modsecurity v3 ,Centos 7, the lua not work

[HL123]

Describe the bug i use nginx modsecurity ，want to support lua .while i have edit modsecurity.conf as follows

SecRuleScript "/usr/local/lua/exec.lua" "block"

OR

SecRule ARGS:testparam "@contains test" "phase:2,id:113,pass,exec:/usr/local/lua/exec.lua,auditlog"

OR

SecRule ARGS:p attack "phase:2,id:113,block,exec:/usr/local/lua/exec.lua" .

the exec lua as follows :

!/usr/local/bin/lua

function main() m.log(1,"Starting script execution \n") local fileHandle = assert(io.open('/usr/local/lua/test.lua','a')) fileHandle:write("---MODSECURITY ---\n") m.log(1,"Script execution finished\n")

file = io.open("test.lua", "a")
file:write("--test")
file:close()

end

while the exec.lua not work ，and there have no error . so I hava no idea about it.

And

I have compile nginx and modsecurity as follows

./configure \ --prefix=/usr/local/nginx \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ --with-http_ssl_module \ --with-http_v2_module \ --with-http_realip_module \ --with-http_addition_module \ --with-http_image_filter_module=dynamic \ --with-http_geoip_module=dynamic \ --with-http_sub_module \ --with-http_dav_module \ --with-http_flv_module \ --with-http_mp4_module \ --with-http_gunzip_module \ --with-http_gzip_static_module \ --with-http_random_index_module \ --with-http_secure_link_module \ --with-http_degradation_module \ --with-http_slice_module \ --with-http_stub_status_module \ --with-pcre \ --with-pcre-jit \ --with-stream=dynamic \ --with-stream_ssl_module \ --with-debug \ --add-module=/usr/local/src//ngx_devel_kit-0.3.0 \ --add-module=/usr/local/src/lua-nginx-module-0.10.9rc7 \ --with-ld-opt="-Wl,-rpath,$LUAJIT_LIB" ;

ModSecurity - for Linux

Mandatory dependencies

• libInjection ....

• SecLang tests ....377fb72

  Optional dependencies

• GeoIP/MaxMind ....found
  • (GeoIP) v1.5.0 -lGeoIP , -I/usr/include/
• LibCURL ....found v7.29.0 -lcurl , -DWITH_CURL
• YAJL ....found v2.0.4 -lyajl , -DWITH_YAJL
• LMDB ....not found
• LibXML2 ....found v2.9.1 -lxml2 -lz -lm -ldl, -I/usr/include/libxml2 -DWITH_LIBXML2
• SSDEEP ....not found

• LUA ....found v501 -llua-5.1 -L/usr/lib64/, -DWITH_LUA -DWITH_LUA_5_1 -I/usr/include

  Other Options

• Test Utilities ....enabled
• SecDebugLog ....enabled
• afl fuzzer ....disabled
• library examples ....enabled
• Building parser ....disabled

• Treating pm operations as critical section ....disabled

and i have upgrade the lua to 5.2

thanks.

[HL123]

i have know throw debug ,thanks .

and i will try do it .

[1601277762] [/?testparam=test] [2] Failed to execute lua script: /usr/local/lua/exec.lua (before main) - /usr/local/lua/exec.lua:20: attempt to index global 'file' (a nil value)

[swzaaaaaaa]

May I ask how you resolved this issue? Mine, too. The instructions were written but did not take effect.