Include more than 511 characters for content match

Issue #303 resolved
Former user created an issue

Is it possible to include more than 511 characters when doing content match? Is there a strict constrain?

Scenario: I'm using monit to watch for mod_security and a line can be long but it's useful and I want to ignore false positive, which can be found after the 511 chars limit.

Thanks

Comments (6)

  1. Tildeslash repo owner

    Currently the buffer size is fixed (max 511 characters + '\0').

    What is the line length you need to test?

  2. Raviv Israeli

    We really need this, Could this please be configurable per 'if match "" then alert' Expression?

  3. Tildeslash repo owner

    @raviv_israeli yes, but if possible, please describe the string length you need to test. We can most probably make it configurable like in "set expectbuffer <size>" case for very long strings, but we can also tune the default buffer size.

  4. Tildeslash repo owner

    fix Issue #303: support more then 511 characters for file content test + add new "set limits" statement (which allows to override default limits / buffer sizes)

    → <<cset 345ca69bdfbb>>

  5. Log in to comment