986 Commits

Author SHA1 Message Date
Michael Granzow
1b7aa42c77
Issue-2423: Meta-actions like 'msg' should be applied at end of chain 2020-10-29 10:33:02 -03:00
martinhsv
2672db103e
Add support for new operator rxGlobal 2020-10-26 08:55:07 -03:00
Felipe Zimmerle
4b425850cf
Cosmetics: fix cppcheck warnings 2020-10-23 08:29:07 -03:00
martinhsv
8436c78993
Fix IP address logging in Section A 2020-10-16 13:14:42 -07:00
Felipe Zimmerle
995f22b3ce
Having Bison 3.7.2 2020-10-14 13:58:37 -03:00
Felipe Zimmerle
377fb723ca
Makes lua 5.1 workable again
Issue #2389
2020-09-21 10:04:40 -03:00
Felipe Zimmerle
8c85b78361
Adds support to lua 5.4 2020-08-17 11:08:03 -03:00
Felipe Zimmerle
ae3ad5eaa7
cosmetics: Address some cppcheck complains 2020-08-06 19:02:00 -03:00
Andrei Belov
fe12385148 GeoIP: switch to GEOIP_MEMORY_CACHE from GEOIP_INDEX_CACHE
Using GEOIP_INDEX_CACHE on some older versions of libGeoIP (e.g. 1.5.0
which is the default version on CentOS 7) leads to "Error reading file"
error while opening completely valid GeoIP.dat:

    # cat test.c
    #include <stdio.h>
    #include "GeoIP.h"

    int main(void) {
      GeoIP *g;

      g = GeoIP_open("/tmp/GeoIP.dat", GEOIP_INDEX_CACHE);

      if (g == NULL) {
        printf("error!\n");
      }

      GeoIP_delete(g);

      exit(0);
    }
    # cc -lGeoIP -o test test.c
    # ./test
    Error reading file /tmp/GeoIP.dat
    error!
    # sed -i -e 's,GEOIP_INDEX_CACHE,GEOIP_MEMORY_CACHE,' test.c
    # cc -lGeoIP -o test test.c
    # ./test
    # geoiplookup -f /tmp/GeoIP.dat -v 8.8.8.8
    GeoIP Country Edition: GEO-106FREE 20180327 Build 1 Copyright (c) 2018 MaxMind Inc All Rights Reserved

Also tested with recent GeoLite databases converted from new format
into legacy format, distributed here:

    https://mailfud.org/geoip-legacy/
2020-07-30 13:48:40 -03:00
martinhsv
b9620c26a0
rx:exit after full match; fix TX population after unused group 2020-06-29 06:13:45 -07:00
Felipe Zimmerle
7e0bc26917
Using performLogging function 2020-03-31 15:20:15 -03:00
Felipe Zimmerle
7a48245aed
Creates RuleUnconditional
Makes RuleScript child of RuleWithActions instead of Operator
2020-03-31 14:44:19 -03:00
Felipe Zimmerle
f63bd1a45d
Moves Rule[WithActions|WithOperator] to their own files 2020-03-31 13:33:38 -03:00
Felipe Zimmerle
8274be066a
Refactoring: Having RuleMarker in a separated file 2020-03-31 12:45:46 -03:00
Felipe Zimmerle
bdedfd2463
Refactoring: Renames RuleBase to Rule 2020-03-31 12:26:13 -03:00
Felipe Zimmerle
59d4268882
Refactoring: renames Rule to RuleWithOperator 2020-03-31 10:00:08 -03:00
Felipe Zimmerle
8eb7b8fe6c
Refactoring: Splits Rule into Rule and RuleWithActions 2020-03-30 20:22:37 -03:00
Felipe Zimmerle
43f8aee6b6
Splits Rule class into: Rule, RuleBase, RuleMarker 2020-03-30 20:21:36 -03:00
Felipe Zimmerle
fda03c0016
Yet another refactoring in Rule 2020-03-30 15:38:51 -03:00
Felipe Zimmerle
b66224853b
Refactoring in Rule: Meaningful structures name 2020-03-27 17:43:43 -03:00
Felipe Zimmerle
96849c07de
Makes action name a shared pointer 2020-03-27 16:13:15 -03:00
Felipe Zimmerle
9c526b3647
Avoids copy on the transformation operation 2020-03-27 16:12:55 -03:00
Felipe Zimmerle
8cfb289cea
Lets reserve some memory for rule message 2020-03-27 15:49:02 -03:00
Felipe Zimmerle
a609249d64
Makes m_id a shared pointer 2020-03-27 15:48:11 -03:00
Felipe Zimmerle
343b86c2a7
Makes m_fileName a shared pointer 2020-03-27 15:00:22 -03:00
Felipe Zimmerle
14b2bd77a0
Makes m_uri_no_query_string_decoded a shared pointer 2020-03-27 14:46:56 -03:00
Felipe Zimmerle
d7d5cd2a91
Makes m_serverIpAddress a shared pointer 2020-03-27 14:46:43 -03:00
Felipe Zimmerle
8df35deadb
Makes m_clientIpAddress a shared pointer 2020-03-27 14:22:20 -03:00
Felipe Zimmerle
f2f5c9c958
Removes reference counter from audit_log writer 2020-03-26 10:42:35 -03:00
Felipe Zimmerle
4b88fdc513
Removes reference counter from log write agent 2020-03-26 10:40:40 -03:00
Felipe Zimmerle
5ebfa5eacb
Removes referece count from audit logs 2020-03-26 10:38:55 -03:00
Felipe Zimmerle
6b0ad8049a
Having default actions as o shared pointer 2020-03-26 09:59:57 -03:00
Felipe Zimmerle
9d158611cf
Makes Rule a shared pointer 2020-03-25 16:11:23 -03:00
Felipe Zimmerle
f1d22f9b02
Fix version check 2020-03-24 17:20:22 -03:00
Felipe Zimmerle
6367e6d5e9
Having a class Rules 2020-03-24 17:20:10 -03:00
Felipe Zimmerle
fb7714f202
Creates class RulesSetPhases 2020-03-24 14:00:28 -03:00
Felipe Zimmerle
88789a577f
parser: Using bison 3.5.2 2020-03-11 14:21:11 -03:00
Felipe Zimmerle
1e26bf2078
Revert "Creates the RulesSetPhases clas"
This reverts commit 072e4edc53e388fdf64a5eb9d4317544a1c8ada6.
2020-03-11 08:17:56 -03:00
Felipe Zimmerle
072e4edc53
Creates the RulesSetPhases clas 2020-03-05 07:13:02 -03:00
Felipe Zimmerle
6a742cdf76
Refactoring: Renames RulesProperties to RulesSetProperties 2020-02-17 13:17:03 -03:00
martinhsv
f57265a3e2
Support configurable limit on number of arguments processed 2020-02-14 11:00:01 -03:00
Felipe Zimmerle
4e9ba44d03
build: Keep the installation of rules.h 2020-02-13 09:16:35 -03:00
Felipe Zimmerle
22ec307739
Fix 7495675d540b3b3ccce681773205a4fe34daeb64 2020-02-12 08:56:03 -03:00
Felipe Zimmerle
7495675d54
Refactoring: Renames Rules to RulesSet
RulesSet does not only contain rules but alse properties
2020-02-11 14:26:47 -03:00
Felipe Zimmerle
0c3e8b6b59
parser: cosmetics: makes it easy to read 2020-02-11 13:10:49 -03:00
Felipe Zimmerle
6a0df8ca5c
parser: new bison version 2020-02-11 11:15:09 -03:00
martinhsv
136db3e582
Multipart Content-Disposition should allow filename* field 2020-02-11 10:29:38 -03:00
martinhsv
1b1fdc055b
Fix rule-update-target exclusions for plain (non-regex) variables 2020-02-11 09:42:37 -03:00
Felipe Zimmerle
357c140003
Changens copyright year 2020-01-31 10:32:37 -03:00
Felipe Zimmerle
fe98ce4c7d
Cosmetics: address cppcheck warnings 2020-01-30 18:19:34 -03:00