github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,957 Commits 55 Branches 109 Tags
Commit Graph

262 Commits

Author SHA1 Message Date
Felipe Zimmerle
076a02951c Huge performance improvement: passing variables as pointers avoiding copies 2015-09-18 20:21:12 -03:00
Felipe Zimmerle
ed86c24df6 Adds checks for the NO_LOGS definition and improved the vars resolution time 2015-09-17 17:41:38 -03:00
Felipe Zimmerle
11e1a67d58 Fix disruptive action flow while RuleEngine is in DetectionOnly 2015-09-17 10:51:44 -03:00
Felipe Zimmerle
d0c215d78b Adds support for the server log integration 2015-09-17 09:01:52 -03:00
Felipe Zimmerle
a0a2d2c77e Adds support to read request body from a file 2015-09-15 16:04:27 -03:00
Felipe Zimmerle
5c3a4b608d Adds support to SecMarker and skipAfter 2015-09-08 10:06:37 -03:00
Felipe Zimmerle
010c18f63f Adds support to SecDefaultAction configuration directive 2015-09-04 10:56:04 -03:00
Felipe Zimmerle
fa4f72d90d Adds support to ctl:auditLogParts variation 2015-09-02 10:55:29 -03:00
Felipe Zimmerle
24b7d72666 DebugLogs are now being redirected to the correct files 2015-08-27 15:36:56 -03:00
Felipe Zimmerle
1065e297b2 Fix several minor issues on the seclang grammar 2015-08-22 11:06:28 -03:00
Felipe Zimmerle
0b225f0239 Parser: adds support to SecRequestBodyInMemoryLimit 2015-08-19 22:42:46 -03:00
Felipe Zimmerle
2d56aa521b Cosmetics: fix actions on yy file 
- added action for:
  ctl:requestBodyProcessor=XML
  ctl:requestBodyProcessor=JSON
- added CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT
 2015-08-19 22:36:31 -03:00
Felipe Zimmerle
d5fe21ce3c Code cosmetics: reduce the amount of cppcheck warnings 2015-08-12 22:40:26 -03:00
Felipe Zimmerle
fb161a69a9 Removes some warnings by adding missing returns 2015-08-11 13:13:16 -03:00
Felipe Zimmerle
ce0d81c0da Adds sanity check for inputs 2015-08-10 00:08:02 -03:00
Felipe Zimmerle
ad9393a8c2 Adds support for the tag action 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
f519717bdf Adds support to the msg action 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
e12d95b10d Adds support to the TX collection and setvar action 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
522f195aa0 Adds support to urlDecodeUni transformation 2015-08-05 22:54:48 -03:00
Felipe Zimmerle
a4cf218a3e Removes chrono references to make it compile with gcc 4.8.x 2015-08-02 22:14:32 -03:00
Felipe Zimmerle
6beca48c54 Fix C api signatures 2015-07-27 00:41:56 -03:00
Felipe Zimmerle
e016b72a8e Handles better the memory utilization 
- Added reference counts to Rule and AuditLog;
- Some memory leaks were removed, including GeoLookup;
- Deal better with parser errors;
- Overriding the AutlogLogWritter destructor.
 2015-07-26 22:51:57 -03:00
Felipe Zimmerle
b8f7fb441d Adds support to SecRemoteRules and Include directives 
This commit includes a refactoring on important pieces of the parser
to allow it work in a stack fashion. Driver and Rules classes were
simplified and the RulesProperties class was created.
 2015-07-24 22:57:29 -03:00
Felipe Zimmerle
76b34af357 Adds support to load remote rules 2015-07-23 14:40:56 -03:00
Felipe Zimmerle
b5ca607e76 Places class Driver under the Parser namespace 2015-07-23 01:37:15 -03:00
Felipe Zimmerle
d3eb0fd913 Driver class is extending the Rules class instead of duplicate elements 2015-07-23 00:10:32 -03:00
Felipe Zimmerle
dc0b13ad74 Cosmetic: fix copyright header 2015-07-22 23:03:09 -03:00
Felipe Zimmerle
261ee9f115 Adds support to BodyLimitAction and support for parser errors 2015-07-22 21:31:58 -03:00
Felipe Zimmerle
cb722c74b9 Adds support to REQUEST_HEADERS{_NAMES} and RESPONSE_HEADERS{_NAMES} vars 2015-07-22 21:22:32 -03:00
Felipe Zimmerle
62fece7823 Adds support to SecResponseBodyLimit directive and OUTBOUND_DATA_ERROR var 2015-07-21 19:46:15 -03:00
Felipe Zimmerle
09867791c7 Adds support to MATCHED_VARS variable 2015-07-21 14:21:49 -03:00
Felipe Zimmerle
9d69501961 Adds support to MATCHED_VAR variable 2015-07-21 12:02:14 -03:00
Felipe Zimmerle
9c066e3198 Adds support to the INBOUND_DATA_ERROR variable and SecRequestBodyLimit direc. 2015-07-21 10:02:33 -03:00
Felipe Zimmerle
95c2fed89c Adds support to severity action and HIGHEST_SEVERITY variable 2015-07-21 01:09:13 -03:00
Felipe Zimmerle
41bf1490b7 Adds MODSEC_BUILD variable 2015-07-20 20:43:07 -03:00
Felipe Zimmerle
5d5e10bfde Adds support for basic Multipart process 
Adjustments will be needed, for instance: the logging support is still missing
 2015-07-17 15:12:15 -03:00
Felipe Zimmerle
33dff0f1bf Refactoring on the variables resoluvtion method 2015-07-15 12:34:06 -03:00
Felipe Zimmerle
f0624bb089 Adds support to ARGS_GET_NAMES variable 2015-07-14 16:41:55 -03:00
Felipe Zimmerle
e7ec09623d Adds support to ARGS_POST_NAMES variable 2015-07-14 16:41:36 -03:00
Felipe Zimmerle
bc0553e726 Adds support to the variable ARGS_NAMES 2015-07-14 15:22:42 -03:00
Felipe Zimmerle
228a5ce7cc Adds support to ARGS_COMBINED_SIZE variable 2015-07-14 14:17:12 -03:00
Felipe Zimmerle
76b769cc84 Decodes the url content before assing values to varibles 2015-07-14 13:54:56 -03:00
Felipe Zimmerle
80f13437e3 Refactoring on the variable read/store methods 
Now it is ready to received two (or more) variables with same key.
 2015-07-14 00:33:57 -03:00
Felipe Zimmerle
f13a1bd880 Adds support the Parallel audit log index creation 
The index is now being generated.
 2015-07-14 00:33:57 -03:00
Felipe Zimmerle
96a777a5cf Adds initial serial audit logging support 
Serial logging following the format used on ModSecurity 2.9.
 2015-07-14 00:33:50 -03:00
Felipe Zimmerle
001d5ebf7f Properly deal with classes destructors 
There are some classes such as AuditLog that demands a reference count. That is
needed because this class can be used by different instances of the Rules
classes.
 2015-07-13 14:16:48 -03:00
Felipe Zimmerle
c9620ac50f Writes audit log in parallel mode 
First version still missing the index among other things
 2015-07-10 18:37:48 -03:00
Felipe Zimmerle
1ddb36a781 Adds SecComponentSignature configuration directive 2015-07-10 18:37:48 -03:00
Felipe Zimmerle
75a9cfa273 Uses an enumeration to determine the state of the SecRuleEngine 2015-07-10 18:37:48 -03:00
Felipe Zimmerle
cb8d6249a8 Adds connector information to the audit logs 2015-07-10 18:37:48 -03:00