MINOR: Add Mod Defender integration as contrib
This is a service that talks SPOE protocol and uses the Mod Defender (a
NAXSI clone) functionality to detect HTTP attacks. It returns a HTTP
status code to indicate whether the request is suspicious or not, based on
NAXSI rules. The value of the returned code can be used in HAProxy rules
to determine if the HTTP request should be blocked/rejected.
diff --git a/contrib/mod_defender/defender.h b/contrib/mod_defender/defender.h
new file mode 100644
index 0000000..088416e
--- /dev/null
+++ b/contrib/mod_defender/defender.h
@@ -0,0 +1,42 @@
+/*
+ * Mod Defender for HAProxy
+ *
+ * Copyright 2017 HAProxy Technologies, Dragan Dosen <ddosen@haproxy.com>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version
+ * 3 of the License, or (at your option) any later version.
+ *
+ */
+#ifndef __DEFENDER_H__
+#define __DEFENDER_H__
+
+#include <types/sample.h>
+
+struct defender_request {
+ struct sample clientip;
+ struct sample id;
+ struct sample method;
+ struct sample path;
+ struct sample query;
+ struct sample version;
+ struct sample headers;
+ struct sample body;
+};
+
+struct defender_header {
+ struct {
+ char *str;
+ uint64_t len;
+ } name;
+ struct {
+ char *str;
+ uint64_t len;
+ } value;
+};
+
+int defender_init(const char *config_file, const char *log_file);
+int defender_process_request(struct worker *worker, struct defender_request *request);
+
+#endif /* __DEFENDER_H__ */