1005 Commits

Author	SHA1	Message	Date
WGH	1e14d6444b	Make all "rule id" variables of type RuleId ... Previously, ModSecurity inconsistently used RuleId, int and double for rule id variables in different places.	2020-08-07 13:49:32 -03:00
Felipe Zimmerle	d3512e5e1c	Makes RuleWithActions const in run time operations	2020-08-06 23:37:10 -03:00
Felipe Zimmerle	2408006227	Introduces ActionWithExecution	2020-08-06 23:37:07 -03:00
Felipe Zimmerle	dd5c23d992	Makes Lua::run const	2020-08-06 23:30:23 -03:00
Felipe Zimmerle	4fef31855c	Removes method isDisruptive from Action class	2020-08-06 23:30:20 -03:00
Felipe Zimmerle	d923c5e0b6	Action: make sure that null constructor is not used	2020-08-06 23:01:00 -03:00
Felipe Zimmerle	139bbf39c6	Computes auditlog during rules load time	2020-08-06 23:00:59 -03:00
Felipe Zimmerle	2c20f365e8	actions: Removes Rule parameter from runtime execute ... Generals organization on the Action class	2020-08-06 23:00:59 -03:00
Felipe Zimmerle	c7a78926ee	actions: Compute the rule association during rules load	2020-08-06 23:00:57 -03:00
Felipe Zimmerle	726f0b2b15	Replaces lower case implementation	2020-08-06 21:36:35 -03:00
Felipe Zimmerle	32e776daa9	Makes operator to use string_view	2020-08-06 21:36:11 -03:00
Felipe Zimmerle	ca26aee1ce	Improves rules dump for better testing	2020-08-06 21:34:49 -03:00
Felipe Zimmerle	8976e374f9	Better error handling when loading configurations	2020-08-06 21:34:49 -03:00
Felipe Zimmerle	7286395f45	Adds method getVariableNames to variables	2020-08-06 21:34:49 -03:00
Felipe Zimmerle	14260df49f	Cosmetics: Defining a type for RuleId	2020-08-06 21:34:49 -03:00
Felipe Zimmerle	5d2cdd2964	Moves rule* headers to src/	2020-08-06 21:34:49 -03:00
Felipe Zimmerle	3d27eff7cc	Cleanup on Action class	2020-08-06 21:34:49 -03:00
Felipe Zimmerle	710e2a7f30	Removes RuleMessage from action execute signature	2020-08-06 21:34:49 -03:00
Felipe Zimmerle	dd3801eba5	Refactoring: Makes transformations to work with new execute signature	2020-08-06 21:34:48 -03:00
Felipe Zimmerle	04deed0662	Cosmetics: fix some cppcheck complains	2020-08-06 21:34:45 -03:00
Felipe Zimmerle	b29cb45df0	Refactoring: rename evaluate to execute on actions	2020-08-06 21:33:12 -03:00
Felipe Zimmerle	23710f9bfb	Refactoring in the Rule class to make it more elegant	2020-08-06 21:33:11 -03:00
Felipe Zimmerle	8d6e6e246a	Rule: isMarker is no longer necessary	2020-08-06 21:33:11 -03:00
Felipe Zimmerle	e0dc84cba5	Adds new method for rule merge ... IMPORTANT: SecDefaultAction specified on a child configuration will overwrite the ones specified on the parent; Previously it was concatenating.	2020-08-06 21:33:08 -03:00
Felipe Zimmerle	9bd88ade84	parser: using GNU Bison 3.6.4	2020-08-06 21:31:37 -03:00
Felipe Zimmerle	5dd7860f95	Moves default actions to be part of the rules	2020-08-06 21:31:35 -03:00
Felipe Zimmerle	ae3ad5eaa7	cosmetics: Address some cppcheck complains	2020-08-06 19:02:00 -03:00
