR_VALIDATE_HASH"
+      case 261: // "OPERATOR_VALIDATE_SCHEMA"
+      case 262: // "OPERATOR_VALIDATE_URL_ENCODING"
+      case 263: // "OPERATOR_VALIDATE_UTF8_ENCODING"
+      case 264: // "OPERATOR_VERIFY_CC"
+      case 265: // "OPERATOR_VERIFY_CPF"
+      case 266: // "OPERATOR_VERIFY_SSN"
+      case 267: // "OPERATOR_WITHIN"
+      case 268: // "OP_QUOTE"
+      case 269: // "QUOTATION_MARK"
+      case 270: // "RUN_TIME_VAR_BLD"
+      case 271: // "RUN_TIME_VAR_DUR"
+      case 272: // "RUN_TIME_VAR_HSV"
+      case 273: // "RUN_TIME_VAR_REMOTE_USER"
+      case 274: // "RUN_TIME_VAR_TIME"
+      case 275: // "RUN_TIME_VAR_TIME_DAY"
+      case 276: // "RUN_TIME_VAR_TIME_EPOCH"
+      case 277: // "RUN_TIME_VAR_TIME_HOUR"
+      case 278: // "RUN_TIME_VAR_TIME_MIN"
+      case 279: // "RUN_TIME_VAR_TIME_MON"
+      case 280: // "RUN_TIME_VAR_TIME_SEC"
+      case 281: // "RUN_TIME_VAR_TIME_WDAY"
+      case 282: // "RUN_TIME_VAR_TIME_YEAR"
+      case 283: // "VARIABLE"
+      case 284: // "Dictionary element"
+      case 285: // "Dictionary element, selected by regexp"
         value.copy< std::string > (that.value);
         break;
 
-      case 272: // op
-      case 273: // op_before_init
+      case 292: // op
+      case 293: // op_before_init
         value.copy< std::unique_ptr<Operator> > (that.value);
         break;
 
-      case 276: // var
+      case 296: // var
         value.copy< std::unique_ptr<Variable> > (that.value);
         break;
 
-      case 277: // act
+      case 297: // act
         value.copy< std::unique_ptr<actions::Action> > (that.value);
         break;
 
-      case 275: // variables
+      case 295: // variables
         value.copy< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > (that.value);
         break;
 
-      case 270: // actions
-      case 271: // actions_may_quoted
+      case 290: // actions
+      case 291: // actions_may_quoted
         value.copy< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > (that.value);
         break;
 
@@ -855,13 +843,13 @@ namespace yy {
 
 
     // User initialization code.
-    #line 303 "/home/zimmerle/core/ModSecurity/src/parser/seclang-parser.yy" // lalr1.cc:741
+    #line 338 "/home/zimmerle/core/ModSecurity/src/parser/seclang-parser.yy" // lalr1.cc:741
 {
   // Initialize the initial location.
   yyla.location.begin.filename = yyla.location.end.filename = &driver.file;
 }
 
-#line 865 "seclang-parser.cc" // lalr1.cc:741
+#line 853 "seclang-parser.cc" // lalr1.cc:741
 
     /* Initialize the stack.  The initial state will be set in
        yynewstate, since the latter expects the semantical and the
@@ -951,227 +939,221 @@ namespace yy {
          when using variants.  */
         switch (yyr1_[yyn])
     {
-      case 67: // "Accuracy"
-      case 68: // "Allow"
-      case 69: // "Append"
-      case 70: // "AuditLog"
-      case 71: // "Block"
-      case 72: // "Capture"
-      case 73: // "Chain"
-      case 74: // "ACTION_CTL_AUDIT_ENGINE"
-      case 75: // "ACTION_CTL_AUDIT_LOG_PARTS"
-      case 76: // "ACTION_CTL_BDY_JSON"
-      case 77: // "ACTION_CTL_BDY_XML"
-      case 78: // "ACTION_CTL_FORCE_REQ_BODY_VAR"
-      case 79: // "ACTION_CTL_REQUEST_BODY_ACCESS"
-      case 80: // "ACTION_CTL_RULE_ENGINE"
-      case 81: // "ACTION_CTL_RULE_REMOVE_BY_ID"
-      case 82: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID"
-      case 83: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG"
-      case 84: // "Deny"
-      case 85: // "DeprecateVar"
-      case 86: // "Drop"
-      case 87: // "Exec"
-      case 88: // "ExpireVar"
-      case 89: // "Id"
-      case 90: // "InitCol"
-      case 91: // "Log"
-      case 92: // "LogData"
-      case 93: // "Maturity"
-      case 94: // "Msg"
-      case 95: // "MultiMatch"
-      case 96: // "NoAuditLog"
-      case 97: // "NoLog"
-      case 98: // "Pass"
-      case 99: // "Pause"
-      case 100: // "Phase"
-      case 101: // "Prepend"
-      case 102: // "Proxy"
-      case 103: // "Redirect"
-      case 104: // "Rev"
-      case 105: // "SanatiseArg"
-      case 106: // "SanatiseMatched"
-      case 107: // "SanatiseMatchedBytes"
-      case 108: // "SanatiseRequestHeader"
-      case 109: // "SanatiseResponseHeader"
-      case 110: // "SetEnv"
-      case 111: // "SetSrc"
-      case 112: // "SetSid"
-      case 113: // "SetUID"
-      case 114: // "Severity"
-      case 115: // "Skip"
-      case 116: // "SkipAfter"
-      case 117: // "Status"
-      case 118: // "Tag"
-      case 119: // "ACTION_TRANSFORMATION_CMD_LINE"
-      case 120: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE"
-      case 121: // "ACTION_TRANSFORMATION_CSS_DECODE"
-      case 122: // "ACTION_TRANSFORMATION_HEX_ENCODE"
-      case 123: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE"
-      case 124: // "ACTION_TRANSFORMATION_JS_DECODE"
-      case 125: // "ACTION_TRANSFORMATION_LENGTH"
-      case 126: // "ACTION_TRANSFORMATION_LOWERCASE"
-      case 127: // "ACTION_TRANSFORMATION_MD5"
-      case 128: // "ACTION_TRANSFORMATION_NONE"
-      case 129: // "ACTION_TRANSFORMATION_NORMALISE_PATH"
-      case 130: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN"
-      case 131: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT"
-      case 132: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT"
-      case 133: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT"
-      case 134: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS"
-      case 135: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR"
-      case 136: // "ACTION_TRANSFORMATION_REMOVE_NULLS"
-      case 137: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE"
-      case 138: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS"
-      case 139: // "ACTION_TRANSFORMATION_REPLACE_NULLS"
-      case 140: // "ACTION_TRANSFORMATION_SHA1"
-      case 141: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE"
-      case 142: // "ACTION_TRANSFORMATION_TRIM"
-      case 143: // "ACTION_TRANSFORMATION_URL_DECODE"
-      case 144: // "ACTION_TRANSFORMATION_URL_DECODE_UNI"
-      case 145: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE"
-      case 146: // "Ver"
-      case 147: // "xmlns"
-      case 148: // "CONFIG_COMPONENT_SIG"
-      case 149: // "CONFIG_DIR_AUDIT_DIR"
-      case 150: // "CONFIG_DIR_AUDIT_DIR_MOD"
-      case 151: // "CONFIG_DIR_AUDIT_ENG"
-      case 152: // "CONFIG_DIR_AUDIT_FLE_MOD"
-      case 153: // "CONFIG_DIR_AUDIT_LOG"
-      case 154: // "CONFIG_DIR_AUDIT_LOG2"
-      case 155: // "CONFIG_DIR_AUDIT_LOG_P"
-      case 156: // "CONFIG_DIR_AUDIT_STS"
-      case 157: // "CONFIG_DIR_AUDIT_TPE"
-      case 158: // "CONFIG_DIR_DEBUG_LOG"
-      case 159: // "CONFIG_DIR_DEBUG_LVL"
-      case 160: // "CONFIG_DIR_GEO_DB"
-      case 161: // "CONFIG_DIR_PCRE_MATCH_LIMIT"
-      case 162: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION"
-      case 163: // "CONFIG_DIR_REQ_BODY"
-      case 164: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
-      case 165: // "CONFIG_DIR_REQ_BODY_LIMIT"
-      case 166: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION"
-      case 167: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT"
-      case 168: // "CONFIG_DIR_RES_BODY"
-      case 169: // "CONFIG_DIR_RES_BODY_LIMIT"
-      case 170: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION"
-      case 171: // "CONFIG_DIR_RULE_ENG"
-      case 172: // "CONFIG_DIR_SEC_ACTION"
-      case 173: // "CONFIG_DIR_SEC_DEFAULT_ACTION"
-      case 174: // "CONFIG_DIR_SEC_MARKER"
-      case 175: // "CONFIG_DIR_UNICODE_MAP_FILE"
-      case 176: // "CONFIG_SEC_COLLECTION_TIMEOUT"
-      case 177: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION"
-      case 178: // "CONFIG_SEC_RULE_REMOVE_BY_ID"
-      case 179: // "CONFIG_UPDLOAD_KEEP_FILES"
-      case 180: // "CONFIG_UPDLOAD_SAVE_TMP_FILES"
-      case 181: // "CONFIG_UPLOAD_DIR"
-      case 182: // "CONFIG_UPLOAD_FILE_LIMIT"
-      case 183: // "CONFIG_UPLOAD_FILE_MODE"
-      case 184: // "CONFIG_VALUE_ABORT"
-      case 185: // "CONFIG_VALUE_DETC"
-      case 186: // "CONFIG_VALUE_HTTPS"
-      case 187: // "CONFIG_VALUE_OFF"
-      case 188: // "CONFIG_VALUE_ON"
-      case 189: // "CONFIG_VALUE_PARALLEL"
-      case 190: // "CONFIG_VALUE_PROCESS_PARTIAL"
-      case 191: // "CONFIG_VALUE_REJECT"
-      case 192: // "CONFIG_VALUE_RELEVANT_ONLY"
-      case 193: // "CONFIG_VALUE_SERIAL"
-      case 194: // "CONFIG_VALUE_WARN"
-      case 195: // "CONFIG_XML_EXTERNAL_ENTITY"
-      case 196: // "CONGIG_DIR_RESPONSE_BODY_MP"
-      case 197: // "CONGIG_DIR_SEC_ARG_SEP"
-      case 198: // "CONGIG_DIR_SEC_COOKIE_FORMAT"
-      case 199: // "CONGIG_DIR_SEC_DATA_DIR"
-      case 200: // "CONGIG_DIR_SEC_STATUS_ENGINE"
-      case 201: // "CONGIG_DIR_SEC_TMP_DIR"
-      case 202: // "DIRECTIVE"
-      case 203: // "DIRECTIVE_SECRULESCRIPT"
-      case 204: // "FREE_TEXT"
-      case 205: // "OPERATOR"
-      case 206: // "OPERATOR_BEGINS_WITH"
-      case 207: // "OPERATOR_CONTAINS"
-      case 208: // "OPERATOR_CONTAINS_WORD"
-      case 209: // "OPERATOR_DETECT_SQLI"
-      case 210: // "OPERATOR_DETECT_XSS"
-      case 211: // "OPERATOR_ENDS_WITH"
-      case 212: // "OPERATOR_EQ"
-      case 213: // "OPERATOR_FUZZY_HASH"
-      case 214: // "OPERATOR_GE"
-      case 215: // "OPERATOR_GEOLOOKUP"
-      case 216: // "OPERATOR_GSB_LOOKUP"
-      case 217: // "OPERATOR_GT"
-      case 218: // "OPERATOR_INSPECT_FILE"
-      case 219: // "OPERATOR_IP_MATCH"
-      case 220: // "OPERATOR_IP_MATCH_FROM_FILE"
-      case 221: // "OPERATOR_LE"
-      case 222: // "OPERATOR_LT"
-      case 223: // "OPERATOR_PM"
-      case 224: // "OPERATOR_PM_FROM_FILE"
-      case 225: // "OPERATOR_RBL"
-      case 226: // "OPERATOR_RSUB"
-      case 227: // "OPERATOR_RX"
-      case 228: // "Operator Rx"
-      case 229: // "OPERATOR_STR_EQ"
-      case 230: // "OPERATOR_STR_MATCH"
-      case 231: // "OPERATOR_UNCONDITIONAL_MATCH"
-      case 232: // "OPERATOR_VALIDATE_BYTE_RANGE"
-      case 233: // "OPERATOR_VALIDATE_DTD"
-      case 234: // "OPERATOR_VALIDATE_HASH"
-      case 235: // "OPERATOR_VALIDATE_SCHEMA"
-      case 236: // "OPERATOR_VALIDATE_URL_ENCODING"
-      case 237: // "OPERATOR_VALIDATE_UTF8_ENCODING"
-      case 238: // "OPERATOR_VERIFY_CC"
-      case 239: // "OPERATOR_VERIFY_CPF"
-      case 240: // "OPERATOR_VERIFY_SSN"
-      case 241: // "OPERATOR_WITHIN"
-      case 242: // "OP_QUOTE"
-      case 243: // "QUOTATION_MARK"
-      case 244: // "RUN_TIME_VAR_BLD"
-      case 245: // "RUN_TIME_VAR_DUR"
-      case 246: // "RUN_TIME_VAR_ENV"
-      case 247: // "RUN_TIME_VAR_HSV"
-      case 248: // "RUN_TIME_VAR_REMOTE_USER"
-      case 249: // "RUN_TIME_VAR_RULE"
-      case 250: // "RUN_TIME_VAR_TIME"
-      case 251: // "RUN_TIME_VAR_TIME_DAY"
-      case 252: // "RUN_TIME_VAR_TIME_EPOCH"
-      case 253: // "RUN_TIME_VAR_TIME_HOUR"
-      case 254: // "RUN_TIME_VAR_TIME_MIN"
-      case 255: // "RUN_TIME_VAR_TIME_MON"
-      case 256: // "RUN_TIME_VAR_TIME_SEC"
-      case 257: // "RUN_TIME_VAR_TIME_WDAY"
-      case 258: // "RUN_TIME_VAR_TIME_YEAR"
-      case 259: // "RUN_TIME_VAR_XML"
-      case 260: // "VARIABLE"
-      case 261: // "VARIABLE_COL"
-      case 262: // "VARIABLE_STATUS"
-      case 263: // "VARIABLE_TX"
-      case 264: // "Dictionary element"
-      case 265: // "Dictionary element, selected by regexp"
+      case 93: // "Accuracy"
+      case 94: // "Allow"
+      case 95: // "Append"
+      case 96: // "AuditLog"
+      case 97: // "Block"
+      case 98: // "Capture"
+      case 99: // "Chain"
+      case 100: // "ACTION_CTL_AUDIT_ENGINE"
+      case 101: // "ACTION_CTL_AUDIT_LOG_PARTS"
+      case 102: // "ACTION_CTL_BDY_JSON"
+      case 103: // "ACTION_CTL_BDY_XML"
+      case 104: // "ACTION_CTL_FORCE_REQ_BODY_VAR"
+      case 105: // "ACTION_CTL_REQUEST_BODY_ACCESS"
+      case 106: // "ACTION_CTL_RULE_ENGINE"
+      case 107: // "ACTION_CTL_RULE_REMOVE_BY_ID"
+      case 108: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID"
+      case 109: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG"
+      case 110: // "Deny"
+      case 111: // "DeprecateVar"
+      case 112: // "Drop"
+      case 113: // "Exec"
+      case 114: // "ExpireVar"
+      case 115: // "Id"
+      case 116: // "InitCol"
+      case 117: // "Log"
+      case 118: // "LogData"
+      case 119: // "Maturity"
+      case 120: // "Msg"
+      case 121: // "MultiMatch"
+      case 122: // "NoAuditLog"
+      case 123: // "NoLog"
+      case 124: // "Pass"
+      case 125: // "Pause"
+      case 126: // "Phase"
+      case 127: // "Prepend"
+      case 128: // "Proxy"
+      case 129: // "Redirect"
+      case 130: // "Rev"
+      case 131: // "SanatiseArg"
+      case 132: // "SanatiseMatched"
+      case 133: // "SanatiseMatchedBytes"
+      case 134: // "SanatiseRequestHeader"
+      case 135: // "SanatiseResponseHeader"
+      case 136: // "SetEnv"
+      case 137: // "SetSrc"
+      case 138: // "SetSid"
+      case 139: // "SetUID"
+      case 140: // "Severity"
+      case 141: // "Skip"
+      case 142: // "SkipAfter"
+      case 143: // "Status"
+      case 144: // "Tag"
+      case 145: // "ACTION_TRANSFORMATION_CMD_LINE"
+      case 146: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE"
+      case 147: // "ACTION_TRANSFORMATION_CSS_DECODE"
+      case 148: // "ACTION_TRANSFORMATION_HEX_ENCODE"
+      case 149: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE"
+      case 150: // "ACTION_TRANSFORMATION_JS_DECODE"
+      case 151: // "ACTION_TRANSFORMATION_LENGTH"
+      case 152: // "ACTION_TRANSFORMATION_LOWERCASE"
+      case 153: // "ACTION_TRANSFORMATION_MD5"
+      case 154: // "ACTION_TRANSFORMATION_NONE"
+      case 155: // "ACTION_TRANSFORMATION_NORMALISE_PATH"
+      case 156: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN"
+      case 157: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT"
+      case 158: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT"
+      case 159: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT"
+      case 160: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS"
+      case 161: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR"
+      case 162: // "ACTION_TRANSFORMATION_REMOVE_NULLS"
+      case 163: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE"
+      case 164: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS"
+      case 165: // "ACTION_TRANSFORMATION_REPLACE_NULLS"
+      case 166: // "ACTION_TRANSFORMATION_SHA1"
+      case 167: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE"
+      case 168: // "ACTION_TRANSFORMATION_TRIM"
+      case 169: // "ACTION_TRANSFORMATION_URL_DECODE"
+      case 170: // "ACTION_TRANSFORMATION_URL_DECODE_UNI"
+      case 171: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE"
+      case 172: // "Ver"
+      case 173: // "xmlns"
+      case 174: // "CONFIG_COMPONENT_SIG"
+      case 175: // "CONFIG_DIR_AUDIT_DIR"
+      case 176: // "CONFIG_DIR_AUDIT_DIR_MOD"
+      case 177: // "CONFIG_DIR_AUDIT_ENG"
+      case 178: // "CONFIG_DIR_AUDIT_FLE_MOD"
+      case 179: // "CONFIG_DIR_AUDIT_LOG"
+      case 180: // "CONFIG_DIR_AUDIT_LOG2"
+      case 181: // "CONFIG_DIR_AUDIT_LOG_P"
+      case 182: // "CONFIG_DIR_AUDIT_STS"
+      case 183: // "CONFIG_DIR_AUDIT_TPE"
+      case 184: // "CONFIG_DIR_DEBUG_LOG"
+      case 185: // "CONFIG_DIR_DEBUG_LVL"
+      case 186: // "CONFIG_DIR_GEO_DB"
+      case 187: // "CONFIG_DIR_PCRE_MATCH_LIMIT"
+      case 188: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION"
+      case 189: // "CONFIG_DIR_REQ_BODY"
+      case 190: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
+      case 191: // "CONFIG_DIR_REQ_BODY_LIMIT"
+      case 192: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION"
+      case 193: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT"
+      case 194: // "CONFIG_DIR_RES_BODY"
+      case 195: // "CONFIG_DIR_RES_BODY_LIMIT"
+      case 196: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION"
+      case 197: // "CONFIG_DIR_RULE_ENG"
+      case 198: // "CONFIG_DIR_SEC_ACTION"
+      case 199: // "CONFIG_DIR_SEC_DEFAULT_ACTION"
+      case 200: // "CONFIG_DIR_SEC_MARKER"
+      case 201: // "CONFIG_DIR_UNICODE_MAP_FILE"
+      case 202: // "CONFIG_SEC_COLLECTION_TIMEOUT"
+      case 203: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION"
+      case 204: // "CONFIG_SEC_RULE_REMOVE_BY_ID"
+      case 205: // "CONFIG_UPDLOAD_KEEP_FILES"
+      case 206: // "CONFIG_UPDLOAD_SAVE_TMP_FILES"
+      case 207: // "CONFIG_UPLOAD_DIR"
+      case 208: // "CONFIG_UPLOAD_FILE_LIMIT"
+      case 209: // "CONFIG_UPLOAD_FILE_MODE"
+      case 210: // "CONFIG_VALUE_ABORT"
+      case 211: // "CONFIG_VALUE_DETC"
+      case 212: // "CONFIG_VALUE_HTTPS"
+      case 213: // "CONFIG_VALUE_OFF"
+      case 214: // "CONFIG_VALUE_ON"
+      case 215: // "CONFIG_VALUE_PARALLEL"
+      case 216: // "CONFIG_VALUE_PROCESS_PARTIAL"
+      case 217: // "CONFIG_VALUE_REJECT"
+      case 218: // "CONFIG_VALUE_RELEVANT_ONLY"
+      case 219: // "CONFIG_VALUE_SERIAL"
+      case 220: // "CONFIG_VALUE_WARN"
+      case 221: // "CONFIG_XML_EXTERNAL_ENTITY"
+      case 222: // "CONGIG_DIR_RESPONSE_BODY_MP"
+      case 223: // "CONGIG_DIR_SEC_ARG_SEP"
+      case 224: // "CONGIG_DIR_SEC_COOKIE_FORMAT"
+      case 225: // "CONGIG_DIR_SEC_DATA_DIR"
+      case 226: // "CONGIG_DIR_SEC_STATUS_ENGINE"
+      case 227: // "CONGIG_DIR_SEC_TMP_DIR"
+      case 228: // "DIRECTIVE"
+      case 229: // "DIRECTIVE_SECRULESCRIPT"
+      case 230: // "FREE_TEXT"
+      case 231: // "OPERATOR"
+      case 232: // "OPERATOR_BEGINS_WITH"
+      case 233: // "OPERATOR_CONTAINS"
+      case 234: // "OPERATOR_CONTAINS_WORD"
+      case 235: // "OPERATOR_DETECT_SQLI"
+      case 236: // "OPERATOR_DETECT_XSS"
+      case 237: // "OPERATOR_ENDS_WITH"
+      case 238: // "OPERATOR_EQ"
+      case 239: // "OPERATOR_FUZZY_HASH"
+      case 240: // "OPERATOR_GE"
+      case 241: // "OPERATOR_GEOLOOKUP"
+      case 242: // "OPERATOR_GSB_LOOKUP"
+      case 243: // "OPERATOR_GT"
+      case 244: // "OPERATOR_INSPECT_FILE"
+      case 245: // "OPERATOR_IP_MATCH"
+      case 246: // "OPERATOR_IP_MATCH_FROM_FILE"
+      case 247: // "OPERATOR_LE"
+      case 248: // "OPERATOR_LT"
+      case 249: // "OPERATOR_PM"
+      case 250: // "OPERATOR_PM_FROM_FILE"
+      case 251: // "OPERATOR_RBL"
+      case 252: // "OPERATOR_RSUB"
+      case 253: // "OPERATOR_RX"
+      case 254: // "Operator Rx"
+      case 255: // "OPERATOR_STR_EQ"
+      case 256: // "OPERATOR_STR_MATCH"
+      case 257: // "OPERATOR_UNCONDITIONAL_MATCH"
+      case 258: // "OPERATOR_VALIDATE_BYTE_RANGE"
+      case 259: // "OPERATOR_VALIDATE_DTD"
+      case 260: // "OPERATOR_VALIDATE_HASH"
+      case 261: // "OPERATOR_VALIDATE_SCHEMA"
+      case 262: // "OPERATOR_VALIDATE_URL_ENCODING"
+      case 263: // "OPERATOR_VALIDATE_UTF8_ENCODING"
+      case 264: // "OPERATOR_VERIFY_CC"
+      case 265: // "OPERATOR_VERIFY_CPF"
+      case 266: // "OPERATOR_VERIFY_SSN"
+      case 267: // "OPERATOR_WITHIN"
+      case 268: // "OP_QUOTE"
+      case 269: // "QUOTATION_MARK"
+      case 270: // "RUN_TIME_VAR_BLD"
+      case 271: // "RUN_TIME_VAR_DUR"
+      case 272: // "RUN_TIME_VAR_HSV"
+      case 273: // "RUN_TIME_VAR_REMOTE_USER"
+      case 274: // "RUN_TIME_VAR_TIME"
+      case 275: // "RUN_TIME_VAR_TIME_DAY"
+      case 276: // "RUN_TIME_VAR_TIME_EPOCH"
+      case 277: // "RUN_TIME_VAR_TIME_HOUR"
+      case 278: // "RUN_TIME_VAR_TIME_MIN"
+      case 279: // "RUN_TIME_VAR_TIME_MON"
+      case 280: // "RUN_TIME_VAR_TIME_SEC"
+      case 281: // "RUN_TIME_VAR_TIME_WDAY"
+      case 282: // "RUN_TIME_VAR_TIME_YEAR"
+      case 283: // "VARIABLE"
+      case 284: // "Dictionary element"
+      case 285: // "Dictionary element, selected by regexp"
         yylhs.value.build< std::string > ();
         break;
 
-      case 272: // op
-      case 273: // op_before_init
+      case 292: // op
+      case 293: // op_before_init
         yylhs.value.build< std::unique_ptr<Operator> > ();
         break;
 
-      case 276: // var
+      case 296: // var
         yylhs.value.build< std::unique_ptr<Variable> > ();
         break;
 
-      case 277: // act
+      case 297: // act
         yylhs.value.build< std::unique_ptr<actions::Action> > ();
         break;
 
-      case 275: // variables
+      case 295: // variables
         yylhs.value.build< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ();
         break;
 
-      case 270: // actions
-      case 271: // actions_may_quoted
+      case 290: // actions
+      case 291: // actions_may_quoted
         yylhs.value.build< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > ();
         break;
 
@@ -1193,218 +1175,218 @@ namespace yy {
           switch (yyn)
             {
   case 2:
-#line 608 "seclang-parser.yy" // lalr1.cc:859
+#line 664 "seclang-parser.yy" // lalr1.cc:859
     {
         return 0;
       }
-#line 1201 "seclang-parser.cc" // lalr1.cc:859
+#line 1183 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 6:
-#line 621 "seclang-parser.yy" // lalr1.cc:859
+#line 677 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_auditLog->setStorageDirMode(strtol(yystack_[0].value.as< std::string > ().c_str(), NULL, 8));
       }
-#line 1209 "seclang-parser.cc" // lalr1.cc:859
+#line 1191 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 7:
-#line 627 "seclang-parser.yy" // lalr1.cc:859
+#line 683 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_auditLog->setStorageDir(yystack_[0].value.as< std::string > ());
       }
-#line 1217 "seclang-parser.cc" // lalr1.cc:859
+#line 1199 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 8:
-#line 633 "seclang-parser.yy" // lalr1.cc:859
+#line 689 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_auditLog->setStatus(modsecurity::audit_log::AuditLog::RelevantOnlyAuditLogStatus);
       }
-#line 1225 "seclang-parser.cc" // lalr1.cc:859
+#line 1207 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 9:
-#line 637 "seclang-parser.yy" // lalr1.cc:859
+#line 693 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_auditLog->setStatus(modsecurity::audit_log::AuditLog::OffAuditLogStatus);
       }
-#line 1233 "seclang-parser.cc" // lalr1.cc:859
+#line 1215 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 10:
-#line 641 "seclang-parser.yy" // lalr1.cc:859
+#line 697 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_auditLog->setStatus(modsecurity::audit_log::AuditLog::OnAuditLogStatus);
       }
-#line 1241 "seclang-parser.cc" // lalr1.cc:859
+#line 1223 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 11:
-#line 647 "seclang-parser.yy" // lalr1.cc:859
+#line 703 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_auditLog->setFileMode(strtol(yystack_[0].value.as< std::string > ().c_str(), NULL, 8));
       }
-#line 1249 "seclang-parser.cc" // lalr1.cc:859
+#line 1231 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 12:
-#line 653 "seclang-parser.yy" // lalr1.cc:859
+#line 709 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_auditLog->setFilePath2(yystack_[0].value.as< std::string > ());
       }
-#line 1257 "seclang-parser.cc" // lalr1.cc:859
+#line 1239 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 13:
-#line 659 "seclang-parser.yy" // lalr1.cc:859
+#line 715 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_auditLog->setParts(yystack_[0].value.as< std::string > ());
       }
-#line 1265 "seclang-parser.cc" // lalr1.cc:859
+#line 1247 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 14:
-#line 665 "seclang-parser.yy" // lalr1.cc:859
+#line 721 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_auditLog->setFilePath1(yystack_[0].value.as< std::string > ());
       }
-#line 1273 "seclang-parser.cc" // lalr1.cc:859
+#line 1255 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 15:
-#line 671 "seclang-parser.yy" // lalr1.cc:859
+#line 727 "seclang-parser.yy" // lalr1.cc:859
     {
         std::string relevant_status(yystack_[0].value.as< std::string > ());
         relevant_status.pop_back();
         relevant_status.erase(0, 1);
         driver.m_auditLog->setRelevantStatus(relevant_status);
       }
-#line 1284 "seclang-parser.cc" // lalr1.cc:859
+#line 1266 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 16:
-#line 680 "seclang-parser.yy" // lalr1.cc:859
+#line 736 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_auditLog->setType(modsecurity::audit_log::AuditLog::SerialAuditLogType);
       }
-#line 1292 "seclang-parser.cc" // lalr1.cc:859
+#line 1274 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 17:
-#line 684 "seclang-parser.yy" // lalr1.cc:859
+#line 740 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_auditLog->setType(modsecurity::audit_log::AuditLog::ParallelAuditLogType);
       }
-#line 1300 "seclang-parser.cc" // lalr1.cc:859
+#line 1282 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 18:
-#line 688 "seclang-parser.yy" // lalr1.cc:859
+#line 744 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_auditLog->setType(modsecurity::audit_log::AuditLog::HttpsAuditLogType);
       }
-#line 1308 "seclang-parser.cc" // lalr1.cc:859
+#line 1290 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 19:
-#line 694 "seclang-parser.yy" // lalr1.cc:859
+#line 750 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_uploadKeepFiles = modsecurity::RulesProperties::TrueConfigBoolean;
       }
-#line 1316 "seclang-parser.cc" // lalr1.cc:859
+#line 1298 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 20:
-#line 698 "seclang-parser.yy" // lalr1.cc:859
+#line 754 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_uploadKeepFiles = modsecurity::RulesProperties::FalseConfigBoolean;
       }
-#line 1324 "seclang-parser.cc" // lalr1.cc:859
+#line 1306 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 21:
-#line 702 "seclang-parser.yy" // lalr1.cc:859
+#line 758 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_uploadFileLimit.m_set = true;
         driver.m_uploadFileLimit.m_value = strtol(yystack_[0].value.as< std::string > ().c_str(), NULL, 10);
       }
-#line 1333 "seclang-parser.cc" // lalr1.cc:859
+#line 1315 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 22:
-#line 707 "seclang-parser.yy" // lalr1.cc:859
+#line 763 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_uploadFileMode.m_set = true;
         driver.m_uploadFileMode.m_value = strtol(yystack_[0].value.as< std::string > ().c_str(), NULL, 8);
       }
-#line 1342 "seclang-parser.cc" // lalr1.cc:859
+#line 1324 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 23:
-#line 712 "seclang-parser.yy" // lalr1.cc:859
+#line 768 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_uploadDirectory.m_set = true;
         driver.m_uploadDirectory.m_value = yystack_[0].value.as< std::string > ();
       }
-#line 1351 "seclang-parser.cc" // lalr1.cc:859
+#line 1333 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 24:
-#line 717 "seclang-parser.yy" // lalr1.cc:859
+#line 773 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_tmpSaveUploadedFiles = modsecurity::RulesProperties::TrueConfigBoolean;
       }
-#line 1359 "seclang-parser.cc" // lalr1.cc:859
+#line 1341 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 25:
-#line 721 "seclang-parser.yy" // lalr1.cc:859
+#line 777 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_tmpSaveUploadedFiles = modsecurity::RulesProperties::FalseConfigBoolean;
       }
-#line 1367 "seclang-parser.cc" // lalr1.cc:859
+#line 1349 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 26:
-#line 728 "seclang-parser.yy" // lalr1.cc:859
+#line 784 "seclang-parser.yy" // lalr1.cc:859
     {
         yylhs.value.as< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > () = std::move(yystack_[1].value.as< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > ());
       }
-#line 1375 "seclang-parser.cc" // lalr1.cc:859
+#line 1357 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 27:
-#line 732 "seclang-parser.yy" // lalr1.cc:859
+#line 788 "seclang-parser.yy" // lalr1.cc:859
     {
         yylhs.value.as< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > () = std::move(yystack_[0].value.as< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > ());
       }
-#line 1383 "seclang-parser.cc" // lalr1.cc:859
+#line 1365 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 28:
-#line 739 "seclang-parser.yy" // lalr1.cc:859
+#line 795 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_INIT(yystack_[0].value.as< std::unique_ptr<actions::Action> > (), yystack_[3].location)
         yystack_[2].value.as< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > ()->push_back(std::move(yystack_[0].value.as< std::unique_ptr<actions::Action> > ()));
         yylhs.value.as< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > () = std::move(yystack_[2].value.as< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > ());
       }
-#line 1393 "seclang-parser.cc" // lalr1.cc:859
+#line 1375 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 29:
-#line 745 "seclang-parser.yy" // lalr1.cc:859
+#line 801 "seclang-parser.yy" // lalr1.cc:859
     {
         std::unique_ptr<std::vector<std::unique_ptr<actions::Action>>> b(new std::vector<std::unique_ptr<actions::Action>>());
         ACTION_INIT(yystack_[0].value.as< std::unique_ptr<actions::Action> > (), yystack_[1].location)
         b->push_back(std::move(yystack_[0].value.as< std::unique_ptr<actions::Action> > ()));
         yylhs.value.as< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > () = std::move(b);
       }
-#line 1404 "seclang-parser.cc" // lalr1.cc:859
+#line 1386 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 30:
-#line 755 "seclang-parser.yy" // lalr1.cc:859
+#line 811 "seclang-parser.yy" // lalr1.cc:859
     {
         yylhs.value.as< std::unique_ptr<Operator> > () = std::move(yystack_[0].value.as< std::unique_ptr<Operator> > ());
         std::string error;
@@ -1413,11 +1395,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 1417 "seclang-parser.cc" // lalr1.cc:859
+#line 1399 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 31:
-#line 764 "seclang-parser.yy" // lalr1.cc:859
+#line 820 "seclang-parser.yy" // lalr1.cc:859
     {
         yylhs.value.as< std::unique_ptr<Operator> > () = std::move(yystack_[0].value.as< std::unique_ptr<Operator> > ());
         yylhs.value.as< std::unique_ptr<Operator> > ()->m_negation = true;
@@ -1427,11 +1409,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 1431 "seclang-parser.cc" // lalr1.cc:859
+#line 1413 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 32:
-#line 774 "seclang-parser.yy" // lalr1.cc:859
+#line 830 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::Rx(utils::string::removeBracketsIfNeeded(yystack_[0].value.as< std::string > ())));
         std::string error;
@@ -1440,11 +1422,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 1444 "seclang-parser.cc" // lalr1.cc:859
+#line 1426 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 33:
-#line 783 "seclang-parser.yy" // lalr1.cc:859
+#line 839 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::Rx("!" + utils::string::removeBracketsIfNeeded(yystack_[0].value.as< std::string > ())));
         std::string error;
@@ -1453,290 +1435,290 @@ namespace yy {
             YYERROR;
         }
       }
-#line 1457 "seclang-parser.cc" // lalr1.cc:859
+#line 1439 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 34:
-#line 795 "seclang-parser.yy" // lalr1.cc:859
+#line 851 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::UnconditionalMatch());
       }
-#line 1465 "seclang-parser.cc" // lalr1.cc:859
+#line 1447 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 35:
-#line 799 "seclang-parser.yy" // lalr1.cc:859
+#line 855 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::DetectSQLi());
       }
-#line 1473 "seclang-parser.cc" // lalr1.cc:859
+#line 1455 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 36:
-#line 803 "seclang-parser.yy" // lalr1.cc:859
+#line 859 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::DetectXSS());
       }
-#line 1481 "seclang-parser.cc" // lalr1.cc:859
+#line 1463 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 37:
-#line 807 "seclang-parser.yy" // lalr1.cc:859
+#line 863 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::ValidateUrlEncoding());
       }
-#line 1489 "seclang-parser.cc" // lalr1.cc:859
+#line 1471 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 38:
-#line 811 "seclang-parser.yy" // lalr1.cc:859
+#line 867 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::ValidateUtf8Encoding());
       }
-#line 1497 "seclang-parser.cc" // lalr1.cc:859
+#line 1479 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 39:
-#line 815 "seclang-parser.yy" // lalr1.cc:859
+#line 871 "seclang-parser.yy" // lalr1.cc:859
     {
         /* $$ = new operators::InspectFile($1); */
         OPERATOR_NOT_SUPPORTED("InspectFile", yystack_[2].location);
       }
-#line 1506 "seclang-parser.cc" // lalr1.cc:859
+#line 1488 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 40:
-#line 820 "seclang-parser.yy" // lalr1.cc:859
+#line 876 "seclang-parser.yy" // lalr1.cc:859
     {
         /* $$ = new operators::FuzzyHash(); */
         OPERATOR_NOT_SUPPORTED("FuzzyHash", yystack_[2].location);
       }
-#line 1515 "seclang-parser.cc" // lalr1.cc:859
+#line 1497 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 41:
-#line 825 "seclang-parser.yy" // lalr1.cc:859
+#line 881 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::ValidateByteRange(yystack_[0].value.as< std::string > ()));
       }
-#line 1523 "seclang-parser.cc" // lalr1.cc:859
+#line 1505 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 42:
-#line 829 "seclang-parser.yy" // lalr1.cc:859
+#line 885 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::ValidateDTD(yystack_[0].value.as< std::string > ()));
       }
-#line 1531 "seclang-parser.cc" // lalr1.cc:859
+#line 1513 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 43:
-#line 833 "seclang-parser.yy" // lalr1.cc:859
+#line 889 "seclang-parser.yy" // lalr1.cc:859
     {
         /* $$ = new operators::ValidateHash($1); */
         OPERATOR_NOT_SUPPORTED("ValidateHash", yystack_[2].location);
       }
-#line 1540 "seclang-parser.cc" // lalr1.cc:859
+#line 1522 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 44:
-#line 838 "seclang-parser.yy" // lalr1.cc:859
+#line 894 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::ValidateSchema(yystack_[0].value.as< std::string > ()));
       }
-#line 1548 "seclang-parser.cc" // lalr1.cc:859
+#line 1530 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 45:
-#line 842 "seclang-parser.yy" // lalr1.cc:859
+#line 898 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::VerifyCC(yystack_[0].value.as< std::string > ()));
       }
-#line 1556 "seclang-parser.cc" // lalr1.cc:859
+#line 1538 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 46:
-#line 846 "seclang-parser.yy" // lalr1.cc:859
+#line 902 "seclang-parser.yy" // lalr1.cc:859
     {
         /* $$ = new operators::VerifyCPF($1); */
         OPERATOR_NOT_SUPPORTED("VerifyCPF", yystack_[2].location);
       }
-#line 1565 "seclang-parser.cc" // lalr1.cc:859
+#line 1547 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 47:
-#line 851 "seclang-parser.yy" // lalr1.cc:859
+#line 907 "seclang-parser.yy" // lalr1.cc:859
     {
         /* $$ = new operators::VerifySSN($1); */
         OPERATOR_NOT_SUPPORTED("VerifySSN", yystack_[2].location);
       }
-#line 1574 "seclang-parser.cc" // lalr1.cc:859
+#line 1556 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 48:
-#line 856 "seclang-parser.yy" // lalr1.cc:859
+#line 912 "seclang-parser.yy" // lalr1.cc:859
     {
         /* $$ = new operators::GsbLookup($1); */
         OPERATOR_NOT_SUPPORTED("GsbLookup", yystack_[2].location);
       }
-#line 1583 "seclang-parser.cc" // lalr1.cc:859
+#line 1565 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 49:
-#line 861 "seclang-parser.yy" // lalr1.cc:859
+#line 917 "seclang-parser.yy" // lalr1.cc:859
     {
         /* $$ = new operators::Rsub($1); */
         OPERATOR_NOT_SUPPORTED("Rsub", yystack_[2].location);
       }
-#line 1592 "seclang-parser.cc" // lalr1.cc:859
+#line 1574 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 50:
-#line 866 "seclang-parser.yy" // lalr1.cc:859
+#line 922 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::Within(yystack_[0].value.as< std::string > ()));
       }
-#line 1600 "seclang-parser.cc" // lalr1.cc:859
+#line 1582 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 51:
-#line 870 "seclang-parser.yy" // lalr1.cc:859
+#line 926 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::ContainsWord(yystack_[0].value.as< std::string > ()));
       }
-#line 1608 "seclang-parser.cc" // lalr1.cc:859
+#line 1590 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 52:
-#line 874 "seclang-parser.yy" // lalr1.cc:859
+#line 930 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::Contains(yystack_[0].value.as< std::string > ()));
       }
-#line 1616 "seclang-parser.cc" // lalr1.cc:859
+#line 1598 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 53:
-#line 878 "seclang-parser.yy" // lalr1.cc:859
+#line 934 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::EndsWith(yystack_[0].value.as< std::string > ()));
       }
-#line 1624 "seclang-parser.cc" // lalr1.cc:859
+#line 1606 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 54:
-#line 882 "seclang-parser.yy" // lalr1.cc:859
+#line 938 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::Eq(yystack_[0].value.as< std::string > ()));
       }
-#line 1632 "seclang-parser.cc" // lalr1.cc:859
+#line 1614 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 55:
-#line 886 "seclang-parser.yy" // lalr1.cc:859
+#line 942 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::Ge(yystack_[0].value.as< std::string > ()));
       }
-#line 1640 "seclang-parser.cc" // lalr1.cc:859
+#line 1622 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 56:
-#line 890 "seclang-parser.yy" // lalr1.cc:859
+#line 946 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::Gt(yystack_[0].value.as< std::string > ()));
       }
-#line 1648 "seclang-parser.cc" // lalr1.cc:859
+#line 1630 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 57:
-#line 894 "seclang-parser.yy" // lalr1.cc:859
+#line 950 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::IpMatchF(yystack_[0].value.as< std::string > ()));
       }
-#line 1656 "seclang-parser.cc" // lalr1.cc:859
+#line 1638 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 58:
-#line 898 "seclang-parser.yy" // lalr1.cc:859
+#line 954 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::IpMatch(yystack_[0].value.as< std::string > ()));
       }
-#line 1664 "seclang-parser.cc" // lalr1.cc:859
+#line 1646 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 59:
-#line 902 "seclang-parser.yy" // lalr1.cc:859
+#line 958 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::Le(yystack_[0].value.as< std::string > ()));
       }
-#line 1672 "seclang-parser.cc" // lalr1.cc:859
+#line 1654 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 60:
-#line 906 "seclang-parser.yy" // lalr1.cc:859
+#line 962 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::Lt(yystack_[0].value.as< std::string > ()));
       }
-#line 1680 "seclang-parser.cc" // lalr1.cc:859
+#line 1662 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 61:
-#line 910 "seclang-parser.yy" // lalr1.cc:859
+#line 966 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::PmFromFile(yystack_[0].value.as< std::string > ()));
       }
-#line 1688 "seclang-parser.cc" // lalr1.cc:859
+#line 1670 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 62:
-#line 914 "seclang-parser.yy" // lalr1.cc:859
+#line 970 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::Pm(yystack_[0].value.as< std::string > ()));
       }
-#line 1696 "seclang-parser.cc" // lalr1.cc:859
+#line 1678 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 63:
-#line 918 "seclang-parser.yy" // lalr1.cc:859
+#line 974 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::Rbl(yystack_[0].value.as< std::string > ()));
       }
-#line 1704 "seclang-parser.cc" // lalr1.cc:859
+#line 1686 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 64:
-#line 922 "seclang-parser.yy" // lalr1.cc:859
+#line 978 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::Rx(yystack_[0].value.as< std::string > ()));
       }
-#line 1712 "seclang-parser.cc" // lalr1.cc:859
+#line 1694 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 65:
-#line 926 "seclang-parser.yy" // lalr1.cc:859
+#line 982 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::StrEq(yystack_[0].value.as< std::string > ()));
       }
-#line 1720 "seclang-parser.cc" // lalr1.cc:859
+#line 1702 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 66:
-#line 930 "seclang-parser.yy" // lalr1.cc:859
+#line 986 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::StrMatch(yystack_[0].value.as< std::string > ()));
       }
-#line 1728 "seclang-parser.cc" // lalr1.cc:859
+#line 1710 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 67:
-#line 934 "seclang-parser.yy" // lalr1.cc:859
+#line 990 "seclang-parser.yy" // lalr1.cc:859
     {
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::BeginsWith(yystack_[0].value.as< std::string > ()));
       }
-#line 1736 "seclang-parser.cc" // lalr1.cc:859
+#line 1718 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 68:
-#line 938 "seclang-parser.yy" // lalr1.cc:859
+#line 994 "seclang-parser.yy" // lalr1.cc:859
     {
 #ifdef WITH_GEOIP
         OPERATOR_CONTAINER(yylhs.value.as< std::unique_ptr<Operator> > (), new operators::GeoLookup());
@@ -1747,11 +1729,11 @@ namespace yy {
             YYERROR;
 #endif  // WITH_GEOIP
       }
-#line 1751 "seclang-parser.cc" // lalr1.cc:859
+#line 1733 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 70:
-#line 953 "seclang-parser.yy" // lalr1.cc:859
+#line 1009 "seclang-parser.yy" // lalr1.cc:859
     {
         std::vector<actions::Action *> *a = new std::vector<actions::Action *>();
         for (auto &i : *yystack_[0].value.as< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > ().get()) {
@@ -1775,11 +1757,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 1779 "seclang-parser.cc" // lalr1.cc:859
+#line 1761 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 71:
-#line 977 "seclang-parser.yy" // lalr1.cc:859
+#line 1033 "seclang-parser.yy" // lalr1.cc:859
     {
         std::vector<Variable *> *v = new std::vector<Variable *>();
         for (auto &i : *yystack_[1].value.as< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ().get()) {
@@ -1798,11 +1780,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 1802 "seclang-parser.cc" // lalr1.cc:859
+#line 1784 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 72:
-#line 996 "seclang-parser.yy" // lalr1.cc:859
+#line 1052 "seclang-parser.yy" // lalr1.cc:859
     {
         std::vector<actions::Action *> *a = new std::vector<actions::Action *>();
         for (auto &i : *yystack_[0].value.as< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > ().get()) {
@@ -1817,11 +1799,11 @@ namespace yy {
             );
         driver.addSecAction(rule);
       }
-#line 1821 "seclang-parser.cc" // lalr1.cc:859
+#line 1803 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 73:
-#line 1011 "seclang-parser.yy" // lalr1.cc:859
+#line 1067 "seclang-parser.yy" // lalr1.cc:859
     {
         /*
 
@@ -1829,11 +1811,11 @@ namespace yy {
 
         */
       }
-#line 1833 "seclang-parser.cc" // lalr1.cc:859
+#line 1815 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 74:
-#line 1019 "seclang-parser.yy" // lalr1.cc:859
+#line 1075 "seclang-parser.yy" // lalr1.cc:859
     {
         std::vector<actions::Action *> *actions = new std::vector<actions::Action *>();
         for (auto &i : *yystack_[0].value.as< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > ().get()) {
@@ -1880,83 +1862,83 @@ namespace yy {
 
         delete actions;
       }
-#line 1884 "seclang-parser.cc" // lalr1.cc:859
+#line 1866 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 75:
-#line 1066 "seclang-parser.yy" // lalr1.cc:859
+#line 1122 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.addSecMarker(modsecurity::utils::string::removeBracketsIfNeeded(yystack_[0].value.as< std::string > ()));
       }
-#line 1892 "seclang-parser.cc" // lalr1.cc:859
+#line 1874 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 76:
-#line 1070 "seclang-parser.yy" // lalr1.cc:859
+#line 1126 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_secRuleEngine = modsecurity::Rules::DisabledRuleEngine;
       }
-#line 1900 "seclang-parser.cc" // lalr1.cc:859
+#line 1882 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 77:
-#line 1074 "seclang-parser.yy" // lalr1.cc:859
+#line 1130 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_secRuleEngine = modsecurity::Rules::EnabledRuleEngine;
       }
-#line 1908 "seclang-parser.cc" // lalr1.cc:859
+#line 1890 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 78:
-#line 1078 "seclang-parser.yy" // lalr1.cc:859
+#line 1134 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_secRuleEngine = modsecurity::Rules::DetectionOnlyRuleEngine;
       }
-#line 1916 "seclang-parser.cc" // lalr1.cc:859
+#line 1898 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 79:
-#line 1082 "seclang-parser.yy" // lalr1.cc:859
+#line 1138 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_secRequestBodyAccess = modsecurity::RulesProperties::TrueConfigBoolean;
       }
-#line 1924 "seclang-parser.cc" // lalr1.cc:859
+#line 1906 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 80:
-#line 1086 "seclang-parser.yy" // lalr1.cc:859
+#line 1142 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_secRequestBodyAccess = modsecurity::RulesProperties::FalseConfigBoolean;
       }
-#line 1932 "seclang-parser.cc" // lalr1.cc:859
+#line 1914 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 81:
-#line 1090 "seclang-parser.yy" // lalr1.cc:859
+#line 1146 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_secResponseBodyAccess = modsecurity::RulesProperties::TrueConfigBoolean;
       }
-#line 1940 "seclang-parser.cc" // lalr1.cc:859
+#line 1922 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 82:
-#line 1094 "seclang-parser.yy" // lalr1.cc:859
+#line 1150 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_secResponseBodyAccess = modsecurity::RulesProperties::FalseConfigBoolean;
       }
-#line 1948 "seclang-parser.cc" // lalr1.cc:859
+#line 1930 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 83:
-#line 1098 "seclang-parser.yy" // lalr1.cc:859
+#line 1154 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_components.push_back(yystack_[0].value.as< std::string > ());
       }
-#line 1956 "seclang-parser.cc" // lalr1.cc:859
+#line 1938 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 84:
-#line 1102 "seclang-parser.yy" // lalr1.cc:859
+#line 1158 "seclang-parser.yy" // lalr1.cc:859
     {
         std::string error;
         if (driver.m_exceptions.load(yystack_[0].value.as< std::string > (), &error) == false) {
@@ -1969,11 +1951,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 1973 "seclang-parser.cc" // lalr1.cc:859
+#line 1955 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 85:
-#line 1116 "seclang-parser.yy" // lalr1.cc:859
+#line 1172 "seclang-parser.yy" // lalr1.cc:859
     {
         if (driver.m_debugLog != NULL) {
           driver.m_debugLog->setDebugLogLevel(atoi(yystack_[0].value.as< std::string > ().c_str()));
@@ -1985,11 +1967,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 1989 "seclang-parser.cc" // lalr1.cc:859
+#line 1971 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 86:
-#line 1128 "seclang-parser.yy" // lalr1.cc:859
+#line 1184 "seclang-parser.yy" // lalr1.cc:859
     {
         if (driver.m_debugLog != NULL) {
             std::string error;
@@ -2008,11 +1990,11 @@ namespace yy {
             YYERROR;
         }
       }
-#line 2012 "seclang-parser.cc" // lalr1.cc:859
+#line 1994 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 87:
-#line 1148 "seclang-parser.yy" // lalr1.cc:859
+#line 1204 "seclang-parser.yy" // lalr1.cc:859
     {
 #ifdef WITH_GEOIP
         std::string file = modsecurity::utils::find_resource(yystack_[0].value.as< std::string > (),
@@ -2031,95 +2013,95 @@ namespace yy {
         YYERROR;
 #endif  // WITH_GEOIP
       }
-#line 2035 "seclang-parser.cc" // lalr1.cc:859
+#line 2017 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 88:
-#line 1168 "seclang-parser.yy" // lalr1.cc:859
+#line 1224 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_requestBodyLimit.m_set = true;
         driver.m_requestBodyLimit.m_value = atoi(yystack_[0].value.as< std::string > ().c_str());
       }
-#line 2044 "seclang-parser.cc" // lalr1.cc:859
+#line 2026 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 89:
-#line 1173 "seclang-parser.yy" // lalr1.cc:859
+#line 1229 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_requestBodyNoFilesLimit.m_set = true;
         driver.m_requestBodyNoFilesLimit.m_value = atoi(yystack_[0].value.as< std::string > ().c_str());
       }
-#line 2053 "seclang-parser.cc" // lalr1.cc:859
+#line 2035 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 90:
-#line 1178 "seclang-parser.yy" // lalr1.cc:859
+#line 1234 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_requestBodyInMemoryLimit.m_set = true;
         driver.m_requestBodyInMemoryLimit.m_value = atoi(yystack_[0].value.as< std::string > ().c_str());
       }
-#line 2062 "seclang-parser.cc" // lalr1.cc:859
+#line 2044 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 91:
-#line 1183 "seclang-parser.yy" // lalr1.cc:859
+#line 1239 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_responseBodyLimit.m_set = true;
         driver.m_responseBodyLimit.m_value = atoi(yystack_[0].value.as< std::string > ().c_str());
       }
-#line 2071 "seclang-parser.cc" // lalr1.cc:859
+#line 2053 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 92:
-#line 1188 "seclang-parser.yy" // lalr1.cc:859
+#line 1244 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_requestBodyLimitAction = modsecurity::Rules::BodyLimitAction::ProcessPartialBodyLimitAction;
       }
-#line 2079 "seclang-parser.cc" // lalr1.cc:859
+#line 2061 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 93:
-#line 1192 "seclang-parser.yy" // lalr1.cc:859
+#line 1248 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_requestBodyLimitAction = modsecurity::Rules::BodyLimitAction::RejectBodyLimitAction;
       }
-#line 2087 "seclang-parser.cc" // lalr1.cc:859
+#line 2069 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 94:
-#line 1196 "seclang-parser.yy" // lalr1.cc:859
+#line 1252 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_responseBodyLimitAction = modsecurity::Rules::BodyLimitAction::ProcessPartialBodyLimitAction;
       }
-#line 2095 "seclang-parser.cc" // lalr1.cc:859
+#line 2077 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 95:
-#line 1200 "seclang-parser.yy" // lalr1.cc:859
+#line 1256 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_responseBodyLimitAction = modsecurity::Rules::BodyLimitAction::RejectBodyLimitAction;
       }
-#line 2103 "seclang-parser.cc" // lalr1.cc:859
+#line 2085 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 96:
-#line 1204 "seclang-parser.yy" // lalr1.cc:859
+#line 1260 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_remoteRulesActionOnFailed = Rules::OnFailedRemoteRulesAction::AbortOnFailedRemoteRulesAction;
       }
-#line 2111 "seclang-parser.cc" // lalr1.cc:859
+#line 2093 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 97:
-#line 1208 "seclang-parser.yy" // lalr1.cc:859
+#line 1264 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_remoteRulesActionOnFailed = Rules::OnFailedRemoteRulesAction::WarnOnFailedRemoteRulesAction;
       }
-#line 2119 "seclang-parser.cc" // lalr1.cc:859
+#line 2101 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 100:
-#line 1214 "seclang-parser.yy" // lalr1.cc:859
+#line 1270 "seclang-parser.yy" // lalr1.cc:859
     {
         std::istringstream buf(yystack_[0].value.as< std::string > ());
         std::istream_iterator<std::string> beg(buf), end;
@@ -2130,1709 +2112,2000 @@ namespace yy {
             driver.m_responseBodyTypeToBeInspected.insert(*it);
         }
       }
-#line 2134 "seclang-parser.cc" // lalr1.cc:859
+#line 2116 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 101:
-#line 1225 "seclang-parser.yy" // lalr1.cc:859
+#line 1281 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_secXMLExternalEntity = modsecurity::RulesProperties::FalseConfigBoolean;
       }
-#line 2142 "seclang-parser.cc" // lalr1.cc:859
+#line 2124 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 102:
-#line 1229 "seclang-parser.yy" // lalr1.cc:859
+#line 1285 "seclang-parser.yy" // lalr1.cc:859
     {
         driver.m_secXMLExternalEntity = modsecurity::RulesProperties::TrueConfigBoolean;
       }
-#line 2150 "seclang-parser.cc" // lalr1.cc:859
+#line 2132 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 109:
-#line 1239 "seclang-parser.yy" // lalr1.cc:859
+#line 1295 "seclang-parser.yy" // lalr1.cc:859
     {
       }
-#line 2157 "seclang-parser.cc" // lalr1.cc:859
+#line 2139 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 110:
-#line 1245 "seclang-parser.yy" // lalr1.cc:859
+#line 1301 "seclang-parser.yy" // lalr1.cc:859
     {
         yystack_[2].value.as< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ()->push_back(std::move(yystack_[0].value.as< std::unique_ptr<Variable> > ()));
         yylhs.value.as< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > () = std::move(yystack_[2].value.as< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ());
       }
-#line 2166 "seclang-parser.cc" // lalr1.cc:859
+#line 2148 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 111:
-#line 1250 "seclang-parser.yy" // lalr1.cc:859
+#line 1306 "seclang-parser.yy" // lalr1.cc:859
+    {
+        std::unique_ptr<Variable> c(new VariableModificatorExclusion(std::move(yystack_[0].value.as< std::unique_ptr<Variable> > ())));
+        yystack_[3].value.as< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ()->push_back(std::move(c));
+        yylhs.value.as< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > () = std::move(yystack_[3].value.as< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ());
+      }
+#line 2158 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 112:
+#line 1312 "seclang-parser.yy" // lalr1.cc:859
+    {
+        std::unique_ptr<Variable> c(new VariableModificatorCount(std::move(yystack_[0].value.as< std::unique_ptr<Variable> > ())));
+        yystack_[3].value.as< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ()->push_back(std::move(c));
+        yylhs.value.as< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > () = std::move(yystack_[3].value.as< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ());
+      }
+#line 2168 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 113:
+#line 1318 "seclang-parser.yy" // lalr1.cc:859
     {
         std::unique_ptr<std::vector<std::unique_ptr<Variable>>> b(new std::vector<std::unique_ptr<Variable>>());
         b->push_back(std::move(yystack_[0].value.as< std::unique_ptr<Variable> > ()));
         yylhs.value.as< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > () = std::move(b);
       }
-#line 2176 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 112:
-#line 1259 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::ArgsNames());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2185 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 113:
-#line 1264 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::Args_DictElement(yystack_[0].value.as< std::string > ()));
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2194 "seclang-parser.cc" // lalr1.cc:859
+#line 2178 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 114:
-#line 1269 "seclang-parser.yy" // lalr1.cc:859
+#line 1324 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::Args_DictElementRegexp(yystack_[0].value.as< std::string > ()));
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        std::unique_ptr<std::vector<std::unique_ptr<Variable>>> b(new std::vector<std::unique_ptr<Variable>>());
+        std::unique_ptr<Variable> c(new VariableModificatorExclusion(std::move(yystack_[0].value.as< std::unique_ptr<Variable> > ())));
+        b->push_back(std::move(c));
+        yylhs.value.as< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > () = std::move(b);
       }
-#line 2203 "seclang-parser.cc" // lalr1.cc:859
+#line 2189 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 115:
-#line 1274 "seclang-parser.yy" // lalr1.cc:859
+#line 1331 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::Args_NoDictElement());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        std::unique_ptr<std::vector<std::unique_ptr<Variable>>> b(new std::vector<std::unique_ptr<Variable>>());
+        std::unique_ptr<Variable> c(new VariableModificatorCount(std::move(yystack_[0].value.as< std::unique_ptr<Variable> > ())));
+        b->push_back(std::move(c));
+        yylhs.value.as< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > () = std::move(b);
       }
-#line 2212 "seclang-parser.cc" // lalr1.cc:859
+#line 2200 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 116:
-#line 1279 "seclang-parser.yy" // lalr1.cc:859
+#line 1341 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::ArgsGetNames());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Args_DictElement(yystack_[0].value.as< std::string > ()));
       }
-#line 2221 "seclang-parser.cc" // lalr1.cc:859
+#line 2208 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 117:
-#line 1284 "seclang-parser.yy" // lalr1.cc:859
+#line 1345 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::ArgsPostNames());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Args_DictElementRegexp(yystack_[0].value.as< std::string > ()));
       }
-#line 2230 "seclang-parser.cc" // lalr1.cc:859
+#line 2216 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 118:
-#line 1289 "seclang-parser.yy" // lalr1.cc:859
+#line 1349 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::RequestHeadersNames());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Args_NoDictElement());
       }
-#line 2239 "seclang-parser.cc" // lalr1.cc:859
+#line 2224 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 119:
-#line 1294 "seclang-parser.yy" // lalr1.cc:859
+#line 1353 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::ResponseContentType());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ArgsPost_DictElement(yystack_[0].value.as< std::string > ()));
+      }
+#line 2232 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 120:
+#line 1357 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ArgsPost_DictElementRegexp(yystack_[0].value.as< std::string > ()));
+      }
+#line 2240 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 121:
+#line 1361 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ArgsPost_NoDictElement());
       }
 #line 2248 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 120:
-#line 1299 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::ResponseHeadersNames());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2257 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 121:
-#line 1304 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::ArgsCombinedSize());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2266 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
   case 122:
-#line 1309 "seclang-parser.yy" // lalr1.cc:859
+#line 1365 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::AuthType());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ArgsGet_DictElement(yystack_[0].value.as< std::string > ()));
       }
-#line 2275 "seclang-parser.cc" // lalr1.cc:859
+#line 2256 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 123:
-#line 1314 "seclang-parser.yy" // lalr1.cc:859
+#line 1369 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::FilesCombinedSize());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ArgsGet_DictElementRegexp(yystack_[0].value.as< std::string > ()));
       }
-#line 2284 "seclang-parser.cc" // lalr1.cc:859
+#line 2264 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 124:
-#line 1319 "seclang-parser.yy" // lalr1.cc:859
+#line 1373 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::FilesTmpNames());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ArgsGet_NoDictElement());
       }
-#line 2293 "seclang-parser.cc" // lalr1.cc:859
+#line 2272 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 125:
-#line 1324 "seclang-parser.yy" // lalr1.cc:859
+#line 1377 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::FullRequest());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::FilesSizes_DictElement(yystack_[0].value.as< std::string > ()));
       }
-#line 2302 "seclang-parser.cc" // lalr1.cc:859
+#line 2280 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 126:
-#line 1329 "seclang-parser.yy" // lalr1.cc:859
+#line 1381 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::FullRequestLength());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::FilesSizes_DictElementRegexp(yystack_[0].value.as< std::string > ()));
       }
-#line 2311 "seclang-parser.cc" // lalr1.cc:859
+#line 2288 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 127:
-#line 1334 "seclang-parser.yy" // lalr1.cc:859
+#line 1385 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::InboundDataError());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::FilesSizes_NoDictElement());
+      }
+#line 2296 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 128:
+#line 1389 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::FilesNames_DictElement(yystack_[0].value.as< std::string > ()));
+      }
+#line 2304 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 129:
+#line 1393 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::FilesNames_DictElementRegexp(yystack_[0].value.as< std::string > ()));
+      }
+#line 2312 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 130:
+#line 1397 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::FilesNames_NoDictElement());
       }
 #line 2320 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 128:
-#line 1339 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::MatchedVar());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2329 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 129:
-#line 1344 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::MatchedVarName());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2338 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 130:
-#line 1349 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::MultipartCrlfLFLines());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2347 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
   case 131:
-#line 1354 "seclang-parser.yy" // lalr1.cc:859
+#line 1401 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::MultipartDateAfter());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::FilesTmpContent_DictElement(yystack_[0].value.as< std::string > ()));
       }
-#line 2356 "seclang-parser.cc" // lalr1.cc:859
+#line 2328 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 132:
-#line 1359 "seclang-parser.yy" // lalr1.cc:859
+#line 1405 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::MultipartFileLimitExceeded());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::FilesTmpContent_DictElementRegexp(yystack_[0].value.as< std::string > ()));
       }
-#line 2365 "seclang-parser.cc" // lalr1.cc:859
+#line 2336 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 133:
-#line 1364 "seclang-parser.yy" // lalr1.cc:859
+#line 1409 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::MultipartHeaderFolding());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::FilesTmpContent_NoDictElement());
       }
-#line 2374 "seclang-parser.cc" // lalr1.cc:859
+#line 2344 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 134:
-#line 1369 "seclang-parser.yy" // lalr1.cc:859
+#line 1413 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::MultipartInvalidHeaderFolding());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MultiPartFileName_DictElement(yystack_[0].value.as< std::string > ()));
       }
-#line 2383 "seclang-parser.cc" // lalr1.cc:859
+#line 2352 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 135:
-#line 1374 "seclang-parser.yy" // lalr1.cc:859
+#line 1417 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::MultipartInvalidQuoting());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MultiPartFileName_DictElementRegexp(yystack_[0].value.as< std::string > ()));
+      }
+#line 2360 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 136:
+#line 1421 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MultiPartFileName_NoDictElement());
+      }
+#line 2368 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 137:
+#line 1425 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MultiPartName_DictElement(yystack_[0].value.as< std::string > ()));
+      }
+#line 2376 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 138:
+#line 1429 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MultiPartName_DictElementRegexp(yystack_[0].value.as< std::string > ()));
+      }
+#line 2384 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 139:
+#line 1433 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MultiPartName_NoDictElement());
       }
 #line 2392 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 136:
-#line 1379 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::MultipartStrictError());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2401 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 137:
-#line 1384 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::MultipartUnmatchedBoundary());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2410 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 138:
-#line 1389 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::OutboundDataError());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2419 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 139:
-#line 1394 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::PathInfo());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2428 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
   case 140:
-#line 1399 "seclang-parser.yy" // lalr1.cc:859
+#line 1437 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::QueryString());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MatchedVarsNames_DictElement(yystack_[0].value.as< std::string > ()));
       }
-#line 2437 "seclang-parser.cc" // lalr1.cc:859
+#line 2400 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 141:
-#line 1404 "seclang-parser.yy" // lalr1.cc:859
+#line 1441 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::RemoteAddr());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MatchedVarsNames_DictElementRegexp(yystack_[0].value.as< std::string > ()));
       }
-#line 2446 "seclang-parser.cc" // lalr1.cc:859
+#line 2408 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 142:
-#line 1409 "seclang-parser.yy" // lalr1.cc:859
+#line 1445 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::RemoteHost());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MatchedVarsNames_NoDictElement());
       }
-#line 2455 "seclang-parser.cc" // lalr1.cc:859
+#line 2416 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 143:
-#line 1414 "seclang-parser.yy" // lalr1.cc:859
+#line 1449 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::RemotePort());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MatchedVars_DictElement(yystack_[0].value.as< std::string > ()));
+      }
+#line 2424 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 144:
+#line 1453 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MatchedVars_DictElementRegexp(yystack_[0].value.as< std::string > ()));
+      }
+#line 2432 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 145:
+#line 1457 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MatchedVars_NoDictElement());
+      }
+#line 2440 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 146:
+#line 1461 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Files_DictElement(yystack_[0].value.as< std::string > ()));
+      }
+#line 2448 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 147:
+#line 1465 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Files_DictElementRegexp(yystack_[0].value.as< std::string > ()));
+      }
+#line 2456 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 148:
+#line 1469 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Files_NoDictElement());
       }
 #line 2464 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 144:
-#line 1419 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::ReqbodyError());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2473 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 145:
-#line 1424 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::ReqbodyErrorMsg());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2482 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 146:
-#line 1429 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::ReqbodyProcessor());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2491 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 147:
-#line 1434 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::ReqbodyProcessorError());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2500 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 148:
-#line 1439 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::ReqbodyProcessorErrorMsg());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2509 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
   case 149:
-#line 1444 "seclang-parser.yy" // lalr1.cc:859
+#line 1473 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::RequestBasename());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestCookies_DictElement(yystack_[0].value.as< std::string > ()));
       }
-#line 2518 "seclang-parser.cc" // lalr1.cc:859
+#line 2472 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 150:
-#line 1449 "seclang-parser.yy" // lalr1.cc:859
+#line 1477 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::RequestBody());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestCookies_DictElementRegexp(yystack_[0].value.as< std::string > ()));
       }
-#line 2527 "seclang-parser.cc" // lalr1.cc:859
+#line 2480 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 151:
-#line 1454 "seclang-parser.yy" // lalr1.cc:859
+#line 1481 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::RequestBodyLength());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestCookies_NoDictElement());
+      }
+#line 2488 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 152:
+#line 1485 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestHeaders_DictElement(yystack_[0].value.as< std::string > ()));
+      }
+#line 2496 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 153:
+#line 1489 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestHeaders_DictElementRegexp(yystack_[0].value.as< std::string > ()));
+      }
+#line 2504 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 154:
+#line 1493 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestHeaders_NoDictElement());
+      }
+#line 2512 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 155:
+#line 1497 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ResponseHeaders_DictElement(yystack_[0].value.as< std::string > ()));
+      }
+#line 2520 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 156:
+#line 1501 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ResponseHeaders_DictElementRegexp(yystack_[0].value.as< std::string > ()));
+      }
+#line 2528 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 157:
+#line 1505 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ResponseHeaders_NoDictElement());
       }
 #line 2536 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 152:
-#line 1459 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::RequestFilename());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2545 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 153:
-#line 1464 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::RequestLine());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2554 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 154:
-#line 1469 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::RequestMethod());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2563 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 155:
-#line 1474 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::RequestProtocol());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2572 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 156:
-#line 1479 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::RequestURI());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2581 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 157:
-#line 1484 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::RequestURIRaw());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2590 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
   case 158:
-#line 1489 "seclang-parser.yy" // lalr1.cc:859
+#line 1509 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::Resource());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Geo_DictElement(yystack_[0].value.as< std::string > ()));
       }
-#line 2599 "seclang-parser.cc" // lalr1.cc:859
+#line 2544 "seclang-parser.cc" // lalr1.cc:859
     break;
 
