owasp-modsecurity
diff --git a/‎config_tests/CONF_000_GLOBAL.yaml‎
Lines changed: 10 additions & 0 deletions b/‎config_tests/CONF_000_GLOBAL.yaml‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎config_tests/CONF_010_TARGET_DURATION.yaml‎
Lines changed: 35 additions & 0 deletions b/‎config_tests/CONF_010_TARGET_DURATION.yaml‎
Lines changed: 35 additions & 0 deletions
diff --git a/‎generated/rules/MRTS_010_DURATION.conf‎
Lines changed: 48 additions & 0 deletions b/‎generated/rules/MRTS_010_DURATION.conf‎
Lines changed: 48 additions & 0 deletions
diff --git a/‎generated/rules/MRTS_059_REQUEST_COOKIES.conf‎
Lines changed: 16 additions & 16 deletions b/‎generated/rules/MRTS_059_REQUEST_COOKIES.conf‎
Lines changed: 16 additions & 16 deletions
diff --git a/‎generated/rules/MRTS_060_REQUEST_COOKIES_NAMES.conf‎
Lines changed: 16 additions & 16 deletions b/‎generated/rules/MRTS_060_REQUEST_COOKIES_NAMES.conf‎
Lines changed: 16 additions & 16 deletions
@@ -22,6 +22,16 @@ global:
           log,\
           msg:'%{MATCHED_VAR_NAME} was caught in phase:${PHASE}$',\
           ver:'${VERSION}$'"
+  - name: "SecRule for TARGETS with ACTIONS"
+    template: |
+      SecRule ${TARGET}$ "${OPERATOR}$ ${OPARG}$" \
+          "id:${CURRID}$,\
+          phase:${PHASE}$,\
+          t:none,\
+          log,\
+          msg:'%{MATCHED_VAR_NAME} was caught in phase:${PHASE}$ with value %{MATCHED_VAR}',\
+          ${ACTIONS}$,\
+          ver:'${VERSION}$'"
   default_tests_phase_methods:
   - 1: get
   - 2: post
 
@@ -0,0 +1,35 @@
+target: DURATION
+rulefile: MRTS_010_DURATION.conf
+testfile: MRTS_010_DURATION.yaml
+templates:
+- SecRule for TARGETS with ACTIONS
+generation:
+  before: | 
+    # Set starting duration marker
+    SecAction "id:${CURRID}$,phase:1, setvar:tx.duration_marker=0"
+actions:
+  - action:
+    - setvar:tx.duration_marker=%{MATCHED_VAR} # set duration marker at matched value
+colkey:
+- - ''
+operator:
+- '@gt'
+oparg:
+- '%{tx.duration_marker}' # check on previously matched duration as we expect it to increase at each phase
+phase:
+- 1
+- 2
+- 3
+- 4
+- 5
+testdata:
+  phase_methods:
+    1: get
+    2: post
+    3: post
+    4: post
+    5: post
+  targets:
+    - target: ''
+      test:
+        data: null
@@ -0,0 +1,48 @@
+# Set starting duration marker
+SecAction "id:100116,phase:1, setvar:tx.duration_marker=0"
+
+SecRule DURATION "@gt %{tx.duration_marker}" \
+    "id:100117,\
+    phase:1,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:1 with value %{MATCHED_VAR}',\
+    setvar:tx.duration_marker=%{MATCHED_VAR},\
+    ver:'MRTS/0.1'"
+
+SecRule DURATION "@gt %{tx.duration_marker}" \
+    "id:100118,\
+    phase:2,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:2 with value %{MATCHED_VAR}',\
+    setvar:tx.duration_marker=%{MATCHED_VAR},\
+    ver:'MRTS/0.1'"
+
+SecRule DURATION "@gt %{tx.duration_marker}" \
+    "id:100119,\
+    phase:3,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:3 with value %{MATCHED_VAR}',\
+    setvar:tx.duration_marker=%{MATCHED_VAR},\
+    ver:'MRTS/0.1'"
+
+SecRule DURATION "@gt %{tx.duration_marker}" \
+    "id:100120,\
+    phase:4,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:4 with value %{MATCHED_VAR}',\
+    setvar:tx.duration_marker=%{MATCHED_VAR},\
+    ver:'MRTS/0.1'"
+
+SecRule DURATION "@gt %{tx.duration_marker}" \
+    "id:100121,\
+    phase:5,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:5 with value %{MATCHED_VAR}',\
+    setvar:tx.duration_marker=%{MATCHED_VAR},\
+    ver:'MRTS/0.1'"
+
@@ -1,5 +1,5 @@
 SecRule REQUEST_COOKIES "@contains attack" \
-    "id:100116,\
