390 Commits

Author	SHA1	Message	Date
Felipe Zimmerle	4bec6b0019	Adds support to ctl:ruleEngine	2017-07-27 22:05:10 -03:00
Felipe Zimmerle	e14dc602e5	Adds support to SecRuleUpdateTargetById	2017-07-04 13:13:13 -07:00
Felipe Zimmerle	fba9c20ea1	Adds initial support to SecRuleUpdateTargetByTag	2017-07-03 17:42:34 -07:00
Felipe Zimmerle	508a2b5a4a	Adds sanity check on SecRemoteRules directive input	2017-06-21 19:08:12 -07:00
Felipe Zimmerle	c3a0d8d9bb	Fix collections element selection by regex ... Reported at #1369	2017-06-17 00:11:28 -03:00
Felipe Zimmerle	9cb3f23b50	Adds support to setrsc action	2017-06-09 16:59:04 -03:00
Felipe Zimmerle	e795253ecf	Fix crash on SecRuleRemoveById malformated parameter ... Fix issue #1440	2017-06-06 22:14:13 -03:00
Victor Hora	37868d1534	Add missing feature: t:uppercase transformation	2017-06-02 21:47:54 -03:00
Victor Hora	9d70345d3d	Add missing hexDecode transformation to seclang parser	2017-05-29 22:48:23 -03:00
Felipe Zimmerle	0e05b7bb8a	Avoids to load a directory structure as a rules file	2017-05-02 16:42:22 -03:00
Felipe Zimmerle	c97db2f361	Adds verbose message when a resource is not found. ... Fix #1309	2017-05-02 13:39:37 -03:00
Felipe Zimmerle	6421ff087a	Forces disruptive to be first-rule-only ... ModSecurity version 3 is capable to handle disruptive actions in different rules from the chain. However, lets get it working in the same fashion that we have in version 2.	2017-04-24 21:06:35 -03:00
Felipe Zimmerle	b3c8e97ff7	Parse fix: accepting variables in between quotes	2017-03-30 10:02:36 -03:00
Felipe Zimmerle	e2bd87d07d	Fix minor parser errors	2017-03-06 15:02:04 -03:00
Felipe Zimmerle	d6363607aa	Accept quoted regexp in the collection selection	2017-03-06 15:02:03 -03:00
Felipe Zimmerle	f9552ede2b	Adds missing file	2017-03-06 15:02:01 -03:00
Felipe Zimmerle	e95efa05cc	Fix assorted memory and static analysis errors	2017-03-06 15:02:00 -03:00
Felipe Zimmerle	f2d149fc5f	Extends the direct access model to other collections	2017-03-06 15:02:00 -03:00
Felipe Zimmerle	ca24b6bb06	PoC: Adds support to direct access on ARGS collection	2017-03-06 15:01:59 -03:00
Felipe Zimmerle	c1f11ab4e5	Cosmetics: assorted fixes on the coding style	2017-03-06 15:01:59 -03:00
Felipe Zimmerle	ff65d618e4	Adds missing Makefile.am file	2017-03-06 15:01:59 -03:00
Felipe Zimmerle	ba6b972ca8	Makes global collection allowed to be set by setVar	2017-03-06 15:01:59 -03:00
Felipe Zimmerle	b516cc6de1	Adds operation unset to setVar action	2017-03-06 15:01:59 -03:00
Felipe Zimmerle	e95555132e	Contionuation of 1 time variable patch ... Now we have almost 100% of the transaction variables hosted on the new schema. Variable modifcators (count and exclusion) are not yet supported on the new schema. Notice that setvar is now using the parser.	2017-03-06 15:01:58 -03:00
Felipe Zimmerle	703da3c4f0	Adds PoC about 1-time variable resolution and draft for offset ... There is no need for the variable purely associated with the transaction (transient) be part of collection that demands lookups. Also, those variables will held the concept of offset: The offset from the first byte of the request till the start of the variable.	2017-03-06 15:01:52 -03:00
Felipe Zimmerle	3eccfaf1f6	Disables parser generation on all builds ... The parser generation is now an configure option	2017-03-06 15:01:52 -03:00
Felipe Zimmerle	03d0570e99	Deletes the Rule object in case of a parser failure	2017-03-06 15:01:52 -03:00
Felipe Zimmerle	1aa2a9c01b	Avoids memory leak by cleaning loc stack on Driver's destructor	2017-03-06 15:01:52 -03:00
Felipe Zimmerle	839ac62585	Fix memory leaks in parser failures	2017-03-06 15:01:51 -03:00
Felipe Zimmerle	a6f07f621d	Makes the lexical errors a little bit more verbose	2017-03-06 15:01:51 -03:00
Felipe Zimmerle	5880524db6	cosmetics: Improves the tokens organization	2017-03-06 15:01:51 -03:00
Felipe Zimmerle	808fd23358	Avoids a second initialization of the Audit Log class	2017-03-06 15:01:51 -03:00
Felipe Zimmerle	60402d8b80	Renames defaultActions to m_defaultActions in RulesProperties	2017-03-06 15:01:50 -03:00
Felipe Zimmerle	7927ddda91	Renames rules to m_rules in RulesProperties	2017-03-06 15:01:50 -03:00
Felipe Zimmerle	5086fef492	Fix parser while continuation line is used between var and op	2017-03-06 15:01:50 -03:00
Felipe Zimmerle	59114dd598	Refactoring on the operators parsers (2/2) ... This is the first step towards remove the memory leaks in the parser	2017-03-06 15:01:50 -03:00
Felipe Zimmerle	9cda4c0be0	cosmetics: Having the parser in a better shape regarding operators 1/2	2017-03-06 15:01:50 -03:00
Felipe Zimmerle	15b81d09e7	Refactoring on the transformation classes	2016-12-28 19:53:37 -03:00
Felipe Zimmerle	88fb456a16	Cosmetics: Reduces the static analysis warnings	2016-12-28 17:46:47 -03:00
Felipe Zimmerle	9c7416da97	Refactoring the actions classes	2016-12-28 15:20:06 -03:00
Felipe Zimmerle	2e9a35c358	Refactoring on the audit logs implementation ... Among of other things, it is now supporting shared file locks between different process.	2016-12-14 23:17:28 -03:00
Felipe Zimmerle	bfc30dad34	Refactoring: how to report to error logs	2016-12-01 01:05:29 -03:00
Felipe Zimmerle	a776cce6d7	Changes RULE variable group to be save at transient collection	2016-11-28 13:00:04 -03:00
Felipe Zimmerle	ab88083159	parser: Fix the expanded list inclusion	2016-11-16 15:47:21 -03:00
Felipe Zimmerle	4643501507	parser: Improves the include error when the file does not exist	2016-11-14 10:23:00 -03:00
Felipe Zimmerle	8b4f1bc46c	Fix rule file inclusion path ... The inclusion was not taking `*' into consideration, leading the relative configuration inclusion to fail. That was very annoying.	2016-11-11 15:15:51 -03:00
Felipe Zimmerle	3ee7b24928	Adds refCounter to actions	2016-11-08 18:14:34 -03:00
Felipe Zimmerle	2244e874e2	Moves static methods from class String to the namespace string	2016-11-04 16:00:44 -03:00
Felipe Zimmerle	62a0cb468b	Renames utils/msc_string.[h|cc] to utils/string.[h|cc]	2016-11-04 16:00:42 -03:00
Felipe Zimmerle	424418f54b	Renames msc_system.[h|cc] to system.[h|cc]	2016-11-04 16:00:36 -03:00