1. Home
  2. Categories
  3. Support
  4. BM 6 - Deploy Configuration file with a lot of special characters

Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.

If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!

BM 6 - Deploy Configuration file with a lot of special characters

  • P

    Hello

    I am using BM to deploy HAProxy config and I need some help to add the following rules in a configuration file:

    # ACL LOG4J  https://www.haproxy.com/blog/december-2021-log4shell-mitigation/
   option http-buffer-request
   acl log4shell url,url_dec -m reg \${[^}]*\${
   acl log4shell url,url_dec -m reg \${jndi:(?:ldaps?|iiop|dns|rmi)://
   acl log4shell url,url_dec -i -m reg \${[\w${}\-:]*j[\w${}\-:]*n[\w${}\-:]*d[\w${}\-:]*i[\w${}\-:]*:.*}
   acl log4shell req.hdrs -m reg \${[^}]*\${
   acl log4shell req.hdrs -m reg \${jndi:(?:ldaps?|iiop|dns|rmi)://
   acl log4shell req.hdrs -i -m reg \${[\w${}\-:]*j[\w${}\-:]*n[\w${}\-:]*d[\w${}\-:]*i[\w${}\-:]*:.*}
   acl log4shell_form req.body,url_dec -m reg \${[^}]*\${
   acl log4shell_form req.body,url_dec -m reg \${jndi:(?:ldaps?|iiop|dns|rmi)://
   acl log4shell_form req.body,url_dec -i -m reg \${[\w${}\-:]*j[\w${}\-:]*n[\w${}\-:]*d[\w${}\-:]*i[\w${}\-:]*:.*}
   http-request deny if log4shell
   http-request deny if { req.fhdr(content-type) -m str application/x-www-form-urlencoded } log4shell_form

    Special characters break the deployment
    I tried to add ` in front of $ unsuccessfully

    Best regards
    Philippe C.

    0
  • rhessinger
    inedo-engineer

    Hi @philippe-camelio_3885,

    In my experience you should only need to add ` in front of all the $ and that should work. Can you give this version a try?

    # ACL LOG4J  https://www.haproxy.com/blog/december-2021-log4shell-mitigation/
   option http-buffer-request
   acl log4shell url,url_dec -m reg \`${[^}]*\`${
   acl log4shell url,url_dec -m reg \`${jndi:(?:ldaps?|iiop|dns|rmi)://
   acl log4shell url,url_dec -i -m reg \`${[\w`${}\-:]*j[\w`${}\-:]*n[\w`${}\-:]*d[\w`${}\-:]*i[\w`${}\-:]*:.*}
   acl log4shell req.hdrs -m reg \`${[^}]*\`${
   acl log4shell req.hdrs -m reg \`${jndi:(?:ldaps?|iiop|dns|rmi)://
   acl log4shell req.hdrs -i -m reg \`${[\w`${}\-:]*j[\w`${}\-:]*n[\w`${}\-:]*d[\w`${}\-:]*i[\w`${}\-:]*:.*}
   acl log4shell_form req.body,url_dec -m reg \`${[^}]*\`${
   acl log4shell_form req.body,url_dec -m reg \`${jndi:(?:ldaps?|iiop|dns|rmi)://
   acl log4shell_form req.body,url_dec -i -m reg \`${[\w`${}\-:]*j[\w`${}\-:]*n[\w`${}\-:]*d[\w`${}\-:]*i[\w`${}\-:]*:.*}
   http-request deny if log4shell
   http-request deny if { req.fhdr(content-type) -m str application/x-www-form-urlencoded } log4shell_form

    Thanks,
    Rich

    0
  • P

    Thanks you Rich
    it is working !.

    0
buildmaster 1056
Log in to reply
 
Inedo Website HomeSupport HomeCode of ConductForums GuideDocumentation