I can't make Dos rule working on lua-resty-waf, the ab test didn't see failed request, didn't see log in logfile but can get other rule logs in logfile.

the dos rule used from https://gist.github.com/p0pr0ck5/73d13fc60e5f26ae4aa6ae8238f4c5d3, didn't change anything, just changed the name to 90000-custom.json and put it to rules directory.

The openresty version is : 1.11.2.4, the lua-resty-waf version is: 0.11.1

I also tried convert CRSv3.0 912-DOS rule but still can't work.

Is there any suggestions to help me to find out the problem.

Thanks very much and sorry for my bad English.

the nginx.conf [http] section:

`http {
lua_shared_dict waf 10m;

init_by_lua_block {
require "resty.core"
local lua_resty_waf = require "resty.waf"
lua_resty_waf.init()
}

server {
listen 80;
server_name _;
root /var/www/waf;
error_log /var/log/nginx/err_waf.log;
access_log /var/log/nginx/access_waf.log;

location / {
  access_by_lua_block {
    local lua_resty_waf = require "resty.waf"
    local waf = lua_resty_waf:new()
    waf:set_option("storage_zone", "waf")
    waf:set_option("debug", true)
    waf:set_option("debug_log_level", ngx.DEBUG)
    waf:set_option("mode", "ACTIVE")
    waf:set_option("ignore_ruleset", "11000_whitelist")
    waf:set_option("ignore_ruleset", "20000_http_violation")
    waf:set_option("ignore_ruleset", "21000_http_anomaly")
    waf:set_option("ignore_ruleset", "35000_user_agent")
    waf:set_option("ignore_ruleset", "40000_generic_attack")
    waf:set_option("ignore_ruleset", "41000_sqli")
    waf:set_option("ignore_ruleset", "42000_xss")
    waf:set_option("ignore_ruleset", "99000_scoring")
    waf:set_option("event_log_periodic_flush", 5)
    waf:set_option("event_log_target", "file")
    waf:set_option("event_log_target_path", "/var/log/nginx/waf.log")
    waf:set_option("event_log_request_headers", true)
    waf:set_option("event_log_request_arguments", true)
    waf:set_option("event_log_request_body", true)
    waf:set_option("event_log_verbosity", 4)
    waf:exec()        
  }
  log_by_lua_block {
    local lua_resty_waf = require "resty.waf"
    local waf = lua_resty_waf:new()
    waf:exec()
  }
}

}
}
`

ab test result:
`ab -kn 100000 -c 100 http://localhost/
This is ApacheBench, Version 2.3 <$Revision: 1430300 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking localhost (be patient)
Completed 10000 requests
Completed 20000 requests
Completed 30000 requests
Completed 40000 requests
Completed 50000 requests
Completed 60000 requests
Completed 70000 requests
Completed 80000 requests
Completed 90000 requests
Completed 100000 requests
Finished 100000 requests

Server Software: openresty/1.11.2.4
Server Hostname: localhost
Server Port: 80

Document Path: /
Document Length: 5 bytes

Concurrency Level: 100
Time taken for tests: 11.600 seconds
Complete requests: 100000
Failed requests: 0
Write errors: 0
Keep-Alive requests: 99049
Total transferred: 24495245 bytes
HTML transferred: 500000 bytes
Requests per second: 8620.48 [#/sec] (mean)
Time per request: 11.600 [ms] (mean)
Time per request: 0.116 [ms] (mean, across all concurrent requests)
Transfer rate: 2062.12 [Kbytes/sec] received`

Sorry for the delayed reply. I suspect that gist is far out of date. Consider instead using the https://github.com/p0pr0ck5/lua-resty-waf#lua-resty-wafload_secrules interface to load the SecRules definitions directly.

Closing as out of date and stale.