Skip to content

Commit 2a3b80c

Browse files
rkrishn7rkrishn7
authored
chore: update examples (#6)
1 parent 55cb5e6 commit 2a3b80c

File tree

7 files changed

+123
-273
lines changed

7 files changed

+123
-273
lines changed

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ If you're looking for low-level FFI bindings to libmodsecurity, check out [modse
1212
Block requests with `admin` in the path
1313

1414
```rust
15-
use modsecurity::{ModSecurity, Rules, Transaction};
15+
use modsecurity::{ModSecurity, Rules};
1616

1717
let ms = ModSecurity::default();
1818

examples/basic_rules.conf

Lines changed: 0 additions & 231 deletions
This file was deleted.

examples/block-admin-requests.rs

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,33 @@
1+
use modsecurity::{ModSecurity, Rules};
2+
3+
pub fn main() {
4+
let ms = ModSecurity::default();
5+
6+
let mut rules = Rules::new();
7+
rules
8+
.add_plain(
9+
r#"
10+
SecRuleEngine On
11+
12+
SecRule REQUEST_URI "@rx admin" "id:1,phase:1,deny,status:401"
13+
"#,
14+
)
15+
.expect("Failed to add rules");
16+
17+
let mut transaction = ms
18+
.transaction_builder()
19+
.with_rules(&rules)
20+
.build()
21+
.expect("Error building transaction");
22+
23+
transaction
24+
.process_uri("http://example.com/admin", "GET", "1.1")
25+
.expect("Error processing URI");
26+
transaction
27+
.process_request_headers()
28+
.expect("Error processing request headers");
29+
30+
let intervention = transaction.intervention().expect("Expected intervention");
31+
32+
assert_eq!(intervention.status(), 401);
33+
}

examples/disruptive-logging.rs

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
use modsecurity::{ModSecurity, Rules};
2+
3+
pub fn main() {
4+
let ms = ModSecurity::builder().with_log_callbacks().build();
5+
6+
let mut rules = Rules::new();
7+
rules
8+
.add_plain(
9+
r#"
10+
SecRuleEngine DetectionOnly
11+
12+
SecRule REQUEST_HEADERS:X-Client-Port "@streq 22" \
13+
"id:'1234567',\
14+
log,\
15+
msg:'Blocking SSH port',\
16+
phase:1,\
17+
t:none,\
18+
status:403,\
19+
deny
20+
"#,
21+
)
22+
.expect("Failed to add rules");
23+
24+
let mut transaction = ms
25+
.transaction_builder()
26+
.with_rules(&rules)
27+
.with_logging(|msg| {
28+
if let Some(msg) = msg {
29+
println!("Received log: {}", msg);
30+
}
31+
})
32+
.build()
33+
.expect("Error building transaction");
34+
35+
transaction
36+
.add_request_header("X-Client-Port", "22")
37+
.expect("Error adding request header");
38+
transaction
39+
.process_request_headers()
40+
.expect("Error processing request headers");
41+
42+
assert!(transaction.intervention().is_none());
43+
}

examples/non-disruptive-logging.rs

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,45 @@
1+
use modsecurity::{ModSecurity, Rules};
2+
3+
pub fn main() {
4+
let ms = ModSecurity::default();
5+
6+
let mut rules = Rules::new();
7+
rules
8+
.add_plain(
9+
r#"
10+
SecRuleEngine On
11+
12+
SecRule REQUEST_HEADERS:X-Client-Port "@streq 22" \
13+
"id:'1234567',\
14+
log,\
15+
msg:'Blocking SSH port',\
16+
phase:1,\
17+
t:none,\
18+
status:403,\
19+
deny
20+
"#,
21+
)
22+
.expect("Failed to add rules");
23+
24+
let mut transaction = ms
25+
.transaction_builder()
26+
.with_rules(&rules)
27+
.build()
28+
.expect("Error building transaction");
29+
30+
transaction
31+
.add_request_header("X-Client-Port", "22")
32+
.expect("Error adding request header");
33+
transaction
34+
.process_request_headers()
35+
.expect("Error processing request headers");
36+
37+
let intervention = transaction.intervention().expect("Expected intervention");
38+
39+
assert_eq!(intervention.status(), 403);
40+
41+
println!(
42+
"Received log: {}",
43+
intervention.log().expect("Expected log")
44+
);
45+
}

0 commit comments

Comments
 (0)