   case 159:
-#line 1494 "seclang-parser.yy" // lalr1.cc:859
+#line 1513 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::ResponseBody());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Geo_DictElementRegexp(yystack_[0].value.as< std::string > ()));
+      }
+#line 2552 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 160:
+#line 1517 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Geo_NoDictElement());
+      }
+#line 2560 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 161:
+#line 1521 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestCookiesNames_DictElement(yystack_[0].value.as< std::string > ()));
+      }
+#line 2568 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 162:
+#line 1525 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestCookiesNames_DictElementRegexp(yystack_[0].value.as< std::string > ()));
+      }
+#line 2576 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 163:
+#line 1529 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestCookiesNames_NoDictElement());
+      }
+#line 2584 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 164:
+#line 1533 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Rule_DictElement(yystack_[0].value.as< std::string > ()));
+      }
+#line 2592 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 165:
+#line 1537 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Rule_DictElementRegexp(yystack_[0].value.as< std::string > ()));
+      }
+#line 2600 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 166:
+#line 1541 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Rule_NoDictElement());
       }
 #line 2608 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 160:
-#line 1499 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::ResponseContentLength());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2617 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 161:
-#line 1504 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::ResponseProtocol());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2626 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 162:
-#line 1509 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::ResponseStatus());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2635 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 163:
-#line 1514 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::ServerAddr());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2644 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 164:
-#line 1519 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::ServerName());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2653 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 165:
-#line 1524 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::ServerPort());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2662 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 166:
-#line 1529 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::unique_ptr<Variable> c(new Variables::SessionID());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-      }
-#line 2671 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
   case 167:
-#line 1534 "seclang-parser.yy" // lalr1.cc:859
+#line 1545 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::UniqueID());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Env("ENV:" + yystack_[0].value.as< std::string > ()));
+      }
+#line 2616 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 168:
+#line 1549 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Env("ENV:" + yystack_[0].value.as< std::string > ()));
+      }
+#line 2624 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 169:
+#line 1553 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Env("ENV"));
+      }
+#line 2632 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 170:
+#line 1557 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::XML("XML:" + yystack_[0].value.as< std::string > ()));
+      }
+#line 2640 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 171:
+#line 1561 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::XML("XML:" + yystack_[0].value.as< std::string > ()));
+      }
+#line 2648 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 172:
+#line 1565 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::XML_NoDictElement());
+      }
+#line 2656 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 173:
+#line 1569 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::FilesTmpNames_DictElement(yystack_[0].value.as< std::string > ()));
+      }
+#line 2664 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 174:
+#line 1573 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::FilesTmpNames_DictElementRegexp(yystack_[0].value.as< std::string > ()));
+      }
+#line 2672 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 175:
+#line 1577 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::FilesTmpNames_NoDictElement());
       }
 #line 2680 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 168:
-#line 1539 "seclang-parser.yy" // lalr1.cc:859
+  case 176:
+#line 1582 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::UrlEncodedError());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Ip_DictElement(yystack_[0].value.as< std::string > ()));
       }
-#line 2689 "seclang-parser.cc" // lalr1.cc:859
+#line 2688 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 169:
-#line 1544 "seclang-parser.yy" // lalr1.cc:859
+  case 177:
+#line 1586 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::unique_ptr<Variable> c(new Variables::UserID());
-        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Ip_DictElementRegexp(yystack_[0].value.as< std::string > ()));
       }
-#line 2698 "seclang-parser.cc" // lalr1.cc:859
+#line 2696 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 170:
-#line 1549 "seclang-parser.yy" // lalr1.cc:859
+  case 178:
+#line 1590 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new Variable(name, Variable::VariableKind::DirectVariable)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new Variable(name, Variable::VariableKind::DirectVariable)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new Variable(name, Variable::VariableKind::DirectVariable));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Ip_NoDictElement());
       }
-#line 2719 "seclang-parser.cc" // lalr1.cc:859
+#line 2704 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 171:
-#line 1566 "seclang-parser.yy" // lalr1.cc:859
+  case 179:
+#line 1595 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new Variable(name, Variable::VariableKind::CollectionVarible)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new Variable(name, Variable::VariableKind::CollectionVarible)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new Variable(name, Variable::VariableKind::CollectionVarible));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Global_DictElement(yystack_[0].value.as< std::string > ()));
       }
-#line 2740 "seclang-parser.cc" // lalr1.cc:859
+#line 2712 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 172:
-#line 1583 "seclang-parser.yy" // lalr1.cc:859
+  case 180:
+#line 1599 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new Tx(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new Tx(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new Tx(name));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Global_DictElementRegexp(yystack_[0].value.as< std::string > ()));
       }
-#line 2761 "seclang-parser.cc" // lalr1.cc:859
+#line 2720 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 173:
-#line 1600 "seclang-parser.yy" // lalr1.cc:859
+  case 181:
+#line 1603 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new Duration(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new Duration(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new Duration(name));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Global_NoDictElement());
       }
-#line 2782 "seclang-parser.cc" // lalr1.cc:859
+#line 2728 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 174:
-#line 1617 "seclang-parser.yy" // lalr1.cc:859
+  case 182:
+#line 1608 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new Env(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new Env(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new Env(name));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Tx_DictElement(yystack_[0].value.as< std::string > ()));
       }
-#line 2803 "seclang-parser.cc" // lalr1.cc:859
+#line 2736 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 175:
-#line 1634 "seclang-parser.yy" // lalr1.cc:859
+  case 183:
+#line 1612 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new ModsecBuild(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new ModsecBuild(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new ModsecBuild(name));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Tx_DictElementRegexp(yystack_[0].value.as< std::string > ()));
+      }
+#line 2744 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 184:
+#line 1616 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Tx_NoDictElement());
+      }
+#line 2752 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 185:
+#line 1621 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Session_DictElement(yystack_[0].value.as< std::string > ()));
+      }
+#line 2760 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 186:
+#line 1625 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Session_DictElementRegexp(yystack_[0].value.as< std::string > ()));
+      }
+#line 2768 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 187:
+#line 1629 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Session_NoDictElement());
+      }
+#line 2776 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 188:
+#line 1636 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ArgsNames());
+      }
+#line 2784 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 189:
+#line 1640 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ArgsGetNames());
+      }
+#line 2792 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 190:
+#line 1644 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ArgsPostNames());
+      }
+#line 2800 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 191:
+#line 1648 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestHeadersNames());
+      }
+#line 2808 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 192:
+#line 1652 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ResponseContentType());
+      }
+#line 2816 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 193:
+#line 1656 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ResponseHeadersNames());
       }
 #line 2824 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 176:
-#line 1651 "seclang-parser.yy" // lalr1.cc:859
+  case 194:
+#line 1660 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new HighestSeverity(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new HighestSeverity(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new HighestSeverity(name));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ArgsCombinedSize());
       }
-#line 2845 "seclang-parser.cc" // lalr1.cc:859
+#line 2832 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 177:
+  case 195:
+#line 1664 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::AuthType());
+      }
+#line 2840 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 196:
 #line 1668 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new RemoteUser(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new RemoteUser(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new RemoteUser(name));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::FilesCombinedSize());
       }
-#line 2866 "seclang-parser.cc" // lalr1.cc:859
+#line 2848 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 178:
-#line 1685 "seclang-parser.yy" // lalr1.cc:859
+  case 197:
+#line 1672 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new Time(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new Time(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new Time(name));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::FullRequest());
       }
-#line 2887 "seclang-parser.cc" // lalr1.cc:859
+#line 2856 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 179:
-#line 1702 "seclang-parser.yy" // lalr1.cc:859
+  case 198:
+#line 1676 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new TimeDay(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new TimeDay(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new TimeDay(name));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::FullRequestLength());
       }
-#line 2908 "seclang-parser.cc" // lalr1.cc:859
+#line 2864 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 180:
-#line 1719 "seclang-parser.yy" // lalr1.cc:859
+  case 199:
+#line 1680 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new TimeEpoch(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new TimeEpoch(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new TimeEpoch(name));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::InboundDataError());
       }
-#line 2929 "seclang-parser.cc" // lalr1.cc:859
+#line 2872 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 181:
+  case 200:
+#line 1684 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MatchedVar());
+      }
+#line 2880 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 201:
+#line 1688 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MatchedVarName());
+      }
+#line 2888 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 202:
+#line 1692 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MultipartCrlfLFLines());
+      }
+#line 2896 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 203:
+#line 1696 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MultipartDateAfter());
+      }
+#line 2904 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 204:
+#line 1700 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MultipartFileLimitExceeded());
+      }
+#line 2912 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 205:
+#line 1704 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MultipartHeaderFolding());
+      }
+#line 2920 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 206:
+#line 1708 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MultipartInvalidHeaderFolding());
+      }
+#line 2928 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 207:
+#line 1712 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MultipartInvalidQuoting());
+      }
+#line 2936 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 208:
+#line 1716 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MultipartStrictError());
+      }
+#line 2944 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 209:
+#line 1720 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::MultipartUnmatchedBoundary());
+      }
+#line 2952 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 210:
+#line 1724 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::OutboundDataError());
+      }
+#line 2960 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 211:
+#line 1728 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::PathInfo());
+      }
+#line 2968 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 212:
+#line 1732 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::QueryString());
+      }
+#line 2976 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 213:
 #line 1736 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new TimeHour(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new TimeHour(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new TimeHour(name));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RemoteAddr());
       }
-#line 2950 "seclang-parser.cc" // lalr1.cc:859
+#line 2984 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 182:
-#line 1753 "seclang-parser.yy" // lalr1.cc:859
+  case 214:
+#line 1740 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new TimeMin(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new TimeMin(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new TimeMin(name));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
-      }
-#line 2971 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 183:
-#line 1770 "seclang-parser.yy" // lalr1.cc:859
-    {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new TimeMon(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new TimeMon(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new TimeMon(name));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RemoteHost());
       }
 #line 2992 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 184:
-#line 1787 "seclang-parser.yy" // lalr1.cc:859
+  case 215:
+#line 1744 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new TimeSec(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new TimeSec(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new TimeSec(name));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RemotePort());
       }
-#line 3013 "seclang-parser.cc" // lalr1.cc:859
+#line 3000 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 185:
+  case 216:
+#line 1748 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ReqbodyError());
+      }
+#line 3008 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 217:
+#line 1752 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ReqbodyErrorMsg());
+      }
+#line 3016 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 218:
+#line 1756 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ReqbodyProcessor());
+      }
+#line 3024 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 219:
+#line 1760 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ReqbodyProcessorError());
+      }
+#line 3032 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 220:
+#line 1764 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ReqbodyProcessorErrorMsg());
+      }
+#line 3040 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 221:
+#line 1768 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestBasename());
+      }
+#line 3048 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 222:
+#line 1772 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestBody());
+      }
+#line 3056 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 223:
+#line 1776 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestBodyLength());
+      }
+#line 3064 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 224:
+#line 1780 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestFilename());
+      }
+#line 3072 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 225:
+#line 1784 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestLine());
+      }
+#line 3080 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 226:
+#line 1788 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestMethod());
+      }
+#line 3088 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 227:
+#line 1792 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestProtocol());
+      }
+#line 3096 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 228:
+#line 1796 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestURI());
+      }
+#line 3104 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 229:
+#line 1800 "seclang-parser.yy" // lalr1.cc:859
+    {
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::RequestURIRaw());
+      }
+#line 3112 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 230:
 #line 1804 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new TimeWDay(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new TimeWDay(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new TimeWDay(name));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Resource());
       }
-#line 3034 "seclang-parser.cc" // lalr1.cc:859
+#line 3120 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 186:
-#line 1821 "seclang-parser.yy" // lalr1.cc:859
+  case 231:
+#line 1808 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new TimeYear(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new TimeYear(name)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new TimeYear(name));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ResponseBody());
       }
-#line 3055 "seclang-parser.cc" // lalr1.cc:859
+#line 3128 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 187:
-#line 1838 "seclang-parser.yy" // lalr1.cc:859
+  case 232:
+#line 1812 "seclang-parser.yy" // lalr1.cc:859
     {
-            std::string name(yystack_[0].value.as< std::string > ());
-            std::unique_ptr<Variable> c(new XML(name));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ResponseContentLength());
       }
-#line 3065 "seclang-parser.cc" // lalr1.cc:859
+#line 3136 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 188:
-#line 1844 "seclang-parser.yy" // lalr1.cc:859
+  case 233:
+#line 1816 "seclang-parser.yy" // lalr1.cc:859
     {
-        std::string name(yystack_[0].value.as< std::string > ());
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new Variable(name, Variable::VariableKind::DirectVariable)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new Variable(name, Variable::VariableKind::DirectVariable)));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new Variable(name, Variable::VariableKind::DirectVariable));
-            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
-        }
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ResponseProtocol());
       }
-#line 3086 "seclang-parser.cc" // lalr1.cc:859
+#line 3144 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 189:
-#line 1864 "seclang-parser.yy" // lalr1.cc:859
+  case 234:
+#line 1820 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Accuracy(yystack_[0].value.as< std::string > ()));
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ResponseStatus());
       }
-#line 3094 "seclang-parser.cc" // lalr1.cc:859
+#line 3152 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 190:
-#line 1868 "seclang-parser.yy" // lalr1.cc:859
+  case 235:
+#line 1824 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::disruptive::Allow(yystack_[0].value.as< std::string > ()));
-      }
-#line 3102 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 191:
-#line 1872 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_NOT_SUPPORTED("Append", yystack_[1].location);
-      }
-#line 3110 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 192:
-#line 1876 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::AuditLog(yystack_[0].value.as< std::string > ()));
-      }
-#line 3118 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 193:
-#line 1880 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::disruptive::Block(yystack_[0].value.as< std::string > ()));
-      }
-#line 3126 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 194:
-#line 1884 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Capture(yystack_[0].value.as< std::string > ()));
-      }
-#line 3134 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 195:
-#line 1888 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Chain(yystack_[0].value.as< std::string > ()));
-      }
-#line 3142 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 196:
-#line 1892 "seclang-parser.yy" // lalr1.cc:859
-    {
-        //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0);
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as< std::string > ()));
-      }
-#line 3151 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 197:
-#line 1897 "seclang-parser.yy" // lalr1.cc:859
-    {
-        //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0);
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as< std::string > ()));
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ServerAddr());
       }
 #line 3160 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 198:
-#line 1902 "seclang-parser.yy" // lalr1.cc:859
+  case 236:
+#line 1828 "seclang-parser.yy" // lalr1.cc:859
     {
-        //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0);
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as< std::string > ()));
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ServerName());
       }
-#line 3169 "seclang-parser.cc" // lalr1.cc:859
+#line 3168 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 199:
-#line 1907 "seclang-parser.yy" // lalr1.cc:859
+  case 237:
+#line 1832 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::ctl::AuditLogParts(yystack_[0].value.as< std::string > ()));
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::ServerPort());
       }
-#line 3177 "seclang-parser.cc" // lalr1.cc:859
+#line 3176 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 200:
-#line 1911 "seclang-parser.yy" // lalr1.cc:859
+  case 238:
+#line 1836 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::ctl::RequestBodyProcessorJSON(yystack_[0].value.as< std::string > ()));
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::SessionID());
       }
-#line 3185 "seclang-parser.cc" // lalr1.cc:859
+#line 3184 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 201:
-#line 1915 "seclang-parser.yy" // lalr1.cc:859
+  case 239:
+#line 1840 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::ctl::RequestBodyProcessorXML(yystack_[0].value.as< std::string > ()));
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::UniqueID());
       }
-#line 3193 "seclang-parser.cc" // lalr1.cc:859
+#line 3192 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 202:
-#line 1919 "seclang-parser.yy" // lalr1.cc:859
+  case 240:
+#line 1844 "seclang-parser.yy" // lalr1.cc:859
     {
-        //ACTION_NOT_SUPPORTED("CtlForceReequestBody", @0);
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as< std::string > ()));
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::UrlEncodedError());
       }
-#line 3202 "seclang-parser.cc" // lalr1.cc:859
+#line 3200 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 203:
-#line 1924 "seclang-parser.yy" // lalr1.cc:859
+  case 241:
+#line 1848 "seclang-parser.yy" // lalr1.cc:859
     {
-        //ACTION_NOT_SUPPORTED("CtlForceReequestBody", @0);
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as< std::string > ()));
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::UserID());
       }
-#line 3211 "seclang-parser.cc" // lalr1.cc:859
+#line 3208 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 204:
-#line 1929 "seclang-parser.yy" // lalr1.cc:859
+  case 242:
+#line 1852 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::ctl::RequestBodyAccess(yystack_[1].value.as< std::string > () + "true"));
+        VARIABLE_CONTAINER(yylhs.value.as< std::unique_ptr<Variable> > (), new Variables::Status());
       }
-#line 3219 "seclang-parser.cc" // lalr1.cc:859
+#line 3216 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 205:
-#line 1933 "seclang-parser.yy" // lalr1.cc:859
+  case 243:
+#line 1856 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::ctl::RequestBodyAccess(yystack_[1].value.as< std::string > () + "false"));
+        std::string name(yystack_[0].value.as< std::string > ());
+        char z = name.at(0);
+        std::unique_ptr<Variable> c(new Duration(name));
+        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
       }
 #line 3227 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 206:
-#line 1937 "seclang-parser.yy" // lalr1.cc:859
+  case 244:
+#line 1864 "seclang-parser.yy" // lalr1.cc:859
     {
-        //ACTION_NOT_SUPPORTED("CtlRuleEngine", @0);
+        std::string name(yystack_[0].value.as< std::string > ());
+        char z = name.at(0);
+        std::unique_ptr<Variable> c(new ModsecBuild(name));
+        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+      }
+#line 3238 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 245:
+#line 1871 "seclang-parser.yy" // lalr1.cc:859
+    {
+        std::string name(yystack_[0].value.as< std::string > ());
+        char z = name.at(0);
+        std::unique_ptr<Variable> c(new HighestSeverity(name));
+        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+      }
+#line 3249 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 246:
+#line 1878 "seclang-parser.yy" // lalr1.cc:859
+    {
+        std::string name(yystack_[0].value.as< std::string > ());
+        char z = name.at(0);
+        std::unique_ptr<Variable> c(new RemoteUser(name));
+        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+      }
+#line 3260 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 247:
+#line 1885 "seclang-parser.yy" // lalr1.cc:859
+    {
+        std::string name(yystack_[0].value.as< std::string > ());
+        char z = name.at(0);
+        std::unique_ptr<Variable> c(new Time(name));
+        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+      }
+#line 3271 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 248:
+#line 1892 "seclang-parser.yy" // lalr1.cc:859
+    {
+        std::string name(yystack_[0].value.as< std::string > ());
+        char z = name.at(0);
+        std::unique_ptr<Variable> c(new TimeDay(name));
+        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+      }
+#line 3282 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 249:
+#line 1899 "seclang-parser.yy" // lalr1.cc:859
+    {
+        std::string name(yystack_[0].value.as< std::string > ());
+        char z = name.at(0);
+        std::unique_ptr<Variable> c(new TimeEpoch(name));
+        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+      }
+#line 3293 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 250:
+#line 1906 "seclang-parser.yy" // lalr1.cc:859
+    {
+        std::string name(yystack_[0].value.as< std::string > ());
+        char z = name.at(0);
+        std::unique_ptr<Variable> c(new TimeHour(name));
+        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+      }
+#line 3304 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 251:
+#line 1913 "seclang-parser.yy" // lalr1.cc:859
+    {
+        std::string name(yystack_[0].value.as< std::string > ());
+        char z = name.at(0);
+        std::unique_ptr<Variable> c(new TimeMin(name));
+        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+      }
+#line 3315 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 252:
+#line 1920 "seclang-parser.yy" // lalr1.cc:859
+    {
+        std::string name(yystack_[0].value.as< std::string > ());
+        char z = name.at(0);
+        std::unique_ptr<Variable> c(new TimeMon(name));
+        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+      }
+#line 3326 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 253:
+#line 1927 "seclang-parser.yy" // lalr1.cc:859
+    {
+        std::string name(yystack_[0].value.as< std::string > ());
+        char z = name.at(0);
+            std::unique_ptr<Variable> c(new TimeSec(name));
+            yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+      }
+#line 3337 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 254:
+#line 1934 "seclang-parser.yy" // lalr1.cc:859
+    {
+        std::string name(yystack_[0].value.as< std::string > ());
+        char z = name.at(0);
+        std::unique_ptr<Variable> c(new TimeWDay(name));
+        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+      }
+#line 3348 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 255:
+#line 1941 "seclang-parser.yy" // lalr1.cc:859
+    {
+        std::string name(yystack_[0].value.as< std::string > ());
+        char z = name.at(0);
+        std::unique_ptr<Variable> c(new TimeYear(name));
+        yylhs.value.as< std::unique_ptr<Variable> > () = std::move(c);
+      }
+#line 3359 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 256:
+#line 1951 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Accuracy(yystack_[0].value.as< std::string > ()));
+      }
+#line 3367 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 257:
+#line 1955 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::disruptive::Allow(yystack_[0].value.as< std::string > ()));
+      }
+#line 3375 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 258:
+#line 1959 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_NOT_SUPPORTED("Append", yystack_[1].location);
+      }
+#line 3383 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 259:
+#line 1963 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::AuditLog(yystack_[0].value.as< std::string > ()));
+      }
+#line 3391 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 260:
+#line 1967 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::disruptive::Block(yystack_[0].value.as< std::string > ()));
+      }
+#line 3399 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 261:
+#line 1971 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Capture(yystack_[0].value.as< std::string > ()));
+      }
+#line 3407 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 262:
+#line 1975 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Chain(yystack_[0].value.as< std::string > ()));
+      }
+#line 3415 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 263:
+#line 1979 "seclang-parser.yy" // lalr1.cc:859
+    {
+        //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0);
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as< std::string > ()));
       }
-#line 3236 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 207:
-#line 1942 "seclang-parser.yy" // lalr1.cc:859
-    {
-        //ACTION_NOT_SUPPORTED("CtlRuleEngine", @0);
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as< std::string > ()));
-      }
-#line 3245 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 208:
-#line 1947 "seclang-parser.yy" // lalr1.cc:859
-    {
-        //ACTION_NOT_SUPPORTED("CtlRuleEngine", @0);
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as< std::string > ()));
-      }
-#line 3254 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 209:
-#line 1952 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::ctl::RuleRemoveById(yystack_[0].value.as< std::string > ()));
-      }
-#line 3262 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 210:
-#line 1956 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::ctl::RuleRemoveTargetById(yystack_[0].value.as< std::string > ()));
-      }
-#line 3270 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 211:
-#line 1960 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::ctl::RuleRemoveTargetByTag(yystack_[0].value.as< std::string > ()));
-      }
-#line 3278 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 212:
-#line 1964 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::disruptive::Deny(yystack_[0].value.as< std::string > ()));
-      }
-#line 3286 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 213:
-#line 1968 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_NOT_SUPPORTED("DeprecateVar", yystack_[1].location);
-      }
-#line 3294 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 214:
-#line 1972 "seclang-parser.yy" // lalr1.cc:859
-    {
-        //ACTION_NOT_SUPPORTED("Drop", @0);
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[0].value.as< std::string > ()));
-      }
-#line 3303 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 215:
-#line 1977 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_NOT_SUPPORTED("Exec", yystack_[1].location);
-      }
-#line 3311 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 216:
-#line 1981 "seclang-parser.yy" // lalr1.cc:859
-    {
-        //ACTION_NOT_SUPPORTED("ExpireVar", @0);
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[0].value.as< std::string > ()));
-      }
-#line 3320 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 217:
-#line 1986 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::RuleId(yystack_[0].value.as< std::string > ()));
-      }
-#line 3328 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 218:
-#line 1990 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::InitCol(yystack_[0].value.as< std::string > ()));
-      }
-#line 3336 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 219:
-#line 1994 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::LogData(yystack_[0].value.as< std::string > ()));
-      }
-#line 3344 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 220:
-#line 1998 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Log(yystack_[0].value.as< std::string > ()));
-      }
-#line 3352 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 221:
-#line 2002 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Maturity(yystack_[0].value.as< std::string > ()));
-      }
-#line 3360 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 222:
-#line 2006 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Msg(yystack_[0].value.as< std::string > ()));
-      }
-#line 3368 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 223:
-#line 2010 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::MultiMatch(yystack_[0].value.as< std::string > ()));
-      }
-#line 3376 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 224:
-#line 2014 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::NoAuditLog(yystack_[0].value.as< std::string > ()));
-      }
-#line 3384 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 225:
-#line 2018 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::NoLog(yystack_[0].value.as< std::string > ()));
-      }
-#line 3392 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 226:
-#line 2022 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::disruptive::Pass(yystack_[0].value.as< std::string > ()));
-      }
-#line 3400 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 227:
-#line 2026 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_NOT_SUPPORTED("Pause", yystack_[1].location);
-      }
-#line 3408 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 228:
-#line 2030 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Phase(yystack_[0].value.as< std::string > ()));
-      }
-#line 3416 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 229:
-#line 2034 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_NOT_SUPPORTED("Prepend", yystack_[1].location);
-      }
 #line 3424 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 230:
-#line 2038 "seclang-parser.yy" // lalr1.cc:859
+  case 264:
+#line 1984 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_NOT_SUPPORTED("Proxy", yystack_[1].location);
+        //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0);
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as< std::string > ()));
       }
-#line 3432 "seclang-parser.cc" // lalr1.cc:859
+#line 3433 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 231:
-#line 2042 "seclang-parser.yy" // lalr1.cc:859
+  case 265:
+#line 1989 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::disruptive::Redirect(yystack_[0].value.as< std::string > ()));
+        //ACTION_NOT_SUPPORTED("CtlAuditEngine", @0);
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as< std::string > ()));
       }
-#line 3440 "seclang-parser.cc" // lalr1.cc:859
+#line 3442 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 232:
-#line 2046 "seclang-parser.yy" // lalr1.cc:859
+  case 266:
+#line 1994 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Rev(yystack_[0].value.as< std::string > ()));
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::ctl::AuditLogParts(yystack_[0].value.as< std::string > ()));
       }
-#line 3448 "seclang-parser.cc" // lalr1.cc:859
+#line 3450 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 233:
-#line 2050 "seclang-parser.yy" // lalr1.cc:859
+  case 267:
+#line 1998 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_NOT_SUPPORTED("SanatiseArg", yystack_[1].location);
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::ctl::RequestBodyProcessorJSON(yystack_[0].value.as< std::string > ()));
       }
-#line 3456 "seclang-parser.cc" // lalr1.cc:859
+#line 3458 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 234:
-#line 2054 "seclang-parser.yy" // lalr1.cc:859
+  case 268:
+#line 2002 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_NOT_SUPPORTED("SanatiseMatched", yystack_[1].location);
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::ctl::RequestBodyProcessorXML(yystack_[0].value.as< std::string > ()));
       }
-#line 3464 "seclang-parser.cc" // lalr1.cc:859
+#line 3466 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 235:
-#line 2058 "seclang-parser.yy" // lalr1.cc:859
+  case 269:
+#line 2006 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_NOT_SUPPORTED("SanatiseMatchedBytes", yystack_[1].location);
+        //ACTION_NOT_SUPPORTED("CtlForceReequestBody", @0);
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as< std::string > ()));
       }
-#line 3472 "seclang-parser.cc" // lalr1.cc:859
+#line 3475 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 236:
-#line 2062 "seclang-parser.yy" // lalr1.cc:859
+  case 270:
+#line 2011 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_NOT_SUPPORTED("SanatiseRequestHeader", yystack_[1].location);
+        //ACTION_NOT_SUPPORTED("CtlForceReequestBody", @0);
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as< std::string > ()));
       }
-#line 3480 "seclang-parser.cc" // lalr1.cc:859
+#line 3484 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 237:
-#line 2066 "seclang-parser.yy" // lalr1.cc:859
+  case 271:
+#line 2016 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_NOT_SUPPORTED("SanatiseResponseHeader", yystack_[1].location);
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::ctl::RequestBodyAccess(yystack_[1].value.as< std::string > () + "true"));
       }
-#line 3488 "seclang-parser.cc" // lalr1.cc:859
+#line 3492 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 238:
-#line 2070 "seclang-parser.yy" // lalr1.cc:859
+  case 272:
+#line 2020 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_NOT_SUPPORTED("SetEnv", yystack_[1].location);
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::ctl::RequestBodyAccess(yystack_[1].value.as< std::string > () + "false"));
       }
-#line 3496 "seclang-parser.cc" // lalr1.cc:859
+#line 3500 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 239:
-#line 2074 "seclang-parser.yy" // lalr1.cc:859
+  case 273:
+#line 2024 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_NOT_SUPPORTED("SetRSC", yystack_[1].location);
+        //ACTION_NOT_SUPPORTED("CtlRuleEngine", @0);
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as< std::string > ()));
       }
-#line 3504 "seclang-parser.cc" // lalr1.cc:859
+#line 3509 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 240:
-#line 2078 "seclang-parser.yy" // lalr1.cc:859
+  case 274:
+#line 2029 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::SetSID(yystack_[0].value.as< std::string > ()));
+        //ACTION_NOT_SUPPORTED("CtlRuleEngine", @0);
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as< std::string > ()));
       }
-#line 3512 "seclang-parser.cc" // lalr1.cc:859
+#line 3518 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 241:
-#line 2082 "seclang-parser.yy" // lalr1.cc:859
+  case 275:
+#line 2034 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::SetUID(yystack_[0].value.as< std::string > ()));
+        //ACTION_NOT_SUPPORTED("CtlRuleEngine", @0);
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[1].value.as< std::string > ()));
       }
-#line 3520 "seclang-parser.cc" // lalr1.cc:859
+#line 3527 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 242:
-#line 2086 "seclang-parser.yy" // lalr1.cc:859
+  case 276:
+#line 2039 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::SetVar(actions::SetVarOperation::unsetOperation, yystack_[0].value.as< std::string > ()));
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::ctl::RuleRemoveById(yystack_[0].value.as< std::string > ()));
       }
-#line 3528 "seclang-parser.cc" // lalr1.cc:859
+#line 3535 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 243:
-#line 2090 "seclang-parser.yy" // lalr1.cc:859
+  case 277:
+#line 2043 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::SetVar(actions::SetVarOperation::setToOneOperation, yystack_[0].value.as< std::string > ()));
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::ctl::RuleRemoveTargetById(yystack_[0].value.as< std::string > ()));
       }
-#line 3536 "seclang-parser.cc" // lalr1.cc:859
+#line 3543 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 244:
-#line 2094 "seclang-parser.yy" // lalr1.cc:859
+  case 278:
+#line 2047 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::SetVar(actions::SetVarOperation::setOperation, yystack_[2].value.as< std::string > (), yystack_[0].value.as< std::string > ()));
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::ctl::RuleRemoveTargetByTag(yystack_[0].value.as< std::string > ()));
       }
-#line 3544 "seclang-parser.cc" // lalr1.cc:859
+#line 3551 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 245:
-#line 2098 "seclang-parser.yy" // lalr1.cc:859
+  case 279:
+#line 2051 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::SetVar(actions::SetVarOperation::sumAndSetOperation, yystack_[2].value.as< std::string > (), yystack_[0].value.as< std::string > ()));
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::disruptive::Deny(yystack_[0].value.as< std::string > ()));
       }
-#line 3552 "seclang-parser.cc" // lalr1.cc:859
+#line 3559 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 246:
-#line 2102 "seclang-parser.yy" // lalr1.cc:859
+  case 280:
+#line 2055 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::SetVar(actions::SetVarOperation::substractAndSetOperation, yystack_[2].value.as< std::string > (), yystack_[0].value.as< std::string > ()));
+        ACTION_NOT_SUPPORTED("DeprecateVar", yystack_[1].location);
       }
-#line 3560 "seclang-parser.cc" // lalr1.cc:859
+#line 3567 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 247:
-#line 2106 "seclang-parser.yy" // lalr1.cc:859
+  case 281:
+#line 2059 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Severity(yystack_[0].value.as< std::string > ()));
-      }
-#line 3568 "seclang-parser.cc" // lalr1.cc:859
-    break;
-
-  case 248:
-#line 2110 "seclang-parser.yy" // lalr1.cc:859
-    {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Skip(yystack_[0].value.as< std::string > ()));
+        //ACTION_NOT_SUPPORTED("Drop", @0);
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[0].value.as< std::string > ()));
       }
 #line 3576 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 249:
-#line 2114 "seclang-parser.yy" // lalr1.cc:859
+  case 282:
+#line 2064 "seclang-parser.yy" // lalr1.cc:859
     {
-        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::SkipAfter(yystack_[0].value.as< std::string > ()));
+        ACTION_NOT_SUPPORTED("Exec", yystack_[1].location);
       }
 #line 3584 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 250:
-#line 2118 "seclang-parser.yy" // lalr1.cc:859
+  case 283:
+#line 2068 "seclang-parser.yy" // lalr1.cc:859
+    {
+        //ACTION_NOT_SUPPORTED("ExpireVar", @0);
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Action(yystack_[0].value.as< std::string > ()));
+      }
+#line 3593 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 284:
+#line 2073 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::RuleId(yystack_[0].value.as< std::string > ()));
+      }
+#line 3601 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 285:
+#line 2077 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::InitCol(yystack_[0].value.as< std::string > ()));
+      }
+#line 3609 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 286:
+#line 2081 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::LogData(yystack_[0].value.as< std::string > ()));
+      }
+#line 3617 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 287:
+#line 2085 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Log(yystack_[0].value.as< std::string > ()));
+      }
+#line 3625 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 288:
+#line 2089 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Maturity(yystack_[0].value.as< std::string > ()));
+      }
+#line 3633 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 289:
+#line 2093 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Msg(yystack_[0].value.as< std::string > ()));
+      }
+#line 3641 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 290:
+#line 2097 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::MultiMatch(yystack_[0].value.as< std::string > ()));
+      }
+#line 3649 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 291:
+#line 2101 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::NoAuditLog(yystack_[0].value.as< std::string > ()));
+      }
+#line 3657 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 292:
+#line 2105 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::NoLog(yystack_[0].value.as< std::string > ()));
+      }
+#line 3665 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 293:
+#line 2109 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::disruptive::Pass(yystack_[0].value.as< std::string > ()));
+      }
+#line 3673 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 294:
+#line 2113 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_NOT_SUPPORTED("Pause", yystack_[1].location);
+      }
+#line 3681 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 295:
+#line 2117 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Phase(yystack_[0].value.as< std::string > ()));
+      }
+#line 3689 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 296:
+#line 2121 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_NOT_SUPPORTED("Prepend", yystack_[1].location);
+      }
+#line 3697 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 297:
+#line 2125 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_NOT_SUPPORTED("Proxy", yystack_[1].location);
+      }
+#line 3705 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 298:
+#line 2129 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::disruptive::Redirect(yystack_[0].value.as< std::string > ()));
+      }
+#line 3713 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 299:
+#line 2133 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Rev(yystack_[0].value.as< std::string > ()));
+      }
+#line 3721 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 300:
+#line 2137 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_NOT_SUPPORTED("SanatiseArg", yystack_[1].location);
+      }
+#line 3729 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 301:
+#line 2141 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_NOT_SUPPORTED("SanatiseMatched", yystack_[1].location);
+      }
+#line 3737 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 302:
+#line 2145 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_NOT_SUPPORTED("SanatiseMatchedBytes", yystack_[1].location);
+      }
+#line 3745 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 303:
+#line 2149 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_NOT_SUPPORTED("SanatiseRequestHeader", yystack_[1].location);
+      }
+#line 3753 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 304:
+#line 2153 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_NOT_SUPPORTED("SanatiseResponseHeader", yystack_[1].location);
+      }
+#line 3761 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 305:
+#line 2157 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_NOT_SUPPORTED("SetEnv", yystack_[1].location);
+      }
+#line 3769 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 306:
+#line 2161 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_NOT_SUPPORTED("SetRSC", yystack_[1].location);
+      }
+#line 3777 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 307:
+#line 2165 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::SetSID(yystack_[0].value.as< std::string > ()));
+      }
+#line 3785 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 308:
+#line 2169 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::SetUID(yystack_[0].value.as< std::string > ()));
+      }
+#line 3793 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 309:
+#line 2173 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::SetVar(actions::SetVarOperation::unsetOperation, yystack_[0].value.as< std::string > ()));
+      }
+#line 3801 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 310:
+#line 2177 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::SetVar(actions::SetVarOperation::setToOneOperation, yystack_[0].value.as< std::string > ()));
+      }
+#line 3809 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 311:
+#line 2181 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::SetVar(actions::SetVarOperation::setOperation, yystack_[2].value.as< std::string > (), yystack_[0].value.as< std::string > ()));
+      }
+#line 3817 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 312:
+#line 2185 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::SetVar(actions::SetVarOperation::sumAndSetOperation, yystack_[2].value.as< std::string > (), yystack_[0].value.as< std::string > ()));
+      }
+#line 3825 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 313:
+#line 2189 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::SetVar(actions::SetVarOperation::substractAndSetOperation, yystack_[2].value.as< std::string > (), yystack_[0].value.as< std::string > ()));
+      }
+#line 3833 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 314:
+#line 2193 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Severity(yystack_[0].value.as< std::string > ()));
+      }
+#line 3841 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 315:
+#line 2197 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Skip(yystack_[0].value.as< std::string > ()));
+      }
+#line 3849 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 316:
+#line 2201 "seclang-parser.yy" // lalr1.cc:859
+    {
+        ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::SkipAfter(yystack_[0].value.as< std::string > ()));
+      }
+#line 3857 "seclang-parser.cc" // lalr1.cc:859
+    break;
+
+  case 317:
+#line 2205 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::data::Status(yystack_[0].value.as< std::string > ()));
       }
-#line 3592 "seclang-parser.cc" // lalr1.cc:859
+#line 3865 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 251:
-#line 2122 "seclang-parser.yy" // lalr1.cc:859
+  case 318:
+#line 2209 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Tag(yystack_[0].value.as< std::string > ()));
       }
-#line 3600 "seclang-parser.cc" // lalr1.cc:859
+#line 3873 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 252:
-#line 2126 "seclang-parser.yy" // lalr1.cc:859
+  case 319:
+#line 2213 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::Ver(yystack_[0].value.as< std::string > ()));
       }
-#line 3608 "seclang-parser.cc" // lalr1.cc:859
+#line 3881 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 253:
-#line 2130 "seclang-parser.yy" // lalr1.cc:859
+  case 320:
+#line 2217 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::XmlNS(yystack_[0].value.as< std::string > ()));
       }
-#line 3616 "seclang-parser.cc" // lalr1.cc:859
+#line 3889 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 254:
-#line 2134 "seclang-parser.yy" // lalr1.cc:859
+  case 321:
+#line 2221 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::ParityZero7bit(yystack_[0].value.as< std::string > ()));
       }
-#line 3624 "seclang-parser.cc" // lalr1.cc:859
+#line 3897 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 255:
-#line 2138 "seclang-parser.yy" // lalr1.cc:859
+  case 322:
+#line 2225 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::ParityOdd7bit(yystack_[0].value.as< std::string > ()));
       }
-#line 3632 "seclang-parser.cc" // lalr1.cc:859
+#line 3905 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 256:
-#line 2142 "seclang-parser.yy" // lalr1.cc:859
+  case 323:
+#line 2229 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::ParityEven7bit(yystack_[0].value.as< std::string > ()));
       }
-#line 3640 "seclang-parser.cc" // lalr1.cc:859
+#line 3913 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 257:
-#line 2146 "seclang-parser.yy" // lalr1.cc:859
+  case 324:
+#line 2233 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::SqlHexDecode(yystack_[0].value.as< std::string > ()));
       }
-#line 3648 "seclang-parser.cc" // lalr1.cc:859
+#line 3921 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 258:
-#line 2150 "seclang-parser.yy" // lalr1.cc:859
+  case 325:
+#line 2237 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::CmdLine(yystack_[0].value.as< std::string > ()));
       }
-#line 3656 "seclang-parser.cc" // lalr1.cc:859
+#line 3929 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 259:
-#line 2154 "seclang-parser.yy" // lalr1.cc:859
+  case 326:
+#line 2241 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::Sha1(yystack_[0].value.as< std::string > ()));
       }
-#line 3664 "seclang-parser.cc" // lalr1.cc:859
+#line 3937 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 260:
-#line 2158 "seclang-parser.yy" // lalr1.cc:859
+  case 327:
+#line 2245 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::Md5(yystack_[0].value.as< std::string > ()));
       }
-#line 3672 "seclang-parser.cc" // lalr1.cc:859
+#line 3945 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 261:
-#line 2162 "seclang-parser.yy" // lalr1.cc:859
+  case 328:
+#line 2249 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::HexEncode(yystack_[0].value.as< std::string > ()));
       }
-#line 3680 "seclang-parser.cc" // lalr1.cc:859
+#line 3953 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 262:
-#line 2166 "seclang-parser.yy" // lalr1.cc:859
+  case 329:
+#line 2253 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::LowerCase(yystack_[0].value.as< std::string > ()));
       }
-#line 3688 "seclang-parser.cc" // lalr1.cc:859
+#line 3961 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 263:
-#line 2170 "seclang-parser.yy" // lalr1.cc:859
+  case 330:
+#line 2257 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::UrlDecodeUni(yystack_[0].value.as< std::string > ()));
       }
-#line 3696 "seclang-parser.cc" // lalr1.cc:859
+#line 3969 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 264:
-#line 2174 "seclang-parser.yy" // lalr1.cc:859
+  case 331:
+#line 2261 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::UrlDecode(yystack_[0].value.as< std::string > ()));
       }
-#line 3704 "seclang-parser.cc" // lalr1.cc:859
+#line 3977 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 265:
-#line 2178 "seclang-parser.yy" // lalr1.cc:859
+  case 332:
+#line 2265 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::None(yystack_[0].value.as< std::string > ()));
       }
-#line 3712 "seclang-parser.cc" // lalr1.cc:859
+#line 3985 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 266:
-#line 2182 "seclang-parser.yy" // lalr1.cc:859
+  case 333:
+#line 2269 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::CompressWhitespace(yystack_[0].value.as< std::string > ()));
       }
-#line 3720 "seclang-parser.cc" // lalr1.cc:859
+#line 3993 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 267:
-#line 2186 "seclang-parser.yy" // lalr1.cc:859
+  case 334:
+#line 2273 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::RemoveWhitespace(yystack_[0].value.as< std::string > ()));
       }
-#line 3728 "seclang-parser.cc" // lalr1.cc:859
+#line 4001 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 268:
-#line 2190 "seclang-parser.yy" // lalr1.cc:859
+  case 335:
+#line 2277 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::ReplaceNulls(yystack_[0].value.as< std::string > ()));
       }
-#line 3736 "seclang-parser.cc" // lalr1.cc:859
+#line 4009 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 269:
-#line 2194 "seclang-parser.yy" // lalr1.cc:859
+  case 336:
+#line 2281 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::RemoveNulls(yystack_[0].value.as< std::string > ()));
       }
-#line 3744 "seclang-parser.cc" // lalr1.cc:859
+#line 4017 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 270:
-#line 2198 "seclang-parser.yy" // lalr1.cc:859
+  case 337:
+#line 2285 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::HtmlEntityDecode(yystack_[0].value.as< std::string > ()));
       }
-#line 3752 "seclang-parser.cc" // lalr1.cc:859
+#line 4025 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 271:
-#line 2202 "seclang-parser.yy" // lalr1.cc:859
+  case 338:
+#line 2289 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::JsDecode(yystack_[0].value.as< std::string > ()));
       }
-#line 3760 "seclang-parser.cc" // lalr1.cc:859
+#line 4033 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 272:
-#line 2206 "seclang-parser.yy" // lalr1.cc:859
+  case 339:
+#line 2293 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::CssDecode(yystack_[0].value.as< std::string > ()));
       }
-#line 3768 "seclang-parser.cc" // lalr1.cc:859
+#line 4041 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 273:
-#line 2210 "seclang-parser.yy" // lalr1.cc:859
+  case 340:
+#line 2297 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::Trim(yystack_[0].value.as< std::string > ()));
       }
-#line 3776 "seclang-parser.cc" // lalr1.cc:859
+#line 4049 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 274:
-#line 2214 "seclang-parser.yy" // lalr1.cc:859
+  case 341:
+#line 2301 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::NormalisePathWin(yystack_[0].value.as< std::string > ()));
       }
-#line 3784 "seclang-parser.cc" // lalr1.cc:859
+#line 4057 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 275:
-#line 2218 "seclang-parser.yy" // lalr1.cc:859
+  case 342:
+#line 2305 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::NormalisePath(yystack_[0].value.as< std::string > ()));
       }
-#line 3792 "seclang-parser.cc" // lalr1.cc:859
+#line 4065 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 276:
-#line 2222 "seclang-parser.yy" // lalr1.cc:859
+  case 343:
+#line 2309 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::Length(yystack_[0].value.as< std::string > ()));
       }
-#line 3800 "seclang-parser.cc" // lalr1.cc:859
+#line 4073 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 277:
-#line 2226 "seclang-parser.yy" // lalr1.cc:859
+  case 344:
+#line 2313 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::Utf8ToUnicode(yystack_[0].value.as< std::string > ()));
       }
-#line 3808 "seclang-parser.cc" // lalr1.cc:859
+#line 4081 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 278:
-#line 2230 "seclang-parser.yy" // lalr1.cc:859
+  case 345:
+#line 2317 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::RemoveCommentsChar(yystack_[0].value.as< std::string > ()));
       }
-#line 3816 "seclang-parser.cc" // lalr1.cc:859
+#line 4089 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 279:
-#line 2234 "seclang-parser.yy" // lalr1.cc:859
+  case 346:
+#line 2321 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::RemoveComments(yystack_[0].value.as< std::string > ()));
       }
-#line 3824 "seclang-parser.cc" // lalr1.cc:859
+#line 4097 "seclang-parser.cc" // lalr1.cc:859
     break;
 
-  case 280:
-#line 2238 "seclang-parser.yy" // lalr1.cc:859
+  case 347:
+#line 2325 "seclang-parser.yy" // lalr1.cc:859
     {
         ACTION_CONTAINER(yylhs.value.as< std::unique_ptr<actions::Action> > (), new actions::transformations::ReplaceComments(yystack_[0].value.as< std::string > ()));
       }
-#line 3832 "seclang-parser.cc" // lalr1.cc:859
+#line 4105 "seclang-parser.cc" // lalr1.cc:859
     break;
 
 
-#line 3836 "seclang-parser.cc" // lalr1.cc:859
+#line 4109 "seclang-parser.cc" // lalr1.cc:859
             default:
               break;
             }
@@ -4087,48 +4360,55 @@ namespace yy {
   }
 
 
-  const short int seclang_parser::yypact_ninf_ = -257;
+  const short int seclang_parser::yypact_ninf_ = -273;
 
   const signed char seclang_parser::yytable_ninf_ = -1;
 
   const short int
   seclang_parser::yypact_[] =
   {
-       4,  -257,  -257,  -257,  -257,  -176,  -257,  -257,  -257,  -257,
-    -257,  -179,  -257,  -257,  -257,  -257,  -257,  -182,  -257,  -257,
-     -63,  -257,   -58,  -257,   -59,  -164,   330,   330,  -257,  -257,
-    -257,  -181,  -257,   -54,   -52,  -257,  -257,  -257,   -50,  -257,
-    -257,  -257,  -257,  -257,  -257,    27,   330,   188,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,   -64,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -170,  -257,  -257,  -257,
-     -48,   -46,  -160,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-     416,  -257,    12,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -256,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,    85,  -257,
-    -257,  -257,  -257,  -240,   -34,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,    -2,   416,  -257,  -257,    27,
-    -116,  -178,  -172,   -78,  -257,  -257,   -61,   -60,   -57,   -56,
-    -257,   -55,   -15,   -14,   -13,   -12,   -11,   -10,    -9,    -7,
-      -6,     5,     6,  -257,     7,     8,  -257,     9,    10,    11,
-      13,  -257,  -257,    14,    15,    16,    17,   330,  -257,  -257,
-      18,    19,    20,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,  -257,
-    -257
+     297,  -273,  -273,  -273,  -273,  -205,  -273,  -273,  -273,  -273,
+    -273,  -209,  -273,  -273,  -273,  -273,  -273,    66,  -273,  -273,
+    -212,  -273,    69,  -273,   122,  -197,   495,   495,  -273,  -273,
+    -273,  -208,  -273,   127,   129,  -273,  -273,  -273,   131,  -273,
+    -273,  -273,  -273,  -273,  -273,    14,   495,   353,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,   179,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,    52,  -273,  -273,  -273,
+     133,   136,    61,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+     581,  -273,     4,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,   176,   176,    67,    70,    72,    74,    76,
+      78,    80,    95,    97,    99,   101,   103,   105,   107,   109,
+     111,  -273,  -273,   113,  -273,  -273,  -273,  -273,   115,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,   117,   119,
+     121,   123,   175,   180,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,   177,  -273,  -273,
+    -273,  -273,  -272,   187,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,    -2,   581,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,    96,    68,  -215,  -131,
+      31,  -273,  -273,    34,    38,    43,    51,  -273,   106,   118,
+     215,   233,   236,   237,   238,   239,   240,   279,   280,   281,
+    -273,   282,   283,  -273,   284,   285,   286,   287,  -273,  -273,
+     333,   334,   335,   336,   495,  -273,  -273,   337,   338,   339,
+    -273,  -273,   176,   176,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,  -273,
+    -273,  -273
   };
 
   const unsigned short int
@@ -4140,249 +4420,307 @@ namespace yy {
      109,     0,    84,     0,     0,    23,    21,    22,     0,   100,
      105,   106,   104,   107,   103,     0,     0,     0,     4,    69,
        5,     9,    10,     8,    18,    17,    16,    80,    79,    92,
-      93,    82,    81,    94,    95,    78,    76,    77,     0,   189,
-     190,   191,   192,   193,   194,   195,     0,   199,   200,   201,
-       0,     0,     0,   209,   210,   211,   212,   213,   214,   215,
-     216,   217,   218,   220,   219,   221,   222,   223,   224,   225,
-     226,   227,   228,   229,   230,   231,   232,   233,   234,   235,
-     236,   237,   238,   239,   240,   241,   247,   248,   249,   250,
-     251,   258,   266,   272,   261,   270,   271,   276,   262,   260,
-     265,   275,   274,   256,   255,   254,   279,   278,   269,   267,
-     280,   268,   259,   257,   273,   264,   263,   277,   252,   253,
+      93,    82,    81,    94,    95,    78,    76,    77,     0,   256,
+     257,   258,   259,   260,   261,   262,     0,   266,   267,   268,
+       0,     0,     0,   276,   277,   278,   279,   280,   281,   282,
+     283,   284,   285,   287,   286,   288,   289,   290,   291,   292,
+     293,   294,   295,   296,   297,   298,   299,   300,   301,   302,
+     303,   304,   305,   306,   307,   308,   314,   315,   316,   317,
+     318,   325,   333,   339,   328,   337,   338,   343,   329,   327,
+     332,   342,   341,   323,   322,   321,   346,   345,   336,   334,
+     347,   335,   326,   324,   340,   331,   330,   344,   319,   320,
        0,    72,    27,    29,    74,    96,    97,    20,    19,    25,
-      24,   101,   102,   115,   121,   116,   112,   117,   122,   123,
-     124,   125,   126,   127,   128,   129,   130,   131,   132,   133,
-     134,   135,   136,   137,   138,   139,   140,   141,   142,   143,
-     145,   144,   148,   147,   146,   149,   151,   150,   152,   118,
-     153,   154,   155,   157,   156,   158,   159,   160,   119,   120,
-     161,   162,   163,   164,   165,   166,   167,   168,   169,   175,
-     173,   174,   176,   177,   188,   178,   179,   180,   181,   182,
-     183,   184,   185,   186,   187,   171,   170,   172,     0,   111,
-      73,     1,     3,     0,   243,   197,   196,   198,   203,   202,
-     205,   204,   208,   207,   206,     0,     0,   113,   114,     0,
-       0,     0,     0,     0,    35,    36,     0,     0,     0,     0,
-      68,     0,     0,     0,     0,     0,     0,     0,     0,     0,
-       0,     0,     0,    32,     0,     0,    34,     0,     0,     0,
-       0,    37,    38,     0,     0,     0,     0,    71,    30,   242,
-       0,     0,     0,    26,    28,   110,    33,    31,    67,    52,
-      51,    53,    54,    40,    55,    48,    56,    39,    58,    57,
-      59,    60,    62,    61,    63,    49,    64,    65,    66,    41,
-      42,    43,    44,    45,    46,    47,    50,    70,   244,   245,
-     246
+      24,   101,   102,     0,     0,   118,   121,   124,   127,   130,
+     133,   136,   139,   142,   145,   148,   151,   154,   157,   160,
+     163,   194,   189,   166,   188,   190,   195,   196,   175,   197,
+     198,   199,   200,   201,   202,   203,   204,   205,   206,   207,
+     208,   209,   210,   211,   212,   213,   214,   215,   217,   216,
+     220,   219,   218,   221,   223,   222,   224,   191,   225,   226,
+     227,   229,   228,   230,   231,   232,   192,   193,   233,   234,
+     235,   236,   237,   238,   239,   240,   241,   242,   178,   181,
+     184,   187,   169,   172,   244,   243,   245,   246,   247,   248,
+     249,   250,   251,   252,   253,   254,   255,     0,   113,    73,
+       1,     3,     0,   310,   264,   263,   265,   270,   269,   272,
+     271,   275,   274,   273,     0,     0,   115,   114,   116,   117,
+     119,   120,   122,   123,   125,   126,   128,   129,   131,   132,
+     134,   135,   137,   138,   140,   141,   143,   144,   146,   147,
+     149,   150,   152,   153,   155,   156,   158,   159,   161,   162,
+     164,   165,   173,   174,   176,   177,   179,   180,   182,   183,
+     185,   186,   167,   168,   170,   171,     0,     0,     0,     0,
+       0,    35,    36,     0,     0,     0,     0,    68,     0,     0,
+       0,     0,     0,     0,     0,     0,     0,     0,     0,     0,
+      32,     0,     0,    34,     0,     0,     0,     0,    37,    38,
+       0,     0,     0,     0,    71,    30,   309,     0,     0,     0,
+      26,    28,     0,     0,   110,    33,    31,    67,    52,    51,
+      53,    54,    40,    55,    48,    56,    39,    58,    57,    59,
+      60,    62,    61,    63,    49,    64,    65,    66,    41,    42,
+      43,    44,    45,    46,    47,    50,    70,   311,   312,   313,
+     112,   111
   };
 
   const short int
   seclang_parser::yypgoto_[] =
   {
-    -257,  -257,    98,  -257,   -27,    -4,  -257,  -110,  -257,  -257,
-     -51,   -40
+    -273,  -273,   -29,  -273,   -27,   420,  -273,   244,  -273,  -273,
+     135,   298
   };
 
   const short int
   seclang_parser::yydefgoto_[] =
   {
-      -1,    47,    48,    49,   151,   152,   297,   298,    50,   238,
-     239,   153
+      -1,    47,    48,    49,   151,   152,   364,   365,    50,   257,
+     258,   153
   };
 
