Open jcchavezs opened 6 months ago
Will this include the log path SecDebugLog
?
I'm using Traefik 3.2.0 I'm trying to load a file, and it does not seem to work.
Traefik static config
experimental:
plugins:
coraza-http-wasm-traefik:
moduleName: "github.com/jcchavezs/coraza-http-wasm-traefik"
version: "v0.2.2"
settings:
mounts:
- /coraza
/coraza
is mounted from the docker host into the Traefik container
Via volumes:
volumes:
- ./coraza:/coraza
The folder coraza
contains a file named crs-setup.conf
in the middleware, I'm trying to load the file
http:
middlewares:
my-coraza-http-wasm-traefik:
plugin:
coraza-http-wasm-traefik:
crsEnabled: true
directives:
- Include ./coraza/crs-setup.conf
I get following error
Failed to initialize WAF: invalid WAF config from string: failed to readfile: open coraza/crs-setup.conf: file does not exist
If I try to load it via - Include /coraza/crs-setup.conf
I get:
Failed to initialize WAF: invalid WAF config from string: failed to readfile: read /coraza/crs-setup.conf: invalid name
Any idea?
@tiran133 try Include crs-setup.conf
Unfortunately not. Still getting
Failed to initialize WAF: invalid WAF config from string: failed to readfile: open crs-setup.conf: file does not exist
Not sure what's going, but I tried all sorts of combinations to include the file, but it seems that the folder is not mounted.
I see. This sounds more like a traefik issue.
José Carlos Chávez
On Tue, 29 Oct 2024 at 11:05, tiran133 @.***> wrote:
Unfortunately not. Still getting
Failed to initialize WAF: invalid WAF config from string: failed to readfile: open crs-setup.conf: file does not exist
Not sure what's going, but I tried all sorts of combinations to include the file, but it seems that the folder is not mounted.
— Reply to this email directly, view it on GitHub https://github.com/jcchavezs/coraza-http-wasm/issues/17#issuecomment-2443771705, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAXOYAXUST3YAUXJJ4GTQKLZ55MXFAVCNFSM6AAAAABIFVR5CWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDINBTG43TCNZQGU . You are receiving this because you authored the thread.Message ID: @.***>
Well the implementation is here it looks ok to me, I guess, but I'm not a go expert so not sure.
For now, I gave up, and I will use the example file Include @crs-setup.conf.example
and overwrite/add everything I need
through the middleware directives: key
you are right. It might not be a traefik issue. Let me put up a fix.
José Carlos Chávez
On Tue, 29 Oct 2024 at 11:17, tiran133 @.***> wrote:
Well the implementation is here it looks ok to me, I guess, but I'm not a go expert so not sure.
For now, I gave up, and I will use the example file Include @crs-setup.conf.example and overwrite/add everything I need through the middleware directive.
— Reply to this email directly, view it on GitHub https://github.com/jcchavezs/coraza-http-wasm/issues/17#issuecomment-2443805875, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAXOYAT7WATJUOGFNSMHLP3Z55OETAVCNFSM6AAAAABIFVR5CWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDINBTHAYDKOBXGU . You are receiving this because you authored the thread.Message ID: @.***>
Done, check 0.3.0
Great! Thank you for your fast reply!
Can you tag the traefik plugin too? https://github.com/jcchavezs/coraza-http-wasm-traefik
EDIT:
Just compiled to locally and used the 'localPlugins' for traefik. Still getting the same error.
Failed to initialize WAF: invalid WAF config from string: failed to readfile: open crs-setup.conf: file does not exist
Any combination of mounts and what not, it will not work for me.
Thank you anyway!
Done https://github.com/jcchavezs/coraza-http-wasm-traefik/releases/tag/v0.3.0
José Carlos Chávez
On Tue, 29 Oct 2024 at 13:32, tiran133 @.***> wrote:
Great! Thank you for your fast reply!
Can you tag the traefik plugin too? https://github.com/jcchavezs/coraza-http-wasm-traefik
— Reply to this email directly, view it on GitHub https://github.com/jcchavezs/coraza-http-wasm/issues/17#issuecomment-2444082905, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAXOYARB4ZZINCFN3OPOAULZ55553AVCNFSM6AAAAABIFVR5CWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDINBUGA4DEOJQGU . You are receiving this because you modified the open/close state.Message ID: @.***>
Thank you.
It is still not working for me. 😮💨
I believe the problem comes from https://github.com/corazawaf/coraza/issues/1208. I am testing the fix.
I reopened this issue because I could not find an easy fix for it. I suspect the failure comes from the mounting functionality provided by traefik. When I mount a folder e.g. /etc/coraza/testdata
I am not able to access such folder. Creating a wasm function with
package main
import httpwasm "github.com/http-wasm/http-wasm-guest-tinygo/handler"
func main() {
readDir(httpwasm.Host, ".")
readDir(httpwasm.Host, "/")
readDir(httpwasm.Host, "./etc")
readDir(httpwasm.Host, "/etc")
readDir(httpwasm.Host, "/etc/my-file")
}
func readDir(host api.Host, dir string) {
dirEntries, err := os.ReadDir(dir)
if err == nil {
host.Log(api.LogLevelError, "=> reading dir"+dir)
for _, f := range dirEntries {
host.Log(api.LogLevelError, "reading file"+f.Name())
}
} else {
host.Log(api.LogLevelError, "error reading dir "+err.Error())
}
}
Fails all the time e2e_traefik_local-1 | 2024-11-13T14:49:22Z ERR github.com/traefik/traefik/v3/pkg/logs/wasm.go:31 > error reading dir open /etc/coraza/testdata: file does not exist
Ping @juliens
https://github.com/traefik/traefik/issues/10739