waf rules: allow arbitrary mix of AND and OR conditions

[blotus]

Allow mixing or and and conditions in waf rules.

Complex rules are converted to a disjunctive normal form so that conditions can be expressed as ORs of ANDs (groups of chain with skip to jump between the groups).

This can leads to duplications in the rules (eg, a top-level condition will be repeated multiple times in the generated rules if there's a bunch of OR afterwards), but it shouldn't have any meaningful impact on the performance.

[github-actions]

@blotus: There are no 'kind' label on this PR. You need a 'kind' label to generate the release automatically.

• /kind feature
• /kind enhancement
• /kind refactoring
• /kind fix
• /kind chore
• /kind dependencies

Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

[github-actions]

@blotus: There are no area labels on this PR. You can add as many areas as you see fit.

• /area agent
• /area local-api
• /area cscli
• /area appsec
• /area security
• /area configuration

Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

[blotus]

/kind feature
/area appsec

[codecov]

Codecov Report

❌ Patch coverage is 87.12871% with 13 lines in your changes missing coverage. Please review.
✅ Project coverage is 63.04%. Comparing base (442c8b5) to head (04eaa25).
⚠️ Report is 1 commits behind head on master.

Files with missing lines	Patch %	Lines
pkg/appsec/appsec_rule/modsecurity.go	87.12%	8 Missing and 5 partials ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #4358      +/-   ##
==========================================
+ Coverage   62.99%   63.04%   +0.05%     
==========================================
  Files         473      473              
  Lines       33490    33536      +46     
==========================================
+ Hits        21098    21144      +46     
+ Misses      10277    10274       -3     
- Partials     2115     2118       +3     

Flag	Coverage Δ
bats	46.59% <74.25%> (+0.02%)	⬆️
unit-linux	35.97% <87.12%> (+0.01%)	⬆️
unit-windows	24.52% <87.12%> (+0.09%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.