Felipe Zimmerle
9d80983e55
Fix on top of #1943 + adding test cases
2018-11-01 16:11:39 -03:00
supplient
39f4a5d7d2
Fix double macros bug
...
Macro run strangely if I input double macros like "%{ARGS_COMBINED_SIZE}%{ARGS_COMBINED_SIZE}".
2018-11-01 15:56:54 -03:00
Felipe Zimmerle
18cdffdbca
Encapsulates int[N] in a class to avoid compilation issues
...
Depending on the compiler, there may be a compilation issue with the
usage of std::unique_ptr<int[]>. Therefore encapsulating it inside a
regular class.
2018-11-01 11:50:15 -03:00
Victor Hora
e3b9f7c913
Fix SecUnicodeMapFile support
...
Makes SecUnicodeMapFile read the file and adjust transformation to use the
right variable.
2018-10-31 22:57:39 -03:00
Victor Hora
84ece3edcb
Add test case for SecUnicodeMap
2018-10-31 22:19:27 -03:00
Felipe Zimmerle
065c2e67b6
Adds test case for #1850
2018-10-30 18:25:46 -03:00
Felipe Zimmerle
e1e8a01ed2
Override the default status code if not suitable to redirect action
...
Issue #1850
2018-10-30 18:20:23 -03:00
Felipe Zimmerle
bfe917b6b1
parser: Fix the support for CRLF configuration files
2018-10-30 17:16:44 -03:00
Felipe Zimmerle
3f0ea90970
Test case skeleton for #1941
2018-10-29 11:14:31 -03:00
Victor Hora
662fe63a47
Add unicode.mapping file to v3/master branch
2018-10-26 03:01:03 -04:00
Felipe Zimmerle
b05901e8ae
Changes the regression test client to read the interception msg
2018-10-25 21:51:23 -03:00
Felipe Zimmerle
1e5df5312b
CHANGES: Adds info on 0xb7c36 and 0x5ac20
2018-10-25 18:07:29 -03:00
Felipe Zimmerle
91daeee9f6
Only calling server log if the message is not disruptive
...
The disruptive message is already part of the interception object
2018-10-25 18:04:27 -03:00
Felipe Zimmerle
448897d297
Marking message as disruptive before generate log msg
2018-10-25 18:04:07 -03:00
Felipe Zimmerle
973c1f1028
Fix rule line number
...
Issue #1844
2018-10-24 21:02:35 -03:00
Felipe Zimmerle
fa5f3784f2
Using shared_ptr instead of unique_ptr on rules exceptions
2018-10-23 17:03:18 -03:00
Felipe Zimmerle
e63344c3dc
CHANGES: Adds info on 0xb2840 and 0x3094d
2018-10-23 17:03:07 -03:00
Felipe Zimmerle
ef7f65db90
Changes debuglogs schema to avoid unecessary str allocation
2018-10-23 17:00:16 -03:00
Felipe Zimmerle
23e0d35d2d
Fix the SecUnicodeMapFile and SecUnicodeCodePage
2018-10-23 17:00:11 -03:00
Felipe Zimmerle
3d83ed257f
CHANGES: Adds info on 0xca270
2018-10-23 16:59:53 -03:00
Felipe Zimmerle
69cd61439d
Changes the timing to save the rule message
2018-10-23 16:58:42 -03:00
Victor Hora
8088d6af71
Fix crash in msc_rules_add_file() when using disruptive action in child rule inside of chain
2018-10-23 16:39:21 -03:00
Felipe Zimmerle
466a427ab4
CHANGES: Adds info on #1897
2018-10-23 16:39:17 -03:00
Wenfeng Liu
ec1112c648
Fix memory leak in AuditLog::init()
2018-10-23 16:39:15 -03:00
Felipe Zimmerle
8c549c65c4
CHANGES: Adds info on #1901
2018-10-23 16:39:12 -03:00
Steven
b12a8f5c6f
Fix RulesProperties::appendRules()
...
RulesProperties::appendRules() was not checking for duplicate IDs as well as
throwing an error if there were secMarkers in more than one file (when
calling any combination of rules->load(), rules->loadFromUri() or
rules->loadRemote() more than once). To fix the secMarker issue, the if
statement on rules_properties.h:441 just needed to be negated.
This function also doesn't accurately check for duplicate IDs. the check
can be circumvented by putting the rule in a different phase. To fix this
the ruleId list (v) had to be populated completely before checking against
the other list.
2018-10-23 16:39:04 -03:00
Felipe Zimmerle
f1da6dd29b
CHANGES: Adds info on 0x3077c
2018-10-23 16:38:59 -03:00
Felipe Zimmerle
8bda7c0a45
Fix RULE lookup in chained rules.
2018-10-23 16:37:54 -03:00
Felipe Zimmerle
120108fd33
Adds support for /32 in @ipMatch cidr notation.
...
/32 is the representation of the ip itself. Not sure if it is needed,
but there is a complaint for that: #849
2018-10-23 16:37:53 -03:00
Felipe Zimmerle
a5a40a71a9
Makes matchedvars inline
2018-10-23 16:37:49 -03:00
Felipe Zimmerle
b58018e778
Fix multimatch behavior to match what we have on v2
2018-10-23 16:37:42 -03:00
Felipe Zimmerle
a47738ab04
CHANGES: Adds info about: 0x14316
2018-10-23 16:37:28 -03:00
Felipe Zimmerle
dba73f5367
Using values after transformation at MATCHED_VARS
2018-10-23 16:26:11 -03:00
Felipe Zimmerle
7c50fa7c00
Small fix on @detectXSS test case
2018-10-23 16:26:11 -03:00
Felipe Zimmerle
85ecd190d9
Adds full support to UpdateActionById.
...
Issue #1800
2018-10-23 16:26:11 -03:00
Felipe Zimmerle
3e8e28da48
Refactoring on the RULE variable
2018-10-23 16:26:11 -03:00
Felipe Zimmerle
554251bade
Refactoring on the Rule class
2018-10-23 16:26:10 -03:00
Felipe Zimmerle
74841779f8
Adds partial support to UpdateActionById
2018-10-23 16:26:10 -03:00
Victor Hora
68398a51f3
CHANGES: adds info on #1922
2018-10-13 19:27:08 -04:00
Steven
004047ef6c
Add correct C function prototypes for msc_init and msc_create_rule_set
2018-10-13 19:25:13 -04:00
Victor Hora
c1925a4677
CHANGES: adds info on #1909 and #1185
2018-10-12 17:36:28 -04:00
Victor Hora
20ef01d75c
Allow LuaJIT 2.1 to be used
2018-10-12 17:32:10 -04:00
Victor Hora
28f6f2201f
Match m_id JSON log with RuleMessage and v2 format
2018-10-12 13:10:11 -04:00
Felipe Zimmerle
bc3d3f1915
Adds support to setenv action
...
Issue #1044
2018-09-25 10:19:52 -03:00
Felipe Zimmerle
4dd2812757
Adds new transaction constructor that accepts the transaction id as parameter.
2018-09-24 21:36:06 -03:00
Felipe Zimmerle
c721e101c0
Adds request IDs and URIs to the debug log
2018-09-24 21:07:11 -03:00
Felipe Zimmerle
0e8cd767e7
CHANGES: Adds info about: 0x028e0 and 0x275a1
2018-09-24 16:40:34 -03:00
Felipe Zimmerle
cdf2da1a09
Adds test case related to issue #1725
2018-09-24 16:39:57 -03:00
Felipe Zimmerle
98b9ae659d
Having a better organization for Variables::
2018-09-24 16:39:48 -03:00
Felipe Zimmerle
ee50fea266
Handling key exceptions on the variable itself
...
This is the first step towords to solve #1697
2018-09-24 16:16:30 -03:00
