github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,753 Commits 55 Branches 109 Tags
Commit Graph

198 Commits

Author SHA1 Message Date
Felipe Zimmerle
5c3a4b608d Adds support to SecMarker and skipAfter 2015-09-08 10:06:37 -03:00
Felipe Zimmerle
b048794f4e Adds support to unconditional rules 2015-09-04 15:55:53 -03:00
Felipe Zimmerle
010c18f63f Adds support to SecDefaultAction configuration directive 2015-09-04 10:56:04 -03:00
Felipe Zimmerle
45d81e1c04 Adds sanity check to the rule id action 2015-09-03 09:38:12 -03:00
Felipe Zimmerle
a63aa50f1b Changes the default operator to be @rx not @pm 
For some reason the default operator was @pm, which was a huge mistake.
The default operator is @rx, thanks for Sanders who have noticed that.
 2015-09-02 18:31:02 -03:00
Felipe Zimmerle
ea4cd53221 Accepts phases with its name instead of a number 2015-09-02 18:31:02 -03:00
Felipe Zimmerle
035040cd13 Adds sanity check to confirm that the rule has an ID and it is not duplicated 2015-09-02 18:30:41 -03:00
Felipe Zimmerle
fa4f72d90d Adds support to ctl:auditLogParts variation 2015-09-02 10:55:29 -03:00
Felipe Zimmerle
e89e395a32 Fix various minor issues on the auditlog schema 2015-08-27 17:50:42 -03:00
Felipe Zimmerle
24b7d72666 DebugLogs are now being redirected to the correct files 2015-08-27 15:36:56 -03:00
Felipe Zimmerle
01542e28c3 Allows blank line (or line with space) at the end of a rules file 2015-08-25 15:50:40 -03:00
Felipe Zimmerle
c586ba0178 Removes an unused state from the seclang parser 2015-08-25 08:15:27 -03:00
Felipe Zimmerle
1065e297b2 Fix several minor issues on the seclang grammar 2015-08-22 11:06:28 -03:00
Felipe Zimmerle
e78d7f5b91 Makes the parser understand some missing configuration directives 
Directives:
 - SecPcreMatchLimitRecursion
 - SecPcreMatchLimit
 - SecResponseBodyMimeType
 - SecTmpDir
 - SecDataDir
 - SecArgumentSeparator
 - SecCookieFormat
 - SecStatusEngine

Those are not implemented yet, but the parser is now able to understand it.
 2015-08-20 13:04:54 -03:00
Felipe Zimmerle
0b225f0239 Parser: adds support to SecRequestBodyInMemoryLimit 2015-08-19 22:42:46 -03:00
Felipe Zimmerle
2d56aa521b Cosmetics: fix actions on yy file 
- added action for:
  ctl:requestBodyProcessor=XML
  ctl:requestBodyProcessor=JSON
- added CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT
 2015-08-19 22:36:31 -03:00
Felipe Zimmerle
ef99615401 parser: Understanding @pm if no operator is provided 2015-08-19 16:58:14 -03:00
Felipe Zimmerle
d5fe21ce3c Code cosmetics: reduce the amount of cppcheck warnings 2015-08-12 22:40:26 -03:00
Felipe Zimmerle
2ff0a44df2 Eliminates the sec language grammar shift-reduce problem 2015-08-11 16:53:05 -03:00
Felipe Zimmerle
9096055ea7 Reduces bison dependency to 3.0 2015-08-10 14:11:30 -03:00
Felipe Zimmerle
c06179f18e Adds support for Log and Rev actions 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
ad9393a8c2 Adds support for the tag action 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
f519717bdf Adds support to the msg action 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
e12d95b10d Adds support to the TX collection and setvar action 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
88c53575be Adds support to & (count) and ! (exclusion) as variables variations 2015-08-07 14:27:33 -03:00
Felipe Zimmerle
c2d33823f5 Adds method init to Operator class 2015-07-27 22:44:34 -03:00
Felipe Zimmerle
e016b72a8e Handles better the memory utilization 
- Added reference counts to Rule and AuditLog;
- Some memory leaks were removed, including GeoLookup;
- Deal better with parser errors;
- Overriding the AutlogLogWritter destructor.
 2015-07-26 22:51:57 -03:00
Felipe Zimmerle
0e7c13e3c0 Adds more regression tests to SecRemoteRules 2015-07-25 08:18:59 -03:00
Felipe Zimmerle
b8f7fb441d Adds support to SecRemoteRules and Include directives 
This commit includes a refactoring on important pieces of the parser
to allow it work in a stack fashion. Driver and Rules classes were
simplified and the RulesProperties class was created.
 2015-07-24 22:57:29 -03:00
Felipe Zimmerle
b5ca607e76 Places class Driver under the Parser namespace 2015-07-23 01:37:15 -03:00
Felipe Zimmerle
d3eb0fd913 Driver class is extending the Rules class instead of duplicate elements 2015-07-23 00:10:32 -03:00
Felipe Zimmerle
16bb253d0e Adds all variables to the 'Variables' name space 2015-07-22 22:36:30 -03:00
Felipe Zimmerle
261ee9f115 Adds support to BodyLimitAction and support for parser errors 2015-07-22 21:31:58 -03:00
Felipe Zimmerle
6f7d3fa67a Adds support to the TIME* variables 2015-07-22 01:07:42 -03:00
Felipe Zimmerle
62fece7823 Adds support to SecResponseBodyLimit directive and OUTBOUND_DATA_ERROR var 2015-07-21 19:46:15 -03:00
Felipe Zimmerle
9c066e3198 Adds support to the INBOUND_DATA_ERROR variable and SecRequestBodyLimit direc. 2015-07-21 10:02:33 -03:00
Felipe Zimmerle
95c2fed89c Adds support to severity action and HIGHEST_SEVERITY variable 2015-07-21 01:09:13 -03:00
Felipe Zimmerle
e189055ec3 Adds support to GeoIP operator and variables. 2015-07-20 21:05:14 -03:00
Felipe Zimmerle
41bf1490b7 Adds MODSEC_BUILD variable 2015-07-20 20:43:07 -03:00
Felipe Zimmerle
d0b7a9966d Adds support to the ENV variable 2015-07-15 12:34:06 -03:00
Felipe Zimmerle
27252bc801 Adds support to the variable DURATION 2015-07-15 12:34:06 -03:00
Felipe Zimmerle
33dff0f1bf Refactoring on the variables resoluvtion method 2015-07-15 12:34:06 -03:00
Felipe Zimmerle
1ddb36a781 Adds SecComponentSignature configuration directive 2015-07-10 18:37:48 -03:00
Felipe Zimmerle
75a9cfa273 Uses an enumeration to determine the state of the SecRuleEngine 2015-07-10 18:37:48 -03:00
Felipe Zimmerle
fd8f26f763 Adds all auditlog related directives to the configuration parser 
Added the support for the following configuration directives:
 - SecAuditLogDirMode
 - SecAuditLogStorageDir
 - SecAuditEngine
 - SecAuditLogFileMode
 - SecAuditLog2
 - SecAuditLogParts
 - SecAuditLog
 - SecAuditLogRelevantStatus
 - SecAuditLogType
 2015-07-10 18:37:42 -03:00
Felipe Zimmerle
616a2ae6de Adds AuditLog class 
The properties related to the Audit Log were saved into the classes
Rules and Dirver, now all those properties will be saved into the
AuditLog class.
 2015-07-08 18:05:09 -03:00
Felipe Zimmerle
b9507e3969 Decreases the bison requirement from 3.0.4 to 3.0.2 
Version 3.0.2 seems to be the default package on Ubuntu.
Reported by Andrei Belov - @defanator.
 2015-06-30 10:18:06 -03:00
Felipe Zimmerle
95cb4c56ab Very first commit: libmodsecurity 
Check the README.md file for further information about the libmodsecurity.
 2015-06-26 14:35:15 -03:00