Improve the documentation wrt. "modifiers"

author: jvoisin 2020-06-09 19:38:26 +0200
committer: jvoisin 2020-06-09 19:38:26 +0200
commit: 7f9602ebc23582195d63eb35f1de1961297f2e00 (patch)
tree: cfeaf9a70b28db5ef02565114f231aedbd037493 /doc/source
parent: 47d25cea2b34f8dc214a8aa5f748c5efe6455b96 (diff)
1 files changed, 11 insertions, 2 deletions
diff --git a/doc/source/config.rst b/doc/source/config.rst
index 7691f89..91e085c 100644
--- a/doc/source/config.rst
+++ b/doc/source/config.rst
@@ -254,8 +254,11 @@ blacklisted, it'll be allowed.
 Virtual-patching
 ----------------
-Snuffleupagus provides virtual-patching via the ``disable_function`` directive, allowing you to stop or control dangerous behaviours.
+Snuffleupagus provides virtual-patching via the ``disable_function`` directive,
-In the situation where you have a call to ``system()`` that lacks proper user-input validation, this could cause issues as it would lead to an **RCE**. The virtual-patching would allow this to be prevented.
+allowing you to stop or control dangerous behaviours.  In the situation where
+you have a call to ``system()`` that lacks proper user-input validation, this
+could cause issues as it would lead to an **RCE**. The virtual-patching would
+allow this to be prevented.
 ::
   
@@ -305,8 +308,14 @@ The ``type`` must be one of the following values:
 Actions
 ^^^^^^^
+Every rule *must* have one action.
 - ``allow()``: **allow** the request if the rule matches
 - ``drop()``: **drop** the request if the rule matches
+Modifications
+^^^^^^^^^^^^^
 - ``dump(directory)``: dump the request in the ``directory`` if it matches the rule
 - ``simulation()``: enabled the simulation mode
author	jvoisin	2020-06-09 19:38:26 +0200
committer	jvoisin	2020-06-09 19:38:26 +0200
commit	7f9602ebc23582195d63eb35f1de1961297f2e00 (patch)
tree	cfeaf9a70b28db5ef02565114f231aedbd037493 /doc/source
parent	47d25cea2b34f8dc214a8aa5f748c5efe6455b96 (diff)