Felipe Zimmerle
|
0096b17787
|
Using a custom VariableMatch* implementation
Delay the variable name resolution till last minute.
Fix one of the issues raised in #2376
|
2020-11-22 11:07:19 -03:00 |
|
Felipe Zimmerle
|
cf4f1b776b
|
Avoids to cleanup GeoIp on ModSecurity destructor
GeoIp is already being cleaned elsewhere.
Fix #2041
|
2020-11-17 22:53:23 -03:00 |
|
martinhsv
|
a6fe74d1af
|
Fix memory leak of RuleMessages objects
|
2020-11-16 10:01:43 -03:00 |
|
martinhsv
|
65ced72918
|
Produce not-supported error for ctl:forceRequestBodyVariable, ctl:auditEngine
|
2020-11-16 10:01:43 -03:00 |
|
martinhsv
|
b83d1f1d06
|
Implement id ranges for ctl:ruleRemoveTargetById
|
2020-11-16 10:01:43 -03:00 |
|
WGH
|
85b9e36d0b
|
Remove unnecessary copying in transformations
In C++11, string data is always null-terminated[1], and can be
freely modified[2].
[1] https://stackoverflow.com/questions/6077189/will-stdstring-always-be-null-terminated-in-c11
[2] https://stackoverflow.com/questions/38875623/is-it-permitted-to-modify-the-internal-stdstring-buffer-returned-by-operator
|
2020-11-16 10:01:41 -03:00 |
|
Felipe Zimmerle
|
e9adb6c68f
|
Computes auditlog during rules load time
|
2020-11-16 10:01:40 -03:00 |
|
Felipe Zimmerle
|
c90325062b
|
actions: Removes Rule parameter from runtime execute
Generals organization on the Action class
|
2020-11-16 10:01:40 -03:00 |
|
Felipe Zimmerle
|
2ee9ccffa9
|
actions: Compute the rule association during rules load
|
2020-11-16 10:01:40 -03:00 |
|
Felipe Zimmerle
|
7095b7db27
|
tests: Prints test number on segfault
|
2020-11-16 10:01:40 -03:00 |
|
Felipe Zimmerle
|
f945086ec4
|
Replaces lower case implementation
|
2020-11-16 10:01:40 -03:00 |
|
Felipe Zimmerle
|
d5158f1afc
|
Improves rules dump for better testing
|
2020-11-16 10:01:39 -03:00 |
|
Felipe Zimmerle
|
46acbd81a0
|
Better error handling when loading configurations
|
2020-11-16 10:01:39 -03:00 |
|
Felipe Zimmerle
|
1518015687
|
Adds new method for rule merge
IMPORTANT: SecDefaultAction specified on a child configuration will
overwrite the ones specified on the parent; Previously it was
concatenating.
|
2020-11-16 10:01:38 -03:00 |
|
Felipe Zimmerle
|
73c3731c9d
|
Moves default actions to be part of the rules
|
2020-11-16 10:01:38 -03:00 |
|
martinhsv
|
d799f0fb1a
|
Fix: FILES variable does not use multipart part name for key
|
2020-11-16 10:01:37 -03:00 |
|
marshal09
|
9973d81799
|
Add new transformation call phpArgsNames
|
2020-11-16 10:01:37 -03:00 |
|
martinhsv
|
d72be1c470
|
Fix: Only delete Multipart tmp files after rules have run
|
2020-11-04 13:50:07 -03:00 |
|
Michael Granzow
|
1b7aa42c77
|
Issue-2423: Meta-actions like 'msg' should be applied at end of chain
|
2020-10-29 10:33:02 -03:00 |
|
martinhsv
|
2672db103e
|
Add support for new operator rxGlobal
|
2020-10-26 08:55:07 -03:00 |
|
Felipe Zimmerle
|
785958f9b5
|
Fix maxminddb link on FreeBSD
Issue #2131
|
2020-10-23 14:44:54 -03:00 |
|
martinhsv
|
8436c78993
|
Fix IP address logging in Section A
|
2020-10-16 13:14:42 -07:00 |
|
Felipe Zimmerle
|
9e6d8b7bbc
|
