diff options
| author | Marcello Coutinho <marcellocoutinho@gmail.com> | 2013-11-09 01:37:53 -0200 |
|---|---|---|
| committer | Marcello Coutinho <marcellocoutinho@gmail.com> | 2013-11-09 01:37:53 -0200 |
| commit | b63b184751271c7f4b9dd849543cd569ceb49003 (patch) | |
| tree | 03762db6485a990c9f803b185b6d83cccc2a49e6 | |
| parent | d8fa6c4f3b9c0476478c344100bfb1f9337e0e08 (diff) | |
| download | pfsense-packages-b63b184751271c7f4b9dd849543cd569ceb49003.tar.gz pfsense-packages-b63b184751271c7f4b9dd849543cd569ceb49003.tar.bz2 pfsense-packages-b63b184751271c7f4b9dd849543cd569ceb49003.zip | |
Apache-modsecurity-dev - fix modsecurity update rules, bump apache version to 2.2.23.
| -rw-r--r-- | config/apache_mod_security-dev/apache.template | 2 | ||||
| -rw-r--r-- | config/apache_mod_security-dev/apache_mod_security.inc | 36 | ||||
| -rw-r--r-- | pkg_config.8.xml | 4 | ||||
| -rw-r--r-- | pkg_config.8.xml.amd64 | 4 |
4 files changed, 21 insertions, 25 deletions
diff --git a/config/apache_mod_security-dev/apache.template b/config/apache_mod_security-dev/apache.template index 69ffb9c7..93de58af 100644 --- a/config/apache_mod_security-dev/apache.template +++ b/config/apache_mod_security-dev/apache.template @@ -176,7 +176,7 @@ LoadModule status_module libexec/apache22/mod_status.so LoadModule autoindex_module libexec/apache22/mod_autoindex.so LoadModule asis_module libexec/apache22/mod_asis.so LoadModule info_module libexec/apache22/mod_info.so -LoadModule cgi_module libexec/apache22/mod_cgi.so +#LoadModule cgi_module libexec/apache22/mod_cgi.so LoadModule vhost_alias_module libexec/apache22/mod_vhost_alias.so LoadModule negotiation_module libexec/apache22/mod_negotiation.so LoadModule dir_module libexec/apache22/mod_dir.so diff --git a/config/apache_mod_security-dev/apache_mod_security.inc b/config/apache_mod_security-dev/apache_mod_security.inc index 8ca5b4e3..76208c70 100644 --- a/config/apache_mod_security-dev/apache_mod_security.inc +++ b/config/apache_mod_security-dev/apache_mod_security.inc @@ -35,7 +35,7 @@ if ($pf_version > 2.0) else define('APACHEDIR', '/usr/local'); // End of system check -define ('MODSECURITY_DIR','modsecurity-crs_2.2.5'); +define ('MODSECURITY_DIR','crs'); // Rules directory location define("rules_directory", APACHEDIR . "/". MODSECURITY_DIR); function apache_textarea_decode($base64){ @@ -57,10 +57,6 @@ function apache_get_real_interface_address($iface) { // Ensure NanoBSD can write. pkg_mgr will remount RO conf_mount_rw(); -// Needed mod_security directories -if(!is_dir(APACHEDIR . "/". MODSECURITY_DIR)) - safe_mkdir(APACHEDIR . "/". MODSECURITY_DIR); - // Startup function function apache_mod_security_start() { exec(APACHEDIR . "/sbin/httpd -D NOHTTPACCEPT -k start"); @@ -127,23 +123,23 @@ function apache_mod_security_resync() { global $config, $g; apache_mod_security_install(); $dirs=array("base", "experimental","optional", "slr"); - $ms_file="/usr/local/pkg/modsecurity-crs_2.2.5.tar.gz"; - if (file_exists($ms_file)){ - if (! file_exists(APACHEDIR ."/". MODSECURITY_DIR . "/LICENSE")) - exec ("tar -xzf $ms_file -C ".APACHEDIR); - $write_config=0; - foreach ($dirs as $dir){ - if ($handle = opendir(APACHEDIR ."/".MODSECURITY_DIR."/{$dir}_rules")) { - $write_config++; - $config['installedpackages']["modsecurityfiles{$dir}"]['config']=array(); - while (false !== ($entry = readdir($handle))) { - if (preg_match("/(\S+).conf/",$entry,$matches)) - $config["installedpackages"]["modsecurityfiles{$dir}"]["config"][]=array("file"=>$matches[1]); - } - closedir($handle); + if (! file_exists(APACHEDIR ."/". MODSECURITY_DIR . "/LICENSE")){ + exec ("/usr/local/bin/git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git ".APACHEDIR."/".MODSECURITY_DIR); + //chdir (APACHEDIR."/".MODSECURITY_DIR); + //exec ("/usr/local/bin/git checkout -q 2.2.8"); + } + $write_config=0; + foreach ($dirs as $dir){ + if ($handle = opendir(APACHEDIR ."/".MODSECURITY_DIR."/{$dir}_rules")) { + $write_config++; + $config['installedpackages']["modsecurityfiles{$dir}"]['config']=array(); + while (false !== ($entry = readdir($handle))) { + if (preg_match("/(\S+).conf/",$entry,$matches)) + $config["installedpackages"]["modsecurityfiles{$dir}"]["config"][]=array("file"=>$matches[1]); } + closedir($handle); + } } - } if ($write_config > 0) write_config(); apache_mod_security_checkconfig(); diff --git a/pkg_config.8.xml b/pkg_config.8.xml index f79293e4..3444c047 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -214,7 +214,7 @@ <website>http://www.modsecurity.org/</website> <descr>ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. In addition this package allows URL forwarding which can be convenient for hosting multiple websites behind pfSense using 1 IP address.</descr> <category>Network Management</category> - <version>0.2.2</version> + <version>apache 2.2.23 pkg v0.2.3</version> <status>ALPHA</status> <required_version>2.0</required_version> <config_file>http://www.pfsense.com/packages/config/apache_mod_security-dev/apache_virtualhost.xml</config_file> @@ -225,7 +225,7 @@ <depends_on_package>ap22-mod_memcache-0.1.0_4.tbz</depends_on_package> <depends_on_package>apache-2.2.22_5.tbz</depends_on_package> <depends_on_package>ap22-mod_security-2.6.5_1.tbz</depends_on_package> - <depends_on_package_pbi>proxy_mod_security-2.2.22_6-i386.pbi</depends_on_package_pbi> + <depends_on_package_pbi>proxy_mod_security-2.2.23_6-i386.pbi git-1.8.1.3-i386.pbi</depends_on_package_pbi> <configurationfile>apache_virtualhost.xml</configurationfile> <build_port_path>/usr/ports/devel/gettext</build_port_path> <build_port_path>/usr/ports/misc/help2man</build_port_path> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index 32551ce1..b723f195 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -201,7 +201,7 @@ <website>http://www.modsecurity.org/</website> <descr>ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. In addition this package allows URL forwarding which can be convenient for hosting multiple websites behind pfSense using 1 IP address.</descr> <category>Network Management</category> - <version>0.2.2</version> + <version>apache 2.2.23 pkg v0.2.3</version> <status>ALPHA</status> <required_version>2.0</required_version> <config_file>http://www.pfsense.com/packages/config/apache_mod_security-dev/apache_virtualhost.xml</config_file> @@ -212,7 +212,7 @@ <depends_on_package>ap22-mod_memcache-0.1.0_4.tbz</depends_on_package> <depends_on_package>apache-2.2.22_5.tbz</depends_on_package> <depends_on_package>ap22-mod_security-2.6.5_1.tbz</depends_on_package> - <depends_on_package_pbi>proxy_mod_security-2.2.22_6-amd64.pbi</depends_on_package_pbi> + <depends_on_package_pbi>proxy_mod_security-2.2.23_6-amd64.pbi git-1.8.1.3-i386.pbi</depends_on_package_pbi> <configurationfile>apache_virtualhost.xml</configurationfile> <build_port_path>/usr/ports/devel/gettext</build_port_path> <build_port_path>/usr/ports/misc/help2man</build_port_path> |