waf

package

v1.5.2 Latest Latest Go to latest Published: Oct 16, 2020 License: Apache-2.0 Imports: 18 Imported by: 2

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/solo-io/gloo

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type AuditLogging
type AuditLogging_AuditLogAction
- func (AuditLogging_AuditLogAction) EnumDescriptor() ([]byte, []int)
- func (x AuditLogging_AuditLogAction) String() string
type AuditLogging_AuditLogLocation
- func (AuditLogging_AuditLogLocation) EnumDescriptor() ([]byte, []int)
- func (x AuditLogging_AuditLogLocation) String() string
type ModSecurity
type ModSecurityPerRoute
type RuleSet

Constants ¶

This section is empty.

Variables ¶

View Source

var AuditLogging_AuditLogAction_name = map[int32]string{
	0: "NEVER",
	1: "RELEVANT_ONLY",
	2: "ALWAYS",
}

View Source

var AuditLogging_AuditLogAction_value = map[string]int32{
	"NEVER":         0,
	"RELEVANT_ONLY": 1,
	"ALWAYS":        2,
}

View Source

var AuditLogging_AuditLogLocation_name = map[int32]string{
	0: "FILTER_STATE",
	1: "DYNAMIC_METADATA",
}

View Source

var AuditLogging_AuditLogLocation_value = map[string]int32{
	"FILTER_STATE":     0,
	"DYNAMIC_METADATA": 1,
}

Functions ¶

This section is empty.

Types ¶

type AuditLogging ¶ added in v1.3.26

type AuditLogging struct {
	Action               AuditLogging_AuditLogAction   `` /* 139-byte string literal not displayed */
	Location             AuditLogging_AuditLogLocation `` /* 145-byte string literal not displayed */
	XXX_NoUnkeyedLiteral struct{}                      `json:"-"`
	XXX_unrecognized     []byte                        `json:"-"`
	XXX_sizecache        int32                         `json:"-"`
}

func (*AuditLogging) Descriptor ¶ added in v1.3.26

func (*AuditLogging) Descriptor() ([]byte, []int)

func (*AuditLogging) Equal ¶ added in v1.3.26

func (this *AuditLogging) Equal(that interface{}) bool

func (*AuditLogging) GetAction ¶ added in v1.3.26

func (m *AuditLogging) GetAction() AuditLogging_AuditLogAction

func (*AuditLogging) GetLocation ¶ added in v1.3.26

func (m *AuditLogging) GetLocation() AuditLogging_AuditLogLocation

func (*AuditLogging) ProtoMessage ¶ added in v1.3.26

func (*AuditLogging) ProtoMessage()

func (*AuditLogging) Reset ¶ added in v1.3.26

func (m *AuditLogging) Reset()

func (*AuditLogging) String ¶ added in v1.3.26

func (m *AuditLogging) String() string

func (*AuditLogging) XXX_DiscardUnknown ¶ added in v1.3.26

func (m *AuditLogging) XXX_DiscardUnknown()

func (*AuditLogging) XXX_Marshal ¶ added in v1.3.26

func (m *AuditLogging) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AuditLogging) XXX_Merge ¶ added in v1.3.26

func (m *AuditLogging) XXX_Merge(src proto.Message)

func (*AuditLogging) XXX_Size ¶ added in v1.3.26

func (m *AuditLogging) XXX_Size() int

func (*AuditLogging) XXX_Unmarshal ¶ added in v1.3.26

func (m *AuditLogging) XXX_Unmarshal(b []byte) error

type AuditLogging_AuditLogAction ¶ added in v1.3.26

type AuditLogging_AuditLogAction int32

const (
	// Never generate audit logs.
	AuditLogging_NEVER AuditLogging_AuditLogAction = 0
	// When set to RELEVANT_ONLY, this will have similar behavior to `SecAuditEngine RelevantOnly`.
	AuditLogging_RELEVANT_ONLY AuditLogging_AuditLogAction = 1
	// Always generate an audit log entry (as long as the filter is not disabled).
	AuditLogging_ALWAYS AuditLogging_AuditLogAction = 2
)

func (AuditLogging_AuditLogAction) EnumDescriptor ¶ added in v1.3.26

func (AuditLogging_AuditLogAction) EnumDescriptor() ([]byte, []int)

func (AuditLogging_AuditLogAction) String ¶ added in v1.3.26

func (x AuditLogging_AuditLogAction) String() string

type AuditLogging_AuditLogLocation ¶ added in v1.3.26

type AuditLogging_AuditLogLocation int32

const (
	// Add the audit log to the filter state.
	// it will be under the key "io.solo.modsecurity.audit_log".
	// You can use this formatter in the access log:
	// %FILTER_STATE(io.solo.modsecurity.audit_log)%
	AuditLogging_FILTER_STATE AuditLogging_AuditLogLocation = 0
	// Add the audit log to the dynamic metadata.
	// it will be under the filter name "io.solo.filters.http.modsecurity". with "audit_log" as the
	// key. You can use this formatter in the access log:
	// %DYNAMIC_METADATA("io.solo.filters.http.modsecurity:audit_log")%
	AuditLogging_DYNAMIC_METADATA AuditLogging_AuditLogLocation = 1
)

