waf

package
v1.6.0-beta16 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 3, 2020 License: Apache-2.0 Imports: 18 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

View Source
var AuditLogging_AuditLogAction_name = map[int32]string{
	0: "NEVER",
	1: "RELEVANT_ONLY",
	2: "ALWAYS",
}
View Source
var AuditLogging_AuditLogAction_value = map[string]int32{
	"NEVER":         0,
	"RELEVANT_ONLY": 1,
	"ALWAYS":        2,
}
View Source
var AuditLogging_AuditLogLocation_name = map[int32]string{
	0: "FILTER_STATE",
	1: "DYNAMIC_METADATA",
}
View Source
var AuditLogging_AuditLogLocation_value = map[string]int32{
	"FILTER_STATE":     0,
	"DYNAMIC_METADATA": 1,
}

Functions

This section is empty.

Types

type AuditLogging added in v1.3.26

type AuditLogging struct {
	Action               AuditLogging_AuditLogAction   `` /* 139-byte string literal not displayed */
	Location             AuditLogging_AuditLogLocation `` /* 145-byte string literal not displayed */
	XXX_NoUnkeyedLiteral struct{}                      `json:"-"`
	XXX_unrecognized     []byte                        `json:"-"`
	XXX_sizecache        int32                         `json:"-"`
}

func (*AuditLogging) Descriptor added in v1.3.26

func (*AuditLogging) Descriptor() ([]byte, []int)

func (*AuditLogging) Equal added in v1.3.26

func (this *AuditLogging) Equal(that interface{}) bool

func (*AuditLogging) GetAction added in v1.3.26

func (*AuditLogging) GetLocation added in v1.3.26

func (*AuditLogging) ProtoMessage added in v1.3.26

func (*AuditLogging) ProtoMessage()

func (*AuditLogging) Reset added in v1.3.26

func (m *AuditLogging) Reset()

func (*AuditLogging) String added in v1.3.26

func (m *AuditLogging) String() string

func (*AuditLogging) XXX_DiscardUnknown added in v1.3.26

func (m *AuditLogging) XXX_DiscardUnknown()

func (*AuditLogging) XXX_Marshal added in v1.3.26

func (m *AuditLogging) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AuditLogging) XXX_Merge added in v1.3.26

func (m *AuditLogging) XXX_Merge(src proto.Message)

func (*AuditLogging) XXX_Size added in v1.3.26

func (m *AuditLogging) XXX_Size() int

func (*AuditLogging) XXX_Unmarshal added in v1.3.26

func (m *AuditLogging) XXX_Unmarshal(b []byte) error

type AuditLogging_AuditLogAction added in v1.3.26

type AuditLogging_AuditLogAction int32
const (
	// Never generate audit logs.
	AuditLogging_NEVER AuditLogging_AuditLogAction = 0
	// When set to RELEVANT_ONLY, this will have similar behavior to `SecAuditEngine RelevantOnly`.
	AuditLogging_RELEVANT_ONLY AuditLogging_AuditLogAction = 1
	// Always generate an audit log entry (as long as the filter is not disabled).
	AuditLogging_ALWAYS AuditLogging_AuditLogAction = 2
)

func (AuditLogging_AuditLogAction) EnumDescriptor added in v1.3.26

func (AuditLogging_AuditLogAction) EnumDescriptor() ([]byte, []int)

func (AuditLogging_AuditLogAction) String added in v1.3.26

type AuditLogging_AuditLogLocation added in v1.3.26

type AuditLogging_AuditLogLocation int32
const (
	// Add the audit log to the filter state.
	// it will be under the key "io.solo.modsecurity.audit_log".
	// You can use this formatter in the access log:
	// %FILTER_STATE(io.solo.modsecurity.audit_log)%
	AuditLogging_FILTER_STATE AuditLogging_AuditLogLocation = 0
	// Add the audit log to the dynamic metadata.
	// it will be under the filter name "io.solo.filters.http.modsecurity". with "audit_log" as the
	// key. You can use this formatter in the access log:
	// %DYNAMIC_METADATA("io.solo.filters.http.modsecurity:audit_log")%
	AuditLogging_DYNAMIC_METADATA AuditLogging_AuditLogLocation = 1
)

func (AuditLogging_AuditLogLocation) EnumDescriptor added in v1.3.26

func (AuditLogging_AuditLogLocation) EnumDescriptor() ([]byte, []int)

