Skip to content

Commit 6d77c76

Browse files
author
Felipe Zimmerle
committed
Implements intervention support inside using chunks example
In the example the disruptive action is printed in the console output.
1 parent f5b47a8 commit 6d77c76

File tree

1 file changed

+52
-16
lines changed

1 file changed

+52
-16
lines changed

examples/using_bodies_in_chunks/simple_request.cc

Lines changed: 52 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -85,6 +85,42 @@ static void logCb(void *data, const void *ruleMessagev) {
8585
}
8686
}
8787

88+
int process_intervention(modsecurity::Transaction *transaction)
89+
{
90+
modsecurity::ModSecurityIntervention intervention;
91+
intervention.status = 200;
92+
intervention.url = NULL;
93+
intervention.log = NULL;
94+
intervention.disruptive = 0;
95+
96+
if (msc_intervention(transaction, &intervention) == 0) {
97+
return 0;
98+
}
99+
100+
if (intervention.log == NULL) {
101+
intervention.log = strdup("(no log message was specified)");
102+
}
103+
104+
std::cout << "Log: " << intervention.log << std::endl;
105+
free(intervention.log);
106+
107+
if (intervention.url != NULL)
108+
{
109+
std::cout << "Intervention, redirect to: " << intervention.url;
110+
std::cout << " with status code: " << intervention.status << std::endl;
111+
free(intervention.url);
112+
return intervention.status;
113+
}
114+
115+
if (intervention.status != 200)
116+
{
117+
std::cout << "Intervention, returning code: " << intervention.status;
118+
std::cout << std::endl;
119+
return intervention.status;
120+
}
121+
122+
return 0;
123+
}
88124

89125
int main(int argc, char **argv) {
90126
modsecurity::ModSecurity *modsec;
@@ -129,36 +165,36 @@ int main(int argc, char **argv) {
129165
*/
130166
modsecurity::Transaction *modsecTransaction = \
131167
new modsecurity::Transaction(modsec, rules, NULL);
132-
// TODO: verify if there is any disruptive action.
168+
process_intervention(modsecTransaction);
133169

134170
/**
135171
* Initial connection setup
136172
*
137173
*/
138174
modsecTransaction->processConnection(ip, 12345, "127.0.0.1", 80);
139-
// TODO: verify if there is any disruptive action.
175+
process_intervention(modsecTransaction);
140176

141177
/**
142178
* Finally we've got the URI
143179
*
144180
*/
145181
modsecTransaction->processURI(request_uri, "GET", "1.1");
146-
// TODO: verify if there is any disruptive action.
182+
process_intervention(modsecTransaction);
147183

148184
/**
149185
* Lets add our request headers.
150186
*
151187
*/
152188
modsecTransaction->addRequestHeader("Host",
153189
"net.tutsplus.com");
154-
// TODO: verify if there is any disruptive action.
190+
process_intervention(modsecTransaction);
155191

156192
/**
157193
* No other reuqest header to add, let process it.
158194
*
159195
*/
160196
modsecTransaction->processRequestHeaders();
161-
// TODO: verify if there is any disruptive action.
197+
process_intervention(modsecTransaction);
162198

163199
/**
164200
* There is a request body to be informed...
@@ -167,38 +203,38 @@ int main(int argc, char **argv) {
167203
modsecTransaction->appendRequestBody(
168204
(const unsigned char*)request_body_first,
169205
strlen((const char*)request_body_first));
170-
// TODO: verify if there is any disruptive action.
206+
process_intervention(modsecTransaction);
171207

172208
modsecTransaction->appendRequestBody(
173209
(const unsigned char*)request_body_second,
174210
strlen((const char*)request_body_second));
175-
// TODO: verify if there is any disruptive action.
211+
process_intervention(modsecTransaction);
176212

177213
modsecTransaction->appendRequestBody(
178214
(const unsigned char*)request_body_third,
179215
strlen((const char*)request_body_third));
180-
// TODO: verify if there is any disruptive action.
216+
process_intervention(modsecTransaction);
181217

182218
/**
183219
* Request body is there ;) lets process it.
184220
*
185221
*/
186222
modsecTransaction->processRequestBody();
187-
// TODO: verify if there is any disruptive action.
223+
process_intervention(modsecTransaction);
188224

189225
/**
190226
* The webserver is giving back the response headers.
191227
*/
192228
modsecTransaction->addResponseHeader("HTTP/1.1",
193229
"200 OK");
194-
// TODO: verify if there is any disruptive action.
230+
process_intervention(modsecTransaction);
195231

196232
/**
197233
* The response headers are filled in, lets process.
198234
*
199235
*/
200236
modsecTransaction->processResponseHeaders(200, "HTTP 1.2");
201-
// TODO: verify if there is any disruptive action.
237+
process_intervention(modsecTransaction);
202238

203239
/**
204240
* It is time to let modsec aware of the response body
@@ -207,31 +243,31 @@ int main(int argc, char **argv) {
207243
modsecTransaction->appendResponseBody(
208244
(const unsigned char*)response_body_first,
209245
strlen((const char*)response_body_first));
210-
// TODO: verify if there is any disruptive action.
246+
process_intervention(modsecTransaction);
211247

212248
modsecTransaction->appendResponseBody(
213249
(const unsigned char*)response_body_second,
214250
strlen((const char*)response_body_second));
215-
// TODO: verify if there is any disruptive action.
251+
process_intervention(modsecTransaction);
216252

217253
modsecTransaction->appendResponseBody(
218254
(const unsigned char*)response_body_third,
219255
strlen((const char*)response_body_third));
220-
// TODO: verify if there is any disruptive action.
256+
process_intervention(modsecTransaction);
221257

222258
/**
223259
* Finally, lets have the response body processed.
224260
*
225261
*/
226262
modsecTransaction->processResponseBody();
227-
// TODO: verify if there is any disruptive action.
263+
process_intervention(modsecTransaction);
228264

229265
/**
230266
* Keeping track of everything: saving the logs.
231267
*
232268
*/
233269
modsecTransaction->processLogging();
234-
// TODO: verify if there is any disruptive action.
270+
process_intervention(modsecTransaction);
235271

236272

237273
/**

0 commit comments

Comments
 (0)