Closed mirkodziadzka-avi closed 4 years ago
cc: @MirkoDziadzka
My proposal would be to parse this short form as if @rx
would be there. Then the read/write cycle would modify the rule, but - in my personal opinion - the version with implicit operator should be deprecated.
Hi @mirkodziadzka-avi,
so many thanks again for your remark. PR #13 fixes this problem, I close the issue.
Thanks for the fix.
I transformed my rulset modsec-lang -> YAML -> modsec-lang -> yaml
for verification.
As you did predicted:
ARGS,ARGS -> ARGS|ARGS
SecRule ARGS foo -> SecRule ARGS "foo"
and aditional:
SecRule ARGS "foo" "\
id:42
became
SecRule ARGS "foo" \
"id:42
At the end, a very impressive performance:
$ cat original/*.conf | wc -l
431619
$ diff -w -r original regenerated | wc -l
22
Oh, nice to see the performance :).
Anyway, your additional example can be prevented - the MSCWriter
class follows the expected CRS formatting rules, and of course, you can overwrite it as you want.
If you interesting, check the beautifier examples (both has a short text description with same name).
As shortly discussed in https://github.com/digitalwave/msc_pyparser/issues/9#issuecomment-581130642, I see an issue when using crs_write
how to reproduce
use latest master version 7d7fa7feac7e24d792db9cecf689557af7f59359
Use the following input:
crs_read will crate the following file
crs_write will throw an exception on this
When replacing the rule with
it will work