func (AuditLogging_AuditLogLocation) String added in v1.3.26

type ModSecurity

type ModSecurity struct {
	// Disable all rules on the current route
	Disabled bool `protobuf:"varint,1,opt,name=disabled,proto3" json:"disabled,omitempty"`
	// Global rule sets for the current http connection manager
	RuleSets []*RuleSet `protobuf:"bytes,2,rep,name=rule_sets,json=ruleSets,proto3" json:"rule_sets,omitempty"`
	// Custom message to display when an intervention occurs
	CustomInterventionMessage string `` /* 138-byte string literal not displayed */
	// This instructs the filter what to do with the transaction's audit log.
	AuditLogging *AuditLogging `protobuf:"bytes,5,opt,name=audit_logging,json=auditLogging,proto3" json:"audit_logging,omitempty"`
	// If set, the body will not be buffered and fed to ModSecurity. Only the headers will.
	// This can help improve performance.
	RequestHeadersOnly  bool `protobuf:"varint,6,opt,name=request_headers_only,json=requestHeadersOnly,proto3" json:"request_headers_only,omitempty"`
	ResponseHeadersOnly bool `protobuf:"varint,7,opt,name=response_headers_only,json=responseHeadersOnly,proto3" json:"response_headers_only,omitempty"`
	// log in a format suited for the OWASP regression tests.
	// this format is a multiline log format, so it is disabled for regular use.
	// do not enable this in production!
	RegressionLogs       bool     `protobuf:"varint,4,opt,name=regression_logs,json=regressionLogs,proto3" json:"regression_logs,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*ModSecurity) Descriptor

func (*ModSecurity) Descriptor() ([]byte, []int)

func (*ModSecurity) Equal

func (this *ModSecurity) Equal(that interface{}) bool

func (*ModSecurity) GetAuditLogging added in v1.3.26

func (m *ModSecurity) GetAuditLogging() *AuditLogging

func (*ModSecurity) GetCustomInterventionMessage added in v0.20.9

func (m *ModSecurity) GetCustomInterventionMessage() string

func (*ModSecurity) GetDisabled

func (m *ModSecurity) GetDisabled() bool

func (*ModSecurity) GetRegressionLogs added in v1.3.26

func (m *ModSecurity) GetRegressionLogs() bool

func (*ModSecurity) GetRequestHeadersOnly added in v1.4.13

func (m *ModSecurity) GetRequestHeadersOnly() bool

func (*ModSecurity) GetResponseHeadersOnly added in v1.4.13

func (m *ModSecurity) GetResponseHeadersOnly() bool

func (*ModSecurity) GetRuleSets

func (m *ModSecurity) GetRuleSets() []*RuleSet

func (*ModSecurity) Hash added in v1.2.13

func (m *ModSecurity) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*ModSecurity) ProtoMessage

func (*ModSecurity) ProtoMessage()

func (*ModSecurity) Reset

func (m *ModSecurity) Reset()

func (*ModSecurity) String

func (m *ModSecurity) String() string

func (*ModSecurity) XXX_DiscardUnknown

func (m *ModSecurity) XXX_DiscardUnknown()

func (*ModSecurity) XXX_Marshal

func (m *ModSecurity) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ModSecurity) XXX_Merge

func (m *ModSecurity) XXX_Merge(src proto.Message)

func (*ModSecurity) XXX_Size

func (m *ModSecurity) XXX_Size() int

func (*ModSecurity) XXX_Unmarshal

func (m *ModSecurity) XXX_Unmarshal(b []byte) error

type ModSecurityPerRoute

type ModSecurityPerRoute struct {
	// Disable all rules on the current route
	Disabled bool `protobuf:"varint,1,opt,name=disabled,proto3" json:"disabled,omitempty"`
	// Overwrite the global rules on this route
	RuleSets []*RuleSet `protobuf:"bytes,2,rep,name=rule_sets,json=ruleSets,proto3" json:"rule_sets,omitempty"`
	// Custom message to display when an intervention occurs
	CustomInterventionMessage string `` /* 138-byte string literal not displayed */
	// This instructs the filter what to do with the transaction's audit log.
	AuditLogging *AuditLogging `protobuf:"bytes,5,opt,name=audit_logging,json=auditLogging,proto3" json:"audit_logging,omitempty"`
	// If set, the body will not be buffered and fed to ModSecurity. Only the headers will.
	// This can help improve performance.
	RequestHeadersOnly   bool     `protobuf:"varint,6,opt,name=request_headers_only,json=requestHeadersOnly,proto3" json:"request_headers_only,omitempty"`
	ResponseHeadersOnly  bool     `protobuf:"varint,7,opt,name=response_headers_only,json=responseHeadersOnly,proto3" json:"response_headers_only,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*ModSecurityPerRoute) Descriptor