func (AuditLogging_AuditLogLocation) EnumDescriptor ¶ added in v1.3.26

func (AuditLogging_AuditLogLocation) EnumDescriptor() ([]byte, []int)

func (AuditLogging_AuditLogLocation) String ¶ added in v1.3.26

func (x AuditLogging_AuditLogLocation) String() string

type ModSecurity ¶

type ModSecurity struct {
	// Disable all rules on the current route
	Disabled bool `protobuf:"varint,1,opt,name=disabled,proto3" json:"disabled,omitempty"`
	// Global rule sets for the current http connection manager
	RuleSets []*RuleSet `protobuf:"bytes,2,rep,name=rule_sets,json=ruleSets,proto3" json:"rule_sets,omitempty"`
	// Custom message to display when an intervention occurs
	CustomInterventionMessage string `` /* 138-byte string literal not displayed */
	// This instructs the filter what to do with the transaction's audit log.
	AuditLogging *AuditLogging `protobuf:"bytes,5,opt,name=audit_logging,json=auditLogging,proto3" json:"audit_logging,omitempty"`
	// If set, the body will not be buffered and fed to ModSecurity. Only the headers will.
	// This can help improve performance.
	RequestHeadersOnly  bool `protobuf:"varint,6,opt,name=request_headers_only,json=requestHeadersOnly,proto3" json:"request_headers_only,omitempty"`
	ResponseHeadersOnly bool `protobuf:"varint,7,opt,name=response_headers_only,json=responseHeadersOnly,proto3" json:"response_headers_only,omitempty"`
	// log in a format suited for the OWASP regression tests.
	// this format is a multiline log format, so it is disabled for regular use.
	// do not enable this in production!
	RegressionLogs       bool     `protobuf:"varint,4,opt,name=regression_logs,json=regressionLogs,proto3" json:"regression_logs,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*ModSecurity) Descriptor ¶

func (*ModSecurity) Descriptor() ([]byte, []int)

func (*ModSecurity) Equal ¶

func (this *ModSecurity) Equal(that interface{}) bool

func (*ModSecurity) GetAuditLogging ¶ added in v1.3.26

func (m *ModSecurity) GetAuditLogging() *AuditLogging

func (*ModSecurity) GetCustomInterventionMessage ¶ added in v0.20.9

func (m *ModSecurity) GetCustomInterventionMessage() string

func (*ModSecurity) GetDisabled ¶

func (m *ModSecurity) GetDisabled() bool

func (*ModSecurity) GetRegressionLogs ¶ added in v1.3.26

func (m *ModSecurity) GetRegressionLogs() bool

func (*ModSecurity) GetRequestHeadersOnly ¶ added in v1.4.13

func (m *ModSecurity) GetRequestHeadersOnly() bool

func (*ModSecurity) GetResponseHeadersOnly ¶ added in v1.4.13

func (m *ModSecurity) GetResponseHeadersOnly() bool

func (*ModSecurity) GetRuleSets ¶

func (m *ModSecurity) GetRuleSets() []*RuleSet

func (*ModSecurity) Hash ¶ added in v1.2.13

func (m *ModSecurity) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*ModSecurity) ProtoMessage ¶

func (*ModSecurity) ProtoMessage()

func (*ModSecurity) Reset ¶

func (m *ModSecurity) Reset()

func (*ModSecurity) String ¶

func (m *ModSecurity) String() string

func (*ModSecurity) XXX_DiscardUnknown ¶

func (m *ModSecurity) XXX_DiscardUnknown()

func (*ModSecurity) XXX_Marshal ¶

func (m *ModSecurity) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ModSecurity) XXX_Merge ¶

func (m *ModSecurity) XXX_Merge(src proto.Message)

func (*ModSecurity) XXX_Size ¶

func (m *ModSecurity) XXX_Size() int

func (*ModSecurity) XXX_Unmarshal ¶

func (m *ModSecurity) XXX_Unmarshal(b []byte) error

type ModSecurityPerRoute ¶

type ModSecurityPerRoute struct {
	// Disable all rules on the current route
	Disabled bool `protobuf:"varint,1,opt,name=disabled,proto3" json:"disabled,omitempty"`
	// Overwrite the global rules on this route
	RuleSets []*RuleSet `protobuf:"bytes,2,rep,name=rule_sets,json=ruleSets,proto3" json:"rule_sets,omitempty"`
	// Custom message to display when an intervention occurs
	CustomInterventionMessage string `` /* 138-byte string literal not displayed */
	// This instructs the filter what to do with the transaction's audit log.
	AuditLogging *AuditLogging `protobuf:"bytes,5,opt,name=audit_logging,json=auditLogging,proto3" json:"audit_logging,omitempty"`
	// If set, the body will not be buffered and fed to ModSecurity. Only the headers will.
	// This can help improve performance.
	RequestHeadersOnly   bool     `protobuf:"varint,6,opt,name=request_headers_only,json=requestHeadersOnly,proto3" json:"request_headers_only,omitempty"`
	ResponseHeadersOnly  bool     `protobuf:"varint,7,opt,name=response_headers_only,json=responseHeadersOnly,proto3" json:"response_headers_only,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*ModSecurityPerRoute) Descriptor ¶

