github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-17 22:56:18 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,975 Commits 55 Branches 109 Tags
Commit Graph

72 Commits

Author SHA1 Message Date
Felipe Zimmerle
decf04d264 Adds support to SecResponseBodyMimeType 2015-12-24 11:55:24 -03:00
Felipe Zimmerle
913e22a77d Adds initial support to initcol action 2015-12-22 12:10:15 -03:00
Felipe Zimmerle
fb3696ac04 Fix a few things to provide an easy interface for script bindings 2015-12-22 11:53:36 -03:00
Felipe Zimmerle
b5a43871e6 Changes library namespace from ModSecurity to modsecurity 2015-12-01 10:55:59 -03:00
Felipe Zimmerle
09a958544d Makes @geoLookup optional depending on the availability of libGeoIP 2015-11-20 11:09:05 -03:00
Felipe Zimmerle
e641c3cc17 Huge improve in the variables resolution time 2015-11-03 22:44:59 -03:00
Felipe Zimmerle
48704c27a9 Removes some memory leaks 2015-10-30 18:59:08 -03:00
Felipe Zimmerle
e54ef72051 Looks for external resources in the same path of the rule 2015-10-06 09:21:30 -03:00
Felipe Zimmerle
5cc9e94505 Splits operator into OPERATOR and FREE_TEXT on sec lang grammar 2015-10-02 12:07:18 -03:00
Felipe Zimmerle
df819dc43b Removes SPACE token form the GRAMMAR 2015-10-02 11:30:05 -03:00
Felipe Zimmerle
54c51e2512 Fix parser shift/reduce problem on state 133 2015-10-02 11:03:04 -03:00
Felipe Zimmerle
03eabd9c12 Fix shift/reduce conflict in the sec lang grammar. 2015-10-01 17:36:18 -03:00
Felipe Zimmerle
941b9e75c4 Adds support to rules with actions without quotes 2015-10-01 14:55:55 -03:00
Felipe Zimmerle
8255ce86ca Adds reference to filename and line number to lexer errors 2015-09-30 14:36:33 -03:00
Felipe Zimmerle
cb9524ffd7 Adds support to collection in the parser 2015-09-29 13:14:36 -07:00
Felipe Zimmerle
9d60dc6df8 Adds macro expansion for all operators 2015-09-16 11:25:07 -03:00
Felipe Zimmerle
23d843259d Fix rule.h include on modsecurity.cc and seclang-parser.yy 2015-09-15 16:05:29 -03:00
Felipe Zimmerle
736183b7f1 Adds ctl:forceRequestBodyVariable to the seclang parser 2015-09-09 22:43:18 -03:00
Felipe Zimmerle
4095ae7b52 Adds action accuracy to the parser 2015-09-09 22:26:35 -03:00
Felipe Zimmerle
1079b5ba54 Adds action maturity to the parser 2015-09-09 22:19:07 -03:00
Felipe Zimmerle
09651baf9a Adds action ver to the seclang parser 2015-09-09 22:10:45 -03:00
Felipe Zimmerle
254b29265e Adds action expirevar to the parser and fix the line counting 2015-09-09 18:31:37 -03:00
Felipe Zimmerle
ee8b886371 Adds parser support to ctl:[auditEngine|ruleEngine] 2015-09-09 17:51:53 -03:00
Felipe Zimmerle
d1fa2cfa7b Parser: Fix redirect action and adds SecRule first line-only comment syle 2015-09-09 15:10:38 -03:00
Felipe Zimmerle
5c3a4b608d Adds support to SecMarker and skipAfter 2015-09-08 10:06:37 -03:00
Felipe Zimmerle
b048794f4e Adds support to unconditional rules 2015-09-04 15:55:53 -03:00
Felipe Zimmerle
010c18f63f Adds support to SecDefaultAction configuration directive 2015-09-04 10:56:04 -03:00
Felipe Zimmerle
45d81e1c04 Adds sanity check to the rule id action 2015-09-03 09:38:12 -03:00
Felipe Zimmerle
a63aa50f1b Changes the default operator to be @rx not @pm 
For some reason the default operator was @pm, which was a huge mistake.
The default operator is @rx, thanks for Sanders who have noticed that.
 2015-09-02 18:31:02 -03:00
Felipe Zimmerle
ea4cd53221 Accepts phases with its name instead of a number 2015-09-02 18:31:02 -03:00
Felipe Zimmerle
035040cd13 Adds sanity check to confirm that the rule has an ID and it is not duplicated 2015-09-02 18:30:41 -03:00
Felipe Zimmerle
fa4f72d90d Adds support to ctl:auditLogParts variation 2015-09-02 10:55:29 -03:00
Felipe Zimmerle
e89e395a32 Fix various minor issues on the auditlog schema 2015-08-27 17:50:42 -03:00
Felipe Zimmerle
24b7d72666 DebugLogs are now being redirected to the correct files 2015-08-27 15:36:56 -03:00
Felipe Zimmerle
01542e28c3 Allows blank line (or line with space) at the end of a rules file 2015-08-25 15:50:40 -03:00
Felipe Zimmerle
c586ba0178 Removes an unused state from the seclang parser 2015-08-25 08:15:27 -03:00
Felipe Zimmerle
1065e297b2 Fix several minor issues on the seclang grammar 2015-08-22 11:06:28 -03:00
Felipe Zimmerle
e78d7f5b91 Makes the parser understand some missing configuration directives 
Directives:
 - SecPcreMatchLimitRecursion
 - SecPcreMatchLimit
 - SecResponseBodyMimeType
 - SecTmpDir
 - SecDataDir
 - SecArgumentSeparator
 - SecCookieFormat
 - SecStatusEngine

Those are not implemented yet, but the parser is now able to understand it.
 2015-08-20 13:04:54 -03:00
Felipe Zimmerle
0b225f0239 Parser: adds support to SecRequestBodyInMemoryLimit 2015-08-19 22:42:46 -03:00
Felipe Zimmerle
2d56aa521b Cosmetics: fix actions on yy file 
- added action for:
  ctl:requestBodyProcessor=XML
  ctl:requestBodyProcessor=JSON
- added CONFIG_DIR_REQ_BODY_NO_FILES_LIMIT
 2015-08-19 22:36:31 -03:00
Felipe Zimmerle
ef99615401 parser: Understanding @pm if no operator is provided 2015-08-19 16:58:14 -03:00
Felipe Zimmerle
d5fe21ce3c Code cosmetics: reduce the amount of cppcheck warnings 2015-08-12 22:40:26 -03:00
Felipe Zimmerle
2ff0a44df2 Eliminates the sec language grammar shift-reduce problem 2015-08-11 16:53:05 -03:00
Felipe Zimmerle
9096055ea7 Reduces bison dependency to 3.0 2015-08-10 14:11:30 -03:00
Felipe Zimmerle
c06179f18e Adds support for Log and Rev actions 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
ad9393a8c2 Adds support for the tag action 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
f519717bdf Adds support to the msg action 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
e12d95b10d Adds support to the TX collection and setvar action 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
88c53575be Adds support to & (count) and ! (exclusion) as variables variations 2015-08-07 14:27:33 -03:00
Felipe Zimmerle
c2d33823f5 Adds method init to Operator class 2015-07-27 22:44:34 -03:00