File: 00-basics.t

package info (click to toggle)
modsecurity-apache 2.9.11-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 10,436 kB
  • sloc: ansic: 53,590; sh: 5,249; perl: 2,340; cpp: 1,930; makefile: 618; xml: 6
file content (91 lines) | stat: -rw-r--r-- 2,535 bytes parent folder | download | duplicates (10) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
 
### Tests for basic rule components

# SecAction
{
	type => "rule",
	comment => "SecAction (override default)",
	conf => qq(
		SecRuleEngine On
		SecDebugLog $ENV{DEBUG_LOG}
		SecDebugLogLevel 4
		SecAction "nolog,id:500001"
	),
	match_log => {
		-error => [ qr/500001/, 1 ],
		-audit => [ qr/./, 1 ],
		debug => [ qr/Warning\. Unconditional match in SecAction\./, 1 ],
	},
	match_response => {
		status => qr/^200$/,
	},
	request => new HTTP::Request(
		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
	),
},

# SecRule
{
	type => "rule",
	comment => "SecRule (no action)",
	conf => qq(
		SecRuleEngine On
		SecDebugLog $ENV{DEBUG_LOG}
		SecDebugLogLevel 5
        SecDefaultAction "phase:2,deny,status:403"
        SecRule ARGS:test "value" "id:500032"
	),
	match_log => {
		error => [ qr/500032/, 1 ],
		debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,deny,status:403,id:500032"$/m, 1 ],
	},
	match_response => {
		status => qr/^403$/,
	},
	request => new HTTP::Request(
		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?test=value",
	),
},
{
	type => "rule",
	comment => "SecRule (action)",
	conf => qq(
		SecRuleEngine On
		SecDebugLog $ENV{DEBUG_LOG}
		SecDebugLogLevel 5
        SecDefaultAction "phase:2,pass"
        SecRule ARGS:test "value" "deny,status:403,id:500033"
	),
	match_log => {
		error => [ qr/ModSecurity: /, 1 ],
		debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,deny,status:403,id:500033"$/m, 1 ],
	},
	match_response => {
		status => qr/^403$/,
	},
	request => new HTTP::Request(
		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?test=value",
	),
},
{
	type => "rule",
	comment => "SecRule (chain)",
	conf => qq(
		SecRuleEngine On
		SecDebugLog $ENV{DEBUG_LOG}
		SecDebugLogLevel 5
        SecDefaultAction "phase:2,log,noauditlog,pass,tag:foo"
        SecRule ARGS:test "value" "chain,phase:2,deny,status:403,id:500034"
        SecRule &ARGS "\@eq 1" "chain,setenv:tx.foo=bar"
        SecRule REQUEST_METHOD "\@streq GET"
	),
	match_log => {
		error => [ qr/ModSecurity: /, 1 ],
		debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,log,noauditlog,tag:foo,chain,deny,status:403,id:500034"\r?\n.*Rule [0-9a-f]+: SecRule "&ARGS" "\@eq 1" "chain,setenv:tx.foo=bar"\r?\n.*Rule [0-9a-f]+: SecRule "REQUEST_METHOD" "\@streq GET"\r?\n/s, 1 ],
	},
	match_response => {
		status => qr/^403$/,
	},
	request => new HTTP::Request(
		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?test=value",
	),
},