Andrei Belov	fe12385148	GeoIP: switch to GEOIP_MEMORY_CACHE from GEOIP_INDEX_CACHE ... Using GEOIP_INDEX_CACHE on some older versions of libGeoIP (e.g. 1.5.0 which is the default version on CentOS 7) leads to "Error reading file" error while opening completely valid GeoIP.dat: # cat test.c #include <stdio.h> #include "GeoIP.h" int main(void) { GeoIP *g; g = GeoIP_open("/tmp/GeoIP.dat", GEOIP_INDEX_CACHE); if (g == NULL) { printf("error!\n"); } GeoIP_delete(g); exit(0); } # cc -lGeoIP -o test test.c # ./test Error reading file /tmp/GeoIP.dat error! # sed -i -e 's,GEOIP_INDEX_CACHE,GEOIP_MEMORY_CACHE,' test.c # cc -lGeoIP -o test test.c # ./test # geoiplookup -f /tmp/GeoIP.dat -v 8.8.8.8 GeoIP Country Edition: GEO-106FREE 20180327 Build 1 Copyright (c) 2018 MaxMind Inc All Rights Reserved Also tested with recent GeoLite databases converted from new format into legacy format, distributed here: https://mailfud.org/geoip-legacy/	2020-07-30 13:48:40 -03:00
martinhsv	b9620c26a0	rx:exit after full match; fix TX population after unused group	2020-06-29 06:13:45 -07:00
Felipe Zimmerle	7e0bc26917	Using performLogging function	2020-03-31 15:20:15 -03:00
Felipe Zimmerle	7a48245aed	Creates RuleUnconditional ... Makes RuleScript child of RuleWithActions instead of Operator	2020-03-31 14:44:19 -03:00
Felipe Zimmerle	f63bd1a45d	Moves Rule[WithActions|WithOperator] to their own files	2020-03-31 13:33:38 -03:00
Felipe Zimmerle	8274be066a	Refactoring: Having RuleMarker in a separated file	2020-03-31 12:45:46 -03:00
Felipe Zimmerle	bdedfd2463	Refactoring: Renames RuleBase to Rule	2020-03-31 12:26:13 -03:00
Felipe Zimmerle	59d4268882	Refactoring: renames Rule to RuleWithOperator	2020-03-31 10:00:08 -03:00
Felipe Zimmerle	8eb7b8fe6c	Refactoring: Splits Rule into Rule and RuleWithActions	2020-03-30 20:22:37 -03:00
Felipe Zimmerle	43f8aee6b6	Splits Rule class into: Rule, RuleBase, RuleMarker	2020-03-30 20:21:36 -03:00
Felipe Zimmerle	fda03c0016	Yet another refactoring in Rule	2020-03-30 15:38:51 -03:00
Felipe Zimmerle	b66224853b	Refactoring in Rule: Meaningful structures name	2020-03-27 17:43:43 -03:00
Felipe Zimmerle	96849c07de	Makes action name a shared pointer	2020-03-27 16:13:15 -03:00
Felipe Zimmerle	9c526b3647	Avoids copy on the transformation operation	2020-03-27 16:12:55 -03:00
Felipe Zimmerle	8cfb289cea	Lets reserve some memory for rule message	2020-03-27 15:49:02 -03:00
Felipe Zimmerle	a609249d64	Makes m_id a shared pointer	2020-03-27 15:48:11 -03:00
Felipe Zimmerle	343b86c2a7	Makes m_fileName a shared pointer	2020-03-27 15:00:22 -03:00
Felipe Zimmerle	14b2bd77a0	Makes m_uri_no_query_string_decoded a shared pointer	2020-03-27 14:46:56 -03:00
Felipe Zimmerle	d7d5cd2a91	Makes m_serverIpAddress a shared pointer	2020-03-27 14:46:43 -03:00
Felipe Zimmerle	8df35deadb	Makes m_clientIpAddress a shared pointer	2020-03-27 14:22:20 -03:00
Felipe Zimmerle	f2f5c9c958	Removes reference counter from audit_log writer	2020-03-26 10:42:35 -03:00
Felipe Zimmerle	4b88fdc513	Removes reference counter from log write agent	2020-03-26 10:40:40 -03:00
Felipe Zimmerle	5ebfa5eacb	Removes referece count from audit logs	2020-03-26 10:38:55 -03:00