Documentation ¶
Index ¶
- Variables
- type DisruptiveAction
- type MatchData
- type MatchedRule
- func (mr MatchedRule) AuditLog() string
- func (mr *MatchedRule) ClientIPAddress() string
- func (mr *MatchedRule) Data() string
- func (mr *MatchedRule) Disruptive() bool
- func (mr MatchedRule) ErrorLog() string
- func (mr *MatchedRule) Log() bool
- func (mr *MatchedRule) MatchedDatas() []types.MatchData
- func (mr *MatchedRule) Message() string
- func (mr *MatchedRule) Rule() types.RuleMetadata
- func (mr *MatchedRule) ServerIPAddress() string
- func (mr *MatchedRule) TransactionID() string
- func (mr *MatchedRule) URI() string
- type RuleMetadata
- func (r *RuleMetadata) Accuracy() int
- func (r *RuleMetadata) File() string
- func (r *RuleMetadata) ID() int
- func (r *RuleMetadata) Line() int
- func (r *RuleMetadata) Maturity() int
- func (r *RuleMetadata) Operator() string
- func (r *RuleMetadata) Phase() types.RulePhase
- func (r *RuleMetadata) Raw() string
- func (r *RuleMetadata) Revision() string
- func (r *RuleMetadata) SecMark() string
- func (r *RuleMetadata) Severity() types.RuleSeverity
- func (r *RuleMetadata) Tags() []string
- func (r *RuleMetadata) Version() string
Constants ¶
This section is empty.
Variables ¶
View Source
var DisruptiveActionMap = map[string]DisruptiveAction{ "allow": DisruptiveActionAllow, "deny": DisruptiveActionDeny, "drop": DisruptiveActionDrop, "pass": DisruptiveActionPass, "redirect": DisruptiveActionRedirect, }
Functions ¶
This section is empty.
Types ¶
type DisruptiveAction ¶
type DisruptiveAction int
ActionName is used to identify an action.
const ( DisruptiveActionUnknown DisruptiveAction = iota DisruptiveActionAllow DisruptiveActionDeny DisruptiveActionDrop DisruptiveActionPass DisruptiveActionRedirect )
type MatchData ¶
type MatchData struct { // Variable Variable_ variables.RuleVariable // Key of the variable, blank if no key is required Key_ string // Value of the current VARIABLE:KEY Value_ string // Macro expanded message Message_ string // Macro expanded logdata Data_ string // Keeps track of the chain depth in which the data matched. // Multiphase specific field ChainLevel_ int }
MatchData works like VariableKey but is used for logging, so it contains the collection as a string, and it's value
func (*MatchData) ChainLevel ¶
func (*MatchData) Variable ¶
func (m *MatchData) Variable() variables.RuleVariable
type MatchedRule ¶
type MatchedRule struct { // Macro expanded message Message_ string // Macro expanded logdata Data_ string // Full request uri unparsed URI_ string // Transaction id TransactionID_ string // Is disruptive Disruptive_ bool // Name of the disruptive action // Note: not exposed in coraza v3.0.* DisruptiveAction_ DisruptiveAction // Is meant to be logged Log_ bool // Server IP address ServerIPAddress_ string // Client IP address ClientIPAddress_ string // A slice of matched variables MatchedDatas_ []types.MatchData Rule_ types.RuleMetadata }
MatchedRule contains a list of macro expanded messages, matched variables and a pointer to the rule
func (MatchedRule) AuditLog ¶
func (mr MatchedRule) AuditLog() string
AuditLog transforms the matched rule into an error log using the legacy Modsecurity syntax
func (*MatchedRule) ClientIPAddress ¶
func (mr *MatchedRule) ClientIPAddress() string
func (*MatchedRule) Data ¶
func (mr *MatchedRule) Data() string
func (*MatchedRule) Disruptive ¶
func (mr *MatchedRule) Disruptive() bool
func (MatchedRule) ErrorLog ¶
func (mr MatchedRule) ErrorLog() string
ErrorLog returns the same as audit log but without matchData
func (*MatchedRule) Log ¶
func (mr *MatchedRule) Log() bool
func (*MatchedRule) MatchedDatas ¶
func (mr *MatchedRule) MatchedDatas() []types.MatchData
func (*MatchedRule) Message ¶
func (mr *MatchedRule) Message() string
func (*MatchedRule) Rule ¶
func (mr *MatchedRule) Rule() types.RuleMetadata
func (*MatchedRule) ServerIPAddress ¶
func (mr *MatchedRule) ServerIPAddress() string
func (*MatchedRule) TransactionID ¶
func (mr *MatchedRule) TransactionID() string
func (*MatchedRule) URI ¶
func (mr *MatchedRule) URI() string
type RuleMetadata ¶
type RuleMetadata struct { ID_ int File_ string Line_ int Rev_ string Severity_ types.RuleSeverity Version_ string Tags_ []string Maturity_ int Accuracy_ int Operator_ string Phase_ types.RulePhase Raw_ string SecMark_ string }
RuleMetadata is used to store rule metadata that can be used across packages
func (*RuleMetadata) Accuracy ¶
func (r *RuleMetadata) Accuracy() int
func (*RuleMetadata) File ¶
func (r *RuleMetadata) File() string
func (*RuleMetadata) ID ¶
func (r *RuleMetadata) ID() int
func (*RuleMetadata) Line ¶
func (r *RuleMetadata) Line() int
func (*RuleMetadata) Maturity ¶
func (r *RuleMetadata) Maturity() int
func (*RuleMetadata) Operator ¶
func (r *RuleMetadata) Operator() string
func (*RuleMetadata) Phase ¶
func (r *RuleMetadata) Phase() types.RulePhase
func (*RuleMetadata) Raw ¶
func (r *RuleMetadata) Raw() string
func (*RuleMetadata) Revision ¶
func (r *RuleMetadata) Revision() string
func (*RuleMetadata) SecMark ¶
func (r *RuleMetadata) SecMark() string
func (*RuleMetadata) Severity ¶
func (r *RuleMetadata) Severity() types.RuleSeverity
func (*RuleMetadata) Tags ¶
func (r *RuleMetadata) Tags() []string
func (*RuleMetadata) Version ¶
func (r *RuleMetadata) Version() string
Click to show internal directories.
Click to hide internal directories.