[mod-security-users] The 'exec' Action and Available Variables
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] The 'exec' Action and Available Variables
|
From: Ken S. <sh...@gm...> - 2010-02-01 20:29:47
|
My question is about which variables are available to scripts running from the 'exec' action. I had posted earlier about wanting to log all POST data to a file separate from the Apache error_log. (http://article.gmane.org/gmane.comp.apache.mod-security.user/7099) Ryan was kind enough to point me to the 'exec' action in the documentation. So I began developing a Bash script to handle this for me; Bash is the most light-weight language that I know. My script works exactly as I want it when I run it as the "action" from a web form, but does not capture any POST data when run from as the exec action from my rule, but it does log all the other data from the script; i.e date, referrer, etc. You can see it at: http://www.imacollector.com/test-post.htm This is the rule I have in my modsecurity_crs_15_customrules.conf file: # Log POST data to a file SecRule REQUEST_METHOD "^POST$" "phase:2,t:none,noauditlog,log,pass,exec:/usr/local/apache2/bin/logpostvars.sh" The documentation says: "... Some transaction information will be placed in environment variables. All the usual CGI environment variables will be there. ..." so I suspect all I need to do is to know which environment variable stores the POST data and then split it in to key/value pairs and continue. If anyone could help me get over this last hurdle, I would be golden. Thanks! -ken -- Have a nice day ... unless you've made other plans. |