waf

package
v1.18.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 13, 2025 License: Apache-2.0 Imports: 21 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

View Source
var File_github_com_solo_io_gloo_projects_gloo_api_v1_enterprise_options_waf_waf_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type CoreRuleSet

type CoreRuleSet struct {

	// Optional custom settings for the OWASP core rule set.
	// For an example on the configuration options see: https://github.com/SpiderLabs/owasp-modsecurity-crs/blob/v3.2/dev/crs-setup.conf.example
	// The same rules apply to these options as do to the `RuleSet`s. The file option is better if possible.
	//
	// Types that are assignable to CustomSettingsType:
	//
	//	*CoreRuleSet_CustomSettingsString
	//	*CoreRuleSet_CustomSettingsFile
	CustomSettingsType isCoreRuleSet_CustomSettingsType `protobuf_oneof:"CustomSettingsType"`
	// contains filtered or unexported fields
}

func (*CoreRuleSet) Clone added in v1.8.24

func (m *CoreRuleSet) Clone() proto.Message

Clone function

func (*CoreRuleSet) Descriptor deprecated

func (*CoreRuleSet) Descriptor() ([]byte, []int)

Deprecated: Use CoreRuleSet.ProtoReflect.Descriptor instead.

func (*CoreRuleSet) Equal

func (m *CoreRuleSet) Equal(that interface{}) bool

Equal function

func (*CoreRuleSet) GetCustomSettingsFile

func (x *CoreRuleSet) GetCustomSettingsFile() string

func (*CoreRuleSet) GetCustomSettingsString

func (x *CoreRuleSet) GetCustomSettingsString() string

func (*CoreRuleSet) GetCustomSettingsType

func (m *CoreRuleSet) GetCustomSettingsType() isCoreRuleSet_CustomSettingsType

func (*CoreRuleSet) Hash deprecated added in v1.2.13

func (m *CoreRuleSet) Hash(hasher hash.Hash64) (uint64, error)

Hash function

Deprecated: due to hashing implemention only using field values. The omission of the field name in the hash calculation can lead to hash collisions. Prefer the HashUnique function instead.

func (*CoreRuleSet) HashUnique added in v1.18.0

func (m *CoreRuleSet) HashUnique(hasher hash.Hash64) (uint64, error)

HashUnique function generates a hash of the object that is unique to the object by hashing field name and value pairs. Replaces Hash due to original hashing implemention only using field values. The omission of the field name in the hash calculation can lead to hash collisions.

func (*CoreRuleSet) ProtoMessage

func (*CoreRuleSet) ProtoMessage()

func (*CoreRuleSet) ProtoReflect added in v1.6.0

func (x *CoreRuleSet) ProtoReflect() protoreflect.Message

func (*CoreRuleSet) Reset

func (x *CoreRuleSet) Reset()

func (*CoreRuleSet) String

func (x *CoreRuleSet) String() string

type CoreRuleSet_CustomSettingsFile

type CoreRuleSet_CustomSettingsFile struct {
	// String representing a file location with core rule set custom config options
	CustomSettingsFile string `protobuf:"bytes,3,opt,name=custom_settings_file,json=customSettingsFile,proto3,oneof"`
}

type CoreRuleSet_CustomSettingsString

type CoreRuleSet_CustomSettingsString struct {
	// String representing the core rule set custom config options
	CustomSettingsString string `protobuf:"bytes,2,opt,name=custom_settings_string,json=customSettingsString,proto3,oneof"`
}

type RuleSetFromConfigMap added in v1.13.0

type RuleSetFromConfigMap struct {

	// The Kubernetes configmap that has the rule sets as values in the `data` section.
	ConfigMapRef *core.ResourceRef `protobuf:"bytes,1,opt,name=config_map_ref,json=configMapRef,proto3" json:"config_map_ref,omitempty"`
	// The ConfigMap might have multiple key-value pairs in the `data` section, such as when you create the ConfigMap from multiple files. Each value in a key-value pair may contain 0 or more rules.
	// You can use the `dataMapKey` field to select which keys to use, and the order you want them applied.
	// If this field is included, only the rules from the specified keys are applied, in the specified order. Any rules contained in the value of keys not included are ignored.
	// If this field is not included, all of the keys in the `data` section of the ConfigMap are sorted alphabetically, and all of the rules are included in the resulting order. The order of key-value pairs might differ from the order in which they appear in the ConfigMap (note, the rules within each mapping stay in the same order as they appear in the ConfigMap).
	DataMapKeys []string `protobuf:"bytes,2,rep,name=data_map_keys,json=dataMapKeys,proto3" json:"data_map_keys,omitempty"`
	// contains filtered or unexported fields
}

func (*RuleSetFromConfigMap) Clone added in v1.13.0

func (m *RuleSetFromConfigMap) Clone() proto.Message

Clone function

func (*RuleSetFromConfigMap) Descriptor deprecated added in v1.13.0

func (*RuleSetFromConfigMap) Descriptor() ([]byte, []int)

Deprecated: Use RuleSetFromConfigMap.ProtoReflect.Descriptor instead.

func (*RuleSetFromConfigMap) Equal added in v1.13.0

func (m *RuleSetFromConfigMap) Equal(that interface{}) bool

Equal function

func (*RuleSetFromConfigMap) GetConfigMapRef added in v1.13.0

func (x *RuleSetFromConfigMap) GetConfigMapRef() *core.ResourceRef

func (*RuleSetFromConfigMap) GetDataMapKeys added in v1.13.0

func (x *RuleSetFromConfigMap) GetDataMapKeys() []string

func (*RuleSetFromConfigMap) Hash deprecated added in v1.13.0

func (m *RuleSetFromConfigMap) Hash(hasher hash.Hash64) (uint64, error)