+    "id:100122,\
     phase:1,\
     deny,\
     t:none,\
@@ -8,7 +8,7 @@ SecRule REQUEST_COOKIES "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES "@contains attack" \
-    "id:100117,\
+    "id:100123,\
     phase:2,\
     deny,\
     t:none,\
@@ -17,7 +17,7 @@ SecRule REQUEST_COOKIES "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES "@contains attack" \
-    "id:100118,\
+    "id:100124,\
     phase:3,\
     deny,\
     t:none,\
@@ -26,7 +26,7 @@ SecRule REQUEST_COOKIES "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES "@contains attack" \
-    "id:100119,\
+    "id:100125,\
     phase:4,\
     deny,\
     t:none,\
@@ -35,7 +35,7 @@ SecRule REQUEST_COOKIES "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES:cookie1 "@contains attack" \
-    "id:100120,\
+    "id:100126,\
     phase:1,\
     deny,\
     t:none,\
@@ -44,7 +44,7 @@ SecRule REQUEST_COOKIES:cookie1 "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES:cookie1 "@contains attack" \
-    "id:100121,\
+    "id:100127,\
     phase:2,\
     deny,\
     t:none,\
@@ -53,7 +53,7 @@ SecRule REQUEST_COOKIES:cookie1 "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES:cookie1 "@contains attack" \
-    "id:100122,\
+    "id:100128,\
     phase:3,\
     deny,\
     t:none,\
@@ -62,7 +62,7 @@ SecRule REQUEST_COOKIES:cookie1 "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES:cookie1 "@contains attack" \
-    "id:100123,\
+    "id:100129,\
     phase:4,\
     deny,\
     t:none,\
@@ -71,7 +71,7 @@ SecRule REQUEST_COOKIES:cookie1 "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES:cookie1|REQUEST_COOKIES:cookie2 "@contains attack" \
-    "id:100124,\
+    "id:100130,\
     phase:1,\
     deny,\
     t:none,\
@@ -80,7 +80,7 @@ SecRule REQUEST_COOKIES:cookie1|REQUEST_COOKIES:cookie2 "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES:cookie1|REQUEST_COOKIES:cookie2 "@contains attack" \
-    "id:100125,\
+    "id:100131,\
     phase:2,\
     deny,\
     t:none,\
@@ -89,7 +89,7 @@ SecRule REQUEST_COOKIES:cookie1|REQUEST_COOKIES:cookie2 "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES:cookie1|REQUEST_COOKIES:cookie2 "@contains attack" \
-    "id:100126,\
+    "id:100132,\
     phase:3,\
     deny,\
     t:none,\
@@ -98,7 +98,7 @@ SecRule REQUEST_COOKIES:cookie1|REQUEST_COOKIES:cookie2 "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES:cookie1|REQUEST_COOKIES:cookie2 "@contains attack" \
-    "id:100127,\
+    "id:100133,\
     phase:4,\
     deny,\
     t:none,\
@@ -107,7 +107,7 @@ SecRule REQUEST_COOKIES:cookie1|REQUEST_COOKIES:cookie2 "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES:/^cookie_.*$/ "@contains attack" \
-    "id:100128,\
+    "id:100134,\
     phase:1,\
     deny,\
     t:none,\
@@ -116,7 +116,7 @@ SecRule REQUEST_COOKIES:/^cookie_.*$/ "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES:/^cookie_.*$/ "@contains attack" \
-    "id:100129,\
+    "id:100135,\
     phase:2,\
     deny,\
     t:none,\
@@ -125,7 +125,7 @@ SecRule REQUEST_COOKIES:/^cookie_.*$/ "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES:/^cookie_.*$/ "@contains attack" \
-    "id:100130,\
+    "id:100136,\
     phase:3,\
     deny,\
     t:none,\
@@ -134,7 +134,7 @@ SecRule REQUEST_COOKIES:/^cookie_.*$/ "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES:/^cookie_.*$/ "@contains attack" \
-    "id:100131,\
+    "id:100137,\
     phase:4,\
     deny,\
     t:none,\
 
@@ -1,5 +1,5 @@
 SecRule REQUEST_COOKIES_NAMES "@contains attack" \
-    "id:100132,\
+    "id:100138,\
     phase:1,\
     deny,\
     t:none,\
@@ -8,7 +8,7 @@ SecRule REQUEST_COOKIES_NAMES "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES_NAMES "@contains attack" \
-    "id:100133,\
+    "id:100139,\
     phase:2,\
     deny,\
     t:none,\
@@ -17,7 +17,7 @@ SecRule REQUEST_COOKIES_NAMES "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES_NAMES "@contains attack" \
-    "id:100134,\
+    "id:100140,\
     phase:3,\
     deny,\
     t:none,\
@@ -26,7 +26,7 @@ SecRule REQUEST_COOKIES_NAMES "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES_NAMES "@contains attack" \
-    "id:100135,\
+    "id:100141,\
     phase:4,\
     deny,\
     t:none,\
@@ -35,7 +35,7 @@ SecRule REQUEST_COOKIES_NAMES "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES_NAMES:attack1 "@contains attack" \
-    "id:100136,\
+    "id:100142,\
     phase:1,\
     deny,\
     t:none,\
@@ -44,7 +44,7 @@ SecRule REQUEST_COOKIES_NAMES:attack1 "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES_NAMES:attack1 "@contains attack" \
-    "id:100137,\
+    "id:100143,\
     phase:2,\
     deny,\
     t:none,\
@@ -53,7 +53,7 @@ SecRule REQUEST_COOKIES_NAMES:attack1 "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES_NAMES:attack1 "@contains attack" \
-    "id:100138,\
+    "id:100144,\
     phase:3,\
     deny,\
     t:none,\
@@ -62,7 +62,7 @@ SecRule REQUEST_COOKIES_NAMES:attack1 "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES_NAMES:attack1 "@contains attack" \
-    "id:100139,\
+    "id:100145,\
     phase:4,\
     deny,\
     t:none,\
@@ -71,7 +71,7 @@ SecRule REQUEST_COOKIES_NAMES:attack1 "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES_NAMES:attack1|REQUEST_COOKIES_NAMES:attack2 "@contains attack" \
-    "id:100140,\
+    "id:100146,\
     phase:1,\
     deny,\
     t:none,\
@@ -80,7 +80,7 @@ SecRule REQUEST_COOKIES_NAMES:attack1|REQUEST_COOKIES_NAMES:attack2 "@contains a
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES_NAMES:attack1|REQUEST_COOKIES_NAMES:attack2 "@contains attack" \
-    "id:100141,\
+    "id:100147,\
     phase:2,\
     deny,\
     t:none,\
@@ -89,7 +89,7 @@ SecRule REQUEST_COOKIES_NAMES:attack1|REQUEST_COOKIES_NAMES:attack2 "@contains a
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES_NAMES:attack1|REQUEST_COOKIES_NAMES:attack2 "@contains attack" \
-    "id:100142,\
+    "id:100148,\
     phase:3,\
     deny,\
     t:none,\
@@ -98,7 +98,7 @@ SecRule REQUEST_COOKIES_NAMES:attack1|REQUEST_COOKIES_NAMES:attack2 "@contains a
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES_NAMES:attack1|REQUEST_COOKIES_NAMES:attack2 "@contains attack" \
-    "id:100143,\
+    "id:100149,\
     phase:4,\
     deny,\
     t:none,\
@@ -107,7 +107,7 @@ SecRule REQUEST_COOKIES_NAMES:attack1|REQUEST_COOKIES_NAMES:attack2 "@contains a
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES_NAMES:/^attack_.*$/ "@contains attack" \
-    "id:100144,\
+    "id:100150,\
     phase:1,\
     deny,\
     t:none,\
@@ -116,7 +116,7 @@ SecRule REQUEST_COOKIES_NAMES:/^attack_.*$/ "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES_NAMES:/^attack_.*$/ "@contains attack" \
-    "id:100145,\
+    "id:100151,\
     phase:2,\
     deny,\
     t:none,\
@@ -125,7 +125,7 @@ SecRule REQUEST_COOKIES_NAMES:/^attack_.*$/ "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES_NAMES:/^attack_.*$/ "@contains attack" \
-    "id:100146,\
+    "id:100152,\
     phase:3,\
     deny,\
     t:none,\
@@ -134,7 +134,7 @@ SecRule REQUEST_COOKIES_NAMES:/^attack_.*$/ "@contains attack" \
     ver:'MRTS/0.1'"
 
 SecRule REQUEST_COOKIES_NAMES:/^attack_.*$/ "@contains attack" \
-    "id:100147,\
+    "id:100153,\
     phase:4,\
     deny,\
     t:none,\