Documentation ¶
Index ¶
- Constants
- Variables
- func ActionsExecute(t *Transaction, as []Action)
- type Action
- type Config
- type Engine
- type Errors
- type Intervention
- type Limits
- type NetInfo
- type Operator
- type Request
- type Response
- type SecRule
- func (r *SecRule) AppendActions(vs ...Action)
- func (r *SecRule) AppendSubRules(sub ...*SecRule)
- func (r *SecRule) AppendTrans(vs ...Trans)
- func (r *SecRule) AppendVariables(vs ...Variable)
- func (r *SecRule) Do(t *Transaction)
- func (r *SecRule) FetchAllTransformedVariables(t *Transaction) []string
- func (r *SecRule) Match(t *Transaction) bool
- func (r *SecRule) SetOperator(o Operator)
- func (r *SecRule) TransformString(tr *Transaction, s string) string
- func (r *SecRule) TransformVariable(t *Transaction, variable Variable) []string
- type SecRuleSet
- type Trans
- type Transaction
- func (t *Transaction) AbortWithError(code int, err error)
- func (t *Transaction) AbortWithStatus(code int)
- func (t *Transaction) AppendRequestBody(p []byte) error
- func (t *Transaction) AppendResponseBody(p []byte) error
- func (s *Transaction) CurrentPhase() int
- func (s *Transaction) CurrentPhaseRules() []*SecRule
- func (s *Transaction) CurrentRule() int
- func (s *Transaction) CurrentSecRule() *SecRule
- func (t *Transaction) Intervention() *Intervention
- func (s *Transaction) JumpTo(i int) int
- func (s *Transaction) JumpToPhase(i int) int
- func (t *Transaction) Logf(f string, val ...interface{})
- func (s *Transaction) Next() int
- func (t *Transaction) NextPhase() int
- func (s *Transaction) NextRule() int
- func (t *Transaction) ProcessConnection(srcIp, srcPort, dstIp, dstPort string)
- func (t *Transaction) ProcessLogging()
- func (t *Transaction) ProcessPhase(phase int)
- func (t *Transaction) ProcessRequestBody()
- func (t *Transaction) ProcessRequestHeader(h http.Header)
- func (t *Transaction) ProcessRequestURL(u *url.URL, method, proto string)
- func (t *Transaction) ProcessResponseBody()
- func (t *Transaction) ProcessResponseHeaders(code int, proto string, header http.Header)
- func (t *Transaction) ResetIntervention()
- func (t *Transaction) Result() *Intervention
- type Variable
Constants ¶
View Source
const ( StatusOn = iota StatusOff StatusDect )
View Source
const ( PhaseBegin = iota PhaseConnection PhaseRequestHeaders PhaseRequestBody PhaseResponseHeaders PhaseResponseBody PhaseLogging PhaseEnd )
View Source
const ( ActionGroupMetaData = iota ActionGroupData ActionGroupNonDisruptive ActionGroupDisruptive ActionGroupFlow ActionGroupCount )
View Source
const StatusEndOfRules = -2
View Source
const StatusNotStarted = -1
Variables ¶
View Source
var ErrBufferReaded = errors.New("buffer can't write after read")
View Source
var ErrOutOfFileLimit = errors.New("out of file limit")
View Source
var ErrOutOfMemLimit = errors.New("out of memory limit")
Functions ¶
func ActionsExecute ¶
func ActionsExecute(t *Transaction, as []Action)
Types ¶
type Action ¶
type Action interface { Name() string Value() string Do(*Transaction) ActionGroup() int }
type Config ¶
type Config struct {
TmpPath string
}
func NewDefaultConfig ¶
func NewDefaultConfig() *Config
type Engine ¶
type Engine struct { Enabled bool DetectionOnly bool RuleSet *SecRuleSet *Limits *Config }
func (*Engine) AddSecRule ¶
func (*Engine) Enable ¶
Enable acts like SecRuleEngine. status argument should be `StatusOn`, `StatusOff` or `StatusDect`.