Hash function

Deprecated: due to hashing implemention only using field values. The omission of the field name in the hash calculation can lead to hash collisions. Prefer the HashUnique function instead.

func (*RuleSetFromConfigMap) HashUnique added in v1.18.0

func (m *RuleSetFromConfigMap) HashUnique(hasher hash.Hash64) (uint64, error)

HashUnique function generates a hash of the object that is unique to the object by hashing field name and value pairs. Replaces Hash due to original hashing implemention only using field values. The omission of the field name in the hash calculation can lead to hash collisions.

func (*RuleSetFromConfigMap) ProtoMessage added in v1.13.0

func (*RuleSetFromConfigMap) ProtoMessage()

func (*RuleSetFromConfigMap) ProtoReflect added in v1.13.0

func (x *RuleSetFromConfigMap) ProtoReflect() protoreflect.Message

func (*RuleSetFromConfigMap) Reset added in v1.13.0

func (x *RuleSetFromConfigMap) Reset()

func (*RuleSetFromConfigMap) String added in v1.13.0

func (x *RuleSetFromConfigMap) String() string

type Settings

type Settings struct {

	// Disable waf on this resource (if omitted defaults to false).
	// If a route/virtual host is configured with WAF, you must explicitly disable its WAF,
	// i.e., it will not inherit the disabled status of its parent
	Disabled bool `protobuf:"varint,1,opt,name=disabled,proto3" json:"disabled,omitempty"`
	// Custom massage to display if an intervention occurs.
	CustomInterventionMessage string `` /* 138-byte string literal not displayed */
	// Add OWASP core rule set
	// if nil will not be added
	CoreRuleSet *CoreRuleSet `protobuf:"bytes,3,opt,name=core_rule_set,json=coreRuleSet,proto3" json:"core_rule_set,omitempty"`
	// Custom rule sets to add. Any subsequent changes to the rules in these files are not automatically updated. To update rules from files, version and update the file name.
	// If you want dynamically updated rules, use the `configMapRuleSets` option instead.
	RuleSets []*waf.RuleSet `protobuf:"bytes,4,rep,name=rule_sets,json=ruleSets,proto3" json:"rule_sets,omitempty"`
	// Kubernetes configmaps with the rule sets that you want to use.
	// The rules must be in the value of the key-value mappings in the `data` field of the configmap.
	// Subsequent updates to the configmap values are dynamically updated in the configuration.
	ConfigMapRuleSets []*RuleSetFromConfigMap `protobuf:"bytes,8,rep,name=config_map_rule_sets,json=configMapRuleSets,proto3" json:"config_map_rule_sets,omitempty"`
	// Audit Log settings
	AuditLogging *waf.AuditLogging `protobuf:"bytes,5,opt,name=audit_logging,json=auditLogging,proto3" json:"audit_logging,omitempty"`
	// Only process request headers, not buffering the request body
	RequestHeadersOnly bool `protobuf:"varint,6,opt,name=request_headers_only,json=requestHeadersOnly,proto3" json:"request_headers_only,omitempty"`
	// Only process response headers, not buffering the response body
	ResponseHeadersOnly bool `protobuf:"varint,7,opt,name=response_headers_only,json=responseHeadersOnly,proto3" json:"response_headers_only,omitempty"`
	// contains filtered or unexported fields
}

func (*Settings) Clone added in v1.8.24

func (m *Settings) Clone() proto.Message

Clone function

func (*Settings) Descriptor deprecated

func (*Settings) Descriptor() ([]byte, []int)

Deprecated: Use Settings.ProtoReflect.Descriptor instead.

func (*Settings) Equal

func (m *Settings) Equal(that interface{}) bool

Equal function

func (*Settings) GetAuditLogging added in v1.3.26

func (x *Settings) GetAuditLogging() *waf.AuditLogging

func (*Settings) GetConfigMapRuleSets added in v1.13.0

func (x *Settings) GetConfigMapRuleSets() []*RuleSetFromConfigMap

func (*Settings) GetCoreRuleSet

func (x *Settings) GetCoreRuleSet() *CoreRuleSet

func (*Settings) GetCustomInterventionMessage

func (x *Settings) GetCustomInterventionMessage() string

func (*Settings) GetDisabled

func (x *Settings) GetDisabled() bool

func (*Settings) GetRequestHeadersOnly added in v1.4.13

func (x *Settings) GetRequestHeadersOnly() bool

func (*Settings) GetResponseHeadersOnly added in v1.4.13

func (x *Settings) GetResponseHeadersOnly() bool

func (*Settings) GetRuleSets

func (x *Settings) GetRuleSets() []*waf.RuleSet

func (*Settings) Hash deprecated added in v1.2.13

func (m *Settings) Hash(hasher hash.Hash64) (uint64, error)

Hash function

Deprecated: due to hashing implemention only using field values. The omission of the field name in the hash calculation can lead to hash collisions. Prefer the HashUnique function instead.

func (*Settings) HashUnique added in v1.18.0

func (m *Settings) HashUnique(hasher hash.Hash64) (uint64, error)

HashUnique function generates a hash of the object that is unique to the object by hashing field name and value pairs. Replaces Hash due to original hashing implemention only using field values. The omission of the field name in the hash calculation can lead to hash collisions.

func (*Settings) ProtoMessage

func (*Settings) ProtoMessage()

func (*Settings) ProtoReflect added in v1.6.0

func (x *Settings) ProtoReflect() protoreflect.Message

func (*Settings) Reset

func (x *Settings) Reset()

func (*Settings) String

func (x *Settings) String() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL