symfony2 security firewall pattern on windows - regex

I noticed a strange behaviour in firewall pattern configuration in Symfony 2.3 in windows7.
Simply put, if I use this configuration:
support:
pattern: /support/*
My route is recognized and security token put under the right firewall.
If I use a regexp configuration:
support:
pattern: /support/.*
My route isn't recognized any more and security token does not exists.
How is this possible? .* shouldn't be the correct regexp?

That is not a valid pattern with a start delimiter. Try something like this:
support:
pattern:
^/support/

Related

How to use squid regex acl to exclude a specific subdomain?

I want to block a domain but except a specific subdomain.
For example, I use test.domain.com as my production environment and deny all access from squid.
But I want allow squid user to access test.demo.domain.com which is a testing environment.
my squid.conf:
acl denylist dstdom_regex ^(?!.*(demo)).*domain\.com$
http_access deny denylist
http_access allow all
I know what's wrong with my regex. Squid regex use GNU regex (see serverfault question) and GNU regex can not understand (?!.*(demo)).
So how to exclude a specific subdomain in GNU regex?
First, you should use negative lookbehind (?<!) instead of negative lookahead (?!). Second, I don't think it can work with ^ as it matches from the beginning of the domain. Third, with .*domain.com it will match
the whole domain anyway, so you should use \.domain.com instead.
The correct regex that doesn't match demo anywhere before .domain.com would be
(?<!(.*demo.*))\.domain\.com
Here, the domain must end with .domain.com and must not contain demo anywhere beforehand in order to match.
There's no need for regex in your case!
You said you need to allow only one specific subdomain. So add this subdomain in a ACL and allow access to it.
acl allowed_subdomain dstdomain test.demo.example.com
acl blocked_domain dstdomain .example.com
http_access allow allowed_subdomain
http_access deny blocked_domain
http_access deny all
Explanation:
Squid will read the config file looking for a match and the first one it encounters it ends it's job.

Need regular expression for Spring controller GetMapping with path variable that excludes URLs with a certain prefix

I am trying to create a regular expression for my Spring controller method that matches all of the paths in my web application, except It also needs to exclude any traffic with the prefix “/websock” that comes in for my websocket server. Here is the method:
#GetMapping(value = "/{path:[^\\.]*}")
public String redirect(#PathVariable(value="path") String path) {
LOGGER.debug("In redirect path:" + path);
return "forward:/";
}
I have tried a lot of examples from the web I have not been able to find one that does what I need. My examples have either accepted all traffic (including the websocket prefix), or that have excluded some of the http traffic.
The first reg-ex was
"/{path:[^\\.]*}"
which matches URLs such “http://localhost:8080/abc”. But, it was failing to match http://localhost:8080/abc/def.
My second attempt using
"/**/{path:[^\\.]*}"
corrected that issue but then matched everything including my websocket traffic.
I tried the following, which I saw from other questions, was supposed to exclude traffic starting with "/websock". But instead it failed to match anything including the “abc” URLs above:
"/{path:[^\\.]*}", "/**/{path:^(?!websock).*}/{path:[^\\.]*}".
What am I doing wrong with my reg-ex?

Glpi fail2ban regex

I'm using glpi and i want to monitoring the failed login attemtps with fail2ban. The log file is the following:
I need a regex rule for this log file, if the login attempts are failed and i want to ban the IP's with the fail2ban.
Can somebody help me?
Thanks!
use this: failed login for \w+ from IP (.*)
now your match group 1 holds the failed IP address. demo

URL route matching with Regex

I'm trying to build my own URL route matching engine, trying to match routes using regular expressions.
For example, let's consider the scenario where a server application allows to set custom parameterized routes and then execute a function when the route it's being invoked by an HTTP request. The developer could create the following routes:
/users/:id/doSomething
/hello/world
/:format/convert
And each one of them would be associated with a different request handler/function.
Now, on an incoming request, the server should be able to match the requested path to the proper handler. So for example if a client application requests http://myservice.com/users/john/doSomething, the server should be able to tell that the requested URL belongs to the /users/{id}/doSomething route definition, and then execute the associated handler.
Personally they way I would build the route matcher would be to take the requested URL, loop over the route definitions and, if a definition matches the requested URL, execute the handler. The tricky part is the dynamic parameters matching.
How would you build a regular expression that matches the URL segments?
EDIT:
I'm currently using the following regular expression to match segments: ([^/\?])+.
For example to check if a request path belongs to the first route I would match it against:
/users/([^/])+/doSomething
Which is a very permissive regex.
Solution
First concentrate on how the developer could create the routes. What must she type for entering dynamic parameters ? Then writing the dynamic parameters matching will be easier.
Example
In Java, I recently worked with Jersey. Here is how one can define an url route:
/api/{id:[\dA-F]+}.{type:(?:xml|json|csv)}
Some expected urls:
/api/EF123.csv
/api/ABC.json
/api/1234567890.xml
The matcher would parse the route provided by the developer for finding dynamic parameter using a regex like this:
{([^:]+)\s*:\s*(.+?)(?<!\\)}
Check the demo: http://regex101.com/r/iH1gY3
Once done, the matcher can build the regex below on the fly for matching the route:
/api/[\dA-F]+\.(?:xml|json|csv)

RegEx: matching email addresses with subdomains for GApps

I am trying to write a regex that works in Google Apps that matches email addresses on incoming messages with subdomains, e.g.:
root#*wildcard*.mydomain.com
but not
root#mydomain.com
So that I can use Gmail to redirect them to the proper recipient #mydomain.com.
The following regex works in my regex editor but doesn't match anything in Gmail testing:
^[-+.0-9A-Z_a-z]+#[-+.0-9A-Z_a-z]+\.(mydomain.com)$
For those of you familiar with GApps, I'm referring to the setting under Settings > Email > Receiving routing > Configure > Options.
Any help would be appreciated. Thank you!
Try putting the dash last; some regex dialects can't handle a leading dash in a character class. Other than that, your regex looks OK.
^[+.0-9A-Z_a-z-]+#[+.0-9A-Z_a-z-]+\.(mydomain\.com)$