void XRuleTime::xrule_impl(
IronBee::Transaction tx,
ActionSet& actions
)
{
if (actions.overrides(m_action)) {
/* Get tx start time, shifted into the local time zone. */
boost::posix_time::ptime tx_start =
tx.started_time() + m_zone_info->base_utc_offset();
std::ostringstream os;
std::locale loc(
os.getloc(),
new boost::posix_time::time_facet("%H:%M:%S"));
os.imbue(loc);
os << "Checking current time "
<< tx_start
<< " against window "
<< m_start_time
<< "-"
<< m_end_time
<< ".";
ib_log_debug_tx(tx.ib(), "%s", os.str().c_str());
bool in_window = (
m_start_time.time_of_day() <= tx_start.time_of_day() &&
tx_start.time_of_day() < m_end_time.time_of_day()
);
// If any days of the week are specified in our window...
if (m_days.size() > 0) {
// ...get the day of the week...
short dow =
boost::gregorian::gregorian_calendar::day_of_week(
tx_start.date().year_month_day());
// ...and update the in_window boolean.
in_window &= (m_days.find(dow) != m_days.end());
}
// If we are in the window specified (considering the
// m_invert member) then execute the associated action.
if (in_window ^ m_invert) {
ib_log_debug_tx(tx.ib(), "XRuleTime was matched.");
actions.set(m_action);
}
else {
ib_log_debug_tx(tx.ib(), "XRuleTime was not matched.");
}
}
else {
ib_log_debug_tx(
tx.ib(),
"Skipping rule as action does not override tx actions.");
}
}
void XRulePath::xrule_impl(
IronBee::Transaction tx,
ActionSet& actions
)
{
if (actions.overrides(m_action)) {
const std::string tx_path(tx.ib()->path);
if (tx_path.length() >= m_path.length() &&
tx_path.compare(0, m_path.length(), m_path) == 0)
{
actions.set(m_action);
}
}
else {
ib_log_debug_tx(
tx.ib(),
"Skipping rule as action does not override tx actions.");
}
}
void XRuleContentType::xrule_impl(
IronBee::Transaction tx,
ActionSet& actions
)
{
if (actions.overrides(m_action)) {
if (m_any) {
if
(
has_field(tx, m_content_type_field) &&
!has_field(tx, m_content_length_field) &&
!has_field(tx, m_transport_encoding_field)
)
{
actions.set(m_action);
}
}
else if (m_none) {
if
(
!has_field(tx, m_content_type_field) &&
(
has_field(tx, m_content_length_field) ||
has_field(tx, m_transport_encoding_field)
)
)
{
actions.set(m_action);
}
}
else {
const ib_list_t *clist = NULL;
ib_var_target_t *target;
// Fetch list of fields.
IronBee::throw_if_error(
ib_var_target_acquire_from_string(
&target,
tx.memory_manager().ib(),
ib_engine_var_config_get(tx.engine().ib()),
m_content_type_field.data(),
m_content_type_field.length()
),
"Failed to acquire content type target.");
IronBee::throw_if_error(
ib_var_target_get(
target,
&clist,
tx.memory_manager().ib(),
tx.ib()->var_store
),
"Failed to retrieve content type field.");
IronBee::ConstList<ib_field_t *> list(clist);
if (list.size() > 0) {
const std::string content_type =
IronBee::ConstField(list.front()).to_s();
ib_log_debug_tx(
tx.ib(),
"Checking content type value \"%s\".",
content_type.c_str());
// Is the content type in the set.
if (m_content_types.count(content_type) > 0)
{
ib_log_debug_tx(
tx.ib(),
"Content type matched.");
actions.set(m_action);
}
}
else {
ib_log_debug_tx(
tx.ib(),
"No Content-Type header values. Rule not evaluated.");
}
}
}
else {
ib_log_debug_tx(
tx.ib(),
"Skipping rule as action does not override tx actions.");
}
}
void XRuleGeo::xrule_impl(IronBee::Transaction tx, ActionSet& actions)
{
if (actions.overrides(m_action)) {
ib_var_target_t *target;
const ib_list_t *clist;
ib_log_debug_tx(
tx.ib(),
"Running GeoIP check for %s",
m_country.c_str());
IronBee::throw_if_error(
ib_var_target_acquire_from_string(
&target,
tx.memory_manager().ib(),
ib_engine_var_config_get(tx.engine().ib()),
IB_S2SL(GEOIP_FIELD)
),
"Failed to acquire GeoIP source."
);
IronBee::throw_if_error(
ib_var_target_get_const(
target,
&clist,
tx.memory_manager().ib(),
tx.ib()->var_store
),
"Failed to retrieve GeoIP field."
);
IronBee::ConstList<const ib_field_t *> ls(clist);
if (ls.size() < 1) {
ib_log_info_tx(
tx.ib(),
"No GeoIP fields. Not filtering on GeoIP.");
}
else {
try {
IronBee::ConstByteString bs(
IronBee::ConstField(ls.front()).
value_as_byte_string());
ib_log_debug_tx(
tx.ib(),
"Matching GeoIP input %.*s against country %.*s.",
static_cast<int>(bs.length()),
bs.const_data(),
static_cast<int>(m_country.length()),
m_country.data());
if (boost::iequals(bs.to_s(), m_country)) {
ib_log_debug_tx(tx.ib(), "GeoIP match.");
actions.set(m_action);
}
else {
ib_log_debug_tx(tx.ib(), "No GeoIP match.");
}
}
catch (const IronBee::einval& e) {
ib_log_error_tx(
tx.ib(),
"GeoIP field is not a byte string field. "
"This XRule cannot run."
);
}
}
}
else {
ib_log_debug_tx(
tx.ib(),
"Skipping rule as action does not override tx actions.");
}
}
