[PoC] Suspicious attacker blocking

[Anilm3]

• Allow overriding rule actions through exclusion filters. With this change, rule filters can now support custom actions, in addition to bypass and monitor. These actions override specific rule actions, however custom actions in exclusion filters have a lower precedence to bypass and monitor, meaning that if two filters affect the same rule, the order of precedence is bypass > monitor > custom action.
• Add naive support for rules_data on exclusion filters

[codecov-commenter]

Codecov Report

Attention: 1 lines in your changes are missing coverage. Please review.

Comparison is base (9f2205c) 83.28% compared to head (6b78cd1) 83.22%.

Files	Patch %	Lines
src/collection.cpp	85.71%	0 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #239      +/-   ##
==========================================
- Coverage   83.28%   83.22%   -0.07%     
==========================================
  Files         106      106              
  Lines        4177     4196      +19     
  Branches     1915     1927      +12     
==========================================
+ Hits         3479     3492      +13     
- Misses        279      283       +4     
- Partials      419      421       +2     

Flag	Coverage Δ
waf_test_none	83.11% <98.11%> (-0.07%)	⬇️
waf_test_sse2	83.19% <98.11%> (-0.07%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[Anilm3]

Suspicious attacker blocking implemented in #316 and #303