Documentation ¶
Index ¶
- Variables
- type AuditLogging
- func (m *AuditLogging) Clone() proto.Message
- func (*AuditLogging) Descriptor() ([]byte, []int)deprecated
- func (m *AuditLogging) Equal(that interface{}) bool
- func (x *AuditLogging) GetAction() AuditLogging_AuditLogAction
- func (x *AuditLogging) GetLocation() AuditLogging_AuditLogLocation
- func (m *AuditLogging) Hash(hasher hash.Hash64) (uint64, error)
- func (*AuditLogging) ProtoMessage()
- func (x *AuditLogging) ProtoReflect() protoreflect.Message
- func (x *AuditLogging) Reset()
- func (x *AuditLogging) String() string
- type AuditLogging_AuditLogAction
- func (AuditLogging_AuditLogAction) Descriptor() protoreflect.EnumDescriptor
- func (x AuditLogging_AuditLogAction) Enum() *AuditLogging_AuditLogAction
- func (AuditLogging_AuditLogAction) EnumDescriptor() ([]byte, []int)deprecated
- func (x AuditLogging_AuditLogAction) Number() protoreflect.EnumNumber
- func (x AuditLogging_AuditLogAction) String() string
- func (AuditLogging_AuditLogAction) Type() protoreflect.EnumType
- type AuditLogging_AuditLogLocation
- func (AuditLogging_AuditLogLocation) Descriptor() protoreflect.EnumDescriptor
- func (x AuditLogging_AuditLogLocation) Enum() *AuditLogging_AuditLogLocation
- func (AuditLogging_AuditLogLocation) EnumDescriptor() ([]byte, []int)deprecated
- func (x AuditLogging_AuditLogLocation) Number() protoreflect.EnumNumber
- func (x AuditLogging_AuditLogLocation) String() string
- func (AuditLogging_AuditLogLocation) Type() protoreflect.EnumType
- type ModSecurity
- func (m *ModSecurity) Clone() proto.Message
- func (*ModSecurity) Descriptor() ([]byte, []int)deprecated
- func (m *ModSecurity) Equal(that interface{}) bool
- func (x *ModSecurity) GetAuditLogging() *AuditLogging
- func (x *ModSecurity) GetCustomInterventionMessage() string
- func (x *ModSecurity) GetDisabled() bool
- func (x *ModSecurity) GetDlpTransformation() *transformation_ee.DlpTransformation
- func (x *ModSecurity) GetRegressionLogs() bool
- func (x *ModSecurity) GetRequestHeadersOnly() bool
- func (x *ModSecurity) GetResponseHeadersOnly() bool
- func (x *ModSecurity) GetRuleSets() []*RuleSet
- func (m *ModSecurity) Hash(hasher hash.Hash64) (uint64, error)
- func (*ModSecurity) ProtoMessage()
- func (x *ModSecurity) ProtoReflect() protoreflect.Message
- func (x *ModSecurity) Reset()
- func (x *ModSecurity) String() string
- type ModSecurityPerRoute
- func (m *ModSecurityPerRoute) Clone() proto.Message
- func (*ModSecurityPerRoute) Descriptor() ([]byte, []int)deprecated
- func (m *ModSecurityPerRoute) Equal(that interface{}) bool
- func (x *ModSecurityPerRoute) GetAuditLogging() *AuditLogging
- func (x *ModSecurityPerRoute) GetCustomInterventionMessage() string
- func (x *ModSecurityPerRoute) GetDisabled() bool
- func (x *ModSecurityPerRoute) GetDlpTransformation() *transformation_ee.DlpTransformation
- func (x *ModSecurityPerRoute) GetRequestHeadersOnly() bool
- func (x *ModSecurityPerRoute) GetResponseHeadersOnly() bool
- func (x *ModSecurityPerRoute) GetRuleSets() []*RuleSet
- func (m *ModSecurityPerRoute) Hash(hasher hash.Hash64) (uint64, error)
- func (*ModSecurityPerRoute) ProtoMessage()
- func (x *ModSecurityPerRoute) ProtoReflect() protoreflect.Message
- func (x *ModSecurityPerRoute) Reset()
- func (x *ModSecurityPerRoute) String() string
- type RuleSet
- func (m *RuleSet) Clone() proto.Message
- func (*RuleSet) Descriptor() ([]byte, []int)deprecated
- func (m *RuleSet) Equal(that interface{}) bool
- func (x *RuleSet) GetDirectory() string
- func (x *RuleSet) GetFiles() []string
- func (x *RuleSet) GetRuleStr() string
- func (m *RuleSet) Hash(hasher hash.Hash64) (uint64, error)
- func (*RuleSet) ProtoMessage()
- func (x *RuleSet) ProtoReflect() protoreflect.Message
- func (x *RuleSet) Reset()
- func (x *RuleSet) String() string
Constants ¶
This section is empty.
