up
This commit is contained in:
parent
cacdcd75b6
commit
6d3b2b354b
3
go.mod
3
go.mod
|
@ -203,4 +203,5 @@ require (
|
||||||
|
|
||||||
replace golang.org/x/time/rate => github.com/crowdsecurity/crowdsec/pkg/time/rate v0.0.0
|
replace golang.org/x/time/rate => github.com/crowdsecurity/crowdsec/pkg/time/rate v0.0.0
|
||||||
|
|
||||||
replace github.com/corazawaf/coraza/v3 => github.com/buixor/coraza/v3 v3.0.1-0.20230504085753-fc713bf319a7
|
replace github.com/corazawaf/coraza/v3 => ../buixor-coraza
|
||||||
|
|
||||||
|
|
|
@ -8,6 +8,7 @@ import (
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
||||||
"github.com/corazawaf/coraza/v3"
|
"github.com/corazawaf/coraza/v3"
|
||||||
|
"github.com/corazawaf/coraza/v3/experimental"
|
||||||
corazatypes "github.com/corazawaf/coraza/v3/types"
|
corazatypes "github.com/corazawaf/coraza/v3/types"
|
||||||
"github.com/crowdsecurity/crowdsec/pkg/acquisition/configuration"
|
"github.com/crowdsecurity/crowdsec/pkg/acquisition/configuration"
|
||||||
"github.com/crowdsecurity/crowdsec/pkg/types"
|
"github.com/crowdsecurity/crowdsec/pkg/types"
|
||||||
|
@ -198,6 +199,7 @@ func processReqWithEngine(waf coraza.WAF, r *http.Request) (*corazatypes.Interru
|
||||||
tx := waf.NewTransaction()
|
tx := waf.NewTransaction()
|
||||||
|
|
||||||
if tx.IsRuleEngineOff() {
|
if tx.IsRuleEngineOff() {
|
||||||
|
log.Printf("engine is off")
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -207,8 +209,12 @@ func processReqWithEngine(waf coraza.WAF, r *http.Request) (*corazatypes.Interru
|
||||||
}()
|
}()
|
||||||
|
|
||||||
//this method is not exported by coraza, so we have to do it ourselves.
|
//this method is not exported by coraza, so we have to do it ourselves.
|
||||||
//ideally, this would be dealt with by expr code, and we provide helpers to manipulate the transaction object?
|
//ideally, this would be dealt with by expr code, and we provide helpers to manipulate the transaction object?\
|
||||||
tx.RemoveRuleByID(1)
|
var txx experimental.FullTransaction
|
||||||
|
|
||||||
|
//txx := experimental.ToFullInterface(tx)
|
||||||
|
txx = tx.(experimental.FullTransaction)
|
||||||
|
txx.RemoveRuleByID(1)
|
||||||
|
|
||||||
tx.ProcessConnection(r.RemoteAddr, 0, "", 0)
|
tx.ProcessConnection(r.RemoteAddr, 0, "", 0)
|
||||||
|
|
||||||
|
@ -232,6 +238,7 @@ func processReqWithEngine(waf coraza.WAF, r *http.Request) (*corazatypes.Interru
|
||||||
|
|
||||||
in := tx.ProcessRequestHeaders()
|
in := tx.ProcessRequestHeaders()
|
||||||
if in != nil {
|
if in != nil {
|
||||||
|
log.Printf("headerss")
|
||||||
return in, nil
|
return in, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -254,14 +261,18 @@ func processReqWithEngine(waf coraza.WAF, r *http.Request) (*corazatypes.Interru
|
||||||
|
|
||||||
}
|
}
|
||||||
if in != nil {
|
if in != nil {
|
||||||
|
log.Printf("nothing here")
|
||||||
return in, nil
|
return in, nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
log.Printf("done")
|
||||||
|
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (w *WafSource) wafHandler(rw http.ResponseWriter, r *http.Request) {
|
func (w *WafSource) wafHandler(rw http.ResponseWriter, r *http.Request) {
|
||||||
|
log.Printf("yolo here %v", r)
|
||||||
//inband first
|
//inband first
|
||||||
in, err := processReqWithEngine(w.inBandWaf, r)
|
in, err := processReqWithEngine(w.inBandWaf, r)
|
||||||
if err != nil { //things went south
|
if err != nil { //things went south
|
||||||
|
|
Loading…
Reference in a new issue