Open Kubas556 opened 1 week ago
Hi @Kubas556,
thanks for this report - unfortunately I can't open the image. Could you share the error in simple text?
Btw I tried to parse the mentioned file but it was success:
$ poetry run secrules-parser -r -f ../coreruleset/rules/REQUEST-905-COMMON-EXCEPTIONS.conf
{"../coreruleset/rules/REQUEST-905-COMMON-EXCEPTIONS.conf": [{"905100": ["streq GET /"]}]}
$ poetry run secrules-parser -c -f ../coreruleset/rules/REQUEST-905-COMMON-EXCEPTIONS.conf
Syntax OK: ../coreruleset/rules/REQUEST-905-COMMON-EXCEPTIONS.conf
There is no error in output, it seems fine. But the model from process_rules function seems to miss the REQUEST_LINE variable
The image i send is only screenshot of REQUEST-905-COMMON-EXCEPTIONS.conf file
REQUEST_LINE
is defined as a variable in https://github.com/coreruleset/secrules_parsing/blob/32a571e76e082a5b2e81286c376d94a20718cac7/src/secrules_parsing/model/secrules.tx#L62. Note that this parser does not create a complete model but only as much as we need for verification, linting, etc.
Are you looking for something specific that is currently not supported? It would be helpful if you could describe your usecase.
I need full model of modsec rule so i could recreate it using my own definitions in C# classes
Maybe you might be more interested in the antlr parser: https://github.com/coreruleset/seclang_parser
I need full model of modsec rule so i could recreate it using my own definitions in C# classes
If it's enough that you get a yaml/json structure of your rules, msc_pyparser will be a good choice for you.
Thanks, i will look at it.
When i execute "python .\cli.py -o regex.json --regex -f C:\Users\user\Downloads\modsec-rules\rules\REQUEST-905-COMMON-EXCEPTIONS.conf" to try parse modsec rules and them break inside on of the rule loop, the rule values are empty, there is no mention about them except for raw input and parse schema. In this file are used "REQUEST_LINE", "REMOTE_ADDR" and "REQUEST_HEADERS" export.json