Variables ¶
View Source
var ( AuditLogging_AuditLogAction_name = map[int32]string{ 0: "NEVER", 1: "RELEVANT_ONLY", 2: "ALWAYS", } AuditLogging_AuditLogAction_value = map[string]int32{ "NEVER": 0, "RELEVANT_ONLY": 1, "ALWAYS": 2, } )
Enum value maps for AuditLogging_AuditLogAction.
View Source
var ( AuditLogging_AuditLogLocation_name = map[int32]string{ 0: "FILTER_STATE", 1: "DYNAMIC_METADATA", } AuditLogging_AuditLogLocation_value = map[string]int32{ "FILTER_STATE": 0, "DYNAMIC_METADATA": 1, } )
Enum value maps for AuditLogging_AuditLogLocation.
View Source
var File_github_com_solo_io_gloo_projects_gloo_api_external_envoy_extensions_waf_waf_proto protoreflect.FileDescriptor
Functions ¶
This section is empty.
Types ¶
type AuditLogging ¶ added in v1.3.26
type AuditLogging struct { Action AuditLogging_AuditLogAction `` /* 139-byte string literal not displayed */ Location AuditLogging_AuditLogLocation `` /* 145-byte string literal not displayed */ // contains filtered or unexported fields }
func (*AuditLogging) Clone ¶ added in v1.8.24
func (m *AuditLogging) Clone() proto.Message
Clone function
func (*AuditLogging) Descriptor
deprecated
added in
v1.3.26
func (*AuditLogging) Descriptor() ([]byte, []int)
Deprecated: Use AuditLogging.ProtoReflect.Descriptor instead.
func (*AuditLogging) Equal ¶ added in v1.3.26
func (m *AuditLogging) Equal(that interface{}) bool
Equal function
func (*AuditLogging) GetAction ¶ added in v1.3.26
func (x *AuditLogging) GetAction() AuditLogging_AuditLogAction
func (*AuditLogging) GetLocation ¶ added in v1.3.26
func (x *AuditLogging) GetLocation() AuditLogging_AuditLogLocation
func (*AuditLogging) Hash ¶ added in v1.6.0
func (m *AuditLogging) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*AuditLogging) ProtoMessage ¶ added in v1.3.26
func (*AuditLogging) ProtoMessage()
func (*AuditLogging) ProtoReflect ¶ added in v1.6.0
func (x *AuditLogging) ProtoReflect() protoreflect.Message
func (*AuditLogging) Reset ¶ added in v1.3.26
func (x *AuditLogging) Reset()
func (*AuditLogging) String ¶ added in v1.3.26
func (x *AuditLogging) String() string
type AuditLogging_AuditLogAction ¶ added in v1.3.26
type AuditLogging_AuditLogAction int32
const ( // Never generate audit logs. AuditLogging_NEVER AuditLogging_AuditLogAction = 0 // When set to RELEVANT_ONLY, this will have similar behavior to `SecAuditEngine RelevantOnly`. AuditLogging_RELEVANT_ONLY AuditLogging_AuditLogAction = 1 // Always generate an audit log entry (as long as the filter is not disabled). AuditLogging_ALWAYS AuditLogging_AuditLogAction = 2 )
func (AuditLogging_AuditLogAction) Descriptor ¶ added in v1.6.0
func (AuditLogging_AuditLogAction) Descriptor() protoreflect.EnumDescriptor
func (AuditLogging_AuditLogAction) Enum ¶ added in v1.6.0
func (x AuditLogging_AuditLogAction) Enum() *AuditLogging_AuditLogAction
func (AuditLogging_AuditLogAction) EnumDescriptor
deprecated
added in
v1.3.26
func (AuditLogging_AuditLogAction) EnumDescriptor() ([]byte, []int)
Deprecated: Use AuditLogging_AuditLogAction.Descriptor instead.
