Documentation ¶
Index ¶
Constants ¶
const ( // AuditLogPartAuditLogHeader is the mandatory header part AuditLogPartAuditLogHeader auditLogPart = 'A' // AuditLogPartRequestHeaders is the request headers part AuditLogPartRequestHeaders auditLogPart = 'B' // AuditLogPartRequestBody is the request body part AuditLogPartRequestBody auditLogPart = 'C' // AuditLogPartIntermediaryResponseHeaders is the intermediary response headers part AuditLogPartIntermediaryResponseHeaders auditLogPart = 'D' // AuditLogPartIntermediaryResponseBody is the intermediary response body part AuditLogPartIntermediaryResponseBody auditLogPart = 'E' // AuditLogPartResponseHeaders is the final response headers part AuditLogPartResponseHeaders auditLogPart = 'F' // AuditLogPartResponseBody is the final response body part AuditLogPartResponseBody auditLogPart = 'G' // AuditLogPartAuditLogTrailer is the audit log trailer part AuditLogPartAuditLogTrailer auditLogPart = 'H' // AuditLogPartRequestBodyAlternative is the request body replaced part AuditLogPartRequestBodyAlternative auditLogPart = 'I' // AuditLogPartUploadedFiles is the uploaded files part AuditLogPartUploadedFiles auditLogPart = 'J' // AuditLogPartRulesMatched is the matched rules part AuditLogPartRulesMatched auditLogPart = 'K' // AuditLogPartFinalBoundary is the mandatory final boundary part AuditLogPartFinalBoundary auditLogPart = 'Z' )
const VariablesCount = 87
VariablesCount contains the number of variables handled by the variables package It is used to create arrays of the correct size
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AnchoredVar ¶ added in v2.0.1
AnchoredVar stores the case preserved Original name and value of the variable
type AuditEngineStatus ¶
type AuditEngineStatus int
AuditEngineStatus represents the functionality of the audit engine.
const ( // AuditEngineOn will audit each auditable event AuditEngineOn AuditEngineStatus = iota // AuditEngineOff will not audit any event AuditEngineOff AuditEngineStatus = iota // AuditEngineRelevantOnly will audit only relevant events AuditEngineRelevantOnly AuditEngineStatus = iota )
func ParseAuditEngineStatus ¶
func ParseAuditEngineStatus(as string) (AuditEngineStatus, error)
ParseAuditEngineStatus parses the audit engine status
type AuditLogParts ¶
type AuditLogParts []auditLogPart
AuditLogParts represents the parts of the audit log A: Audit log header (mandatory). B: Request headers. C: Request body D: Reserved for intermediary response headers; not implemented yet. E: Intermediary response body (not implemented yet). F: Final response headers G: Reserved for the actual response body; not implemented yet. H: Audit log trailer. I: This part is a replacement for part C. J: This part contains information about the files uploaded using multipart/form-data encoding. K: This part contains a full list of every rule that matched (one per line) Z: Final boundary, signifies the end of the entry (mandatory).
type BodyBufferOptions ¶
type BodyBufferOptions struct { // TmpPath is the path to store temporary files TmpPath string // MemoryLimit is the maximum amount of memory to be stored in memory // Once the limit is reached, the file will be stored on disk MemoryLimit int64 }
BodyBufferOptions is used to feed a coraza.BodyBuffer with parameters
type Config ¶
type Config map[string]interface{}
Config is used to store the configuration of the WAF Internal configurations are not exported. This is used to connect directives with audit loggers. A Waf instance will share it's Config object with the audit loggers.
type Interruption ¶
type Interruption struct { // Rule that caused the interruption RuleID int // drop, deny, redirect Action string // Force this status code Status int // Parameters used by proxy and redirect Data string }
Interruption is used to notify the Coraza implementation that the transaction must be disrupted, for example:
if it := tx.Interruption; it != nil { return show403() }
type RequestBodyLimitAction ¶
type RequestBodyLimitAction int
RequestBodyLimitAction represents the action to take when the request body size exceeds the configured limit.
