Gobal view
WAF rulesets can be used with additional files to extend and organize the rules. This section allows you to work with different types of files.
Brief description of the fields in the image above:
- Name: A unique name to easily identify the WAF file.
- Type: Indicates whether it is a Data file or a Lua Script.
- Module: The module to which the file has been applied. The default Module is waf
Actions: Use the following actions to manage the files.
- Create file: Create a file for use with a WAF ruleset.
- Delete: Remove the selected files from the WAF ruleset.
Bulk Actions for each ruleset
- Edit: Edit this file of the WAF ruleset.
- Delete: Remove this file from the WAF ruleset.
Different types of files
SKUDONET v10 includes a highlighted module for WAF files, the system administrator will see the entire file loaded and highlighted based in the data source, the data source can be:
- Data: Plain text can be shown here or data file not identified by the module. These kinds of files are referred from the Seclang rules, it is quite common to find here a list of different strings or some kind of source code or string that the Rule will use to search in the Response or Request. The highlighting done by SKUDONET v10 is as follows:
- Script: Lua code can be created and highlighted in this section, some examples here:
The path where those files are saved is “/usr/local/skudonet/config/ipds/waf/sets”, use this absolute path to do reference in any security rule.
Next Article: IPDS | WAF | Files | Create
