wip
This commit is contained in:
Sebastien Blot
parent
40f65de7b9
commit
805752dc62
2 changed files with 23 additions and 2 deletions
|
|
@ -17,6 +17,7 @@ import (
|
|||
"github.com/crowdsecurity/crowdsec/pkg/types"
|
||||
"github.com/crowdsecurity/crowdsec/pkg/waf"
|
||||
"github.com/crowdsecurity/go-cs-lib/pkg/trace"
|
||||
"github.com/davecgh/go-spew/spew"
|
||||
"github.com/google/uuid"
|
||||
"github.com/pkg/errors"
|
||||
"github.com/prometheus/client_golang/prometheus"
|
||||
|
|
@ -142,6 +143,14 @@ func (w *WafSource) Configure(yamlConfig []byte, logger *log.Entry) error {
|
|||
WithDirectives(inBandRules).WithRootFS(fs),
|
||||
)
|
||||
|
||||
//for _, rule := range inbandwaf.GetWAF().Rules.GetRules() {
|
||||
// w.logger.Infof("Action for Rule %d: %+v ", rule.ID(), rule.GetActions())
|
||||
//}
|
||||
|
||||
//betterwaf := experimental.ToBetterWAFEngine(inbandwaf)
|
||||
|
||||
//spew.Dump(betterwaf.Waf.Rules)
|
||||
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "Cannot create WAF")
|
||||
}
|
||||
|
|
@ -288,6 +297,8 @@ func processReqWithEngine(waf coraza.WAF, r ParsedRequest, uuid string, wafType
|
|||
tx.Close()
|
||||
}()
|
||||
|
||||
log.Infof("Processing request with %s WAF", wafType)
|
||||
|
||||
//this method is not exported by coraza, so we have to do it ourselves.
|
||||
//ideally, this would be dealt with by expr code, and we provide helpers to manipulate the transaction object?\
|
||||
//var txx experimental.FullTransaction
|
||||
|
|
@ -317,6 +328,12 @@ func processReqWithEngine(waf coraza.WAF, r ParsedRequest, uuid string, wafType
|
|||
}
|
||||
|
||||
in = tx.ProcessRequestHeaders()
|
||||
//spew.Dump(in)
|
||||
//spew.Dump(tx.MatchedRules())
|
||||
|
||||
for _, rule := range tx.MatchedRules() {
|
||||
spew.Dump(rule.Rule())
|
||||
}
|
||||
|
||||
//if we're inband, we should stop here, but for outofband go to the end
|
||||
if in != nil && wafType == InBand {
|
||||
|
|
|
|||
|
|
@ -61,7 +61,8 @@ func buildHook(hook Hook) (CompiledHook, error) {
|
|||
}
|
||||
for _, apply := range hook.Apply {
|
||||
program, err := expr.Compile(apply, GetExprWAFOptions(map[string]interface{}{
|
||||
"WafRules": []WafRule{},
|
||||
"InBandRules": []WafRule{},
|
||||
"OutOfBandRules": []WafRule{},
|
||||
})...)
|
||||
if err != nil {
|
||||
log.Errorf("unable to compile apply %s : %s", apply, err)
|
||||
|
|
@ -152,7 +153,10 @@ func (w *WafConfig) LoadWafRules() error {
|
|||
//Ignore filter for on load ?
|
||||
if onLoadHook.Apply != nil {
|
||||
for exprIdx, applyExpr := range onLoadHook.Apply {
|
||||
_, err := expr.Run(applyExpr, nil) //FIXME: give proper env
|
||||
_, err := expr.Run(applyExpr, map[string]interface{}{
|
||||
"InBandRules": []WafRule{},
|
||||
"OutOfBandRules": []WafRule{},
|
||||
})
|
||||
if err != nil {
|
||||
w.logger.Errorf("unable to run apply for on_load rule %s : %s", wafRule.OnLoad[hookIdx].Apply[exprIdx], err)
|
||||
continue
|
||||
|
|
|
|||
Loading…
Reference in a new issue