CHANGES: Adds support to lua 5.4
|
2020-08-17 11:35:51 -03:00 |
|
Felipe Zimmerle
|
51d06d7a8e
|
CHANGES: Adds info about #2378
|
2020-07-30 13:51:33 -03:00 |
|
martinhsv
|
b9620c26a0
|
rx:exit after full match; fix TX population after unused group
|
2020-06-29 06:13:45 -07:00 |
|
martinhsv
|
07ce43cceb
|
Correct CHANGES file entry for #2234
|
2020-06-18 07:12:25 -07:00 |
|
martinhsv
|
a1547eaa32
|
Regression tests: audit log compare support and test cases
|
2020-03-31 15:01:26 -03:00 |
|
martinhsv
|
f57265a3e2
|
Support configurable limit on number of arguments processed
|
2020-02-14 11:00:01 -03:00 |
|
martinhsv
|
136db3e582
|
Multipart Content-Disposition should allow filename* field
|
2020-02-11 10:29:38 -03:00 |
|
martinhsv
|
1b1fdc055b
|
Fix rule-update-target exclusions for plain (non-regex) variables
|
2020-02-11 09:42:37 -03:00 |
|
Felipe Zimmerle
|
f7e4c1d9f5
|
CHANGES: Adds info about #2235
|
2020-02-04 11:05:33 -03:00 |
|
Felipe Zimmerle
|
2b09e7e01d
|
CHANGES: Adds info about #2253
|
2020-02-04 10:53:22 -03:00 |
|
Felipe Zimmerle
|
7c6bf810e4
|
CHANGES: Preparing to 3.0.4+
|
2020-01-14 11:02:44 -03:00 |
|
Felipe Zimmerle
|
753145fbd1
|
Change release version to v3.0.4
|
2020-01-10 09:32:41 -03:00 |
|
martinhsv
|
0470168056
|
Fix: audit log data omitted when nolog,auditlog
|
2020-01-07 11:16:07 -03:00 |
|
root
|
6624a18a4e
|
Fixed inspectFile operator does not pass FILES_TMPNAMES
pass FILES_TMPNAMES variable to lua engine Fixed Lua engine
should also be aware of the variable and pass it to the target
lua script main function
|
2019-11-26 08:40:53 -03:00 |
|
Felipe Zimmerle
|
05e9e7cf31
|
XML: Remove error messages from stderr
|
2019-11-25 09:27:11 -03:00 |
|
Felipe Zimmerle
|
42a16c71cf
|
CHANGES: Adds info about #1645
|
2019-11-22 14:49:50 -03:00 |
|
martinhsv
|
ea7cacf289
|
Additional adjustment to Cookie header parsing
|
2019-11-21 16:50:27 -03:00 |
|
martinhsv
|
6395fe07ce
|
Restore chained rule logging to be more like 2.9
|
2019-11-21 08:21:59 -03:00 |
|
Ervin Hegedus
|
038522ad9b
|
Small fixes in log messages to help debugging
|
2019-11-20 15:24:30 -03:00 |
|
martinhsv
|
b8160cce6b
|
Fix Cookie header parsing issues
|
2019-11-20 08:51:06 -03:00 |
|
martinhsv
|
199a9db3e2
|
Fix nolog rules logging to part H
|
2019-11-11 13:50:44 -03:00 |
|
martinhsv
|
9cac167faf
|
Fix argument key-value pair parsing cases
|
2019-11-05 13:06:29 -03:00 |
|
martinhsv
|
68c995ca98
|
Fix: audit log part for response body for JSON format to be E
|
2019-10-25 09:51:26 -03:00 |
|
Victor Hora
|
d4dc3dbf2a
|
Make sure m_rulesMessages is filled after successfull match
|
2019-10-16 09:40:04 -03:00 |
|
Felipe Zimmerle
|
beedddd6c6
|
Fix @pm lookup for possible matches on offset zero
|
2019-10-02 08:05:14 -07:00 |
|
Felipe Zimmerle
|
341a5d01e1
|
CHANGES: Regex lookup on the key name instead of COLLECTION:key
|
2019-06-26 11:01:43 -03:00 |
|
Felipe Zimmerle
|
74eee9330b
|
CHANGES: Adds info about #2106
|
2019-06-17 14:57:13 -03:00 |
|
Felipe Zimmerle
|
cbd15ec138
|
CHANGES: Adds info about #2113, #2111
|
2019-06-04 10:30:19 -03:00 |
|