func (*ModSecurityPerRoute) Descriptor() ([]byte, []int)

func (*ModSecurityPerRoute) Equal

func (this *ModSecurityPerRoute) Equal(that interface{}) bool

func (*ModSecurityPerRoute) GetAuditLogging added in v1.3.26

func (m *ModSecurityPerRoute) GetAuditLogging() *AuditLogging

func (*ModSecurityPerRoute) GetCustomInterventionMessage added in v0.20.9

func (m *ModSecurityPerRoute) GetCustomInterventionMessage() string

func (*ModSecurityPerRoute) GetDisabled

func (m *ModSecurityPerRoute) GetDisabled() bool

func (*ModSecurityPerRoute) GetRequestHeadersOnly added in v1.4.13

func (m *ModSecurityPerRoute) GetRequestHeadersOnly() bool

func (*ModSecurityPerRoute) GetResponseHeadersOnly added in v1.4.13

func (m *ModSecurityPerRoute) GetResponseHeadersOnly() bool

func (*ModSecurityPerRoute) GetRuleSets

func (m *ModSecurityPerRoute) GetRuleSets() []*RuleSet

func (*ModSecurityPerRoute) Hash added in v1.2.13

func (m *ModSecurityPerRoute) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*ModSecurityPerRoute) ProtoMessage

func (*ModSecurityPerRoute) ProtoMessage()

func (*ModSecurityPerRoute) Reset

func (m *ModSecurityPerRoute) Reset()

func (*ModSecurityPerRoute) String

func (m *ModSecurityPerRoute) String() string

func (*ModSecurityPerRoute) XXX_DiscardUnknown

func (m *ModSecurityPerRoute) XXX_DiscardUnknown()

func (*ModSecurityPerRoute) XXX_Marshal

func (m *ModSecurityPerRoute) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ModSecurityPerRoute) XXX_Merge

func (m *ModSecurityPerRoute) XXX_Merge(src proto.Message)

func (*ModSecurityPerRoute) XXX_Size

func (m *ModSecurityPerRoute) XXX_Size() int

func (*ModSecurityPerRoute) XXX_Unmarshal

func (m *ModSecurityPerRoute) XXX_Unmarshal(b []byte) error

type RuleSet

type RuleSet struct {
	// String of rules which are added directly
	RuleStr string `protobuf:"bytes,1,opt,name=rule_str,json=ruleStr,proto3" json:"rule_str,omitempty"`
	// Array of files to include
	Files []string `protobuf:"bytes,3,rep,name=files,proto3" json:"files,omitempty"`
	// A directory to include. all *.conf files in this directory will be
	// included. sub directories will NOT be checked.
	Directory            string   `protobuf:"bytes,4,opt,name=directory,proto3" json:"directory,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*RuleSet) Descriptor

func (*RuleSet) Descriptor() ([]byte, []int)

func (*RuleSet) Equal

func (this *RuleSet) Equal(that interface{}) bool

func (*RuleSet) GetDirectory added in v1.3.26

func (m *RuleSet) GetDirectory() string

func (*RuleSet) GetFiles

func (m *RuleSet) GetFiles() []string

func (*RuleSet) GetRuleStr

func (m *RuleSet) GetRuleStr() string

func (*RuleSet) Hash added in v1.2.13

func (m *RuleSet) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*RuleSet) ProtoMessage

func (*RuleSet) ProtoMessage()

func (*RuleSet) Reset

func (m *RuleSet) Reset()

func (*RuleSet) String

func (m *RuleSet) String() string

func (*RuleSet) XXX_DiscardUnknown

func (m *RuleSet) XXX_DiscardUnknown()

func (*RuleSet) XXX_Marshal

func (m *RuleSet) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*RuleSet) XXX_Merge

func (m *RuleSet) XXX_Merge(src proto.Message)

func (*RuleSet) XXX_Size

func (m *RuleSet) XXX_Size() int

func (*RuleSet) XXX_Unmarshal

func (m *RuleSet) XXX_Unmarshal(b []byte) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL