Felipe Zimmerle
0a22f880dd
Adds support to custom operator's message in case of a match
2016-09-12 15:49:20 -03:00
Felipe Zimmerle
0e5f72977e
Changes MATCHED_VAR behaviour
...
Only cleanup the variable if there wasn't a match within the rule
2016-07-29 10:40:45 -07:00
Felipe Zimmerle
8416eca98b
Initializes m_maturity in the rule class
...
m_maturity was not initialized in one of the constructors of Rule
2016-07-18 16:19:53 -03:00
Felipe Zimmerle
d781b00f70
Fix the `log' action and the webserver error callback
2016-07-16 15:20:31 -03:00
Felipe Zimmerle
3d1d0514fd
Fix pass action behaviour: now only ingore actions within the same rule
...
More details on issue #1152
2016-07-01 11:01:51 -03:00
Felipe Zimmerle
9919026620
Fixes regarding memory management
...
Fixes assorted issues identified by valgrind.
2016-06-16 00:03:57 -03:00
Felipe Zimmerle
1f45d6cea8
Adds full support to the libxml action
...
Issue #1148
2016-05-18 09:47:30 -03:00
Felipe Zimmerle
a9e6716c6a
Variables are now receiving the rule instance as parameter
2016-05-17 15:47:50 -03:00
Felipe Zimmerle
8c714af8e1
Actions refactoring: now there is a clear definiation on the action name
2016-05-17 14:36:59 -03:00
Felipe Zimmerle
5643d2fa28
Warming up to the remote collections support
...
Huge refactoring to have the code in shape to later support the
remote collections with different backends.
2016-05-03 17:39:49 -03:00
Felipe Zimmerle
214cc15785
Cosmetics: Reduce the coding style warnings
2016-03-21 17:59:31 -03:00
Felipe Zimmerle
47a62b98bb
Saves `MATCHED_VAR' and related before execute the actions
...
Actions should have access to the MATCHED_VAR.
2016-02-18 20:02:28 -03:00
Felipe Zimmerle
1e3cafb734
Fix memory management on the rules' messages (try 2)
2016-02-17 13:32:31 -03:00
Felipe Zimmerle
163483e8d4
Fix memory management on the rules' messages
2016-02-16 23:30:14 -03:00
Felipe Zimmerle
ed8b0c85d7
Fix `capture' memory management
...
The capture action was implemented before the transaction concept.
While partially ported to use the transaction, some of the elements
were not freed correctly. Now it is fully ported to use the class
Transaction.
2016-02-16 23:24:15 -03:00
Felipe Zimmerle
8647d63e90
Fix m accuracy initialization inside the Rule class
2016-02-15 15:47:36 -03:00
Felipe Zimmerle
a2ffb36159
Adds "matched" line to the audit logs
2016-02-12 13:28:43 -03:00
Felipe Zimmerle
4bdb4ed63a
Fix chained rules execution order
2016-02-10 14:29:45 -03:00
Felipe Zimmerle
8143f8ea89
Adds support to the action `maturity'
2016-02-10 13:55:12 -03:00
Felipe Zimmerle
714df8db20
Adds support to the action `accuracy'
2016-02-10 13:35:02 -03:00
Felipe Zimmerle
77900ed4e2
Fix rules `messages' on the auditlog
2016-02-10 12:03:52 -03:00
Felipe Zimmerle
9474373264
General improvements on audit logs information
...
Making actions: msg, logdata, tag and others to work in the same
fashion that they work on ModSecurity v2.x
2016-02-05 15:19:53 -03:00
Felipe Zimmerle
a51e707517
Renames class Assay to Transaction
2016-01-13 15:57:00 -03:00
Felipe Zimmerle
fb3696ac04
Fix a few things to provide an easy interface for script bindings
2015-12-22 11:53:36 -03:00
Felipe Zimmerle
42ce0475b2
Coding style: changes the namespace in the comments
2015-12-10 13:20:32 -03:00
Felipe Zimmerle
ea636e80ee
Clarifies conditional by placing its parts into parentheses
2015-12-01 10:56:50 -03:00
Felipe Zimmerle
b5a43871e6
Changes library namespace from ModSecurity to modsecurity
2015-12-01 10:55:59 -03:00
Felipe Zimmerle
de79848285
Code cosmetics
2015-11-18 12:59:08 -03:00
Felipe Zimmerle
47233adf3b
Revert "Adds experimental operator cache"
...
This reverts commit 326696976fe0bb0f536a910d0038e8fe8bbdaa34.
2015-11-16 09:15:31 -08:00
Felipe Zimmerle
326696976f
Adds experimental operator cache
2015-11-06 10:46:46 -03:00
Felipe Zimmerle
5bef19aa4d
Variables resolution results now stored into a std::vector instead of std::list
2015-11-04 15:51:22 -03:00
Felipe Zimmerle
2ee5d4ca8f
Testing performance enhancements by enabling transformations cache
...
Also reduce the utilization of dynamic cast.
2015-11-04 00:28:04 -03:00
Felipe Zimmerle
e641c3cc17
Huge improve in the variables resolution time
2015-11-03 22:44:59 -03:00
Felipe Zimmerle
48704c27a9
Removes some memory leaks
2015-10-30 18:59:08 -03:00
Felipe Zimmerle
b6ae0585cd
Refactoring: Place m_variables inside Collections
2015-10-29 13:46:45 -03:00
Felipe Zimmerle
787be98122
Refactoring: Pass all the control over the variables to the Variables class
2015-10-28 20:53:19 -03:00
Felipe Zimmerle
776502e021
Refactoring: changes ModSecurityStringVar to transaction::Variable
...
Having the variables and collection in place before start to implement
persistent storage.
2015-10-28 13:53:07 -03:00
Felipe Zimmerle
7afc07914f
Cosmetics: Fix static analysis warnings
2015-10-27 13:58:32 -03:00
Felipe Zimmerle
59af8ab842
Cosmetics: fixed the coding style
2015-10-20 16:05:50 -03:00
Felipe Zimmerle
e54ef72051
Looks for external resources in the same path of the rule
2015-10-06 09:21:30 -03:00
Felipe Zimmerle
941b9e75c4
Adds support to rules with actions without quotes
2015-10-01 14:55:55 -03:00
Felipe Zimmerle
b497091017
Cosmetics: Fix coding style
2015-09-28 16:32:59 -03:00
Felipe Zimmerle
f93c0de940
Disable NO_LOGS by default
2015-09-24 11:55:14 -07:00
Felipe Zimmerle
076a02951c
Huge performance improvement: passing variables as pointers avoiding copies
2015-09-18 20:21:12 -03:00
Felipe Zimmerle
ed86c24df6
Adds checks for the NO_LOGS definition and improved the vars resolution time
2015-09-17 17:41:38 -03:00
Felipe Zimmerle
11e1a67d58
Fix disruptive action flow while RuleEngine is in DetectionOnly
2015-09-17 10:51:44 -03:00
Felipe Zimmerle
5228b685bf
Fix disruptive actions execution
2015-09-16 19:43:31 -03:00
Felipe Zimmerle
639ccf7ddc
Fix the rule execution debug log, so that tests won't complain
2015-09-16 15:16:04 -03:00
Felipe Zimmerle
320bcde89e
Adds rule number to the debug logs and printing expaded variables
2015-09-16 11:24:15 -03:00
Felipe Zimmerle
b1e845211c
Limits the variable size into the debuglogs and print it in hex if needed
2015-09-15 16:09:44 -03:00
