asterite
039bd2cc84
fix negated implicit @rx operator
...
When an operator starts with '!' and no explicit operator
is specified, a negated @rx operator should be created.
Due to a bug, a regular @rx operator with regex starting
with '!' was created. This commit fixes it
2017-08-20 19:39:05 -03:00
Felipe Zimmerle
945ee27a85
parser: Adds SecRuleUpdateActionById is not yet supported
2017-08-17 15:08:38 -03:00
Felipe Zimmerle
d7eab6b7a3
Adds support to SecRuleRemoveByMsg
2017-08-16 23:42:13 -03:00
Felipe Zimmerle
b4051246b1
Adds support to SecResponseBodyMimeTypesClear
2017-08-16 22:21:03 -03:00
Felipe Zimmerle
48f1470269
Adds support to SecArgumentSeparator
2017-08-16 18:27:51 -03:00
Felipe Zimmerle
a302538521
parser: Adds SecWebAppId not supported note
2017-08-16 17:31:59 -03:00
Felipe Zimmerle
bb2fe0e039
parser: Adds note saying that SecServerSignature is not supported
2017-08-16 17:14:42 -03:00
Felipe Zimmerle
e6cfd5379d
parser: Adds SecRuleScript not implemented note
2017-08-16 17:00:36 -03:00
Felipe Zimmerle
9abc37157d
parser: Adds msg: ContentInjection is not yet supported
2017-08-16 09:21:23 -03:00
Felipe Zimmerle
c525cbfb20
parser: Adds ability to inform auditlog status without quotes
2017-08-16 00:17:58 -03:00
Victor Hora
53ff0e1a57
Adds initial support to SecHttpBlKey
2017-07-29 00:12:14 -03:00
Felipe Zimmerle
4bec6b0019
Adds support to ctl:ruleEngine
2017-07-27 22:05:10 -03:00
Felipe Zimmerle
e14dc602e5
Adds support to SecRuleUpdateTargetById
2017-07-04 13:13:13 -07:00
Felipe Zimmerle
fba9c20ea1
Adds initial support to SecRuleUpdateTargetByTag
2017-07-03 17:42:34 -07:00
Felipe Zimmerle
9cb3f23b50
Adds support to setrsc action
2017-06-09 16:59:04 -03:00
Victor Hora
37868d1534
Add missing feature: t:uppercase transformation
2017-06-02 21:47:54 -03:00
Victor Hora
9d70345d3d
Add missing hexDecode transformation to seclang parser
2017-05-29 22:48:23 -03:00
Felipe Zimmerle
c97db2f361
Adds verbose message when a resource is not found.
...
Fix #1309
2017-05-02 13:39:37 -03:00
Felipe Zimmerle
b3c8e97ff7
Parse fix: accepting variables in between quotes
2017-03-30 10:02:36 -03:00
Felipe Zimmerle
f2d149fc5f
Extends the direct access model to other collections
2017-03-06 15:02:00 -03:00
Felipe Zimmerle
ca24b6bb06
PoC: Adds support to direct access on ARGS collection
2017-03-06 15:01:59 -03:00
Felipe Zimmerle
c1f11ab4e5
Cosmetics: assorted fixes on the coding style
2017-03-06 15:01:59 -03:00
Felipe Zimmerle
b516cc6de1
Adds operation unset to setVar action
2017-03-06 15:01:59 -03:00
Felipe Zimmerle
e95555132e
Contionuation of 1 time variable patch
...
Now we have almost 100% of the transaction variables hosted on the
new schema. Variable modifcators (count and exclusion) are not yet
supported on the new schema. Notice that setvar is now using the
parser.
2017-03-06 15:01:58 -03:00
Felipe Zimmerle
703da3c4f0
Adds PoC about 1-time variable resolution and draft for offset
...
There is no need for the variable purely associated with the
transaction (transient) be part of collection that demands
lookups. Also, those variables will held the concept of offset:
The offset from the first byte of the request till the start of
the variable.
2017-03-06 15:01:52 -03:00
Felipe Zimmerle
03d0570e99
Deletes the Rule object in case of a parser failure
2017-03-06 15:01:52 -03:00
Felipe Zimmerle
839ac62585
Fix memory leaks in parser failures
2017-03-06 15:01:51 -03:00
Felipe Zimmerle
5880524db6
cosmetics: Improves the tokens organization
2017-03-06 15:01:51 -03:00
Felipe Zimmerle
60402d8b80
Renames defaultActions to m_defaultActions in RulesProperties
2017-03-06 15:01:50 -03:00
Felipe Zimmerle
59114dd598
Refactoring on the operators parsers (2/2)
...
This is the first step towards remove the memory leaks in the parser
2017-03-06 15:01:50 -03:00
Felipe Zimmerle
9cda4c0be0
cosmetics: Having the parser in a better shape regarding operators 1/2
2017-03-06 15:01:50 -03:00
Felipe Zimmerle
15b81d09e7
Refactoring on the transformation classes
2016-12-28 19:53:37 -03:00
Felipe Zimmerle
9c7416da97
Refactoring the actions classes
2016-12-28 15:20:06 -03:00
Felipe Zimmerle
2e9a35c358
Refactoring on the audit logs implementation
...
Among of other things, it is now supporting shared file locks between
different process.
2016-12-14 23:17:28 -03:00
Felipe Zimmerle
bfc30dad34
Refactoring: how to report to error logs
2016-12-01 01:05:29 -03:00
Felipe Zimmerle
a776cce6d7
Changes RULE variable group to be save at transient collection
2016-11-28 13:00:04 -03:00
Felipe Zimmerle
3ee7b24928
Adds refCounter to actions
2016-11-08 18:14:34 -03:00
Felipe Zimmerle
2244e874e2
Moves static methods from class String to the namespace string
2016-11-04 16:00:44 -03:00
Felipe Zimmerle
62a0cb468b
Renames utils/msc_string.[h|cc] to utils/string.[h|cc]
2016-11-04 16:00:42 -03:00
Felipe Zimmerle
424418f54b
Renames msc_system.[h|cc] to system.[h|cc]
2016-11-04 16:00:36 -03:00
Felipe Zimmerle
4ced1d18e0
Using full path in the header inclusion
2016-11-04 14:45:01 -03:00
Felipe Zimmerle
507ec44cc2
Refactoring on `utils.cc' and adjacents
...
Completely removed the `utils.cc' by moving residual functions into
sub-classes of `utils/'
2016-11-03 20:26:27 -03:00
Felipe Zimmerle
f1e742c159
Moves system related functions from utils' to utils/system'
2016-11-03 10:48:10 -03:00
Felipe Zimmerle
73c4d69174
Moves string related functions from utils' to utils/string'
2016-11-03 10:47:22 -03:00
Felipe Zimmerle
9733cacd4d
Refactoring: moves ctl_ actions into ctl namespace
2016-11-01 14:58:51 -03:00
Felipe Zimmerle
2bb9d7988f
Cosmetics: huge refactoring in the parser
...
The parser is now more elegant and resilient.
2016-10-31 17:33:24 -03:00
Felipe Zimmerle
4711644600
dds support to CtlRequestBodyAccess
2016-10-28 09:48:10 -03:00
Felipe Zimmerle
1c21d1aeba
Adds support to action CtlRuleRemoveById
2016-10-26 11:00:18 -03:00
Felipe Zimmerle
161cc36acf
Adds support to action CtlRuleRemoteTargetById
2016-10-26 10:58:42 -03:00
Felipe Zimmerle
9245369a54
Adds support to action CtlRuleRemoteTargetByTag
2016-10-25 15:43:50 -03:00
