github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,494 Commits 55 Branches 109 Tags
Commit Graph

165 Commits

Author SHA1 Message Date
Felipe Zimmerle
0037a0732a Using RadixTree instead of list to storage IPs 
Used by the operator @ipMatch and variants, this structure storage all the IPs
addresses for later comparison. Last version was using RadixTree only if the
set of IPs was specified from files. IPs specified as parameters, was using
a chained list. Chained lists may affect the performance, since lookups in
worst case will be O(n). RadixTrees could provide better results depending
on the amount of elements and its contents.
 2014-03-31 16:22:10 -07:00
Felipe Zimmerle
b9fdc4fe3b Adds support to suspicious and whitelist to Read and Write limits 
The operators @ipMatch, @ipMatchF and @ipMatchFromFile were
added to the functions: SecReadStateLimit and SecReadStateLimit,
by using them it is possible to declare a suspicious list. When
a suspicious list is given, the {Read|Write}StateLimit will be
applied just to the IPs that belongs to that restricted list.
Note that the negative of those operators (e.g. !@ipMatch) can be
used to place a whitelist. The {Read|Write}StateLimit
restrictions will not be applied to those in the whitelist.
This current version the Sec{Read|Write}StateLimit can be used
varios times to add elements to both lists, however, the
last informed limit will be applied for the entire group. This
feature is experimental, and suggestions on how to improve it
are very welcome. For further discussion use the issue: #353.
 2014-03-31 16:22:10 -07:00
Nick Galbreath
74ec784005 libinjection sync 2013-12-18 04:19:02 +00:00
Breno Silva
0fc4142a31 Change strncpy to memcpy 2013-07-05 02:45:05 -07:00
Breno Silva
4064e74cca Fixed: Libjection 3.0.0 compilation errors 2013-06-19 11:05:59 -07:00
Nick Galbreath
c07b9a5362 libinjection v3.0.0pre21 take 2 2013-06-23 13:58:22 +09:00
Breno Silva
f003243d9c Merge pull request #106 from client9/remotes/trunk 
libinjection 2.0.0
 2013-05-27 06:08:03 -07:00
Nick Galbreath
3a3fda25f7 libinjection 2.0.0 2013-05-17 23:41:45 +09:00
Breno Silva
fed38c8107 Fixed: return msgs at detectSQLi 2013-05-08 16:22:47 -04:00
Breno Silva
db964c4223 Fixed: return msgs at detectSQLi 2013-05-08 05:57:06 -04:00
Breno Silva
aa18ec7f45 Updated copyright dates 2013-04-19 03:20:46 -04:00
Breno Silva
417d7daf20 Added Libjection 2013-04-18 22:51:07 -04:00
Breno Silva
3bd497946e Fixed: possible memory leak in rsub 2013-04-04 12:29:33 -04:00
Breno Silva
406d482009 Fix issue in ipmatchf 2013-01-21 00:43:53 -04:00
Breno Silva
3f6c14de59 Fixed msc_test crash using pcre jit in some platforms 2013-01-02 17:30:48 -04:00
Hideaki Hayashi
c98da92cf7 fixed bugs in cpf_verify 2012-12-07 16:59:26 -08:00
Breno Silva
fc45a3fe3b Fixed compilation issue under Windows when APR ipv6 is disabled 2012-12-01 08:21:04 -04:00
Breno Silva
c4e9dbaed7 added APR_HAVE_ARPA_INET_H pre-compile macro 2012-11-28 09:02:54 -04:00
Hideaki Hayashi
7beb244df3 fix for issues in ssn_verify such as infinite loop. 2012-11-12 16:56:09 -08:00
Hideaki Hayashi
9e6dddff8e handle invalid escape sequence passed to strmatch operator 2012-11-07 16:15:56 -08:00
Breno Silva
53d422e9de Change names of HMAC feature to HASH 2012-10-30 18:02:22 -04:00
brenosilva
781a506bc9 Added utf8toUnicode tfn 2012-08-24 17:02:13 +00:00
brenosilva
8d5131a186 Fixed some dereferenced pointers 2012-08-16 18:26:20 +00:00
brenosilva
221aba605f Fixed some dereferenced 2012-08-16 18:12:46 +00:00
brenosilva
fc8edbb462 Fixed check if s->name & value is NULL 2012-08-16 13:10:20 +00:00
brenosilva
3bb931e188 Fix warnings 2012-06-17 13:32:07 +00:00
brenosilva
81b74ba633 Fix code for windows 2012-06-16 19:33:22 +00:00
brenosilva
d88a24da1f fix rsub input parsing and add maturity, ver and accuracy actions 2012-06-04 15:29:51 +00:00
brenosilva
14156d831b Add ipmatchFromfile 2012-06-01 20:26:51 +00:00
brenosilva
866cb6d6b4 Update trunk for 2.7 2012-05-10 23:18:39 +00:00
brenosilva
f92f8219d4 fix stream vars memory leak 2011-12-05 17:01:51 +00:00
brenosilva
9cbc44eea8 Fix PCRE jit issue when not enable jit in configure 2011-10-24 11:52:12 +00:00
brenosilva
3cb5edde27 Add extra debug info for pcre jit 2011-10-22 19:00:26 +00:00
brenosilva
b0e9468d6e MODSEC-249 2011-08-31 16:53:11 +00:00
brenosilva
5cacf63b3e MODSEC-142 2011-07-22 13:22:30 +00:00
brenosilva
78880129b5 Fix urbl whitelist msg 2011-07-19 18:25:05 +00:00
brenosilva
6c89afcf7d MODSEC-211 2011-07-11 21:09:28 +00:00
brenosilva
ad168c801d Only reinject stream if data is changed by rsub 2011-06-15 14:38:42 +00:00
brenosilva
06dd5907b6 Build and code fixes 2011-06-14 15:01:17 +00:00
brenosilva
646564cd4f Renaming GSB functions 2011-05-31 02:05:19 +00:00
brenosilva
50293aef95 Add domain to tx.1 whe gsblookup matchs 2011-05-10 16:18:08 +00:00
brenosilva
21dcfde3ca Remove unused defines 2011-04-29 23:15:53 +00:00
brenosilva
6b7edc4d47 Fixes, code cleanups, improvements 2011-04-27 15:58:22 +00:00
brenosilva
123018cfcc Rewriting parser for gsblookup 2011-04-26 20:10:55 +00:00
brenosilva
ab339c7b11 Rewriting parser for gsblookup 2011-04-26 18:21:39 +00:00
brenosilva
8c8c583dec Rewriting parser for gsblookup 2011-04-26 17:55:41 +00:00
brenosilva
5328bcdea6 Rewriting parser for gsblookup 2011-04-26 17:15:20 +00:00
brenosilva
3ed70ea176 Rewriting parser for gsblookup 2011-04-26 16:44:09 +00:00
brenosilva
0eb1f68dae Improvements on gsblookup - reduce multiple slashes 2011-04-26 14:23:33 +00:00
brenosilva
ab8c7e6f48 Improvements on gsblookup 2011-04-26 02:57:24 +00:00