aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
authorMarcello Coutinho <marcellocoutinho@gmail.com>2013-11-09 01:37:53 -0200
committerMarcello Coutinho <marcellocoutinho@gmail.com>2013-11-09 01:37:53 -0200
commitb63b184751271c7f4b9dd849543cd569ceb49003 (patch)
tree03762db6485a990c9f803b185b6d83cccc2a49e6 /config
parentd8fa6c4f3b9c0476478c344100bfb1f9337e0e08 (diff)
downloadpfsense-packages-b63b184751271c7f4b9dd849543cd569ceb49003.tar.gz
pfsense-packages-b63b184751271c7f4b9dd849543cd569ceb49003.tar.bz2
pfsense-packages-b63b184751271c7f4b9dd849543cd569ceb49003.zip
Apache-modsecurity-dev - fix modsecurity update rules, bump apache version to 2.2.23.
Diffstat (limited to 'config')
-rw-r--r--config/apache_mod_security-dev/apache.template2
-rw-r--r--config/apache_mod_security-dev/apache_mod_security.inc36
2 files changed, 17 insertions, 21 deletions
diff --git a/config/apache_mod_security-dev/apache.template b/config/apache_mod_security-dev/apache.template
index 69ffb9c7..93de58af 100644
--- a/config/apache_mod_security-dev/apache.template
+++ b/config/apache_mod_security-dev/apache.template
@@ -176,7 +176,7 @@ LoadModule status_module libexec/apache22/mod_status.so
LoadModule autoindex_module libexec/apache22/mod_autoindex.so
LoadModule asis_module libexec/apache22/mod_asis.so
LoadModule info_module libexec/apache22/mod_info.so
-LoadModule cgi_module libexec/apache22/mod_cgi.so
+#LoadModule cgi_module libexec/apache22/mod_cgi.so
LoadModule vhost_alias_module libexec/apache22/mod_vhost_alias.so
LoadModule negotiation_module libexec/apache22/mod_negotiation.so
LoadModule dir_module libexec/apache22/mod_dir.so
diff --git a/config/apache_mod_security-dev/apache_mod_security.inc b/config/apache_mod_security-dev/apache_mod_security.inc
index 8ca5b4e3..76208c70 100644
--- a/config/apache_mod_security-dev/apache_mod_security.inc
+++ b/config/apache_mod_security-dev/apache_mod_security.inc
@@ -35,7 +35,7 @@ if ($pf_version > 2.0)
else
define('APACHEDIR', '/usr/local');
// End of system check
-define ('MODSECURITY_DIR','modsecurity-crs_2.2.5');
+define ('MODSECURITY_DIR','crs');
// Rules directory location
define("rules_directory", APACHEDIR . "/". MODSECURITY_DIR);
function apache_textarea_decode($base64){
@@ -57,10 +57,6 @@ function apache_get_real_interface_address($iface) {
// Ensure NanoBSD can write. pkg_mgr will remount RO
conf_mount_rw();
-// Needed mod_security directories
-if(!is_dir(APACHEDIR . "/". MODSECURITY_DIR))
- safe_mkdir(APACHEDIR . "/". MODSECURITY_DIR);
-
// Startup function
function apache_mod_security_start() {
exec(APACHEDIR . "/sbin/httpd -D NOHTTPACCEPT -k start");
@@ -127,23 +123,23 @@ function apache_mod_security_resync() {
global $config, $g;
apache_mod_security_install();
$dirs=array("base", "experimental","optional", "slr");
- $ms_file="/usr/local/pkg/modsecurity-crs_2.2.5.tar.gz";
- if (file_exists($ms_file)){
- if (! file_exists(APACHEDIR ."/". MODSECURITY_DIR . "/LICENSE"))
- exec ("tar -xzf $ms_file -C ".APACHEDIR);
- $write_config=0;
- foreach ($dirs as $dir){
- if ($handle = opendir(APACHEDIR ."/".MODSECURITY_DIR."/{$dir}_rules")) {
- $write_config++;
- $config['installedpackages']["modsecurityfiles{$dir}"]['config']=array();
- while (false !== ($entry = readdir($handle))) {
- if (preg_match("/(\S+).conf/",$entry,$matches))
- $config["installedpackages"]["modsecurityfiles{$dir}"]["config"][]=array("file"=>$matches[1]);
- }
- closedir($handle);
+ if (! file_exists(APACHEDIR ."/". MODSECURITY_DIR . "/LICENSE")){
+ exec ("/usr/local/bin/git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git ".APACHEDIR."/".MODSECURITY_DIR);
+ //chdir (APACHEDIR."/".MODSECURITY_DIR);
+ //exec ("/usr/local/bin/git checkout -q 2.2.8");
+ }
+ $write_config=0;
+ foreach ($dirs as $dir){
+ if ($handle = opendir(APACHEDIR ."/".MODSECURITY_DIR."/{$dir}_rules")) {
+ $write_config++;
+ $config['installedpackages']["modsecurityfiles{$dir}"]['config']=array();
+ while (false !== ($entry = readdir($handle))) {
+ if (preg_match("/(\S+).conf/",$entry,$matches))
+ $config["installedpackages"]["modsecurityfiles{$dir}"]["config"][]=array("file"=>$matches[1]);
}
+ closedir($handle);
+ }
}
- }
if ($write_config > 0)
write_config();
apache_mod_security_checkconfig();