   const unsigned short int
   seclang_parser::yytable_[] =
   {
-     154,   256,   243,   155,     1,    57,    58,    54,   257,   258,
-      55,    51,    52,   156,    56,   256,    53,   245,   246,   240,
-     299,    65,   247,    66,    67,   252,   308,   253,   254,   300,
-     301,   302,   309,   163,   164,   165,   166,   167,   168,   169,
-     170,   171,   172,   173,   174,   175,   176,   177,   178,   179,
-     180,   181,   182,   183,   184,   185,   186,   187,   188,   189,
-     190,   191,   192,   193,   194,   195,   196,   197,   198,   199,
-     200,   201,   202,   203,   204,   205,   206,   207,   208,   209,
-     210,   211,   212,   213,   214,   215,   216,   217,   218,   259,
-     261,   262,   263,   264,   265,   266,   267,   268,   269,   270,
-     271,   272,   273,   274,   275,   276,   277,   278,   279,   280,
-     281,   282,   306,   284,   285,   286,   287,   288,   289,   290,
-     291,   292,   293,   294,   295,   296,   310,    59,    60,    61,
-      62,    63,    64,   157,   158,   159,   160,   161,   162,   248,
-     249,   250,   251,   311,   312,   242,   255,   313,   314,   315,
-     307,   260,     2,     3,     4,     5,     6,     7,     8,     9,
-      10,    11,    12,    13,    14,    15,    16,    17,    18,    19,
-      20,    21,    22,    23,    24,    25,    26,    27,    28,    29,
-      30,    31,    32,    33,    34,    35,    36,    37,   241,   316,
-     317,   318,   319,   320,   321,   322,   244,   323,   324,    38,
-      39,    40,    41,    42,    43,    44,    45,    46,   305,   325,
-     326,   327,   328,   329,   330,   331,   304,   332,   333,   334,
-     335,   336,   338,   339,   340,     0,     0,     0,     0,     0,
-       0,     0,     0,     0,     0,     0,     0,     0,     0,     0,
-       0,   303,     0,     0,     0,     0,     0,     0,     0,     0,
-       0,     0,     0,     0,     0,     0,     0,     0,     0,     0,
-       0,     0,     0,     0,     0,     0,     0,     0,     0,     0,
-     337,   219,   220,   221,   222,   223,   224,   225,   226,   227,
-     228,   229,   230,   231,   232,   233,   234,     0,   235,   236,
-     237,   261,   262,   263,   264,   265,   266,   267,   268,   269,
-     270,   271,   272,   273,   274,   275,   276,   277,   278,   279,
-     280,   281,   282,   283,   284,   285,   286,   287,   288,   289,
-     290,   291,   292,   293,   294,   295,   296,     0,     0,     0,
-       0,     0,     0,     0,     0,     0,     2,     3,     4,     5,
-       6,     7,     8,     9,    10,    11,    12,    13,    14,    15,
-      16,    17,    18,    19,    20,    21,    22,    23,    24,    25,
-      26,    27,    28,    29,    30,    31,    32,    33,    34,    35,
-      36,    37,     0,     0,     0,     0,     0,     0,     0,     0,
-       0,     0,     0,    38,    39,    40,    41,    42,    43,    44,
-      45,    46,    68,     0,     0,     0,     0,    69,    70,    71,
-      72,    73,    74,    75,    76,    77,    78,    79,    80,    81,
-      82,    83,    84,    85,    86,    87,    88,    89,    90,    91,
-      92,    93,    94,    95,    96,    97,    98,    99,   100,   101,
-     102,   103,   104,   105,   106,   107,   108,   109,   110,   111,
-     112,   113,   114,   115,   116,   117,   118,   119,   120,   121,
-     122,   123,   124,   125,   126,   127,   128,   129,   130,   131,
-     132,   133,   134,   135,   136,   137,   138,   139,   140,   141,
-     142,   143,   144,   145,   146,   147,   148,   149,    68,     0,
-       0,     0,     0,    69,    70,    71,    72,    73,    74,    75,
-      76,    77,    78,    79,    80,    81,    82,    83,    84,    85,
-      86,    87,    88,    89,    90,    91,    92,    93,    94,    95,
-      96,    97,    98,    99,   100,   101,   102,   103,   104,   105,
-     106,   107,   108,   109,   110,   111,   112,   113,   114,   115,
-     116,   117,   118,   119,   120,   121,   122,   123,   124,   125,
-     126,   127,   128,   129,   130,   131,   132,   133,   134,   135,
-     136,   137,   138,   139,   140,   141,   142,   143,   144,   145,
-     146,   147,   148,   149,     0,     0,     0,     0,     0,     0,
-       0,     0,     0,   150
+     154,   275,   155,    54,    59,    60,    55,   275,    51,    52,
+      56,   366,   156,    53,    65,   377,    66,    67,   261,   259,
+     163,   164,   165,   166,   167,   168,   169,   170,   171,   172,
+     173,   174,   175,   176,   177,   178,   179,   180,   181,   182,
+     183,   184,   185,   186,   187,   188,   189,   190,   191,   192,
+     193,   194,   195,   196,   197,   198,   199,   200,   201,   202,
+     203,   204,   205,   206,   207,   208,   209,   210,   211,   212,
+     213,   214,   215,   216,   217,   218,   219,   220,   221,   222,
+     223,   224,   225,   226,   227,   228,   229,   230,   231,   232,
+     233,   234,   235,   236,   237,   238,   239,   240,   241,   378,
+     242,   243,   372,   373,   165,   166,   167,   168,   169,   170,
+     171,   172,   173,   174,   175,   176,   177,   178,   179,   180,
+     181,   182,   183,   184,   185,   186,   187,   188,   189,   190,
+     191,   192,   193,   194,   195,   196,   197,   198,   199,   200,
+     201,   202,   203,   204,   205,   206,   207,   208,   209,   210,
+     211,   212,   213,   214,   215,   216,   217,   218,   219,   220,
+     221,   222,   223,   224,   225,   226,   227,   228,   229,   230,
+     231,   232,   233,   234,   235,   236,   237,   238,   239,   240,
+     241,   326,   242,   243,   165,   166,   167,   168,   169,   170,
+     171,   172,   173,   174,   175,   176,   177,   178,   179,   180,
+     181,   182,   183,   184,   185,   186,   187,   188,   189,   190,
+     191,   192,   193,   194,   195,   196,   197,   198,   199,   200,
+     201,   202,   203,   204,   205,   206,   207,   208,   209,   210,
+     211,   212,   213,   214,   215,   216,   217,   218,   219,   220,
+     221,   222,   223,   224,   225,   226,   227,   228,   229,   230,
+     231,   232,   233,   234,   235,   236,   237,   238,   239,   240,
+     241,   379,   242,   243,   380,   264,   265,   370,   381,   327,
+     266,   262,   271,   382,   272,   273,   367,   368,   369,    57,
+      58,   383,    61,    62,   244,   245,   246,   247,   248,   249,
+     250,   251,   252,   253,   254,   255,   256,     1,   276,   277,
+     328,   329,   330,   331,   332,   333,   334,   335,   336,   337,
+     338,   339,   340,   341,   342,   343,   344,   345,   346,   347,
+     348,   349,   375,   351,   352,   353,   354,   355,   356,   357,
+     358,   359,   360,   361,   362,   363,   384,   406,    63,    64,
+     157,   158,   159,   160,   161,   162,   267,   268,   385,   269,
+     270,   278,   279,   260,   280,   281,   282,   283,   284,   285,
+     286,   287,   288,   289,   290,   291,   244,   245,   246,   247,
+     248,   249,   250,   251,   252,   253,   254,   255,   256,   292,
+     293,   294,   295,   296,   297,   298,   299,   300,   301,   302,
+     303,   304,   305,   306,   307,   308,   309,   310,   311,   312,
+     313,   314,   315,   316,   317,   318,   319,   320,   321,   328,
+     329,   330,   331,   332,   333,   334,   335,   336,   337,   338,
+     339,   340,   341,   342,   343,   344,   345,   346,   347,   348,
+     349,   350,   351,   352,   353,   354,   355,   356,   357,   358,
+     359,   360,   361,   362,   363,   386,   244,   245,   246,   247,
+     248,   249,   250,   251,   252,   253,   254,   255,   256,   322,
+     323,   374,   263,   387,   324,   325,   388,   389,   390,   391,
+     392,     2,     3,     4,     5,     6,     7,     8,     9,    10,
+      11,    12,    13,    14,    15,    16,    17,    18,    19,    20,
+      21,    22,    23,    24,    25,    26,    27,    28,    29,    30,
+      31,    32,    33,    34,    35,    36,    37,   410,   411,   393,
+     394,   395,   396,   397,   398,   399,   400,   401,    38,    39,
+      40,    41,    42,    43,    44,    45,    46,     2,     3,     4,
+       5,     6,     7,     8,     9,    10,    11,    12,    13,    14,
+      15,    16,    17,    18,    19,    20,    21,    22,    23,    24,
+      25,    26,    27,    28,    29,    30,    31,    32,    33,    34,
+      35,    36,    37,   402,   403,   404,   405,   407,   408,   409,
+     274,   376,     0,   371,    38,    39,    40,    41,    42,    43,
+      44,    45,    46,    68,     0,     0,     0,     0,    69,    70,
+      71,    72,    73,    74,    75,    76,    77,    78,    79,    80,
+      81,    82,    83,    84,    85,    86,    87,    88,    89,    90,
+      91,    92,    93,    94,    95,    96,    97,    98,    99,   100,
+     101,   102,   103,   104,   105,   106,   107,   108,   109,   110,
+     111,   112,   113,   114,   115,   116,   117,   118,   119,   120,
+     121,   122,   123,   124,   125,   126,   127,   128,   129,   130,
+     131,   132,   133,   134,   135,   136,   137,   138,   139,   140,
+     141,   142,   143,   144,   145,   146,   147,   148,   149,    68,
+       0,     0,     0,     0,    69,    70,    71,    72,    73,    74,
+      75,    76,    77,    78,    79,    80,    81,    82,    83,    84,
+      85,    86,    87,    88,    89,    90,    91,    92,    93,    94,
+      95,    96,    97,    98,    99,   100,   101,   102,   103,   104,
+     105,   106,   107,   108,   109,   110,   111,   112,   113,   114,
+     115,   116,   117,   118,   119,   120,   121,   122,   123,   124,
+     125,   126,   127,   128,   129,   130,   131,   132,   133,   134,
+     135,   136,   137,   138,   139,   140,   141,   142,   143,   144,
+     145,   146,   147,   148,   149,     0,     0,     0,     0,     0,
+       0,     0,     0,     0,   150
   };
 
   const short int
   seclang_parser::yycheck_[] =
   {
-      27,     3,    66,   184,     0,   187,   188,   186,   264,   265,
-     189,   187,   188,   194,   193,     3,   192,   187,   188,    46,
-     260,   185,   192,   187,   188,   185,   204,   187,   188,    63,
-      64,    65,   204,     6,     7,     8,     9,    10,    11,    12,
-      13,    14,    15,    16,    17,    18,    19,    20,    21,    22,
-      23,    24,    25,    26,    27,    28,    29,    30,    31,    32,
-      33,    34,    35,    36,    37,    38,    39,    40,    41,    42,
-      43,    44,    45,    46,    47,    48,    49,    50,    51,    52,
-      53,    54,    55,    56,    57,    58,    59,    60,    61,     4,
-     206,   207,   208,   209,   210,   211,   212,   213,   214,   215,
-     216,   217,   218,   219,   220,   221,   222,   223,   224,   225,
-     226,   227,   228,   229,   230,   231,   232,   233,   234,   235,
-     236,   237,   238,   239,   240,   241,   204,   190,   191,   187,
-     188,   190,   191,   187,   188,   187,   188,   187,   188,   187,
-     188,   187,   188,   204,   204,    47,   150,   204,   204,   204,
-     260,    66,   148,   149,   150,   151,   152,   153,   154,   155,
-     156,   157,   158,   159,   160,   161,   162,   163,   164,   165,
-     166,   167,   168,   169,   170,   171,   172,   173,   174,   175,
-     176,   177,   178,   179,   180,   181,   182,   183,     0,   204,
-     204,   204,   204,   204,   204,   204,   260,   204,   204,   195,
-     196,   197,   198,   199,   200,   201,   202,   203,   259,   204,
-     204,   204,   204,   204,   204,   204,   256,   204,   204,   204,
-     204,   204,   204,   204,   204,    -1,    -1,    -1,    -1,    -1,
-      -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
-      -1,   243,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
-      -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
-      -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
-     297,   244,   245,   246,   247,   248,   249,   250,   251,   252,
-     253,   254,   255,   256,   257,   258,   259,    -1,   261,   262,
-     263,   206,   207,   208,   209,   210,   211,   212,   213,   214,
-     215,   216,   217,   218,   219,   220,   221,   222,   223,   224,
-     225,   226,   227,   228,   229,   230,   231,   232,   233,   234,
-     235,   236,   237,   238,   239,   240,   241,    -1,    -1,    -1,
-      -1,    -1,    -1,    -1,    -1,    -1,   148,   149,   150,   151,
-     152,   153,   154,   155,   156,   157,   158,   159,   160,   161,
-     162,   163,   164,   165,   166,   167,   168,   169,   170,   171,
-     172,   173,   174,   175,   176,   177,   178,   179,   180,   181,
-     182,   183,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
-      -1,    -1,    -1,   195,   196,   197,   198,   199,   200,   201,
-     202,   203,    62,    -1,    -1,    -1,    -1,    67,    68,    69,
-      70,    71,    72,    73,    74,    75,    76,    77,    78,    79,
-      80,    81,    82,    83,    84,    85,    86,    87,    88,    89,
-      90,    91,    92,    93,    94,    95,    96,    97,    98,    99,
-     100,   101,   102,   103,   104,   105,   106,   107,   108,   109,
-     110,   111,   112,   113,   114,   115,   116,   117,   118,   119,
-     120,   121,   122,   123,   124,   125,   126,   127,   128,   129,
-     130,   131,   132,   133,   134,   135,   136,   137,   138,   139,
-     140,   141,   142,   143,   144,   145,   146,   147,    62,    -1,
-      -1,    -1,    -1,    67,    68,    69,    70,    71,    72,    73,
+      27,     3,   210,   212,   216,   217,   215,     3,   213,   214,
+     219,   283,   220,   218,   211,   230,   213,   214,    47,    46,
+       6,     7,     8,     9,    10,    11,    12,    13,    14,    15,
+      16,    17,    18,    19,    20,    21,    22,    23,    24,    25,
+      26,    27,    28,    29,    30,    31,    32,    33,    34,    35,
+      36,    37,    38,    39,    40,    41,    42,    43,    44,    45,
+      46,    47,    48,    49,    50,    51,    52,    53,    54,    55,
+      56,    57,    58,    59,    60,    61,    62,    63,    64,    65,
+      66,    67,    68,    69,    70,    71,    72,    73,    74,    75,
+      76,    77,    78,    79,    80,    81,    82,    83,    84,   230,
+      86,    87,     6,     7,     8,     9,    10,    11,    12,    13,
+      14,    15,    16,    17,    18,    19,    20,    21,    22,    23,
+      24,    25,    26,    27,    28,    29,    30,    31,    32,    33,
+      34,    35,    36,    37,    38,    39,    40,    41,    42,    43,
+      44,    45,    46,    47,    48,    49,    50,    51,    52,    53,
+      54,    55,    56,    57,    58,    59,    60,    61,    62,    63,
+      64,    65,    66,    67,    68,    69,    70,    71,    72,    73,
       74,    75,    76,    77,    78,    79,    80,    81,    82,    83,
-      84,    85,    86,    87,    88,    89,    90,    91,    92,    93,
-      94,    95,    96,    97,    98,    99,   100,   101,   102,   103,
-     104,   105,   106,   107,   108,   109,   110,   111,   112,   113,
-     114,   115,   116,   117,   118,   119,   120,   121,   122,   123,
-     124,   125,   126,   127,   128,   129,   130,   131,   132,   133,
-     134,   135,   136,   137,   138,   139,   140,   141,   142,   143,
-     144,   145,   146,   147,    -1,    -1,    -1,    -1,    -1,    -1,
-      -1,    -1,    -1,   243
+      84,     4,    86,    87,     8,     9,    10,    11,    12,    13,
+      14,    15,    16,    17,    18,    19,    20,    21,    22,    23,
+      24,    25,    26,    27,    28,    29,    30,    31,    32,    33,
+      34,    35,    36,    37,    38,    39,    40,    41,    42,    43,
+      44,    45,    46,    47,    48,    49,    50,    51,    52,    53,
+      54,    55,    56,    57,    58,    59,    60,    61,    62,    63,
+      64,    65,    66,    67,    68,    69,    70,    71,    72,    73,
+      74,    75,    76,    77,    78,    79,    80,    81,    82,    83,
+      84,   230,    86,    87,   230,   213,   214,   269,   230,    92,
+     218,    92,   211,   230,   213,   214,    89,    90,    91,   213,
+     214,   230,   213,   214,   270,   271,   272,   273,   274,   275,
+     276,   277,   278,   279,   280,   281,   282,     0,   163,   164,
+     232,   233,   234,   235,   236,   237,   238,   239,   240,   241,
+     242,   243,   244,   245,   246,   247,   248,   249,   250,   251,
+     252,   253,   254,   255,   256,   257,   258,   259,   260,   261,
+     262,   263,   264,   265,   266,   267,   230,   364,   216,   217,
+     213,   214,   213,   214,   213,   214,   213,   214,   230,   213,
+     214,   284,   285,     0,   284,   285,   284,   285,   284,   285,
+     284,   285,   284,   285,   284,   285,   270,   271,   272,   273,
+     274,   275,   276,   277,   278,   279,   280,   281,   282,   284,
+     285,   284,   285,   284,   285,   284,   285,   284,   285,   284,
+     285,   284,   285,   284,   285,   284,   285,   284,   285,   284,
+     285,   284,   285,   284,   285,   284,   285,   284,   285,   232,
+     233,   234,   235,   236,   237,   238,   239,   240,   241,   242,
+     243,   244,   245,   246,   247,   248,   249,   250,   251,   252,
+     253,   254,   255,   256,   257,   258,   259,   260,   261,   262,
+     263,   264,   265,   266,   267,   230,   270,   271,   272,   273,
+     274,   275,   276,   277,   278,   279,   280,   281,   282,   284,
+     285,   326,   283,   230,   284,   285,   230,   230,   230,   230,
+     230,   174,   175,   176,   177,   178,   179,   180,   181,   182,
+     183,   184,   185,   186,   187,   188,   189,   190,   191,   192,
+     193,   194,   195,   196,   197,   198,   199,   200,   201,   202,
+     203,   204,   205,   206,   207,   208,   209,   372,   373,   230,
+     230,   230,   230,   230,   230,   230,   230,   230,   221,   222,
+     223,   224,   225,   226,   227,   228,   229,   174,   175,   176,
+     177,   178,   179,   180,   181,   182,   183,   184,   185,   186,
+     187,   188,   189,   190,   191,   192,   193,   194,   195,   196,
+     197,   198,   199,   200,   201,   202,   203,   204,   205,   206,
+     207,   208,   209,   230,   230,   230,   230,   230,   230,   230,
+     150,   327,    -1,   275,   221,   222,   223,   224,   225,   226,
+     227,   228,   229,    88,    -1,    -1,    -1,    -1,    93,    94,
+      95,    96,    97,    98,    99,   100,   101,   102,   103,   104,
+     105,   106,   107,   108,   109,   110,   111,   112,   113,   114,
+     115,   116,   117,   118,   119,   120,   121,   122,   123,   124,
+     125,   126,   127,   128,   129,   130,   131,   132,   133,   134,
+     135,   136,   137,   138,   139,   140,   141,   142,   143,   144,
+     145,   146,   147,   148,   149,   150,   151,   152,   153,   154,
+     155,   156,   157,   158,   159,   160,   161,   162,   163,   164,
+     165,   166,   167,   168,   169,   170,   171,   172,   173,    88,
+      -1,    -1,    -1,    -1,    93,    94,    95,    96,    97,    98,
+      99,   100,   101,   102,   103,   104,   105,   106,   107,   108,
+     109,   110,   111,   112,   113,   114,   115,   116,   117,   118,
+     119,   120,   121,   122,   123,   124,   125,   126,   127,   128,
+     129,   130,   131,   132,   133,   134,   135,   136,   137,   138,
+     139,   140,   141,   142,   143,   144,   145,   146,   147,   148,
+     149,   150,   151,   152,   153,   154,   155,   156,   157,   158,
+     159,   160,   161,   162,   163,   164,   165,   166,   167,   168,
+     169,   170,   171,   172,   173,    -1,    -1,    -1,    -1,    -1,
+      -1,    -1,    -1,    -1,   269
   };
 
   const unsigned short int
   seclang_parser::yystos_[] =
   {
-       0,     0,   148,   149,   150,   151,   152,   153,   154,   155,
-     156,   157,   158,   159,   160,   161,   162,   163,   164,   165,
-     166,   167,   168,   169,   170,   171,   172,   173,   174,   175,
-     176,   177,   178,   179,   180,   181,   182,   183,   195,   196,
-     197,   198,   199,   200,   201,   202,   203,   267,   268,   269,
-     274,   187,   188,   192,   186,   189,   193,   187,   188,   190,
-     191,   187,   188,   190,   191,   185,   187,   188,    62,    67,
-      68,    69,    70,    71,    72,    73,    74,    75,    76,    77,
-      78,    79,    80,    81,    82,    83,    84,    85,    86,    87,
-      88,    89,    90,    91,    92,    93,    94,    95,    96,    97,
-      98,    99,   100,   101,   102,   103,   104,   105,   106,   107,
-     108,   109,   110,   111,   112,   113,   114,   115,   116,   117,
-     118,   119,   120,   121,   122,   123,   124,   125,   126,   127,
-     128,   129,   130,   131,   132,   133,   134,   135,   136,   137,
-     138,   139,   140,   141,   142,   143,   144,   145,   146,   147,
-     243,   270,   271,   277,   270,   184,   194,   187,   188,   187,
-     188,   187,   188,     6,     7,     8,     9,    10,    11,    12,
+       0,     0,   174,   175,   176,   177,   178,   179,   180,   181,
+     182,   183,   184,   185,   186,   187,   188,   189,   190,   191,
+     192,   193,   194,   195,   196,   197,   198,   199,   200,   201,
+     202,   203,   204,   205,   206,   207,   208,   209,   221,   222,
+     223,   224,   225,   226,   227,   228,   229,   287,   288,   289,
+     294,   213,   214,   218,   212,   215,   219,   213,   214,   216,
+     217,   213,   214,   216,   217,   211,   213,   214,    88,    93,
+      94,    95,    96,    97,    98,    99,   100,   101,   102,   103,
+     104,   105,   106,   107,   108,   109,   110,   111,   112,   113,
+     114,   115,   116,   117,   118,   119,   120,   121,   122,   123,
+     124,   125,   126,   127,   128,   129,   130,   131,   132,   133,
+     134,   135,   136,   137,   138,   139,   140,   141,   142,   143,
+     144,   145,   146,   147,   148,   149,   150,   151,   152,   153,
+     154,   155,   156,   157,   158,   159,   160,   161,   162,   163,
+     164,   165,   166,   167,   168,   169,   170,   171,   172,   173,
+     269,   290,   291,   297,   290,   210,   220,   213,   214,   213,
+     214,   213,   214,     6,     7,     8,     9,    10,    11,    12,
       13,    14,    15,    16,    17,    18,    19,    20,    21,    22,
       23,    24,    25,    26,    27,    28,    29,    30,    31,    32,
       33,    34,    35,    36,    37,    38,    39,    40,    41,    42,
       43,    44,    45,    46,    47,    48,    49,    50,    51,    52,
-      53,    54,    55,    56,    57,    58,    59,    60,    61,   244,
-     245,   246,   247,   248,   249,   250,   251,   252,   253,   254,
-     255,   256,   257,   258,   259,   261,   262,   263,   275,   276,
-     270,     0,   268,    66,   260,   187,   188,   192,   187,   188,
-     187,   188,   185,   187,   188,   271,     3,   264,   265,     4,
-      66,   206,   207,   208,   209,   210,   211,   212,   213,   214,
-     215,   216,   217,   218,   219,   220,   221,   222,   223,   224,
-     225,   226,   227,   228,   229,   230,   231,   232,   233,   234,
-     235,   236,   237,   238,   239,   240,   241,   272,   273,   260,
-      63,    64,    65,   243,   277,   276,   228,   273,   204,   204,
-     204,   204,   204,   204,   204,   204,   204,   204,   204,   204,
-     204,   204,   204,   204,   204,   204,   204,   204,   204,   204,
-     204,   204,   204,   204,   204,   204,   204,   270,   204,   204,
-     204
+      53,    54,    55,    56,    57,    58,    59,    60,    61,    62,
+      63,    64,    65,    66,    67,    68,    69,    70,    71,    72,
+      73,    74,    75,    76,    77,    78,    79,    80,    81,    82,
+      83,    84,    86,    87,   270,   271,   272,   273,   274,   275,
+     276,   277,   278,   279,   280,   281,   282,   295,   296,   290,
+       0,   288,    92,   283,   213,   214,   218,   213,   214,   213,
+     214,   211,   213,   214,   291,     3,   296,   296,   284,   285,
+     284,   285,   284,   285,   284,   285,   284,   285,   284,   285,
+     284,   285,   284,   285,   284,   285,   284,   285,   284,   285,
+     284,   285,   284,   285,   284,   285,   284,   285,   284,   285,
+     284,   285,   284,   285,   284,   285,   284,   285,   284,   285,
+     284,   285,   284,   285,   284,   285,     4,    92,   232,   233,
+     234,   235,   236,   237,   238,   239,   240,   241,   242,   243,
+     244,   245,   246,   247,   248,   249,   250,   251,   252,   253,
+     254,   255,   256,   257,   258,   259,   260,   261,   262,   263,
+     264,   265,   266,   267,   292,   293,   283,    89,    90,    91,
+     269,   297,     6,     7,   296,   254,   293,   230,   230,   230,
+     230,   230,   230,   230,   230,   230,   230,   230,   230,   230,
+     230,   230,   230,   230,   230,   230,   230,   230,   230,   230,
+     230,   230,   230,   230,   230,   230,   290,   230,   230,   230,
+     296,   296
   };
 
   const unsigned short int
   seclang_parser::yyr1_[] =
   {
-       0,   266,   267,   267,   267,   268,   269,   269,   269,   269,
-     269,   269,   269,   269,   269,   269,   269,   269,   269,   269,
-     269,   269,   269,   269,   269,   269,   270,   270,   271,   271,
-     272,   272,   272,   272,   273,   273,   273,   273,   273,   273,
-     273,   273,   273,   273,   273,   273,   273,   273,   273,   273,
-     273,   273,   273,   273,   273,   273,   273,   273,   273,   273,
-     273,   273,   273,   273,   273,   273,   273,   273,   273,   274,
-     274,   274,   274,   274,   274,   274,   274,   274,   274,   274,
-     274,   274,   274,   274,   274,   274,   274,   274,   274,   274,
-     274,   274,   274,   274,   274,   274,   274,   274,   274,   274,
-     274,   274,   274,   274,   274,   274,   274,   274,   274,   274,
-     275,   275,   276,   276,   276,   276,   276,   276,   276,   276,
-     276,   276,   276,   276,   276,   276,   276,   276,   276,   276,
-     276,   276,   276,   276,   276,   276,   276,   276,   276,   276,
-     276,   276,   276,   276,   276,   276,   276,   276,   276,   276,
-     276,   276,   276,   276,   276,   276,   276,   276,   276,   276,
-     276,   276,   276,   276,   276,   276,   276,   276,   276,   276,
-     276,   276,   276,   276,   276,   276,   276,   276,   276,   276,
-     276,   276,   276,   276,   276,   276,   276,   276,   276,   277,
-     277,   277,   277,   277,   277,   277,   277,   277,   277,   277,
-     277,   277,   277,   277,   277,   277,   277,   277,   277,   277,
-     277,   277,   277,   277,   277,   277,   277,   277,   277,   277,
-     277,   277,   277,   277,   277,   277,   277,   277,   277,   277,
-     277,   277,   277,   277,   277,   277,   277,   277,   277,   277,
-     277,   277,   277,   277,   277,   277,   277,   277,   277,   277,
-     277,   277,   277,   277,   277,   277,   277,   277,   277,   277,
-     277,   277,   277,   277,   277,   277,   277,   277,   277,   277,
-     277,   277,   277,   277,   277,   277,   277,   277,   277,   277,
-     277
+       0,   286,   287,   287,   287,   288,   289,   289,   289,   289,
+     289,   289,   289,   289,   289,   289,   289,   289,   289,   289,
+     289,   289,   289,   289,   289,   289,   290,   290,   291,   291,
+     292,   292,   292,   292,   293,   293,   293,   293,   293,   293,
+     293,   293,   293,   293,   293,   293,   293,   293,   293,   293,
+     293,   293,   293,   293,   293,   293,   293,   293,   293,   293,
+     293,   293,   293,   293,   293,   293,   293,   293,   293,   294,
+     294,   294,   294,   294,   294,   294,   294,   294,   294,   294,
+     294,   294,   294,   294,   294,   294,   294,   294,   294,   294,
+     294,   294,   294,   294,   294,   294,   294,   294,   294,   294,
+     294,   294,   294,   294,   294,   294,   294,   294,   294,   294,
+     295,   295,   295,   295,   295,   295,   296,   296,   296,   296,
+     296,   296,   296,   296,   296,   296,   296,   296,   296,   296,
+     296,   296,   296,   296,   296,   296,   296,   296,   296,   296,
+     296,   296,   296,   296,   296,   296,   296,   296,   296,   296,
+     296,   296,   296,   296,   296,   296,   296,   296,   296,   296,
+     296,   296,   296,   296,   296,   296,   296,   296,   296,   296,
+     296,   296,   296,   296,   296,   296,   296,   296,   296,   296,
+     296,   296,   296,   296,   296,   296,   296,   296,   296,   296,
+     296,   296,   296,   296,   296,   296,   296,   296,   296,   296,
+     296,   296,   296,   296,   296,   296,   296,   296,   296,   296,
+     296,   296,   296,   296,   296,   296,   296,   296,   296,   296,
+     296,   296,   296,   296,   296,   296,   296,   296,   296,   296,
+     296,   296,   296,   296,   296,   296,   296,   296,   296,   296,
+     296,   296,   296,   296,   296,   296,   296,   296,   296,   296,
+     296,   296,   296,   296,   296,   296,   297,   297,   297,   297,
+     297,   297,   297,   297,   297,   297,   297,   297,   297,   297,
+     297,   297,   297,   297,   297,   297,   297,   297,   297,   297,
+     297,   297,   297,   297,   297,   297,   297,   297,   297,   297,
+     297,   297,   297,   297,   297,   297,   297,   297,   297,   297,
+     297,   297,   297,   297,   297,   297,   297,   297,   297,   297,
+     297,   297,   297,   297,   297,   297,   297,   297,   297,   297,
+     297,   297,   297,   297,   297,   297,   297,   297,   297,   297,
+     297,   297,   297,   297,   297,   297,   297,   297,   297,   297,
+     297,   297,   297,   297,   297,   297,   297,   297
   };
 
   const unsigned char
@@ -4399,7 +4737,14 @@ namespace yy {
        2,     2,     2,     1,     1,     1,     1,     1,     1,     1,
        1,     1,     2,     2,     2,     2,     2,     2,     1,     1,
        1,     2,     2,     1,     1,     1,     1,     1,     1,     1,
-       3,     1,     1,     2,     2,     1,     1,     1,     1,     1,
+       3,     4,     4,     1,     2,     2,     2,     2,     1,     2,
+       2,     1,     2,     2,     1,     2,     2,     1,     2,     2,
+       1,     2,     2,     1,     2,     2,     1,     2,     2,     1,
+       2,     2,     1,     2,     2,     1,     2,     2,     1,     2,
+       2,     1,     2,     2,     1,     2,     2,     1,     2,     2,
+       1,     2,     2,     1,     2,     2,     1,     2,     2,     1,
+       2,     2,     1,     2,     2,     1,     2,     2,     1,     2,
+       2,     1,     2,     2,     1,     2,     2,     1,     1,     1,
        1,     1,     1,     1,     1,     1,     1,     1,     1,     1,
        1,     1,     1,     1,     1,     1,     1,     1,     1,     1,
        1,     1,     1,     1,     1,     1,     1,     1,     1,     1,
@@ -4407,16 +4752,15 @@ namespace yy {
        1,     1,     1,     1,     1,     1,     1,     1,     1,     1,
        1,     1,     1,     1,     1,     1,     1,     1,     1,     1,
        1,     1,     1,     1,     1,     1,     1,     1,     1,     1,
-       1,     1,     1,     1,     1,     1,     2,     2,     2,     1,
-       1,     1,     2,     2,     2,     2,     2,     2,     2,     1,
+       1,     1,     1,     2,     2,     2,     1,     1,     1,     2,
+       2,     2,     2,     2,     2,     2,     1,     1,     1,     1,
        1,     1,     1,     1,     1,     1,     1,     1,     1,     1,
        1,     1,     1,     1,     1,     1,     1,     1,     1,     1,
-       1,     1,     1,     1,     1,     1,     1,     1,     1,     1,
-       1,     1,     3,     2,     4,     4,     4,     1,     1,     1,
+       1,     1,     1,     1,     1,     1,     1,     1,     1,     3,
+       2,     4,     4,     4,     1,     1,     1,     1,     1,     1,
        1,     1,     1,     1,     1,     1,     1,     1,     1,     1,
        1,     1,     1,     1,     1,     1,     1,     1,     1,     1,
-       1,     1,     1,     1,     1,     1,     1,     1,     1,     1,
-       1
+       1,     1,     1,     1,     1,     1,     1,     1
   };
 
 
@@ -4427,8 +4771,14 @@ namespace yy {
   const seclang_parser::yytname_[] =
   {
   "\"end of file\"", "error", "$undefined", "\",\"", "PIPE", "NEW_LINE",
-  "VARIABLE_ARGS", "VARIABLE_ARGS_COMBINED_SIZE",
-  "VARIABLE_ARGS_GET_NAMES", "\"Variable ARGS_NAMES\"",
+  "VAR_COUNT", "VAR_EXCLUSION", "VARIABLE_ARGS", "VARIABLE_ARGS_POST",
+  "VARIABLE_ARGS_GET", "VARIABLE_FILES_SIZES", "VARIABLE_FILES_NAMES",
+  "VARIABLE_FILES_TMP_CONTENT", "VARIABLE_MULTIPART_FILENAME",
+  "VARIABLE_MULTIPART_NAME", "VARIABLE_MATCHED_VARS_NAMES",
+  "VARIABLE_MATCHED_VARS", "VARIABLE_FILES", "VARIABLE_REQUEST_COOKIES",
+  "VARIABLE_REQUEST_HEADERS", "VARIABLE_RESPONSE_HEADERS", "VARIABLE_GEO",
+  "VARIABLE_REQUEST_COOKIES_NAMES", "VARIABLE_ARGS_COMBINED_SIZE",
+  "VARIABLE_ARGS_GET_NAMES", "VARIABLE_RULE", "\"Variable ARGS_NAMES\"",
   "VARIABLE_ARGS_POST_NAMES", "\"AUTH_TYPE\"", "\"FILES_COMBINED_SIZE\"",
   "\"FILES_TMPNAMES\"", "\"FULL_REQUEST\"", "\"FULL_REQUEST_LENGTH\"",
   "\"INBOUND_DATA_ERROR\"", "\"MATCHED_VAR\"", "\"MATCHED_VAR_NAME\"",
@@ -4449,13 +4799,15 @@ namespace yy {
   "VARIABLE_RESPONSE_HEADERS_NAMES", "\"RESPONSE_PROTOCOL\"",
   "\"RESPONSE_STATUS\"", "\"SERVER_ADDR\"", "\"SERVER_NAME\"",
   "\"SERVER_PORT\"", "\"SESSIONID\"", "\"UNIQUE_ID\"",
-  "\"URLENCODED_ERROR\"", "\"USERID\"", "\"SetVar\"",
-  "SETVAR_OPERATION_EQUALS", "SETVAR_OPERATION_EQUALS_PLUS",
-  "SETVAR_OPERATION_EQUALS_MINUS", "\"NOT\"", "\"Accuracy\"", "\"Allow\"",
-  "\"Append\"", "\"AuditLog\"", "\"Block\"", "\"Capture\"", "\"Chain\"",
-  "\"ACTION_CTL_AUDIT_ENGINE\"", "\"ACTION_CTL_AUDIT_LOG_PARTS\"",
-  "\"ACTION_CTL_BDY_JSON\"", "\"ACTION_CTL_BDY_XML\"",
-  "\"ACTION_CTL_FORCE_REQ_BODY_VAR\"",
+  "\"URLENCODED_ERROR\"", "\"USERID\"", "\"VARIABLE_STATUS\"",
+  "\"VARIABLE_IP\"", "\"VARIABLE_GLOBAL\"", "\"VARIABLE_TX\"",
+  "\"VARIABLE_SESSION\"", "\"VARIABLE_USER\"", "\"RUN_TIME_VAR_ENV\"",
+  "\"RUN_TIME_VAR_XML\"", "\"SetVar\"", "SETVAR_OPERATION_EQUALS",
+  "SETVAR_OPERATION_EQUALS_PLUS", "SETVAR_OPERATION_EQUALS_MINUS",
+  "\"NOT\"", "\"Accuracy\"", "\"Allow\"", "\"Append\"", "\"AuditLog\"",
+  "\"Block\"", "\"Capture\"", "\"Chain\"", "\"ACTION_CTL_AUDIT_ENGINE\"",
+  "\"ACTION_CTL_AUDIT_LOG_PARTS\"", "\"ACTION_CTL_BDY_JSON\"",
+  "\"ACTION_CTL_BDY_XML\"", "\"ACTION_CTL_FORCE_REQ_BODY_VAR\"",
   "\"ACTION_CTL_REQUEST_BODY_ACCESS\"", "\"ACTION_CTL_RULE_ENGINE\"",
   "\"ACTION_CTL_RULE_REMOVE_BY_ID\"",
   "\"ACTION_CTL_RULE_REMOVE_TARGET_BY_ID\"",
@@ -4538,15 +4890,13 @@ namespace yy {
   "\"OPERATOR_VALIDATE_UTF8_ENCODING\"", "\"OPERATOR_VERIFY_CC\"",
   "\"OPERATOR_VERIFY_CPF\"", "\"OPERATOR_VERIFY_SSN\"",
   "\"OPERATOR_WITHIN\"", "\"OP_QUOTE\"", "\"QUOTATION_MARK\"",
-  "\"RUN_TIME_VAR_BLD\"", "\"RUN_TIME_VAR_DUR\"", "\"RUN_TIME_VAR_ENV\"",
-  "\"RUN_TIME_VAR_HSV\"", "\"RUN_TIME_VAR_REMOTE_USER\"",
-  "\"RUN_TIME_VAR_RULE\"", "\"RUN_TIME_VAR_TIME\"",
+  "\"RUN_TIME_VAR_BLD\"", "\"RUN_TIME_VAR_DUR\"", "\"RUN_TIME_VAR_HSV\"",
+  "\"RUN_TIME_VAR_REMOTE_USER\"", "\"RUN_TIME_VAR_TIME\"",
   "\"RUN_TIME_VAR_TIME_DAY\"", "\"RUN_TIME_VAR_TIME_EPOCH\"",
   "\"RUN_TIME_VAR_TIME_HOUR\"", "\"RUN_TIME_VAR_TIME_MIN\"",
   "\"RUN_TIME_VAR_TIME_MON\"", "\"RUN_TIME_VAR_TIME_SEC\"",
   "\"RUN_TIME_VAR_TIME_WDAY\"", "\"RUN_TIME_VAR_TIME_YEAR\"",
-  "\"RUN_TIME_VAR_XML\"", "\"VARIABLE\"", "\"VARIABLE_COL\"",
-  "\"VARIABLE_STATUS\"", "\"VARIABLE_TX\"", "\"Dictionary element\"",
+  "\"VARIABLE\"", "\"Dictionary element\"",
   "\"Dictionary element, selected by regexp\"", "$accept", "input", "line",
   "audit_log", "actions", "actions_may_quoted", "op", "op_before_init",
   "expression", "variables", "var", "act", YY_NULLPTR
@@ -4556,35 +4906,41 @@ namespace yy {
   const unsigned short int
   seclang_parser::yyrline_[] =
   {
-       0,   607,   607,   611,   612,   615,   620,   626,   632,   636,
-     640,   646,   652,   658,   664,   670,   679,   683,   687,   693,
-     697,   701,   706,   711,   716,   720,   727,   731,   738,   744,
-     754,   763,   773,   782,   794,   798,   802,   806,   810,   814,
-     819,   824,   828,   832,   837,   841,   845,   850,   855,   860,
-     865,   869,   873,   877,   881,   885,   889,   893,   897,   901,
-     905,   909,   913,   917,   921,   925,   929,   933,   937,   951,
-     952,   976,   995,  1010,  1018,  1065,  1069,  1073,  1077,  1081,
-    1085,  1089,  1093,  1097,  1101,  1115,  1127,  1147,  1167,  1172,
-    1177,  1182,  1187,  1191,  1195,  1199,  1203,  1207,  1211,  1212,
-    1213,  1224,  1228,  1232,  1233,  1234,  1235,  1236,  1237,  1238,
-    1244,  1249,  1258,  1263,  1268,  1273,  1278,  1283,  1288,  1293,
-    1298,  1303,  1308,  1313,  1318,  1323,  1328,  1333,  1338,  1343,
-    1348,  1353,  1358,  1363,  1368,  1373,  1378,  1383,  1388,  1393,
-    1398,  1403,  1408,  1413,  1418,  1423,  1428,  1433,  1438,  1443,
-    1448,  1453,  1458,  1463,  1468,  1473,  1478,  1483,  1488,  1493,
-    1498,  1503,  1508,  1513,  1518,  1523,  1528,  1533,  1538,  1543,
-    1548,  1565,  1582,  1599,  1616,  1633,  1650,  1667,  1684,  1701,
-    1718,  1735,  1752,  1769,  1786,  1803,  1820,  1837,  1843,  1863,
-    1867,  1871,  1875,  1879,  1883,  1887,  1891,  1896,  1901,  1906,
-    1910,  1914,  1918,  1923,  1928,  1932,  1936,  1941,  1946,  1951,
-    1955,  1959,  1963,  1967,  1971,  1976,  1980,  1985,  1989,  1993,
-    1997,  2001,  2005,  2009,  2013,  2017,  2021,  2025,  2029,  2033,
-    2037,  2041,  2045,  2049,  2053,  2057,  2061,  2065,  2069,  2073,
-    2077,  2081,  2085,  2089,  2093,  2097,  2101,  2105,  2109,  2113,
-    2117,  2121,  2125,  2129,  2133,  2137,  2141,  2145,  2149,  2153,
-    2157,  2161,  2165,  2169,  2173,  2177,  2181,  2185,  2189,  2193,
-    2197,  2201,  2205,  2209,  2213,  2217,  2221,  2225,  2229,  2233,
-    2237
+       0,   663,   663,   667,   668,   671,   676,   682,   688,   692,
+     696,   702,   708,   714,   720,   726,   735,   739,   743,   749,
+     753,   757,   762,   767,   772,   776,   783,   787,   794,   800,
+     810,   819,   829,   838,   850,   854,   858,   862,   866,   870,
+     875,   880,   884,   888,   893,   897,   901,   906,   911,   916,
+     921,   925,   929,   933,   937,   941,   945,   949,   953,   957,
+     961,   965,   969,   973,   977,   981,   985,   989,   993,  1007,
+    1008,  1032,  1051,  1066,  1074,  1121,  1125,  1129,  1133,  1137,
+    1141,  1145,  1149,  1153,  1157,  1171,  1183,  1203,  1223,  1228,
+    1233,  1238,  1243,  1247,  1251,  1255,  1259,  1263,  1267,  1268,
+    1269,  1280,  1284,  1288,  1289,  1290,  1291,  1292,  1293,  1294,
+    1300,  1305,  1311,  1317,  1323,  1330,  1340,  1344,  1348,  1352,
+    1356,  1360,  1364,  1368,  1372,  1376,  1380,  1384,  1388,  1392,
+    1396,  1400,  1404,  1408,  1412,  1416,  1420,  1424,  1428,  1432,
+    1436,  1440,  1444,  1448,  1452,  1456,  1460,  1464,  1468,  1472,
+    1476,  1480,  1484,  1488,  1492,  1496,  1500,  1504,  1508,  1512,
+    1516,  1520,  1524,  1528,  1532,  1536,  1540,  1544,  1548,  1552,
+    1556,  1560,  1564,  1568,  1572,  1576,  1581,  1585,  1589,  1594,
+    1598,  1602,  1607,  1611,  1615,  1620,  1624,  1628,  1635,  1639,
+    1643,  1647,  1651,  1655,  1659,  1663,  1667,  1671,  1675,  1679,
+    1683,  1687,  1691,  1695,  1699,  1703,  1707,  1711,  1715,  1719,
+    1723,  1727,  1731,  1735,  1739,  1743,  1747,  1751,  1755,  1759,
+    1763,  1767,  1771,  1775,  1779,  1783,  1787,  1791,  1795,  1799,
+    1803,  1807,  1811,  1815,  1819,  1823,  1827,  1831,  1835,  1839,
+    1843,  1847,  1851,  1855,  1863,  1870,  1877,  1884,  1891,  1898,
+    1905,  1912,  1919,  1926,  1933,  1940,  1950,  1954,  1958,  1962,
+    1966,  1970,  1974,  1978,  1983,  1988,  1993,  1997,  2001,  2005,
+    2010,  2015,  2019,  2023,  2028,  2033,  2038,  2042,  2046,  2050,
+    2054,  2058,  2063,  2067,  2072,  2076,  2080,  2084,  2088,  2092,
+    2096,  2100,  2104,  2108,  2112,  2116,  2120,  2124,  2128,  2132,
+    2136,  2140,  2144,  2148,  2152,  2156,  2160,  2164,  2168,  2172,
+    2176,  2180,  2184,  2188,  2192,  2196,  2200,  2204,  2208,  2212,
+    2216,  2220,  2224,  2228,  2232,  2236,  2240,  2244,  2248,  2252,
+    2256,  2260,  2264,  2268,  2272,  2276,  2280,  2284,  2288,  2292,
+    2296,  2300,  2304,  2308,  2312,  2316,  2320,  2324
   };
 
   // Print the state stack on the debug stream.
@@ -4619,8 +4975,8 @@ namespace yy {
 
 
 } // yy
-#line 4623 "seclang-parser.cc" // lalr1.cc:1167
-#line 2243 "seclang-parser.yy" // lalr1.cc:1168
+#line 4979 "seclang-parser.cc" // lalr1.cc:1167
+#line 2330 "seclang-parser.yy" // lalr1.cc:1168
 
 
 void yy::seclang_parser::error (const location_type& l, const std::string& m) {
diff --git a/src/parser/seclang-parser.hh b/src/parser/seclang-parser.hh
index ea9427ec..b3d9df56 100644
--- a/src/parser/seclang-parser.hh
+++ b/src/parser/seclang-parser.hh
@@ -178,31 +178,40 @@ class Driver;
 #include "src/utils/geo_lookup.h"
 #include "src/utils/string.h"
 #include "src/utils/system.h"
+#include "src/variables/args_combined_size.h"
+#include "src/variables/args_get.h"
+#include "src/variables/args_get_names.h"
 #include "src/variables/args.h"
 #include "src/variables/args_names.h"
-#include "src/variables/xml.h"
-#include "src/variables/args_combined_size.h"
-#include "src/variables/args_get_names.h"
-#include "src/variables/args_names.h"
+#include "src/variables/args_post.h"
 #include "src/variables/args_post_names.h"
 #include "src/variables/auth_type.h"
 #include "src/variables/duration.h"
 #include "src/variables/env.h"
 #include "src/variables/files_combined_size.h"
+#include "src/variables/files.h"
+#include "src/variables/files_names.h"
+#include "src/variables/files_sizes.h"
+#include "src/variables/files_tmp_content.h"
 #include "src/variables/files_tmp_names.h"
 #include "src/variables/full_request.h"
 #include "src/variables/full_request_length.h"
+#include "src/variables/geo.h"
 #include "src/variables/highest_severity.h"
 #include "src/variables/inbound_data_error.h"
 #include "src/variables/matched_var.h"
 #include "src/variables/matched_var_name.h"
+#include "src/variables/matched_vars.h"
+#include "src/variables/matched_vars_names.h"
 #include "src/variables/modsec_build.h"
 #include "src/variables/multipart_crlf_lf_lines.h"
 #include "src/variables/multipart_data_after.h"
 #include "src/variables/multipart_file_limit_exceeded.h"
+#include "src/variables/multipart_file_name.h"
 #include "src/variables/multipart_header_folding.h"
 #include "src/variables/multipart_invalid_header_folding.h"
 #include "src/variables/multipart_invalid_quoting.h"
+#include "src/variables/multipart_name.h"
 #include "src/variables/multipart_strict_error.h"
 #include "src/variables/multipart_unmatched_boundary.h"
 #include "src/variables/outbound_data_error.h"
@@ -220,7 +229,10 @@ class Driver;
 #include "src/variables/request_base_name.h"
 #include "src/variables/request_body.h"
 #include "src/variables/request_body_length.h"
+#include "src/variables/request_cookies.h"
+#include "src/variables/request_cookies_names.h"
 #include "src/variables/request_file_name.h"
+#include "src/variables/request_headers.h"
 #include "src/variables/request_headers_names.h"
 #include "src/variables/request_line.h"
 #include "src/variables/request_method.h"
@@ -231,6 +243,7 @@ class Driver;
 #include "src/variables/response_body.h"
 #include "src/variables/response_content_length.h"
 #include "src/variables/response_content_type.h"
+#include "src/variables/response_headers.h"
 #include "src/variables/response_headers_names.h"
 #include "src/variables/response_protocol.h"
 #include "src/variables/response_status.h"
@@ -254,9 +267,10 @@ class Driver;
 #include "src/variables/user_id.h"
 #include "src/variables/variable.h"
 #include "src/variables/xml.h"
-#include "src/variables/variations/count.h"
-#include "src/variables/variations/exclusion.h"
-
+#include "src/variables/ip.h"
+#include "src/variables/global.h"
+#include "src/variables/session.h"
+#include "src/variables/status.h"
 
 using modsecurity::ModSecurity;
 using modsecurity::Rule;
@@ -275,10 +289,27 @@ using modsecurity::Variables::TimeSec;
 using modsecurity::Variables::TimeWDay;
 using modsecurity::Variables::TimeYear;
 using modsecurity::Variables::Time;
-using modsecurity::Variables::Tx;
+using modsecurity::Variables::Tx_DictElement;
+using modsecurity::Variables::Tx_NoDictElement;
+using modsecurity::Variables::Tx_DictElementRegexp;
+
+using modsecurity::Variables::Ip_DictElement;
+using modsecurity::Variables::Ip_NoDictElement;
+using modsecurity::Variables::Ip_DictElementRegexp;
+
+using modsecurity::Variables::Global_DictElement;
+using modsecurity::Variables::Global_NoDictElement;
+using modsecurity::Variables::Global_DictElementRegexp;
+
+using modsecurity::Variables::Session_DictElement;
+using modsecurity::Variables::Session_NoDictElement;
+using modsecurity::Variables::Session_DictElementRegexp;
+
+
+
 using modsecurity::Variables::Variable;
-using modsecurity::Variables::Variations::Count;
-using modsecurity::Variables::Variations::Exclusion;
+using modsecurity::Variables::VariableModificatorExclusion;
+using modsecurity::Variables::VariableModificatorCount;
 using modsecurity::Variables::XML;
 
 using namespace modsecurity;
@@ -328,9 +359,13 @@ using modsecurity::operators::Operator;
     std::unique_ptr<actions::Action> c(b); \
     a = std::move(c);
 
+#define VARIABLE_CONTAINER(a, b) \
+    std::unique_ptr<Variable> c(b); \
+    a = std::move(c);
 
 
-#line 334 "seclang-parser.hh" // lalr1.cc:377
+
+#line 369 "seclang-parser.hh" // lalr1.cc:377
 
 # include <cassert>
 # include <cstdlib> // std::abort
@@ -407,7 +442,7 @@ using modsecurity::operators::Operator;
 
 
 namespace yy {
-#line 411 "seclang-parser.hh" // lalr1.cc:377
+#line 446 "seclang-parser.hh" // lalr1.cc:377
 
 
 
