nbs-system / naxsi

NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
GNU General Public License v3.0
4.8k stars 606 forks source link

Print country on stats report and generation whitelist report #465

Closed fernandomariano closed 5 years ago

fernandomariano commented 5 years ago

I would like to suggest to print country values on -x and when show details about each BasicRule on nxtool. I can submit the merge request if it is ok to add this functionality.

nxtool -x 
# size :1000
# Whitelist(ing) ratio :
# false 48.07% (total:548582/1141182)
# true 1.93% (total:22009/1141182)
# Top servers :
# example.org 94.32% (total:517418/548582)
...
# Top URI(s) :
# /example 94.16% (total:516560/548582)
...
# Top Zone(s) :
# BODY 98.87% (total:542365/548582)
# BODY|NAME 0.49% (total:2688/548582)
# ARGS 0.46% (total:2519/548582)
# URL 0.18% (total:970/548582)
# ARGS|NAME 0.01% (total:40/548582)
# Top Peer(s) :
# 192.168.0.1 94.31% (total:517392/548582)
...
# Top Country(ies) :
# ZZ 99.98% (total:548460/548582)
# US 0.02% (total:122/548582)

nxtool -f 

#msg: A generic whitelist, true for the whole uri
#Rule (1011) close parenthesis, probable sql/xss
#total hits 2
#content : insert+table+()
#peers : 172.18.13.136
#country : ZZ
#uri : /example/
#var_name : password

BasicRule  wl:1011 "mz:$URL:/example|BODY";
fernandomariano commented 5 years ago

I have submitted this MR: https://github.com/nbs-system/naxsi/pull/467. I hope that it can help.

buixor commented 5 years ago

Thanks @fernandomariano , looking right at it :)

he2ss commented 5 years ago

The MR is merged. Thanks for your contribution @fernandomariano.