add body_type in custom rule

2023-10-31 11:53:13 +01:00 · 2023-10-31 11:53:13 +01:00 · 84ffde1844
parent 2e0b9683f3
commit 84ffde1844
2 changed files with 16 additions and 0 deletions
--- a/pkg/waf/waap_rule/modsecurity.go
+++ b/pkg/waf/waap_rule/modsecurity.go
@ -43,6 +43,13 @@ var matchMap map[string]string = map[string]string{
 	"le":              "@le",
 }

+var bodyTypeMatch map[string]string = map[string]string{
+	"json":       "JSON",
+	"xml":        "XML",
+	"multipart":  "MULTIPART",
+	"urlencoded": "URLENCODED",
+}
+
 func (m *ModsecurityRule) Build(rule *CustomRule, waapRuleName string) (string, []uint32, error) {

 	rules, err := m.buildRules(rule, waapRuleName, false, 0)
@ -146,6 +153,14 @@ func (m *ModsecurityRule) buildRules(rule *CustomRule, waapRuleName string, and
 		}
 	}

+	if rule.BodyType != "" {
+		if mappedBodyType, ok := bodyTypeMatch[rule.BodyType]; ok {
+			r.WriteString(fmt.Sprintf(",ctl:requestBodyProcessor=%s", mappedBodyType))
+		} else {
+			return nil, fmt.Errorf("unknown body type '%s'", rule.BodyType)
+		}
+	}
+
 	if and {
 		r.WriteString(",chain")
 	}
--- a/pkg/waf/waap_rule/waap_rule.go
+++ b/pkg/waf/waap_rule/waap_rule.go
@ -40,6 +40,7 @@ type CustomRule struct {
 	Transform []string     `yaml:"transform"` //t:lowercase, t:uppercase, etc
 	And       []CustomRule `yaml:"and,omitempty"`
 	Or        []CustomRule `yaml:"or,omitempty"`
+	BodyType  string       `yaml:"body_type,omitempty"`
 }

 func (v *CustomRule) Convert(ruleType string, waapRuleName string) (string, []uint32, error) {