-
Notifications
You must be signed in to change notification settings - Fork 3
/
ftw.yml
59 lines (57 loc) · 4.15 KB
/
ftw.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
---
logfile: '/etc/envoy/logs/ftw.log'
maxmarkerretries: 10
testoverride:
input:
dest_addr: envoy
port: 8090
ignore:
# Envoy not compatible tests
'911100-5': 'Invalid HTTP method. Rejected by Envoy with Error 400'
'911100-7': 'Invalid HTTP method. Rejected by Envoy with Error 400'
'920100-4': 'Accepted by Envoy. Valid request. It is only disabled by default from Apache and Nginx'
'920100-10': 'Invalid HTTP method. Rejected by Envoy with Error 400'
'920100-14': 'Invalid HTTP method. Rejected by Envoy with Error 400'
'920100-16': 'Invalid HTTP request line. Rejected by Envoy with Error 400'
'949110-4': 'Related to 920100. Invalid HTTP method. Rejected by Envoy with Error 400'
'941110-4': 'Referer header is sanitized by Envoy and removed from the request'
'941110-9': 'Referer header is sanitized by Envoy and removed from the request'
'920270-5': 'Referer header is sanitized by Envoy and removed from the request'
'941101-1': 'Referer header is sanitized by Envoy and removed from the request'
'920210-2': 'Connection header is stripped out by Envoy'
'920210-3': 'Connection header is stripped out by Envoy'
'920210-4': 'Connection header is stripped out by Envoy'
'920210-6': 'Connection header is stripped out by Envoy'
'920210-7': 'Connection header is stripped out by Envoy'
'920274-2': 'PL4 - False positive. Envoy Populates :path header, therefore invalid character are detected'
'920274-3': 'PL4 - False positive. Envoy Populates :path header, therefore invalid character are detected'
'920274-5': 'PL4 - False positive. Envoy Populates :path header, therefore invalid character are detected'
'932161-7': 'Referer header is sanitized by Envoy and removed from the request'
'932161-8': 'Referer header is sanitized by Envoy and removed from the request'
'932161-9': 'Referer header is sanitized by Envoy and removed from the request'
'932161-10': 'Referer header is sanitized by Envoy and removed from the request'
'932161-11': 'Referer header is sanitized by Envoy and removed from the request'
'932161-12': 'Referer header is sanitized by Envoy and removed from the request'
'932236-6': 'Referer header is sanitized by Envoy and removed from the request'
'932236-7': 'Referer header is sanitized by Envoy and removed from the request'
'932236-28': 'Referer header is sanitized by Envoy and removed from the request'
'932237-6': 'Referer header is sanitized by Envoy and removed from the request'
'932237-7': 'Referer header is sanitized by Envoy and removed from the request'
'932237-8': 'Referer header is sanitized by Envoy and removed from the request'
# Rules working, tests excluded for different expected output
'920270-4': 'Log contains 920270. Test has log_contains disabled.'
# Coraza related issues
'920171-2': 'Rule 920171 not detected. GET/HEAD with body. Coraza side'
'920171-3': 'Rule 920171 not detected. GET/HEAD with body. Coraza side'
'920280-1': 'Rule 920280 not detected. Host not present. Coraza side'
'920280-3': 'Rule 920280 not detected. Host not present. Coraza side'
'920290-1': 'Rule 920290 not detected. Empty Host. Coraza side'
'920430-3': 'Rule 920430 not detected. Proto version. Coraza side'
'920430-5': 'Rule 920430 not detected. Proto version. Coraza side'
'920430-8': 'Rule 920430 not detected. Proto version. Coraza side'
'920430-9': 'Rule 920430 not detected. Proto version. Coraza side'
'934120-23': 'Rule 934120 partially detected. With HTTP/1.1 Envoy return 400. With HTTP/2 Enclosed alphanumerics not detected. Coraza Side'
'934120-24': 'Rule 934120 partially detected. With HTTP/1.1 Envoy return 400. With HTTP/2 Enclosed alphanumerics not detected. Coraza Side'
'934120-25': 'Rule 934120 partially detected. With HTTP/1.1 Envoy return 400. With HTTP/2 Enclosed alphanumerics not detected. Coraza Side'
'934120-26': 'Rule 934120 partially detected. With HTTP/1.1 Envoy return 400. With HTTP/2 Enclosed alphanumerics not detected. Coraza Side'
'934120-39': 'Rule 934120 partially detected. With HTTP/1.1 Envoy return 400. With HTTP/2 Enclosed alphanumerics not detected. Coraza Side'