Replies: 1 comment 6 replies
-
There's a test server you can play with and inspect the code for, that gets built with the library called The callbacks are defined/located here. There's some info in the architectural documentation about the how and the why for the callbacks as well here. The processing of either the ACL of the WAF profile can happen separately or together with a an entity called But if you'd just like to test an Access Control List (ACL) by itself with
~/gproj/waflz/build>jq '.' ./bad_file_ext.acl.json
{
"disallowed_extensions": [
".xxx"
]
}
rmorrison@pcu~/gproj/waflz/build>./util/waflz_server/waflz_server -a ./bad_file_ext.acl.json
...
>curl -s localhost:12345/index.xxx | jq '.'
{
"rule_msg": "File extension is not allowed by policy",
"sub_event": [
{
"rule_id": 80005,
"rule_msg": "File extension is not allowed by policy",
"rule_target": [
{
"name": "RklMRV9FWFQ=",
"param": "disallowed_extensions"
}
],
"rule_op_name": "",
"rule_op_param": "",
"rule_tag": [
"HTTP POLICY"
],
"matched_var": {
"name": "RklMRV9FWFQ=",
"value": "Lnh4eA=="
}
}
],
"acl_config_id": "",
"acl_config_name": "",
"config_last_modified": ""
}
Usage: waflz_server [options]
Options:
-h, --help display this help and exit.
-v, --version display the version number and exit.
Config Modes: -specify only one
-f, --profile waf profile
-a, --acl access control list (acl)
-e, --rules rules
-m, --modsecurity modsecurity rules
-l, --limit limit.
-b, --scopes scopes (file or directory)
Engine Configuration:
-r, --ruleset-dir waf ruleset directory
-g, --geoip-db geoip-db
-s, --geoip-isp-db geoip-isp-db
-d --config-dir configuration directory (REQUIRED for scopes)
-x, --random-ips randomly generate ips
-c, --challenge json containing browser challenges
-n, --bot-js js to insert in custom browser challenges
KV DB Configuration:
-L, --lmdb lmdb for rl counting
-I, --interprocess lmdb across multiple process (if --lmdb)
Server Configuration:
-p, --port port (default: 12345)
-j, --action apply actions instead of reporting
-z, --bg load configs in background thread
-o, --output write json alerts to file
Server Mode: choose one or none
-w, --static static file path (for serving)
-y, --proxy run server in proxy mode
Debug Options:
-t, --trace tracing (error/rule/match/all)
-T, --server-trace server tracing (error/warn/debug/verbose/all)
-A, --audit-mode load and exit Let me know if you need any more info. |
Beta Was this translation helpful? Give feedback.
-
I wanted to start using response processing on my end and currently understand how it works on the request side by using
rqst_ctx_callbacks
but is there something equivalent for the response? Are there examples in tests or documentation you can point me to so I can get started?Beta Was this translation helpful? Give feedback.
All reactions