check for interruption and ignore empty messages
This commit is contained in:
parent
877d4fc32d
commit
3fe6e3be14
|
@ -18,6 +18,9 @@ func TxToEvents(r ParsedRequest, kind string) ([]types.Event, error) {
|
||||||
}
|
}
|
||||||
for _, rule := range r.Tx.MatchedRules() {
|
for _, rule := range r.Tx.MatchedRules() {
|
||||||
//log.Printf("rule %d", idx)
|
//log.Printf("rule %d", idx)
|
||||||
|
if rule.Message() == "" {
|
||||||
|
continue
|
||||||
|
}
|
||||||
evt, err := RuleMatchToEvent(rule, r.Tx, r, kind)
|
evt, err := RuleMatchToEvent(rule, r.Tx, r, kind)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, errors.Wrap(err, "Cannot convert rule match to event")
|
return nil, errors.Wrap(err, "Cannot convert rule match to event")
|
||||||
|
|
|
@ -15,7 +15,6 @@ import (
|
||||||
"github.com/crowdsecurity/crowdsec/pkg/types"
|
"github.com/crowdsecurity/crowdsec/pkg/types"
|
||||||
"github.com/crowdsecurity/crowdsec/pkg/waf"
|
"github.com/crowdsecurity/crowdsec/pkg/waf"
|
||||||
"github.com/crowdsecurity/go-cs-lib/pkg/trace"
|
"github.com/crowdsecurity/go-cs-lib/pkg/trace"
|
||||||
"github.com/davecgh/go-spew/spew"
|
|
||||||
"github.com/google/uuid"
|
"github.com/google/uuid"
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
"github.com/prometheus/client_golang/prometheus"
|
"github.com/prometheus/client_golang/prometheus"
|
||||||
|
@ -373,9 +372,9 @@ func processReqWithEngine(waf coraza.WAF, r ParsedRequest, uuid string, wafType
|
||||||
//spew.Dump(in)
|
//spew.Dump(in)
|
||||||
//spew.Dump(tx.MatchedRules())
|
//spew.Dump(tx.MatchedRules())
|
||||||
|
|
||||||
for _, rule := range tx.MatchedRules() {
|
/*for _, rule := range tx.MatchedRules() {
|
||||||
spew.Dump(rule.Rule())
|
spew.Dump(rule.Rule())
|
||||||
}
|
}*/
|
||||||
|
|
||||||
//if we're inband, we should stop here, but for outofband go to the end
|
//if we're inband, we should stop here, but for outofband go to the end
|
||||||
if in != nil && wafType == InBand {
|
if in != nil && wafType == InBand {
|
||||||
|
@ -432,16 +431,18 @@ func (r *WafRunner) Run(t *tomb.Tomb) error {
|
||||||
}
|
}
|
||||||
// send back the result to the HTTP handler for the InBand part
|
// send back the result to the HTTP handler for the InBand part
|
||||||
request.ResponseChannel <- response
|
request.ResponseChannel <- response
|
||||||
request.Tx = tx
|
if in != nil {
|
||||||
// Generate the events for InBand channel
|
request.Tx = tx
|
||||||
events, err := TxToEvents(request, InBand)
|
// Generate the events for InBand channel
|
||||||
if err != nil {
|
events, err := TxToEvents(request, InBand)
|
||||||
log.Errorf("Cannot convert transaction to events : %s", err)
|
if err != nil {
|
||||||
continue
|
log.Errorf("Cannot convert transaction to events : %s", err)
|
||||||
}
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
for _, evt := range events {
|
for _, evt := range events {
|
||||||
r.outChan <- evt
|
r.outChan <- evt
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Process outBand
|
// Process outBand
|
||||||
|
|
Loading…
Reference in a new issue