github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,870 Commits 55 Branches 109 Tags
Commit Graph

76 Commits

Author SHA1 Message Date
Felipe Zimmerle
8255ce86ca Adds reference to filename and line number to lexer errors 2015-09-30 14:36:33 -03:00
Felipe Zimmerle
900af2cd48 Adds possibility to use include with wildcards and env vars 2015-09-29 14:06:13 -07:00
Felipe Zimmerle
cb9524ffd7 Adds support to collection in the parser 2015-09-29 13:14:36 -07:00
Felipe Zimmerle
d084ab5f2d Fix the "line counting" on parser errors 2015-09-29 12:22:23 -03:00
Felipe Zimmerle
70e2a4b379 Adds support to include path between quotes 2015-09-29 10:43:28 -03:00
Felipe Zimmerle
c425b24ffb Extends redirect action to support url without quotes 2015-09-15 18:25:15 -03:00
Felipe Zimmerle
2a8f45b895 Adds transformations removeComments and replaceComments to the seclang parsers 2015-09-11 12:41:09 -03:00
Felipe Zimmerle
3c53869915 Adds transformation normalisePath to seclang parser 2015-09-09 23:02:07 -03:00
Felipe Zimmerle
92563da930 Adds t:utf8toUnicode and variable XML to the seclang parser 2015-09-09 22:51:19 -03:00
Felipe Zimmerle
736183b7f1 Adds ctl:forceRequestBodyVariable to the seclang parser 2015-09-09 22:43:18 -03:00
Felipe Zimmerle
4095ae7b52 Adds action accuracy to the parser 2015-09-09 22:26:35 -03:00
Felipe Zimmerle
1079b5ba54 Adds action maturity to the parser 2015-09-09 22:19:07 -03:00
Felipe Zimmerle
09651baf9a Adds action ver to the seclang parser 2015-09-09 22:10:45 -03:00
Felipe Zimmerle
254b29265e Adds action expirevar to the parser and fix the line counting 2015-09-09 18:31:37 -03:00
Felipe Zimmerle
ee8b886371 Adds parser support to ctl:[auditEngine|ruleEngine] 2015-09-09 17:51:53 -03:00
Felipe Zimmerle
ec6a5a0cd2 Adds support to t:sha1 and t:hexEncode at seclang parser 2015-09-09 17:13:07 -03:00
Felipe Zimmerle
d1fa2cfa7b Parser: Fix redirect action and adds SecRule first line-only comment syle 2015-09-09 15:10:38 -03:00
Felipe Zimmerle
5c3a4b608d Adds support to SecMarker and skipAfter 2015-09-08 10:06:37 -03:00
Felipe Zimmerle
b048794f4e Adds support to unconditional rules 2015-09-04 15:55:53 -03:00
Felipe Zimmerle
010c18f63f Adds support to SecDefaultAction configuration directive 2015-09-04 10:56:04 -03:00
Felipe Zimmerle
f2ed890ea6 Now accept SecRules regardless of the letter case 2015-09-03 11:09:40 -03:00
Felipe Zimmerle
ea4cd53221 Accepts phases with its name instead of a number 2015-09-02 18:31:02 -03:00
Felipe Zimmerle
035040cd13 Adds sanity check to confirm that the rule has an ID and it is not duplicated 2015-09-02 18:30:41 -03:00
Felipe Zimmerle
e89e395a32 Fix various minor issues on the auditlog schema 2015-08-27 17:50:42 -03:00
Felipe Zimmerle
1065e297b2 Fix several minor issues on the seclang grammar 2015-08-22 11:06:28 -03:00
Felipe Zimmerle
e78d7f5b91 Makes the parser understand some missing configuration directives 
Directives:
 - SecPcreMatchLimitRecursion
 - SecPcreMatchLimit
 - SecResponseBodyMimeType
 - SecTmpDir
 - SecDataDir
 - SecArgumentSeparator
 - SecCookieFormat
 - SecStatusEngine

Those are not implemented yet, but the parser is now able to understand it.
 2015-08-20 13:04:54 -03:00
Felipe Zimmerle
a453a656c3 Fix continuation line and VARIABLENOCOLON 2015-08-19 23:12:34 -03:00
Felipe Zimmerle
0b225f0239 Parser: adds support to SecRequestBodyInMemoryLimit 2015-08-19 22:42:46 -03:00
Felipe Zimmerle
2d56aa521b Cosmetics: fix actions on yy file 
- added action for:
  ctl:requestBodyProcessor=XML
  ctl:requestBodyProcessor=JSON
- added CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT
 2015-08-19 22:36:31 -03:00
Felipe Zimmerle
a230a4ff3c parser: Adds support for continuation lines 2015-08-19 17:20:43 -03:00
Felipe Zimmerle
ef99615401 parser: Understanding @pm if no operator is provided 2015-08-19 16:58:14 -03:00
Felipe Zimmerle
101fddfc9b Extends DICT_ELEMENT to support "-" 2015-08-18 22:19:32 -03:00
Felipe Zimmerle
d5bf955028 Using DetectionOnly instead of DetectOnly 2015-08-18 22:16:38 -03:00
Felipe Zimmerle
b7fb65fe65 seclanguage: ignore lines starting with "#" 2015-08-18 22:10:55 -03:00
Felipe Zimmerle
c06179f18e Adds support for Log and Rev actions 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
ad9393a8c2 Adds support for the tag action 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
f519717bdf Adds support to the msg action 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
e12d95b10d Adds support to the TX collection and setvar action 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
88c53575be Adds support to & (count) and ! (exclusion) as variables variations 2015-08-07 14:27:33 -03:00
Felipe Zimmerle
4f47651a6f Adds variable TX and action "capture". 2015-08-05 10:07:47 -03:00
Felipe Zimmerle
e016b72a8e Handles better the memory utilization 
- Added reference counts to Rule and AuditLog;
- Some memory leaks were removed, including GeoLookup;
- Deal better with parser errors;
- Overriding the AutlogLogWritter destructor.
 2015-07-26 22:51:57 -03:00
Felipe Zimmerle
0e7c13e3c0 Adds more regression tests to SecRemoteRules 2015-07-25 08:18:59 -03:00
Felipe Zimmerle
7ba5c76c78 Returns elegant errors if rules load operation failed 2015-07-25 03:04:57 -03:00
Felipe Zimmerle
b8f7fb441d Adds support to SecRemoteRules and Include directives 
This commit includes a refactoring on important pieces of the parser
to allow it work in a stack fashion. Driver and Rules classes were
simplified and the RulesProperties class was created.
 2015-07-24 22:57:29 -03:00
Felipe Zimmerle
70bc15cb73 Adds support to quoted ID action 2015-07-23 14:14:19 -03:00
Felipe Zimmerle
64543e3aa2 Using A-Z instead of A-z while parsing with ?i: to avoid warnings 2015-07-23 09:45:25 -03:00
Felipe Zimmerle
b5ca607e76 Places class Driver under the Parser namespace 2015-07-23 01:37:15 -03:00
Felipe Zimmerle
9c2158958e parser: Loads content straight from buffer. 2015-07-23 01:37:08 -03:00
Felipe Zimmerle
261ee9f115 Adds support to BodyLimitAction and support for parser errors 2015-07-22 21:31:58 -03:00
Felipe Zimmerle
667586c42e Adds UNIQUE_ID variable 2015-07-22 21:24:21 -03:00