const ( // RequestBodyLimitActionProcessPartial will process the request body // up to the limit and then reject the request RequestBodyLimitActionProcessPartial RequestBodyLimitAction = 0 // RequestBodyLimitActionReject will reject the request in case // the request body size exceeds the configured limit RequestBodyLimitActionReject RequestBodyLimitAction = 1 )
func ParseRequestBodyLimitAction ¶
func ParseRequestBodyLimitAction(rbla string) (RequestBodyLimitAction, error)
ParseRequestBodyLimitAction parses the request body limit action
type RuleActionType ¶
type RuleActionType int
RuleActionType is used to define when an action is going to be triggered
const ( // ActionTypeMetadata is used to provide more information about rules. ActionTypeMetadata RuleActionType = 1 // ActionTypeDisruptive is used to make the integrator do something like drop the request. ActionTypeDisruptive RuleActionType = 2 // ActionTypeData Not really actions, these are mere containers that hold data used by other actions. ActionTypeData RuleActionType = 3 // ActionTypeNondisruptive is used to do something that does not affect the flow of the rule. ActionTypeNondisruptive RuleActionType = 4 // ActionTypeFlow is used to affect the rule flow (for example skip or skipAfter). ActionTypeFlow RuleActionType = 5 )
type RuleEngineStatus ¶
type RuleEngineStatus int
RuleEngineStatus represents the functionality of the rule engine.
const ( // RuleEngineOn will process each rule and may generate // disruptive actions RuleEngineOn RuleEngineStatus = iota // RuleEngineDetectionOnly will process each rule but won't // generate disruptive actions RuleEngineDetectionOnly RuleEngineStatus = iota // RuleEngineOff will not process any rule RuleEngineOff RuleEngineStatus = iota )
func ParseRuleEngineStatus ¶
func ParseRuleEngineStatus(re string) (RuleEngineStatus, error)
ParseRuleEngineStatus parses the rule engine status
func (RuleEngineStatus) String ¶
func (re RuleEngineStatus) String() string
String returns the string representation of the rule engine status
type RulePhase ¶
type RulePhase int
RulePhase is the phase of the rule
const ( // PhaseRequestHeaders will process once the request headers are received PhaseRequestHeaders RulePhase = 1 // PhaseRequestBody will process once the request body is received PhaseRequestBody RulePhase = 2 // PhaseResponseHeaders will process once the response headers are received PhaseResponseHeaders RulePhase = 3 // PhaseResponseBody will process once the response body is received PhaseResponseBody RulePhase = 4 // PhaseLogging will process once the request is sent // This phase will always run PhaseLogging RulePhase = 5 )
func ParseRulePhase ¶
ParseRulePhase parses the phase of the rule from a to 5 or request:2, response:4, logging:5 if the phase is invalid it will return an error
type RuleSeverity ¶
type RuleSeverity int
RuleSeverity represents the severity of a triggered rule It can have a numeric value or string value There are 8 levels of severity: 0 - Emergency 1 - Alert 2 - Critical 3 - Error 4 - Warning 5 - Notice 6 - Info 7 - Debug RuleSeverity is used by error callbacks to chose wether to log the error or not
const ( // RuleSeverityEmergency represents the emergency severity // We "shold" exit the process immediately RuleSeverityEmergency RuleSeverity = 0 // RuleSeverityAlert represents the alert severity RuleSeverityAlert RuleSeverity = 1 // RuleSeverityCritical represents the critical severity RuleSeverityCritical RuleSeverity = 2 // RuleSeverityError represents the error severity RuleSeverityError RuleSeverity = 3 // RuleSeverityWarning represents the warning severity RuleSeverityWarning RuleSeverity = 4 // RuleSeverityNotice represents the notice severity RuleSeverityNotice RuleSeverity = 5 // RuleSeverityInfo represents the info severity RuleSeverityInfo RuleSeverity = 6 // RuleSeverityDebug represents the debug severity RuleSeverityDebug RuleSeverity = 7 )
func ParseRuleSeverity ¶
func ParseRuleSeverity(input string) (RuleSeverity, error)
ParseRuleSeverity parses a string into a RuleSeverity
func (RuleSeverity) Int ¶
func (rs RuleSeverity) Int() int
Int returns the integer value of the severity
func (RuleSeverity) String ¶
func (rs RuleSeverity) String() string
String returns the string representation of the severity
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package variables contains the representation of the variables used in the rules Variables are created as bytes and they have a string representation
|
Package variables contains the representation of the variables used in the rules Variables are created as bytes and they have a string representation |