@@ -753,10 +788,8 @@ namespace yy {
       // "QUOTATION_MARK"
       // "RUN_TIME_VAR_BLD"
       // "RUN_TIME_VAR_DUR"
-      // "RUN_TIME_VAR_ENV"
       // "RUN_TIME_VAR_HSV"
       // "RUN_TIME_VAR_REMOTE_USER"
-      // "RUN_TIME_VAR_RULE"
       // "RUN_TIME_VAR_TIME"
       // "RUN_TIME_VAR_TIME_DAY"
       // "RUN_TIME_VAR_TIME_EPOCH"
@@ -766,11 +799,7 @@ namespace yy {
       // "RUN_TIME_VAR_TIME_SEC"
       // "RUN_TIME_VAR_TIME_WDAY"
       // "RUN_TIME_VAR_TIME_YEAR"
-      // "RUN_TIME_VAR_XML"
       // "VARIABLE"
-      // "VARIABLE_COL"
-      // "VARIABLE_STATUS"
-      // "VARIABLE_TX"
       // "Dictionary element"
       // "Dictionary element, selected by regexp"
       char dummy1[sizeof(std::string)];
@@ -817,266 +846,286 @@ namespace yy {
         TOK_COMMA = 258,
         TOK_PIPE = 259,
         TOK_NEW_LINE = 260,
-        TOK_VARIABLE_ARGS = 261,
-        TOK_VARIABLE_ARGS_COMBINED_SIZE = 262,
-        TOK_VARIABLE_ARGS_GET_NAMES = 263,
-        TOK_VARIABLE_ARGS_NAMES = 264,
-        TOK_VARIABLE_ARGS_POST_NAMES = 265,
-        TOK_VARIABLE_AUTH_TYPE = 266,
-        TOK_VARIABLE_FILES_COMBINED_SIZE = 267,
-        TOK_VARIABLE_FILES_TMP_NAMES = 268,
-        TOK_VARIABLE_FULL_REQUEST = 269,
-        TOK_VARIABLE_FULL_REQUEST_LENGTH = 270,
-        TOK_VARIABLE_INBOUND_DATA_ERROR = 271,
-        TOK_VARIABLE_MATCHED_VAR = 272,
-        TOK_VARIABLE_MATCHED_VAR_NAME = 273,
-        TOK_VARIABLE_MULTIPART_CRLF_LF_LINES = 274,
-        TOK_VARIABLE_MULTIPART_DATA_AFTER = 275,
-        TOK_VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED = 276,
-        TOK_VARIABLE_MULTIPART_HEADER_FOLDING = 277,
-        TOK_VARIABLE_MULTIPART_INVALID_HEADER_FOLDING = 278,
-        TOK_VARIABLE_MULTIPART_INVALID_QUOTING = 279,
-        TOK_VARIABLE_MULTIPART_STRICT_ERROR = 280,
-        TOK_VARIABLE_MULTIPART_UNMATCHED_BOUNDARY = 281,
-        TOK_VARIABLE_OUTBOUND_DATA_ERROR = 282,
-        TOK_VARIABLE_PATH_INFO = 283,
-        TOK_VARIABLE_QUERY_STRING = 284,
-        TOK_VARIABLE_REMOTE_ADDR = 285,
-        TOK_VARIABLE_REMOTE_HOST = 286,
-        TOK_VARIABLE_REMOTE_PORT = 287,
-        TOK_VARIABLE_REQBODY_ERROR_MSG = 288,
-        TOK_VARIABLE_REQBODY_ERROR = 289,
-        TOK_VARIABLE_REQBODY_PROCESSOR_ERROR_MSG = 290,
-        TOK_VARIABLE_REQBODY_PROCESSOR_ERROR = 291,
-        TOK_VARIABLE_REQBODY_PROCESSOR = 292,
-        TOK_VARIABLE_REQUEST_BASENAME = 293,
-        TOK_VARIABLE_REQUEST_BODY_LENGTH = 294,
-        TOK_VARIABLE_REQUEST_BODY = 295,
-        TOK_VARIABLE_REQUEST_FILE_NAME = 296,
-        TOK_VARIABLE_REQUEST_HEADERS_NAMES = 297,
-        TOK_VARIABLE_REQUEST_LINE = 298,
-        TOK_VARIABLE_REQUEST_METHOD = 299,
-        TOK_VARIABLE_REQUEST_PROTOCOL = 300,
-        TOK_VARIABLE_REQUEST_URI_RAW = 301,
-        TOK_VARIABLE_REQUEST_URI = 302,
-        TOK_VARIABLE_RESOURCE = 303,
-        TOK_VARIABLE_RESPONSE_BODY = 304,
-        TOK_VARIABLE_RESPONSE_CONTENT_LENGTH = 305,
-        TOK_VARIABLE_RESPONSE_CONTENT_TYPE = 306,
-        TOK_VARIABLE_RESPONSE_HEADERS_NAMES = 307,
-        TOK_VARIABLE_RESPONSE_PROTOCOL = 308,
-        TOK_VARIABLE_RESPONSE_STATUS = 309,
-        TOK_VARIABLE_SERVER_ADDR = 310,
-        TOK_VARIABLE_SERVER_NAME = 311,
-        TOK_VARIABLE_SERVER_PORT = 312,
-        TOK_VARIABLE_SESSION_ID = 313,
-        TOK_VARIABLE_UNIQUE_ID = 314,
-        TOK_VARIABLE_URL_ENCODED_ERROR = 315,
-        TOK_VARIABLE_USER_ID = 316,
-        TOK_ACTION_SETVAR = 317,
-        TOK_SETVAR_OPERATION_EQUALS = 318,
-        TOK_SETVAR_OPERATION_EQUALS_PLUS = 319,
-        TOK_SETVAR_OPERATION_EQUALS_MINUS = 320,
-        TOK_NOT = 321,
-        TOK_ACTION_ACCURACY = 322,
-        TOK_ACTION_ALLOW = 323,
-        TOK_ACTION_APPEND = 324,
-        TOK_ACTION_AUDIT_LOG = 325,
-        TOK_ACTION_BLOCK = 326,
-        TOK_ACTION_CAPTURE = 327,
-        TOK_ACTION_CHAIN = 328,
-        TOK_ACTION_CTL_AUDIT_ENGINE = 329,
-        TOK_ACTION_CTL_AUDIT_LOG_PARTS = 330,
-        TOK_ACTION_CTL_BDY_JSON = 331,
-        TOK_ACTION_CTL_BDY_XML = 332,
-        TOK_ACTION_CTL_FORCE_REQ_BODY_VAR = 333,
-        TOK_ACTION_CTL_REQUEST_BODY_ACCESS = 334,
-        TOK_ACTION_CTL_RULE_ENGINE = 335,
-        TOK_ACTION_CTL_RULE_REMOVE_BY_ID = 336,
-        TOK_ACTION_CTL_RULE_REMOVE_TARGET_BY_ID = 337,
-        TOK_ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG = 338,
-        TOK_ACTION_DENY = 339,
-        TOK_ACTION_DEPRECATE_VAR = 340,
-        TOK_ACTION_DROP = 341,
-        TOK_ACTION_EXEC = 342,
-        TOK_ACTION_EXPIRE_VAR = 343,
-        TOK_ACTION_ID = 344,
-        TOK_ACTION_INITCOL = 345,
-        TOK_ACTION_LOG = 346,
-        TOK_ACTION_LOG_DATA = 347,
-        TOK_ACTION_MATURITY = 348,
-        TOK_ACTION_MSG = 349,
-        TOK_ACTION_MULTI_MATCH = 350,
-        TOK_ACTION_NO_AUDIT_LOG = 351,
-        TOK_ACTION_NO_LOG = 352,
-        TOK_ACTION_PASS = 353,
-        TOK_ACTION_PAUSE = 354,
-        TOK_ACTION_PHASE = 355,
-        TOK_ACTION_PREPEND = 356,
-        TOK_ACTION_PROXY = 357,
-        TOK_ACTION_REDIRECT = 358,
-        TOK_ACTION_REV = 359,
-        TOK_ACTION_SANATISE_ARG = 360,
-        TOK_ACTION_SANATISE_MATCHED = 361,
-        TOK_ACTION_SANATISE_MATCHED_BYTES = 362,
-        TOK_ACTION_SANATISE_REQUEST_HEADER = 363,
-        TOK_ACTION_SANATISE_RESPONSE_HEADER = 364,
-        TOK_ACTION_SETENV = 365,
-        TOK_ACTION_SETRSC = 366,
-        TOK_ACTION_SETSID = 367,
-        TOK_ACTION_SETUID = 368,
-        TOK_ACTION_SEVERITY = 369,
-        TOK_ACTION_SKIP = 370,
-        TOK_ACTION_SKIP_AFTER = 371,
-        TOK_ACTION_STATUS = 372,
-        TOK_ACTION_TAG = 373,
-        TOK_ACTION_TRANSFORMATION_CMD_LINE = 374,
-        TOK_ACTION_TRANSFORMATION_COMPRESS_WHITESPACE = 375,
-        TOK_ACTION_TRANSFORMATION_CSS_DECODE = 376,
-        TOK_ACTION_TRANSFORMATION_HEX_ENCODE = 377,
-        TOK_ACTION_TRANSFORMATION_HTML_ENTITY_DECODE = 378,
-        TOK_ACTION_TRANSFORMATION_JS_DECODE = 379,
-        TOK_ACTION_TRANSFORMATION_LENGTH = 380,
-        TOK_ACTION_TRANSFORMATION_LOWERCASE = 381,
-        TOK_ACTION_TRANSFORMATION_MD5 = 382,
-        TOK_ACTION_TRANSFORMATION_NONE = 383,
-        TOK_ACTION_TRANSFORMATION_NORMALISE_PATH = 384,
-        TOK_ACTION_TRANSFORMATION_NORMALISE_PATH_WIN = 385,
-        TOK_ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT = 386,
-        TOK_ACTION_TRANSFORMATION_PARITY_ODD_7_BIT = 387,
-        TOK_ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT = 388,
-        TOK_ACTION_TRANSFORMATION_REMOVE_COMMENTS = 389,
-        TOK_ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR = 390,
-        TOK_ACTION_TRANSFORMATION_REMOVE_NULLS = 391,
-        TOK_ACTION_TRANSFORMATION_REMOVE_WHITESPACE = 392,
-        TOK_ACTION_TRANSFORMATION_REPLACE_COMMENTS = 393,
-        TOK_ACTION_TRANSFORMATION_REPLACE_NULLS = 394,
-        TOK_ACTION_TRANSFORMATION_SHA1 = 395,
-        TOK_ACTION_TRANSFORMATION_SQL_HEX_DECODE = 396,
-        TOK_ACTION_TRANSFORMATION_TRIM = 397,
-        TOK_ACTION_TRANSFORMATION_URL_DECODE = 398,
-        TOK_ACTION_TRANSFORMATION_URL_DECODE_UNI = 399,
-        TOK_ACTION_TRANSFORMATION_UTF8_TO_UNICODE = 400,
-        TOK_ACTION_VER = 401,
-        TOK_ACTION_XMLNS = 402,
-        TOK_CONFIG_COMPONENT_SIG = 403,
-        TOK_CONFIG_DIR_AUDIT_DIR = 404,
-        TOK_CONFIG_DIR_AUDIT_DIR_MOD = 405,
-        TOK_CONFIG_DIR_AUDIT_ENG = 406,
-        TOK_CONFIG_DIR_AUDIT_FLE_MOD = 407,
-        TOK_CONFIG_DIR_AUDIT_LOG = 408,
-        TOK_CONFIG_DIR_AUDIT_LOG2 = 409,
-        TOK_CONFIG_DIR_AUDIT_LOG_P = 410,
-        TOK_CONFIG_DIR_AUDIT_STS = 411,
-        TOK_CONFIG_DIR_AUDIT_TPE = 412,
-        TOK_CONFIG_DIR_DEBUG_LOG = 413,
-        TOK_CONFIG_DIR_DEBUG_LVL = 414,
-        TOK_CONFIG_DIR_GEO_DB = 415,
-        TOK_CONFIG_DIR_PCRE_MATCH_LIMIT = 416,
-        TOK_CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION = 417,
-        TOK_CONFIG_DIR_REQ_BODY = 418,
-        TOK_CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT = 419,
-        TOK_CONFIG_DIR_REQ_BODY_LIMIT = 420,
-        TOK_CONFIG_DIR_REQ_BODY_LIMIT_ACTION = 421,
-        TOK_CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT = 422,
-        TOK_CONFIG_DIR_RES_BODY = 423,
-        TOK_CONFIG_DIR_RES_BODY_LIMIT = 424,
-        TOK_CONFIG_DIR_RES_BODY_LIMIT_ACTION = 425,
-        TOK_CONFIG_DIR_RULE_ENG = 426,
-        TOK_CONFIG_DIR_SEC_ACTION = 427,
-        TOK_CONFIG_DIR_SEC_DEFAULT_ACTION = 428,
-        TOK_CONFIG_DIR_SEC_MARKER = 429,
-        TOK_CONFIG_DIR_UNICODE_MAP_FILE = 430,
-        TOK_CONFIG_SEC_COLLECTION_TIMEOUT = 431,
-        TOK_CONFIG_SEC_REMOTE_RULES_FAIL_ACTION = 432,
-        TOK_CONFIG_SEC_RULE_REMOVE_BY_ID = 433,
-        TOK_CONFIG_UPDLOAD_KEEP_FILES = 434,
-        TOK_CONFIG_UPDLOAD_SAVE_TMP_FILES = 435,
-        TOK_CONFIG_UPLOAD_DIR = 436,
-        TOK_CONFIG_UPLOAD_FILE_LIMIT = 437,
-        TOK_CONFIG_UPLOAD_FILE_MODE = 438,
-        TOK_CONFIG_VALUE_ABORT = 439,
-        TOK_CONFIG_VALUE_DETC = 440,
-        TOK_CONFIG_VALUE_HTTPS = 441,
-        TOK_CONFIG_VALUE_OFF = 442,
-        TOK_CONFIG_VALUE_ON = 443,
-        TOK_CONFIG_VALUE_PARALLEL = 444,
-        TOK_CONFIG_VALUE_PROCESS_PARTIAL = 445,
-        TOK_CONFIG_VALUE_REJECT = 446,
-        TOK_CONFIG_VALUE_RELEVANT_ONLY = 447,
-        TOK_CONFIG_VALUE_SERIAL = 448,
-        TOK_CONFIG_VALUE_WARN = 449,
-        TOK_CONFIG_XML_EXTERNAL_ENTITY = 450,
-        TOK_CONGIG_DIR_RESPONSE_BODY_MP = 451,
-        TOK_CONGIG_DIR_SEC_ARG_SEP = 452,
-        TOK_CONGIG_DIR_SEC_COOKIE_FORMAT = 453,
-        TOK_CONGIG_DIR_SEC_DATA_DIR = 454,
-        TOK_CONGIG_DIR_SEC_STATUS_ENGINE = 455,
-        TOK_CONGIG_DIR_SEC_TMP_DIR = 456,
-        TOK_DIRECTIVE = 457,
-        TOK_DIRECTIVE_SECRULESCRIPT = 458,
-        TOK_FREE_TEXT = 459,
-        TOK_OPERATOR = 460,
-        TOK_OPERATOR_BEGINS_WITH = 461,
-        TOK_OPERATOR_CONTAINS = 462,
-        TOK_OPERATOR_CONTAINS_WORD = 463,
-        TOK_OPERATOR_DETECT_SQLI = 464,
-        TOK_OPERATOR_DETECT_XSS = 465,
-        TOK_OPERATOR_ENDS_WITH = 466,
-        TOK_OPERATOR_EQ = 467,
-        TOK_OPERATOR_FUZZY_HASH = 468,
-        TOK_OPERATOR_GE = 469,
-        TOK_OPERATOR_GEOLOOKUP = 470,
-        TOK_OPERATOR_GSB_LOOKUP = 471,
-        TOK_OPERATOR_GT = 472,
-        TOK_OPERATOR_INSPECT_FILE = 473,
-        TOK_OPERATOR_IP_MATCH = 474,
-        TOK_OPERATOR_IP_MATCH_FROM_FILE = 475,
-        TOK_OPERATOR_LE = 476,
-        TOK_OPERATOR_LT = 477,
-        TOK_OPERATOR_PM = 478,
-        TOK_OPERATOR_PM_FROM_FILE = 479,
-        TOK_OPERATOR_RBL = 480,
-        TOK_OPERATOR_RSUB = 481,
-        TOK_OPERATOR_RX = 482,
-        TOK_OPERATOR_RX_CONTENT_ONLY = 483,
-        TOK_OPERATOR_STR_EQ = 484,
-        TOK_OPERATOR_STR_MATCH = 485,
-        TOK_OPERATOR_UNCONDITIONAL_MATCH = 486,
-        TOK_OPERATOR_VALIDATE_BYTE_RANGE = 487,
-        TOK_OPERATOR_VALIDATE_DTD = 488,
-        TOK_OPERATOR_VALIDATE_HASH = 489,
-        TOK_OPERATOR_VALIDATE_SCHEMA = 490,
-        TOK_OPERATOR_VALIDATE_URL_ENCODING = 491,
-        TOK_OPERATOR_VALIDATE_UTF8_ENCODING = 492,
-        TOK_OPERATOR_VERIFY_CC = 493,
-        TOK_OPERATOR_VERIFY_CPF = 494,
-        TOK_OPERATOR_VERIFY_SSN = 495,
-        TOK_OPERATOR_WITHIN = 496,
-        TOK_OP_QUOTE = 497,
-        TOK_QUOTATION_MARK = 498,
-        TOK_RUN_TIME_VAR_BLD = 499,
-        TOK_RUN_TIME_VAR_DUR = 500,
-        TOK_RUN_TIME_VAR_ENV = 501,
-        TOK_RUN_TIME_VAR_HSV = 502,
-        TOK_RUN_TIME_VAR_REMOTE_USER = 503,
-        TOK_RUN_TIME_VAR_RULE = 504,
-        TOK_RUN_TIME_VAR_TIME = 505,
-        TOK_RUN_TIME_VAR_TIME_DAY = 506,
-        TOK_RUN_TIME_VAR_TIME_EPOCH = 507,
-        TOK_RUN_TIME_VAR_TIME_HOUR = 508,
-        TOK_RUN_TIME_VAR_TIME_MIN = 509,
-        TOK_RUN_TIME_VAR_TIME_MON = 510,
-        TOK_RUN_TIME_VAR_TIME_SEC = 511,
-        TOK_RUN_TIME_VAR_TIME_WDAY = 512,
-        TOK_RUN_TIME_VAR_TIME_YEAR = 513,
-        TOK_RUN_TIME_VAR_XML = 514,
-        TOK_VARIABLE = 515,
-        TOK_VARIABLE_COL = 516,
-        TOK_VARIABLE_STATUS = 517,
-        TOK_VARIABLE_TX = 518,
-        TOK_DICT_ELEMENT = 519,
-        TOK_DICT_ELEMENT_REGEXP = 520
+        TOK_VAR_COUNT = 261,
+        TOK_VAR_EXCLUSION = 262,
+        TOK_VARIABLE_ARGS = 263,
+        TOK_VARIABLE_ARGS_POST = 264,
+        TOK_VARIABLE_ARGS_GET = 265,
+        TOK_VARIABLE_FILES_SIZES = 266,
+        TOK_VARIABLE_FILES_NAMES = 267,
+        TOK_VARIABLE_FILES_TMP_CONTENT = 268,
+        TOK_VARIABLE_MULTIPART_FILENAME = 269,
+        TOK_VARIABLE_MULTIPART_NAME = 270,
+        TOK_VARIABLE_MATCHED_VARS_NAMES = 271,
+        TOK_VARIABLE_MATCHED_VARS = 272,
+        TOK_VARIABLE_FILES = 273,
+        TOK_VARIABLE_REQUEST_COOKIES = 274,
+        TOK_VARIABLE_REQUEST_HEADERS = 275,
+        TOK_VARIABLE_RESPONSE_HEADERS = 276,
+        TOK_VARIABLE_GEO = 277,
+        TOK_VARIABLE_REQUEST_COOKIES_NAMES = 278,
+        TOK_VARIABLE_ARGS_COMBINED_SIZE = 279,
+        TOK_VARIABLE_ARGS_GET_NAMES = 280,
+        TOK_VARIABLE_RULE = 281,
+        TOK_VARIABLE_ARGS_NAMES = 282,
+        TOK_VARIABLE_ARGS_POST_NAMES = 283,
+        TOK_VARIABLE_AUTH_TYPE = 284,
+        TOK_VARIABLE_FILES_COMBINED_SIZE = 285,
+        TOK_VARIABLE_FILES_TMP_NAMES = 286,
+        TOK_VARIABLE_FULL_REQUEST = 287,
+        TOK_VARIABLE_FULL_REQUEST_LENGTH = 288,
+        TOK_VARIABLE_INBOUND_DATA_ERROR = 289,
+        TOK_VARIABLE_MATCHED_VAR = 290,
+        TOK_VARIABLE_MATCHED_VAR_NAME = 291,
+        TOK_VARIABLE_MULTIPART_CRLF_LF_LINES = 292,
+        TOK_VARIABLE_MULTIPART_DATA_AFTER = 293,
+        TOK_VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED = 294,
+        TOK_VARIABLE_MULTIPART_HEADER_FOLDING = 295,
+        TOK_VARIABLE_MULTIPART_INVALID_HEADER_FOLDING = 296,
+        TOK_VARIABLE_MULTIPART_INVALID_QUOTING = 297,
+        TOK_VARIABLE_MULTIPART_STRICT_ERROR = 298,
+        TOK_VARIABLE_MULTIPART_UNMATCHED_BOUNDARY = 299,
+        TOK_VARIABLE_OUTBOUND_DATA_ERROR = 300,
+        TOK_VARIABLE_PATH_INFO = 301,
+        TOK_VARIABLE_QUERY_STRING = 302,
+        TOK_VARIABLE_REMOTE_ADDR = 303,
+        TOK_VARIABLE_REMOTE_HOST = 304,
+        TOK_VARIABLE_REMOTE_PORT = 305,
+        TOK_VARIABLE_REQBODY_ERROR_MSG = 306,
+        TOK_VARIABLE_REQBODY_ERROR = 307,
+        TOK_VARIABLE_REQBODY_PROCESSOR_ERROR_MSG = 308,
+        TOK_VARIABLE_REQBODY_PROCESSOR_ERROR = 309,
+        TOK_VARIABLE_REQBODY_PROCESSOR = 310,
+        TOK_VARIABLE_REQUEST_BASENAME = 311,
+        TOK_VARIABLE_REQUEST_BODY_LENGTH = 312,
+        TOK_VARIABLE_REQUEST_BODY = 313,
+        TOK_VARIABLE_REQUEST_FILE_NAME = 314,
+        TOK_VARIABLE_REQUEST_HEADERS_NAMES = 315,
+        TOK_VARIABLE_REQUEST_LINE = 316,
+        TOK_VARIABLE_REQUEST_METHOD = 317,
+        TOK_VARIABLE_REQUEST_PROTOCOL = 318,
+        TOK_VARIABLE_REQUEST_URI_RAW = 319,
+        TOK_VARIABLE_REQUEST_URI = 320,
+        TOK_VARIABLE_RESOURCE = 321,
+        TOK_VARIABLE_RESPONSE_BODY = 322,
+        TOK_VARIABLE_RESPONSE_CONTENT_LENGTH = 323,
+        TOK_VARIABLE_RESPONSE_CONTENT_TYPE = 324,
+        TOK_VARIABLE_RESPONSE_HEADERS_NAMES = 325,
+        TOK_VARIABLE_RESPONSE_PROTOCOL = 326,
+        TOK_VARIABLE_RESPONSE_STATUS = 327,
+        TOK_VARIABLE_SERVER_ADDR = 328,
+        TOK_VARIABLE_SERVER_NAME = 329,
+        TOK_VARIABLE_SERVER_PORT = 330,
+        TOK_VARIABLE_SESSION_ID = 331,
+        TOK_VARIABLE_UNIQUE_ID = 332,
+        TOK_VARIABLE_URL_ENCODED_ERROR = 333,
+        TOK_VARIABLE_USER_ID = 334,
+        TOK_VARIABLE_STATUS = 335,
+        TOK_VARIABLE_IP = 336,
+        TOK_VARIABLE_GLOBAL = 337,
+        TOK_VARIABLE_TX = 338,
+        TOK_VARIABLE_SESSION = 339,
+        TOK_VARIABLE_USER = 340,
+        TOK_RUN_TIME_VAR_ENV = 341,
+        TOK_RUN_TIME_VAR_XML = 342,
+        TOK_ACTION_SETVAR = 343,
+        TOK_SETVAR_OPERATION_EQUALS = 344,
+        TOK_SETVAR_OPERATION_EQUALS_PLUS = 345,
+        TOK_SETVAR_OPERATION_EQUALS_MINUS = 346,
+        TOK_NOT = 347,
+        TOK_ACTION_ACCURACY = 348,
+        TOK_ACTION_ALLOW = 349,
+        TOK_ACTION_APPEND = 350,
+        TOK_ACTION_AUDIT_LOG = 351,
+        TOK_ACTION_BLOCK = 352,
+        TOK_ACTION_CAPTURE = 353,
+        TOK_ACTION_CHAIN = 354,
+        TOK_ACTION_CTL_AUDIT_ENGINE = 355,
+        TOK_ACTION_CTL_AUDIT_LOG_PARTS = 356,
+        TOK_ACTION_CTL_BDY_JSON = 357,
+        TOK_ACTION_CTL_BDY_XML = 358,
+        TOK_ACTION_CTL_FORCE_REQ_BODY_VAR = 359,
+        TOK_ACTION_CTL_REQUEST_BODY_ACCESS = 360,
+        TOK_ACTION_CTL_RULE_ENGINE = 361,
+        TOK_ACTION_CTL_RULE_REMOVE_BY_ID = 362,
+        TOK_ACTION_CTL_RULE_REMOVE_TARGET_BY_ID = 363,
+        TOK_ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG = 364,
+        TOK_ACTION_DENY = 365,
+        TOK_ACTION_DEPRECATE_VAR = 366,
+        TOK_ACTION_DROP = 367,
+        TOK_ACTION_EXEC = 368,
+        TOK_ACTION_EXPIRE_VAR = 369,
+        TOK_ACTION_ID = 370,
+        TOK_ACTION_INITCOL = 371,
+        TOK_ACTION_LOG = 372,
+        TOK_ACTION_LOG_DATA = 373,
+        TOK_ACTION_MATURITY = 374,
+        TOK_ACTION_MSG = 375,
+        TOK_ACTION_MULTI_MATCH = 376,
+        TOK_ACTION_NO_AUDIT_LOG = 377,
+        TOK_ACTION_NO_LOG = 378,
+        TOK_ACTION_PASS = 379,
+        TOK_ACTION_PAUSE = 380,
+        TOK_ACTION_PHASE = 381,
+        TOK_ACTION_PREPEND = 382,
+        TOK_ACTION_PROXY = 383,
+        TOK_ACTION_REDIRECT = 384,
+        TOK_ACTION_REV = 385,
+        TOK_ACTION_SANATISE_ARG = 386,
+        TOK_ACTION_SANATISE_MATCHED = 387,
+        TOK_ACTION_SANATISE_MATCHED_BYTES = 388,
+        TOK_ACTION_SANATISE_REQUEST_HEADER = 389,
+        TOK_ACTION_SANATISE_RESPONSE_HEADER = 390,
+        TOK_ACTION_SETENV = 391,
+        TOK_ACTION_SETRSC = 392,
+        TOK_ACTION_SETSID = 393,
+        TOK_ACTION_SETUID = 394,
+        TOK_ACTION_SEVERITY = 395,
+        TOK_ACTION_SKIP = 396,
+        TOK_ACTION_SKIP_AFTER = 397,
+        TOK_ACTION_STATUS = 398,
+        TOK_ACTION_TAG = 399,
+        TOK_ACTION_TRANSFORMATION_CMD_LINE = 400,
+        TOK_ACTION_TRANSFORMATION_COMPRESS_WHITESPACE = 401,
+        TOK_ACTION_TRANSFORMATION_CSS_DECODE = 402,
+        TOK_ACTION_TRANSFORMATION_HEX_ENCODE = 403,
+        TOK_ACTION_TRANSFORMATION_HTML_ENTITY_DECODE = 404,
+        TOK_ACTION_TRANSFORMATION_JS_DECODE = 405,
+        TOK_ACTION_TRANSFORMATION_LENGTH = 406,
+        TOK_ACTION_TRANSFORMATION_LOWERCASE = 407,
+        TOK_ACTION_TRANSFORMATION_MD5 = 408,
+        TOK_ACTION_TRANSFORMATION_NONE = 409,
+        TOK_ACTION_TRANSFORMATION_NORMALISE_PATH = 410,
+        TOK_ACTION_TRANSFORMATION_NORMALISE_PATH_WIN = 411,
+        TOK_ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT = 412,
+        TOK_ACTION_TRANSFORMATION_PARITY_ODD_7_BIT = 413,
+        TOK_ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT = 414,
+        TOK_ACTION_TRANSFORMATION_REMOVE_COMMENTS = 415,
+        TOK_ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR = 416,
+        TOK_ACTION_TRANSFORMATION_REMOVE_NULLS = 417,
+        TOK_ACTION_TRANSFORMATION_REMOVE_WHITESPACE = 418,
+        TOK_ACTION_TRANSFORMATION_REPLACE_COMMENTS = 419,
+        TOK_ACTION_TRANSFORMATION_REPLACE_NULLS = 420,
+        TOK_ACTION_TRANSFORMATION_SHA1 = 421,
+        TOK_ACTION_TRANSFORMATION_SQL_HEX_DECODE = 422,
+        TOK_ACTION_TRANSFORMATION_TRIM = 423,
+        TOK_ACTION_TRANSFORMATION_URL_DECODE = 424,
+        TOK_ACTION_TRANSFORMATION_URL_DECODE_UNI = 425,
+        TOK_ACTION_TRANSFORMATION_UTF8_TO_UNICODE = 426,
+        TOK_ACTION_VER = 427,
+        TOK_ACTION_XMLNS = 428,
+        TOK_CONFIG_COMPONENT_SIG = 429,
+        TOK_CONFIG_DIR_AUDIT_DIR = 430,
+        TOK_CONFIG_DIR_AUDIT_DIR_MOD = 431,
+        TOK_CONFIG_DIR_AUDIT_ENG = 432,
+        TOK_CONFIG_DIR_AUDIT_FLE_MOD = 433,
+        TOK_CONFIG_DIR_AUDIT_LOG = 434,
+        TOK_CONFIG_DIR_AUDIT_LOG2 = 435,
+        TOK_CONFIG_DIR_AUDIT_LOG_P = 436,
+        TOK_CONFIG_DIR_AUDIT_STS = 437,
+        TOK_CONFIG_DIR_AUDIT_TPE = 438,
+        TOK_CONFIG_DIR_DEBUG_LOG = 439,
+        TOK_CONFIG_DIR_DEBUG_LVL = 440,
+        TOK_CONFIG_DIR_GEO_DB = 441,
+        TOK_CONFIG_DIR_PCRE_MATCH_LIMIT = 442,
+        TOK_CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION = 443,
+        TOK_CONFIG_DIR_REQ_BODY = 444,
+        TOK_CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT = 445,
+        TOK_CONFIG_DIR_REQ_BODY_LIMIT = 446,
+        TOK_CONFIG_DIR_REQ_BODY_LIMIT_ACTION = 447,
+        TOK_CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT = 448,
+        TOK_CONFIG_DIR_RES_BODY = 449,
+        TOK_CONFIG_DIR_RES_BODY_LIMIT = 450,
+        TOK_CONFIG_DIR_RES_BODY_LIMIT_ACTION = 451,
+        TOK_CONFIG_DIR_RULE_ENG = 452,
+        TOK_CONFIG_DIR_SEC_ACTION = 453,
+        TOK_CONFIG_DIR_SEC_DEFAULT_ACTION = 454,
+        TOK_CONFIG_DIR_SEC_MARKER = 455,
+        TOK_CONFIG_DIR_UNICODE_MAP_FILE = 456,
+        TOK_CONFIG_SEC_COLLECTION_TIMEOUT = 457,
+        TOK_CONFIG_SEC_REMOTE_RULES_FAIL_ACTION = 458,
+        TOK_CONFIG_SEC_RULE_REMOVE_BY_ID = 459,
+        TOK_CONFIG_UPDLOAD_KEEP_FILES = 460,
+        TOK_CONFIG_UPDLOAD_SAVE_TMP_FILES = 461,
+        TOK_CONFIG_UPLOAD_DIR = 462,
+        TOK_CONFIG_UPLOAD_FILE_LIMIT = 463,
+        TOK_CONFIG_UPLOAD_FILE_MODE = 464,
+        TOK_CONFIG_VALUE_ABORT = 465,
+        TOK_CONFIG_VALUE_DETC = 466,
+        TOK_CONFIG_VALUE_HTTPS = 467,
+        TOK_CONFIG_VALUE_OFF = 468,
+        TOK_CONFIG_VALUE_ON = 469,
+        TOK_CONFIG_VALUE_PARALLEL = 470,
+        TOK_CONFIG_VALUE_PROCESS_PARTIAL = 471,
+        TOK_CONFIG_VALUE_REJECT = 472,
+        TOK_CONFIG_VALUE_RELEVANT_ONLY = 473,
+        TOK_CONFIG_VALUE_SERIAL = 474,
+        TOK_CONFIG_VALUE_WARN = 475,
+        TOK_CONFIG_XML_EXTERNAL_ENTITY = 476,
+        TOK_CONGIG_DIR_RESPONSE_BODY_MP = 477,
+        TOK_CONGIG_DIR_SEC_ARG_SEP = 478,
+        TOK_CONGIG_DIR_SEC_COOKIE_FORMAT = 479,
+        TOK_CONGIG_DIR_SEC_DATA_DIR = 480,
+        TOK_CONGIG_DIR_SEC_STATUS_ENGINE = 481,
+        TOK_CONGIG_DIR_SEC_TMP_DIR = 482,
+        TOK_DIRECTIVE = 483,
+        TOK_DIRECTIVE_SECRULESCRIPT = 484,
+        TOK_FREE_TEXT = 485,
+        TOK_OPERATOR = 486,
+        TOK_OPERATOR_BEGINS_WITH = 487,
+        TOK_OPERATOR_CONTAINS = 488,
+        TOK_OPERATOR_CONTAINS_WORD = 489,
+        TOK_OPERATOR_DETECT_SQLI = 490,
+        TOK_OPERATOR_DETECT_XSS = 491,
+        TOK_OPERATOR_ENDS_WITH = 492,
+        TOK_OPERATOR_EQ = 493,
+        TOK_OPERATOR_FUZZY_HASH = 494,
+        TOK_OPERATOR_GE = 495,
+        TOK_OPERATOR_GEOLOOKUP = 496,
+        TOK_OPERATOR_GSB_LOOKUP = 497,
+        TOK_OPERATOR_GT = 498,
+        TOK_OPERATOR_INSPECT_FILE = 499,
+        TOK_OPERATOR_IP_MATCH = 500,
+        TOK_OPERATOR_IP_MATCH_FROM_FILE = 501,
+        TOK_OPERATOR_LE = 502,
+        TOK_OPERATOR_LT = 503,
+        TOK_OPERATOR_PM = 504,
+        TOK_OPERATOR_PM_FROM_FILE = 505,
+        TOK_OPERATOR_RBL = 506,
+        TOK_OPERATOR_RSUB = 507,
+        TOK_OPERATOR_RX = 508,
+        TOK_OPERATOR_RX_CONTENT_ONLY = 509,
+        TOK_OPERATOR_STR_EQ = 510,
+        TOK_OPERATOR_STR_MATCH = 511,
+        TOK_OPERATOR_UNCONDITIONAL_MATCH = 512,
+        TOK_OPERATOR_VALIDATE_BYTE_RANGE = 513,
+        TOK_OPERATOR_VALIDATE_DTD = 514,
+        TOK_OPERATOR_VALIDATE_HASH = 515,
+        TOK_OPERATOR_VALIDATE_SCHEMA = 516,
+        TOK_OPERATOR_VALIDATE_URL_ENCODING = 517,
+        TOK_OPERATOR_VALIDATE_UTF8_ENCODING = 518,
+        TOK_OPERATOR_VERIFY_CC = 519,
+        TOK_OPERATOR_VERIFY_CPF = 520,
+        TOK_OPERATOR_VERIFY_SSN = 521,
+        TOK_OPERATOR_WITHIN = 522,
+        TOK_OP_QUOTE = 523,
+        TOK_QUOTATION_MARK = 524,
+        TOK_RUN_TIME_VAR_BLD = 525,
+        TOK_RUN_TIME_VAR_DUR = 526,
+        TOK_RUN_TIME_VAR_HSV = 527,
+        TOK_RUN_TIME_VAR_REMOTE_USER = 528,
+        TOK_RUN_TIME_VAR_TIME = 529,
+        TOK_RUN_TIME_VAR_TIME_DAY = 530,
+        TOK_RUN_TIME_VAR_TIME_EPOCH = 531,
+        TOK_RUN_TIME_VAR_TIME_HOUR = 532,
+        TOK_RUN_TIME_VAR_TIME_MIN = 533,
+        TOK_RUN_TIME_VAR_TIME_MON = 534,
+        TOK_RUN_TIME_VAR_TIME_SEC = 535,
+        TOK_RUN_TIME_VAR_TIME_WDAY = 536,
+        TOK_RUN_TIME_VAR_TIME_YEAR = 537,
+        TOK_VARIABLE = 538,
+        TOK_DICT_ELEMENT = 539,
+        TOK_DICT_ELEMENT_REGEXP = 540
       };
     };
 
@@ -1209,10 +1258,78 @@ namespace yy {
     symbol_type
     make_NEW_LINE (const location_type& l);
 
+    static inline
+    symbol_type
+    make_VAR_COUNT (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VAR_EXCLUSION (const location_type& l);
+
     static inline
     symbol_type
     make_VARIABLE_ARGS (const location_type& l);
 
+    static inline
+    symbol_type
+    make_VARIABLE_ARGS_POST (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_ARGS_GET (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_FILES_SIZES (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_FILES_NAMES (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_FILES_TMP_CONTENT (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_MULTIPART_FILENAME (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_MULTIPART_NAME (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_MATCHED_VARS_NAMES (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_MATCHED_VARS (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_FILES (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_REQUEST_COOKIES (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_REQUEST_HEADERS (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_RESPONSE_HEADERS (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_GEO (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_REQUEST_COOKIES_NAMES (const location_type& l);
+
     static inline
     symbol_type
     make_VARIABLE_ARGS_COMBINED_SIZE (const location_type& l);
@@ -1221,6 +1338,10 @@ namespace yy {
     symbol_type
     make_VARIABLE_ARGS_GET_NAMES (const location_type& l);
 
+    static inline
+    symbol_type
+    make_VARIABLE_RULE (const location_type& l);
+
     static inline
     symbol_type
     make_VARIABLE_ARGS_NAMES (const location_type& l);
@@ -1433,6 +1554,38 @@ namespace yy {
     symbol_type
     make_VARIABLE_USER_ID (const location_type& l);
 
+    static inline
+    symbol_type
+    make_VARIABLE_STATUS (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_IP (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_GLOBAL (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_TX (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_SESSION (const location_type& l);
+
+    static inline
+    symbol_type
+    make_VARIABLE_USER (const location_type& l);
+
+    static inline
+    symbol_type
+    make_RUN_TIME_VAR_ENV (const location_type& l);
+
+    static inline
+    symbol_type
+    make_RUN_TIME_VAR_XML (const location_type& l);
+
     static inline
     symbol_type
     make_ACTION_SETVAR (const location_type& l);
@@ -2169,10 +2322,6 @@ namespace yy {
     symbol_type
     make_RUN_TIME_VAR_DUR (const std::string& v, const location_type& l);
 
-    static inline
-    symbol_type
-    make_RUN_TIME_VAR_ENV (const std::string& v, const location_type& l);
-
     static inline
     symbol_type
     make_RUN_TIME_VAR_HSV (const std::string& v, const location_type& l);
@@ -2181,10 +2330,6 @@ namespace yy {
     symbol_type
     make_RUN_TIME_VAR_REMOTE_USER (const std::string& v, const location_type& l);
 
-    static inline
-    symbol_type
-    make_RUN_TIME_VAR_RULE (const std::string& v, const location_type& l);
-
     static inline
     symbol_type
     make_RUN_TIME_VAR_TIME (const std::string& v, const location_type& l);
@@ -2221,26 +2366,10 @@ namespace yy {
     symbol_type
     make_RUN_TIME_VAR_TIME_YEAR (const std::string& v, const location_type& l);
 
-    static inline
-    symbol_type
-    make_RUN_TIME_VAR_XML (const std::string& v, const location_type& l);
-
     static inline
     symbol_type
     make_VARIABLE (const std::string& v, const location_type& l);
 
-    static inline
-    symbol_type
-    make_VARIABLE_COL (const std::string& v, const location_type& l);
-
-    static inline
-    symbol_type
-    make_VARIABLE_STATUS (const std::string& v, const location_type& l);
-
-    static inline
-    symbol_type
-    make_VARIABLE_TX (const std::string& v, const location_type& l);
-
     static inline
     symbol_type
     make_DICT_ELEMENT (const std::string& v, const location_type& l);
@@ -2454,12 +2583,12 @@ namespace yy {
     enum
     {
       yyeof_ = 0,
-      yylast_ = 573,     ///< Last index in yytable_.
+      yylast_ = 764,     ///< Last index in yytable_.
       yynnts_ = 12,  ///< Number of nonterminal symbols.
-      yyfinal_ = 241, ///< Termination state number.
+      yyfinal_ = 260, ///< Termination state number.
       yyterror_ = 1,
       yyerrcode_ = 256,
-      yyntokens_ = 266  ///< Number of tokens.
+      yyntokens_ = 286  ///< Number of tokens.
     };
 
 
@@ -2528,9 +2657,11 @@ namespace yy {
      235,   236,   237,   238,   239,   240,   241,   242,   243,   244,
      245,   246,   247,   248,   249,   250,   251,   252,   253,   254,
      255,   256,   257,   258,   259,   260,   261,   262,   263,   264,
-     265
+     265,   266,   267,   268,   269,   270,   271,   272,   273,   274,
+     275,   276,   277,   278,   279,   280,   281,   282,   283,   284,
+     285
     };
-    const unsigned int user_token_number_max_ = 520;
+    const unsigned int user_token_number_max_ = 540;
     const token_number_type undef_token_ = 2;
 
     if (static_cast<int>(t) <= yyeof_)
@@ -2563,227 +2694,221 @@ namespace yy {
   {
       switch (other.type_get ())
     {
-      case 67: // "Accuracy"
-      case 68: // "Allow"
-      case 69: // "Append"
-      case 70: // "AuditLog"
-      case 71: // "Block"
-      case 72: // "Capture"
-      case 73: // "Chain"
-      case 74: // "ACTION_CTL_AUDIT_ENGINE"
-      case 75: // "ACTION_CTL_AUDIT_LOG_PARTS"
-      case 76: // "ACTION_CTL_BDY_JSON"
-      case 77: // "ACTION_CTL_BDY_XML"
-      case 78: // "ACTION_CTL_FORCE_REQ_BODY_VAR"
-      case 79: // "ACTION_CTL_REQUEST_BODY_ACCESS"
-      case 80: // "ACTION_CTL_RULE_ENGINE"
-      case 81: // "ACTION_CTL_RULE_REMOVE_BY_ID"
-      case 82: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID"
-      case 83: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG"
-      case 84: // "Deny"
-      case 85: // "DeprecateVar"
-      case 86: // "Drop"
-      case 87: // "Exec"
-      case 88: // "ExpireVar"
-      case 89: // "Id"
-      case 90: // "InitCol"
-      case 91: // "Log"
-      case 92: // "LogData"
-      case 93: // "Maturity"
-      case 94: // "Msg"
-      case 95: // "MultiMatch"
-      case 96: // "NoAuditLog"
-      case 97: // "NoLog"
-      case 98: // "Pass"
-      case 99: // "Pause"
-      case 100: // "Phase"
-      case 101: // "Prepend"
-      case 102: // "Proxy"
-      case 103: // "Redirect"
-      case 104: // "Rev"
-      case 105: // "SanatiseArg"
-      case 106: // "SanatiseMatched"
-      case 107: // "SanatiseMatchedBytes"
-      case 108: // "SanatiseRequestHeader"
-      case 109: // "SanatiseResponseHeader"
-      case 110: // "SetEnv"
-      case 111: // "SetSrc"
-      case 112: // "SetSid"
-      case 113: // "SetUID"
-      case 114: // "Severity"
-      case 115: // "Skip"
-      case 116: // "SkipAfter"
-      case 117: // "Status"
-      case 118: // "Tag"
-      case 119: // "ACTION_TRANSFORMATION_CMD_LINE"
-      case 120: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE"
-      case 121: // "ACTION_TRANSFORMATION_CSS_DECODE"
-      case 122: // "ACTION_TRANSFORMATION_HEX_ENCODE"
-      case 123: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE"
-      case 124: // "ACTION_TRANSFORMATION_JS_DECODE"
-      case 125: // "ACTION_TRANSFORMATION_LENGTH"
-      case 126: // "ACTION_TRANSFORMATION_LOWERCASE"
-      case 127: // "ACTION_TRANSFORMATION_MD5"
-      case 128: // "ACTION_TRANSFORMATION_NONE"
-      case 129: // "ACTION_TRANSFORMATION_NORMALISE_PATH"
-      case 130: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN"
-      case 131: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT"
-      case 132: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT"
-      case 133: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT"
-      case 134: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS"
-      case 135: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR"
-      case 136: // "ACTION_TRANSFORMATION_REMOVE_NULLS"
-      case 137: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE"
-      case 138: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS"
-      case 139: // "ACTION_TRANSFORMATION_REPLACE_NULLS"
-      case 140: // "ACTION_TRANSFORMATION_SHA1"
-      case 141: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE"
-      case 142: // "ACTION_TRANSFORMATION_TRIM"
-      case 143: // "ACTION_TRANSFORMATION_URL_DECODE"
-      case 144: // "ACTION_TRANSFORMATION_URL_DECODE_UNI"
-      case 145: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE"
-      case 146: // "Ver"
-      case 147: // "xmlns"
-      case 148: // "CONFIG_COMPONENT_SIG"
-      case 149: // "CONFIG_DIR_AUDIT_DIR"
-      case 150: // "CONFIG_DIR_AUDIT_DIR_MOD"
-      case 151: // "CONFIG_DIR_AUDIT_ENG"
-      case 152: // "CONFIG_DIR_AUDIT_FLE_MOD"
-      case 153: // "CONFIG_DIR_AUDIT_LOG"
-      case 154: // "CONFIG_DIR_AUDIT_LOG2"
-      case 155: // "CONFIG_DIR_AUDIT_LOG_P"
-      case 156: // "CONFIG_DIR_AUDIT_STS"
-      case 157: // "CONFIG_DIR_AUDIT_TPE"
-      case 158: // "CONFIG_DIR_DEBUG_LOG"
-      case 159: // "CONFIG_DIR_DEBUG_LVL"
-      case 160: // "CONFIG_DIR_GEO_DB"
-      case 161: // "CONFIG_DIR_PCRE_MATCH_LIMIT"
-      case 162: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION"
-      case 163: // "CONFIG_DIR_REQ_BODY"
-      case 164: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
-      case 165: // "CONFIG_DIR_REQ_BODY_LIMIT"
-      case 166: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION"
-      case 167: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT"
-      case 168: // "CONFIG_DIR_RES_BODY"
-      case 169: // "CONFIG_DIR_RES_BODY_LIMIT"
-      case 170: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION"
-      case 171: // "CONFIG_DIR_RULE_ENG"
-      case 172: // "CONFIG_DIR_SEC_ACTION"
-      case 173: // "CONFIG_DIR_SEC_DEFAULT_ACTION"
-      case 174: // "CONFIG_DIR_SEC_MARKER"
-      case 175: // "CONFIG_DIR_UNICODE_MAP_FILE"
-      case 176: // "CONFIG_SEC_COLLECTION_TIMEOUT"
-      case 177: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION"
-      case 178: // "CONFIG_SEC_RULE_REMOVE_BY_ID"
-      case 179: // "CONFIG_UPDLOAD_KEEP_FILES"
-      case 180: // "CONFIG_UPDLOAD_SAVE_TMP_FILES"
-      case 181: // "CONFIG_UPLOAD_DIR"
-      case 182: // "CONFIG_UPLOAD_FILE_LIMIT"
-      case 183: // "CONFIG_UPLOAD_FILE_MODE"
-      case 184: // "CONFIG_VALUE_ABORT"
-      case 185: // "CONFIG_VALUE_DETC"
-      case 186: // "CONFIG_VALUE_HTTPS"
-      case 187: // "CONFIG_VALUE_OFF"
-      case 188: // "CONFIG_VALUE_ON"
-      case 189: // "CONFIG_VALUE_PARALLEL"
-      case 190: // "CONFIG_VALUE_PROCESS_PARTIAL"
-      case 191: // "CONFIG_VALUE_REJECT"
-      case 192: // "CONFIG_VALUE_RELEVANT_ONLY"
-      case 193: // "CONFIG_VALUE_SERIAL"
-      case 194: // "CONFIG_VALUE_WARN"
-      case 195: // "CONFIG_XML_EXTERNAL_ENTITY"
-      case 196: // "CONGIG_DIR_RESPONSE_BODY_MP"
-      case 197: // "CONGIG_DIR_SEC_ARG_SEP"
-      case 198: // "CONGIG_DIR_SEC_COOKIE_FORMAT"
-      case 199: // "CONGIG_DIR_SEC_DATA_DIR"
-      case 200: // "CONGIG_DIR_SEC_STATUS_ENGINE"
-      case 201: // "CONGIG_DIR_SEC_TMP_DIR"
-      case 202: // "DIRECTIVE"
-      case 203: // "DIRECTIVE_SECRULESCRIPT"
-      case 204: // "FREE_TEXT"
-      case 205: // "OPERATOR"
-      case 206: // "OPERATOR_BEGINS_WITH"
-      case 207: // "OPERATOR_CONTAINS"
-      case 208: // "OPERATOR_CONTAINS_WORD"
-      case 209: // "OPERATOR_DETECT_SQLI"
-      case 210: // "OPERATOR_DETECT_XSS"
-      case 211: // "OPERATOR_ENDS_WITH"
-      case 212: // "OPERATOR_EQ"
-      case 213: // "OPERATOR_FUZZY_HASH"
-      case 214: // "OPERATOR_GE"
-      case 215: // "OPERATOR_GEOLOOKUP"
-      case 216: // "OPERATOR_GSB_LOOKUP"
-      case 217: // "OPERATOR_GT"
-      case 218: // "OPERATOR_INSPECT_FILE"
-      case 219: // "OPERATOR_IP_MATCH"
-      case 220: // "OPERATOR_IP_MATCH_FROM_FILE"
-      case 221: // "OPERATOR_LE"
-      case 222: // "OPERATOR_LT"
-      case 223: // "OPERATOR_PM"
-      case 224: // "OPERATOR_PM_FROM_FILE"
-      case 225: // "OPERATOR_RBL"
-      case 226: // "OPERATOR_RSUB"
-      case 227: // "OPERATOR_RX"
-      case 228: // "Operator Rx"
-      case 229: // "OPERATOR_STR_EQ"
-      case 230: // "OPERATOR_STR_MATCH"
-      case 231: // "OPERATOR_UNCONDITIONAL_MATCH"
-      case 232: // "OPERATOR_VALIDATE_BYTE_RANGE"
-      case 233: // "OPERATOR_VALIDATE_DTD"
-      case 234: // "OPERATOR_VALIDATE_HASH"
-      case 235: // "OPERATOR_VALIDATE_SCHEMA"
-      case 236: // "OPERATOR_VALIDATE_URL_ENCODING"
-      case 237: // "OPERATOR_VALIDATE_UTF8_ENCODING"
-      case 238: // "OPERATOR_VERIFY_CC"
-      case 239: // "OPERATOR_VERIFY_CPF"
-      case 240: // "OPERATOR_VERIFY_SSN"
-      case 241: // "OPERATOR_WITHIN"
-      case 242: // "OP_QUOTE"
-      case 243: // "QUOTATION_MARK"
-      case 244: // "RUN_TIME_VAR_BLD"
-      case 245: // "RUN_TIME_VAR_DUR"
-      case 246: // "RUN_TIME_VAR_ENV"
-      case 247: // "RUN_TIME_VAR_HSV"
-      case 248: // "RUN_TIME_VAR_REMOTE_USER"
-      case 249: // "RUN_TIME_VAR_RULE"
-      case 250: // "RUN_TIME_VAR_TIME"
-      case 251: // "RUN_TIME_VAR_TIME_DAY"
-      case 252: // "RUN_TIME_VAR_TIME_EPOCH"
-      case 253: // "RUN_TIME_VAR_TIME_HOUR"
-      case 254: // "RUN_TIME_VAR_TIME_MIN"
-      case 255: // "RUN_TIME_VAR_TIME_MON"
-      case 256: // "RUN_TIME_VAR_TIME_SEC"
-      case 257: // "RUN_TIME_VAR_TIME_WDAY"
-      case 258: // "RUN_TIME_VAR_TIME_YEAR"
-      case 259: // "RUN_TIME_VAR_XML"
-      case 260: // "VARIABLE"
-      case 261: // "VARIABLE_COL"
-      case 262: // "VARIABLE_STATUS"
-      case 263: // "VARIABLE_TX"
-      case 264: // "Dictionary element"
-      case 265: // "Dictionary element, selected by regexp"
+      case 93: // "Accuracy"
+      case 94: // "Allow"
+      case 95: // "Append"
+      case 96: // "AuditLog"
+      case 97: // "Block"
+      case 98: // "Capture"
+      case 99: // "Chain"
+      case 100: // "ACTION_CTL_AUDIT_ENGINE"
+      case 101: // "ACTION_CTL_AUDIT_LOG_PARTS"
+      case 102: // "ACTION_CTL_BDY_JSON"
+      case 103: // "ACTION_CTL_BDY_XML"
+      case 104: // "ACTION_CTL_FORCE_REQ_BODY_VAR"
+      case 105: // "ACTION_CTL_REQUEST_BODY_ACCESS"
+      case 106: // "ACTION_CTL_RULE_ENGINE"
+      case 107: // "ACTION_CTL_RULE_REMOVE_BY_ID"
+      case 108: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID"
+      case 109: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG"
+      case 110: // "Deny"
+      case 111: // "DeprecateVar"
+      case 112: // "Drop"
+      case 113: // "Exec"
+      case 114: // "ExpireVar"
+      case 115: // "Id"
+      case 116: // "InitCol"
+      case 117: // "Log"
+      case 118: // "LogData"
+      case 119: // "Maturity"
+      case 120: // "Msg"
+      case 121: // "MultiMatch"
+      case 122: // "NoAuditLog"
+      case 123: // "NoLog"
+      case 124: // "Pass"
+      case 125: // "Pause"
+      case 126: // "Phase"
+      case 127: // "Prepend"
+      case 128: // "Proxy"
+      case 129: // "Redirect"
+      case 130: // "Rev"
+      case 131: // "SanatiseArg"
+      case 132: // "SanatiseMatched"
+      case 133: // "SanatiseMatchedBytes"
+      case 134: // "SanatiseRequestHeader"
+      case 135: // "SanatiseResponseHeader"
+      case 136: // "SetEnv"
+      case 137: // "SetSrc"
+      case 138: // "SetSid"
+      case 139: // "SetUID"
+      case 140: // "Severity"
+      case 141: // "Skip"
+      case 142: // "SkipAfter"
+      case 143: // "Status"
+      case 144: // "Tag"
+      case 145: // "ACTION_TRANSFORMATION_CMD_LINE"
+      case 146: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE"
+      case 147: // "ACTION_TRANSFORMATION_CSS_DECODE"
+      case 148: // "ACTION_TRANSFORMATION_HEX_ENCODE"
+      case 149: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE"
+      case 150: // "ACTION_TRANSFORMATION_JS_DECODE"
+      case 151: // "ACTION_TRANSFORMATION_LENGTH"
+      case 152: // "ACTION_TRANSFORMATION_LOWERCASE"
+      case 153: // "ACTION_TRANSFORMATION_MD5"
+      case 154: // "ACTION_TRANSFORMATION_NONE"
+      case 155: // "ACTION_TRANSFORMATION_NORMALISE_PATH"
+      case 156: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN"
+      case 157: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT"
+      case 158: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT"
+      case 159: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT"
+      case 160: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS"
+      case 161: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR"
+      case 162: // "ACTION_TRANSFORMATION_REMOVE_NULLS"
+      case 163: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE"
+      case 164: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS"
+      case 165: // "ACTION_TRANSFORMATION_REPLACE_NULLS"
+      case 166: // "ACTION_TRANSFORMATION_SHA1"
+      case 167: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE"
+      case 168: // "ACTION_TRANSFORMATION_TRIM"
+      case 169: // "ACTION_TRANSFORMATION_URL_DECODE"
+      case 170: // "ACTION_TRANSFORMATION_URL_DECODE_UNI"
+      case 171: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE"
+      case 172: // "Ver"
+      case 173: // "xmlns"
+      case 174: // "CONFIG_COMPONENT_SIG"
+      case 175: // "CONFIG_DIR_AUDIT_DIR"
+      case 176: // "CONFIG_DIR_AUDIT_DIR_MOD"
+      case 177: // "CONFIG_DIR_AUDIT_ENG"
+      case 178: // "CONFIG_DIR_AUDIT_FLE_MOD"
+      case 179: // "CONFIG_DIR_AUDIT_LOG"
+      case 180: // "CONFIG_DIR_AUDIT_LOG2"
+      case 181: // "CONFIG_DIR_AUDIT_LOG_P"
+      case 182: // "CONFIG_DIR_AUDIT_STS"
+      case 183: // "CONFIG_DIR_AUDIT_TPE"
+      case 184: // "CONFIG_DIR_DEBUG_LOG"
+      case 185: // "CONFIG_DIR_DEBUG_LVL"
+      case 186: // "CONFIG_DIR_GEO_DB"
+      case 187: // "CONFIG_DIR_PCRE_MATCH_LIMIT"
+      case 188: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION"
+      case 189: // "CONFIG_DIR_REQ_BODY"
+      case 190: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
+      case 191: // "CONFIG_DIR_REQ_BODY_LIMIT"
+      case 192: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION"
+      case 193: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT"
+      case 194: // "CONFIG_DIR_RES_BODY"
+      case 195: // "CONFIG_DIR_RES_BODY_LIMIT"
+      case 196: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION"
+      case 197: // "CONFIG_DIR_RULE_ENG"
+      case 198: // "CONFIG_DIR_SEC_ACTION"
+      case 199: // "CONFIG_DIR_SEC_DEFAULT_ACTION"
+      case 200: // "CONFIG_DIR_SEC_MARKER"
+      case 201: // "CONFIG_DIR_UNICODE_MAP_FILE"
+      case 202: // "CONFIG_SEC_COLLECTION_TIMEOUT"
+      case 203: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION"
+      case 204: // "CONFIG_SEC_RULE_REMOVE_BY_ID"
+      case 205: // "CONFIG_UPDLOAD_KEEP_FILES"
+      case 206: // "CONFIG_UPDLOAD_SAVE_TMP_FILES"
+      case 207: // "CONFIG_UPLOAD_DIR"
+      case 208: // "CONFIG_UPLOAD_FILE_LIMIT"
+      case 209: // "CONFIG_UPLOAD_FILE_MODE"
+      case 210: // "CONFIG_VALUE_ABORT"
+      case 211: // "CONFIG_VALUE_DETC"
+      case 212: // "CONFIG_VALUE_HTTPS"
+      case 213: // "CONFIG_VALUE_OFF"
+      case 214: // "CONFIG_VALUE_ON"
+      case 215: // "CONFIG_VALUE_PARALLEL"
+      case 216: // "CONFIG_VALUE_PROCESS_PARTIAL"
+      case 217: // "CONFIG_VALUE_REJECT"
+      case 218: // "CONFIG_VALUE_RELEVANT_ONLY"
+      case 219: // "CONFIG_VALUE_SERIAL"
+      case 220: // "CONFIG_VALUE_WARN"
+      case 221: // "CONFIG_XML_EXTERNAL_ENTITY"
+      case 222: // "CONGIG_DIR_RESPONSE_BODY_MP"
+      case 223: // "CONGIG_DIR_SEC_ARG_SEP"
+      case 224: // "CONGIG_DIR_SEC_COOKIE_FORMAT"
+      case 225: // "CONGIG_DIR_SEC_DATA_DIR"
+      case 226: // "CONGIG_DIR_SEC_STATUS_ENGINE"
+      case 227: // "CONGIG_DIR_SEC_TMP_DIR"
+      case 228: // "DIRECTIVE"
+      case 229: // "DIRECTIVE_SECRULESCRIPT"
+      case 230: // "FREE_TEXT"
+      case 231: // "OPERATOR"
+      case 232: // "OPERATOR_BEGINS_WITH"
+      case 233: // "OPERATOR_CONTAINS"
+      case 234: // "OPERATOR_CONTAINS_WORD"
+      case 235: // "OPERATOR_DETECT_SQLI"
+      case 236: // "OPERATOR_DETECT_XSS"
+      case 237: // "OPERATOR_ENDS_WITH"
+      case 238: // "OPERATOR_EQ"
+      case 239: // "OPERATOR_FUZZY_HASH"
+      case 240: // "OPERATOR_GE"
+      case 241: // "OPERATOR_GEOLOOKUP"
+      case 242: // "OPERATOR_GSB_LOOKUP"
+      case 243: // "OPERATOR_GT"
+      case 244: // "OPERATOR_INSPECT_FILE"
+      case 245: // "OPERATOR_IP_MATCH"
+      case 246: // "OPERATOR_IP_MATCH_FROM_FILE"
+      case 247: // "OPERATOR_LE"
+      case 248: // "OPERATOR_LT"
+      case 249: // "OPERATOR_PM"
+      case 250: // "OPERATOR_PM_FROM_FILE"
+      case 251: // "OPERATOR_RBL"
+      case 252: // "OPERATOR_RSUB"
+      case 253: // "OPERATOR_RX"
+      case 254: // "Operator Rx"
+      case 255: // "OPERATOR_STR_EQ"
+      case 256: // "OPERATOR_STR_MATCH"
+      case 257: // "OPERATOR_UNCONDITIONAL_MATCH"
+      case 258: // "OPERATOR_VALIDATE_BYTE_RANGE"
+      case 259: // "OPERATOR_VALIDATE_DTD"
+      case 260: // "OPERATOR_VALIDATE_HASH"
+      case 261: // "OPERATOR_VALIDATE_SCHEMA"
+      case 262: // "OPERATOR_VALIDATE_URL_ENCODING"
+      case 263: // "OPERATOR_VALIDATE_UTF8_ENCODING"
+      case 264: // "OPERATOR_VERIFY_CC"
+      case 265: // "OPERATOR_VERIFY_CPF"
+      case 266: // "OPERATOR_VERIFY_SSN"
+      case 267: // "OPERATOR_WITHIN"
+      case 268: // "OP_QUOTE"
+      case 269: // "QUOTATION_MARK"
+      case 270: // "RUN_TIME_VAR_BLD"
+      case 271: // "RUN_TIME_VAR_DUR"
+      case 272: // "RUN_TIME_VAR_HSV"
+      case 273: // "RUN_TIME_VAR_REMOTE_USER"
+      case 274: // "RUN_TIME_VAR_TIME"
+      case 275: // "RUN_TIME_VAR_TIME_DAY"
+      case 276: // "RUN_TIME_VAR_TIME_EPOCH"
+      case 277: // "RUN_TIME_VAR_TIME_HOUR"
+      case 278: // "RUN_TIME_VAR_TIME_MIN"
+      case 279: // "RUN_TIME_VAR_TIME_MON"
+      case 280: // "RUN_TIME_VAR_TIME_SEC"
+      case 281: // "RUN_TIME_VAR_TIME_WDAY"
+      case 282: // "RUN_TIME_VAR_TIME_YEAR"
+      case 283: // "VARIABLE"
+      case 284: // "Dictionary element"
+      case 285: // "Dictionary element, selected by regexp"
         value.copy< std::string > (other.value);
         break;
 
-      case 272: // op
-      case 273: // op_before_init
+      case 292: // op
+      case 293: // op_before_init
         value.copy< std::unique_ptr<Operator> > (other.value);
         break;
 
-      case 276: // var
+      case 296: // var
         value.copy< std::unique_ptr<Variable> > (other.value);
         break;
 
-      case 277: // act
+      case 297: // act
         value.copy< std::unique_ptr<actions::Action> > (other.value);
         break;
 
-      case 275: // variables
+      case 295: // variables
         value.copy< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > (other.value);
         break;
 
-      case 270: // actions
-      case 271: // actions_may_quoted
+      case 290: // actions
+      case 291: // actions_may_quoted
         value.copy< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > (other.value);
         break;
 
@@ -2804,227 +2929,221 @@ namespace yy {
     (void) v;
       switch (this->type_get ())
     {
-      case 67: // "Accuracy"
-      case 68: // "Allow"
-      case 69: // "Append"
-      case 70: // "AuditLog"
-      case 71: // "Block"
-      case 72: // "Capture"
-      case 73: // "Chain"
-      case 74: // "ACTION_CTL_AUDIT_ENGINE"
-      case 75: // "ACTION_CTL_AUDIT_LOG_PARTS"
-      case 76: // "ACTION_CTL_BDY_JSON"
-      case 77: // "ACTION_CTL_BDY_XML"
-      case 78: // "ACTION_CTL_FORCE_REQ_BODY_VAR"
-      case 79: // "ACTION_CTL_REQUEST_BODY_ACCESS"
-      case 80: // "ACTION_CTL_RULE_ENGINE"
-      case 81: // "ACTION_CTL_RULE_REMOVE_BY_ID"
-      case 82: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID"
-      case 83: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG"
-      case 84: // "Deny"
-      case 85: // "DeprecateVar"
-      case 86: // "Drop"
-      case 87: // "Exec"
-      case 88: // "ExpireVar"
-      case 89: // "Id"
-      case 90: // "InitCol"
-      case 91: // "Log"
-      case 92: // "LogData"
-      case 93: // "Maturity"
-      case 94: // "Msg"
-      case 95: // "MultiMatch"
-      case 96: // "NoAuditLog"
-      case 97: // "NoLog"
-      case 98: // "Pass"
-      case 99: // "Pause"
-      case 100: // "Phase"
-      case 101: // "Prepend"
-      case 102: // "Proxy"
-      case 103: // "Redirect"
-      case 104: // "Rev"
-      case 105: // "SanatiseArg"
-      case 106: // "SanatiseMatched"
-      case 107: // "SanatiseMatchedBytes"
-      case 108: // "SanatiseRequestHeader"
-      case 109: // "SanatiseResponseHeader"
-      case 110: // "SetEnv"
-      case 111: // "SetSrc"
-      case 112: // "SetSid"
-      case 113: // "SetUID"
-      case 114: // "Severity"
-      case 115: // "Skip"
-      case 116: // "SkipAfter"
-      case 117: // "Status"
-      case 118: // "Tag"
-      case 119: // "ACTION_TRANSFORMATION_CMD_LINE"
-      case 120: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE"
-      case 121: // "ACTION_TRANSFORMATION_CSS_DECODE"
-      case 122: // "ACTION_TRANSFORMATION_HEX_ENCODE"
-      case 123: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE"
-      case 124: // "ACTION_TRANSFORMATION_JS_DECODE"
-      case 125: // "ACTION_TRANSFORMATION_LENGTH"
-      case 126: // "ACTION_TRANSFORMATION_LOWERCASE"
-      case 127: // "ACTION_TRANSFORMATION_MD5"
-      case 128: // "ACTION_TRANSFORMATION_NONE"
-      case 129: // "ACTION_TRANSFORMATION_NORMALISE_PATH"
-      case 130: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN"
-      case 131: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT"
-      case 132: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT"
-      case 133: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT"
-      case 134: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS"
-      case 135: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR"
-      case 136: // "ACTION_TRANSFORMATION_REMOVE_NULLS"
-      case 137: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE"
-      case 138: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS"
-      case 139: // "ACTION_TRANSFORMATION_REPLACE_NULLS"
-      case 140: // "ACTION_TRANSFORMATION_SHA1"
-      case 141: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE"
-      case 142: // "ACTION_TRANSFORMATION_TRIM"
-      case 143: // "ACTION_TRANSFORMATION_URL_DECODE"
-      case 144: // "ACTION_TRANSFORMATION_URL_DECODE_UNI"
-      case 145: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE"
-      case 146: // "Ver"
-      case 147: // "xmlns"
-      case 148: // "CONFIG_COMPONENT_SIG"
-      case 149: // "CONFIG_DIR_AUDIT_DIR"
-      case 150: // "CONFIG_DIR_AUDIT_DIR_MOD"
-      case 151: // "CONFIG_DIR_AUDIT_ENG"
-      case 152: // "CONFIG_DIR_AUDIT_FLE_MOD"
-      case 153: // "CONFIG_DIR_AUDIT_LOG"
-      case 154: // "CONFIG_DIR_AUDIT_LOG2"
-      case 155: // "CONFIG_DIR_AUDIT_LOG_P"
-      case 156: // "CONFIG_DIR_AUDIT_STS"
-      case 157: // "CONFIG_DIR_AUDIT_TPE"
-      case 158: // "CONFIG_DIR_DEBUG_LOG"
-      case 159: // "CONFIG_DIR_DEBUG_LVL"
-      case 160: // "CONFIG_DIR_GEO_DB"
-      case 161: // "CONFIG_DIR_PCRE_MATCH_LIMIT"
-      case 162: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION"
-      case 163: // "CONFIG_DIR_REQ_BODY"
-      case 164: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
-      case 165: // "CONFIG_DIR_REQ_BODY_LIMIT"
-      case 166: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION"
-      case 167: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT"
-      case 168: // "CONFIG_DIR_RES_BODY"
-      case 169: // "CONFIG_DIR_RES_BODY_LIMIT"
-      case 170: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION"
-      case 171: // "CONFIG_DIR_RULE_ENG"
-      case 172: // "CONFIG_DIR_SEC_ACTION"
-      case 173: // "CONFIG_DIR_SEC_DEFAULT_ACTION"
-      case 174: // "CONFIG_DIR_SEC_MARKER"
-      case 175: // "CONFIG_DIR_UNICODE_MAP_FILE"
-      case 176: // "CONFIG_SEC_COLLECTION_TIMEOUT"
-      case 177: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION"
-      case 178: // "CONFIG_SEC_RULE_REMOVE_BY_ID"
-      case 179: // "CONFIG_UPDLOAD_KEEP_FILES"
-      case 180: // "CONFIG_UPDLOAD_SAVE_TMP_FILES"
-      case 181: // "CONFIG_UPLOAD_DIR"
-      case 182: // "CONFIG_UPLOAD_FILE_LIMIT"
-      case 183: // "CONFIG_UPLOAD_FILE_MODE"
-      case 184: // "CONFIG_VALUE_ABORT"
-      case 185: // "CONFIG_VALUE_DETC"
-      case 186: // "CONFIG_VALUE_HTTPS"
-      case 187: // "CONFIG_VALUE_OFF"
-      case 188: // "CONFIG_VALUE_ON"
-      case 189: // "CONFIG_VALUE_PARALLEL"
-      case 190: // "CONFIG_VALUE_PROCESS_PARTIAL"
-      case 191: // "CONFIG_VALUE_REJECT"
-      case 192: // "CONFIG_VALUE_RELEVANT_ONLY"
-      case 193: // "CONFIG_VALUE_SERIAL"
-      case 194: // "CONFIG_VALUE_WARN"
-      case 195: // "CONFIG_XML_EXTERNAL_ENTITY"
-      case 196: // "CONGIG_DIR_RESPONSE_BODY_MP"
-      case 197: // "CONGIG_DIR_SEC_ARG_SEP"
-      case 198: // "CONGIG_DIR_SEC_COOKIE_FORMAT"
-      case 199: // "CONGIG_DIR_SEC_DATA_DIR"
-      case 200: // "CONGIG_DIR_SEC_STATUS_ENGINE"
-      case 201: // "CONGIG_DIR_SEC_TMP_DIR"
-      case 202: // "DIRECTIVE"
-      case 203: // "DIRECTIVE_SECRULESCRIPT"
-      case 204: // "FREE_TEXT"
-      case 205: // "OPERATOR"
-      case 206: // "OPERATOR_BEGINS_WITH"
-      case 207: // "OPERATOR_CONTAINS"
-      case 208: // "OPERATOR_CONTAINS_WORD"
-      case 209: // "OPERATOR_DETECT_SQLI"
-      case 210: // "OPERATOR_DETECT_XSS"
-      case 211: // "OPERATOR_ENDS_WITH"
-      case 212: // "OPERATOR_EQ"
-      case 213: // "OPERATOR_FUZZY_HASH"
-      case 214: // "OPERATOR_GE"
-      case 215: // "OPERATOR_GEOLOOKUP"
-      case 216: // "OPERATOR_GSB_LOOKUP"
-      case 217: // "OPERATOR_GT"
-      case 218: // "OPERATOR_INSPECT_FILE"
-      case 219: // "OPERATOR_IP_MATCH"
-      case 220: // "OPERATOR_IP_MATCH_FROM_FILE"
-      case 221: // "OPERATOR_LE"
-      case 222: // "OPERATOR_LT"
-      case 223: // "OPERATOR_PM"
-      case 224: // "OPERATOR_PM_FROM_FILE"
-      case 225: // "OPERATOR_RBL"
-      case 226: // "OPERATOR_RSUB"
-      case 227: // "OPERATOR_RX"
-      case 228: // "Operator Rx"
-      case 229: // "OPERATOR_STR_EQ"
-      case 230: // "OPERATOR_STR_MATCH"
-      case 231: // "OPERATOR_UNCONDITIONAL_MATCH"
-      case 232: // "OPERATOR_VALIDATE_BYTE_RANGE"
-      case 233: // "OPERATOR_VALIDATE_DTD"
-      case 234: // "OPERATOR_VALIDATE_HASH"
-      case 235: // "OPERATOR_VALIDATE_SCHEMA"
-      case 236: // "OPERATOR_VALIDATE_URL_ENCODING"
-      case 237: // "OPERATOR_VALIDATE_UTF8_ENCODING"
-      case 238: // "OPERATOR_VERIFY_CC"
-      case 239: // "OPERATOR_VERIFY_CPF"
-      case 240: // "OPERATOR_VERIFY_SSN"
-      case 241: // "OPERATOR_WITHIN"
-      case 242: // "OP_QUOTE"
-      case 243: // "QUOTATION_MARK"
-      case 244: // "RUN_TIME_VAR_BLD"
-      case 245: // "RUN_TIME_VAR_DUR"
-      case 246: // "RUN_TIME_VAR_ENV"
-      case 247: // "RUN_TIME_VAR_HSV"
-      case 248: // "RUN_TIME_VAR_REMOTE_USER"
-      case 249: // "RUN_TIME_VAR_RULE"
-      case 250: // "RUN_TIME_VAR_TIME"
-      case 251: // "RUN_TIME_VAR_TIME_DAY"
-      case 252: // "RUN_TIME_VAR_TIME_EPOCH"
-      case 253: // "RUN_TIME_VAR_TIME_HOUR"
-      case 254: // "RUN_TIME_VAR_TIME_MIN"
-      case 255: // "RUN_TIME_VAR_TIME_MON"
-      case 256: // "RUN_TIME_VAR_TIME_SEC"
-      case 257: // "RUN_TIME_VAR_TIME_WDAY"
-      case 258: // "RUN_TIME_VAR_TIME_YEAR"
-      case 259: // "RUN_TIME_VAR_XML"
-      case 260: // "VARIABLE"
-      case 261: // "VARIABLE_COL"
-      case 262: // "VARIABLE_STATUS"
-      case 263: // "VARIABLE_TX"
-      case 264: // "Dictionary element"
-      case 265: // "Dictionary element, selected by regexp"
+      case 93: // "Accuracy"
+      case 94: // "Allow"
+      case 95: // "Append"
+      case 96: // "AuditLog"
+      case 97: // "Block"
+      case 98: // "Capture"
+      case 99: // "Chain"
+      case 100: // "ACTION_CTL_AUDIT_ENGINE"
+      case 101: // "ACTION_CTL_AUDIT_LOG_PARTS"
+      case 102: // "ACTION_CTL_BDY_JSON"
+      case 103: // "ACTION_CTL_BDY_XML"
+      case 104: // "ACTION_CTL_FORCE_REQ_BODY_VAR"
+      case 105: // "ACTION_CTL_REQUEST_BODY_ACCESS"
+      case 106: // "ACTION_CTL_RULE_ENGINE"
+      case 107: // "ACTION_CTL_RULE_REMOVE_BY_ID"
+      case 108: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID"
+      case 109: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG"
+      case 110: // "Deny"
+      case 111: // "DeprecateVar"
+      case 112: // "Drop"
+      case 113: // "Exec"
+      case 114: // "ExpireVar"
+      case 115: // "Id"
+      case 116: // "InitCol"
+      case 117: // "Log"
+      case 118: // "LogData"
+      case 119: // "Maturity"
+      case 120: // "Msg"
+      case 121: // "MultiMatch"
+      case 122: // "NoAuditLog"
+      case 123: // "NoLog"
+      case 124: // "Pass"
+      case 125: // "Pause"
+      case 126: // "Phase"
+      case 127: // "Prepend"
+      case 128: // "Proxy"
+      case 129: // "Redirect"
+      case 130: // "Rev"
+      case 131: // "SanatiseArg"
+      case 132: // "SanatiseMatched"
+      case 133: // "SanatiseMatchedBytes"
+      case 134: // "SanatiseRequestHeader"
+      case 135: // "SanatiseResponseHeader"
+      case 136: // "SetEnv"
+      case 137: // "SetSrc"
+      case 138: // "SetSid"
+      case 139: // "SetUID"
+      case 140: // "Severity"
+      case 141: // "Skip"
+      case 142: // "SkipAfter"
+      case 143: // "Status"
+      case 144: // "Tag"
+      case 145: // "ACTION_TRANSFORMATION_CMD_LINE"
+      case 146: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE"
+      case 147: // "ACTION_TRANSFORMATION_CSS_DECODE"
+      case 148: // "ACTION_TRANSFORMATION_HEX_ENCODE"
+      case 149: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE"
+      case 150: // "ACTION_TRANSFORMATION_JS_DECODE"
+      case 151: // "ACTION_TRANSFORMATION_LENGTH"
+      case 152: // "ACTION_TRANSFORMATION_LOWERCASE"
+      case 153: // "ACTION_TRANSFORMATION_MD5"
+      case 154: // "ACTION_TRANSFORMATION_NONE"
+      case 155: // "ACTION_TRANSFORMATION_NORMALISE_PATH"
+      case 156: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN"
+      case 157: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT"
+      case 158: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT"
+      case 159: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT"
+      case 160: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS"
+      case 161: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR"
+      case 162: // "ACTION_TRANSFORMATION_REMOVE_NULLS"
+      case 163: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE"
+      case 164: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS"
+      case 165: // "ACTION_TRANSFORMATION_REPLACE_NULLS"
+      case 166: // "ACTION_TRANSFORMATION_SHA1"
+      case 167: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE"
+      case 168: // "ACTION_TRANSFORMATION_TRIM"
+      case 169: // "ACTION_TRANSFORMATION_URL_DECODE"
+      case 170: // "ACTION_TRANSFORMATION_URL_DECODE_UNI"
+      case 171: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE"
+      case 172: // "Ver"
+      case 173: // "xmlns"
+      case 174: // "CONFIG_COMPONENT_SIG"
+      case 175: // "CONFIG_DIR_AUDIT_DIR"
+      case 176: // "CONFIG_DIR_AUDIT_DIR_MOD"
+      case 177: // "CONFIG_DIR_AUDIT_ENG"
+      case 178: // "CONFIG_DIR_AUDIT_FLE_MOD"
+      case 179: // "CONFIG_DIR_AUDIT_LOG"
+      case 180: // "CONFIG_DIR_AUDIT_LOG2"
+      case 181: // "CONFIG_DIR_AUDIT_LOG_P"
+      case 182: // "CONFIG_DIR_AUDIT_STS"
+      case 183: // "CONFIG_DIR_AUDIT_TPE"
+      case 184: // "CONFIG_DIR_DEBUG_LOG"
+      case 185: // "CONFIG_DIR_DEBUG_LVL"
+      case 186: // "CONFIG_DIR_GEO_DB"
+      case 187: // "CONFIG_DIR_PCRE_MATCH_LIMIT"
+      case 188: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION"
+      case 189: // "CONFIG_DIR_REQ_BODY"
+      case 190: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
+      case 191: // "CONFIG_DIR_REQ_BODY_LIMIT"
+      case 192: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION"
+      case 193: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT"
+      case 194: // "CONFIG_DIR_RES_BODY"
+      case 195: // "CONFIG_DIR_RES_BODY_LIMIT"
+      case 196: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION"
+      case 197: // "CONFIG_DIR_RULE_ENG"
+      case 198: // "CONFIG_DIR_SEC_ACTION"
+      case 199: // "CONFIG_DIR_SEC_DEFAULT_ACTION"
+      case 200: // "CONFIG_DIR_SEC_MARKER"
+      case 201: // "CONFIG_DIR_UNICODE_MAP_FILE"
+      case 202: // "CONFIG_SEC_COLLECTION_TIMEOUT"
+      case 203: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION"
+      case 204: // "CONFIG_SEC_RULE_REMOVE_BY_ID"
+      case 205: // "CONFIG_UPDLOAD_KEEP_FILES"
+      case 206: // "CONFIG_UPDLOAD_SAVE_TMP_FILES"
+      case 207: // "CONFIG_UPLOAD_DIR"
+      case 208: // "CONFIG_UPLOAD_FILE_LIMIT"
+      case 209: // "CONFIG_UPLOAD_FILE_MODE"
+      case 210: // "CONFIG_VALUE_ABORT"
+      case 211: // "CONFIG_VALUE_DETC"
+      case 212: // "CONFIG_VALUE_HTTPS"
+      case 213: // "CONFIG_VALUE_OFF"
+      case 214: // "CONFIG_VALUE_ON"
+      case 215: // "CONFIG_VALUE_PARALLEL"
+      case 216: // "CONFIG_VALUE_PROCESS_PARTIAL"
+      case 217: // "CONFIG_VALUE_REJECT"
+      case 218: // "CONFIG_VALUE_RELEVANT_ONLY"
+      case 219: // "CONFIG_VALUE_SERIAL"
+      case 220: // "CONFIG_VALUE_WARN"
+      case 221: // "CONFIG_XML_EXTERNAL_ENTITY"
+      case 222: // "CONGIG_DIR_RESPONSE_BODY_MP"
+      case 223: // "CONGIG_DIR_SEC_ARG_SEP"
+      case 224: // "CONGIG_DIR_SEC_COOKIE_FORMAT"
+      case 225: // "CONGIG_DIR_SEC_DATA_DIR"
+      case 226: // "CONGIG_DIR_SEC_STATUS_ENGINE"
+      case 227: // "CONGIG_DIR_SEC_TMP_DIR"
+      case 228: // "DIRECTIVE"
+      case 229: // "DIRECTIVE_SECRULESCRIPT"
+      case 230: // "FREE_TEXT"
+      case 231: // "OPERATOR"
+      case 232: // "OPERATOR_BEGINS_WITH"
+      case 233: // "OPERATOR_CONTAINS"
+      case 234: // "OPERATOR_CONTAINS_WORD"
+      case 235: // "OPERATOR_DETECT_SQLI"
+      case 236: // "OPERATOR_DETECT_XSS"
+      case 237: // "OPERATOR_ENDS_WITH"
+      case 238: // "OPERATOR_EQ"
+      case 239: // "OPERATOR_FUZZY_HASH"
+      case 240: // "OPERATOR_GE"
+      case 241: // "OPERATOR_GEOLOOKUP"
+      case 242: // "OPERATOR_GSB_LOOKUP"
+      case 243: // "OPERATOR_GT"
+      case 244: // "OPERATOR_INSPECT_FILE"
+      case 245: // "OPERATOR_IP_MATCH"
+      case 246: // "OPERATOR_IP_MATCH_FROM_FILE"
+      case 247: // "OPERATOR_LE"
+      case 248: // "OPERATOR_LT"
+      case 249: // "OPERATOR_PM"
+      case 250: // "OPERATOR_PM_FROM_FILE"
+      case 251: // "OPERATOR_RBL"
+      case 252: // "OPERATOR_RSUB"
+      case 253: // "OPERATOR_RX"
+      case 254: // "Operator Rx"
+      case 255: // "OPERATOR_STR_EQ"
+      case 256: // "OPERATOR_STR_MATCH"
+      case 257: // "OPERATOR_UNCONDITIONAL_MATCH"
+      case 258: // "OPERATOR_VALIDATE_BYTE_RANGE"
+      case 259: // "OPERATOR_VALIDATE_DTD"
+      case 260: // "OPERATOR_VALIDATE_HASH"
+      case 261: // "OPERATOR_VALIDATE_SCHEMA"
+      case 262: // "OPERATOR_VALIDATE_URL_ENCODING"
+      case 263: // "OPERATOR_VALIDATE_UTF8_ENCODING"
+      case 264: // "OPERATOR_VERIFY_CC"
+      case 265: // "OPERATOR_VERIFY_CPF"
+      case 266: // "OPERATOR_VERIFY_SSN"
+      case 267: // "OPERATOR_WITHIN"
+      case 268: // "OP_QUOTE"
+      case 269: // "QUOTATION_MARK"
+      case 270: // "RUN_TIME_VAR_BLD"
+      case 271: // "RUN_TIME_VAR_DUR"
+      case 272: // "RUN_TIME_VAR_HSV"
+      case 273: // "RUN_TIME_VAR_REMOTE_USER"
+      case 274: // "RUN_TIME_VAR_TIME"
+      case 275: // "RUN_TIME_VAR_TIME_DAY"
+      case 276: // "RUN_TIME_VAR_TIME_EPOCH"
+      case 277: // "RUN_TIME_VAR_TIME_HOUR"
+      case 278: // "RUN_TIME_VAR_TIME_MIN"
+      case 279: // "RUN_TIME_VAR_TIME_MON"
+      case 280: // "RUN_TIME_VAR_TIME_SEC"
+      case 281: // "RUN_TIME_VAR_TIME_WDAY"
+      case 282: // "RUN_TIME_VAR_TIME_YEAR"
+      case 283: // "VARIABLE"
+      case 284: // "Dictionary element"
+      case 285: // "Dictionary element, selected by regexp"
         value.copy< std::string > (v);
         break;
 
