Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuditLogConfig ¶
type AuditLogConfig interface { // LogRelevantOnly enables audit logging only for relevant events. LogRelevantOnly() AuditLogConfig // WithParts configures the parts of the request/response to be logged. WithParts(parts types.AuditLogParts) AuditLogConfig }
AuditLogConfig controls audit logging.
func NewAuditLogConfig ¶
func NewAuditLogConfig() AuditLogConfig
NewAuditLogConfig returns a new AuditLogConfig with the default settings.
type WAF ¶
type WAF interface { // NewTransaction Creates a new initialized transaction for this WAF instance NewTransaction() types.Transaction NewTransactionWithID(id string) types.Transaction }
WAF instance is used to store configurations and rules Every web application should have a different WAF instance, but you can share an instance if you are ok with sharing configurations, rules and logging. Transactions and SecLang parser requires a WAF instance You can use as many WAF instances as you want, and they are concurrent safe
type WAFConfig ¶
type WAFConfig interface { // WithDirectives parses the directives from the given string and adds them to the WAF. WithDirectives(directives string) WAFConfig // WithDirectivesFromFile parses the directives from the given file and adds them to the WAF. WithDirectivesFromFile(path string) WAFConfig // WithRequestBodyAccess enables access to the request body. WithRequestBodyAccess() WAFConfig // WithRequestBodyLimit sets the maximum number of bytes that can be read from the request body. Bytes beyond that set // in WithInMemoryLimit will be buffered to disk. // For usability purposes body limits are enforced as int (and not int64) // int is a signed integer type that is at least 32 bits in size (platform-dependent size). // While, the theoretical settable upper limit for 32-bit machines is 2GiB, // it is recommended to keep this value as low as possible. WithRequestBodyLimit(limit int) WAFConfig // WithRequestBodyInMemoryLimit sets the maximum number of bytes that can be read from the request body and buffered in memory. // For usability purposes body limits are enforced as int (and not int64) // int is a signed integer type that is at least 32 bits in size (platform-dependent size). // While, the theoretical settable upper limit for 32-bit machines is 2GiB, // it is recommended to keep this value as low as possible. WithRequestBodyInMemoryLimit(limit int) WAFConfig // WithResponseBodyAccess enables access to the response body. WithResponseBodyAccess() WAFConfig // WithResponseBodyLimit sets the maximum number of bytes that can be read from the response body and buffered in memory. // For usability purposes body limits are enforced as int (and not int64) // int is a signed integer type that is at least 32 bits in size (platform-dependent size). // While, the theoretical settable upper limit for 32-bit machines is 2GiB, // it is recommended to keep this value as low as possible. WithResponseBodyLimit(limit int) WAFConfig // WithResponseBodyMimeTypes sets the mime types of responses that will be processed. WithResponseBodyMimeTypes(mimeTypes []string) WAFConfig // WithDebugLogger configures a debug logger. WithDebugLogger(logger debuglog.Logger) WAFConfig // WithErrorCallback configures an error callback that can be used // to log errors triggered by the WAF. // It contains the severity so the cb can decide to skip it or not WithErrorCallback(logger func(rule types.MatchedRule)) WAFConfig // WithRootFS configures the root file system. WithRootFS(fs fs.FS) WAFConfig }
WAFConfig controls the behavior of the WAF.
Note: WAFConfig is immutable. Each WithXXX function returns a new instance including the corresponding change.
func NewWAFConfig ¶
func NewWAFConfig() WAFConfig
NewWAFConfig creates a new WAFConfig with the default settings.
Directories ¶
Path | Synopsis |
---|---|
experimental
|
|
Package http allows populating a coraza transaction with information from an HTTP Request.
|
Package http allows populating a coraza transaction with information from an HTTP Request. |
internal
|
|
auditlog
Package auditlog implements a set of log formatters and writers for audit logging.
|
Package auditlog implements a set of log formatters and writers for audit logging. |
variables
Package variables contains the representation of the variables used in the rules Variables are created as bytes and they have a string representation
|
Package variables contains the representation of the variables used in the rules Variables are created as bytes and they have a string representation |
testing
|
|
variables
Package variables contains the representation of the variables used in the rules Variables are created as bytes and they have a string representation
|
Package variables contains the representation of the variables used in the rules Variables are created as bytes and they have a string representation |