0af1f6e690
Merge branch '2.3' into develop
2019-05-21 11:18:40 +03:00
bb706394f6
MXS-2473 Simplify regular expression settings documentation
...
The settings "match", "exclude" and "options" are now explained once
in the general documentation. The individual filter documentation refers
to the general explanation.
2019-05-20 11:18:03 +03:00
fb0745e3de
Merge branch '2.3' into develop
2019-05-03 13:48:57 +03:00
279edce16e
MXS-2457 Add treat_string_as_field to firewall
...
Necessary if the firewall should be able to block columns when
'ANSI_QUOTES' as enabled and " instead of backticks are used.
Without this, the following
> set @@sql_mode='ANSI_QUOTES';
> select "ssn" from person;
will not be blocked if the database firewall has been configured
to block the column ssn.
2019-05-03 13:38:12 +03:00
fe5160a714
MXS-2457 Add 'treat_string_arg_as_field' to DB Firewall
2019-05-03 13:38:12 +03:00
3a5a8b13b9
MXS-2457 Treat string args as fields
...
The masking filter will now consider all string arguments to
functions to be fields. This in order to prevent bypassing of
the masking with
> set @@sql_mode='ANSI_QUOTES';
> select concat("ssn") from masking;
This may lead to false positives, but no can do.
2019-05-03 13:38:12 +03:00
139651c092
MXS-2253 Runtime ttl changes are made in seconds
...
Internally durations are stored in milliseconds but runtime changes
using SQL are made in seconds. Consequently, the provided value must
be multiplied by 1000 before being stored.
2019-04-11 15:53:45 +03:00
2aa3515fc8
Merge commit '09cb4a885f88d30b5108d215dcdaa5163229a230' into develop
2019-04-04 14:34:17 +03:00
09cb4a885f
Fix readconnroute name in examples
2019-04-03 12:57:05 +03:00
e659c6cc73
Merge branch '2.3' into develop
2019-04-01 13:24:30 +03:00
5346b24fa4
MXS-2393 Add parameter 'require_fully_parsed'
...
If set to true and if any of the other blocking related parameters
is true, then a statement that cannot be fully parsed will be blocked.
Default is true.
2019-04-01 10:52:52 +03:00
6bc2c54081
Merge commit 'a78f0fbe2537542dc7f3f0dd8b19b93ac8d9d7f8' into develop
2019-03-28 13:53:40 +02:00
8b4961261f
MXS-2403 Update documentation
2019-03-25 15:26:17 +02:00
8b329f7f33
MXS-2403 Add 'check_subqueries' parameter
...
Only documentation and parameter handling.
2019-03-25 15:26:17 +02:00
ca8350ae35
MXS-2402 Document and handle 'check_unions' parameter
...
Only parameter handling, no actual functionality.
2019-03-25 15:24:35 +02:00
2ba7e63e7e
Merge branch '2.3' into develop
2019-03-21 09:26:06 +02:00
76ac63096c
MXS-2396 Add check_user_variables configuration parameter
...
The masking filter should check for things like
set @ssn = (SELECT ssn FROM users WHERE id = 1);
so that
select @ssn;
is not possible.
2019-03-20 15:11:58 +02:00
bd3d5bb010
MXS-2329 Use durations in throttle filter
2019-02-19 10:11:57 +02:00
f3acf77a9f
MXS-2329 Use durations in ccrfilter
...
The time window of the ccrfilter is now specified as a duration.
Internally, the time window is still always handled as seconds.
2019-02-19 10:11:57 +02:00
2528c5fa4d
MXS-2253 Make Cache use the new duration config type
...
Internally the Cache used seconds, so some changes were needed.
2019-02-14 10:57:55 +02:00
d44193bc9e
Merge branch '2.2' into 2.3
2019-02-13 13:37:42 +02:00
6f2475b5fa
MXS-2302: Document hintfilter behavior
...
Moved hintfilter documentation to the correct place and cleaned it
up. Added a note at the start of the syntax documentation about the
behavior of the hint parsing to warn users of possible unexpected
behavior. The hint parsing could really use some refactoring to make it
more manageable which is why the preliminary fix version of the bug will
be 2.4.