-      case 272: // op
-      case 273: // op_before_init
+      case 292: // op
+      case 293: // op_before_init
         value.copy< std::unique_ptr<Operator> > (v);
         break;
 
-      case 276: // var
+      case 296: // var
         value.copy< std::unique_ptr<Variable> > (v);
         break;
 
-      case 277: // act
+      case 297: // act
         value.copy< std::unique_ptr<actions::Action> > (v);
         break;
 
-      case 275: // variables
+      case 295: // variables
         value.copy< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > (v);
         break;
 
-      case 270: // actions
-      case 271: // actions_may_quoted
+      case 290: // actions
+      case 291: // actions_may_quoted
         value.copy< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > (v);
         break;
 
@@ -3111,227 +3230,221 @@ namespace yy {
     // Type destructor.
     switch (yytype)
     {
-      case 67: // "Accuracy"
-      case 68: // "Allow"
-      case 69: // "Append"
-      case 70: // "AuditLog"
-      case 71: // "Block"
-      case 72: // "Capture"
-      case 73: // "Chain"
-      case 74: // "ACTION_CTL_AUDIT_ENGINE"
-      case 75: // "ACTION_CTL_AUDIT_LOG_PARTS"
-      case 76: // "ACTION_CTL_BDY_JSON"
-      case 77: // "ACTION_CTL_BDY_XML"
-      case 78: // "ACTION_CTL_FORCE_REQ_BODY_VAR"
-      case 79: // "ACTION_CTL_REQUEST_BODY_ACCESS"
-      case 80: // "ACTION_CTL_RULE_ENGINE"
-      case 81: // "ACTION_CTL_RULE_REMOVE_BY_ID"
-      case 82: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID"
-      case 83: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG"
-      case 84: // "Deny"
-      case 85: // "DeprecateVar"
-      case 86: // "Drop"
-      case 87: // "Exec"
-      case 88: // "ExpireVar"
-      case 89: // "Id"
-      case 90: // "InitCol"
-      case 91: // "Log"
-      case 92: // "LogData"
-      case 93: // "Maturity"
-      case 94: // "Msg"
-      case 95: // "MultiMatch"
-      case 96: // "NoAuditLog"
-      case 97: // "NoLog"
-      case 98: // "Pass"
-      case 99: // "Pause"
-      case 100: // "Phase"
-      case 101: // "Prepend"
-      case 102: // "Proxy"
-      case 103: // "Redirect"
-      case 104: // "Rev"
-      case 105: // "SanatiseArg"
-      case 106: // "SanatiseMatched"
-      case 107: // "SanatiseMatchedBytes"
-      case 108: // "SanatiseRequestHeader"
-      case 109: // "SanatiseResponseHeader"
-      case 110: // "SetEnv"
-      case 111: // "SetSrc"
-      case 112: // "SetSid"
-      case 113: // "SetUID"
-      case 114: // "Severity"
-      case 115: // "Skip"
-      case 116: // "SkipAfter"
-      case 117: // "Status"
-      case 118: // "Tag"
-      case 119: // "ACTION_TRANSFORMATION_CMD_LINE"
-      case 120: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE"
-      case 121: // "ACTION_TRANSFORMATION_CSS_DECODE"
-      case 122: // "ACTION_TRANSFORMATION_HEX_ENCODE"
-      case 123: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE"
-      case 124: // "ACTION_TRANSFORMATION_JS_DECODE"
-      case 125: // "ACTION_TRANSFORMATION_LENGTH"
-      case 126: // "ACTION_TRANSFORMATION_LOWERCASE"
-      case 127: // "ACTION_TRANSFORMATION_MD5"
-      case 128: // "ACTION_TRANSFORMATION_NONE"
-      case 129: // "ACTION_TRANSFORMATION_NORMALISE_PATH"
-      case 130: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN"
-      case 131: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT"
-      case 132: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT"
-      case 133: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT"
-      case 134: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS"
-      case 135: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR"
-      case 136: // "ACTION_TRANSFORMATION_REMOVE_NULLS"
-      case 137: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE"
-      case 138: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS"
-      case 139: // "ACTION_TRANSFORMATION_REPLACE_NULLS"
-      case 140: // "ACTION_TRANSFORMATION_SHA1"
-      case 141: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE"
-      case 142: // "ACTION_TRANSFORMATION_TRIM"
-      case 143: // "ACTION_TRANSFORMATION_URL_DECODE"
-      case 144: // "ACTION_TRANSFORMATION_URL_DECODE_UNI"
-      case 145: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE"
-      case 146: // "Ver"
-      case 147: // "xmlns"
-      case 148: // "CONFIG_COMPONENT_SIG"
-      case 149: // "CONFIG_DIR_AUDIT_DIR"
-      case 150: // "CONFIG_DIR_AUDIT_DIR_MOD"
-      case 151: // "CONFIG_DIR_AUDIT_ENG"
-      case 152: // "CONFIG_DIR_AUDIT_FLE_MOD"
-      case 153: // "CONFIG_DIR_AUDIT_LOG"
-      case 154: // "CONFIG_DIR_AUDIT_LOG2"
-      case 155: // "CONFIG_DIR_AUDIT_LOG_P"
-      case 156: // "CONFIG_DIR_AUDIT_STS"
-      case 157: // "CONFIG_DIR_AUDIT_TPE"
-      case 158: // "CONFIG_DIR_DEBUG_LOG"
-      case 159: // "CONFIG_DIR_DEBUG_LVL"
-      case 160: // "CONFIG_DIR_GEO_DB"
-      case 161: // "CONFIG_DIR_PCRE_MATCH_LIMIT"
-      case 162: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION"
-      case 163: // "CONFIG_DIR_REQ_BODY"
-      case 164: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
-      case 165: // "CONFIG_DIR_REQ_BODY_LIMIT"
-      case 166: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION"
-      case 167: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT"
-      case 168: // "CONFIG_DIR_RES_BODY"
-      case 169: // "CONFIG_DIR_RES_BODY_LIMIT"
-      case 170: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION"
-      case 171: // "CONFIG_DIR_RULE_ENG"
-      case 172: // "CONFIG_DIR_SEC_ACTION"
-      case 173: // "CONFIG_DIR_SEC_DEFAULT_ACTION"
-      case 174: // "CONFIG_DIR_SEC_MARKER"
-      case 175: // "CONFIG_DIR_UNICODE_MAP_FILE"
-      case 176: // "CONFIG_SEC_COLLECTION_TIMEOUT"
-      case 177: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION"
-      case 178: // "CONFIG_SEC_RULE_REMOVE_BY_ID"
-      case 179: // "CONFIG_UPDLOAD_KEEP_FILES"
-      case 180: // "CONFIG_UPDLOAD_SAVE_TMP_FILES"
-      case 181: // "CONFIG_UPLOAD_DIR"
-      case 182: // "CONFIG_UPLOAD_FILE_LIMIT"
-      case 183: // "CONFIG_UPLOAD_FILE_MODE"
-      case 184: // "CONFIG_VALUE_ABORT"
-      case 185: // "CONFIG_VALUE_DETC"
-      case 186: // "CONFIG_VALUE_HTTPS"
-      case 187: // "CONFIG_VALUE_OFF"
-      case 188: // "CONFIG_VALUE_ON"
-      case 189: // "CONFIG_VALUE_PARALLEL"
-      case 190: // "CONFIG_VALUE_PROCESS_PARTIAL"
-      case 191: // "CONFIG_VALUE_REJECT"
-      case 192: // "CONFIG_VALUE_RELEVANT_ONLY"
-      case 193: // "CONFIG_VALUE_SERIAL"
-      case 194: // "CONFIG_VALUE_WARN"
-      case 195: // "CONFIG_XML_EXTERNAL_ENTITY"
-      case 196: // "CONGIG_DIR_RESPONSE_BODY_MP"
-      case 197: // "CONGIG_DIR_SEC_ARG_SEP"
-      case 198: // "CONGIG_DIR_SEC_COOKIE_FORMAT"
-      case 199: // "CONGIG_DIR_SEC_DATA_DIR"
-      case 200: // "CONGIG_DIR_SEC_STATUS_ENGINE"
-      case 201: // "CONGIG_DIR_SEC_TMP_DIR"
-      case 202: // "DIRECTIVE"
-      case 203: // "DIRECTIVE_SECRULESCRIPT"
-      case 204: // "FREE_TEXT"
-      case 205: // "OPERATOR"
-      case 206: // "OPERATOR_BEGINS_WITH"
-      case 207: // "OPERATOR_CONTAINS"
-      case 208: // "OPERATOR_CONTAINS_WORD"
-      case 209: // "OPERATOR_DETECT_SQLI"
-      case 210: // "OPERATOR_DETECT_XSS"
-      case 211: // "OPERATOR_ENDS_WITH"
-      case 212: // "OPERATOR_EQ"
-      case 213: // "OPERATOR_FUZZY_HASH"
-      case 214: // "OPERATOR_GE"
-      case 215: // "OPERATOR_GEOLOOKUP"
-      case 216: // "OPERATOR_GSB_LOOKUP"
-      case 217: // "OPERATOR_GT"
-      case 218: // "OPERATOR_INSPECT_FILE"
-      case 219: // "OPERATOR_IP_MATCH"
-      case 220: // "OPERATOR_IP_MATCH_FROM_FILE"
-      case 221: // "OPERATOR_LE"
-      case 222: // "OPERATOR_LT"
-      case 223: // "OPERATOR_PM"
-      case 224: // "OPERATOR_PM_FROM_FILE"
-      case 225: // "OPERATOR_RBL"
-      case 226: // "OPERATOR_RSUB"
-      case 227: // "OPERATOR_RX"
-      case 228: // "Operator Rx"
-      case 229: // "OPERATOR_STR_EQ"
-      case 230: // "OPERATOR_STR_MATCH"
-      case 231: // "OPERATOR_UNCONDITIONAL_MATCH"
-      case 232: // "OPERATOR_VALIDATE_BYTE_RANGE"
-      case 233: // "OPERATOR_VALIDATE_DTD"
-      case 234: // "OPERATOR_VALIDATE_HASH"
-      case 235: // "OPERATOR_VALIDATE_SCHEMA"
-      case 236: // "OPERATOR_VALIDATE_URL_ENCODING"
-      case 237: // "OPERATOR_VALIDATE_UTF8_ENCODING"
-      case 238: // "OPERATOR_VERIFY_CC"
-      case 239: // "OPERATOR_VERIFY_CPF"
-      case 240: // "OPERATOR_VERIFY_SSN"
-      case 241: // "OPERATOR_WITHIN"
-      case 242: // "OP_QUOTE"
-      case 243: // "QUOTATION_MARK"
-      case 244: // "RUN_TIME_VAR_BLD"
-      case 245: // "RUN_TIME_VAR_DUR"
-      case 246: // "RUN_TIME_VAR_ENV"
-      case 247: // "RUN_TIME_VAR_HSV"
-      case 248: // "RUN_TIME_VAR_REMOTE_USER"
-      case 249: // "RUN_TIME_VAR_RULE"
-      case 250: // "RUN_TIME_VAR_TIME"
-      case 251: // "RUN_TIME_VAR_TIME_DAY"
-      case 252: // "RUN_TIME_VAR_TIME_EPOCH"
-      case 253: // "RUN_TIME_VAR_TIME_HOUR"
-      case 254: // "RUN_TIME_VAR_TIME_MIN"
-      case 255: // "RUN_TIME_VAR_TIME_MON"
-      case 256: // "RUN_TIME_VAR_TIME_SEC"
-      case 257: // "RUN_TIME_VAR_TIME_WDAY"
-      case 258: // "RUN_TIME_VAR_TIME_YEAR"
-      case 259: // "RUN_TIME_VAR_XML"
-      case 260: // "VARIABLE"
-      case 261: // "VARIABLE_COL"
-      case 262: // "VARIABLE_STATUS"
-      case 263: // "VARIABLE_TX"
-      case 264: // "Dictionary element"
-      case 265: // "Dictionary element, selected by regexp"
+      case 93: // "Accuracy"
+      case 94: // "Allow"
+      case 95: // "Append"
+      case 96: // "AuditLog"
+      case 97: // "Block"
+      case 98: // "Capture"
+      case 99: // "Chain"
+      case 100: // "ACTION_CTL_AUDIT_ENGINE"
+      case 101: // "ACTION_CTL_AUDIT_LOG_PARTS"
+      case 102: // "ACTION_CTL_BDY_JSON"
+      case 103: // "ACTION_CTL_BDY_XML"
+      case 104: // "ACTION_CTL_FORCE_REQ_BODY_VAR"
+      case 105: // "ACTION_CTL_REQUEST_BODY_ACCESS"
+      case 106: // "ACTION_CTL_RULE_ENGINE"
+      case 107: // "ACTION_CTL_RULE_REMOVE_BY_ID"
+      case 108: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID"
+      case 109: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG"
+      case 110: // "Deny"
+      case 111: // "DeprecateVar"
+      case 112: // "Drop"
+      case 113: // "Exec"
+      case 114: // "ExpireVar"
+      case 115: // "Id"
+      case 116: // "InitCol"
+      case 117: // "Log"
+      case 118: // "LogData"
+      case 119: // "Maturity"
+      case 120: // "Msg"
+      case 121: // "MultiMatch"
+      case 122: // "NoAuditLog"
+      case 123: // "NoLog"
+      case 124: // "Pass"
+      case 125: // "Pause"
+      case 126: // "Phase"
+      case 127: // "Prepend"
+      case 128: // "Proxy"
+      case 129: // "Redirect"
+      case 130: // "Rev"
+      case 131: // "SanatiseArg"
+      case 132: // "SanatiseMatched"
+      case 133: // "SanatiseMatchedBytes"
+      case 134: // "SanatiseRequestHeader"
+      case 135: // "SanatiseResponseHeader"
+      case 136: // "SetEnv"
+      case 137: // "SetSrc"
+      case 138: // "SetSid"
+      case 139: // "SetUID"
+      case 140: // "Severity"
+      case 141: // "Skip"
+      case 142: // "SkipAfter"
+      case 143: // "Status"
+      case 144: // "Tag"
+      case 145: // "ACTION_TRANSFORMATION_CMD_LINE"
+      case 146: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE"
+      case 147: // "ACTION_TRANSFORMATION_CSS_DECODE"
+      case 148: // "ACTION_TRANSFORMATION_HEX_ENCODE"
+      case 149: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE"
+      case 150: // "ACTION_TRANSFORMATION_JS_DECODE"
+      case 151: // "ACTION_TRANSFORMATION_LENGTH"
+      case 152: // "ACTION_TRANSFORMATION_LOWERCASE"
+      case 153: // "ACTION_TRANSFORMATION_MD5"
+      case 154: // "ACTION_TRANSFORMATION_NONE"
+      case 155: // "ACTION_TRANSFORMATION_NORMALISE_PATH"
+      case 156: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN"
+      case 157: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT"
+      case 158: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT"
+      case 159: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT"
+      case 160: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS"
+      case 161: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR"
+      case 162: // "ACTION_TRANSFORMATION_REMOVE_NULLS"
+      case 163: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE"
+      case 164: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS"
+      case 165: // "ACTION_TRANSFORMATION_REPLACE_NULLS"
+      case 166: // "ACTION_TRANSFORMATION_SHA1"
+      case 167: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE"
+      case 168: // "ACTION_TRANSFORMATION_TRIM"
+      case 169: // "ACTION_TRANSFORMATION_URL_DECODE"
+      case 170: // "ACTION_TRANSFORMATION_URL_DECODE_UNI"
+      case 171: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE"
+      case 172: // "Ver"
+      case 173: // "xmlns"
+      case 174: // "CONFIG_COMPONENT_SIG"
+      case 175: // "CONFIG_DIR_AUDIT_DIR"
+      case 176: // "CONFIG_DIR_AUDIT_DIR_MOD"
+      case 177: // "CONFIG_DIR_AUDIT_ENG"
+      case 178: // "CONFIG_DIR_AUDIT_FLE_MOD"
+      case 179: // "CONFIG_DIR_AUDIT_LOG"
+      case 180: // "CONFIG_DIR_AUDIT_LOG2"
+      case 181: // "CONFIG_DIR_AUDIT_LOG_P"
+      case 182: // "CONFIG_DIR_AUDIT_STS"
+      case 183: // "CONFIG_DIR_AUDIT_TPE"
+      case 184: // "CONFIG_DIR_DEBUG_LOG"
+      case 185: // "CONFIG_DIR_DEBUG_LVL"
+      case 186: // "CONFIG_DIR_GEO_DB"
+      case 187: // "CONFIG_DIR_PCRE_MATCH_LIMIT"
+      case 188: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION"
+      case 189: // "CONFIG_DIR_REQ_BODY"
+      case 190: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
+      case 191: // "CONFIG_DIR_REQ_BODY_LIMIT"
+      case 192: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION"
+      case 193: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT"
+      case 194: // "CONFIG_DIR_RES_BODY"
+      case 195: // "CONFIG_DIR_RES_BODY_LIMIT"
+      case 196: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION"
+      case 197: // "CONFIG_DIR_RULE_ENG"
+      case 198: // "CONFIG_DIR_SEC_ACTION"
+      case 199: // "CONFIG_DIR_SEC_DEFAULT_ACTION"
+      case 200: // "CONFIG_DIR_SEC_MARKER"
+      case 201: // "CONFIG_DIR_UNICODE_MAP_FILE"
+      case 202: // "CONFIG_SEC_COLLECTION_TIMEOUT"
+      case 203: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION"
+      case 204: // "CONFIG_SEC_RULE_REMOVE_BY_ID"
+      case 205: // "CONFIG_UPDLOAD_KEEP_FILES"
+      case 206: // "CONFIG_UPDLOAD_SAVE_TMP_FILES"
+      case 207: // "CONFIG_UPLOAD_DIR"
+      case 208: // "CONFIG_UPLOAD_FILE_LIMIT"
+      case 209: // "CONFIG_UPLOAD_FILE_MODE"
+      case 210: // "CONFIG_VALUE_ABORT"
+      case 211: // "CONFIG_VALUE_DETC"
+      case 212: // "CONFIG_VALUE_HTTPS"
+      case 213: // "CONFIG_VALUE_OFF"
+      case 214: // "CONFIG_VALUE_ON"
+      case 215: // "CONFIG_VALUE_PARALLEL"
+      case 216: // "CONFIG_VALUE_PROCESS_PARTIAL"
+      case 217: // "CONFIG_VALUE_REJECT"
+      case 218: // "CONFIG_VALUE_RELEVANT_ONLY"
+      case 219: // "CONFIG_VALUE_SERIAL"
+      case 220: // "CONFIG_VALUE_WARN"
+      case 221: // "CONFIG_XML_EXTERNAL_ENTITY"
+      case 222: // "CONGIG_DIR_RESPONSE_BODY_MP"
+      case 223: // "CONGIG_DIR_SEC_ARG_SEP"
+      case 224: // "CONGIG_DIR_SEC_COOKIE_FORMAT"
+      case 225: // "CONGIG_DIR_SEC_DATA_DIR"
+      case 226: // "CONGIG_DIR_SEC_STATUS_ENGINE"
+      case 227: // "CONGIG_DIR_SEC_TMP_DIR"
+      case 228: // "DIRECTIVE"
+      case 229: // "DIRECTIVE_SECRULESCRIPT"
+      case 230: // "FREE_TEXT"
+      case 231: // "OPERATOR"
+      case 232: // "OPERATOR_BEGINS_WITH"
+      case 233: // "OPERATOR_CONTAINS"
+      case 234: // "OPERATOR_CONTAINS_WORD"
+      case 235: // "OPERATOR_DETECT_SQLI"
+      case 236: // "OPERATOR_DETECT_XSS"
+      case 237: // "OPERATOR_ENDS_WITH"
+      case 238: // "OPERATOR_EQ"
+      case 239: // "OPERATOR_FUZZY_HASH"
+      case 240: // "OPERATOR_GE"
+      case 241: // "OPERATOR_GEOLOOKUP"
+      case 242: // "OPERATOR_GSB_LOOKUP"
+      case 243: // "OPERATOR_GT"
+      case 244: // "OPERATOR_INSPECT_FILE"
+      case 245: // "OPERATOR_IP_MATCH"
+      case 246: // "OPERATOR_IP_MATCH_FROM_FILE"
+      case 247: // "OPERATOR_LE"
+      case 248: // "OPERATOR_LT"
+      case 249: // "OPERATOR_PM"
+      case 250: // "OPERATOR_PM_FROM_FILE"
+      case 251: // "OPERATOR_RBL"
+      case 252: // "OPERATOR_RSUB"
+      case 253: // "OPERATOR_RX"
+      case 254: // "Operator Rx"
+      case 255: // "OPERATOR_STR_EQ"
+      case 256: // "OPERATOR_STR_MATCH"
+      case 257: // "OPERATOR_UNCONDITIONAL_MATCH"
+      case 258: // "OPERATOR_VALIDATE_BYTE_RANGE"
+      case 259: // "OPERATOR_VALIDATE_DTD"
+      case 260: // "OPERATOR_VALIDATE_HASH"
+      case 261: // "OPERATOR_VALIDATE_SCHEMA"
+      case 262: // "OPERATOR_VALIDATE_URL_ENCODING"
+      case 263: // "OPERATOR_VALIDATE_UTF8_ENCODING"
+      case 264: // "OPERATOR_VERIFY_CC"
+      case 265: // "OPERATOR_VERIFY_CPF"
+      case 266: // "OPERATOR_VERIFY_SSN"
+      case 267: // "OPERATOR_WITHIN"
+      case 268: // "OP_QUOTE"
+      case 269: // "QUOTATION_MARK"
+      case 270: // "RUN_TIME_VAR_BLD"
+      case 271: // "RUN_TIME_VAR_DUR"
+      case 272: // "RUN_TIME_VAR_HSV"
+      case 273: // "RUN_TIME_VAR_REMOTE_USER"
+      case 274: // "RUN_TIME_VAR_TIME"
+      case 275: // "RUN_TIME_VAR_TIME_DAY"
+      case 276: // "RUN_TIME_VAR_TIME_EPOCH"
+      case 277: // "RUN_TIME_VAR_TIME_HOUR"
+      case 278: // "RUN_TIME_VAR_TIME_MIN"
+      case 279: // "RUN_TIME_VAR_TIME_MON"
+      case 280: // "RUN_TIME_VAR_TIME_SEC"
+      case 281: // "RUN_TIME_VAR_TIME_WDAY"
+      case 282: // "RUN_TIME_VAR_TIME_YEAR"
+      case 283: // "VARIABLE"
+      case 284: // "Dictionary element"
+      case 285: // "Dictionary element, selected by regexp"
         value.template destroy< std::string > ();
         break;
 
-      case 272: // op
-      case 273: // op_before_init
+      case 292: // op
+      case 293: // op_before_init
         value.template destroy< std::unique_ptr<Operator> > ();
         break;
 
-      case 276: // var
+      case 296: // var
         value.template destroy< std::unique_ptr<Variable> > ();
         break;
 
-      case 277: // act
+      case 297: // act
         value.template destroy< std::unique_ptr<actions::Action> > ();
         break;
 
-      case 275: // variables
+      case 295: // variables
         value.template destroy< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > ();
         break;
 
-      case 270: // actions
-      case 271: // actions_may_quoted
+      case 290: // actions
+      case 291: // actions_may_quoted
         value.template destroy< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > ();
         break;
 
@@ -3358,227 +3471,221 @@ namespace yy {
     super_type::move(s);
       switch (this->type_get ())
     {
-      case 67: // "Accuracy"
-      case 68: // "Allow"
-      case 69: // "Append"
-      case 70: // "AuditLog"
-      case 71: // "Block"
-      case 72: // "Capture"
-      case 73: // "Chain"
-      case 74: // "ACTION_CTL_AUDIT_ENGINE"
-      case 75: // "ACTION_CTL_AUDIT_LOG_PARTS"
-      case 76: // "ACTION_CTL_BDY_JSON"
-      case 77: // "ACTION_CTL_BDY_XML"
-      case 78: // "ACTION_CTL_FORCE_REQ_BODY_VAR"
-      case 79: // "ACTION_CTL_REQUEST_BODY_ACCESS"
-      case 80: // "ACTION_CTL_RULE_ENGINE"
-      case 81: // "ACTION_CTL_RULE_REMOVE_BY_ID"
-      case 82: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID"
-      case 83: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG"
-      case 84: // "Deny"
-      case 85: // "DeprecateVar"
-      case 86: // "Drop"
-      case 87: // "Exec"
-      case 88: // "ExpireVar"
-      case 89: // "Id"
-      case 90: // "InitCol"
-      case 91: // "Log"
-      case 92: // "LogData"
-      case 93: // "Maturity"
-      case 94: // "Msg"
-      case 95: // "MultiMatch"
-      case 96: // "NoAuditLog"
-      case 97: // "NoLog"
-      case 98: // "Pass"
-      case 99: // "Pause"
-      case 100: // "Phase"
-      case 101: // "Prepend"
-      case 102: // "Proxy"
-      case 103: // "Redirect"
-      case 104: // "Rev"
-      case 105: // "SanatiseArg"
-      case 106: // "SanatiseMatched"
-      case 107: // "SanatiseMatchedBytes"
-      case 108: // "SanatiseRequestHeader"
-      case 109: // "SanatiseResponseHeader"
-      case 110: // "SetEnv"
-      case 111: // "SetSrc"
-      case 112: // "SetSid"
-      case 113: // "SetUID"
-      case 114: // "Severity"
-      case 115: // "Skip"
-      case 116: // "SkipAfter"
-      case 117: // "Status"
-      case 118: // "Tag"
-      case 119: // "ACTION_TRANSFORMATION_CMD_LINE"
-      case 120: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE"
-      case 121: // "ACTION_TRANSFORMATION_CSS_DECODE"
-      case 122: // "ACTION_TRANSFORMATION_HEX_ENCODE"
-      case 123: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE"
-      case 124: // "ACTION_TRANSFORMATION_JS_DECODE"
-      case 125: // "ACTION_TRANSFORMATION_LENGTH"
-      case 126: // "ACTION_TRANSFORMATION_LOWERCASE"
-      case 127: // "ACTION_TRANSFORMATION_MD5"
-      case 128: // "ACTION_TRANSFORMATION_NONE"
-      case 129: // "ACTION_TRANSFORMATION_NORMALISE_PATH"
-      case 130: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN"
-      case 131: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT"
-      case 132: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT"
-      case 133: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT"
-      case 134: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS"
-      case 135: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR"
-      case 136: // "ACTION_TRANSFORMATION_REMOVE_NULLS"
-      case 137: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE"
-      case 138: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS"
-      case 139: // "ACTION_TRANSFORMATION_REPLACE_NULLS"
-      case 140: // "ACTION_TRANSFORMATION_SHA1"
-      case 141: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE"
-      case 142: // "ACTION_TRANSFORMATION_TRIM"
-      case 143: // "ACTION_TRANSFORMATION_URL_DECODE"
-      case 144: // "ACTION_TRANSFORMATION_URL_DECODE_UNI"
-      case 145: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE"
-      case 146: // "Ver"
-      case 147: // "xmlns"
-      case 148: // "CONFIG_COMPONENT_SIG"
-      case 149: // "CONFIG_DIR_AUDIT_DIR"
-      case 150: // "CONFIG_DIR_AUDIT_DIR_MOD"
-      case 151: // "CONFIG_DIR_AUDIT_ENG"
-      case 152: // "CONFIG_DIR_AUDIT_FLE_MOD"
-      case 153: // "CONFIG_DIR_AUDIT_LOG"
-      case 154: // "CONFIG_DIR_AUDIT_LOG2"
-      case 155: // "CONFIG_DIR_AUDIT_LOG_P"
-      case 156: // "CONFIG_DIR_AUDIT_STS"
-      case 157: // "CONFIG_DIR_AUDIT_TPE"
-      case 158: // "CONFIG_DIR_DEBUG_LOG"
-      case 159: // "CONFIG_DIR_DEBUG_LVL"
-      case 160: // "CONFIG_DIR_GEO_DB"
-      case 161: // "CONFIG_DIR_PCRE_MATCH_LIMIT"
-      case 162: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION"
-      case 163: // "CONFIG_DIR_REQ_BODY"
-      case 164: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
-      case 165: // "CONFIG_DIR_REQ_BODY_LIMIT"
-      case 166: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION"
-      case 167: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT"
-      case 168: // "CONFIG_DIR_RES_BODY"
-      case 169: // "CONFIG_DIR_RES_BODY_LIMIT"
-      case 170: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION"
-      case 171: // "CONFIG_DIR_RULE_ENG"
-      case 172: // "CONFIG_DIR_SEC_ACTION"
-      case 173: // "CONFIG_DIR_SEC_DEFAULT_ACTION"
-      case 174: // "CONFIG_DIR_SEC_MARKER"
-      case 175: // "CONFIG_DIR_UNICODE_MAP_FILE"
-      case 176: // "CONFIG_SEC_COLLECTION_TIMEOUT"
-      case 177: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION"
-      case 178: // "CONFIG_SEC_RULE_REMOVE_BY_ID"
-      case 179: // "CONFIG_UPDLOAD_KEEP_FILES"
-      case 180: // "CONFIG_UPDLOAD_SAVE_TMP_FILES"
-      case 181: // "CONFIG_UPLOAD_DIR"
-      case 182: // "CONFIG_UPLOAD_FILE_LIMIT"
-      case 183: // "CONFIG_UPLOAD_FILE_MODE"
-      case 184: // "CONFIG_VALUE_ABORT"
-      case 185: // "CONFIG_VALUE_DETC"
-      case 186: // "CONFIG_VALUE_HTTPS"
-      case 187: // "CONFIG_VALUE_OFF"
-      case 188: // "CONFIG_VALUE_ON"
-      case 189: // "CONFIG_VALUE_PARALLEL"
-      case 190: // "CONFIG_VALUE_PROCESS_PARTIAL"
-      case 191: // "CONFIG_VALUE_REJECT"
-      case 192: // "CONFIG_VALUE_RELEVANT_ONLY"
-      case 193: // "CONFIG_VALUE_SERIAL"
-      case 194: // "CONFIG_VALUE_WARN"
-      case 195: // "CONFIG_XML_EXTERNAL_ENTITY"
-      case 196: // "CONGIG_DIR_RESPONSE_BODY_MP"
-      case 197: // "CONGIG_DIR_SEC_ARG_SEP"
-      case 198: // "CONGIG_DIR_SEC_COOKIE_FORMAT"
-      case 199: // "CONGIG_DIR_SEC_DATA_DIR"
-      case 200: // "CONGIG_DIR_SEC_STATUS_ENGINE"
-      case 201: // "CONGIG_DIR_SEC_TMP_DIR"
-      case 202: // "DIRECTIVE"
-      case 203: // "DIRECTIVE_SECRULESCRIPT"
-      case 204: // "FREE_TEXT"
-      case 205: // "OPERATOR"
-      case 206: // "OPERATOR_BEGINS_WITH"
-      case 207: // "OPERATOR_CONTAINS"
-      case 208: // "OPERATOR_CONTAINS_WORD"
-      case 209: // "OPERATOR_DETECT_SQLI"
-      case 210: // "OPERATOR_DETECT_XSS"
-      case 211: // "OPERATOR_ENDS_WITH"
-      case 212: // "OPERATOR_EQ"
-      case 213: // "OPERATOR_FUZZY_HASH"
-      case 214: // "OPERATOR_GE"
-      case 215: // "OPERATOR_GEOLOOKUP"
-      case 216: // "OPERATOR_GSB_LOOKUP"
-      case 217: // "OPERATOR_GT"
-      case 218: // "OPERATOR_INSPECT_FILE"
-      case 219: // "OPERATOR_IP_MATCH"
-      case 220: // "OPERATOR_IP_MATCH_FROM_FILE"
-      case 221: // "OPERATOR_LE"
-      case 222: // "OPERATOR_LT"
-      case 223: // "OPERATOR_PM"
-      case 224: // "OPERATOR_PM_FROM_FILE"
-      case 225: // "OPERATOR_RBL"
-      case 226: // "OPERATOR_RSUB"
-      case 227: // "OPERATOR_RX"
-      case 228: // "Operator Rx"
-      case 229: // "OPERATOR_STR_EQ"
-      case 230: // "OPERATOR_STR_MATCH"
-      case 231: // "OPERATOR_UNCONDITIONAL_MATCH"
-      case 232: // "OPERATOR_VALIDATE_BYTE_RANGE"
-      case 233: // "OPERATOR_VALIDATE_DTD"
-      case 234: // "OPERATOR_VALIDATE_HASH"
-      case 235: // "OPERATOR_VALIDATE_SCHEMA"
-      case 236: // "OPERATOR_VALIDATE_URL_ENCODING"
-      case 237: // "OPERATOR_VALIDATE_UTF8_ENCODING"
-      case 238: // "OPERATOR_VERIFY_CC"
-      case 239: // "OPERATOR_VERIFY_CPF"
-      case 240: // "OPERATOR_VERIFY_SSN"
-      case 241: // "OPERATOR_WITHIN"
-      case 242: // "OP_QUOTE"
-      case 243: // "QUOTATION_MARK"
-      case 244: // "RUN_TIME_VAR_BLD"
-      case 245: // "RUN_TIME_VAR_DUR"
-      case 246: // "RUN_TIME_VAR_ENV"
-      case 247: // "RUN_TIME_VAR_HSV"
-      case 248: // "RUN_TIME_VAR_REMOTE_USER"
-      case 249: // "RUN_TIME_VAR_RULE"
-      case 250: // "RUN_TIME_VAR_TIME"
-      case 251: // "RUN_TIME_VAR_TIME_DAY"
-      case 252: // "RUN_TIME_VAR_TIME_EPOCH"
-      case 253: // "RUN_TIME_VAR_TIME_HOUR"
-      case 254: // "RUN_TIME_VAR_TIME_MIN"
-      case 255: // "RUN_TIME_VAR_TIME_MON"
-      case 256: // "RUN_TIME_VAR_TIME_SEC"
-      case 257: // "RUN_TIME_VAR_TIME_WDAY"
-      case 258: // "RUN_TIME_VAR_TIME_YEAR"
-      case 259: // "RUN_TIME_VAR_XML"
-      case 260: // "VARIABLE"
-      case 261: // "VARIABLE_COL"
-      case 262: // "VARIABLE_STATUS"
-      case 263: // "VARIABLE_TX"
-      case 264: // "Dictionary element"
-      case 265: // "Dictionary element, selected by regexp"
+      case 93: // "Accuracy"
+      case 94: // "Allow"
+      case 95: // "Append"
+      case 96: // "AuditLog"
+      case 97: // "Block"
+      case 98: // "Capture"
+      case 99: // "Chain"
+      case 100: // "ACTION_CTL_AUDIT_ENGINE"
+      case 101: // "ACTION_CTL_AUDIT_LOG_PARTS"
+      case 102: // "ACTION_CTL_BDY_JSON"
+      case 103: // "ACTION_CTL_BDY_XML"
+      case 104: // "ACTION_CTL_FORCE_REQ_BODY_VAR"
+      case 105: // "ACTION_CTL_REQUEST_BODY_ACCESS"
+      case 106: // "ACTION_CTL_RULE_ENGINE"
+      case 107: // "ACTION_CTL_RULE_REMOVE_BY_ID"
+      case 108: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_ID"
+      case 109: // "ACTION_CTL_RULE_REMOVE_TARGET_BY_TAG"
+      case 110: // "Deny"
+      case 111: // "DeprecateVar"
+      case 112: // "Drop"
+      case 113: // "Exec"
+      case 114: // "ExpireVar"
+      case 115: // "Id"
+      case 116: // "InitCol"
+      case 117: // "Log"
+      case 118: // "LogData"
+      case 119: // "Maturity"
+      case 120: // "Msg"
+      case 121: // "MultiMatch"
+      case 122: // "NoAuditLog"
+      case 123: // "NoLog"
+      case 124: // "Pass"
+      case 125: // "Pause"
+      case 126: // "Phase"
+      case 127: // "Prepend"
+      case 128: // "Proxy"
+      case 129: // "Redirect"
+      case 130: // "Rev"
+      case 131: // "SanatiseArg"
+      case 132: // "SanatiseMatched"
+      case 133: // "SanatiseMatchedBytes"
+      case 134: // "SanatiseRequestHeader"
+      case 135: // "SanatiseResponseHeader"
+      case 136: // "SetEnv"
+      case 137: // "SetSrc"
+      case 138: // "SetSid"
+      case 139: // "SetUID"
+      case 140: // "Severity"
+      case 141: // "Skip"
+      case 142: // "SkipAfter"
+      case 143: // "Status"
+      case 144: // "Tag"
+      case 145: // "ACTION_TRANSFORMATION_CMD_LINE"
+      case 146: // "ACTION_TRANSFORMATION_COMPRESS_WHITESPACE"
+      case 147: // "ACTION_TRANSFORMATION_CSS_DECODE"
+      case 148: // "ACTION_TRANSFORMATION_HEX_ENCODE"
+      case 149: // "ACTION_TRANSFORMATION_HTML_ENTITY_DECODE"
+      case 150: // "ACTION_TRANSFORMATION_JS_DECODE"
+      case 151: // "ACTION_TRANSFORMATION_LENGTH"
+      case 152: // "ACTION_TRANSFORMATION_LOWERCASE"
+      case 153: // "ACTION_TRANSFORMATION_MD5"
+      case 154: // "ACTION_TRANSFORMATION_NONE"
+      case 155: // "ACTION_TRANSFORMATION_NORMALISE_PATH"
+      case 156: // "ACTION_TRANSFORMATION_NORMALISE_PATH_WIN"
+      case 157: // "ACTION_TRANSFORMATION_PARITY_EVEN_7_BIT"
+      case 158: // "ACTION_TRANSFORMATION_PARITY_ODD_7_BIT"
+      case 159: // "ACTION_TRANSFORMATION_PARITY_ZERO_7_BIT"
+      case 160: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS"
+      case 161: // "ACTION_TRANSFORMATION_REMOVE_COMMENTS_CHAR"
+      case 162: // "ACTION_TRANSFORMATION_REMOVE_NULLS"
+      case 163: // "ACTION_TRANSFORMATION_REMOVE_WHITESPACE"
+      case 164: // "ACTION_TRANSFORMATION_REPLACE_COMMENTS"
+      case 165: // "ACTION_TRANSFORMATION_REPLACE_NULLS"
+      case 166: // "ACTION_TRANSFORMATION_SHA1"
+      case 167: // "ACTION_TRANSFORMATION_SQL_HEX_DECODE"
+      case 168: // "ACTION_TRANSFORMATION_TRIM"
+      case 169: // "ACTION_TRANSFORMATION_URL_DECODE"
+      case 170: // "ACTION_TRANSFORMATION_URL_DECODE_UNI"
+      case 171: // "ACTION_TRANSFORMATION_UTF8_TO_UNICODE"
+      case 172: // "Ver"
+      case 173: // "xmlns"
+      case 174: // "CONFIG_COMPONENT_SIG"
+      case 175: // "CONFIG_DIR_AUDIT_DIR"
+      case 176: // "CONFIG_DIR_AUDIT_DIR_MOD"
+      case 177: // "CONFIG_DIR_AUDIT_ENG"
+      case 178: // "CONFIG_DIR_AUDIT_FLE_MOD"
+      case 179: // "CONFIG_DIR_AUDIT_LOG"
+      case 180: // "CONFIG_DIR_AUDIT_LOG2"
+      case 181: // "CONFIG_DIR_AUDIT_LOG_P"
+      case 182: // "CONFIG_DIR_AUDIT_STS"
+      case 183: // "CONFIG_DIR_AUDIT_TPE"
+      case 184: // "CONFIG_DIR_DEBUG_LOG"
+      case 185: // "CONFIG_DIR_DEBUG_LVL"
+      case 186: // "CONFIG_DIR_GEO_DB"
+      case 187: // "CONFIG_DIR_PCRE_MATCH_LIMIT"
+      case 188: // "CONFIG_DIR_PCRE_MATCH_LIMIT_RECURSION"
+      case 189: // "CONFIG_DIR_REQ_BODY"
+      case 190: // "CONFIG_DIR_REQ_BODY_IN_MEMORY_LIMIT"
+      case 191: // "CONFIG_DIR_REQ_BODY_LIMIT"
+      case 192: // "CONFIG_DIR_REQ_BODY_LIMIT_ACTION"
+      case 193: // "CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT"
+      case 194: // "CONFIG_DIR_RES_BODY"
+      case 195: // "CONFIG_DIR_RES_BODY_LIMIT"
+      case 196: // "CONFIG_DIR_RES_BODY_LIMIT_ACTION"
+      case 197: // "CONFIG_DIR_RULE_ENG"
+      case 198: // "CONFIG_DIR_SEC_ACTION"
+      case 199: // "CONFIG_DIR_SEC_DEFAULT_ACTION"
+      case 200: // "CONFIG_DIR_SEC_MARKER"
+      case 201: // "CONFIG_DIR_UNICODE_MAP_FILE"
+      case 202: // "CONFIG_SEC_COLLECTION_TIMEOUT"
+      case 203: // "CONFIG_SEC_REMOTE_RULES_FAIL_ACTION"
+      case 204: // "CONFIG_SEC_RULE_REMOVE_BY_ID"
+      case 205: // "CONFIG_UPDLOAD_KEEP_FILES"
+      case 206: // "CONFIG_UPDLOAD_SAVE_TMP_FILES"
+      case 207: // "CONFIG_UPLOAD_DIR"
+      case 208: // "CONFIG_UPLOAD_FILE_LIMIT"
+      case 209: // "CONFIG_UPLOAD_FILE_MODE"
+      case 210: // "CONFIG_VALUE_ABORT"
+      case 211: // "CONFIG_VALUE_DETC"
+      case 212: // "CONFIG_VALUE_HTTPS"
+      case 213: // "CONFIG_VALUE_OFF"
+      case 214: // "CONFIG_VALUE_ON"
+      case 215: // "CONFIG_VALUE_PARALLEL"
+      case 216: // "CONFIG_VALUE_PROCESS_PARTIAL"
+      case 217: // "CONFIG_VALUE_REJECT"
+      case 218: // "CONFIG_VALUE_RELEVANT_ONLY"
+      case 219: // "CONFIG_VALUE_SERIAL"
+      case 220: // "CONFIG_VALUE_WARN"
+      case 221: // "CONFIG_XML_EXTERNAL_ENTITY"
+      case 222: // "CONGIG_DIR_RESPONSE_BODY_MP"
+      case 223: // "CONGIG_DIR_SEC_ARG_SEP"
+      case 224: // "CONGIG_DIR_SEC_COOKIE_FORMAT"
+      case 225: // "CONGIG_DIR_SEC_DATA_DIR"
+      case 226: // "CONGIG_DIR_SEC_STATUS_ENGINE"
+      case 227: // "CONGIG_DIR_SEC_TMP_DIR"
+      case 228: // "DIRECTIVE"
+      case 229: // "DIRECTIVE_SECRULESCRIPT"
+      case 230: // "FREE_TEXT"
+      case 231: // "OPERATOR"
+      case 232: // "OPERATOR_BEGINS_WITH"
+      case 233: // "OPERATOR_CONTAINS"
+      case 234: // "OPERATOR_CONTAINS_WORD"
+      case 235: // "OPERATOR_DETECT_SQLI"
+      case 236: // "OPERATOR_DETECT_XSS"
+      case 237: // "OPERATOR_ENDS_WITH"
+      case 238: // "OPERATOR_EQ"
+      case 239: // "OPERATOR_FUZZY_HASH"
+      case 240: // "OPERATOR_GE"
+      case 241: // "OPERATOR_GEOLOOKUP"
+      case 242: // "OPERATOR_GSB_LOOKUP"
+      case 243: // "OPERATOR_GT"
+      case 244: // "OPERATOR_INSPECT_FILE"
+      case 245: // "OPERATOR_IP_MATCH"
+      case 246: // "OPERATOR_IP_MATCH_FROM_FILE"
+      case 247: // "OPERATOR_LE"
+      case 248: // "OPERATOR_LT"
+      case 249: // "OPERATOR_PM"
+      case 250: // "OPERATOR_PM_FROM_FILE"
+      case 251: // "OPERATOR_RBL"
+      case 252: // "OPERATOR_RSUB"
+      case 253: // "OPERATOR_RX"
+      case 254: // "Operator Rx"
+      case 255: // "OPERATOR_STR_EQ"
+      case 256: // "OPERATOR_STR_MATCH"
+      case 257: // "OPERATOR_UNCONDITIONAL_MATCH"
+      case 258: // "OPERATOR_VALIDATE_BYTE_RANGE"
+      case 259: // "OPERATOR_VALIDATE_DTD"
+      case 260: // "OPERATOR_VALIDATE_HASH"
+      case 261: // "OPERATOR_VALIDATE_SCHEMA"
+      case 262: // "OPERATOR_VALIDATE_URL_ENCODING"
+      case 263: // "OPERATOR_VALIDATE_UTF8_ENCODING"
+      case 264: // "OPERATOR_VERIFY_CC"
+      case 265: // "OPERATOR_VERIFY_CPF"
+      case 266: // "OPERATOR_VERIFY_SSN"
+      case 267: // "OPERATOR_WITHIN"
+      case 268: // "OP_QUOTE"
+      case 269: // "QUOTATION_MARK"
+      case 270: // "RUN_TIME_VAR_BLD"
+      case 271: // "RUN_TIME_VAR_DUR"
+      case 272: // "RUN_TIME_VAR_HSV"
+      case 273: // "RUN_TIME_VAR_REMOTE_USER"
+      case 274: // "RUN_TIME_VAR_TIME"
+      case 275: // "RUN_TIME_VAR_TIME_DAY"
+      case 276: // "RUN_TIME_VAR_TIME_EPOCH"
+      case 277: // "RUN_TIME_VAR_TIME_HOUR"
+      case 278: // "RUN_TIME_VAR_TIME_MIN"
+      case 279: // "RUN_TIME_VAR_TIME_MON"
+      case 280: // "RUN_TIME_VAR_TIME_SEC"
+      case 281: // "RUN_TIME_VAR_TIME_WDAY"
+      case 282: // "RUN_TIME_VAR_TIME_YEAR"
+      case 283: // "VARIABLE"
+      case 284: // "Dictionary element"
+      case 285: // "Dictionary element, selected by regexp"
         value.move< std::string > (s.value);
         break;
 
-      case 272: // op
-      case 273: // op_before_init
+      case 292: // op
+      case 293: // op_before_init
         value.move< std::unique_ptr<Operator> > (s.value);
         break;
 
-      case 276: // var
+      case 296: // var
         value.move< std::unique_ptr<Variable> > (s.value);
         break;
 
-      case 277: // act
+      case 297: // act
         value.move< std::unique_ptr<actions::Action> > (s.value);
         break;
 
-      case 275: // variables
+      case 295: // variables
         value.move< std::unique_ptr<std::vector<std::unique_ptr<Variable> > >  > (s.value);
         break;
 
-      case 270: // actions
-      case 271: // actions_may_quoted
+      case 290: // actions
+      case 291: // actions_may_quoted
         value.move< std::unique_ptr<std::vector<std::unique_ptr<actions::Action> > >  > (s.value);
         break;
 
@@ -3663,7 +3770,9 @@ namespace yy {
      485,   486,   487,   488,   489,   490,   491,   492,   493,   494,
      495,   496,   497,   498,   499,   500,   501,   502,   503,   504,
      505,   506,   507,   508,   509,   510,   511,   512,   513,   514,
-     515,   516,   517,   518,   519,   520
+     515,   516,   517,   518,   519,   520,   521,   522,   523,   524,
+     525,   526,   527,   528,   529,   530,   531,   532,   533,   534,
+     535,   536,   537,   538,   539,   540
     };
     return static_cast<token_type> (yytoken_number_[type]);
   }
@@ -3692,12 +3801,114 @@ namespace yy {
     return symbol_type (token::TOK_NEW_LINE, l);
   }
 
+  seclang_parser::symbol_type
+  seclang_parser::make_VAR_COUNT (const location_type& l)
+  {
+    return symbol_type (token::TOK_VAR_COUNT, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VAR_EXCLUSION (const location_type& l)
+  {
+    return symbol_type (token::TOK_VAR_EXCLUSION, l);
+  }
+
   seclang_parser::symbol_type
   seclang_parser::make_VARIABLE_ARGS (const location_type& l)
   {
     return symbol_type (token::TOK_VARIABLE_ARGS, l);
   }
 
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_ARGS_POST (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_ARGS_POST, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_ARGS_GET (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_ARGS_GET, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_FILES_SIZES (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_FILES_SIZES, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_FILES_NAMES (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_FILES_NAMES, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_FILES_TMP_CONTENT (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_FILES_TMP_CONTENT, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_MULTIPART_FILENAME (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_MULTIPART_FILENAME, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_MULTIPART_NAME (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_MULTIPART_NAME, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_MATCHED_VARS_NAMES (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_MATCHED_VARS_NAMES, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_MATCHED_VARS (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_MATCHED_VARS, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_FILES (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_FILES, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_REQUEST_COOKIES (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_REQUEST_COOKIES, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_REQUEST_HEADERS (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_REQUEST_HEADERS, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_RESPONSE_HEADERS (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_RESPONSE_HEADERS, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_GEO (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_GEO, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_REQUEST_COOKIES_NAMES (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_REQUEST_COOKIES_NAMES, l);
+  }
+
   seclang_parser::symbol_type
   seclang_parser::make_VARIABLE_ARGS_COMBINED_SIZE (const location_type& l)
   {
@@ -3710,6 +3921,12 @@ namespace yy {
     return symbol_type (token::TOK_VARIABLE_ARGS_GET_NAMES, l);
   }
 
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_RULE (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_RULE, l);
+  }
+
   seclang_parser::symbol_type
   seclang_parser::make_VARIABLE_ARGS_NAMES (const location_type& l)
   {
@@ -4028,6 +4245,54 @@ namespace yy {
     return symbol_type (token::TOK_VARIABLE_USER_ID, l);
   }
 
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_STATUS (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_STATUS, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_IP (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_IP, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_GLOBAL (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_GLOBAL, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_TX (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_TX, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_SESSION (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_SESSION, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_VARIABLE_USER (const location_type& l)
+  {
+    return symbol_type (token::TOK_VARIABLE_USER, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_RUN_TIME_VAR_ENV (const location_type& l)
+  {
+    return symbol_type (token::TOK_RUN_TIME_VAR_ENV, l);
+  }
+
+  seclang_parser::symbol_type
+  seclang_parser::make_RUN_TIME_VAR_XML (const location_type& l)
+  {
+    return symbol_type (token::TOK_RUN_TIME_VAR_XML, l);
+  }
+
   seclang_parser::symbol_type
   seclang_parser::make_ACTION_SETVAR (const location_type& l)
   {
@@ -5132,12 +5397,6 @@ namespace yy {
     return symbol_type (token::TOK_RUN_TIME_VAR_DUR, v, l);
   }
 
-  seclang_parser::symbol_type
-  seclang_parser::make_RUN_TIME_VAR_ENV (const std::string& v, const location_type& l)
-  {
-    return symbol_type (token::TOK_RUN_TIME_VAR_ENV, v, l);
-  }
-
   seclang_parser::symbol_type
   seclang_parser::make_RUN_TIME_VAR_HSV (const std::string& v, const location_type& l)
   {
@@ -5150,12 +5409,6 @@ namespace yy {
     return symbol_type (token::TOK_RUN_TIME_VAR_REMOTE_USER, v, l);
   }
 
-  seclang_parser::symbol_type
-  seclang_parser::make_RUN_TIME_VAR_RULE (const std::string& v, const location_type& l)
-  {
-    return symbol_type (token::TOK_RUN_TIME_VAR_RULE, v, l);
-  }
-
   seclang_parser::symbol_type
   seclang_parser::make_RUN_TIME_VAR_TIME (const std::string& v, const location_type& l)
   {
@@ -5210,36 +5463,12 @@ namespace yy {
     return symbol_type (token::TOK_RUN_TIME_VAR_TIME_YEAR, v, l);
   }
 
-  seclang_parser::symbol_type
-  seclang_parser::make_RUN_TIME_VAR_XML (const std::string& v, const location_type& l)
-  {
-    return symbol_type (token::TOK_RUN_TIME_VAR_XML, v, l);
-  }
-
   seclang_parser::symbol_type
   seclang_parser::make_VARIABLE (const std::string& v, const location_type& l)
   {
     return symbol_type (token::TOK_VARIABLE, v, l);
   }
 
-  seclang_parser::symbol_type
-  seclang_parser::make_VARIABLE_COL (const std::string& v, const location_type& l)
-  {
-    return symbol_type (token::TOK_VARIABLE_COL, v, l);
-  }
-
-  seclang_parser::symbol_type
-  seclang_parser::make_VARIABLE_STATUS (const std::string& v, const location_type& l)
-  {
-    return symbol_type (token::TOK_VARIABLE_STATUS, v, l);
-  }
-
-  seclang_parser::symbol_type
-  seclang_parser::make_VARIABLE_TX (const std::string& v, const location_type& l)
-  {
-    return symbol_type (token::TOK_VARIABLE_TX, v, l);
-  }
-
   seclang_parser::symbol_type
   seclang_parser::make_DICT_ELEMENT (const std::string& v, const location_type& l)
   {
@@ -5255,7 +5484,7 @@ namespace yy {
 
 
 } // yy
-#line 5259 "seclang-parser.hh" // lalr1.cc:377
+#line 5488 "seclang-parser.hh" // lalr1.cc:377
 
 
 
diff --git a/src/parser/seclang-parser.yy b/src/parser/seclang-parser.yy
index 3e8ca124..42dd9ff1 100644
--- a/src/parser/seclang-parser.yy
+++ b/src/parser/seclang-parser.yy
@@ -144,31 +144,40 @@ class Driver;
 #include "src/utils/geo_lookup.h"
 #include "src/utils/string.h"
 #include "src/utils/system.h"
+#include "src/variables/args_combined_size.h"
+#include "src/variables/args_get.h"
+#include "src/variables/args_get_names.h"
 #include "src/variables/args.h"
 #include "src/variables/args_names.h"
-#include "src/variables/xml.h"
-#include "src/variables/args_combined_size.h"
-#include "src/variables/args_get_names.h"
-#include "src/variables/args_names.h"
+#include "src/variables/args_post.h"
 #include "src/variables/args_post_names.h"
 #include "src/variables/auth_type.h"
 #include "src/variables/duration.h"
 #include "src/variables/env.h"
 #include "src/variables/files_combined_size.h"
+#include "src/variables/files.h"
+#include "src/variables/files_names.h"
+#include "src/variables/files_sizes.h"
+#include "src/variables/files_tmp_content.h"
 #include "src/variables/files_tmp_names.h"
 #include "src/variables/full_request.h"
 #include "src/variables/full_request_length.h"
+#include "src/variables/geo.h"
 #include "src/variables/highest_severity.h"
 #include "src/variables/inbound_data_error.h"
 #include "src/variables/matched_var.h"
 #include "src/variables/matched_var_name.h"
+#include "src/variables/matched_vars.h"
+#include "src/variables/matched_vars_names.h"
 #include "src/variables/modsec_build.h"
 #include "src/variables/multipart_crlf_lf_lines.h"
 #include "src/variables/multipart_data_after.h"
 #include "src/variables/multipart_file_limit_exceeded.h"
+#include "src/variables/multipart_file_name.h"
 #include "src/variables/multipart_header_folding.h"
 #include "src/variables/multipart_invalid_header_folding.h"
 #include "src/variables/multipart_invalid_quoting.h"
+#include "src/variables/multipart_name.h"
 #include "src/variables/multipart_strict_error.h"
 #include "src/variables/multipart_unmatched_boundary.h"
 #include "src/variables/outbound_data_error.h"
@@ -186,7 +195,10 @@ class Driver;
 #include "src/variables/request_base_name.h"
 #include "src/variables/request_body.h"
 #include "src/variables/request_body_length.h"
+#include "src/variables/request_cookies.h"
+#include "src/variables/request_cookies_names.h"
 #include "src/variables/request_file_name.h"
+#include "src/variables/request_headers.h"
 #include "src/variables/request_headers_names.h"
 #include "src/variables/request_line.h"
 #include "src/variables/request_method.h"
@@ -197,6 +209,7 @@ class Driver;
 #include "src/variables/response_body.h"
 #include "src/variables/response_content_length.h"
 #include "src/variables/response_content_type.h"
+#include "src/variables/response_headers.h"
 #include "src/variables/response_headers_names.h"
 #include "src/variables/response_protocol.h"
 #include "src/variables/response_status.h"
@@ -220,9 +233,10 @@ class Driver;
 #include "src/variables/user_id.h"
 #include "src/variables/variable.h"
 #include "src/variables/xml.h"
-#include "src/variables/variations/count.h"
-#include "src/variables/variations/exclusion.h"
-
+#include "src/variables/ip.h"
+#include "src/variables/global.h"
+#include "src/variables/session.h"
+#include "src/variables/status.h"
 
 using modsecurity::ModSecurity;
 using modsecurity::Rule;
@@ -241,10 +255,27 @@ using modsecurity::Variables::TimeSec;
 using modsecurity::Variables::TimeWDay;
 using modsecurity::Variables::TimeYear;
 using modsecurity::Variables::Time;
-using modsecurity::Variables::Tx;
+using modsecurity::Variables::Tx_DictElement;
+using modsecurity::Variables::Tx_NoDictElement;
+using modsecurity::Variables::Tx_DictElementRegexp;
+
+using modsecurity::Variables::Ip_DictElement;
+using modsecurity::Variables::Ip_NoDictElement;
+using modsecurity::Variables::Ip_DictElementRegexp;
+
+using modsecurity::Variables::Global_DictElement;
+using modsecurity::Variables::Global_NoDictElement;
+using modsecurity::Variables::Global_DictElementRegexp;
+
+using modsecurity::Variables::Session_DictElement;
+using modsecurity::Variables::Session_NoDictElement;
+using modsecurity::Variables::Session_DictElementRegexp;
+
+
+
 using modsecurity::Variables::Variable;
-using modsecurity::Variables::Variations::Count;
-using modsecurity::Variables::Variations::Exclusion;
+using modsecurity::Variables::VariableModificatorExclusion;
+using modsecurity::Variables::VariableModificatorCount;
 using modsecurity::Variables::XML;
 
 using namespace modsecurity;
@@ -294,6 +325,10 @@ using modsecurity::operators::Operator;
     std::unique_ptr<actions::Action> c(b); \
     a = std::move(c);
 
+#define VARIABLE_CONTAINER(a, b) \
+    std::unique_ptr<Variable> c(b); \
+    a = std::move(c);
+
 