func (AuditLogging_AuditLogAction) Number ¶ added in v1.6.0
func (x AuditLogging_AuditLogAction) Number() protoreflect.EnumNumber
func (AuditLogging_AuditLogAction) String ¶ added in v1.3.26
func (x AuditLogging_AuditLogAction) String() string
func (AuditLogging_AuditLogAction) Type ¶ added in v1.6.0
func (AuditLogging_AuditLogAction) Type() protoreflect.EnumType
type AuditLogging_AuditLogLocation ¶ added in v1.3.26
type AuditLogging_AuditLogLocation int32
const ( // Add the audit log to the filter state. // it will be under the key "io.solo.modsecurity.audit_log". // You can use this formatter in the access log: // %FILTER_STATE(io.solo.modsecurity.audit_log)% AuditLogging_FILTER_STATE AuditLogging_AuditLogLocation = 0 // Add the audit log to the dynamic metadata. // it will be under the filter name "io.solo.filters.http.modsecurity". with "audit_log" as the // key. You can use this formatter in the access log: // %DYNAMIC_METADATA("io.solo.filters.http.modsecurity:audit_log")% AuditLogging_DYNAMIC_METADATA AuditLogging_AuditLogLocation = 1 )
func (AuditLogging_AuditLogLocation) Descriptor ¶ added in v1.6.0
func (AuditLogging_AuditLogLocation) Descriptor() protoreflect.EnumDescriptor
func (AuditLogging_AuditLogLocation) Enum ¶ added in v1.6.0
func (x AuditLogging_AuditLogLocation) Enum() *AuditLogging_AuditLogLocation
func (AuditLogging_AuditLogLocation) EnumDescriptor
deprecated
added in
v1.3.26
func (AuditLogging_AuditLogLocation) EnumDescriptor() ([]byte, []int)
Deprecated: Use AuditLogging_AuditLogLocation.Descriptor instead.
func (AuditLogging_AuditLogLocation) Number ¶ added in v1.6.0
func (x AuditLogging_AuditLogLocation) Number() protoreflect.EnumNumber
func (AuditLogging_AuditLogLocation) String ¶ added in v1.3.26
func (x AuditLogging_AuditLogLocation) String() string
func (AuditLogging_AuditLogLocation) Type ¶ added in v1.6.0
func (AuditLogging_AuditLogLocation) Type() protoreflect.EnumType
type ModSecurity ¶
type ModSecurity struct { // Disable all rules on the current route Disabled bool `protobuf:"varint,1,opt,name=disabled,proto3" json:"disabled,omitempty"` // Global rule sets for the current http connection manager RuleSets []*RuleSet `protobuf:"bytes,2,rep,name=rule_sets,json=ruleSets,proto3" json:"rule_sets,omitempty"` // Custom message to display when an intervention occurs CustomInterventionMessage string `` /* 138-byte string literal not displayed */ // This instructs the filter what to do with the transaction's audit log. AuditLogging *AuditLogging `protobuf:"bytes,5,opt,name=audit_logging,json=auditLogging,proto3" json:"audit_logging,omitempty"` // If set, the body will not be buffered and fed to ModSecurity. Only the headers will. // This can help improve performance. RequestHeadersOnly bool `protobuf:"varint,6,opt,name=request_headers_only,json=requestHeadersOnly,proto3" json:"request_headers_only,omitempty"` ResponseHeadersOnly bool `protobuf:"varint,7,opt,name=response_headers_only,json=responseHeadersOnly,proto3" json:"response_headers_only,omitempty"` // log in a format suited for the OWASP regression tests. // this format is a multiline log format, so it is disabled for regular use. // do not enable this in production! RegressionLogs bool `protobuf:"varint,4,opt,name=regression_logs,json=regressionLogs,proto3" json:"regression_logs,omitempty"` DlpTransformation *transformation_ee.DlpTransformation `protobuf:"bytes,8,opt,name=dlp_transformation,json=dlpTransformation,proto3" json:"dlp_transformation,omitempty"` // contains filtered or unexported fields }
