1[ 2 { 3 "enabled":1, 4 "version_min":300000, 5 "version_max":0, 6 "resource":"lua", 7 "title":"Testing action :: SecRuleScript (1/4)", 8 "client":{ 9 "ip":"200.249.12.31", 10 "port":2313 11 }, 12 "server":{ 13 "ip":"200.249.12.31", 14 "port":80 15 }, 16 "request":{ 17 "headers":{ 18 "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", 19 "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", 20 "Accept-Language":"en-us,en;q=0.5", 21 "Accept-Encoding":"gzip,deflate", 22 "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", 23 "Keep-Alive":"300", 24 "Connection":"keep-alive", 25 "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", 26 "Pragma":"no-cache", 27 "Cache-Control":"no-cache" 28 }, 29 "uri":"\/test.pl?param1= test ¶m2=test2", 30 "method":"GET", 31 "http_version":1.1, 32 "body":"" 33 }, 34 "response":{ 35 "headers":{ 36 "Content-Type":"text\/xml; charset=utf-8\n\r", 37 "Content-Length":"length\n\r" 38 } 39 }, 40 "expected":{ 41 "audit_log":"", 42 "debug_log":"", 43 "error_log":"", 44 "parser_error":"Failed to load script: Failed to compile script 'test-cases/data/match" 45 }, 46 "rules":[ 47 "SecRuleEngine On", 48 "SecRuleScript test-cases/data/match-ops.lua \"id:1,t:lowercase,t:none\"" 49 ] 50 }, 51 { 52 "enabled":1, 53 "version_min":300000, 54 "version_max":0, 55 "resource":"lua", 56 "title":"Testing action :: SecRuleScript (2/4)", 57 "client":{ 58 "ip":"200.249.12.31", 59 "port":2313 60 }, 61 "server":{ 62 "ip":"200.249.12.31", 63 "port":80 64 }, 65 "request":{ 66 "headers":{ 67 "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", 68 "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", 69 "Accept-Language":"en-us,en;q=0.5", 70 "Accept-Encoding":"gzip,deflate", 71 "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", 72 "Keep-Alive":"300", 73 "Connection":"keep-alive", 74 "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", 75 "Pragma":"no-cache", 76 "Cache-Control":"no-cache" 77 }, 78 "uri":"\/test.pl?param1= test ¶m2=test2", 79 "method":"GET", 80 "http_version":1.1, 81 "body":"" 82 }, 83 "response":{ 84 "headers":{ 85 "Content-Type":"text\/xml; charset=utf-8\n\r", 86 "Content-Length":"length\n\r" 87 } 88 }, 89 "expected":{ 90 "audit_log":"", 91 "debug_log":"", 92 "error_log":"", 93 "parser_error":"Failed to load script: Failed to compile script " 94 }, 95 "rules":[ 96 "SecRuleEngine On", 97 "SecRuleScript /bin/echo \"id:1,t:lowercase,t:none\"" 98 ] 99 }, 100 { 101 "enabled":1, 102 "version_min":300000, 103 "version_max":0, 104 "resource":"lua", 105 "title":"Testing action :: SecRuleScript (3/4)", 106 "client":{ 107 "ip":"200.249.12.31", 108 "port":2313 109 }, 110 "server":{ 111 "ip":"200.249.12.31", 112 "port":80 113 }, 114 "request":{ 115 "headers":{ 116 "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", 117 "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", 118 "Accept-Language":"en-us,en;q=0.5", 119 "Accept-Encoding":"gzip,deflate", 120 "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", 121 "Keep-Alive":"300", 122 "Connection":"keep-alive", 123 "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", 124 "Pragma":"no-cache", 125 "Cache-Control":"no-cache" 126 }, 127 "uri":"\/test.pl?param1= test ¶m2=test2", 128 "method":"GET", 129 "http_version":1.1, 130 "body":"" 131 }, 132 "response":{ 133 "headers":{ 134 "Content-Type":"text\/xml; charset=utf-8\n\r", 135 "Content-Length":"length\n\r" 136 } 137 }, 138 "expected":{ 139 "audit_log":"", 140 "debug_log":"echo 123", 141 "error_log":"", 142 "parser_error":"", 143 "http_code": 404 144 }, 145 "rules":[ 146 "SecRuleEngine On", 147 "SecRuleScript test-cases/data/match-log.lua \"id:1,t:lowercase,t:none,status:404,deny\"" 148 ] 149 }, 150 { 151 "enabled":1, 152 "version_min":300000, 153 "version_max":0, 154 "resource":"lua", 155 "title":"Testing action :: SecRuleScript (4/4)", 156 "client":{ 157 "ip":"200.249.12.31", 158 "port":2313 159 }, 160 "server":{ 161 "ip":"200.249.12.31", 162 "port":80 163 }, 164 "request":{ 165 "headers":{ 166 "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", 167 "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", 168 "Accept-Language":"en-us,en;q=0.5", 169 "Accept-Encoding":"gzip,deflate", 170 "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", 171 "Keep-Alive":"300", 172 "Connection":"keep-alive", 173 "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", 174 "Pragma":"no-cache", 175 "Cache-Control":"no-cache" 176 }, 177 "uri":"\/test.pl?param1= test ¶m2=test2", 178 "method":"GET", 179 "http_version":1.1, 180 "body":"" 181 }, 182 "response":{ 183 "headers":{ 184 "Content-Type":"text\/xml; charset=utf-8\n\r", 185 "Content-Length":"length\n\r" 186 } 187 }, 188 "expected":{ 189 "audit_log":"", 190 "debug_log":"Running \\(disruptive\\) action: deny", 191 "error_log":"", 192 "parser_error":"", 193 "http_code": 404 194 }, 195 "rules":[ 196 "SecRuleEngine On", 197 "SecRuleScript test-cases/data/match.lua \"id:1,t:lowercase,t:none,status:404,deny\"" 198 ] 199 } 200] 201 202