 }
 // The parsing context.
@@ -316,9 +351,27 @@ using modsecurity::operators::Operator;
   COMMA    ","
   PIPE
   NEW_LINE
+  VAR_COUNT
+  VAR_EXCLUSION
   VARIABLE_ARGS
+  VARIABLE_ARGS_POST
+  VARIABLE_ARGS_GET
+  VARIABLE_FILES_SIZES
+  VARIABLE_FILES_NAMES
+  VARIABLE_FILES_TMP_CONTENT
+  VARIABLE_MULTIPART_FILENAME
+  VARIABLE_MULTIPART_NAME
+  VARIABLE_MATCHED_VARS_NAMES
+  VARIABLE_MATCHED_VARS
+  VARIABLE_FILES
+  VARIABLE_REQUEST_COOKIES
+  VARIABLE_REQUEST_HEADERS
+  VARIABLE_RESPONSE_HEADERS
+  VARIABLE_GEO
+  VARIABLE_REQUEST_COOKIES_NAMES
   VARIABLE_ARGS_COMBINED_SIZE
   VARIABLE_ARGS_GET_NAMES
+  VARIABLE_RULE
   VARIABLE_ARGS_NAMES           "Variable ARGS_NAMES"
   VARIABLE_ARGS_POST_NAMES
   VARIABLE_AUTH_TYPE            "AUTH_TYPE"
@@ -372,6 +425,15 @@ using modsecurity::operators::Operator;
   VARIABLE_UNIQUE_ID            "UNIQUE_ID"
   VARIABLE_URL_ENCODED_ERROR    "URLENCODED_ERROR"
   VARIABLE_USER_ID               "USERID"
+  VARIABLE_STATUS                              "VARIABLE_STATUS"
+  VARIABLE_IP                                  "VARIABLE_IP"
+  VARIABLE_GLOBAL                              "VARIABLE_GLOBAL"
+  VARIABLE_TX                                  "VARIABLE_TX"
+  VARIABLE_SESSION                             "VARIABLE_SESSION"
+  VARIABLE_USER                                 "VARIABLE_USER"
+  RUN_TIME_VAR_ENV                             "RUN_TIME_VAR_ENV"
+  RUN_TIME_VAR_XML                             "RUN_TIME_VAR_XML"
+
   ACTION_SETVAR                                "SetVar"
   SETVAR_OPERATION_EQUALS
   SETVAR_OPERATION_EQUALS_PLUS
@@ -559,10 +621,8 @@ using modsecurity::operators::Operator;
   QUOTATION_MARK                               "QUOTATION_MARK"
   RUN_TIME_VAR_BLD                             "RUN_TIME_VAR_BLD"
   RUN_TIME_VAR_DUR                             "RUN_TIME_VAR_DUR"
-  RUN_TIME_VAR_ENV                             "RUN_TIME_VAR_ENV"
   RUN_TIME_VAR_HSV                             "RUN_TIME_VAR_HSV"
   RUN_TIME_VAR_REMOTE_USER                     "RUN_TIME_VAR_REMOTE_USER"
-  RUN_TIME_VAR_RULE                            "RUN_TIME_VAR_RULE"
   RUN_TIME_VAR_TIME                            "RUN_TIME_VAR_TIME"
   RUN_TIME_VAR_TIME_DAY                        "RUN_TIME_VAR_TIME_DAY"
   RUN_TIME_VAR_TIME_EPOCH                      "RUN_TIME_VAR_TIME_EPOCH"
@@ -572,11 +632,7 @@ using modsecurity::operators::Operator;
   RUN_TIME_VAR_TIME_SEC                        "RUN_TIME_VAR_TIME_SEC"
   RUN_TIME_VAR_TIME_WDAY                       "RUN_TIME_VAR_TIME_WDAY"
   RUN_TIME_VAR_TIME_YEAR                       "RUN_TIME_VAR_TIME_YEAR"
-  RUN_TIME_VAR_XML                             "RUN_TIME_VAR_XML"
   VARIABLE                                     "VARIABLE"
-  VARIABLE_COL                                 "VARIABLE_COL"
-  VARIABLE_STATUS                              "VARIABLE_STATUS"
-  VARIABLE_TX                                  "VARIABLE_TX"
   DICT_ELEMENT                                 "Dictionary element"
   DICT_ELEMENT_REGEXP                          "Dictionary element, selected by regexp"
 ;
@@ -1246,616 +1302,647 @@ variables:
         $1->push_back(std::move($3));
         $$ = std::move($1);
       }
+    | variables PIPE VAR_EXCLUSION var
+      {
+        std::unique_ptr<Variable> c(new VariableModificatorExclusion(std::move($4)));
+        $1->push_back(std::move(c));
+        $$ = std::move($1);
+      }
+    | variables PIPE VAR_COUNT var
+      {
+        std::unique_ptr<Variable> c(new VariableModificatorCount(std::move($4)));
+        $1->push_back(std::move(c));
+        $$ = std::move($1);
+      }
     | var
       {
         std::unique_ptr<std::vector<std::unique_ptr<Variable>>> b(new std::vector<std::unique_ptr<Variable>>());
         b->push_back(std::move($1));
         $$ = std::move(b);
       }
+    | VAR_EXCLUSION var
+      {
+        std::unique_ptr<std::vector<std::unique_ptr<Variable>>> b(new std::vector<std::unique_ptr<Variable>>());
+        std::unique_ptr<Variable> c(new VariableModificatorExclusion(std::move($2)));
+        b->push_back(std::move(c));
+        $$ = std::move(b);
+      }
+    | VAR_COUNT var
+      {
+        std::unique_ptr<std::vector<std::unique_ptr<Variable>>> b(new std::vector<std::unique_ptr<Variable>>());
+        std::unique_ptr<Variable> c(new VariableModificatorCount(std::move($2)));
+        b->push_back(std::move(c));
+        $$ = std::move(b);
+      }
     ;
 
 var:
-    VARIABLE_ARGS_NAMES
+    VARIABLE_ARGS DICT_ELEMENT
       {
-        std::unique_ptr<Variable> c(new Variables::ArgsNames());
-        $$ = std::move(c);
-      }
-    | VARIABLE_ARGS DICT_ELEMENT
-      {
-        std::unique_ptr<Variable> c(new Variables::Args_DictElement($2));
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::Args_DictElement($2));
       }
     | VARIABLE_ARGS DICT_ELEMENT_REGEXP
       {
-        std::unique_ptr<Variable> c(new Variables::Args_DictElementRegexp($2));
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::Args_DictElementRegexp($2));
       }
     | VARIABLE_ARGS
       {
-        std::unique_ptr<Variable> c(new Variables::Args_NoDictElement());
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::Args_NoDictElement());
       }
-    | VARIABLE_ARGS_GET_NAMES
+    | VARIABLE_ARGS_POST DICT_ELEMENT
       {
-        std::unique_ptr<Variable> c(new Variables::ArgsGetNames());
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::ArgsPost_DictElement($2));
       }
-    | VARIABLE_ARGS_POST_NAMES
+    | VARIABLE_ARGS_POST DICT_ELEMENT_REGEXP
       {
-        std::unique_ptr<Variable> c(new Variables::ArgsPostNames());
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::ArgsPost_DictElementRegexp($2));
       }
-    | VARIABLE_REQUEST_HEADERS_NAMES
+    | VARIABLE_ARGS_POST
       {
-        std::unique_ptr<Variable> c(new Variables::RequestHeadersNames());
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::ArgsPost_NoDictElement());
       }
-    | VARIABLE_RESPONSE_CONTENT_TYPE
+    | VARIABLE_ARGS_GET DICT_ELEMENT
       {
-        std::unique_ptr<Variable> c(new Variables::ResponseContentType());
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::ArgsGet_DictElement($2));
       }
-    | VARIABLE_RESPONSE_HEADERS_NAMES
+    | VARIABLE_ARGS_GET DICT_ELEMENT_REGEXP
       {
-        std::unique_ptr<Variable> c(new Variables::ResponseHeadersNames());
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::ArgsGet_DictElementRegexp($2));
       }
-    | VARIABLE_ARGS_COMBINED_SIZE
+    | VARIABLE_ARGS_GET
       {
-        std::unique_ptr<Variable> c(new Variables::ArgsCombinedSize());
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::ArgsGet_NoDictElement());
       }
-   | VARIABLE_AUTH_TYPE
+    | VARIABLE_FILES_SIZES DICT_ELEMENT
       {
-        std::unique_ptr<Variable> c(new Variables::AuthType());
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::FilesSizes_DictElement($2));
       }
-    | VARIABLE_FILES_COMBINED_SIZE
+    | VARIABLE_FILES_SIZES DICT_ELEMENT_REGEXP
       {
-        std::unique_ptr<Variable> c(new Variables::FilesCombinedSize());
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::FilesSizes_DictElementRegexp($2));
+      }
+    | VARIABLE_FILES_SIZES
+      {
+        VARIABLE_CONTAINER($$, new Variables::FilesSizes_NoDictElement());
+      }
+    | VARIABLE_FILES_NAMES DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::FilesNames_DictElement($2));
+      }
+    | VARIABLE_FILES_NAMES DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::FilesNames_DictElementRegexp($2));
+      }
+    | VARIABLE_FILES_NAMES
+      {
+        VARIABLE_CONTAINER($$, new Variables::FilesNames_NoDictElement());
+      }
+    | VARIABLE_FILES_TMP_CONTENT DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::FilesTmpContent_DictElement($2));
+      }
+    | VARIABLE_FILES_TMP_CONTENT DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::FilesTmpContent_DictElementRegexp($2));
+      }
+    | VARIABLE_FILES_TMP_CONTENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::FilesTmpContent_NoDictElement());
+      }
+    | VARIABLE_MULTIPART_FILENAME DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::MultiPartFileName_DictElement($2));
+      }
+    | VARIABLE_MULTIPART_FILENAME DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::MultiPartFileName_DictElementRegexp($2));
+      }
+    | VARIABLE_MULTIPART_FILENAME
+      {
+        VARIABLE_CONTAINER($$, new Variables::MultiPartFileName_NoDictElement());
+      }
+    | VARIABLE_MULTIPART_NAME DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::MultiPartName_DictElement($2));
+      }
+    | VARIABLE_MULTIPART_NAME DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::MultiPartName_DictElementRegexp($2));
+      }
+    | VARIABLE_MULTIPART_NAME
+      {
+        VARIABLE_CONTAINER($$, new Variables::MultiPartName_NoDictElement());
+      }
+    | VARIABLE_MATCHED_VARS_NAMES DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::MatchedVarsNames_DictElement($2));
+      }
+    | VARIABLE_MATCHED_VARS_NAMES DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::MatchedVarsNames_DictElementRegexp($2));
+      }
+    | VARIABLE_MATCHED_VARS_NAMES
+      {
+        VARIABLE_CONTAINER($$, new Variables::MatchedVarsNames_NoDictElement());
+      }
+    | VARIABLE_MATCHED_VARS DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::MatchedVars_DictElement($2));
+      }
+    | VARIABLE_MATCHED_VARS DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::MatchedVars_DictElementRegexp($2));
+      }
+    | VARIABLE_MATCHED_VARS
+      {
+        VARIABLE_CONTAINER($$, new Variables::MatchedVars_NoDictElement());
+      }
+    | VARIABLE_FILES DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::Files_DictElement($2));
+      }
+    | VARIABLE_FILES DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::Files_DictElementRegexp($2));
+      }
+    | VARIABLE_FILES
+      {
+        VARIABLE_CONTAINER($$, new Variables::Files_NoDictElement());
+      }
+    | VARIABLE_REQUEST_COOKIES DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestCookies_DictElement($2));
+      }
+    | VARIABLE_REQUEST_COOKIES DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestCookies_DictElementRegexp($2));
+      }
+    | VARIABLE_REQUEST_COOKIES
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestCookies_NoDictElement());
+      }
+    | VARIABLE_REQUEST_HEADERS DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestHeaders_DictElement($2));
+      }
+    | VARIABLE_REQUEST_HEADERS DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestHeaders_DictElementRegexp($2));
+      }
+    | VARIABLE_REQUEST_HEADERS
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestHeaders_NoDictElement());
+      }
+    | VARIABLE_RESPONSE_HEADERS DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::ResponseHeaders_DictElement($2));
+      }
+    | VARIABLE_RESPONSE_HEADERS DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::ResponseHeaders_DictElementRegexp($2));
+      }
+    | VARIABLE_RESPONSE_HEADERS
+      {
+        VARIABLE_CONTAINER($$, new Variables::ResponseHeaders_NoDictElement());
+      }
+    | VARIABLE_GEO DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::Geo_DictElement($2));
+      }
+    | VARIABLE_GEO DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::Geo_DictElementRegexp($2));
+      }
+    | VARIABLE_GEO
+      {
+        VARIABLE_CONTAINER($$, new Variables::Geo_NoDictElement());
+      }
+    | VARIABLE_REQUEST_COOKIES_NAMES DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestCookiesNames_DictElement($2));
+      }
+    | VARIABLE_REQUEST_COOKIES_NAMES DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestCookiesNames_DictElementRegexp($2));
+      }
+    | VARIABLE_REQUEST_COOKIES_NAMES
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestCookiesNames_NoDictElement());
+      }
+    | VARIABLE_RULE DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::Rule_DictElement($2));
+      }
+    | VARIABLE_RULE DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::Rule_DictElementRegexp($2));
+      }
+    | VARIABLE_RULE
+      {
+        VARIABLE_CONTAINER($$, new Variables::Rule_NoDictElement());
+      }
+    | RUN_TIME_VAR_ENV DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::Env("ENV:" + $2));
+      }
+    | RUN_TIME_VAR_ENV DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::Env("ENV:" + $2));
+      }
+    | RUN_TIME_VAR_ENV
+      {
+        VARIABLE_CONTAINER($$, new Variables::Env("ENV"));
+      }
+    | RUN_TIME_VAR_XML DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::XML("XML:" + $2));
+      }
+    | RUN_TIME_VAR_XML DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::XML("XML:" + $2));
+      }
+    | RUN_TIME_VAR_XML
+      {
+        VARIABLE_CONTAINER($$, new Variables::XML_NoDictElement());
+      }
+    | VARIABLE_FILES_TMP_NAMES DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::FilesTmpNames_DictElement($2));
+      }
+    | VARIABLE_FILES_TMP_NAMES DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::FilesTmpNames_DictElementRegexp($2));
       }
     | VARIABLE_FILES_TMP_NAMES
       {
-        std::unique_ptr<Variable> c(new Variables::FilesTmpNames());
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::FilesTmpNames_NoDictElement());
       }
-    | VARIABLE_FULL_REQUEST
+
+    | VARIABLE_IP DICT_ELEMENT
       {
-        std::unique_ptr<Variable> c(new Variables::FullRequest());
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::Ip_DictElement($2));
       }
-    | VARIABLE_FULL_REQUEST_LENGTH
+    | VARIABLE_IP DICT_ELEMENT_REGEXP
       {
-        std::unique_ptr<Variable> c(new Variables::FullRequestLength());
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::Ip_DictElementRegexp($2));
       }
-    | VARIABLE_INBOUND_DATA_ERROR
+    | VARIABLE_IP
       {
-        std::unique_ptr<Variable> c(new Variables::InboundDataError());
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::Ip_NoDictElement());
       }
-    | VARIABLE_MATCHED_VAR
+
+    | VARIABLE_GLOBAL DICT_ELEMENT
       {
-        std::unique_ptr<Variable> c(new Variables::MatchedVar());
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::Global_DictElement($2));
       }
-    | VARIABLE_MATCHED_VAR_NAME
+    | VARIABLE_GLOBAL DICT_ELEMENT_REGEXP
       {
-        std::unique_ptr<Variable> c(new Variables::MatchedVarName());
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::Global_DictElementRegexp($2));
       }
-    | VARIABLE_MULTIPART_CRLF_LF_LINES
+    | VARIABLE_GLOBAL
       {
-        std::unique_ptr<Variable> c(new Variables::MultipartCrlfLFLines());
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::Global_NoDictElement());
       }
-    | VARIABLE_MULTIPART_DATA_AFTER
+
+    | VARIABLE_TX DICT_ELEMENT
       {
-        std::unique_ptr<Variable> c(new Variables::MultipartDateAfter());
-        $$ = std::move(c);
+        VARIABLE_CONTAINER($$, new Variables::Tx_DictElement($2));
       }
-    | VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED
+    | VARIABLE_TX DICT_ELEMENT_REGEXP
       {
-        std::unique_ptr<Variable> c(new Variables::MultipartFileLimitExceeded());
-        $$ = std::move(c);
-      }
-    | VARIABLE_MULTIPART_HEADER_FOLDING
-      {
-        std::unique_ptr<Variable> c(new Variables::MultipartHeaderFolding());
-        $$ = std::move(c);
-      }
-    | VARIABLE_MULTIPART_INVALID_HEADER_FOLDING
-      {
-        std::unique_ptr<Variable> c(new Variables::MultipartInvalidHeaderFolding());
-        $$ = std::move(c);
-      }
-    | VARIABLE_MULTIPART_INVALID_QUOTING
-      {
-        std::unique_ptr<Variable> c(new Variables::MultipartInvalidQuoting());
-        $$ = std::move(c);
-      }
-    | VARIABLE_MULTIPART_STRICT_ERROR
-      {
-        std::unique_ptr<Variable> c(new Variables::MultipartStrictError());
-        $$ = std::move(c);
-      }
-    | VARIABLE_MULTIPART_UNMATCHED_BOUNDARY
-      {
-        std::unique_ptr<Variable> c(new Variables::MultipartUnmatchedBoundary());
-        $$ = std::move(c);
-      }
-    | VARIABLE_OUTBOUND_DATA_ERROR
-      {
-        std::unique_ptr<Variable> c(new Variables::OutboundDataError());
-        $$ = std::move(c);
-      }
-    | VARIABLE_PATH_INFO
-      {
-        std::unique_ptr<Variable> c(new Variables::PathInfo());
-        $$ = std::move(c);
-      }
-    | VARIABLE_QUERY_STRING
-      {
-        std::unique_ptr<Variable> c(new Variables::QueryString());
-        $$ = std::move(c);
-      }
-    | VARIABLE_REMOTE_ADDR
-      {
-        std::unique_ptr<Variable> c(new Variables::RemoteAddr());
-        $$ = std::move(c);
-      }
-    | VARIABLE_REMOTE_HOST
-      {
-        std::unique_ptr<Variable> c(new Variables::RemoteHost());
-        $$ = std::move(c);
-      }
-    | VARIABLE_REMOTE_PORT
-      {
-        std::unique_ptr<Variable> c(new Variables::RemotePort());
-        $$ = std::move(c);
-      }
-    | VARIABLE_REQBODY_ERROR
-      {
-        std::unique_ptr<Variable> c(new Variables::ReqbodyError());
-        $$ = std::move(c);
-      }
-    | VARIABLE_REQBODY_ERROR_MSG
-      {
-        std::unique_ptr<Variable> c(new Variables::ReqbodyErrorMsg());
-        $$ = std::move(c);
-      }
-    | VARIABLE_REQBODY_PROCESSOR
-      {
-        std::unique_ptr<Variable> c(new Variables::ReqbodyProcessor());
-        $$ = std::move(c);
-      }
-    | VARIABLE_REQBODY_PROCESSOR_ERROR
-      {
-        std::unique_ptr<Variable> c(new Variables::ReqbodyProcessorError());
-        $$ = std::move(c);
-      }
-    | VARIABLE_REQBODY_PROCESSOR_ERROR_MSG
-      {
-        std::unique_ptr<Variable> c(new Variables::ReqbodyProcessorErrorMsg());
-        $$ = std::move(c);
-      }
-    | VARIABLE_REQUEST_BASENAME
-      {
-        std::unique_ptr<Variable> c(new Variables::RequestBasename());
-        $$ = std::move(c);
-      }
-    | VARIABLE_REQUEST_BODY
-      {
-        std::unique_ptr<Variable> c(new Variables::RequestBody());
-        $$ = std::move(c);
-      }
-    | VARIABLE_REQUEST_BODY_LENGTH
-      {
-        std::unique_ptr<Variable> c(new Variables::RequestBodyLength());
-        $$ = std::move(c);
-      }
-    | VARIABLE_REQUEST_FILE_NAME
-      {
-        std::unique_ptr<Variable> c(new Variables::RequestFilename());
-        $$ = std::move(c);
-      }
-    | VARIABLE_REQUEST_LINE
-      {
-        std::unique_ptr<Variable> c(new Variables::RequestLine());
-        $$ = std::move(c);
-      }
-    | VARIABLE_REQUEST_METHOD
-      {
-        std::unique_ptr<Variable> c(new Variables::RequestMethod());
-        $$ = std::move(c);
-      }
-    | VARIABLE_REQUEST_PROTOCOL
-      {
-        std::unique_ptr<Variable> c(new Variables::RequestProtocol());
-        $$ = std::move(c);
-      }
-    | VARIABLE_REQUEST_URI
-      {
-        std::unique_ptr<Variable> c(new Variables::RequestURI());
-        $$ = std::move(c);
-      }
-    | VARIABLE_REQUEST_URI_RAW
-      {
-        std::unique_ptr<Variable> c(new Variables::RequestURIRaw());
-        $$ = std::move(c);
-      }
-    | VARIABLE_RESOURCE
-      {
-        std::unique_ptr<Variable> c(new Variables::Resource());
-        $$ = std::move(c);
-      }
-    | VARIABLE_RESPONSE_BODY
-      {
-        std::unique_ptr<Variable> c(new Variables::ResponseBody());
-        $$ = std::move(c);
-      }
-    | VARIABLE_RESPONSE_CONTENT_LENGTH
-      {
-        std::unique_ptr<Variable> c(new Variables::ResponseContentLength());
-        $$ = std::move(c);
-      }
-    | VARIABLE_RESPONSE_PROTOCOL
-      {
-        std::unique_ptr<Variable> c(new Variables::ResponseProtocol());
-        $$ = std::move(c);
-      }
-    | VARIABLE_RESPONSE_STATUS
-      {
-        std::unique_ptr<Variable> c(new Variables::ResponseStatus());
-        $$ = std::move(c);
-      }
-    | VARIABLE_SERVER_ADDR
-      {
-        std::unique_ptr<Variable> c(new Variables::ServerAddr());
-        $$ = std::move(c);
-      }
-    | VARIABLE_SERVER_NAME
-      {
-        std::unique_ptr<Variable> c(new Variables::ServerName());
-        $$ = std::move(c);
-      }
-    | VARIABLE_SERVER_PORT
-      {
-        std::unique_ptr<Variable> c(new Variables::ServerPort());
-        $$ = std::move(c);
-      }
-    | VARIABLE_SESSION_ID
-      {
-        std::unique_ptr<Variable> c(new Variables::SessionID());
-        $$ = std::move(c);
-      }
-    | VARIABLE_UNIQUE_ID
-      {
-        std::unique_ptr<Variable> c(new Variables::UniqueID());
-        $$ = std::move(c);
-      }
-    | VARIABLE_URL_ENCODED_ERROR
-      {
-        std::unique_ptr<Variable> c(new Variables::UrlEncodedError());
-        $$ = std::move(c);
-      }
-    | VARIABLE_USER_ID
-      {
-        std::unique_ptr<Variable> c(new Variables::UserID());
-        $$ = std::move(c);
-      }
-    | VARIABLE_STATUS
-      {
-        std::string name($1);
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new Variable(name, Variable::VariableKind::DirectVariable)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new Variable(name, Variable::VariableKind::DirectVariable)));
-            $$ = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new Variable(name, Variable::VariableKind::DirectVariable));
-            $$ = std::move(c);
-        }
-      }
-    | VARIABLE_COL
-      {
-        std::string name($1);
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new Variable(name, Variable::VariableKind::CollectionVarible)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new Variable(name, Variable::VariableKind::CollectionVarible)));
-            $$ = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new Variable(name, Variable::VariableKind::CollectionVarible));
-            $$ = std::move(c);
-        }
+        VARIABLE_CONTAINER($$, new Variables::Tx_DictElementRegexp($2));
       }
     | VARIABLE_TX
       {
-        std::string name($1);
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new Tx(name)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new Tx(name)));
-            $$ = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new Tx(name));
-            $$ = std::move(c);
-        }
+        VARIABLE_CONTAINER($$, new Variables::Tx_NoDictElement());
+      }
+
+    | VARIABLE_SESSION DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::Session_DictElement($2));
+      }
+    | VARIABLE_SESSION DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::Session_DictElementRegexp($2));
+      }
+    | VARIABLE_SESSION
+      {
+        VARIABLE_CONTAINER($$, new Variables::Session_NoDictElement());
+      }
+
+
+
+    | VARIABLE_ARGS_NAMES
+      {
+        VARIABLE_CONTAINER($$, new Variables::ArgsNames());
+      }
+    | VARIABLE_ARGS_GET_NAMES
+      {
+        VARIABLE_CONTAINER($$, new Variables::ArgsGetNames());
+      }
+    | VARIABLE_ARGS_POST_NAMES
+      {
+        VARIABLE_CONTAINER($$, new Variables::ArgsPostNames());
+      }
+    | VARIABLE_REQUEST_HEADERS_NAMES
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestHeadersNames());
+      }
+    | VARIABLE_RESPONSE_CONTENT_TYPE
+      {
+        VARIABLE_CONTAINER($$, new Variables::ResponseContentType());
+      }
+    | VARIABLE_RESPONSE_HEADERS_NAMES
+      {
+        VARIABLE_CONTAINER($$, new Variables::ResponseHeadersNames());
+      }
+    | VARIABLE_ARGS_COMBINED_SIZE
+      {
+        VARIABLE_CONTAINER($$, new Variables::ArgsCombinedSize());
+      }
+   | VARIABLE_AUTH_TYPE
+      {
+        VARIABLE_CONTAINER($$, new Variables::AuthType());
+      }
+    | VARIABLE_FILES_COMBINED_SIZE
+      {
+        VARIABLE_CONTAINER($$, new Variables::FilesCombinedSize());
+      }
+    | VARIABLE_FULL_REQUEST
+      {
+        VARIABLE_CONTAINER($$, new Variables::FullRequest());
+      }
+    | VARIABLE_FULL_REQUEST_LENGTH
+      {
+        VARIABLE_CONTAINER($$, new Variables::FullRequestLength());
+      }
+    | VARIABLE_INBOUND_DATA_ERROR
+      {
+        VARIABLE_CONTAINER($$, new Variables::InboundDataError());
+      }
+    | VARIABLE_MATCHED_VAR
+      {
+        VARIABLE_CONTAINER($$, new Variables::MatchedVar());
+      }
+    | VARIABLE_MATCHED_VAR_NAME
+      {
+        VARIABLE_CONTAINER($$, new Variables::MatchedVarName());
+      }
+    | VARIABLE_MULTIPART_CRLF_LF_LINES
+      {
+        VARIABLE_CONTAINER($$, new Variables::MultipartCrlfLFLines());
+      }
+    | VARIABLE_MULTIPART_DATA_AFTER
+      {
+        VARIABLE_CONTAINER($$, new Variables::MultipartDateAfter());
+      }
+    | VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED
+      {
+        VARIABLE_CONTAINER($$, new Variables::MultipartFileLimitExceeded());
+      }
+    | VARIABLE_MULTIPART_HEADER_FOLDING
+      {
+        VARIABLE_CONTAINER($$, new Variables::MultipartHeaderFolding());
+      }
+    | VARIABLE_MULTIPART_INVALID_HEADER_FOLDING
+      {
+        VARIABLE_CONTAINER($$, new Variables::MultipartInvalidHeaderFolding());
+      }
+    | VARIABLE_MULTIPART_INVALID_QUOTING
+      {
+        VARIABLE_CONTAINER($$, new Variables::MultipartInvalidQuoting());
+      }
+    | VARIABLE_MULTIPART_STRICT_ERROR
+      {
+        VARIABLE_CONTAINER($$, new Variables::MultipartStrictError());
+      }
+    | VARIABLE_MULTIPART_UNMATCHED_BOUNDARY
+      {
+        VARIABLE_CONTAINER($$, new Variables::MultipartUnmatchedBoundary());
+      }
+    | VARIABLE_OUTBOUND_DATA_ERROR
+      {
+        VARIABLE_CONTAINER($$, new Variables::OutboundDataError());
+      }
+    | VARIABLE_PATH_INFO
+      {
+        VARIABLE_CONTAINER($$, new Variables::PathInfo());
+      }
+    | VARIABLE_QUERY_STRING
+      {
+        VARIABLE_CONTAINER($$, new Variables::QueryString());
+      }
+    | VARIABLE_REMOTE_ADDR
+      {
+        VARIABLE_CONTAINER($$, new Variables::RemoteAddr());
+      }
+    | VARIABLE_REMOTE_HOST
+      {
+        VARIABLE_CONTAINER($$, new Variables::RemoteHost());
+      }
+    | VARIABLE_REMOTE_PORT
+      {
+        VARIABLE_CONTAINER($$, new Variables::RemotePort());
+      }
+    | VARIABLE_REQBODY_ERROR
+      {
+        VARIABLE_CONTAINER($$, new Variables::ReqbodyError());
+      }
+    | VARIABLE_REQBODY_ERROR_MSG
+      {
+        VARIABLE_CONTAINER($$, new Variables::ReqbodyErrorMsg());
+      }
+    | VARIABLE_REQBODY_PROCESSOR
+      {
+        VARIABLE_CONTAINER($$, new Variables::ReqbodyProcessor());
+      }
+    | VARIABLE_REQBODY_PROCESSOR_ERROR
+      {
+        VARIABLE_CONTAINER($$, new Variables::ReqbodyProcessorError());
+      }
+    | VARIABLE_REQBODY_PROCESSOR_ERROR_MSG
+      {
+        VARIABLE_CONTAINER($$, new Variables::ReqbodyProcessorErrorMsg());
+      }
+    | VARIABLE_REQUEST_BASENAME
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestBasename());
+      }
+    | VARIABLE_REQUEST_BODY
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestBody());
+      }
+    | VARIABLE_REQUEST_BODY_LENGTH
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestBodyLength());
+      }
+    | VARIABLE_REQUEST_FILE_NAME
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestFilename());
+      }
+    | VARIABLE_REQUEST_LINE
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestLine());
+      }
+    | VARIABLE_REQUEST_METHOD
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestMethod());
+      }
+    | VARIABLE_REQUEST_PROTOCOL
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestProtocol());
+      }
+    | VARIABLE_REQUEST_URI
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestURI());
+      }
+    | VARIABLE_REQUEST_URI_RAW
+      {
+        VARIABLE_CONTAINER($$, new Variables::RequestURIRaw());
+      }
+    | VARIABLE_RESOURCE
+      {
+        VARIABLE_CONTAINER($$, new Variables::Resource());
+      }
+    | VARIABLE_RESPONSE_BODY
+      {
+        VARIABLE_CONTAINER($$, new Variables::ResponseBody());
+      }
+    | VARIABLE_RESPONSE_CONTENT_LENGTH
+      {
+        VARIABLE_CONTAINER($$, new Variables::ResponseContentLength());
+      }
+    | VARIABLE_RESPONSE_PROTOCOL
+      {
+        VARIABLE_CONTAINER($$, new Variables::ResponseProtocol());
+      }
+    | VARIABLE_RESPONSE_STATUS
+      {
+        VARIABLE_CONTAINER($$, new Variables::ResponseStatus());
+      }
+    | VARIABLE_SERVER_ADDR
+      {
+        VARIABLE_CONTAINER($$, new Variables::ServerAddr());
+      }
+    | VARIABLE_SERVER_NAME
+      {
+        VARIABLE_CONTAINER($$, new Variables::ServerName());
+      }
+    | VARIABLE_SERVER_PORT
+      {
+        VARIABLE_CONTAINER($$, new Variables::ServerPort());
+      }
+    | VARIABLE_SESSION_ID
+      {
+        VARIABLE_CONTAINER($$, new Variables::SessionID());
+      }
+    | VARIABLE_UNIQUE_ID
+      {
+        VARIABLE_CONTAINER($$, new Variables::UniqueID());
+      }
+    | VARIABLE_URL_ENCODED_ERROR
+      {
+        VARIABLE_CONTAINER($$, new Variables::UrlEncodedError());
+      }
+    | VARIABLE_USER_ID
+      {
+        VARIABLE_CONTAINER($$, new Variables::UserID());
+      }
+    | VARIABLE_STATUS
+      {
+        VARIABLE_CONTAINER($$, new Variables::Status());
       }
     | RUN_TIME_VAR_DUR
       {
         std::string name($1);
         char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new Duration(name)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new Duration(name)));
-            $$ = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new Duration(name));
-            $$ = std::move(c);
-        }
-      }
-    | RUN_TIME_VAR_ENV
-      {
-        std::string name($1);
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new Env(name)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new Env(name)));
-            $$ = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new Env(name));
-            $$ = std::move(c);
-        }
+        std::unique_ptr<Variable> c(new Duration(name));
+        $$ = std::move(c);
       }
+
     | RUN_TIME_VAR_BLD
       {
         std::string name($1);
         char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new ModsecBuild(name)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new ModsecBuild(name)));
-            $$ = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new ModsecBuild(name));
-            $$ = std::move(c);
-        }
+        std::unique_ptr<Variable> c(new ModsecBuild(name));
+        $$ = std::move(c);
       }
     | RUN_TIME_VAR_HSV
       {
         std::string name($1);
         char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new HighestSeverity(name)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new HighestSeverity(name)));
-            $$ = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new HighestSeverity(name));
-            $$ = std::move(c);
-        }
+        std::unique_ptr<Variable> c(new HighestSeverity(name));
+        $$ = std::move(c);
       }
     | RUN_TIME_VAR_REMOTE_USER
       {
         std::string name($1);
         char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new RemoteUser(name)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new RemoteUser(name)));
-            $$ = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new RemoteUser(name));
-            $$ = std::move(c);
-        }
+        std::unique_ptr<Variable> c(new RemoteUser(name));
+        $$ = std::move(c);
       }
     | RUN_TIME_VAR_TIME
       {
         std::string name($1);
         char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new Time(name)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new Time(name)));
-            $$ = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new Time(name));
-            $$ = std::move(c);
-        }
+        std::unique_ptr<Variable> c(new Time(name));
+        $$ = std::move(c);
       }
     | RUN_TIME_VAR_TIME_DAY
       {
         std::string name($1);
         char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new TimeDay(name)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new TimeDay(name)));
-            $$ = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new TimeDay(name));
-            $$ = std::move(c);
-        }
+        std::unique_ptr<Variable> c(new TimeDay(name));
+        $$ = std::move(c);
       }
     | RUN_TIME_VAR_TIME_EPOCH
       {
         std::string name($1);
         char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new TimeEpoch(name)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new TimeEpoch(name)));
-            $$ = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new TimeEpoch(name));
-            $$ = std::move(c);
-        }
+        std::unique_ptr<Variable> c(new TimeEpoch(name));
+        $$ = std::move(c);
       }
     | RUN_TIME_VAR_TIME_HOUR
       {
         std::string name($1);
         char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new TimeHour(name)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new TimeHour(name)));
-            $$ = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new TimeHour(name));
-            $$ = std::move(c);
-        }
+        std::unique_ptr<Variable> c(new TimeHour(name));
+        $$ = std::move(c);
       }
     | RUN_TIME_VAR_TIME_MIN
       {
         std::string name($1);
         char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new TimeMin(name)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new TimeMin(name)));
-            $$ = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new TimeMin(name));
-            $$ = std::move(c);
-        }
+        std::unique_ptr<Variable> c(new TimeMin(name));
+        $$ = std::move(c);
       }
     | RUN_TIME_VAR_TIME_MON
       {
         std::string name($1);
         char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new TimeMon(name)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new TimeMon(name)));
-            $$ = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new TimeMon(name));
-            $$ = std::move(c);
-        }
+        std::unique_ptr<Variable> c(new TimeMon(name));
+        $$ = std::move(c);
       }
     | RUN_TIME_VAR_TIME_SEC
       {
         std::string name($1);
         char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new TimeSec(name)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new TimeSec(name)));
-            $$ = std::move(c);
-        } else {
             std::unique_ptr<Variable> c(new TimeSec(name));
             $$ = std::move(c);
-        }
       }
     | RUN_TIME_VAR_TIME_WDAY
       {
         std::string name($1);
         char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new TimeWDay(name)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new TimeWDay(name)));
-            $$ = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new TimeWDay(name));
-            $$ = std::move(c);
-        }
+        std::unique_ptr<Variable> c(new TimeWDay(name));
+        $$ = std::move(c);
       }
     | RUN_TIME_VAR_TIME_YEAR
       {
         std::string name($1);
         char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new TimeYear(name)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new TimeYear(name)));
-            $$ = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new TimeYear(name));
-            $$ = std::move(c);
-        }
-      }
-    | RUN_TIME_VAR_XML
-      {
-            std::string name($1);
-            std::unique_ptr<Variable> c(new XML(name));
-            $$ = std::move(c);
-      }
-    | RUN_TIME_VAR_RULE
-      {
-        std::string name($1);
-        char z = name.at(0);
-        if (z == '&') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Count(new Variable(name, Variable::VariableKind::DirectVariable)));
-            $$ = std::move(c);
-        } else if (z == '!') {
-            name.erase(0, 1);
-            std::unique_ptr<Variable> c(new Exclusion(new Variable(name, Variable::VariableKind::DirectVariable)));
-            $$ = std::move(c);
-        } else {
-            std::unique_ptr<Variable> c(new Variable(name, Variable::VariableKind::DirectVariable));
-            $$ = std::move(c);
-        }
+        std::unique_ptr<Variable> c(new TimeYear(name));
+        $$ = std::move(c);
       }
     ;
 
diff --git a/src/parser/seclang-scanner.ll b/src/parser/seclang-scanner.ll
index 4f55307f..eab81b24 100755
--- a/src/parser/seclang-scanner.ll
+++ b/src/parser/seclang-scanner.ll
@@ -110,6 +110,142 @@ ACTION_TRANSFORMATION_URL_DECODE_UNI            (?i:t:urlDecodeUni)
 ACTION_TRANSFORMATION_UTF8_TO_UNICODE           (?i:t:utf8toUnicode)
 
 
+VARIABLE_ARGS_COMBINED_SIZE               (?i:ARGS_COMBINED_SIZE)
+VARIABLE_ARGS_GET_NAMES                   (?i:ARGS_GET_NAMES)
+VARIABLE_ARGS_NAMES                       (?i:ARGS_NAMES)
+VARIABLE_ARGS_POST_NAMES                  (?i:ARGS_POST_NAMES)
+VARIABLE_AUTH_TYPE                        (?i:AUTH_TYPE)
+VARIABLE_FILES_COMBINED_SIZE              (?i:FILES_COMBINED_SIZE)
+VARIABLE_FILES_TMP_NAMES                  (?i:FILES_TMPNAMES)
+VARIABLE_FULL_REQUEST                     (?i:FULL_REQUEST)
+VARIABLE_FULL_REQUEST_LENGTH              (?i:FULL_REQUEST_LENGTH)
+VARIABLE_GLOBAL                           (?i:GLOBAL)
+VARIABLE_INBOUND_DATA_ERROR               (?i:INBOUND_DATA_ERROR)
+VARIABLE_MATCHED_VAR                      (?i:MATCHED_VAR)
+VARIABLE_MATCHED_VAR_NAME                 (?i:MATCHED_VAR_NAME)
+VARIABLE_MULTIPART_CRLF_LF_LINES          (?i:MULTIPART_CRLF_LF_LINES)
+VARIABLE_MULTIPART_DATA_AFTER             (?i:MULTIPART_DATA_AFTER)
+VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED    (?i:MULTIPART_FILE_LIMIT_EXCEEDED)
+VARIABLE_MULTIPART_HEADER_FOLDING         (?i:MULTIPART_HEADER_FOLDING)
+VARIABLE_MULTIPART_INVALID_HEADER_FOLDING (?i:MULTIPART_INVALID_HEADER_FOLDING)
+VARIABLE_MULTIPART_INVALID_QUOTING        (?i:MULTIPART_INVALID_QUOTING)
+VARIABLE_MULTIPART_STRICT_ERROR           (?i:MULTIPART_STRICT_ERROR)
+VARIABLE_MULTIPART_UNMATCHED_BOUNDARY     (?i:MULTIPART_UNMATCHED_BOUNDARY)
+VARIABLE_OUTBOUND_DATA_ERROR              (?i:OUTBOUND_DATA_ERROR)
+VARIABLE_PATH_INFO                        (?i:PATH_INFO)
+VARIABLE_QUERY_STRING                     (?i:QUERY_STRING)
+VARIABLE_REMOTE_ADDR                      (?i:REMOTE_ADDR)
+VARIABLE_REMOTE_HOST                      (?i:REMOTE_HOST)
+VARIABLE_REMOTE_PORT                      (?i:REMOTE_PORT)
+VARIABLE_REQBODY_ERROR                    (?i:REQBODY_ERROR)
+VARIABLE_REQBODY_ERROR_MSG                (?i:REQBODY_ERROR_MSG)
+VARIABLE_REQBODY_PROCESSOR_ERROR          (?i:REQBODY_PROCESSOR_ERROR)
+VARIABLE_REQBODY_PROCESSOR_ERROR_MSG      (?i:REQBODY_PROCESSOR_ERROR_MSG)
+VARIABLE_REQBODY_PROCESSOR                (?i:REQBODY_PROCESSOR)
+VARIABLE_REQUEST_BASENAME                 (?i:REQUEST_BASENAME)
+VARIABLE_REQUEST_BODY                     (?i:REQUEST_BODY)
+VARIABLE_REQUEST_BODY_LENGTH              (?i:REQUEST_BODY_LENGTH)
+VARIABLE_REQUEST_FILE_NAME                (?i:REQUEST_FILENAME)
+VARIABLE_REQUEST_HEADERS_NAMES            (?i:REQUEST_HEADERS_NAMES)
+VARIABLE_REQUEST_LINE                     (?i:REQUEST_LINE)
+VARIABLE_REQUEST_METHOD                   (?i:REQUEST_METHOD)
+VARIABLE_REQUEST_PROTOCOL                 (?i:REQUEST_PROTOCOL)
+VARIABLE_REQUEST_URI                      (?i:REQUEST_URI)
+VARIABLE_REQUEST_URI_RAW                  (?i:REQUEST_URI_RAW)
+VARIABLE_RESOURCE                         (?i:RESOURCE)
+VARIABLE_RESPONSE_BODY                    (?i:RESPONSE_BODY)
+VARIABLE_RESPONSE_CONTENT_LENGTH          (?i:RESPONSE_CONTENT_LENGTH)
+VARIABLE_RESPONSE_CONTENT_TYPE            (?i:RESPONSE_CONTENT_TYPE)
+VARIABLE_RESPONSE_HEADERS_NAMES           (?i:RESPONSE_HEADERS_NAMES)
+VARIABLE_RESPONSE_PROTOCOL                (?i:RESPONSE_PROTOCOL)
+VARIABLE_RESPONSE_STATUS                  (?i:RESPONSE_STATUS)
+VARIABLE_SERVER_ADDR                      (?i:SERVER_ADDR)
+VARIABLE_SERVER_NAME                      (?i:SERVER_NAME)
+VARIABLE_SERVER_PORT                      (?i:SERVER_PORT)
+VARIABLE_SESSION_ID                       (?i:SESSIONID)
+VARIABLE_UNIQUE_ID                        (?i:UNIQUE_ID)
+VARIABLE_URL_ENCODED_ERROR                (?i:URLENCODED_ERROR)
+VARIABLE_USER_ID                          (?i:USERID)
+VARIABLE_WEBSERVER_ERROR_LOG              (?i:WEBSERVER_ERROR_LOG)
+VARIABLE_ARGS                             (?i:ARGS)
+VARIABLE_ARGS_POST                        (?i:ARGS_POST)
+VARIABLE_ARGS_GET                         (?i:ARGS_GET)
+VARIABLE_FILES_SIZES                      (?i:FILES_SIZES)
+VARIABLE_FILES_NAMES                      (?i:FILES_NAMES)
+VARIABLE_FILES_TMP_CONTENT                (?i:FILES_TMP_CONTENT)
+VARIABLE_MULTIPART_FILENAME               (?i:MULTIPART_FILENAME)
+VARIABLE_MULTIPART_NAME                   (?i:MULTIPART_NAME)
+VARIABLE_MATCHED_VARS_NAMES               (?i:MATCHED_VARS_NAMES)
+VARIABLE_MATCHED_VARS                     (?i:MATCHED_VARS)
+VARIABLE_FILES                            (?i:FILES)
+VARIABLE_REQUEST_COOKIES                  (?i:REQUEST_COOKIES)
+VARIABLE_REQUEST_HEADERS                  (?i:REQUEST_HEADERS)
+VARIABLE_RESPONSE_HEADERS                 (?i:RESPONSE_HEADERS)
+VARIABLE_GEO                              (?i:GEO)
+VARIABLE_REQUEST_COOKIES_NAMES            (?i:REQUEST_COOKIES_NAMES)
+VARIABLE_RULE                             (?i:RULE)
+VARIABLE_SESSION                          (?i:(SESSION))
+VARIABLE_IP                               (?i:(IP))
+VARIABLE_USER                             (?i:(USER))
+VARIABLE_STATUS                           (?i:(STATUS[^:]))
+VARIABLE_TX                               (?i:TX)
+RUN_TIME_VAR_BLD                          (?i:MODSEC_BUILD)
+RUN_TIME_VAR_DUR                          (?i:DURATION)
+RUN_TIME_VAR_ENV                          (?i:ENV)
+RUN_TIME_VAR_HSV                          (?i:HIGHEST_SEVERITY)
+RUN_TIME_VAR_REMOTE_USER                  (?i:REMOTE_USER)
+RUN_TIME_VAR_TIME                         (?i:TIME)
+RUN_TIME_VAR_TIME_DAY                     (?i:TIME_DAY)
+RUN_TIME_VAR_TIME_EPOCH                   (?i:TIME_EPOCH)
+RUN_TIME_VAR_TIME_HOUR                    (?i:TIME_HOUR)
+RUN_TIME_VAR_TIME_MIN                     (?i:TIME_MIN)
+RUN_TIME_VAR_TIME_MON                     (?i:TIME_MON)
+RUN_TIME_VAR_TIME_SEC                     (?i:TIME_SEC)
+RUN_TIME_VAR_TIME_WDAY                    (?i:TIME_WDAY)
+RUN_TIME_VAR_TIME_YEAR                    (?i:TIME_YEAR)
+RUN_TIME_VAR_XML                          (?i:XML)
+VAR_EXCLUSION                             (!)
+VAR_COUNT                                 (&)
+
+
+OPERATOR_UNCONDITIONAL_MATCH            (?i:@unconditionalMatch)
+OPERATOR_DETECT_SQLI                    (?i:@detectSQLi)
+OPERATOR_DETECT_XSS                     (?i:@detectXSS)
+OPERATOR_VALIDATE_URL_ENCODING          (?i:@validateUrlEncoding)
+OPERATOR_VALIDATE_UTF8_ENCODING         (?i:@validateUtf8Encoding)
+OPERATOR_INSPECT_FILE                   (?i:@inspectFile)
+OPERATOR_FUZZY_HASH                     (?i:@fuzzyHash)
+OPERATOR_VALIDATE_BYTE_RANGE            (?i:@validateByteRange)
+OPERATOR_VALIDATE_DTD                   (?i:@validateDTD)
+OPERATOR_VALIDATE_HASH                  (?i:@validateHash)
+OPERATOR_VALIDATE_SCHEMA                (?i:@validateSchema)
+OPERATOR_VERIFY_CC                      (?i:@verifyCC)
+OPERATOR_VERIFY_CPF                     (?i:@verifyCPF)
+OPERATOR_VERIFY_SSN                     (?i:@verifySSN)
+OPERATOR_GSB_LOOKUP                     (?i:@gsbLookup)
+OPERATOR_RSUB                           (?i:@rsub)
+OPERATOR_WITHIN                         (?i:@within)
+OPERATOR_CONTAINS_WORD                  (?i:@containsWord)
+OPERATOR_CONTAINS                       (?i:@contains)
+OPERATOR_ENDS_WITH                      (?i:@endsWith)
+OPERATOR_EQ                             (?i:@eq)
+OPERATOR_GE                             (?i:@ge)
+OPERATOR_GT                             (?i:@gt)
+OPERATOR_IP_MATCH_FROM_FILE             (?i:(@ipMatchF|@ipMatchFromFile))
+OPERATOR_IP_MATCH                       (?i:@ipMatch)
+OPERATOR_LE                             (?i:@le)
+OPERATOR_LT                             (?i:@lt)
+OPERATOR_PM_FROM_FILE                   (?i:(@pmf|@pmFromFile))
+OPERATOR_PM                             (?i:@pm)
+OPERATOR_RBL                            (?i:@rbl)
+OPERATOR_RX                             (?i:@rx)
+OPERATOR_STR_EQ                         (?i:@streq)
+OPERATOR_STR_MATCH                      (?i:@strmatch)
+OPERATOR_BEGINS_WITH                    (?i:@beginsWith)
+OPERATOR_GEOLOOKUP                      (?i:@geoLookup)
+OPERATOR_RX_CONTENT_ONLY                ([^\"]|([^\\]\\\"))+
+
+
 AUDIT_PARTS                             [ABCDEFHJKIZ]+
 COL_FREE_TEXT_SPACE_COMMA               ([^,"])+
 COL_NAME                                [A-Za-z]+
@@ -172,6 +308,7 @@ CONGIG_DIR_SEC_DATA_DIR                 (?i:SecDataDir)
 CONGIG_DIR_SEC_STATUS_ENGINE            (?i:SecStatusEngine)
 CONGIG_DIR_SEC_TMP_DIR                  (?i:SecTmpDir)
 DICT_ELEMENT                            [^ \t|]+
+DICT_ELEMENT_WITH_PIPE                  [^ \t]+
 DICT_ELEMENT_TWO                        [^\"\=]+
 DICT_ELEMENT_TWO2                        [A-Za-z_ -\%\{\.\}\-\/]+
 DIRECTIVE                               (?i:SecRule)
@@ -184,137 +321,11 @@ FREE_TEXT_SPACE_COMMA                   [^, \t]+
 FREE_TEXT_SPACE_COMMA_QUOTE             [^, \t\"\n\r]+
 FREE_TEXT_COMMA_QUOTE                   [^,\"\\n\\r]+
 NEW_LINE_FREE_TEXT                      [^, \t\"\n\r]+
-
-OPERATOR_UNCONDITIONAL_MATCH            (?i:@unconditionalMatch)
-OPERATOR_DETECT_SQLI                    (?i:@detectSQLi)
-OPERATOR_DETECT_XSS                     (?i:@detectXSS)
-OPERATOR_VALIDATE_URL_ENCODING          (?i:@validateUrlEncoding)
-OPERATOR_VALIDATE_UTF8_ENCODING         (?i:@validateUtf8Encoding)
-OPERATOR_INSPECT_FILE                   (?i:@inspectFile)
-OPERATOR_FUZZY_HASH                     (?i:@fuzzyHash)
-OPERATOR_VALIDATE_BYTE_RANGE            (?i:@validateByteRange)
-OPERATOR_VALIDATE_DTD                   (?i:@validateDTD)
-OPERATOR_VALIDATE_HASH                  (?i:@validateHash)
-OPERATOR_VALIDATE_SCHEMA                (?i:@validateSchema)
-OPERATOR_VERIFY_CC                      (?i:@verifyCC)
-OPERATOR_VERIFY_CPF                     (?i:@verifyCPF)
-OPERATOR_VERIFY_SSN                     (?i:@verifySSN)
-OPERATOR_GSB_LOOKUP                     (?i:@gsbLookup)
-OPERATOR_RSUB                           (?i:@rsub)
-OPERATOR_WITHIN                         (?i:@within)
-OPERATOR_CONTAINS_WORD                  (?i:@containsWord)
-OPERATOR_CONTAINS                       (?i:@contains)
-OPERATOR_ENDS_WITH                      (?i:@endsWith)
-OPERATOR_EQ                             (?i:@eq)
-OPERATOR_GE                             (?i:@ge)
-OPERATOR_GT                             (?i:@gt)
-OPERATOR_IP_MATCH_FROM_FILE             (?i:(@ipMatchF|@ipMatchFromFile))
-OPERATOR_IP_MATCH                       (?i:@ipMatch)
-OPERATOR_LE                             (?i:@le)
-OPERATOR_LT                             (?i:@lt)
-OPERATOR_PM_FROM_FILE                   (?i:(@pmf|@pmFromFile))
-OPERATOR_PM                             (?i:@pm)
-OPERATOR_RBL                            (?i:@rbl)
-OPERATOR_RX                             (?i:@rx)
-OPERATOR_STR_EQ                         (?i:@streq)
-OPERATOR_STR_MATCH                      (?i:@strmatch)
-OPERATOR_BEGINS_WITH                    (?i:@beginsWith)
-OPERATOR_GEOLOOKUP                      (?i:@geoLookup)
-OPERATOR_RX_CONTENT_ONLY                ([^\"]|([^\\]\\\"))+
-
-
 NOT !
 OP_QUOTE \"
-
-
 FREE_TEXT                               ([^\"]|([^\\]\\\"))+
-
 REMOVE_RULE_BY                          [0-9A-Za-z_\/\.\-\*\:\;\]\[]+
-RUN_TIME_VAR_BLD                        (?i:MODSEC_BUILD)
-RUN_TIME_VAR_DUR                        (?i:DURATION)
-RUN_TIME_VAR_ENV                        (?i:ENV)
-RUN_TIME_VAR_HSV                        (?i:HIGHEST_SEVERITY)
-RUN_TIME_VAR_REMOTE_USER                (?i:REMOTE_USER)
-RUN_TIME_VAR_RULE                       (?i:RULE)
-RUN_TIME_VAR_TIME                       (?i:TIME)
-RUN_TIME_VAR_TIME_DAY                   (?i:TIME_DAY)
-RUN_TIME_VAR_TIME_EPOCH                 (?i:TIME_EPOCH)
-RUN_TIME_VAR_TIME_HOUR                  (?i:TIME_HOUR)
-RUN_TIME_VAR_TIME_MIN                   (?i:TIME_MIN)
-RUN_TIME_VAR_TIME_MON                   (?i:TIME_MON)
-RUN_TIME_VAR_TIME_SEC                   (?i:TIME_SEC)
-RUN_TIME_VAR_TIME_WDAY                  (?i:TIME_WDAY)
-RUN_TIME_VAR_TIME_YEAR                  (?i:TIME_YEAR)
-RUN_TIME_VAR_XML                        (?i:XML)
 
-
-VARIABLE_ARGS_COMBINED_SIZE               (?i:ARGS_COMBINED_SIZE)
-VARIABLE_ARGS_GET_NAMES                   (?i:ARGS_GET_NAMES)
-VARIABLE_ARGS_NAMES                       (?i:ARGS_NAMES)
-VARIABLE_ARGS_POST_NAMES                  (?i:ARGS_POST_NAMES)
-VARIABLE_AUTH_TYPE                        (?i:AUTH_TYPE)
-VARIABLE_FILES_COMBINED_SIZE              (?i:FILES_COMBINED_SIZE)
-VARIABLE_FILES_TMP_NAMES                  (?i:FILES_TMPNAMES)
-VARIABLE_FULL_REQUEST                     (?i:FULL_REQUEST)
-VARIABLE_FULL_REQUEST_LENGTH              (?i:FULL_REQUEST_LENGTH)
-VARIABLE_GLOBAL                           (?i:GLOBAL)
-VARIABLE_INBOUND_DATA_ERROR               (?i:INBOUND_DATA_ERROR)
-VARIABLE_MATCHED_VAR                      (?i:MATCHED_VAR)
-VARIABLE_MATCHED_VAR_NAME                 (?i:MATCHED_VAR_NAME)
-VARIABLE_MULTIPART_CRLF_LF_LINES          (?i:MULTIPART_CRLF_LF_LINES)
-VARIABLE_MULTIPART_DATA_AFTER             (?i:MULTIPART_DATA_AFTER)
-VARIABLE_MULTIPART_FILE_LIMIT_EXCEEDED    (?i:MULTIPART_FILE_LIMIT_EXCEEDED)
-VARIABLE_MULTIPART_HEADER_FOLDING         (?i:MULTIPART_HEADER_FOLDING)
-VARIABLE_MULTIPART_INVALID_HEADER_FOLDING (?i:MULTIPART_INVALID_HEADER_FOLDING)
-VARIABLE_MULTIPART_INVALID_QUOTING        (?i:MULTIPART_INVALID_QUOTING)
-VARIABLE_MULTIPART_STRICT_ERROR           (?i:MULTIPART_STRICT_ERROR)
-VARIABLE_MULTIPART_UNMATCHED_BOUNDARY     (?i:MULTIPART_UNMATCHED_BOUNDARY)
-VARIABLE_OUTBOUND_DATA_ERROR              (?i:OUTBOUND_DATA_ERROR)
-VARIABLE_PATH_INFO                        (?i:PATH_INFO)
-VARIABLE_QUERY_STRING                     (?i:QUERY_STRING)
-VARIABLE_REMOTE_ADDR                      (?i:REMOTE_ADDR)
-VARIABLE_REMOTE_HOST                      (?i:REMOTE_HOST)
-VARIABLE_REMOTE_PORT                      (?i:REMOTE_PORT)
-VARIABLE_REQBODY_ERROR                    (?i:REQBODY_ERROR)
-VARIABLE_REQBODY_ERROR_MSG                (?i:REQBODY_ERROR_MSG)
-VARIABLE_REQBODY_PROCESSOR_ERROR          (?i:REQBODY_PROCESSOR_ERROR)
-VARIABLE_REQBODY_PROCESSOR_ERROR_MSG      (?i:REQBODY_PROCESSOR_ERROR_MSG)
-VARIABLE_REQBODY_PROCESSOR                (?i:REQBODY_PROCESSOR)
-VARIABLE_REQUEST_BASENAME                 (?i:REQUEST_BASENAME)
-VARIABLE_REQUEST_BODY                     (?i:REQUEST_BODY)
-VARIABLE_REQUEST_BODY_LENGTH              (?i:REQUEST_BODY_LENGTH)
-VARIABLE_REQUEST_FILE_NAME                (?i:REQUEST_FILENAME)
-VARIABLE_REQUEST_HEADERS_NAMES            (?i:REQUEST_HEADERS_NAMES)
-VARIABLE_REQUEST_LINE                     (?i:REQUEST_LINE)
-VARIABLE_REQUEST_METHOD                   (?i:REQUEST_METHOD)
-VARIABLE_REQUEST_PROTOCOL                 (?i:REQUEST_PROTOCOL)
-VARIABLE_REQUEST_URI                      (?i:REQUEST_URI)
-VARIABLE_REQUEST_URI_RAW                  (?i:REQUEST_URI_RAW)
-VARIABLE_RESOURCE                         (?i:RESOURCE)
-VARIABLE_RESPONSE_BODY                    (?i:RESPONSE_BODY)
-VARIABLE_RESPONSE_CONTENT_LENGTH          (?i:RESPONSE_CONTENT_LENGTH)
-VARIABLE_RESPONSE_CONTENT_TYPE            (?i:RESPONSE_CONTENT_TYPE)
-VARIABLE_RESPONSE_HEADERS_NAMES           (?i:RESPONSE_HEADERS_NAMES)
-VARIABLE_RESPONSE_PROTOCOL                (?i:RESPONSE_PROTOCOL)
-VARIABLE_RESPONSE_STATUS                  (?i:RESPONSE_STATUS)
-VARIABLE_SERVER_ADDR                      (?i:SERVER_ADDR)
-VARIABLE_SERVER_NAME                      (?i:SERVER_NAME)
-VARIABLE_SERVER_PORT                      (?i:SERVER_PORT)
-VARIABLE_SESSION_ID                       (?i:SESSIONID)
-VARIABLE_UNIQUE_ID                        (?i:UNIQUE_ID)
-VARIABLE_URL_ENCODED_ERROR                (?i:URLENCODED_ERROR)
-VARIABLE_USER_ID                          (?i:USERID)
-VARIABLE_WEBSERVER_ERROR_LOG              (?i:WEBSERVER_ERROR_LOG)
-
-
-VARIABLE_ARGS                           (?i:ARGS)
-VARIABLE_COL                            (?i:(ARGS_POST|ARGS_GET|FILES_SIZES|FILES_NAMES|FILES_TMP_CONTENT|MULTIPART_FILENAME|MULTIPART_NAME|MATCHED_VARS_NAMES|MATCHED_VARS|FILES|REQUEST_COOKIES|REQUEST_HEADERS|RESPONSE_HEADERS|GEO|REQUEST_COOKIES_NAMES))
-VARIABLE_SESSION                        (?i:(SESSION))
-VARIABLE_IP                             (?i:(IP))
-VARIABLE_USER                           (?i:(USER))
-
-VARIABLE_STATUS                         (?i:(STATUS[^:]))
-VARIABLE_TX                             (?i:TX)
 VAR_FREE_TEXT_QUOTE                     ([^\']|([^\\]\\\'))+
 VAR_FREE_TEXT_SPACE                     [^ \t\"]+
 VAR_FREE_TEXT_SPACE_COMMA               [^, \t\"]+
@@ -613,69 +624,12 @@ EQUALS_MINUS                            (?i:=\-)
 
 
 <EXPECTING_VARIABLE>{
-
-[!&]?{RUN_TIME_VAR_BLD}                                                 { return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
-[!&]?{RUN_TIME_VAR_DUR}                                                 { return p::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
-[!&]?{RUN_TIME_VAR_ENV}(\:[\']{FREE_TEXT_QUOTE}[\'])?                   { return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
-[!&]?{RUN_TIME_VAR_ENV}(\:{DICT_ELEMENT})?                              { return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
-[!&]?{RUN_TIME_VAR_HSV}                                                 { return p::make_RUN_TIME_VAR_HSV(yytext, *driver.loc.back()); }
-[!&]?{RUN_TIME_VAR_REMOTE_USER}                                         { return p::make_RUN_TIME_VAR_REMOTE_USER(yytext, *driver.loc.back()); }
-[!&]?{RUN_TIME_VAR_RULE}(\:[\']{FREE_TEXT_QUOTE}[\'])?                  { return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
-[!&]?{RUN_TIME_VAR_RULE}(\:{DICT_ELEMENT})?                             { return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
-[!&]?{RUN_TIME_VAR_TIME_DAY}                                            { return p::make_RUN_TIME_VAR_TIME_DAY(yytext, *driver.loc.back()); }
-[!&]?{RUN_TIME_VAR_TIME_EPOCH}                                          { return p::make_RUN_TIME_VAR_TIME_EPOCH(yytext, *driver.loc.back()); }
-[!&]?{RUN_TIME_VAR_TIME_HOUR}                                           { return p::make_RUN_TIME_VAR_TIME_HOUR(yytext, *driver.loc.back()); }
-[!&]?{RUN_TIME_VAR_TIME_MIN}                                            { return p::make_RUN_TIME_VAR_TIME_MIN(yytext, *driver.loc.back()); }
-[!&]?{RUN_TIME_VAR_TIME_MON}                                            { return p::make_RUN_TIME_VAR_TIME_MON(yytext, *driver.loc.back()); }
-[!&]?{RUN_TIME_VAR_TIME_SEC}                                            { return p::make_RUN_TIME_VAR_TIME_SEC(yytext, *driver.loc.back()); }
-[!&]?{RUN_TIME_VAR_TIME_YEAR}                                           { return p::make_RUN_TIME_VAR_TIME_YEAR(yytext, *driver.loc.back()); }
-[!&]?{RUN_TIME_VAR_TIME}                                                { return p::make_RUN_TIME_VAR_TIME(yytext, *driver.loc.back()); }
-[!&]?{RUN_TIME_VAR_XML}(\:[\']{FREE_TEXT_QUOTE}[\'])?                   { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
-[!&]?{RUN_TIME_VAR_XML}(\:{DICT_ELEMENT})?                              { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
-[!&]?{VARIABLE_COL}(\:[\']{FREE_TEXT_QUOTE}[\'])?                       { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-[!&]?{VARIABLE_COL}(\:{DICT_ELEMENT})?                                  { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-[!&]?{VARIABLE_GLOBAL}(\:[\']{FREE_TEXT_QUOTE}[\'])?                       { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-[!&]?{VARIABLE_GLOBAL}(\:{DICT_ELEMENT})?                                  { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-[!&]?{VARIABLE_SESSION}(\:[\']{FREE_TEXT_QUOTE}[\'])?                       { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-[!&]?{VARIABLE_SESSION}(\:{DICT_ELEMENT})?                                  { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-[!&]?{VARIABLE_IP}(\:[\']{FREE_TEXT_QUOTE}[\'])?                       { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-[!&]?{VARIABLE_IP}(\:{DICT_ELEMENT})?                                  { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-[!&]?{VARIABLE_USER}(\:[\']{FREE_TEXT_QUOTE}[\'])?                       { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-[!&]?{VARIABLE_USER}(\:{DICT_ELEMENT})?                                  { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-[!&]?{VARIABLE_STATUS}                                                  { return p::make_VARIABLE_STATUS(yytext, *driver.loc.back()); }
-[!&]?{VARIABLE_TX}(\:[\']{FREE_TEXT_QUOTE}[\'])?                        { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
-[!&]?{VARIABLE_TX}(\:{DICT_ELEMENT})?                                   { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
-[!&]?{VARIABLE_WEBSERVER_ERROR_LOG}                                     { driver.error (*driver.loc.back(), "Variable VARIABLE_WEBSERVER_ERROR_LOG is not supported by libModSecurity", ""); throw p::syntax_error(*driver.loc.back(), "");}
-["][!&]?{RUN_TIME_VAR_BLD}["]                                           { return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
-["][!&]?{RUN_TIME_VAR_DUR}["]                                           { return p::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
-["][!&]?{RUN_TIME_VAR_ENV}(\:\'{FREE_TEXT_QUOTE}[\'])?["]               { return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
-["][!&]?{RUN_TIME_VAR_ENV}(\:{DICT_ELEMENT})?["]                        { return p::make_RUN_TIME_VAR_ENV(yytext, *driver.loc.back()); }
-["][!&]?{RUN_TIME_VAR_HSV}["]                                           { return p::make_RUN_TIME_VAR_HSV(yytext, *driver.loc.back()); }
-["][!&]?{RUN_TIME_VAR_RULE}(\:[\']{FREE_TEXT_QUOTE}[\'])?["]            { return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
-["][!&]?{RUN_TIME_VAR_RULE}(\:{DICT_ELEMENT})?                          { return p::make_RUN_TIME_VAR_RULE(yytext, *driver.loc.back()); }
-["][!&]?{RUN_TIME_VAR_XML}(\:[\']{FREE_TEXT_QUOTE}[\'])?["]             { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
-["][!&]?{RUN_TIME_VAR_XML}(\:{DICT_ELEMENT})?                           { return p::make_RUN_TIME_VAR_XML(yytext, *driver.loc.back()); }
-["][!&]?{VARIABLE_COL}(\:[\']{FREE_TEXT_QUOTE}[\'])?["]                 { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-["][!&]?{VARIABLE_COL}(\:{DICT_ELEMENT})?                               { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-["][!&]?{VARIABLE_GLOBAL}(\:[\']{FREE_TEXT_QUOTE}[\'])?["]                 { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-["][!&]?{VARIABLE_GLOBAL}(\:{DICT_ELEMENT})?                               { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-["][!&]?{VARIABLE_SESSION}(\:[\']{FREE_TEXT_QUOTE}[\'])?["]                 { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-["][!&]?{VARIABLE_SESSION}(\:{DICT_ELEMENT})?                               { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-["][!&]?{VARIABLE_IP}(\:[\']{FREE_TEXT_QUOTE}[\'])?["]                 { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-["][!&]?{VARIABLE_IP}(\:{DICT_ELEMENT})?                               { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-["][!&]?{VARIABLE_USER}(\:[\']{FREE_TEXT_QUOTE}[\'])?["]                 { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-["][!&]?{VARIABLE_USER}(\:{DICT_ELEMENT})?                               { return p::make_VARIABLE_COL(yytext, *driver.loc.back()); }
-["][!&]?{VARIABLE_TX}(\:[\']{FREE_TEXT_QUOTE}[\'])?["]                  { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
-["][!&]?{VARIABLE_TX}(\:{DICT_ELEMENT})?["]                             { return p::make_VARIABLE_TX(yytext, *driver.loc.back()); }
-[&]?{RUN_TIME_VAR_TIME_WDAY}                                            { return p::make_RUN_TIME_VAR_TIME_WDAY(yytext, *driver.loc.back()); }
-
 {VARIABLE_ARGS_COMBINED_SIZE}               { return p::make_VARIABLE_ARGS_COMBINED_SIZE(*driver.loc.back()); }
 {VARIABLE_ARGS_GET_NAMES}                   { return p::make_VARIABLE_ARGS_GET_NAMES(*driver.loc.back()); }
 {VARIABLE_ARGS_NAMES}                       { return p::make_VARIABLE_ARGS_NAMES(*driver.loc.back()); }
 {VARIABLE_ARGS_POST_NAMES}                  { return p::make_VARIABLE_ARGS_POST_NAMES(*driver.loc.back()); }
 {VARIABLE_AUTH_TYPE}                        { return p::make_VARIABLE_AUTH_TYPE(*driver.loc.back()); }
 {VARIABLE_FILES_COMBINED_SIZE}              { return p::make_VARIABLE_FILES_COMBINED_SIZE(*driver.loc.back()); }
-{VARIABLE_FILES_TMP_NAMES}                  { return p::make_VARIABLE_FILES_TMP_NAMES(*driver.loc.back()); }
 {VARIABLE_FULL_REQUEST_LENGTH}              { return p::make_VARIABLE_FULL_REQUEST_LENGTH(*driver.loc.back()); }
 {VARIABLE_FULL_REQUEST}                     { return p::make_VARIABLE_FULL_REQUEST(*driver.loc.back()); }
 {VARIABLE_INBOUND_DATA_ERROR}               { return p::make_VARIABLE_INBOUND_DATA_ERROR(*driver.loc.back()); }
@@ -724,15 +678,88 @@ EQUALS_MINUS                            (?i:=\-)
 {VARIABLE_UNIQUE_ID}                        { return p::make_VARIABLE_UNIQUE_ID(*driver.loc.back()); }
 {VARIABLE_URL_ENCODED_ERROR}                { return p::make_VARIABLE_URL_ENCODED_ERROR(*driver.loc.back()); }
 {VARIABLE_USER_ID}                          { return p::make_VARIABLE_USER_ID(*driver.loc.back()); }
-
 {VARIABLE_ARGS}                             { return p::make_VARIABLE_ARGS(*driver.loc.back()); }
 {VARIABLE_ARGS}[:]                          { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS(*driver.loc.back()); }
+{VARIABLE_ARGS_GET}                         { return p::make_VARIABLE_ARGS_GET(*driver.loc.back()); }
+{VARIABLE_ARGS_GET}[:]                      { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS_GET(*driver.loc.back()); }
+{VARIABLE_ARGS_POST}                        { return p::make_VARIABLE_ARGS_POST(*driver.loc.back()); }
+{VARIABLE_ARGS_POST}[:]                     { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS_POST(*driver.loc.back()); }
+{VARIABLE_FILES_SIZES}                      { return p::make_VARIABLE_FILES_SIZES(*driver.loc.back()); }
+{VARIABLE_FILES_SIZES}[:]                   { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_FILES_SIZES(*driver.loc.back()); }
+{VARIABLE_FILES_NAMES}                      { return p::make_VARIABLE_FILES_NAMES(*driver.loc.back()); }
+{VARIABLE_FILES_NAMES}[:]                   { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_FILES_NAMES(*driver.loc.back()); }
+{VARIABLE_FILES_TMP_CONTENT}                { return p::make_VARIABLE_FILES_TMP_CONTENT(*driver.loc.back()); }
+{VARIABLE_FILES_TMP_CONTENT}[:]             { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_FILES_TMP_CONTENT(*driver.loc.back()); }
+{VARIABLE_MULTIPART_FILENAME}               { return p::make_VARIABLE_MULTIPART_FILENAME(*driver.loc.back()); }
+{VARIABLE_MULTIPART_FILENAME}[:]            { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_MULTIPART_FILENAME(*driver.loc.back()); }
+{VARIABLE_MULTIPART_NAME}                   { return p::make_VARIABLE_MULTIPART_NAME(*driver.loc.back()); }
+{VARIABLE_MULTIPART_NAME}[:]                { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_MULTIPART_NAME(*driver.loc.back()); }
+{VARIABLE_MATCHED_VARS_NAMES}               { return p::make_VARIABLE_MATCHED_VARS_NAMES(*driver.loc.back()); }
+{VARIABLE_MATCHED_VARS_NAMES}[:]            { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_MATCHED_VARS_NAMES(*driver.loc.back()); }
+{VARIABLE_MATCHED_VARS}                     { return p::make_VARIABLE_MATCHED_VARS(*driver.loc.back()); }
+{VARIABLE_MATCHED_VARS}[:]                  { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_MATCHED_VARS(*driver.loc.back()); }
+{VARIABLE_FILES}                            { return p::make_VARIABLE_FILES(*driver.loc.back()); }
+{VARIABLE_FILES}[:]                         { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_FILES(*driver.loc.back()); }
+{VARIABLE_REQUEST_COOKIES}                  { return p::make_VARIABLE_REQUEST_COOKIES(*driver.loc.back()); }
+{VARIABLE_REQUEST_COOKIES}[:]               { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_REQUEST_COOKIES(*driver.loc.back()); }
+{VARIABLE_REQUEST_HEADERS}                  { return p::make_VARIABLE_REQUEST_HEADERS(*driver.loc.back()); }
+{VARIABLE_REQUEST_HEADERS}[:]               { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_REQUEST_HEADERS(*driver.loc.back()); }
+{VARIABLE_RESPONSE_HEADERS}                 { return p::make_VARIABLE_RESPONSE_HEADERS(*driver.loc.back()); }
+{VARIABLE_RESPONSE_HEADERS}[:]              { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_RESPONSE_HEADERS(*driver.loc.back()); }
+{VARIABLE_GEO}                              { return p::make_VARIABLE_GEO(*driver.loc.back()); }
+{VARIABLE_GEO}[:]                           { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_GEO(*driver.loc.back()); }
+{VARIABLE_REQUEST_COOKIES_NAMES}            { return p::make_VARIABLE_REQUEST_COOKIES_NAMES(*driver.loc.back()); }
+{VARIABLE_REQUEST_COOKIES_NAMES}[:]         { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_REQUEST_COOKIES_NAMES(*driver.loc.back()); }
+{VARIABLE_RULE}                             { return p::make_VARIABLE_RULE(*driver.loc.back()); }
+{VARIABLE_RULE}[:]                          { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_RULE(*driver.loc.back()); }
+{VARIABLE_FILES_TMP_NAMES}                  { return p::make_VARIABLE_FILES_TMP_NAMES(*driver.loc.back()); }
+{VARIABLE_FILES_TMP_NAMES}[:]               { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_FILES_TMP_NAMES(*driver.loc.back()); }
+{RUN_TIME_VAR_XML}                          { return p::make_RUN_TIME_VAR_XML(*driver.loc.back()); }
+{RUN_TIME_VAR_XML}[:]                       { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_RUN_TIME_VAR_XML(*driver.loc.back()); }
+{RUN_TIME_VAR_ENV}                          { return p::make_RUN_TIME_VAR_ENV(*driver.loc.back()); }
+{RUN_TIME_VAR_ENV}[:]                       { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_RUN_TIME_VAR_ENV(*driver.loc.back()); }
+
+
+{VARIABLE_IP}                               { return p::make_VARIABLE_IP(*driver.loc.back()); }
+{VARIABLE_IP}[:]                            { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_IP(*driver.loc.back()); }
+{VARIABLE_GLOBAL}                           { return p::make_VARIABLE_GLOBAL(*driver.loc.back()); }
+{VARIABLE_GLOBAL}[:]                        { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_GLOBAL(*driver.loc.back()); }
+{VARIABLE_SESSION}                          { return p::make_VARIABLE_SESSION(*driver.loc.back()); }
+{VARIABLE_SESSION}[:]                       { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_SESSION(*driver.loc.back()); }
+{VARIABLE_USER}                             { return p::make_VARIABLE_USER(*driver.loc.back()); }
+{VARIABLE_USER}[:]                          { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_USER(*driver.loc.back()); }
+{VARIABLE_TX}                               { return p::make_VARIABLE_TX(*driver.loc.back()); }
+{VARIABLE_TX}[:]                            { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_TX(*driver.loc.back()); }
+
+
+{RUN_TIME_VAR_BLD}                          { return p::make_RUN_TIME_VAR_BLD(yytext, *driver.loc.back()); }
+{RUN_TIME_VAR_DUR}                          { return p::make_RUN_TIME_VAR_DUR(yytext, *driver.loc.back()); }
+{RUN_TIME_VAR_HSV}                          { return p::make_RUN_TIME_VAR_HSV(yytext, *driver.loc.back()); }
+{RUN_TIME_VAR_REMOTE_USER}                  { return p::make_RUN_TIME_VAR_REMOTE_USER(yytext, *driver.loc.back()); }
+{RUN_TIME_VAR_TIME_DAY}                     { return p::make_RUN_TIME_VAR_TIME_DAY(yytext, *driver.loc.back()); }
+{RUN_TIME_VAR_TIME_EPOCH}                   { return p::make_RUN_TIME_VAR_TIME_EPOCH(yytext, *driver.loc.back()); }
+{RUN_TIME_VAR_TIME_HOUR}                    { return p::make_RUN_TIME_VAR_TIME_HOUR(yytext, *driver.loc.back()); }
+{RUN_TIME_VAR_TIME_MIN}                     { return p::make_RUN_TIME_VAR_TIME_MIN(yytext, *driver.loc.back()); }
+{RUN_TIME_VAR_TIME_MON}                     { return p::make_RUN_TIME_VAR_TIME_MON(yytext, *driver.loc.back()); }
+{RUN_TIME_VAR_TIME_SEC}                     { return p::make_RUN_TIME_VAR_TIME_SEC(yytext, *driver.loc.back()); }
+{RUN_TIME_VAR_TIME_YEAR}                    { return p::make_RUN_TIME_VAR_TIME_YEAR(yytext, *driver.loc.back()); }
+{RUN_TIME_VAR_TIME}                         { return p::make_RUN_TIME_VAR_TIME(yytext, *driver.loc.back()); }
+{RUN_TIME_VAR_TIME_WDAY}                    { return p::make_RUN_TIME_VAR_TIME_WDAY(yytext, *driver.loc.back()); }
+
+
+{VARIABLE_WEBSERVER_ERROR_LOG}              { driver.error (*driver.loc.back(), "Variable VARIABLE_WEBSERVER_ERROR_LOG is not supported by libModSecurity", ""); throw p::syntax_error(*driver.loc.back(), "");}
+{VARIABLE_STATUS}                           { return p::make_VARIABLE_STATUS(*driver.loc.back()); }
+
+
+{VAR_EXCLUSION}                             { return p::make_VAR_EXCLUSION(*driver.loc.back()); }
+{VAR_COUNT}                                 { return p::make_VAR_COUNT(*driver.loc.back()); }
 }
 
 
 <EXPECTING_VAR_PARAMETER>{
-[\/]{DICT_ELEMENT}[\/]                        { BEGIN(EXPECTING_VARIABLE); return p::make_DICT_ELEMENT_REGEXP(yytext, *driver.loc.back()); }
+[\/]{DICT_ELEMENT_WITH_PIPE}[\/]              { BEGIN(EXPECTING_VARIABLE); return p::make_DICT_ELEMENT_REGEXP(std::string(yytext, 1, yyleng-2), *driver.loc.back()); }
 {DICT_ELEMENT}                                { BEGIN(EXPECTING_VARIABLE); return p::make_DICT_ELEMENT(yytext, *driver.loc.back()); }
+[|]                                           { }
 .                                             { BEGIN(LEXING_ERROR_ACTION); yyless(0); }
 }
 
diff --git a/src/request_body_processor/multipart.cc b/src/request_body_processor/multipart.cc
index 83c0efbe..d46fb6ed 100644
--- a/src/request_body_processor/multipart.cc
+++ b/src/request_body_processor/multipart.cc
@@ -342,8 +342,9 @@ int Multipart::parse_content_disposition(const char *c_d_value) {
         if (name == "name") {
             validate_quotes(value.c_str());
 
-            m_transaction->m_collections.storeOrUpdateFirst("MULTIPART_NAME",
-                value);
+            m_transaction->m_variableMultiPartName.set(value, value, 0);
+            //m_transaction->m_collections.storeOrUpdateFirst("MULTIPART_NAME",
+            //    value);
 
             if (!m_mpp->m_name.empty()) {
                 debug(4, "Multipart: Warning: Duplicate Content-Disposition " \
@@ -354,8 +355,7 @@ int Multipart::parse_content_disposition(const char *c_d_value) {
             debug(9, "Multipart: Content-Disposition name: " + value + ".");
         } else if (name == "filename") {
             validate_quotes(value.c_str());
-            collection::Collections *c = &m_transaction->m_collections;
-            c->storeOrUpdateFirst("MULTIPART_FILENAME", value);
+            m_transaction->m_variableMultiPartFileName.set(value, value, 0);
 
             if (!m_mpp->m_filename.empty()) {
                 debug(4, "Multipart: Warning: Duplicate Content-Disposition " \
@@ -998,24 +998,25 @@ int Multipart::multipart_complete(std::string *error) {
             if (!m->m_filename.empty()) {
                 name.assign(m->m_filename);
             }
-            m_transaction->m_collections.store("FILES:" + m->m_filename,
-                m->m_filename);
-            m_transaction->m_collections.store("FILES_NAMES:" + m->m_name,
-                m->m_name);
-            m_transaction->m_collections.store("FILES_SIZES:" + m->m_name,
-                std::to_string(m->m_tmp_file_size));
-            m_transaction->m_collections.store("FILES_TMP_CONTENT:" \
-                + m->m_name, m->m_value);
-            m_transaction->m_collections.store("FILES_TMPNAMES:" \
-                + m->m_filename, tmp_name);
+            m_transaction->m_variableFiles.set(m->m_filename,
+                m->m_filename, 0);
+            m_transaction->m_variableFilesNames.set(m->m_name,
+                m->m_name, 0);
+            m_transaction->m_variableFilesSizes.set(m->m_name,
+                std::to_string(m->m_tmp_file_size), 0);
+            m_transaction->m_variableFilesTmpContent.set(m->m_name,
+               m->m_value, 0);
+            m_transaction->m_variableFilesTmpContent.set(m->m_name,
+               m->m_value, 0);
+            m_transaction->m_variableFilesTmpNames.set(m->m_name,
+               m->m_value, 0);
             file_combined_size = file_combined_size + m->m_tmp_file_size;
         } else {
             debug(4, "Adding request argument (BODY): name \"" +
                 m->m_name + "\", value \"" + m->m_value + "\"");
             m_transaction->m_variableArgs.set(m->m_name, m->m_value,
                 m_transaction->m_variableOffset);
-            m_transaction->m_collections.store("ARGS_POST:" + m->m_name,
-                m->m_value);
+            m_transaction->m_variableArgsPost.set(m->m_name, m->m_value, 0);
         }
 #if 0
         if (m_transaction->m_namesArgs->empty()) {
@@ -1031,7 +1032,7 @@ int Multipart::multipart_complete(std::string *error) {
         }
 
         m_transaction->m_ARGScombinedSize = \
-            m_transaction->->m_ARGScombinedSize + \
+            m_transaction->m_ARGScombinedSize + \
             m->m_name.length() + m->m_value.length();
         m_transaction->m_ARGScombinedSizeStr->assign(
             std::to_string(m_transaction->->m_ARGScombinedSize));
diff --git a/src/rule.cc b/src/rule.cc
index ab92e8d6..8d598728 100644
--- a/src/rule.cc
+++ b/src/rule.cc
@@ -29,7 +29,6 @@
 #include "modsecurity/modsecurity.h"
 #include "src/actions/transformations/none.h"
 #include "src/actions/tag.h"
-#include "src/variables/variations/exclusion.h"
 #include "src/utils/string.h"
 #include "modsecurity/rules.h"
 #include "modsecurity/rule_message.h"
@@ -37,10 +36,9 @@
 #include "src/actions/msg.h"
 #include "src/actions/log_data.h"
 #include "src/actions/severity.h"
+#include "src/variables/variable.h"
 
 
-using modsecurity::Variables::Variations::Exclusion;
-
 namespace modsecurity {
 
 using operators::Operator;
@@ -48,74 +46,55 @@ using actions::Action;
 using Variables::Variable;
 using actions::transformations::None;
 
-Rule::~Rule() {
-    if (op != NULL) {
-        delete op;
-    }
-    while (m_actionsConf.empty() == false) {
-        auto *a = m_actionsConf.back();
-        m_actionsConf.pop_back();
-        delete a;
-    }
-    while (m_actionsRuntimePre.empty() == false) {
-        auto *a = m_actionsRuntimePre.back();
-        m_actionsRuntimePre.pop_back();
-        delete a;
-    }
-    while (m_actionsRuntimePos.empty() == false) {
-        auto *a = m_actionsRuntimePos.back();
-        m_actionsRuntimePos.pop_back();
-        delete a;
-    }
-    while (variables != NULL && variables->empty() == false) {
-        auto *a = variables->back();
-        variables->pop_back();
-        delete a;
-    }
-
-    if (variables != NULL) {
-        delete variables;
-    }
-
-    if (chainedRule != NULL) {
-        delete chainedRule;
-    }
-}
 
 Rule::Rule(std::string marker)
-    : chained(false),
-    chainedRule(NULL),
-    variables(NULL),
-    op(NULL),
-    rule_id(0),
-    phase(-1),
-    m_accuracy(0),
-    m_unconditional(false),
-    m_secmarker(true),
+    : m_accuracy(0),
+    m_actionsConf(),
+    m_actionsRuntimePos(),
+    m_actionsRuntimePre(),
+    m_chained(false),
+    m_chainedRule(NULL),
+    m_fileName(""),
+    m_lineNumber(0),
+    m_logData(""),
     m_marker(marker),
     m_maturity(0),
-    m_referenceCount(1),
-    m_fileName(""),
-    m_lineNumber(0) { }
+    m_op(NULL),
+    m_phase(-1),
+    m_rev(""),
+    m_ruleId(0),
+    m_secMarker(true),
+    m_variables(NULL),
+    m_ver(""),
+    m_unconditional(false),
+    m_referenceCount(1) { }
+
 
 Rule::Rule(Operator *_op,
         std::vector<Variable *> *_variables,
         std::vector<Action *> *actions,
         std::string fileName,
-        int lineNumber): chained(false),
-    chainedRule(NULL),
-    variables(_variables),
-    op(_op),
-    rule_id(0),
-    phase(-1),
-    m_accuracy(0),
-    m_unconditional(false),
-    m_secmarker(false),
+        int lineNumber)
+    : m_accuracy(0),
+    m_actionsConf(),
+    m_actionsRuntimePos(),
+    m_actionsRuntimePre(),
+    m_chained(false),
+    m_chainedRule(NULL),
+    m_fileName(fileName),
+    m_lineNumber(lineNumber),
+    m_logData(""),
     m_marker(""),
     m_maturity(0),
-    m_referenceCount(1),
-    m_fileName(fileName),
-    m_lineNumber(lineNumber) {
+    m_op(_op),
+    m_phase(-1),
+    m_rev(""),
+    m_ruleId(0),
+    m_secMarker(false),
+    m_variables(_variables),
+    m_ver(""),
+    m_unconditional(false),
+    m_referenceCount(1) {
     if (actions != NULL) {
         for (Action *a : *actions) {
             if (a->action_kind == Action::ConfigurationKind) {
@@ -137,11 +116,11 @@ Rule::Rule(Operator *_op,
      * If phase is not entered, we assume phase 2. For historical reasons.
      *
      */
-    if (phase == -1) {
-        phase = modsecurity::Phases::RequestHeadersPhase;
+    if (m_phase == -1) {
+        m_phase = modsecurity::Phases::RequestHeadersPhase;
     }
 
-    if (op == NULL) {
+    if (m_op == NULL) {
         m_unconditional = true;
     }
 
@@ -149,6 +128,41 @@ Rule::Rule(Operator *_op,
 }
 
 
+Rule::~Rule() {
+    if (m_op != NULL) {
+        delete m_op;
+    }
+    while (m_actionsConf.empty() == false) {
+        auto *a = m_actionsConf.back();
+        m_actionsConf.pop_back();
+        delete a;
+    }
+    while (m_actionsRuntimePre.empty() == false) {
+        auto *a = m_actionsRuntimePre.back();
+        m_actionsRuntimePre.pop_back();
+        delete a;
+    }
+    while (m_actionsRuntimePos.empty() == false) {
+        auto *a = m_actionsRuntimePos.back();
+        m_actionsRuntimePos.pop_back();
+        delete a;
+    }
+    while (m_variables != NULL && m_variables->empty() == false) {
+        auto *a = m_variables->back();
+        m_variables->pop_back();
+        delete a;
+    }
+
+    if (m_variables != NULL) {
+        delete m_variables;
+    }
+
+    if (m_chainedRule != NULL) {
+        delete m_chainedRule;
+    }
+}
+
+
 std::vector<std::string> Rule::getActionNames() {
     std::vector<std::string> a;
     for (auto &z : this->m_actionsRuntimePos) {
@@ -175,55 +189,53 @@ void Rule::updateMatchedVars(Transaction *trasn, std::string key,
     trasn->debug(4, "Matched vars updated.");
     trasn->m_variableMatchedVar.set(value, trasn->m_variableOffset);
     trasn->m_variableMatchedVarName.set(key, trasn->m_variableOffset);
-    trasn->m_collections.store("MATCHED_VARS:" + key, value);
-    trasn->m_collections.store("MATCHED_VARS_NAMES:" + key, key);
+
+    trasn->m_variableMatchedVars.set(key, value, trasn->m_variableOffset);
+    trasn->m_variableMatchedVarsNames.set(key, key, trasn->m_variableOffset);
 }
 
 
 void Rule::cleanMatchedVars(Transaction *trasn) {
     trasn->debug(4, "Matched vars cleaned.");
-    trasn->m_variableMatchedVar.set("", trasn->m_variableOffset);
-    trasn->m_variableMatchedVarName.set("", trasn->m_variableOffset);
-    trasn->m_collections.del("MATCHED_VARS_NAME");
-    trasn->m_collections.del("MATCHED_VARS");
-    trasn->m_collections.del("MATCHED_VARS_NAMES");
+    trasn->m_variableMatchedVar.unset();
+    trasn->m_variableMatchedVars.unset();
+    trasn->m_variableMatchedVarName.unset();
+    trasn->m_variableMatchedVarsNames.unset();
 }
 
 
 void Rule::updateRulesVariable(Transaction *trasn) {
-    if (rule_id != 0) {
-        trasn->m_collections.storeOrUpdateFirst("RULE:id",
-            std::to_string(rule_id));
+    if (m_ruleId != 0) {
+        trasn->m_variableRule.set("id", std::to_string(m_ruleId), 0);
     }
     if (m_rev.empty() == false) {
-        trasn->m_collections.storeOrUpdateFirst("RULE:rev", m_rev);
+        trasn->m_variableRule.set("rev", m_rev, 0);
     }
     if (getActionsByName("msg").size() > 0) {
         actions::Msg *msg = dynamic_cast<actions::Msg*>(
             getActionsByName("msg")[0]);
-        trasn->m_collections.storeOrUpdateFirst("RULE:msg", msg->data(trasn));
+        trasn->m_variableRule.set("msg", msg->data(trasn), 0);
     }
     if (getActionsByName("logdata").size() > 0) {
         actions::LogData *data = dynamic_cast<actions::LogData*>(
             getActionsByName("logdata")[0]);
-        trasn->m_collections.storeOrUpdateFirst("RULE:logdata",
-            data->data(trasn));
+        trasn->m_variableRule.set("logdata", data->data(trasn), 0);
     }
     if (getActionsByName("severity").size() > 0) {
         actions::Severity *data = dynamic_cast<actions::Severity*>(
             getActionsByName("severity")[0]);
-        trasn->m_collections.storeOrUpdateFirst("RULE:severity",
-            std::to_string(data->m_severity));
+        trasn->m_variableRule.set("severity",
+            std::to_string(data->m_severity), 0);
     }
 }
 
 
 std::string Rule::resolveMatchMessage(std::string key, std::string value) {
-    std::string ret = this->op->m_match_message;
+    std::string ret = this->m_op->m_match_message;
 
     if (ret.empty() == true) {
-        ret = "Matched \"Operator `" + this->op->m_op + "' with parameter `" +
-            utils::string::limitTo(200, this->op->m_param) +
+        ret = "Matched \"Operator `" + this->m_op->m_op + "' with parameter `" +
+            utils::string::limitTo(200, this->m_op->m_param) +
             "' against variable `" + key + "' (Value: `" +
             utils::string::limitTo(100, utils::string::toHexIfNeeded(value)) +
             "' ) \" at " + key;
@@ -268,7 +280,7 @@ bool Rule::executeOperatorAt(Transaction *trasn, std::string key,
             utils::string::toHexIfNeeded(value)) \
             + "\" (Variable: " + key + ")");
 
-    ret = this->op->evaluateInternal(trasn, this, value, ruleMessage);
+    ret = this->m_op->evaluateInternal(trasn, this, value, ruleMessage);
     if (ret == false) {
         return false;
     }
@@ -323,7 +335,7 @@ std::list<std::pair<std::unique_ptr<std::string>,
     // Notice that first we make sure that won't be a t:none
     // on the target rule.
     if (none == 0) {
-        for (Action *a : trasn->m_rules->m_defaultActions[this->phase]) {
+        for (Action *a : trasn->m_rules->m_defaultActions[this->m_phase]) {
             if (a->action_kind \
                 == actions::Action::RunTimeBeforeMatchAttemptKind) {
                 newValue = std::unique_ptr<std::string>(
@@ -400,11 +412,11 @@ std::list<std::pair<std::unique_ptr<std::string>,
 }
 
 
-std::vector<const collection::Variable *> Rule::getFinalVars(
+std::vector<std::unique_ptr<collection::Variable>> Rule::getFinalVars(
     Transaction *trasn) {
     std::list<const std::string*> exclusions;
-    std::vector<Variable *> *variables = this->variables;
-    std::vector<const collection::Variable *> finalVars;
+    std::vector<Variable *> *variables = m_variables;
+    std::vector<std::unique_ptr<collection::Variable>> finalVars;
 
     for (int i = 0; i < variables->size(); i++) {
         Variable *variable = variables->at(i);
@@ -413,7 +425,7 @@ std::vector<const collection::Variable *> Rule::getFinalVars(
             variable->evaluateInternal(trasn, this, &z);
             for (auto &y : z) {
                 exclusions.push_back(y->m_key);
-                delete y;
+                //delete y;
             }
             exclusions.push_back(&variable->m_name);
         }
@@ -431,7 +443,6 @@ std::vector<const collection::Variable *> Rule::getFinalVars(
         variable->evaluateInternal(trasn, this, &e);
         for (const collection::Variable *v : e) {
             const std::string *key = v->m_key;
-
             if (std::find_if(exclusions.begin(), exclusions.end(),
                 [key](const std::string *m) -> bool { return *key == *m; })
                 != exclusions.end()) {
@@ -470,7 +481,7 @@ std::vector<const collection::Variable *> Rule::getFinalVars(
             for (auto &i : trasn->m_ruleRemoveTargetById) {
                 int id = i.first;
                 std::string args = i.second;
-                if (rule_id != id) {
+                if (m_ruleId != id) {
                     continue;
                 }
                 if (args == *key) {
@@ -488,7 +499,17 @@ std::vector<const collection::Variable *> Rule::getFinalVars(
                 continue;
             }
 
-            finalVars.push_back(v);
+            std::unique_ptr<collection::Variable> var(new collection::Variable(
+                new std::string(*v->m_key),
+                new std::string(*v->m_value)));
+            var->m_dynamic_value = true;
+            var->m_dynamic_key = true;
+
+            if (v->m_dynamic) {
+                delete v;
+                v = NULL;
+            }
+            finalVars.push_back(std::move(var));
         }
     }
     return finalVars;
@@ -498,7 +519,7 @@ std::vector<const collection::Variable *> Rule::getFinalVars(
 void Rule::executeActionsAfterFullMatch(Transaction *trasn,
     bool containsDisruptive, RuleMessage *ruleMessage) {
 
-    for (Action *a : trasn->m_rules->m_defaultActions[this->phase]) {
+    for (Action *a : trasn->m_rules->m_defaultActions[this->m_phase]) {
         if (a->action_kind != actions::Action::RunTimeOnlyIfMatchKind) {
             continue;
         }
@@ -545,10 +566,6 @@ void Rule::executeActionsAfterFullMatch(Transaction *trasn,
             trasn->debug(4, "Running (disruptive) action: " + a->m_name);
             a->evaluate(this, trasn, ruleMessage);
             continue;
-        } else {
-            trasn->debug(4, "_Not_ running (disruptive) action: "
-                + a->m_name + ". SecRuleEngine is not On.");
-            continue;
         }
 
         trasn->debug(4, "Not running disruptive action: " + \
@@ -559,20 +576,20 @@ void Rule::executeActionsAfterFullMatch(Transaction *trasn,
 
 bool Rule::evaluate(Transaction *trasn) {
     bool globalRet = false;
-    std::vector<Variable *> *variables = this->variables;
+    std::vector<Variable *> *variables = this->m_variables;
     bool recursiveGlobalRet;
     bool containsDisruptive = false;
     RuleMessage ruleMessage(this);
-    std::vector<const collection::Variable *> finalVars;
+    std::vector<std::unique_ptr<collection::Variable>> finalVars;
     std::string eparam;
 
     trasn->m_matched.clear();
 
-    if (m_secmarker == true) {
+    if (m_secMarker == true) {
         return true;
     }
     if (m_unconditional == true) {
-        trasn->debug(4, "(Rule: " + std::to_string(rule_id) \
+        trasn->debug(4, "(Rule: " + std::to_string(m_ruleId) \
             + ") Executing unconditional rule...");
         executeActionsIndependentOfChainedRuleResult(trasn,
             &containsDisruptive, &ruleMessage);
@@ -580,24 +597,24 @@ bool Rule::evaluate(Transaction *trasn) {
     }
 
     for (auto &i : trasn->m_ruleRemoveById) {
-        if (rule_id != i) {
+        if (m_ruleId != i) {
             continue;
         }
-        trasn->debug(9, "Rule id: " + std::to_string(rule_id) +
+        trasn->debug(9, "Rule id: " + std::to_string(m_ruleId) +
             " was skipped due to an ruleRemoveById action...");
         return true;
     }
 
-    eparam = MacroExpansion::expand(this->op->m_param, trasn);
+    eparam = MacroExpansion::expand(this->m_op->m_param, trasn);
 
-    if (this->op->m_param != eparam) {
-        eparam = "\"" + eparam + "\" Was: \"" + this->op->m_param + "\"";
+    if (this->m_op->m_param != eparam) {
+        eparam = "\"" + eparam + "\" Was: \"" + this->m_op->m_param + "\"";
     } else {
         eparam = "\"" + eparam + "\"";
     }
 
-    trasn->debug(4, "(Rule: " + std::to_string(rule_id) \
-        + ") Executing operator \"" + this->op->m_op \
+    trasn->debug(4, "(Rule: " + std::to_string(m_ruleId) \
+        + ") Executing operator \"" + this->m_op->m_op \
         + "\" with param " \
         + eparam \
         + " against " \
@@ -607,7 +624,7 @@ bool Rule::evaluate(Transaction *trasn) {
 
     finalVars = getFinalVars(trasn);
 
-    for (const collection::Variable *v : finalVars) {
+    for (auto &v : finalVars) {
         const std::string value = *(v->m_value);
         const std::string key = *(v->m_key);
 
@@ -650,32 +667,24 @@ bool Rule::evaluate(Transaction *trasn) {
 
     trasn->debug(4, "Rule returned 1.");
 
-    if (this->chained == false) {
+    if (this->m_chained == false) {
         goto end_exec;
     }
 
-    if (this->chainedRule == NULL) {
+    if (this->m_chainedRule == NULL) {
         trasn->debug(4, "Rule is marked as chained but there " \
             "isn't a subsequent rule.");
         goto end_clean;
     }
 
     trasn->debug(4, "Executing chained rule.");
-    recursiveGlobalRet = this->chainedRule->evaluate(trasn);
+    recursiveGlobalRet = this->m_chainedRule->evaluate(trasn);
 
     if (recursiveGlobalRet == true) {
         goto end_exec;
     }
 
 end_clean:
-    while (finalVars.empty() == false) {
-        auto *a = finalVars.back();
-        finalVars.pop_back();
-        if (a->m_dynamic) {
-            delete a;
-        }
-    }
-
     return false;
 
 end_exec:
@@ -688,14 +697,6 @@ end_exec:
         trasn->m_rulesMessages.push_back(ruleMessage);
     }
 
-    while (finalVars.empty() == false) {
-        auto *a = finalVars.back();
-        finalVars.pop_back();
-        if (a->m_dynamic) {
-            delete a;
-        }
-    }
-
     return true;
 }
 
diff --git a/src/rules.cc b/src/rules.cc
index 3136301a..b72abfcc 100644
--- a/src/rules.cc
+++ b/src/rules.cc
@@ -186,11 +186,11 @@ int Rules::evaluate(int phase, Transaction *transaction) {
     for (int i = 0; i < rules.size(); i++) {
         Rule *rule = rules[i];
         if (transaction->m_marker.empty() == false) {
-            debug(9, "Skipped rule id '" + std::to_string(rule->rule_id) \
+            debug(9, "Skipped rule id '" + std::to_string(rule->m_ruleId) \
                 + "' due to a SecMarker: " + transaction->m_marker);
             m_secmarker_skipped++;
             debug(9, "Rule: " + rule->m_marker);
-            if (rule->m_secmarker && rule->m_marker == transaction->m_marker) {
+            if (rule->m_secMarker && rule->m_marker == transaction->m_marker) {
                 debug(4, "Out of a SecMarker after skip " \
                     + std::to_string(m_secmarker_skipped) + " rules.");
                 transaction->m_marker.clear();
@@ -198,15 +198,15 @@ int Rules::evaluate(int phase, Transaction *transaction) {
             }
         } else if (transaction->m_skip_next > 0) {
             transaction->m_skip_next--;
-            debug(9, "Skipped rule id '" + std::to_string(rule->rule_id) \
+            debug(9, "Skipped rule id '" + std::to_string(rule->m_ruleId) \
                 + "' due to a `skip' action. Still " + \
                 std::to_string(transaction->m_skip_next) + " to be skipped.");
         } else if (transaction->m_allowType
             != actions::disruptive::NoneAllowType) {
-            debug(9, "Skipped rule id '" + std::to_string(rule->rule_id) \
+            debug(9, "Skipped rule id '" + std::to_string(rule->m_ruleId) \
                 + "' as request trough the utilization of an `allow' action.");
-        } else if (m_exceptions.contains(rule->rule_id)) {
-            debug(9, "Skipped rule id '" + std::to_string(rule->rule_id) \
+        } else if (m_exceptions.contains(rule->m_ruleId)) {
+            debug(9, "Skipped rule id '" + std::to_string(rule->m_ruleId) \
                 + "'. Removed by an SecRuleRemove directive.");
         } else {
             rule->evaluate(transaction);
@@ -259,7 +259,7 @@ void Rules::dump() {
         std::cout << " (" << std::to_string(rules.size());
         std::cout << " rules)" << std::endl;
         for (int j = 0; j < rules.size(); j++) {
-            std::cout << "    Rule ID: " << std::to_string(rules[j]->rule_id);
+            std::cout << "    Rule ID: " << std::to_string(rules[j]->m_ruleId);
             std::cout << "--" << rules[j] << std::endl;
         }
     }
diff --git a/src/transaction.cc b/src/transaction.cc
index 4160dec7..8462750f 100644
--- a/src/transaction.cc
+++ b/src/transaction.cc
@@ -291,10 +291,10 @@ bool Transaction::addArgument(const std::string& orig, const std::string& key,
     m_variableArgs.set(key, value, m_variableOffset);
 
     if (orig == "GET") {
-        m_collections.store("ARGS_GET:" + key, value);
+        m_variableArgsGet.set(key, value, m_variableOffset);
         m_variableArgGetNames.append(key, offset, true);
     } else if (orig == "POST") {
-        m_collections.store("ARGS_POST:" + key, value);
+        m_variableArgsPost.set(key, value, m_variableOffset);
         m_variableArgPostNames.append(key, offset, true);
     }
     m_variableArgsNames.append(key, offset, true);
@@ -471,7 +471,8 @@ int Transaction::addRequestHeader(const std::string& key,
     const std::string& value) {
     m_variableRequestHeadersNames.append(key, 0, true);
 
-    this->m_collections.store("REQUEST_HEADERS:" + key, value);
+    m_variableRequestHeaders.set(key, value, m_variableOffset);
+
 
     std::string keyl = utils::string::tolower(key);
     if (keyl == "authorization") {
@@ -488,10 +489,9 @@ int Transaction::addRequestHeader(const std::string& key,
                 if (s[0].at(0) == ' ') {
                     s[0].erase(0, 1);
                 }
-                this->m_collections.store("REQUEST_COOKIES:"
-                    + s[0], s[1]);
-                this->m_collections.store("REQUEST_COOKIES_NAMES:"
-                    + s[0], s[0]);
+                m_variableRequestCookies.set(s[0], s[1], m_variableOffset);
+                m_variableRequestCookiesNames.set(s[0],
+                    s[0], m_variableOffset);
             }
             cookies.pop_back();
         }
@@ -622,6 +622,8 @@ int Transaction::processRequestBody() {
      * }
      * 
      */
+    std::unique_ptr<std::string> a = m_variableRequestHeaders.resolveFirst(
+        "Content-Type");
     if (m_requestBodyProcessor == XMLRequestBody) {
         std::string error;
         if (m_xml->init() == true) {
@@ -662,11 +664,8 @@ int Transaction::processRequestBody() {
         }
     } else if (m_requestBodyType == MultiPartRequestBody) {
         std::string error;
-        std::string *a = m_collections.resolveFirst(
-            "REQUEST_HEADERS:Content-Type");
         if (a != NULL) {
             Multipart m(*a, this);
-
             if (m.init(&error) == true) {
                 m.process(m_requestBody.str(), &error);
             }
@@ -685,14 +684,12 @@ int Transaction::processRequestBody() {
         }
     } else if (m_requestBodyType == WWWFormUrlEncoded) {
         extractArguments("POST", m_requestBody.str(), 0);
-    } else if (m_collections.resolveFirst(
-            "REQUEST_HEADERS:Content-Type") != NULL) {
-        std::string *a = m_collections.resolveFirst(
-            "REQUEST_HEADERS:Content-Type");
+    } else if (a != NULL) {
         std::string error;
         if (a != NULL && a->empty() == false) {
             error.assign(*a);
         }
+
         m_variableReqbodyError.set("1", m_variableOffset);
         m_variableReqbodyProcessorError.set("1", m_variableOffset);
         m_variableReqbodyErrorMsg.set("Unknown request body processor: " \
@@ -733,16 +730,11 @@ int Transaction::processRequestBody() {
      */
     std::string fullRequest;
     std::vector<const collection::Variable *> l;
-    m_collections.resolveMultiMatches("REQUEST_HEADERS", &l);
+    m_variableRequestHeaders.resolve(&l);
     for (auto &a : l) {
-        fullRequest = fullRequest + \
-            std::string(*a->m_key, 16, a->m_key->length() - 16) + ": " \
-            + *a->m_value + "\n";
-    }
-
-    while (l.empty() == false) {
-        delete l.back();
-        l.pop_back();
+        std::string z(*a->m_key, 16, a->m_key->length() - 16);
+        z = z + ": " + *a->m_value;
+        fullRequest = fullRequest + z + "\n";
     }
 
     fullRequest = fullRequest + "\n\n";
@@ -923,8 +915,7 @@ int Transaction::processResponseHeaders(int code, const std::string& proto) {
 int Transaction::addResponseHeader(const std::string& key,
     const std::string& value) {
     m_variableResponseHeadersNames.append(key, 0, true);
-
-    this->m_collections.store("RESPONSE_HEADERS:" + key, value);
+    m_variableResponseHeaders.set(key, value, m_variableOffset);
 
     if (utils::string::tolower(key) == "content-type") {
         // Removes the charset=...
@@ -1290,15 +1281,16 @@ std::string Transaction::toOldAuditLogFormatIndex(const std::string &filename,
     strftime(tstr, 299, "[%d/%b/%Y:%H:%M:%S %z]", &timeinfo);
 
     ss << utils::string::dash_if_empty(
-        this->m_collections.resolveFirst("REQUEST_HEADERS:Host")) << " ";
+       m_variableRequestHeaders.resolveFirst("Host").get())
+        << " ";
     ss << utils::string::dash_if_empty(this->m_clientIpAddress) << " ";
     /** TODO: Check variable */
     ss << utils::string::dash_if_empty(
-        this->m_collections.resolveFirst("REMOTE_USER"));
+        m_collections.resolveFirst("REMOTE_USER").get());
     ss << " ";
     /** TODO: Check variable */
     ss << utils::string::dash_if_empty(
-        this->m_collections.resolveFirst("LOCAL_USER"));
+        this->m_collections.resolveFirst("LOCAL_USER").get());
     ss << " ";
     ss << tstr << " ";
 
@@ -1312,15 +1304,15 @@ std::string Transaction::toOldAuditLogFormatIndex(const std::string &filename,
     ss << this->m_responseBody.tellp();
     /** TODO: Check variable */
     ss << utils::string::dash_if_empty(
-        this->m_collections.resolveFirst("REFERER")) << " ";
+        this->m_collections.resolveFirst("REFERER").get()) << " ";
     ss << "\"";
     ss << utils::string::dash_if_empty(
-        this->m_collections.resolveFirst("REQUEST_HEADERS:User-Agent"));
+        m_variableRequestHeaders.resolveFirst("User-Agent").get());
     ss << "\" ";
     ss << this->m_id << " ";
     /** TODO: Check variable */
     ss << utils::string::dash_if_empty(
-        this->m_collections.resolveFirst("REFERER")) << " ";
+        this->m_collections.resolveFirst("REFERER").get()) << " ";
 
     ss << filename << " ";
     ss << "0" << " ";
@@ -1356,12 +1348,11 @@ std::string Transaction::toOldAuditLogFormat(int parts,
         audit_log << this->m_method << " " << this->m_uri << " " << "HTTP/";
         audit_log << this->m_httpVersion << std::endl;
 
-        m_collections.m_transient->resolveMultiMatches("REQUEST_HEADERS", &l);
+        m_variableRequestHeaders.resolve(&l);
         for (auto h : l) {
             size_t pos = strlen("REQUEST_HEADERS:");
             audit_log << h->m_key->c_str() + pos << ": ";
             audit_log << h->m_value->c_str() << std::endl;
-            delete h;
         }
         audit_log << std::endl;
     }
@@ -1388,12 +1379,11 @@ std::string Transaction::toOldAuditLogFormat(int parts,
         std::vector<const collection::Variable *> l;
 
         audit_log << "--" << trailer << "-" << "F--" << std::endl;
-        m_collections.m_transient->resolveMultiMatches("RESPONSE_HEADERS", &l);
+        m_variableResponseHeaders.resolve(&l);
         for (auto h : l) {
             size_t pos = strlen("RESPONSE_HEADERS:");
             audit_log << h->m_key->c_str() + pos << ": ";
             audit_log << h->m_value->c_str() << std::endl;
-            delete h;
         }
     }
     audit_log << std::endl;
@@ -1436,7 +1426,7 @@ std::string Transaction::toJSON(int parts) {
 #ifdef WITH_YAJL
     const unsigned char *buf;
     size_t len;
-    yajl_gen g = NULL;
+    yajl_gen g;
     std::string ts = utils::string::ascTime(&m_timeStamp).c_str();
     std::string uniqueId = UniqueId::uniqueId();
 
@@ -1484,12 +1474,10 @@ std::string Transaction::toJSON(int parts) {
             strlen("headers"));
         yajl_gen_map_open(g);
 
-
-        m_collections.m_transient->resolveMultiMatches("REQUEST_HEADERS", &l);
+        m_variableRequestHeaders.resolve(&l);
         for (auto h : l) {
             size_t pos = strlen("REQUEST_HEADERS:");
             LOGFY_ADD(h->m_key->c_str() + pos, h->m_value->c_str());
-            delete h;
         }
 
         /* end: request headers */
@@ -1516,11 +1504,10 @@ std::string Transaction::toJSON(int parts) {
             strlen("headers"));
         yajl_gen_map_open(g);
 
-        m_collections.m_transient->resolveMultiMatches("RESPONSE_HEADERS", &l);
+        m_variableResponseHeaders.resolve(&l);
         for (auto h : l) {
             size_t pos = strlen("RESPONSE_HEADERS:");
             LOGFY_ADD(h->m_key->c_str() + pos, h->m_value->c_str());
-            delete h;
         }
 
         /* end: response headers */
diff --git a/src/utils/random.cc b/src/utils/random.cc
index 6c00a8f4..f40ce8b0 100644
--- a/src/utils/random.cc
+++ b/src/utils/random.cc
@@ -27,11 +27,14 @@ namespace utils {
 
 
 double random_number(const double from, const double to) {
+#if 0
     std::random_device rd;
     std::mt19937 mt(rd());
     return std::bind(
         std::uniform_real_distribution<>{from, to},
         std::default_random_engine{ mt() })();
+#endif
+    return from+1;
 }
 
 
diff --git a/src/variables/args.h b/src/variables/args.h
new file mode 100644
index 00000000..c2f21322
--- /dev/null
+++ b/src/variables/args.h
@@ -0,0 +1,82 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_ARGS_H_
+#define SRC_VARIABLES_ARGS_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+class Args_DictElement : public Variable {
+ public:
+    Args_DictElement(std::string dictElement)
+        : Variable("ARGS" + std::string(":") + std::string(dictElement)),
+        m_dictElement(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableArgs.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class Args_NoDictElement : public Variable {
+ public:
+    Args_NoDictElement()
+        : Variable("ARGS") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableArgs.resolve(l);
+    }
+};
+
+
+class Args_DictElementRegexp : public Variable {
+ public:
+    Args_DictElementRegexp(std::string dictElement)
+        : Variable("ARGS:regex(" + dictElement + ")"),
+        m_r(dictElement) {
+    }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_variableArgs.resolveRegularExpression(&m_r, l);
+    }
+
+    Utils::Regex m_r;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_ARGS_H_
+
diff --git a/src/variables/args_combined_size.h b/src/variables/args_combined_size.h
index 5d9371e4..94878aec 100644
--- a/src/variables/args_combined_size.h
+++ b/src/variables/args_combined_size.h
@@ -34,7 +34,8 @@ class ArgsCombinedSize : public Variable {
     ArgsCombinedSize()
         : Variable("ARGS_COMBINED_SIZE") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableARGScombinedSize.evaluate(l);
     }
diff --git a/src/variables/args_get.h b/src/variables/args_get.h
new file mode 100644
index 00000000..463825a4
--- /dev/null
+++ b/src/variables/args_get.h
@@ -0,0 +1,81 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_ARGS_GET_H_
+#define SRC_VARIABLES_ARGS_GET_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+class ArgsGet_DictElement : public Variable {
+ public:
+    ArgsGet_DictElement(std::string dictElement)
+        : Variable("ARGS_GET" + std::string(":") + std::string(dictElement)),
+        m_dictElement(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableArgsGet.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class ArgsGet_NoDictElement : public Variable {
+ public:
+    ArgsGet_NoDictElement()
+        : Variable("ARGS_GET") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableArgsGet.resolve(l);
+    }
+};
+
+
+class ArgsGet_DictElementRegexp : public Variable {
+ public:
+    ArgsGet_DictElementRegexp(std::string dictElement)
+        : Variable("ARGS_GET"),
+        m_r(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_variableArgsGet.resolveRegularExpression(&m_r, l);
+    }
+
+    Utils::Regex m_r;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_ARGS_GET_H_
+
diff --git a/src/variables/args_get_names.h b/src/variables/args_get_names.h
index 4c41a575..be5a1920 100644
--- a/src/variables/args_get_names.h
+++ b/src/variables/args_get_names.h
@@ -34,7 +34,8 @@ class ArgsGetNames : public Variable {
     ArgsGetNames()
         : Variable("ARGS_GET_NAMES") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableArgGetNames.evaluate(l);
     }
diff --git a/src/variables/args_names.h b/src/variables/args_names.h
index 5130e15a..3ef29fdb 100644
--- a/src/variables/args_names.h
+++ b/src/variables/args_names.h
@@ -34,7 +34,8 @@ class ArgsNames : public Variable {
     ArgsNames()
         : Variable("ARGS_NAMES") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableArgsNames.evaluate(l);
     }
diff --git a/src/variables/args_post.h b/src/variables/args_post.h
new file mode 100644
index 00000000..553618b2
--- /dev/null
+++ b/src/variables/args_post.h
@@ -0,0 +1,81 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_ARGS_POST_H_
+#define SRC_VARIABLES_ARGS_POST_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+class ArgsPost_DictElement : public Variable {
+ public:
+    ArgsPost_DictElement(std::string dictElement)
+        : Variable("ARGS_POST" + std::string(":") + std::string(dictElement)),
+        m_dictElement(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableArgsPost.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class ArgsPost_NoDictElement : public Variable {
+ public:
+    ArgsPost_NoDictElement()
+        : Variable("ARGS_POST") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableArgsPost.resolve(l);
+    }
+};
+
+
+class ArgsPost_DictElementRegexp : public Variable {
+ public:
+    ArgsPost_DictElementRegexp(std::string dictElement)
+        : Variable("ARGS_POST"),
+        m_r(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_variableArgsPost.resolveRegularExpression(&m_r, l);
+    }
+
+    Utils::Regex m_r;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_ARGS_POST_H_
+
diff --git a/src/variables/args_post_names.h b/src/variables/args_post_names.h
index cb7d803b..09227199 100644
--- a/src/variables/args_post_names.h
+++ b/src/variables/args_post_names.h
@@ -34,7 +34,8 @@ class ArgsPostNames : public Variable {
     ArgsPostNames()
         : Variable("ARGS_POST_NAMES") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableArgPostNames.evaluate(l);
     }
diff --git a/src/variables/auth_type.h b/src/variables/auth_type.h
index fa720c55..9718450d 100644
--- a/src/variables/auth_type.h
+++ b/src/variables/auth_type.h
@@ -34,7 +34,8 @@ class AuthType : public Variable {
     AuthType()
         : Variable("AUTH_TYPE") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableAuthType.evaluate(l);
     }
diff --git a/src/variables/duration.cc b/src/variables/duration.cc
index 04eca088..c272a6dc 100644
--- a/src/variables/duration.cc
+++ b/src/variables/duration.cc
@@ -27,8 +27,9 @@
 namespace modsecurity {
 namespace Variables {
 
-void Duration::evaluateInternal(Transaction *transaction,
-        std::vector<const collection::Variable *> *l) {
+void Duration::evaluate(Transaction *transaction,
+    Rule *rule,
+    std::vector<const collection::Variable *> *l) {
     double e = utils::cpu_seconds() - transaction->m_creationTimeStamp;
 
     transaction->m_variableDuration.assign(std::to_string(e));
diff --git a/src/variables/duration.h b/src/variables/duration.h
index c3193b24..bb86e979 100644
--- a/src/variables/duration.h
+++ b/src/variables/duration.h
@@ -34,7 +34,8 @@ class Duration : public Variable {
         : Variable(_name),
         m_retName("DURATION") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) override;
     std::string m_retName;
 };
diff --git a/src/variables/env.cc b/src/variables/env.cc
index 7860d697..741f8111 100644
--- a/src/variables/env.cc
+++ b/src/variables/env.cc
@@ -32,7 +32,8 @@ extern char **environ;
 namespace modsecurity {
 namespace Variables {
 
-void Env::evaluateInternal(Transaction *transaction,
+void Env::evaluate(Transaction *transaction,
+    Rule *rule,
     std::vector<const collection::Variable *> *l) {
     for (char **current = environ; *current; current++) {
         std::string env = std::string(*current);
diff --git a/src/variables/env.h b/src/variables/env.h
index 11e9fe69..524ca7e4 100644
--- a/src/variables/env.h
+++ b/src/variables/env.h
@@ -33,7 +33,8 @@ class Env : public Variable {
     explicit Env(std::string _name)
         : Variable(_name) { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) override;
 };
 
diff --git a/src/variables/files.h b/src/variables/files.h
new file mode 100644
index 00000000..241e6dea
--- /dev/null
+++ b/src/variables/files.h
@@ -0,0 +1,83 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_FILES_H_
+#define SRC_VARIABLES_FILES_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+class Files_DictElement : public Variable {
+ public:
+    Files_DictElement(std::string dictElement)
+        : Variable("FILES" + std::string(":") +
+            std::string(dictElement)),
+        m_dictElement(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableFiles.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class Files_NoDictElement : public Variable {
+ public:
+    Files_NoDictElement()
+        : Variable("FILES") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableFiles.resolve(l);
+    }
+};
+
+
+class Files_DictElementRegexp : public Variable {
+ public:
+    Files_DictElementRegexp(std::string dictElement)
+        : Variable("FILES"),
+        m_r(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_variableFiles.resolveRegularExpression(
+            &m_r, l);
+    }
+
+    Utils::Regex m_r;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_FILES_H_
+
diff --git a/src/variables/files_combined_size.h b/src/variables/files_combined_size.h
index 571f02d2..c1cdcd7c 100644
--- a/src/variables/files_combined_size.h
+++ b/src/variables/files_combined_size.h
@@ -34,7 +34,8 @@ class FilesCombinedSize : public Variable {
     FilesCombinedSize()
         : Variable("FILES_COMBINED_SIZE") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableFilesCombinedSize.evaluate(l);
     }
diff --git a/src/variables/files_names.h b/src/variables/files_names.h
new file mode 100644
index 00000000..f68eba28
--- /dev/null
+++ b/src/variables/files_names.h
@@ -0,0 +1,84 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_FILES_NAMES_H_
+#define SRC_VARIABLES_FILES_NAMES_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+class FilesNames_DictElement : public Variable {
+ public:
+    FilesNames_DictElement(std::string dictElement)
+        : Variable("FILES_NAMES" + std::string(":") +
+            std::string(dictElement)),
+        m_dictElement(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableFilesNames.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class FilesNames_NoDictElement : public Variable {
+ public:
+    FilesNames_NoDictElement()
+        : Variable("FILES_NAMES") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableFilesNames.resolve(l);
+    }
+};
+
+
+class FilesNames_DictElementRegexp : public Variable {
+ public:
+    FilesNames_DictElementRegexp(std::string dictElement)
+        : Variable("FILES_NAMES"), 
+        m_r(dictElement) { }
+
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_variableFilesNames.resolveRegularExpression(
+            &m_r, l);
+    }
+
+    Utils::Regex m_r;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_FILES_NAMES_H_
+
diff --git a/src/variables/files_sizes.h b/src/variables/files_sizes.h
new file mode 100644
index 00000000..528a8a9f
--- /dev/null
+++ b/src/variables/files_sizes.h
@@ -0,0 +1,83 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_FILES_SIZES_H_
+#define SRC_VARIABLES_FILES_SIZES_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+class FilesSizes_DictElement : public Variable {
+ public:
+    FilesSizes_DictElement(std::string dictElement)
+        : Variable("FILES_SIZES" + std::string(":") +
+            std::string(dictElement)),
+        m_dictElement(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableFilesSizes.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class FilesSizes_NoDictElement : public Variable {
+ public:
+    FilesSizes_NoDictElement()
+        : Variable("FILES_SIZES") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableFilesSizes.resolve(l);
+    }
+};
+
+
+class FilesSizes_DictElementRegexp : public Variable {
+ public:
+    FilesSizes_DictElementRegexp(std::string dictElement)
+        : Variable("FILES_SIZES"),
+        m_r(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_variableFilesSizes.resolveRegularExpression(
+            &m_r, l);
+    }
+
+    Utils::Regex m_r;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_FILES_SIZES_H_
+
diff --git a/src/variables/files_tmp_content.h b/src/variables/files_tmp_content.h
new file mode 100644
index 00000000..c556878f
--- /dev/null
+++ b/src/variables/files_tmp_content.h
@@ -0,0 +1,83 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_FILES_TMP_CONTENT_H_
+#define SRC_VARIABLES_FILES_TMP_CONTENT_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+class FilesTmpContent_DictElement : public Variable {
+ public:
+    FilesTmpContent_DictElement(std::string dictElement)
+        : Variable("FILES_TMP_CONTENT" + std::string(":") +
+            std::string(dictElement)),
+        m_dictElement(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableFilesTmpContent.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class FilesTmpContent_NoDictElement : public Variable {
+ public:
+    FilesTmpContent_NoDictElement()
+        : Variable("FILES_TMP_CONTENT") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableFilesTmpContent.resolve(l);
+    }
+};
+
+
+class FilesTmpContent_DictElementRegexp : public Variable {
+ public:
+    FilesTmpContent_DictElementRegexp(std::string dictElement)
+        : Variable("FILES_TMP_CONTENT"),
+        m_r(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_variableFilesTmpContent.resolveRegularExpression(
+            &m_r, l);
+    }
+
+    Utils::Regex m_r;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_FILES_TMP_CONTENT_H_
+
diff --git a/src/variables/files_tmp_names.h b/src/variables/files_tmp_names.h
index bb51a279..fc189b95 100644
--- a/src/variables/files_tmp_names.h
+++ b/src/variables/files_tmp_names.h
@@ -28,18 +28,53 @@ namespace modsecurity {
 
 class Transaction;
 namespace Variables {
-
-class FilesTmpNames : public Variable {
+class FilesTmpNames_DictElement : public Variable {
  public:
-    FilesTmpNames()
+    FilesTmpNames_DictElement(std::string dictElement)
+        : Variable("FILES_TMPNAMES" + std::string(":") +
+            std::string(dictElement)),
+        m_dictElement(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableFilesTmpNames.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class FilesTmpNames_NoDictElement : public Variable {
+ public:
+    FilesTmpNames_NoDictElement()
         : Variable("FILES_TMPNAMES") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
-        transaction->m_variableFilesTmpNames.evaluate(l);
+        transaction->m_variableFilesTmpNames.resolve(l);
     }
 };
 
+
+class FilesTmpNames_DictElementRegexp : public Variable {
+ public:
+    FilesTmpNames_DictElementRegexp(std::string dictElement)
+        : Variable("FILES_TMPNAMES"),
+        m_r(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_variableFilesTmpNames.resolveRegularExpression(
+            &m_r, l);
+    }
+
+    Utils::Regex m_r;
+};
+
+
 }  // namespace Variables
 }  // namespace modsecurity
 
diff --git a/src/variables/full_request.h b/src/variables/full_request.h
index f2042da3..96904750 100644
--- a/src/variables/full_request.h
+++ b/src/variables/full_request.h
@@ -34,7 +34,8 @@ class FullRequest : public Variable {
     FullRequest()
         : Variable("FULL_REQUEST") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableFullRequest.evaluate(l);
     }
diff --git a/src/variables/full_request_length.h b/src/variables/full_request_length.h
index e4ae1be9..b9e5e7e2 100644
--- a/src/variables/full_request_length.h
+++ b/src/variables/full_request_length.h
@@ -34,7 +34,8 @@ class FullRequestLength : public Variable {
     FullRequestLength()
         : Variable("FULL_REQUEST_LENGTH") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableFullRequestLength.evaluate(l);
     }
diff --git a/src/variables/geo.h b/src/variables/geo.h
new file mode 100644
index 00000000..b35f949f
--- /dev/null
+++ b/src/variables/geo.h
@@ -0,0 +1,83 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_GEO_H_
+#define SRC_VARIABLES_GEO_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+class Geo_DictElement : public Variable {
+ public:
+    Geo_DictElement(std::string dictElement)
+        : Variable("GEO" + std::string(":") +
+            std::string(dictElement)),
+        m_dictElement(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableGeo.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class Geo_NoDictElement : public Variable {
+ public:
+    Geo_NoDictElement()
+        : Variable("GEO") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableGeo.resolve(l);
+    }
+};
+
+
+class Geo_DictElementRegexp : public Variable {
+ public:
+    Geo_DictElementRegexp(std::string dictElement)
+        : Variable("GEO"),
+        m_r(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_variableGeo.resolveRegularExpression(
+            &m_r, l);
+    }
+
+    Utils::Regex m_r;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_GEO_H_
+
diff --git a/src/variables/global.h b/src/variables/global.h
new file mode 100644
index 00000000..945c888b
--- /dev/null
+++ b/src/variables/global.h
@@ -0,0 +1,84 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_GLOBAL_H_
+#define SRC_VARIABLES_GLOBAL_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+
+class Global_DictElement : public Variable {
+ public:
+    explicit Global_DictElement(std::string dictElement)
+        : Variable("GLOBAL"),
+        m_dictElement("GLOBAL:" + dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_collections.resolveMultiMatches(m_dictElement, "GLOBAL", l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class Global_NoDictElement : public Variable {
+ public:
+    explicit Global_NoDictElement()
+        : Variable("GLOBAL") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_collections.resolveMultiMatches(m_name, "GLOBAL", l);
+    }
+};
+
+
+class Global_DictElementRegexp : public Variable {
+ public:
+    Global_DictElementRegexp(std::string dictElement)
+        : Variable("GLOBAL"),
+        m_r(dictElement),
+        m_dictElement("GLOBAL:" + dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_collections.resolveRegularExpression(m_dictElement,
+            "GLOBAL", l);
+    }
+
+    Utils::Regex m_r;
+    std::string m_dictElement;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_GLOBAL_H_
diff --git a/src/variables/highest_severity.cc b/src/variables/highest_severity.cc
index 203d9b2d..ca0dc69a 100644
--- a/src/variables/highest_severity.cc
+++ b/src/variables/highest_severity.cc
@@ -26,7 +26,8 @@
 namespace modsecurity {
 namespace Variables {
 
-void HighestSeverity::evaluateInternal(Transaction *transaction,
+void HighestSeverity::evaluate(Transaction *transaction,
+    Rule *rule,
     std::vector<const collection::Variable *> *l) {
     transaction->m_variableHighestSeverityAction.assign(
         std::to_string(transaction->m_highestSeverityAction));
diff --git a/src/variables/highest_severity.h b/src/variables/highest_severity.h
index 7e72f608..62f87e73 100644
--- a/src/variables/highest_severity.h
+++ b/src/variables/highest_severity.h
@@ -34,7 +34,8 @@ class HighestSeverity : public Variable {
         : Variable(_name),
         m_retName("HIGHEST_SEVERITY") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) override;
     std::string m_retName;
 };
diff --git a/src/variables/inbound_data_error.h b/src/variables/inbound_data_error.h
index 1fe3fd12..90c9bb4a 100644
--- a/src/variables/inbound_data_error.h
+++ b/src/variables/inbound_data_error.h
@@ -34,7 +34,8 @@ class InboundDataError : public Variable {
     InboundDataError()
         : Variable("INBOUND_DATA_ERROR") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableInboundDataError.evaluate(l);
     }
diff --git a/src/variables/ip.h b/src/variables/ip.h
new file mode 100644
index 00000000..5b9cd322
--- /dev/null
+++ b/src/variables/ip.h
@@ -0,0 +1,84 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_IP_H_
+#define SRC_VARIABLES_IP_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+
+class Ip_DictElement : public Variable {
+ public:
+    explicit Ip_DictElement(std::string dictElement)
+        : Variable("IP"),
+        m_dictElement("IP:" + dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_collections.resolveMultiMatches(m_dictElement, "IP", l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class Ip_NoDictElement : public Variable {
+ public:
+    explicit Ip_NoDictElement()
+        : Variable("IP") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_collections.resolveMultiMatches(m_name, "IP", l);
+    }
+};
+
+
+class Ip_DictElementRegexp : public Variable {
+ public:
+    Ip_DictElementRegexp(std::string dictElement)
+        : Variable("IP"),
+        m_r(dictElement),
+        m_dictElement("IP:" + dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_collections.resolveRegularExpression(m_dictElement,
+            "IP", l);
+    }
+
+    Utils::Regex m_r;
+    std::string m_dictElement;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_IP_H_
diff --git a/src/variables/matched_var.h b/src/variables/matched_var.h
index 73bdd05b..67e4bf7d 100644
--- a/src/variables/matched_var.h
+++ b/src/variables/matched_var.h
@@ -34,7 +34,8 @@ class MatchedVar : public Variable {
     MatchedVar()
         : Variable("MATCHED_VAR") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableMatchedVar.evaluate(l);
     }
diff --git a/src/variables/matched_var_name.h b/src/variables/matched_var_name.h
index 2d692d17..02bf227b 100644
--- a/src/variables/matched_var_name.h
+++ b/src/variables/matched_var_name.h
@@ -34,7 +34,8 @@ class MatchedVarName : public Variable {
     MatchedVarName()
         : Variable("MATCHED_VAR_NAME") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableMatchedVarName.evaluate(l);
     }
diff --git a/src/variables/matched_vars.h b/src/variables/matched_vars.h
new file mode 100644
index 00000000..f2ce0a43
--- /dev/null
+++ b/src/variables/matched_vars.h
@@ -0,0 +1,83 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_MATCHED_VARS_H_
+#define SRC_VARIABLES_MATCHED_VARS_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+class MatchedVars_DictElement : public Variable {
+ public:
+    MatchedVars_DictElement(std::string dictElement)
+        : Variable("MATCHED_VARS" + std::string(":") +
+            std::string(dictElement)),
+        m_dictElement(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableMatchedVars.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class MatchedVars_NoDictElement : public Variable {
+ public:
+    MatchedVars_NoDictElement()
+        : Variable("MATCHED_VARS") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableMatchedVars.resolve(l);
+    }
+};
+
+
+class MatchedVars_DictElementRegexp : public Variable {
+ public:
+    MatchedVars_DictElementRegexp(std::string dictElement)
+        : Variable("MATCHED_VARS"),
+        m_r(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_variableMatchedVars.resolveRegularExpression(
+            &m_r, l);
+    }
+
+    Utils::Regex m_r;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_MATCHED_VARS_H_
+
diff --git a/src/variables/matched_vars_names.h b/src/variables/matched_vars_names.h
new file mode 100644
index 00000000..5918d0eb
--- /dev/null
+++ b/src/variables/matched_vars_names.h
@@ -0,0 +1,83 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_MATCHED_VARS_NAMES_H_
+#define SRC_VARIABLES_MATCHED_VARS_NAMES_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+class MatchedVarsNames_DictElement : public Variable {
+ public:
+    MatchedVarsNames_DictElement(std::string dictElement)
+        : Variable("MATCHED_VARS_NAMES" + std::string(":") +
+            std::string(dictElement)),
+        m_dictElement(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableMatchedVarsNames.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class MatchedVarsNames_NoDictElement : public Variable {
+ public:
+    MatchedVarsNames_NoDictElement()
+        : Variable("MATCHED_VARS_NAMES") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableMatchedVarsNames.resolve(l);
+    }
+};
+
+
+class MatchedVarsNames_DictElementRegexp : public Variable {
+ public:
+    MatchedVarsNames_DictElementRegexp(std::string dictElement)
+        : Variable("MATCHED_VARS_NAMES"),
+        m_r(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableMatchedVarsNames.resolveRegularExpression(
+            &m_r, l);
+    }
+
+     Utils::Regex m_r;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_MATCHED_VARS_NAMES_H_
+
diff --git a/src/variables/modsec_build.cc b/src/variables/modsec_build.cc
index 34aa6b1f..4e2c2f08 100644
--- a/src/variables/modsec_build.cc
+++ b/src/variables/modsec_build.cc
@@ -24,7 +24,8 @@
 namespace modsecurity {
 namespace Variables {
 
-void ModsecBuild::evaluateInternal(Transaction *transaction,
+void ModsecBuild::evaluate(Transaction *transaction,
+    Rule *rule,
     std::vector<const collection::Variable *> *l) {
 
     l->push_back(new collection::Variable(&m_retName, &m_build));
diff --git a/src/variables/modsec_build.h b/src/variables/modsec_build.h
index 200de99e..4d872d5d 100644
--- a/src/variables/modsec_build.h
+++ b/src/variables/modsec_build.h
@@ -43,7 +43,8 @@ class ModsecBuild : public Variable {
         m_build = ss.str();
     }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) override;
 
     std::string m_build;
diff --git a/src/variables/multipart_crlf_lf_lines.h b/src/variables/multipart_crlf_lf_lines.h
index 9ca546ca..76ac90e3 100644
--- a/src/variables/multipart_crlf_lf_lines.h
+++ b/src/variables/multipart_crlf_lf_lines.h
@@ -34,7 +34,8 @@ class MultipartCrlfLFLines : public Variable {
     MultipartCrlfLFLines()
         : Variable("MULTIPART_CRLF_LF_LINES") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableMultipartCrlfLFLines.evaluate(l);
     }
diff --git a/src/variables/multipart_data_after.h b/src/variables/multipart_data_after.h
index bfa79e77..9331116b 100644
--- a/src/variables/multipart_data_after.h
+++ b/src/variables/multipart_data_after.h
@@ -34,7 +34,8 @@ class MultipartDateAfter : public Variable {
     MultipartDateAfter()
         : Variable("MULTIPART_DATA_AFTER") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableMultipartDataAfter.evaluate(l);
     }
diff --git a/src/variables/multipart_file_limit_exceeded.h b/src/variables/multipart_file_limit_exceeded.h
index 750a762d..c137e161 100644
--- a/src/variables/multipart_file_limit_exceeded.h
+++ b/src/variables/multipart_file_limit_exceeded.h
@@ -34,7 +34,8 @@ class MultipartFileLimitExceeded : public Variable {
     MultipartFileLimitExceeded()
         : Variable("MULTIPART_FILE_LIMIT_EXCEEDED") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableMultipartFileLimitExceeded.evaluate(l);
     }
diff --git a/src/variables/multipart_file_name.h b/src/variables/multipart_file_name.h
new file mode 100644
index 00000000..ddda22d6
--- /dev/null
+++ b/src/variables/multipart_file_name.h
@@ -0,0 +1,83 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_MULTIPART_FILENAME_H_
+#define SRC_VARIABLES_MULTIPART_FILENAME_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+class MultiPartFileName_DictElement : public Variable {
+ public:
+    MultiPartFileName_DictElement(std::string dictElement)
+        : Variable("MULTIPART_FILENAME" + std::string(":") +
+            std::string(dictElement)),
+        m_dictElement(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableMultiPartFileName.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class MultiPartFileName_NoDictElement : public Variable {
+ public:
+    MultiPartFileName_NoDictElement()
+        : Variable("MULTIPART_FILENAME") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableMultiPartFileName.resolve(l);
+    }
+};
+
+
+class MultiPartFileName_DictElementRegexp : public Variable {
+ public:
+    MultiPartFileName_DictElementRegexp(std::string dictElement)
+        : Variable("MULTIPART_FILENAME"),
+        m_r(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_variableMultiPartFileName.resolveRegularExpression(
+            &m_r, l);
+    }
+
+    Utils::Regex m_r;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_MULTIPART_FILENAME_H_
+
diff --git a/src/variables/multipart_header_folding.h b/src/variables/multipart_header_folding.h
index d863bccd..6b155581 100644
--- a/src/variables/multipart_header_folding.h
+++ b/src/variables/multipart_header_folding.h
@@ -34,7 +34,8 @@ class MultipartHeaderFolding : public Variable {
     MultipartHeaderFolding()
         : Variable("MULTIPART_HEADER_FOLDING") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableMultipartHeaderFolding.evaluate(l);
     }
diff --git a/src/variables/multipart_invalid_header_folding.h b/src/variables/multipart_invalid_header_folding.h
index 97ef7f49..3a9bf7bc 100644
--- a/src/variables/multipart_invalid_header_folding.h
+++ b/src/variables/multipart_invalid_header_folding.h
@@ -34,7 +34,8 @@ class MultipartInvalidHeaderFolding : public Variable {
     MultipartInvalidHeaderFolding()
         : Variable("MULTIPART_INVALID_HEADER_FOLDING") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableMultipartInvalidHeaderFolding.evaluate(l);
     }
diff --git a/src/variables/multipart_invalid_quoting.h b/src/variables/multipart_invalid_quoting.h
index 3483ef4c..998914db 100644
--- a/src/variables/multipart_invalid_quoting.h
+++ b/src/variables/multipart_invalid_quoting.h
@@ -33,7 +33,8 @@ class MultipartInvalidQuoting : public Variable {
  public:
     MultipartInvalidQuoting()
         : Variable("MULTIPART_INVALID_QUOTING") { }
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableMultipartInvalidQuoting.evaluate(l);
     }
diff --git a/src/variables/multipart_name.h b/src/variables/multipart_name.h
new file mode 100644
index 00000000..276a8108
--- /dev/null
+++ b/src/variables/multipart_name.h
@@ -0,0 +1,83 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_MULTIPART_NAME_H_
+#define SRC_VARIABLES_MULTIPART_NAME_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+class MultiPartName_DictElement : public Variable {
+ public:
+    MultiPartName_DictElement(std::string dictElement)
+        : Variable("MULTIPART_NAME" + std::string(":") +
+            std::string(dictElement)),
+        m_dictElement(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableMultiPartName.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class MultiPartName_NoDictElement : public Variable {
+ public:
+    MultiPartName_NoDictElement()
+        : Variable("MULTIPART_NAME") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableMultiPartName.resolve(l);
+    }
+};
+
+
+class MultiPartName_DictElementRegexp : public Variable {
+ public:
+    MultiPartName_DictElementRegexp(std::string dictElement)
+        : Variable("MULTIPART_NAME"),
+        m_r(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_variableMultiPartName.resolveRegularExpression(
+            &m_r, l);
+    }
+
+    Utils::Regex m_r;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_MULTIPART_FILENAME_H_
+
diff --git a/src/variables/multipart_strict_error.h b/src/variables/multipart_strict_error.h
index 0373d516..08671179 100644
--- a/src/variables/multipart_strict_error.h
+++ b/src/variables/multipart_strict_error.h
@@ -34,7 +34,8 @@ class MultipartStrictError : public Variable {
     MultipartStrictError()
         : Variable("MULTIPART_STRICT_ERROR") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableMultipartStrictError.evaluate(l);
     }
diff --git a/src/variables/multipart_unmatched_boundary.h b/src/variables/multipart_unmatched_boundary.h
index 2cdeb6f5..c1dbcf33 100644
--- a/src/variables/multipart_unmatched_boundary.h
+++ b/src/variables/multipart_unmatched_boundary.h
@@ -34,7 +34,8 @@ class MultipartUnmatchedBoundary : public Variable {
     MultipartUnmatchedBoundary()
         : Variable("MULTIPART_UNMATCHED_BOUNDARY") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableMultipartUnmatchedBoundary.evaluate(l);
     }
diff --git a/src/variables/outbound_data_error.h b/src/variables/outbound_data_error.h
index 03c21aed..fc61befc 100644
--- a/src/variables/outbound_data_error.h
+++ b/src/variables/outbound_data_error.h
@@ -34,7 +34,8 @@ class OutboundDataError : public Variable {
     OutboundDataError()
         : Variable("OUTBOUND_DATA_ERROR") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableOutboundDataError.evaluate(l);
     }
diff --git a/src/variables/path_info.h b/src/variables/path_info.h
index a1a660c5..20b9c406 100644
--- a/src/variables/path_info.h
+++ b/src/variables/path_info.h
@@ -34,7 +34,8 @@ class PathInfo : public Variable {
     PathInfo()
         : Variable("PATH_INFO") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variablePathInfo.evaluate(l);
     }
diff --git a/src/variables/query_string.h b/src/variables/query_string.h
index 33086e06..66c9dfa7 100644
--- a/src/variables/query_string.h
+++ b/src/variables/query_string.h
@@ -34,7 +34,8 @@ class QueryString : public Variable {
     QueryString()
         : Variable("QUERY_STRING") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableQueryString.evaluate(l);
     }
diff --git a/src/variables/remote_addr.h b/src/variables/remote_addr.h
index 190313f5..20a67cfc 100644
--- a/src/variables/remote_addr.h
+++ b/src/variables/remote_addr.h
@@ -34,7 +34,8 @@ class RemoteAddr : public Variable {
     RemoteAddr()
         : Variable("REMOTE_ADDR") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableRemoteAddr.evaluate(l);
     }
diff --git a/src/variables/remote_host.h b/src/variables/remote_host.h
index 2edd4065..51ec32ff 100644
--- a/src/variables/remote_host.h
+++ b/src/variables/remote_host.h
@@ -34,7 +34,8 @@ class RemoteHost : public Variable {
     RemoteHost()
         : Variable("REMOTE_HOST") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableRemoteHost.evaluate(l);
     }
diff --git a/src/variables/remote_port.h b/src/variables/remote_port.h
index 0791889b..c42c94ca 100644
--- a/src/variables/remote_port.h
+++ b/src/variables/remote_port.h
@@ -34,7 +34,8 @@ class RemotePort : public Variable {
     RemotePort()
         : Variable("REMOTE_PORT") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableRemotePort.evaluate(l);
     }
diff --git a/src/variables/remote_user.cc b/src/variables/remote_user.cc
index f60b7953..4032134c 100644
--- a/src/variables/remote_user.cc
+++ b/src/variables/remote_user.cc
@@ -35,13 +35,14 @@ namespace modsecurity {
 namespace Variables {
 
 
-void RemoteUser::evaluateInternal(Transaction *transaction,
+void RemoteUser::evaluate(Transaction *transaction,
+    Rule *rule,
     std::vector<const collection::Variable *> *l) {
     size_t pos;
     std::string base64;
 
-    std::string *header = transaction->m_collections.resolveFirst(
-        "REQUEST_HEADERS:Authorization");
+    std::unique_ptr<std::string> header = std::move(transaction->m_variableRequestHeaders.resolveFirst(
+        "Authorization"));
 
     if (header == NULL) {
         return;
@@ -61,6 +62,7 @@ void RemoteUser::evaluateInternal(Transaction *transaction,
 
     l->push_back(new collection::Variable(&m_retName,
         &transaction->m_variableRemoteUser));
+
 }
 
 
diff --git a/src/variables/remote_user.h b/src/variables/remote_user.h
index 7f1b5441..2f63a255 100644
--- a/src/variables/remote_user.h
+++ b/src/variables/remote_user.h
@@ -36,7 +36,8 @@ class RemoteUser : public Variable {
         : Variable(_name),
         m_retName("REMOTE_USER") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) override;
     std::string m_retName;
 };
diff --git a/src/variables/reqbody_error.h b/src/variables/reqbody_error.h
index 15ee250b..f8644467 100644
--- a/src/variables/reqbody_error.h
+++ b/src/variables/reqbody_error.h
@@ -34,7 +34,8 @@ class ReqbodyError : public Variable {
     ReqbodyError()
         : Variable("REQBODY_ERROR") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableReqbodyError.evaluate(l);
     }
diff --git a/src/variables/reqbody_error_msg.h b/src/variables/reqbody_error_msg.h
index e06a17f4..e7c4d172 100644
--- a/src/variables/reqbody_error_msg.h
+++ b/src/variables/reqbody_error_msg.h
@@ -33,7 +33,8 @@ class ReqbodyErrorMsg : public Variable {
  public:
     ReqbodyErrorMsg()
         : Variable("REQBODY_ERROR_MSG") { }
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableReqbodyErrorMsg.evaluate(l);
     }
diff --git a/src/variables/reqbody_processor.h b/src/variables/reqbody_processor.h
index 2470b8e2..b9c08419 100644
--- a/src/variables/reqbody_processor.h
+++ b/src/variables/reqbody_processor.h
@@ -33,7 +33,8 @@ class ReqbodyProcessor : public Variable {
  public:
     ReqbodyProcessor()
         : Variable("REQBODY_PROCESSOR") { }
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableReqbodyProcessor.evaluate(l);
     }
diff --git a/src/variables/reqbody_processor_error.h b/src/variables/reqbody_processor_error.h
index 7a4819e2..f5757969 100644
--- a/src/variables/reqbody_processor_error.h
+++ b/src/variables/reqbody_processor_error.h
@@ -34,7 +34,8 @@ class ReqbodyProcessorError : public Variable {
     ReqbodyProcessorError()
         : Variable("REQBODY_PROCESSOR_ERROR") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableReqbodyProcessorError.evaluate(l);
     }
diff --git a/src/variables/reqbody_processor_error_msg.h b/src/variables/reqbody_processor_error_msg.h
index 77df065c..3fb213ea 100644
--- a/src/variables/reqbody_processor_error_msg.h
+++ b/src/variables/reqbody_processor_error_msg.h
@@ -34,7 +34,8 @@ class ReqbodyProcessorErrorMsg : public Variable {
     ReqbodyProcessorErrorMsg()
         : Variable("PROCESSOR_ERROR_MSG") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableReqbodyProcessorErrorMsg.evaluate(l);
     }
diff --git a/src/variables/request_base_name.h b/src/variables/request_base_name.h
index 9d777499..f65364fd 100644
--- a/src/variables/request_base_name.h
+++ b/src/variables/request_base_name.h
@@ -34,7 +34,8 @@ class RequestBasename : public Variable {
     RequestBasename()
         : Variable("REQUEST_BASENAME") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableRequestBasename.evaluate(l);
     }
diff --git a/src/variables/request_body.h b/src/variables/request_body.h
index e4329318..3126190d 100644
--- a/src/variables/request_body.h
+++ b/src/variables/request_body.h
@@ -33,7 +33,8 @@ class RequestBody : public Variable {
  public:
     RequestBody()
         : Variable("REQUEST_BODY") { }
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableRequestBody.evaluate(l);
     }
diff --git a/src/variables/request_body_length.h b/src/variables/request_body_length.h
index 7513e2c9..46bc4ae6 100644
--- a/src/variables/request_body_length.h
+++ b/src/variables/request_body_length.h
@@ -33,7 +33,8 @@ class RequestBodyLength : public Variable {
  public:
     RequestBodyLength()
         : Variable("REQUEST_BODY_LENGTH") { }
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableRequestBodyLength.evaluate(l);
     }
diff --git a/src/variables/request_cookies.h b/src/variables/request_cookies.h
new file mode 100644
index 00000000..60f96f1a
--- /dev/null
+++ b/src/variables/request_cookies.h
@@ -0,0 +1,83 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_REQUEST_COOKIES_H_
+#define SRC_VARIABLES_REQUEST_COOKIES_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+class RequestCookies_DictElement : public Variable {
+ public:
+    RequestCookies_DictElement(std::string dictElement)
+        : Variable("REQUEST_COOKIES" + std::string(":") +
+            std::string(dictElement)),
+        m_dictElement(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableRequestCookies.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class RequestCookies_NoDictElement : public Variable {
+ public:
+    RequestCookies_NoDictElement()
+        : Variable("REQUEST_COOKIES") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableRequestCookies.resolve(l);
+    }
+};
+
+
+class RequestCookies_DictElementRegexp : public Variable {
+ public:
+    RequestCookies_DictElementRegexp(std::string dictElement)
+        : Variable("REQUEST_COOKIES"),
+        m_r(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableRequestCookies.resolveRegularExpression(
+            &m_r, l);
+    }
+
+    Utils::Regex m_r;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_REQUEST_COOKIES_H_
+
diff --git a/src/variables/request_cookies_names.h b/src/variables/request_cookies_names.h
new file mode 100644
index 00000000..cdd3c71d
--- /dev/null
+++ b/src/variables/request_cookies_names.h
@@ -0,0 +1,83 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_REQUEST_COOKIES_NAMES_H_
+#define SRC_VARIABLES_REQUEST_COOKIES_NAMES_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+class RequestCookiesNames_DictElement : public Variable {
+ public:
+    RequestCookiesNames_DictElement(std::string dictElement)
+        : Variable("REQUEST_COOKIES_NAMES" + std::string(":") +
+            std::string(dictElement)),
+        m_dictElement(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableRequestCookiesNames.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class RequestCookiesNames_NoDictElement : public Variable {
+ public:
+    RequestCookiesNames_NoDictElement()
+        : Variable("REQUEST_COOKIES_NAMES") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableRequestCookiesNames.resolve(l);
+    }
+};
+
+
+class RequestCookiesNames_DictElementRegexp : public Variable {
+ public:
+    RequestCookiesNames_DictElementRegexp(std::string dictElement)
+        : Variable("REQUEST_COOKIES_NAMES"),
+        m_r(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_variableRequestCookiesNames.resolveRegularExpression(
+            &m_r, l);
+    }
+
+    Utils::Regex m_r;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_REQUEST_COOKIES_NAMES_H_
+
diff --git a/src/variables/request_file_name.h b/src/variables/request_file_name.h
index 00a5dc10..97a761c5 100644
--- a/src/variables/request_file_name.h
+++ b/src/variables/request_file_name.h
@@ -33,7 +33,8 @@ class RequestFilename : public Variable {
  public:
     RequestFilename()
         : Variable("REQUEST_FILENAME") { }
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableRequestFilename.evaluate(l);
     }
diff --git a/src/variables/request_headers.h b/src/variables/request_headers.h
new file mode 100644
index 00000000..94031f34
--- /dev/null
+++ b/src/variables/request_headers.h
@@ -0,0 +1,83 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_REQUEST_HEADERS_H_
+#define SRC_VARIABLES_REQUEST_HEADERS_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+class RequestHeaders_DictElement : public Variable {
+ public:
+    RequestHeaders_DictElement(std::string dictElement)
+        : Variable("REQUEST_HEADERS" + std::string(":") +
+            std::string(dictElement)),
+        m_dictElement(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableRequestHeaders.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class RequestHeaders_NoDictElement : public Variable {
+ public:
+    RequestHeaders_NoDictElement()
+        : Variable("REQUEST_HEADERS") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableRequestHeaders.resolve(l);
+    }
+};
+
+
+class RequestHeaders_DictElementRegexp : public Variable {
+ public:
+    RequestHeaders_DictElementRegexp(std::string dictElement)
+        : Variable("REQUEST_HEADERS"),
+        m_r(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_variableRequestHeaders.resolveRegularExpression(
+            &m_r, l);
+    }
+
+    Utils::Regex m_r;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_REQUEST_HEADERS_H_
+
diff --git a/src/variables/request_headers_names.h b/src/variables/request_headers_names.h
index d8dac632..67e6594b 100644
--- a/src/variables/request_headers_names.h
+++ b/src/variables/request_headers_names.h
@@ -33,7 +33,8 @@ class RequestHeadersNames : public Variable {
  public:
     RequestHeadersNames()
         : Variable("REQUEST_HEADERS_NAMES") { }
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableRequestHeadersNames.evaluate(l);
     }
diff --git a/src/variables/request_line.h b/src/variables/request_line.h
index 5706d4f5..1f954667 100644
--- a/src/variables/request_line.h
+++ b/src/variables/request_line.h
@@ -33,7 +33,8 @@ class RequestLine : public Variable {
  public:
     RequestLine()
         : Variable("REQUEST_LINE") { }
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableRequestLine.evaluate(l);
     }
diff --git a/src/variables/request_method.h b/src/variables/request_method.h
index b0c5b5fd..e3328b53 100644
--- a/src/variables/request_method.h
+++ b/src/variables/request_method.h
@@ -33,7 +33,8 @@ class RequestMethod : public Variable {
  public:
     RequestMethod()
         : Variable("REQUEST_METHOD") { }
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableRequestMethod.evaluate(l);
     }
diff --git a/src/variables/request_protocol.h b/src/variables/request_protocol.h
index 14392d02..360ca93f 100644
--- a/src/variables/request_protocol.h
+++ b/src/variables/request_protocol.h
@@ -33,7 +33,8 @@ class RequestProtocol : public Variable {
  public:
     RequestProtocol()
         : Variable("REQUEST_PROTOCOL") { }
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableRequestProtocol.evaluate(l);
     }
diff --git a/src/variables/request_uri.h b/src/variables/request_uri.h
index b4139fd8..48f34bd9 100644
--- a/src/variables/request_uri.h
+++ b/src/variables/request_uri.h
@@ -33,7 +33,8 @@ class RequestURI : public Variable {
  public:
     RequestURI()
         : Variable("REQUEST_URI") { }
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableRequestURI.evaluate(l);
     }
diff --git a/src/variables/request_uri_raw.h b/src/variables/request_uri_raw.h
index f2554f34..e1e12ec9 100644
--- a/src/variables/request_uri_raw.h
+++ b/src/variables/request_uri_raw.h
@@ -33,7 +33,8 @@ class RequestURIRaw : public Variable {
  public:
     RequestURIRaw()
         : Variable("REQUEST_URI_RAW") { }
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableRequestURIRaw.evaluate(l);
     }
diff --git a/src/variables/resource.h b/src/variables/resource.h
index b535ad78..8710216b 100644
--- a/src/variables/resource.h
+++ b/src/variables/resource.h
@@ -34,7 +34,8 @@ class Resource : public Variable {
     Resource()
         : Variable("RESOURCE") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableResource.evaluate(l);
     }
diff --git a/src/variables/response_body.h b/src/variables/response_body.h
index f5658e5f..2b1e569b 100644
--- a/src/variables/response_body.h
+++ b/src/variables/response_body.h
@@ -33,7 +33,8 @@ class ResponseBody : public Variable {
  public:
     ResponseBody()
         : Variable("RESPONSE_BODY") { }
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableResponseBody.evaluate(l);
     }
diff --git a/src/variables/response_content_length.h b/src/variables/response_content_length.h
index 7203459a..73f4573d 100644
--- a/src/variables/response_content_length.h
+++ b/src/variables/response_content_length.h
@@ -33,7 +33,8 @@ class ResponseContentLength : public Variable {
  public:
     ResponseContentLength()
         : Variable("RESPONSE_CONTENT_LENGTH") { }
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableResponseContentLength.evaluate(l);
     }
diff --git a/src/variables/response_content_type.h b/src/variables/response_content_type.h
index 8fc24ce2..ddff4b4f 100644
--- a/src/variables/response_content_type.h
+++ b/src/variables/response_content_type.h
@@ -33,7 +33,8 @@ class ResponseContentType : public Variable {
  public:
     ResponseContentType()
         : Variable("RESPONSE_CONTENT_TYPE") { }
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableResponseContentType.evaluate(l);
     }
diff --git a/src/variables/response_headers.h b/src/variables/response_headers.h
new file mode 100644
index 00000000..3df0f6a1
--- /dev/null
+++ b/src/variables/response_headers.h
@@ -0,0 +1,83 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_RESPONSE_HEADERS_H_
+#define SRC_VARIABLES_RESPONSE_HEADERS_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+class ResponseHeaders_DictElement : public Variable {
+ public:
+    ResponseHeaders_DictElement(std::string dictElement)
+        : Variable("RESPONSE_HEADERS" + std::string(":") +
+            std::string(dictElement)),
+        m_dictElement(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableResponseHeaders.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class ResponseHeaders_NoDictElement : public Variable {
+ public:
+    ResponseHeaders_NoDictElement()
+        : Variable("RESPONSE_HEADERS") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableResponseHeaders.resolve(l);
+    }
+};
+
+
+class ResponseHeaders_DictElementRegexp : public Variable {
+ public:
+    ResponseHeaders_DictElementRegexp(std::string dictElement)
+        : Variable("RESPONSE_HEADERS"),
+        m_r(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_variableResponseHeaders.resolveRegularExpression(
+            &m_r, l);
+    }
+
+    Utils::Regex m_r;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_RESPONSE_HEADERS_H_
+
diff --git a/src/variables/response_headers_names.h b/src/variables/response_headers_names.h
index 6c2c043f..31ff81d7 100644
--- a/src/variables/response_headers_names.h
+++ b/src/variables/response_headers_names.h
@@ -34,7 +34,8 @@ class ResponseHeadersNames : public Variable {
     ResponseHeadersNames()
         : Variable("RESPONSE_HEADERS_NAMES") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableResponseHeadersNames.evaluate(l);
     }
diff --git a/src/variables/response_protocol.h b/src/variables/response_protocol.h
index 4aa218ed..5180cdc1 100644
--- a/src/variables/response_protocol.h
+++ b/src/variables/response_protocol.h
@@ -33,7 +33,8 @@ class ResponseProtocol : public Variable {
  public:
     ResponseProtocol()
         : Variable("RESPONSE_PROTOCOL") { }
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableResponseProtocol.evaluate(l);
     }
diff --git a/src/variables/response_status.h b/src/variables/response_status.h
index 4bbab111..f3d4db39 100644
--- a/src/variables/response_status.h
+++ b/src/variables/response_status.h
@@ -33,7 +33,8 @@ class ResponseStatus : public Variable {
  public:
     ResponseStatus()
         : Variable("RESPONSE_STATUS") { }
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableResponseStatus.evaluate(l);
     }
diff --git a/src/variables/rule.cc b/src/variables/rule.cc
deleted file mode 100644
index e4cf4182..00000000
--- a/src/variables/rule.cc
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * ModSecurity, http://www.modsecurity.org/
- * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
- *
- * You may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * If any of the files related to licensing are missing or if you have any
- * other questions related to licensing please contact Trustwave Holdings, Inc.
- * directly using the email address security@modsecurity.org.
- *
- */
-
-#include "src/variables/rule.h"
-
-#include <time.h>
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <libxml/xmlschemas.h>
-#include <libxml/xpath.h>
-#include <libxml/tree.h>
-#include <libxml/parser.h>
-#include <libxml/xpathInternals.h>
-
-#include <iostream>
-#include <string>
-#include <vector>
-#include <list>
-#include <utility>
-#include <map>
-
-#include "modsecurity/transaction.h"
-#include "modsecurity/rules_properties.h"
-#include "modsecurity/rules.h"
-
-#include "src/request_body_processor/xml.h"
-#include "modsecurity/actions/action.h"
-#include "src/actions/severity.h"
-#include "src/actions/xmlns.h"
-#include "src/actions/log_data.h"
-#include "src/actions/msg.h"
-#include "src/utils/string.h"
-
-
-namespace modsecurity {
-namespace Variables {
-
-void Rule::evaluateInternal(Transaction *t,
-    modsecurity::Rule *rule,
-    std::vector<const collection::Variable *> *l) {
-    // Variable rule is now being saved as part of the transient collection.
-}
-
-}  // namespace Variables
-}  // namespace modsecurity
diff --git a/src/variables/rule.h b/src/variables/rule.h
index cf43a082..9c52e95c 100644
--- a/src/variables/rule.h
+++ b/src/variables/rule.h
@@ -27,14 +27,50 @@ namespace modsecurity {
 class Transaction;
 namespace Variables {
 
-class Rule : public Variable {
+class Rule_DictElement : public Variable {
  public:
-    explicit Rule(std::string _name)
-        : Variable(_name) { }
+    Rule_DictElement(std::string dictElement)
+        : Variable("RULE" + std::string(":") +
+            std::string(dictElement)),
+        m_dictElement(dictElement) { }
 
-    void evaluateInternal(Transaction *transaction,
-        modsecurity::Rule *rule,
-        std::vector<const collection::Variable *> *l) override;
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableRule.resolve(m_dictElement, l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class Rule_NoDictElement : public Variable {
+ public:
+    Rule_NoDictElement()
+        : Variable("RULE") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableRule.resolve(l);
+    }
+};
+
+
+class Rule_DictElementRegexp : public Variable {
+ public:
+    Rule_DictElementRegexp(std::string dictElement)
+        : Variable("RULE"),
+        m_r(dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_variableRule.resolveRegularExpression(
+            &m_r, l);
+    }
+
+    Utils::Regex m_r;
 };
 
 }  // namespace Variables
diff --git a/src/variables/server_addr.h b/src/variables/server_addr.h
index 7cb7bf41..420d8470 100644
--- a/src/variables/server_addr.h
+++ b/src/variables/server_addr.h
@@ -34,7 +34,8 @@ class ServerAddr : public Variable {
     ServerAddr()
         : Variable("SERVER_ADDR") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableServerAddr.evaluate(l);
     }
diff --git a/src/variables/server_name.h b/src/variables/server_name.h
index 9368e86a..4b56a380 100644
--- a/src/variables/server_name.h
+++ b/src/variables/server_name.h
@@ -34,7 +34,8 @@ class ServerName : public Variable {
     ServerName()
         : Variable("SERVER_NAME") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableServerName.evaluate(l);
     }
diff --git a/src/variables/server_port.h b/src/variables/server_port.h
index 3ba966da..22a6f56b 100644
--- a/src/variables/server_port.h
+++ b/src/variables/server_port.h
@@ -34,7 +34,8 @@ class ServerPort : public Variable {
     ServerPort()
         : Variable("SERVER_PORT") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableServerPort.evaluate(l);
     }
diff --git a/src/variables/session.h b/src/variables/session.h
new file mode 100644
index 00000000..8cf17202
--- /dev/null
+++ b/src/variables/session.h
@@ -0,0 +1,84 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_SESSION_H_
+#define SRC_VARIABLES_SESSION_H_
+
+#include "src/variables/variable.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+
+class Session_DictElement : public Variable {
+ public:
+    explicit Session_DictElement(std::string dictElement)
+        : Variable("SESSION"),
+        m_dictElement("SESSION:" + dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_collections.resolveMultiMatches(m_dictElement, "SESSION", l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class Session_NoDictElement : public Variable {
+ public:
+    explicit Session_NoDictElement()
+        : Variable("SESSION") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_collections.resolveMultiMatches(m_name, "SESSION", l);
+    }
+};
+
+
+class Session_DictElementRegexp : public Variable {
+ public:
+    Session_DictElementRegexp(std::string dictElement)
+        : Variable("SESSION"),
+        m_r(dictElement),
+        m_dictElement("SESSION:" + dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_collections.resolveRegularExpression(m_dictElement,
+            "SESSION", l);
+    }
+
+    Utils::Regex m_r;
+    std::string m_dictElement;
+};
+
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_SESSION_H_
diff --git a/src/variables/session_id.h b/src/variables/session_id.h
index 6b5f1aaa..6bbd8993 100644
--- a/src/variables/session_id.h
+++ b/src/variables/session_id.h
@@ -34,7 +34,8 @@ class SessionID : public Variable {
     SessionID()
         : Variable("SESSIONID") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableSessionID.evaluate(l);
     }
diff --git a/src/variables/variations/exclusion.cc b/src/variables/status.h
similarity index 62%
rename from src/variables/variations/exclusion.cc
rename to src/variables/status.h
index 52525f4d..466d6a93 100644
--- a/src/variables/variations/exclusion.cc
+++ b/src/variables/status.h
@@ -13,28 +13,35 @@
  *
  */
 
-#include "src/variables/variations/exclusion.h"
-
 #include <iostream>
 #include <string>
 #include <vector>
 #include <list>
 #include <utility>
 
-#include "modsecurity/transaction.h"
+#ifndef SRC_VARIABLES_STATUS_H_
+#define SRC_VARIABLES_STATUS_H_
 
+#include "src/variables/variable.h"
 
 namespace modsecurity {
+
+class Transaction;
 namespace Variables {
-namespace Variations {
 
+class Status : public Variable {
+ public:
+    Status()
+        : Variable("STATUS") { }
 
-void Exclusion::evaluateInternal(Transaction *transaction,
-    std::vector<const collection::Variable *> *l) {
-    transaction->m_collections.resolveMultiMatches(m_name, l);
-}
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        transaction->m_variableResponseStatus.evaluate(l);
+    }
+};
 
-
-}  // namespace Variations
 }  // namespace Variables
 }  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_STATUS_H_
diff --git a/src/variables/time.cc b/src/variables/time.cc
index fc639dc8..9f193032 100644
--- a/src/variables/time.cc
+++ b/src/variables/time.cc
@@ -33,7 +33,8 @@
 namespace modsecurity {
 namespace Variables {
 
-void Time::evaluateInternal(Transaction *transaction,
+void Time::evaluate(Transaction *transaction,
+    Rule *rule,
     std::vector<const collection::Variable *> *l) {
 
     char tstr[200];
diff --git a/src/variables/time.h b/src/variables/time.h
index c5a1e4e1..7747a84e 100644
--- a/src/variables/time.h
+++ b/src/variables/time.h
@@ -35,7 +35,8 @@ class Time : public Variable {
         : Variable(_name),
         m_retName("TIME") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) override;
     std::string m_retName;
 };
diff --git a/src/variables/time_day.cc b/src/variables/time_day.cc
index f69333d4..c67938f8 100644
--- a/src/variables/time_day.cc
+++ b/src/variables/time_day.cc
@@ -33,7 +33,8 @@
 namespace modsecurity {
 namespace Variables {
 
-void TimeDay::evaluateInternal(Transaction *transaction,
+void TimeDay::evaluate(Transaction *transaction,
+    Rule *rule,
     std::vector<const collection::Variable *> *l) {
     char tstr[200];
     struct tm timeinfo;
diff --git a/src/variables/time_day.h b/src/variables/time_day.h
index ce3a3479..492c61c0 100644
--- a/src/variables/time_day.h
+++ b/src/variables/time_day.h
@@ -34,7 +34,8 @@ class TimeDay : public Variable {
         : Variable(_name),
         m_retName("TIME_DAY") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) override;
     std::string m_retName;
 };
diff --git a/src/variables/time_epoch.cc b/src/variables/time_epoch.cc
index c4ea71d0..70e5fd20 100644
--- a/src/variables/time_epoch.cc
+++ b/src/variables/time_epoch.cc
@@ -33,7 +33,8 @@
 namespace modsecurity {
 namespace Variables {
 
-void TimeEpoch::evaluateInternal(Transaction *transaction,
+void TimeEpoch::evaluate(Transaction *transaction,
+    Rule *rule,
     std::vector<const collection::Variable *> *l) {
     transaction->m_variableTimeEpoch.assign(
         std::to_string(std::time(nullptr)));
diff --git a/src/variables/time_epoch.h b/src/variables/time_epoch.h
index 68234f83..c595629f 100644
--- a/src/variables/time_epoch.h
+++ b/src/variables/time_epoch.h
@@ -34,7 +34,8 @@ class TimeEpoch : public Variable {
         : Variable(_name),
         m_retName("TIME_EPOCH") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) override;
     std::string m_retName;
 };
diff --git a/src/variables/time_hour.cc b/src/variables/time_hour.cc
index 8d2fc1e2..9666f9fc 100644
--- a/src/variables/time_hour.cc
+++ b/src/variables/time_hour.cc
@@ -33,7 +33,8 @@
 namespace modsecurity {
 namespace Variables {
 
-void TimeHour::evaluateInternal(Transaction *transaction,
+void TimeHour::evaluate(Transaction *transaction,
+    Rule *rule,
     std::vector<const collection::Variable *> *l) {
     char tstr[200];
     struct tm timeinfo;
diff --git a/src/variables/time_hour.h b/src/variables/time_hour.h
index 9fa3434e..89341666 100644
--- a/src/variables/time_hour.h
+++ b/src/variables/time_hour.h
@@ -34,7 +34,8 @@ class TimeHour : public Variable {
         : Variable(_name),
         m_retName("TIME_HOUR") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) override;
     std::string m_retName;
 };
diff --git a/src/variables/time_min.cc b/src/variables/time_min.cc
index 7027c1b2..33395402 100644
--- a/src/variables/time_min.cc
+++ b/src/variables/time_min.cc
@@ -33,7 +33,8 @@
 namespace modsecurity {
 namespace Variables {
 
-void TimeMin::evaluateInternal(Transaction *transaction,
+void TimeMin::evaluate(Transaction *transaction,
+    Rule *rule,
     std::vector<const collection::Variable *> *l) {
     char tstr[200];
     struct tm timeinfo;
diff --git a/src/variables/time_min.h b/src/variables/time_min.h
index 4ec7b9bc..1c250fd1 100644
--- a/src/variables/time_min.h
+++ b/src/variables/time_min.h
@@ -34,7 +34,8 @@ class TimeMin : public Variable {
         : Variable(_name),
         m_retName("TIME_MIN") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) override;
     std::string m_retName;
 };
diff --git a/src/variables/time_mon.cc b/src/variables/time_mon.cc
index fc9a9ab5..5c2d5b87 100644
--- a/src/variables/time_mon.cc
+++ b/src/variables/time_mon.cc
@@ -33,7 +33,8 @@
 namespace modsecurity {
 namespace Variables {
 
-void TimeMon::evaluateInternal(Transaction *transaction,
+void TimeMon::evaluate(Transaction *transaction,
+    Rule *rule,
     std::vector<const collection::Variable *> *l) {
     char tstr[200];
     struct tm timeinfo;
diff --git a/src/variables/time_mon.h b/src/variables/time_mon.h
index aa4f50df..bb74fde2 100644
--- a/src/variables/time_mon.h
+++ b/src/variables/time_mon.h
@@ -34,7 +34,8 @@ class TimeMon : public Variable {
         : Variable(_name),
         m_retName("TIME_MON") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) override;
     std::string m_retName;
 };
diff --git a/src/variables/time_sec.cc b/src/variables/time_sec.cc
index 38e8f518..71484b99 100644
--- a/src/variables/time_sec.cc
+++ b/src/variables/time_sec.cc
@@ -33,7 +33,8 @@
 namespace modsecurity {
 namespace Variables {
 
-void TimeSec::evaluateInternal(Transaction *transaction,
+void TimeSec::evaluate(Transaction *transaction,
+    Rule *rule,
     std::vector<const collection::Variable *> *l) {
     char tstr[200];
     struct tm timeinfo;
diff --git a/src/variables/time_sec.h b/src/variables/time_sec.h
index d925019d..161d6936 100644
--- a/src/variables/time_sec.h
+++ b/src/variables/time_sec.h
@@ -34,7 +34,8 @@ class TimeSec : public Variable {
         : Variable(_name),
         m_retName("TIME_SEC") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) override;
     std::string m_retName;
 };
diff --git a/src/variables/time_wday.cc b/src/variables/time_wday.cc
index 22566a93..32ec6ee6 100644
--- a/src/variables/time_wday.cc
+++ b/src/variables/time_wday.cc
@@ -33,7 +33,8 @@
 namespace modsecurity {
 namespace Variables {
 
-void TimeWDay::evaluateInternal(Transaction *transaction,
+void TimeWDay::evaluate(Transaction *transaction,
+    Rule *rule,
     std::vector<const collection::Variable *> *l) {
     char tstr[200];
     struct tm timeinfo;
diff --git a/src/variables/time_wday.h b/src/variables/time_wday.h
index 92fd4960..6599c248 100644
--- a/src/variables/time_wday.h
+++ b/src/variables/time_wday.h
@@ -34,7 +34,8 @@ class TimeWDay : public Variable {
         : Variable(_name),
         m_retName("TIME_WDAY") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) override;
     std::string m_retName;
 };
diff --git a/src/variables/time_year.cc b/src/variables/time_year.cc
index e92b32f4..f38e27e7 100644
--- a/src/variables/time_year.cc
+++ b/src/variables/time_year.cc
@@ -33,7 +33,8 @@
 namespace modsecurity {
 namespace Variables {
 
-void TimeYear::evaluateInternal(Transaction *transaction,
+void TimeYear::evaluate(Transaction *transaction,
+    Rule *rule,
     std::vector<const collection::Variable *> *l) {
     char tstr[200];
     struct tm timeinfo;
diff --git a/src/variables/time_year.h b/src/variables/time_year.h
index a606de63..d833c5b2 100644
--- a/src/variables/time_year.h
+++ b/src/variables/time_year.h
@@ -34,7 +34,8 @@ class TimeYear : public Variable {
         : Variable(_name),
         m_retName("TIME_YEAR") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) override;
     std::string m_retName;
 };
diff --git a/src/variables/tx.cc b/src/variables/tx.cc
index 1ae263f6..f773412a 100644
--- a/src/variables/tx.cc
+++ b/src/variables/tx.cc
@@ -34,17 +34,6 @@ namespace modsecurity {
 namespace Variables {
 
 
-void Tx::evaluateInternal(Transaction *transaction,
-    std::vector<const collection::Variable *> *l) {
-    if (m_type == SingleMatch) {
-        transaction->m_collections.resolveSingleMatch(m_name, "TX", l);
-    } else if (m_type == MultipleMatches) {
-        transaction->m_collections.resolveMultiMatches(m_name, "TX", l);
-    } else if (m_type == RegularExpression) {
-        transaction->m_collections.resolveRegularExpression(m_name, "TX", l);
-    }
-}
-
 
 }  // namespace Variables
 }  // namespace modsecurity
diff --git a/src/variables/tx.h b/src/variables/tx.h
index 15c83a64..0976ccda 100644
--- a/src/variables/tx.h
+++ b/src/variables/tx.h
@@ -29,15 +29,55 @@ namespace modsecurity {
 class Transaction;
 namespace Variables {
 
-class Tx : public Variable {
- public:
-    explicit Tx(std::string _name)
-        : Variable(_name) { }
 
-    void evaluateInternal(Transaction *transaction,
-        std::vector<const collection::Variable *> *l) override;
+class Tx_DictElement : public Variable {
+ public:
+    explicit Tx_DictElement(std::string dictElement)
+        : Variable("TX"),
+        m_dictElement("TX:" + dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_collections.resolveMultiMatches(m_dictElement, "TX", l);
+    }
+
+    std::string m_dictElement;
 };
 
+
+class Tx_NoDictElement : public Variable {
+ public:
+    explicit Tx_NoDictElement()
+        : Variable("TX") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_collections.resolveMultiMatches(m_name, "TX", l);
+    }
+};
+
+
+class Tx_DictElementRegexp : public Variable {
+ public:
+    Tx_DictElementRegexp(std::string dictElement)
+        : Variable("TX"),
+        m_r(dictElement),
+        m_dictElement("TX:" + dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_collections.resolveRegularExpression(m_dictElement,
+            "TX", l);
+    }
+
+    Utils::Regex m_r;
+    std::string m_dictElement;
+};
+
+
 }  // namespace Variables
 }  // namespace modsecurity
 
diff --git a/src/variables/unique_id.h b/src/variables/unique_id.h
index f083f315..ffbf5bc9 100644
--- a/src/variables/unique_id.h
+++ b/src/variables/unique_id.h
@@ -34,7 +34,8 @@ class UniqueID : public Variable {
     UniqueID()
         : Variable("UNIQUEID") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableUniqueID.evaluate(l);
     }
diff --git a/src/variables/url_encoded_error.h b/src/variables/url_encoded_error.h
index 46353a07..b5ffdcde 100644
--- a/src/variables/url_encoded_error.h
+++ b/src/variables/url_encoded_error.h
@@ -34,7 +34,8 @@ class UrlEncodedError : public Variable {
     UrlEncodedError()
         : Variable("URLENCODED_ERROR") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableUrlEncodedError.evaluate(l);
     }
diff --git a/src/variables/user_id.h b/src/variables/user_id.h
index d40920d0..b14c6732 100644
--- a/src/variables/user_id.h
+++ b/src/variables/user_id.h
@@ -34,7 +34,8 @@ class UserID : public Variable {
     UserID()
         : Variable("USERID") { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l) {
         transaction->m_variableUserID.evaluate(l);
     }
diff --git a/src/variables/variable.cc b/src/variables/variable.cc
index 7a19f3ff..9a332317 100644
--- a/src/variables/variable.cc
+++ b/src/variables/variable.cc
@@ -21,13 +21,9 @@
 #include <list>
 
 #include "modsecurity/transaction.h"
-#include "src/variables/variations/exclusion.h"
 #include "src/utils/string.h"
 
 
-using modsecurity::Variables::Variations::Exclusion;
-
-
 namespace modsecurity {
 namespace Variables {
 
@@ -128,12 +124,14 @@ std::vector<const collection::Variable *> *
     Variable::evaluate(Transaction *transaction) {
     std::vector<const collection::Variable *> *l = NULL;
     l = new std::vector<const collection::Variable *>();
-    evaluate(transaction, l);
+    evaluate(transaction, NULL, l);
 
     return l;
 }
 
-void Variable::evaluateInternal(Transaction *transaction,
+
+void Variable::evaluate(Transaction *transaction,
+    Rule *rule,
     std::vector<const collection::Variable *> *l) {
     if (m_collectionName.empty() == false) {
         if (m_kind == CollectionVarible && m_type == MultipleMatches) {
@@ -158,9 +156,11 @@ void Variable::evaluateInternal(Transaction *transaction,
 }
 
 
-void Variable::evaluate(Transaction *transaction,
+void Variable::evaluateInternal(Transaction *transaction,
+    Rule *rule,
     std::vector<const collection::Variable *> *l) {
-    evaluateInternal(transaction, l);
+
+    evaluate(transaction, rule, l);
 }
 
 
@@ -170,7 +170,7 @@ std::string Variable::to_s(
     std::string except("");
     for (int i = 0; i < variables->size() ; i++) {
         std::string name = variables->at(i)->m_name;
-        Exclusion *e =  dynamic_cast<Exclusion *>(variables->at(i));
+        VariableModificatorExclusion *e =  dynamic_cast<VariableModificatorExclusion *>(variables->at(i));
         if (e != NULL) {
             if (except.empty()) {
                 except = except + name;
diff --git a/src/variables/variable.h b/src/variables/variable.h
index bd354b0c..fccb8a0e 100644
--- a/src/variables/variable.h
+++ b/src/variables/variable.h
@@ -19,6 +19,8 @@
 #include <utility>
 #include "modsecurity/transaction.h"
 #include "modsecurity/rule.h"
+#include "src/utils/string.h"
+#include "src/utils/regex.h"
 
 #ifndef SRC_VARIABLES_VARIABLE_H_
 #define SRC_VARIABLES_VARIABLE_H_
@@ -66,32 +68,21 @@ class Variable {
     Variable(std::string name, VariableKind kind);
     virtual ~Variable() { }
 
-    static std::string to_s(std::vector<Variable *> *variables);
-
 
     virtual std::vector<const collection::Variable *>
         *evaluate(Transaction *transaction);
 
 
-    virtual void evaluateInternal(Transaction *transaction,
+    virtual void evaluate(Transaction *transaction,
+        Rule *rule,
         std::vector<const collection::Variable *> *l);
 
+
     virtual void evaluateInternal(Transaction *transaction,
         Rule *rule,
-        std::vector<const collection::Variable *> *l) {
-        evaluateInternal(transaction, l);
-    }
-
-
-    virtual void evaluate(Transaction *transaction,
         std::vector<const collection::Variable *> *l);
 
-    virtual void evaluate(Transaction *transaction,
-        Rule *rule,
-        std::vector<const collection::Variable *> *l) {
-        evaluate(transaction, l);
-    }
-
+    static std::string to_s(std::vector<Variable *> *variables);
 
     std::string m_name;
     std::string m_collectionName;
@@ -103,6 +94,57 @@ class Variable {
 };
 
 
+class VariableModificatorExclusion : public Variable {
+ public:
+    VariableModificatorExclusion(std::unique_ptr<Variable> var)
+        : Variable(var->m_name),
+        m_var(std::move(var)) {
+            m_isExclusion = true;
+        }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        m_var->evaluate(transaction, rule, l);
+    }
+
+    std::unique_ptr<Variable> m_var;
+};
+
+
+class VariableModificatorCount : public Variable {
+ public:
+    VariableModificatorCount(std::unique_ptr<Variable> var)
+        : Variable(var->m_name),
+        m_var(std::move(var)) {
+            m_isCount = true;
+        }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        std::vector<const collection::Variable *> reslIn;
+        std::string *res = NULL;
+        collection::Variable *val = NULL;
+        int count = 0;
+
+        m_var->evaluate(transaction, rule, &reslIn);
+        for (auto &a : reslIn) {
+            count++;
+        }
+        res = new std::string(std::to_string(count));
+
+        val = new collection::Variable(&m_name, res);
+        val->m_dynamic_value = true;
+        val->m_dynamic = true;
+
+        l->push_back(val);
+        return;
+    }
+
+    std::unique_ptr<Variable> m_var;
+};
+
 }  // namespace Variables
 }  // namespace modsecurity
 
diff --git a/src/variables/variations/count.cc b/src/variables/variations/count.cc
deleted file mode 100644
index e11880e1..00000000
--- a/src/variables/variations/count.cc
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * ModSecurity, http://www.modsecurity.org/
- * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
- *
- * You may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * If any of the files related to licensing are missing or if you have any
- * other questions related to licensing please contact Trustwave Holdings, Inc.
- * directly using the email address security@modsecurity.org.
- *
- */
-
-#include "src/variables/variations/count.h"
-
-#include <iostream>
-#include <string>
-#include <vector>
-#include <list>
-#include <utility>
-
-#include "modsecurity/transaction.h"
-
-
-namespace modsecurity {
-namespace Variables {
-namespace Variations {
-
-
-void Count::evaluateInternal(Transaction *transaction,
-    std::vector<const collection::Variable *> *l) {
-    std::vector<const collection::Variable *> *reslIn;
-    int count = 0;
-
-    reslIn = var->evaluate(transaction);
-
-    for (auto &a : *reslIn) {
-        count++;
-    }
-
-    while (reslIn->empty() == false) {
-        delete reslIn->back();
-        reslIn->pop_back();
-    }
-    delete reslIn;
-
-    std::string *res = new std::string(std::to_string(count));
-
-    collection::Variable *val = new collection::Variable(&var->m_name,
-        res);
-    val->m_dynamic_value = true;
-
-    l->push_back(val);
-}
-
-
-}  // namespace Variations
-}  // namespace Variables
-}  // namespace modsecurity
diff --git a/src/variables/variations/count.h b/src/variables/variations/count.h
deleted file mode 100644
index 97ffbfa4..00000000
--- a/src/variables/variations/count.h
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * ModSecurity, http://www.modsecurity.org/
- * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
- *
- * You may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * If any of the files related to licensing are missing or if you have any
- * other questions related to licensing please contact Trustwave Holdings, Inc.
- * directly using the email address security@modsecurity.org.
- *
- */
-
-#include <vector>
-#include <string>
-#include <list>
-#include <utility>
-
-#ifndef SRC_VARIABLES_VARIATIONS_COUNT_H_
-#define SRC_VARIABLES_VARIATIONS_COUNT_H_
-
-#include "src/variables/variable.h"
-
-namespace modsecurity {
-
-class Transaction;
-namespace Variables {
-namespace Variations {
-
-class Count : public Variable {
- public:
-    explicit Count(Variable *v)
-        : Variable("count(" + v->m_name + ")"),
-        var(v) { }
-    virtual ~Count() { delete var; }
-
-    void evaluateInternal(Transaction *transaction,
-        std::vector<const collection::Variable *> *l) override;
-
-    Variable *var;
-};
-
-
-}  // namespace Variations
-}  // namespace Variables
-}  // namespace modsecurity
-
-#endif  // SRC_VARIABLES_VARIATIONS_COUNT_H_
diff --git a/src/variables/variations/exclusion.h b/src/variables/variations/exclusion.h
deleted file mode 100644
index bb1faa1a..00000000
--- a/src/variables/variations/exclusion.h
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * ModSecurity, http://www.modsecurity.org/
- * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
- *
- * You may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * If any of the files related to licensing are missing or if you have any
- * other questions related to licensing please contact Trustwave Holdings, Inc.
- * directly using the email address security@modsecurity.org.
- *
- */
-
-#include <vector>
-#include <string>
-#include <list>
-#include <utility>
-#include <iostream>
-
-#ifndef SRC_VARIABLES_VARIATIONS_EXCLUSION_H_
-#define SRC_VARIABLES_VARIATIONS_EXCLUSION_H_
-
-#include "src/variables/variable.h"
-
-namespace modsecurity {
-
-class Transaction;
-namespace Variables {
-namespace Variations {
-
-class Exclusion : public Variable {
- public:
-    explicit Exclusion(Variable *v)
-        : Variable(v->m_name),
-        var(v)
-        { m_isExclusion = true; }
-
-    virtual ~Exclusion() { delete var; }
-
-    void evaluateInternal(Transaction *transaction,
-        std::vector<const collection::Variable *> *l) override;
-
-    Variable *var;
-};
-
-
-}  // namespace Variations
-}  // namespace Variables
-}  // namespace modsecurity
-
-#endif  // SRC_VARIABLES_VARIATIONS_EXCLUSION_H_
diff --git a/src/variables/xml.cc b/src/variables/xml.cc
index 0124afec..7cfe18d8 100644
--- a/src/variables/xml.cc
+++ b/src/variables/xml.cc
@@ -44,7 +44,7 @@
 namespace modsecurity {
 namespace Variables {
 
-void XML::evaluateInternal(Transaction *t,
+void XML::evaluate(Transaction *t,
     Rule *rule,
     std::vector<const collection::Variable *> *l) {
     xmlXPathContextPtr xpathCtx;
@@ -55,6 +55,7 @@ void XML::evaluateInternal(Transaction *t,
     int i;
     size_t pos;
 
+    param = m_name;
     pos = m_name.find_first_of(":");
     if (pos == std::string::npos) {
         param = "";
@@ -69,19 +70,11 @@ void XML::evaluateInternal(Transaction *t,
         return;
     }
 
-    if (param.empty() == true) {
-        /* Invocation without an XPath expression makes sense
-         * with functions that manipulate the document tree.
-         */
-        l->push_back(new collection::Variable(&m_name, &m_plain));
-        return;
-    }
-
     /* Process the XPath expression. */
     xpathExpr = (const xmlChar*)param.c_str();
     xpathCtx = xmlXPathNewContext(t->m_xml->m_data.doc);
     if (xpathCtx == NULL) {
-        t->debug(1, "XML: Unable to create new XPath context.");
+        t->debug(1, "XML: Unable to create new XPath context. : ");
         return;
     }
 
diff --git a/src/variables/xml.h b/src/variables/xml.h
index ee2617d8..f2fe34e4 100644
--- a/src/variables/xml.h
+++ b/src/variables/xml.h
@@ -30,18 +30,42 @@ namespace modsecurity {
 class Transaction;
 namespace Variables {
 
+
+/* Invocation without an XPath expression makes sense
+ * with functions that manipulate the document tree.
+ */
+class XML_NoDictElement : public Variable {
+ public:
+    explicit XML_NoDictElement()
+        : Variable("XML"),
+        m_plain("[XML document tree]"),
+        m_var(&m_name, &m_plain) {
+            m_var.m_dynamic = false;
+            m_var.m_dynamic_value = false;
+        }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) {
+        l->push_back(&m_var);
+    }
+
+    std::string m_plain;
+    collection::Variable m_var;
+};
+
+
 class XML : public Variable {
  public:
     explicit XML(std::string _name)
-        : Variable(_name),
-        m_plain("[XML document tree]") { }
+        : Variable(_name) { }
 
-    void evaluateInternal(Transaction *transaction,
+    void evaluate(Transaction *transaction,
         Rule *rule,
         std::vector<const collection::Variable *> *l);
-    std::string m_plain;
 };
 
+
 }  // namespace Variables
 }  // namespace modsecurity
 
diff --git a/test/optimization/optimization.cc b/test/optimization/optimization.cc
index 0dd5b14c..0aab1ee1 100644
--- a/test/optimization/optimization.cc
+++ b/test/optimization/optimization.cc
@@ -84,8 +84,8 @@ int main(int argc, char **argv) {
             if (z == NULL) {
                 continue;
             }
-            if (z->op != NULL) {
-                std::string op = z->op->m_op;
+            if (z->m_op != NULL) {
+                std::string op = z->m_op->m_op;
                 if (operators.count(op) > 0) {
                     operators[op] = 1 + operators[op];
                 } else {
@@ -93,8 +93,8 @@ int main(int argc, char **argv) {
                 }
                 key = op;
             }
-            if (z->variables != NULL) {
-                std::string var = Variable::to_s(z->variables);
+            if (z->m_variables != NULL) {
+                std::string var = Variable::to_s(z->m_variables);
                 if (variables.count(var) > 0) {
                     variables[var] = 1 + variables[var];
                 } else {
@@ -102,7 +102,7 @@ int main(int argc, char **argv) {
                 }
                 key = key + var;
             }
-            if (z->variables != NULL && z->op != NULL) {
+            if (z->m_variables != NULL && z->m_op != NULL) {
                 if (op2var.count(key) > 0) {
                     op2var[key] = 1 + op2var[key];
                 } else {
diff --git a/test/test-cases/regression/config-calling_phases_by_name.json b/test/test-cases/regression/config-calling_phases_by_name.json
index 4cfe9a2b..8e1be359 100644
--- a/test/test-cases/regression/config-calling_phases_by_name.json
+++ b/test/test-cases/regression/config-calling_phases_by_name.json
@@ -71,7 +71,7 @@
       ]
     },
     "expected":{
-      "debug_log":"Target value: \"\" \\(Variable: MATCHED_VAR\\)"
+      "debug_log":"Target value: \"other_value\" \\(Variable: MATCHED_VAR\\)"
     },
     "rules":[
       "SecRuleEngine On",
diff --git a/test/test-cases/regression/secruleengine.json b/test/test-cases/regression/secruleengine.json
index b290becc..31d74ffe 100644
--- a/test/test-cases/regression/secruleengine.json
+++ b/test/test-cases/regression/secruleengine.json
@@ -34,7 +34,7 @@
     "version_min":300000,
     "title":"Testing Disruptive actions (3/n)",
     "expected":{
-      "debug_log": "_Not_ running .disruptive. action: block. SecRuleEngine is not On",
+      "debug_log": "Not running disruptive action: block. SecRuleEngine is not On",
       "http_code":200
     },
     "rules":[
diff --git a/test/test-cases/regression/variable-FULL_REQUEST.json b/test/test-cases/regression/variable-FULL_REQUEST.json
index ed426167..04b1267d 100644
--- a/test/test-cases/regression/variable-FULL_REQUEST.json
+++ b/test/test-cases/regression/variable-FULL_REQUEST.json
@@ -51,7 +51,7 @@
       ]
     },
     "expected":{  
-      "debug_log":"Expect: 100-continue\\x0aContent-Type: multipart/form-data; boundary=------------"
+      "debug_log":"Content-Type: multipart/form-data; boundary=------------"
     },
     "rules":[  
       "SecRuleEngine On",
diff --git a/test/test-cases/regression/variable-MATCHED_VAR.json b/test/test-cases/regression/variable-MATCHED_VAR.json
index 7903b76a..46ed401e 100644
--- a/test/test-cases/regression/variable-MATCHED_VAR.json
+++ b/test/test-cases/regression/variable-MATCHED_VAR.json
@@ -71,7 +71,7 @@
       ]
     },
     "expected":{
-      "debug_log":"Target value: \"\" \\(Variable: MATCHED_VAR\\)"
+      "debug_log":"Rule returned 0"
     },
     "rules":[
       "SecRuleEngine On",
diff --git a/test/test-cases/regression/variable-MULTIPART_FILENAME.json b/test/test-cases/regression/variable-MULTIPART_FILENAME.json
index 45e16553..1c54736a 100644
--- a/test/test-cases/regression/variable-MULTIPART_FILENAME.json
+++ b/test/test-cases/regression/variable-MULTIPART_FILENAME.json
@@ -51,7 +51,7 @@
       ]
     },
     "expected":{  
-      "debug_log":"Target value: \"small_text_file.txt\" \\(Variable: MULTIPART_FILENAME\\)"
+      "debug_log":"Target value: \"small_text_file.txt\" \\(Variable: MULTIPART_FILENAME"
     },
     "rules":[  
       "SecRuleEngine On",
@@ -110,7 +110,7 @@
       ]
     },
     "expected":{  
-      "debug_log":"Target value: \"small_text_file2.txt\" \\(Variable: MULTIPART_FILENAME\\)"
+      "debug_log":"Target value: \"small_text_file2.txt\" \\(Variable: MULTIPART_FILENAME"
     },
     "rules":[  
       "SecRuleEngine On",
diff --git a/test/test-cases/regression/variable-MULTIPART_NAME.json b/test/test-cases/regression/variable-MULTIPART_NAME.json
index 17bc5803..c4ee2b0c 100644
--- a/test/test-cases/regression/variable-MULTIPART_NAME.json
+++ b/test/test-cases/regression/variable-MULTIPART_NAME.json
@@ -51,7 +51,7 @@
       ]
     },
     "expected":{  
-      "debug_log":"Target value: \"filedata\" \\(Variable: MULTIPART_NAME\\)"
+      "debug_log":"Target value: \"filedata\" \\(Variable: MULTIPART_NAME"
     },
     "rules":[  
       "SecRuleEngine On",
@@ -110,7 +110,7 @@
       ]
     },
     "expected":{  
-      "debug_log":"Target value: \"filedata2\" \\(Variable: MULTIPART_NAME\\)"
+      "debug_log":"Target value: \"filedata2\" \\(Variable: MULTIPART_NAME"
     },
     "rules":[  
       "SecRuleEngine On",