apache2+modsecurity - new package gui devel version

need pbi to be rebuild to get apache worker options working

1 files changed, 195 insertions, 0 deletions

diff --git a/config/apache_mod_security-dev/apache_logs_data.php b/config/apache_mod_security-dev/apache_logs_data.php
new file mode 100644
index 00000000..256ff144
--- /dev/null
+++ b/config/apache_mod_security-dev/apache_logs_data.php
@@ -0,0 +1,195 @@
+<?php
+/* ========================================================================== */
+/*
+	apache_logs_data.php
+	part of pfSense (http://www.pfSense.com)
+	Copyright (C) 2012 Marcello Coutinho
+	Copyright (C) 2012 Carlos Cesario
+	All rights reserved.
+                                                                              */
+/* ========================================================================== */
+/*
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	 1. Redistributions of source code MUST retain the above copyright notice,
+		this list of conditions and the following disclaimer.
+
+	 2. Redistributions in binary form MUST reproduce the above copyright
+		notice, this list of conditions and the following disclaimer in the
+		documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+                                                                              */
+/* ========================================================================== */
+# ------------------------------------------------------------------------------
+# Defines 
+# ------------------------------------------------------------------------------
+require_once("guiconfig.inc");
+# ------------------------------------------------------------------------------
+# Requests
+# ------------------------------------------------------------------------------
+
+if ($_GET) {
+	# Actions
+	$filter = preg_replace('/(@|!|>|<)/',"",htmlspecialchars($_REQUEST['strfilter']));
+	$logtype = strtolower($_REQUEST['logtype']);
+	
+	// Get log type (access or error)
+    if ($logtype == "error")
+    	$error="-error";
+   	
+	// Define log file name
+	$logfile ='/var/log/httpd-'. preg_replace("/(\s|'|\"|;)/","",$_REQUEST['logfile']) . $error.'.log';
+   
+	if ($logfile == '/var/log/httpd-access-error.log')
+		$logfile = '/var/log/httpd-error.log';
+   	
+	//debug
+   	echo "<tr valign=\"top\">\n";
+	echo "<td colspan=\"5\" class=\"listlr\" align=\"center\" nowrap >$logfile</td>\n";
+    if (file_exists($logfile)){
+	
+		switch ($logtype) {
+		
+			case 'access':
+				//show table headers
+				show_tds(array("Time","Host","Response","Method","Request"));
+
+				//fetch lines
+				$logarr=fetch_log($logfile);
+
+				// Print lines
+				foreach ($logarr as $logent) {
+				// Split line by space delimiter
+					$logline  = preg_split("/\n/", $logent);
+					/*
+					field 1: 189.29.36.26 
+					field 2: - 
+					field 3: - 
+					field 4: 04/Jul/2012 
+					field 5: 10:54:39 
+					field 6: -0300 
+					field 7: GET 
+					field 8: / 
+					field 9: HTTP/1.1 
+					field 10: 303 
+					field 11: - 
+					field 12: - 
+					field 13: Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.19 (KHTML, like Gecko) Ubuntu/12.04 Chromium/18.0.1025.151 Chrome/18.0.1025.151 Safari/535.19 
+					*/
+					$regex = '/^(\S+) (\S+) (\S+) \[([^:]+):(\d+:\d+:\d+) ([^\]]+)\] \"(\S+) (.*?) (\S+)\" (\S+) (\S+) "([^"]*)" "([^"]*)"$/';
+					if (preg_match($regex, $logline[0],$line)) {
+						// Apply filter and color
+						if ($filter != "")
+							$line = preg_replace("@($filter)@i","<spam><font color='red'>$1</font></span>",$line);
+						$agent_info="onmouseover=\"jQuery('#bowserinfo').empty().html('{$line[13]}');\"\n";
+						echo "<tr valign=\"top\" $agent_info>\n";
+						echo "<td class=\"listlr\" align=\"center\" nowrap>{$line[5]}({$line[6]})</td>\n";
+						echo "<td class=\"listr\" align=\"center\">{$line[1]}</td>\n";
+						echo "<td class=\"listr\" align=\"center\">{$line[10]}</td>\n";
+						echo "<td class=\"listr\" align=\"center\">{$line[7]}</td>\n";
+						//echo "<td class=\"listr\" width=\"*\" onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\" onmouseover=\"domTT_activate(this, event, 'content', '{$line[13]}', 'trail', true, 'delay', 0, 'fade', 'both', 'fadeMax', 87, 'styleClass', 'niceTitle');\">{$line[8]}</td>\n";
+						echo "<td class=\"listr\" width=\"*\">{$line[8]}</td>\n";
+						echo "</tr>\n";
+					}
+				}
+			break;
+			
+			case 'error':
+				//show table headers
+				show_tds(array("DateTime","Severity","Message"));
+
+				//fetch lines
+				$logarr=fetch_log($logfile);
+
+				// Print lines
+				foreach ($logarr as $logent) {
+				// Split line by space delimiter
+					$logline  = preg_split("/\n/", $logent);
+					/*
+					field 1: Wed Jul 04 20:22:28 2012 
+					field 2: error 
+					field 3: 187.10.53.87 
+					field 4: proxy: DNS lookup failure for: 192.168.15.272 returned by / 
+					*/
+					$regex = '/^\[([^\]]+)\] \[([^\]]+)\] (?:\[client ([^\]]+)\])?\s*(.*)$/i';
+					if (preg_match($regex, $logline[0],$line)) {
+						// Apply filter and color
+						if ($filter != "")
+							$line = preg_replace("@($filter)@i","<spam><font color='red'>$1</font></span>",$line);
+
+                        if ($line[3])
+                            $line[3] = gettext("Client address:") . " [{$line[3]}]";
+
+						echo "<tr valign=\"top\">\n";
+						echo "<td class=\"listlr\" align=\"center\" nowrap>{$line[1]}</td>\n";
+						echo "<td class=\"listr\" align=\"center\">{$line[2]}</td>\n";
+						echo "<td class=\"listr\" width=\"*\">{$line[3]} {$line[4]}</td>\n";
+						echo "</tr>\n";
+					}
+				}
+			break;
+		}
+	}
+}
+
+# ------------------------------------------------------------------------------
+# Functions
+# ------------------------------------------------------------------------------
+
+// From SquidGuard Package
+function html_autowrap($cont)
+{
+	# split strings
+	$p     = 0;
+	$pstep = 25;
+	$str   = $cont;
+	$cont = '';
+	for ( $p = 0; $p < strlen($str); $p += $pstep ) {
+		$s = substr( $str, $p, $pstep );
+		if ( !$s ) break;
+			$cont .= $s . "<wbr/>";
+	}
+	return $cont;
+}
+
+// Show Logs
+function fetch_log($log){
+	global $filter;
+	// Get Data from form post
+    $lines = $_REQUEST['maxlines'];
+    if (preg_match("/!/",htmlspecialchars($_REQUEST['strfilter'])))
+    	$grep_arg="-iv";
+    else
+    	$grep_arg="-i";
+		
+    // Get logs based in filter expression
+    if($filter != "") {
+        exec("tail -2000 {$log} | /usr/bin/grep {$grep_arg} " . escapeshellarg($filter). " | tail -r -n {$lines}" , $logarr);     
+    }
+    else {
+        exec("tail -r -n {$lines} {$log}", $logarr);
+    }
+	// return logs
+	return $logarr;
+}
+
+function show_tds($tds){
+	echo "<tr valign='top'>\n";
+	foreach ($tds as $td){
+		echo "<td class='listhdrr' align='center'>".gettext($td)."</td>\n";
+	}
+	echo "</tr>\n";
+}
+
+?>