2019-02-11 03:18:38 +02:00
0859f3caff
Merge branch '2.2' into 2.3
2019-01-07 10:33:34 +02:00
2172c4ca85
MXS-2048: Fix dbfwfilter module command documentation
...
Fixed the command names.
2019-01-06 13:17:32 +02:00
88f234fdcd
MXS-2214: Fix object names in documentation
...
The object names now always use a valid and supported form.
2019-01-03 09:37:59 +02:00
1df42326d5
Clean up TopFilter documentation
...
Wrap lines, clean up headings and add table of contents.
2018-11-26 10:32:08 +02:00
ab7daa9327
Add table of contents to filter documentation
...
Only added the TOC to the longest files.
2018-11-26 10:32:08 +02:00
cdce11391a
Add script template into Luafilter documentation
...
This makes copy-pasting it for testing a lot easier.
2018-11-13 16:48:03 +02:00
5b3a209643
Update the masking documentation
2018-11-09 12:05:13 +02:00
a883a4f3e0
Fix password documentation
...
The old parameter was used in some examples and no note about its removal
was in the parameter.
2018-11-06 15:09:14 +02:00
4d8a95d041
Merge commit '262f1d7e471bacca6b985ec3f2cd5cb76d6e2584' into 2.3
2018-10-26 12:44:57 +03:00
457d0c21dd
Document error code and SQL state for blocked queries
...
If the dbfwfilter blocks a query a specific error is returned. This was
not documented and is needed to detect errors sent by the filter.
2018-10-18 02:02:14 +03:00
230345c98c
Fix on_queries documentation
...
The combination of values was not documented.
2018-10-18 02:02:14 +03:00
6170a2193d
Merge branch '2.2' into 2.3
2018-10-11 11:12:31 +03:00
0a04cb2d48
Clarify namedserverfilter documentation
...
The example configuration had wrong server names.
2018-10-09 13:42:56 +03:00
7c5d3a5e74
Update NamedServerFilter documentation and release notes
2018-10-03 13:50:04 +03:00
d0c5b2ff61
MXS-701: Amend binlogfilter documentation
...
Added clarifying comments and links to relevant documentation, fixed a
typo and changed some of the wording.
2018-09-26 11:26:37 +03:00
4ed0ef046e
MXS-701: Update binlogfilter documentation
...
Rewrote most of the documentation.
2018-09-26 09:43:24 +03:00
9a6f1b2044
Merge branch '2.2' into develop
2018-08-28 16:06:23 +03:00
13c7072da1
Separate CCRFFilter hints section from the main overview
...
The text changed subjects rather abruptly. Having the hint part of it
gives some context and appears to make the text flow nicer.
2018-08-23 23:52:42 +03:00
d339b89990
MXS-1774 Make rejection of functions optional
...
It is now possible to prevent the masking filter from rejecting
statements using functions in conjunction with fields to be
masked. So now it is possible to not use the blanket rejection
of the masking filter and replace it with more detailed firewall
rules.
2018-07-06 11:20:31 +03:00
44ef4912e8
Merge branch '2.2' into develop
2018-07-03 21:13:41 +03:00
b0902402b6
MXS-1940 Turn cache filter non-experimental
...
Also change the following defaults:
- "selects": Was "verify_cacheable", is now "assume_cacheable"
- "cached_data": Was "shared", is now "thread_specific"
2018-07-02 08:44:39 +03:00
f6e01b4434
MXS-591 Fix documentation and change comment parameter type
2018-06-13 20:44:32 +03:00
de1f95028b
MXS-591 Add filter for injecting comments
...
Comments specified in the cnf file will be injected as a comment before
every sql statement.
2018-06-12 15:31:18 +03:00
55e1a39cc3
MXS 173 Deprecate DBFW rule limit_queries
...
Replaced by throttle filter
2018-05-25 14:51:36 +03:00
8145e1fd46
MXS-173 Add documentation.
2018-05-25 14:51:36 +03:00
75eded4b89
Merge branch '2.2' into develop
2018-05-14 11:24:09 +03:00
ec4569497e
Merge branch '2.1' into 2.2
2018-05-14 10:14:16 +03:00
48aa76e1d4
Fix invalid JSON in masking filter documentation
...
The example JSON was missing a comma where one was expected.
2018-05-10 22:26:32 +03:00
