Felipe Zimmerle
df169ea108
Adds support for libMaxMind
2018-03-22 19:11:42 -03:00
Andrei Belov
b50658d1e3
Fix "make dist" target to include necessary headers for Lua
2018-02-23 14:10:39 -03:00
Felipe Zimmerle
ff782ddfa4
Having LDADD and LDFLAGS organized on Makefile.am
2018-02-21 14:26:47 -03:00
Felipe Zimmerle
eeec7efb68
Renames collection::Variable to VariableValue
2018-02-20 13:40:01 -03:00
Felipe Zimmerle
43bba3f942
Removes the depricated MacroExpansion class
2018-02-20 13:40:01 -03:00
Felipe Zimmerle
6fe8655ed9
Adds support for RunTimeString
...
Using RunTimeStrings instead of runtime parser for
macro expansion.
2018-02-20 13:40:00 -03:00
Felipe Zimmerle
cb3363c7d5
Adds support for the exec action
2017-11-05 23:31:07 -03:00
Felipe Zimmerle
a676f313c3
Initial support for Lua script engine
2017-11-05 23:30:50 -03:00
Felipe Zimmerle
1189e9b0ef
Adds support to LUA in configure scripts
2017-10-31 09:59:12 -03:00
Felipe Zimmerle
7622866f97
Adds support for @fuzzyHash
...
Issue #997
2017-10-26 17:44:17 -03:00
Felipe Zimmerle
7d786b3350
Makes pm mutex optional via configuration flag
2017-09-26 16:33:31 +00:00
Felipe Zimmerle
4bec6b0019
Adds support to ctl:ruleEngine
2017-07-27 22:05:10 -03:00
Felipe Zimmerle
9cb3f23b50
Adds support to setrsc action
2017-06-09 16:59:04 -03:00
Victor Hora
37868d1534
Add missing feature: t:uppercase transformation
2017-06-02 21:47:54 -03:00
Andrei Belov
85f98c8a66
Fix "make dist" after recent changes to parser
...
In particular, it is now possible to either build ModSecurity
with pre-generated parser, or use "--enable-parser-generation"
configure option to rebuild parser from sources.
2017-03-09 18:18:00 -03:00
Felipe Zimmerle
f2d149fc5f
Extends the direct access model to other collections
2017-03-06 15:02:00 -03:00
Felipe Zimmerle
ca24b6bb06
PoC: Adds support to direct access on ARGS collection
2017-03-06 15:01:59 -03:00
Felipe Zimmerle
e95555132e
Contionuation of 1 time variable patch
...
Now we have almost 100% of the transaction variables hosted on the
new schema. Variable modifcators (count and exclusion) are not yet
supported on the new schema. Notice that setvar is now using the
parser.
2017-03-06 15:01:58 -03:00
Felipe Zimmerle
703da3c4f0
Adds PoC about 1-time variable resolution and draft for offset
...
There is no need for the variable purely associated with the
transaction (transient) be part of collection that demands
lookups. Also, those variables will held the concept of offset:
The offset from the first byte of the request till the start of
the variable.
2017-03-06 15:01:52 -03:00
Felipe Zimmerle
1e8b374117
Removes the depency on bison/flex if it is not a parser build
2017-03-06 15:01:52 -03:00
Felipe Zimmerle
3eccfaf1f6
Disables parser generation on all builds
...
The parser generation is now an configure option
2017-03-06 15:01:52 -03:00
Felipe Zimmerle
2e9a35c358
Refactoring on the audit logs implementation
...
Among of other things, it is now supporting shared file locks between
different process.
2016-12-14 23:17:28 -03:00
Felipe Zimmerle
9707d46e45
Adds `debug_log' headers in the no install list
2016-12-09 15:03:00 -03:00
Felipe Zimmerle
64e2927922
Moves debuglog stuff inside the debug_log namespace
2016-12-09 09:52:01 -03:00
Andrei Belov
8f16650595
Fix install and dist targets after 768cc74f, 9733cacd, bfc30dad
2016-12-07 10:31:34 -03:00
Felipe Zimmerle
bfc30dad34
Refactoring: how to report to error logs
2016-12-01 01:05:29 -03:00
Felipe Zimmerle
8fa0523fe0
Adds initial support to the multiMatch action
2016-11-28 12:20:18 -03:00
Andrei Belov
1b28776814
Fixed install and dist targets after 3ee7b24
2016-11-09 09:38:47 -03:00
Felipe Zimmerle
ad05c74c3f
Moves mbedtls to others and renames msc_string.h to string.h
2016-11-07 09:52:08 -03:00
Felipe Zimmerle
62a0cb468b
Renames utils/msc_string.[h|cc] to utils/string.[h|cc]
2016-11-04 16:00:42 -03:00
Felipe Zimmerle
424418f54b
Renames msc_system.[h|cc] to system.[h|cc]
2016-11-04 16:00:36 -03:00
Felipe Zimmerle
768cc74f0e
Moves RuleMessage to its own file
2016-11-04 11:58:57 -03:00
Felipe Zimmerle
507ec44cc2
Refactoring on `utils.cc' and adjacents
...
Completely removed the `utils.cc' by moving residual functions into
sub-classes of `utils/'
2016-11-03 20:26:27 -03:00
Felipe Zimmerle
f1e742c159
Moves system related functions from utils' to
utils/system'
2016-11-03 10:48:10 -03:00
Felipe Zimmerle
73c4d69174
Moves string related functions from utils' to
utils/string'
2016-11-03 10:47:22 -03:00
Felipe Zimmerle
9733cacd4d
Refactoring: moves ctl_ actions into ctl namespace
2016-11-01 14:58:51 -03:00
Felipe Zimmerle
4711644600
dds support to CtlRequestBodyAccess
2016-10-28 09:48:10 -03:00
Felipe Zimmerle
1c21d1aeba
Adds support to action CtlRuleRemoveById
2016-10-26 11:00:18 -03:00
Felipe Zimmerle
161cc36acf
Adds support to action CtlRuleRemoteTargetById
2016-10-26 10:58:42 -03:00
Felipe Zimmerle
9245369a54
Adds support to action CtlRuleRemoteTargetByTag
2016-10-25 15:43:50 -03:00
Felipe Zimmerle
678a97d0f7
Refectoring on the DebugLog mechanism
...
The DebugLog implementation was modified to use shared memory
to keep the information about the opened files and file handles.
The modification was necessary to avoid race-conditions. This
commit also closes the issue SpiderLabs/ModSecurity-nginx#17
2016-10-18 18:43:51 -03:00
Felipe Zimmerle
241269eede
Adds missing `nog_log' action
2016-09-12 10:34:45 -03:00
Andrei Belov
ed18c73cda
include pre-generated parser sources into the distribution
2016-08-16 20:01:53 -03:00
Felipe Zimmerle
c961373fc1
Adds missing header
2016-07-18 18:03:22 -03:00
Felipe Zimmerle
37079ef668
Adds support to SecRuleRemoveById
2016-07-18 15:02:38 -03:00
Felipe Zimmerle
d781b00f70
Fix the `log' action and the webserver error callback
2016-07-16 15:20:31 -03:00
Andrei Belov
063850a4cb
exclude build-time required headers from install target
2016-07-11 11:08:41 -03:00
Andrei Belov
649365481f
automake: include all needed files into "make dist" target.
2016-07-11 11:08:41 -03:00
Felipe Zimmerle
5daf4873b5
build: Searching for LMDB during the configuration phase
2016-07-05 11:56:19 -03:00
Felipe Zimmerle
f72bd587ec
Adds support to the allow action
2016-06-30 20:44:51 -03:00