func (*ModSecurity) Clone ¶ added in v1.8.24
func (m *ModSecurity) Clone() proto.Message
Clone function
func (*ModSecurity) Descriptor
deprecated
func (*ModSecurity) Descriptor() ([]byte, []int)
Deprecated: Use ModSecurity.ProtoReflect.Descriptor instead.
func (*ModSecurity) GetAuditLogging ¶ added in v1.3.26
func (x *ModSecurity) GetAuditLogging() *AuditLogging
func (*ModSecurity) GetCustomInterventionMessage ¶ added in v0.20.9
func (x *ModSecurity) GetCustomInterventionMessage() string
func (*ModSecurity) GetDisabled ¶
func (x *ModSecurity) GetDisabled() bool
func (*ModSecurity) GetDlpTransformation ¶ added in v1.9.25
func (x *ModSecurity) GetDlpTransformation() *transformation_ee.DlpTransformation
func (*ModSecurity) GetRegressionLogs ¶ added in v1.3.26
func (x *ModSecurity) GetRegressionLogs() bool
func (*ModSecurity) GetRequestHeadersOnly ¶ added in v1.4.13
func (x *ModSecurity) GetRequestHeadersOnly() bool
func (*ModSecurity) GetResponseHeadersOnly ¶ added in v1.4.13
func (x *ModSecurity) GetResponseHeadersOnly() bool
func (*ModSecurity) GetRuleSets ¶
func (x *ModSecurity) GetRuleSets() []*RuleSet
func (*ModSecurity) Hash ¶ added in v1.2.13
func (m *ModSecurity) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*ModSecurity) ProtoMessage ¶
func (*ModSecurity) ProtoMessage()
func (*ModSecurity) ProtoReflect ¶ added in v1.6.0
func (x *ModSecurity) ProtoReflect() protoreflect.Message
func (*ModSecurity) Reset ¶
func (x *ModSecurity) Reset()
func (*ModSecurity) String ¶
func (x *ModSecurity) String() string
type ModSecurityPerRoute ¶
type ModSecurityPerRoute struct { // Disable all rules on the current route Disabled bool `protobuf:"varint,1,opt,name=disabled,proto3" json:"disabled,omitempty"` // Overwrite the global rules on this route RuleSets []*RuleSet `protobuf:"bytes,2,rep,name=rule_sets,json=ruleSets,proto3" json:"rule_sets,omitempty"` // Custom message to display when an intervention occurs CustomInterventionMessage string `` /* 138-byte string literal not displayed */ // This instructs the filter what to do with the transaction's audit log. AuditLogging *AuditLogging `protobuf:"bytes,5,opt,name=audit_logging,json=auditLogging,proto3" json:"audit_logging,omitempty"` // If set, the body will not be buffered and fed to ModSecurity. Only the headers will. // This can help improve performance. RequestHeadersOnly bool `protobuf:"varint,6,opt,name=request_headers_only,json=requestHeadersOnly,proto3" json:"request_headers_only,omitempty"` ResponseHeadersOnly bool `protobuf:"varint,7,opt,name=response_headers_only,json=responseHeadersOnly,proto3" json:"response_headers_only,omitempty"` DlpTransformation *transformation_ee.DlpTransformation `protobuf:"bytes,8,opt,name=dlp_transformation,json=dlpTransformation,proto3" json:"dlp_transformation,omitempty"` // contains filtered or unexported fields }
func (*ModSecurityPerRoute) Clone ¶ added in v1.8.24
func (m *ModSecurityPerRoute) Clone() proto.Message
Clone function
func (*ModSecurityPerRoute) Descriptor
deprecated
func (*ModSecurityPerRoute) Descriptor() ([]byte, []int)
Deprecated: Use ModSecurityPerRoute.ProtoReflect.Descriptor instead.