func (*ModSecurityPerRoute) Descriptor() ([]byte, []int)

func (*ModSecurityPerRoute) Equal ¶

func (this *ModSecurityPerRoute) Equal(that interface{}) bool

func (*ModSecurityPerRoute) GetAuditLogging ¶ added in v1.3.26

func (m *ModSecurityPerRoute) GetAuditLogging() *AuditLogging

func (*ModSecurityPerRoute) GetCustomInterventionMessage ¶ added in v0.20.9

func (m *ModSecurityPerRoute) GetCustomInterventionMessage() string

func (*ModSecurityPerRoute) GetDisabled ¶

func (m *ModSecurityPerRoute) GetDisabled() bool

func (*ModSecurityPerRoute) GetRequestHeadersOnly ¶ added in v1.4.13

func (m *ModSecurityPerRoute) GetRequestHeadersOnly() bool

func (*ModSecurityPerRoute) GetResponseHeadersOnly ¶ added in v1.4.13

func (m *ModSecurityPerRoute) GetResponseHeadersOnly() bool

func (*ModSecurityPerRoute) GetRuleSets ¶

func (m *ModSecurityPerRoute) GetRuleSets() []*RuleSet

func (*ModSecurityPerRoute) Hash ¶ added in v1.2.13

func (m *ModSecurityPerRoute) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*ModSecurityPerRoute) ProtoMessage ¶

func (*ModSecurityPerRoute) ProtoMessage()

func (*ModSecurityPerRoute) Reset ¶

func (m *ModSecurityPerRoute) Reset()

func (*ModSecurityPerRoute) String ¶

func (m *ModSecurityPerRoute) String() string

func (*ModSecurityPerRoute) XXX_DiscardUnknown ¶

func (m *ModSecurityPerRoute) XXX_DiscardUnknown()

func (*ModSecurityPerRoute) XXX_Marshal ¶

func (m *ModSecurityPerRoute) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ModSecurityPerRoute) XXX_Merge ¶

func (m *ModSecurityPerRoute) XXX_Merge(src proto.Message)

func (*ModSecurityPerRoute) XXX_Size ¶

func (m *ModSecurityPerRoute) XXX_Size() int

func (*ModSecurityPerRoute) XXX_Unmarshal ¶

func (m *ModSecurityPerRoute) XXX_Unmarshal(b []byte) error

type RuleSet ¶

type RuleSet struct {
	// String of rules which are added directly
	RuleStr string `protobuf:"bytes,1,opt,name=rule_str,json=ruleStr,proto3" json:"rule_str,omitempty"`
	// Array of files to include
	Files []string `protobuf:"bytes,3,rep,name=files,proto3" json:"files,omitempty"`
	// A directory to include. all *.conf files in this directory will be
	// included. sub directories will NOT be checked.
	Directory            string   `protobuf:"bytes,4,opt,name=directory,proto3" json:"directory,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*RuleSet) Descriptor ¶

func (*RuleSet) Descriptor() ([]byte, []int)

func (*RuleSet) Equal ¶

func (this *RuleSet) Equal(that interface{}) bool

func (*RuleSet) GetDirectory ¶ added in v1.3.26

func (m *RuleSet) GetDirectory() string

func (*RuleSet) GetFiles ¶

func (m *RuleSet) GetFiles() []string

func (*RuleSet) GetRuleStr ¶

func (m *RuleSet) GetRuleStr() string

func (*RuleSet) Hash ¶ added in v1.2.13

func (m *RuleSet) Hash(hasher hash.Hash64) (uint64, error)

Hash function

func (*RuleSet) ProtoMessage ¶

func (*RuleSet) ProtoMessage()

func (*RuleSet) Reset ¶

func (m *RuleSet) Reset()

func (*RuleSet) String ¶

func (m *RuleSet) String() string

func (*RuleSet) XXX_DiscardUnknown ¶

func (m *RuleSet) XXX_DiscardUnknown()

func (*RuleSet) XXX_Marshal ¶

func (m *RuleSet) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*RuleSet) XXX_Merge ¶

func (m *RuleSet) XXX_Merge(src proto.Message)

func (*RuleSet) XXX_Size ¶

func (m *RuleSet) XXX_Size() int

func (*RuleSet) XXX_Unmarshal ¶

func (m *RuleSet) XXX_Unmarshal(b []byte) error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL