feat(mitmproxy): Add VoIP/XMPP WAF protection rules
New WAF categories for VoIP and Jabber security:
- voip: SIP header injection, ARI command injection, FreePBX RCE,
AMI web access, multipart traversal, Digest auth attacks
- xmpp: XSS in messages/presence, BOSH hijack, XXE via XInclude,
WebSocket XSS, HTTP upload abuse, null byte in JID
- cve_voip: Asterisk PJSIP crash (CVE-2021-26906), negative CL DoS,
Via header overflow, Route header crash, SDP buffer overflow,
CSeq method overflow, FreePBX/Kamailio/OpenSIPS CVEs
- cve_xmpp: Prosody namespace confusion, stream DoS, upload DoS,
ejabberd disco leak, Converse.js XSS, Strophe.js parsing crash,
Tigase unauth user creation
Also added:
- UCI waf_rules section with toggles for all 12 categories
- Auto-ban options for VoIP/XMPP attack patterns
- Updated waf-sync script for new categories
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
CyberMind-FR
64bfeccfdb