func (*ModSecurityPerRoute) Equal ¶
func (m *ModSecurityPerRoute) Equal(that interface{}) bool
Equal function
func (*ModSecurityPerRoute) GetAuditLogging ¶ added in v1.3.26
func (x *ModSecurityPerRoute) GetAuditLogging() *AuditLogging
func (*ModSecurityPerRoute) GetCustomInterventionMessage ¶ added in v0.20.9
func (x *ModSecurityPerRoute) GetCustomInterventionMessage() string
func (*ModSecurityPerRoute) GetDisabled ¶
func (x *ModSecurityPerRoute) GetDisabled() bool
func (*ModSecurityPerRoute) GetDlpTransformation ¶ added in v1.9.25
func (x *ModSecurityPerRoute) GetDlpTransformation() *transformation_ee.DlpTransformation
func (*ModSecurityPerRoute) GetRequestHeadersOnly ¶ added in v1.4.13
func (x *ModSecurityPerRoute) GetRequestHeadersOnly() bool
func (*ModSecurityPerRoute) GetResponseHeadersOnly ¶ added in v1.4.13
func (x *ModSecurityPerRoute) GetResponseHeadersOnly() bool
func (*ModSecurityPerRoute) GetRuleSets ¶
func (x *ModSecurityPerRoute) GetRuleSets() []*RuleSet
func (*ModSecurityPerRoute) Hash ¶ added in v1.2.13
func (m *ModSecurityPerRoute) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*ModSecurityPerRoute) ProtoMessage ¶
func (*ModSecurityPerRoute) ProtoMessage()
func (*ModSecurityPerRoute) ProtoReflect ¶ added in v1.6.0
func (x *ModSecurityPerRoute) ProtoReflect() protoreflect.Message
func (*ModSecurityPerRoute) Reset ¶
func (x *ModSecurityPerRoute) Reset()
func (*ModSecurityPerRoute) String ¶
func (x *ModSecurityPerRoute) String() string
type RuleSet ¶
type RuleSet struct { // String of rules which are added directly RuleStr string `protobuf:"bytes,1,opt,name=rule_str,json=ruleStr,proto3" json:"rule_str,omitempty"` // Array of files with rules to include. // Any subsequent changes to the rules in these files are not automatically updated. To update rules from files, version and update the file name. // If you want dynamically updated rules, use the `configMapRuleSets` option instead. Files []string `protobuf:"bytes,3,rep,name=files,proto3" json:"files,omitempty"` // A directory to include. all *.conf files in this directory will be // included. sub directories will NOT be checked. Directory string `protobuf:"bytes,4,opt,name=directory,proto3" json:"directory,omitempty"` // contains filtered or unexported fields }
func (*RuleSet) Descriptor
deprecated
func (*RuleSet) GetDirectory ¶ added in v1.3.26
func (*RuleSet) GetRuleStr ¶
func (*RuleSet) ProtoMessage ¶
func (*RuleSet) ProtoMessage()
func (*RuleSet) ProtoReflect ¶ added in v1.6.0
func (x *RuleSet) ProtoReflect() protoreflect.Message
Click to show internal directories.
Click to hide internal directories.