func (*Engine) NewTransaction ¶
func (e *Engine) NewTransaction() (*Transaction, error)
type Intervention ¶
type Intervention struct { Status int Pause time.Duration Url *url.URL Log []string Disruptive bool }
func (*Intervention) Copy ¶
func (i *Intervention) Copy() *Intervention
func (*Intervention) Reset ¶
func (i *Intervention) Reset()
type Limits ¶
type Limits struct { RequestBodyAccess bool ResponseBodyAccess bool RequestBody int64 RequestBodyInMem int64 ResponseBody int64 }
func NewDefaultLimits ¶
func NewDefaultLimits() *Limits
type Operator ¶
type Operator interface { Name() string Args() string Match(*Transaction, string) bool }
type SecRule ¶
type SecRule struct { Id int Phase int Variables []Variable Trans []Trans Operator Operator Actions []Action Not bool MetaData map[string][]string SubRules []*SecRule }
func NewSecRule ¶
func NewSecRule() *SecRule
func (*SecRule) AppendActions ¶
func (*SecRule) AppendSubRules ¶
func (*SecRule) AppendTrans ¶
func (*SecRule) AppendVariables ¶
func (*SecRule) Do ¶
func (r *SecRule) Do(t *Transaction)
func (*SecRule) FetchAllTransformedVariables ¶
func (r *SecRule) FetchAllTransformedVariables(t *Transaction) []string
func (*SecRule) Match ¶
func (r *SecRule) Match(t *Transaction) bool
func (*SecRule) SetOperator ¶
func (*SecRule) TransformString ¶
func (r *SecRule) TransformString(tr *Transaction, s string) string
func (*SecRule) TransformVariable ¶
func (r *SecRule) TransformVariable(t *Transaction, variable Variable) []string
type SecRuleSet ¶
func NewSecRuleSet ¶
func NewSecRuleSet() *SecRuleSet
func (*SecRuleSet) AddDefaultActions ¶
func (rs *SecRuleSet) AddDefaultActions(rules ...Action)
func (*SecRuleSet) AddRules ¶
func (rs *SecRuleSet) AddRules(rules ...*SecRule)
func (*SecRuleSet) ExecuteDefaultActions ¶
func (rs *SecRuleSet) ExecuteDefaultActions(t *Transaction)
func (*SecRuleSet) Process ¶
func (rs *SecRuleSet) Process(t *Transaction, phase int, offset int)
type Transaction ¶
type Transaction struct { RuleSet *SecRuleSet Engine *Engine Abort bool *NetInfo *Request *Response *Errors VariableCache map[string]interface{} Data map[string]interface{} // contains filtered or unexported fields }
func NewTransaction ¶
func NewTransaction(e *Engine, rs *SecRuleSet) (*Transaction, error)
func (*Transaction) AbortWithError ¶
func (t *Transaction) AbortWithError(code int, err error)
func (*Transaction) AbortWithStatus ¶
func (t *Transaction) AbortWithStatus(code int)
func (*Transaction) AppendRequestBody ¶
func (t *Transaction) AppendRequestBody(p []byte) error
func (*Transaction) AppendResponseBody ¶
func (t *Transaction) AppendResponseBody(p []byte) error
func (*Transaction) CurrentPhase ¶
func (s *Transaction) CurrentPhase() int
func (*Transaction) CurrentPhaseRules ¶
func (s *Transaction) CurrentPhaseRules() []*SecRule
func (*Transaction) CurrentRule ¶
func (s *Transaction) CurrentRule() int
func (*Transaction) CurrentSecRule ¶
func (s *Transaction) CurrentSecRule() *SecRule
func (*Transaction) Intervention ¶
func (t *Transaction) Intervention() *Intervention
func (*Transaction) JumpTo ¶
func (s *Transaction) JumpTo(i int) int
func (*Transaction) JumpToPhase ¶
func (s *Transaction) JumpToPhase(i int) int
func (*Transaction) Logf ¶
func (t *Transaction) Logf(f string, val ...interface{})
func (*Transaction) Next ¶
func (s *Transaction) Next() int
func (*Transaction) NextPhase ¶
func (t *Transaction) NextPhase() int
func (*Transaction) NextRule ¶
func (s *Transaction) NextRule() int
func (*Transaction) ProcessConnection ¶
func (t *Transaction) ProcessConnection(srcIp, srcPort, dstIp, dstPort string)
func (*Transaction) ProcessLogging ¶
func (t *Transaction) ProcessLogging()
func (*Transaction) ProcessPhase ¶
func (t *Transaction) ProcessPhase(phase int)
func (*Transaction) ProcessRequestBody ¶
func (t *Transaction) ProcessRequestBody()
func (*Transaction) ProcessRequestHeader ¶
func (t *Transaction) ProcessRequestHeader(h http.Header)
func (*Transaction) ProcessRequestURL ¶
func (t *Transaction) ProcessRequestURL(u *url.URL, method, proto string)
func (*Transaction) ProcessResponseBody ¶
func (t *Transaction) ProcessResponseBody()
func (*Transaction) ProcessResponseHeaders ¶
func (t *Transaction) ProcessResponseHeaders(code int, proto string, header http.Header)
func (*Transaction) ResetIntervention ¶
func (t *Transaction) ResetIntervention()
func (*Transaction) Result ¶
func (t *Transaction) Result() *Intervention
Click to show internal directories.
Click to hide internal directories.