Tags: crowdsecurity/lua-cs-bouncer
Tags
fix: only read captcha body if needed (#122) * Fix captcha reading body When a user has passed the captcha check the body is always loaded if captcha configuration is correct, we should only read the body if the user / ip is in a verifying state. * remove comment * Update crowdsec.lua
add nginx controlled variable (#111) * feat(config): improve configuration handling and validation + Refactored ~split~ function to use ~local~ for variable declaration. + Enhanced ~has_value~ function by removing unused variable ~index~. + Moved ~valid_params~, ~valid_int_params~, ~valid_bouncing_on_type_values~, and ~valid_truefalse_values~ to a higher scope for better reusability. + Improved ~EXCLUDE_LOCATION~ handling * feat(config): enhance configuration loading with local overrides and default values Added support for loading local configuration overrides in ~csmod.init~. Enhanced ~config.loadConfig~ to optionally load default values for missing parameters. Refactored and cleaned up redundant code in ~config.lua~. * add nginx controlled variable * fix(crowdsec): correct configuration loading behavior Ensure that the main configuration file is loaded with strict validation and the local configuration file is loaded without strict validation. * feat(tests): add new test for live ban and config functionality Introduce a new test script ~t/15_live_ban_and_config.t~ to validate live ban and configuration functionality. The test includes: + Initialization of ~LWP::UserAgent~ for HTTP requests. + Verification of HTTP responses and logging initialization status. * add test local configuration file * add var ngx.var.enable_appsec * feat(crowdsec): add helper functions for bouncer and appsec configuration checks Refactored the logic for determining bouncer and appsec enablement into dedicated helper functions (`is_bouncer_enabled` and `is_appsec_enabled`). Updated the `Allow` function to use these helpers for improved readability and maintainability. * typo * add ngx.var.crowdsec_enable_bouncer * feat(crowdsec): improve configuration checks for bouncer and appsec Refactored the logic for determining the enabled state of bouncer and appsec configurations. Introduced a new function `is_always_send_to_appsec` to streamline checks for always sending to appsec. Updated the `Allow` function to use the new logic for better readability and maintainability * fix(crowdsec): correct logic for appsec and remediation checks Reordered conditions in ~is_appsec_enabled~ to ensure proper evaluation. Fixed parentheses in ~csmod.Allow~ to correctly group logical operations. * fix(config): correct indentation in EXCLUDE_LOCATION parsing loop The indentation in the loop parsing the `EXCLUDE_LOCATION` key was inconsistent. This change ensures proper alignment for better readability and maintainability. * typo
feat: call SetupStream and SetupMetrics from nginx configuration (#105) * feat: remove stream mode and metrics setup Removed the unused stream mode setup and metrics setup from the ~allowIp~ and ~Allow~ functions to clean up the code. * feat(lib): add get_mode function to retrieve runtime mode Added a new function ~csmod.get_mode~ to retrieve the runtime mode from the configuration. This function returns the value of the ~MODE~ key from the ~runtime.conf~ table. * feat(crowdsec): expose SetupMetrics and SetupStream functions Expose the SetupMetrics and SetupStream functions to make them accessible outside the module. * fix: correct function reference in timer setup Corrected the function reference in the timer setup from ~Setup_metrics~ to ~csmod.SetupMetrics~ to ensure proper execution of the timer. * feat: add init_worker_by_lua_block for stream mode and metrics initialization + Added ~init_worker_by_lua_block~ to initialize stream mode and metrics for workers. + Ensured that stream mode is set up for workers when mode is "stream". + Metrics initialization is performed only by worker 0. * fix: correct debug cache order in test file Ensure the debug cache entries are in the correct order in `t/05stream_and_ban.t`.
fix the cache management for live mode. (#104) * fix(crowdsec): correct configuration key and cache key format Changed ~CAPTCHA_EXPIRATION~ to ~CACHE_EXPIRATION~ in ~csmod.allowIp~ function. Updated cache key format in ~live_query~ function to include "decision_cache" prefix. * fix(caching): correct cache key format in live_query function Ensure the cache key format includes the "decision_cache/" prefix to prevent key conflicts and improve cache management. * mark debug * fix the test as well
PreviousNext