The highest tagged major version is
Documentation
¶
Index ¶
- func MergeActions(origin []ruleAction, defaults []ruleAction) []ruleAction
- func ParseActions(actions string) ([]ruleAction, error)
- func PhaseToInt(phase string) (int, error)
- type Directive
- type Parser
- type RuleParser
- func (p *RuleParser) AddVariable(count bool, negation bool, collection byte, key string, regexkey bool) error
- func (p *RuleParser) ParseActions(actions string) error
- func (p *RuleParser) ParseDefaultActions(actions string) error
- func (p *RuleParser) ParseOperator(operator string) error
- func (p *RuleParser) ParseVariables(vars string) error
- func (p *RuleParser) Rule() *coraza.Rule
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func MergeActions ¶
func MergeActions(origin []ruleAction, defaults []ruleAction) []ruleAction
So here is my research: SecDefaultAction must contain a phase and a disruptive action They will only be merged if the match the same phase If the rule disruptive action is block it will inherit the defaultaction disruptive actions DefaultAction's disruptive action will be added to the rule only if there is no DA or DA is block If we have: SecDefaultAction "phase:2,deny,status:403,log" Then we have a Rule: SecAction "id:1, phase:2, block, nolog" The rule ID 1 will inherit default actions and become SecAction "id:1, phase:2, status:403, log, nolog, deny" In the future I shall optimize that redundant log and nolog, it won't actually change anything but would look cooler
func ParseActions ¶
ParseActions will assign the function name, arguments and function (pkg.actions) for each action splitted by comma (,) Action arguments are allowed to wrap values between collons(”)
func PhaseToInt ¶
PhaseToInt transforms a phase string to it's integer value, modsecurity allows request(1), response(3), log(5), 1,2,3,4,5 values
Types ¶
type Parser ¶
type Parser struct {
Waf *engine.Waf
DisabledDirectives []string
DisabledRuleActions []string
DisabledRuleOperators []string
// contains filtered or unexported fields
}
Parser provides functions to evaluate (compile) SecLang directives
func NewParser ¶
NewParser creates a new parser from a WAF instance Rules and settings will be associated with the supplied waf
func (*Parser) AddDefaultActions ¶
AddDEfaultActions compiles an actions string Requires a phase and a disruptive action, example: AddDefaultActions("deny,phase:1,log")
func (*Parser) FromFile ¶
FromFile imports directives from a file It will return error if any directive fails to parse or arguments are invalid
func (*Parser) FromString ¶
FromString imports directives from a string It will return error if any directive fails to parse or arguments are invalid
func (*Parser) GetDefaultActions ¶
GetDefaultActions returns the default actions as an array of strings, they are not evaluated yet
type RuleParser ¶
type RuleParser struct {
Configdir string
// contains filtered or unexported fields
}
func NewRuleParser ¶
func NewRuleParser(p *Parser) *RuleParser
NewRuleParser Creates a new rule parser, each rule parser will contain a single rule that can be obtained using ruleparser.Rule()
func (*RuleParser) AddVariable ¶ added in v1.2.0
func (*RuleParser) ParseActions ¶
func (p *RuleParser) ParseActions(actions string) error
ParseActions
func (*RuleParser) ParseDefaultActions ¶
func (p *RuleParser) ParseDefaultActions(actions string) error
func (*RuleParser) ParseOperator ¶
func (p *RuleParser) ParseOperator(operator string) error
func (*RuleParser) ParseVariables ¶
func (p *RuleParser) ParseVariables(vars string) error
Source Files