aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--config/apache_mod_security-dev/apache.template2
-rw-r--r--config/apache_mod_security-dev/apache_mod_security.inc36
-rw-r--r--pkg_config.8.xml4
-rw-r--r--pkg_config.8.xml.amd644
4 files changed, 21 insertions, 25 deletions
diff --git a/config/apache_mod_security-dev/apache.template b/config/apache_mod_security-dev/apache.template
index 69ffb9c7..93de58af 100644
--- a/config/apache_mod_security-dev/apache.template
+++ b/config/apache_mod_security-dev/apache.template
@@ -176,7 +176,7 @@ LoadModule status_module libexec/apache22/mod_status.so
LoadModule autoindex_module libexec/apache22/mod_autoindex.so
LoadModule asis_module libexec/apache22/mod_asis.so
LoadModule info_module libexec/apache22/mod_info.so
-LoadModule cgi_module libexec/apache22/mod_cgi.so
+#LoadModule cgi_module libexec/apache22/mod_cgi.so
LoadModule vhost_alias_module libexec/apache22/mod_vhost_alias.so
LoadModule negotiation_module libexec/apache22/mod_negotiation.so
LoadModule dir_module libexec/apache22/mod_dir.so
diff --git a/config/apache_mod_security-dev/apache_mod_security.inc b/config/apache_mod_security-dev/apache_mod_security.inc
index 8ca5b4e3..76208c70 100644
--- a/config/apache_mod_security-dev/apache_mod_security.inc
+++ b/config/apache_mod_security-dev/apache_mod_security.inc
@@ -35,7 +35,7 @@ if ($pf_version > 2.0)
else
define('APACHEDIR', '/usr/local');
// End of system check
-define ('MODSECURITY_DIR','modsecurity-crs_2.2.5');
+define ('MODSECURITY_DIR','crs');
// Rules directory location
define("rules_directory", APACHEDIR . "/". MODSECURITY_DIR);
function apache_textarea_decode($base64){
@@ -57,10 +57,6 @@ function apache_get_real_interface_address($iface) {
// Ensure NanoBSD can write. pkg_mgr will remount RO
conf_mount_rw();
-// Needed mod_security directories
-if(!is_dir(APACHEDIR . "/". MODSECURITY_DIR))
- safe_mkdir(APACHEDIR . "/". MODSECURITY_DIR);
-
// Startup function
function apache_mod_security_start() {
exec(APACHEDIR . "/sbin/httpd -D NOHTTPACCEPT -k start");
@@ -127,23 +123,23 @@ function apache_mod_security_resync() {
global $config, $g;
apache_mod_security_install();
$dirs=array("base", "experimental","optional", "slr");
- $ms_file="/usr/local/pkg/modsecurity-crs_2.2.5.tar.gz";
- if (file_exists($ms_file)){
- if (! file_exists(APACHEDIR ."/". MODSECURITY_DIR . "/LICENSE"))
- exec ("tar -xzf $ms_file -C ".APACHEDIR);
- $write_config=0;
- foreach ($dirs as $dir){
- if ($handle = opendir(APACHEDIR ."/".MODSECURITY_DIR."/{$dir}_rules")) {
- $write_config++;
- $config['installedpackages']["modsecurityfiles{$dir}"]['config']=array();
- while (false !== ($entry = readdir($handle))) {
- if (preg_match("/(\S+).conf/",$entry,$matches))
- $config["installedpackages"]["modsecurityfiles{$dir}"]["config"][]=array("file"=>$matches[1]);
- }
- closedir($handle);
+ if (! file_exists(APACHEDIR ."/". MODSECURITY_DIR . "/LICENSE")){
+ exec ("/usr/local/bin/git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git ".APACHEDIR."/".MODSECURITY_DIR);
+ //chdir (APACHEDIR."/".MODSECURITY_DIR);
+ //exec ("/usr/local/bin/git checkout -q 2.2.8");
+ }
+ $write_config=0;
+ foreach ($dirs as $dir){
+ if ($handle = opendir(APACHEDIR ."/".MODSECURITY_DIR."/{$dir}_rules")) {
+ $write_config++;
+ $config['installedpackages']["modsecurityfiles{$dir}"]['config']=array();
+ while (false !== ($entry = readdir($handle))) {
+ if (preg_match("/(\S+).conf/",$entry,$matches))
+ $config["installedpackages"]["modsecurityfiles{$dir}"]["config"][]=array("file"=>$matches[1]);
}
+ closedir($handle);
+ }
}
- }
if ($write_config > 0)
write_config();
apache_mod_security_checkconfig();
diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index f79293e4..3444c047 100644
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -214,7 +214,7 @@
<website>http://www.modsecurity.org/</website>
<descr>ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. In addition this package allows URL forwarding which can be convenient for hosting multiple websites behind pfSense using 1 IP address.</descr>
<category>Network Management</category>
- <version>0.2.2</version>
+ <version>apache 2.2.23 pkg v0.2.3</version>
<status>ALPHA</status>
<required_version>2.0</required_version>
<config_file>http://www.pfsense.com/packages/config/apache_mod_security-dev/apache_virtualhost.xml</config_file>
@@ -225,7 +225,7 @@
<depends_on_package>ap22-mod_memcache-0.1.0_4.tbz</depends_on_package>
<depends_on_package>apache-2.2.22_5.tbz</depends_on_package>
<depends_on_package>ap22-mod_security-2.6.5_1.tbz</depends_on_package>
- <depends_on_package_pbi>proxy_mod_security-2.2.22_6-i386.pbi</depends_on_package_pbi>
+ <depends_on_package_pbi>proxy_mod_security-2.2.23_6-i386.pbi git-1.8.1.3-i386.pbi</depends_on_package_pbi>
<configurationfile>apache_virtualhost.xml</configurationfile>
<build_port_path>/usr/ports/devel/gettext</build_port_path>
<build_port_path>/usr/ports/misc/help2man</build_port_path>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index 32551ce1..b723f195 100644
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -201,7 +201,7 @@
<website>http://www.modsecurity.org/</website>
<descr>ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. In addition this package allows URL forwarding which can be convenient for hosting multiple websites behind pfSense using 1 IP address.</descr>
<category>Network Management</category>
- <version>0.2.2</version>
+ <version>apache 2.2.23 pkg v0.2.3</version>
<status>ALPHA</status>
<required_version>2.0</required_version>
<config_file>http://www.pfsense.com/packages/config/apache_mod_security-dev/apache_virtualhost.xml</config_file>
@@ -212,7 +212,7 @@
<depends_on_package>ap22-mod_memcache-0.1.0_4.tbz</depends_on_package>
<depends_on_package>apache-2.2.22_5.tbz</depends_on_package>
<depends_on_package>ap22-mod_security-2.6.5_1.tbz</depends_on_package>
- <depends_on_package_pbi>proxy_mod_security-2.2.22_6-amd64.pbi</depends_on_package_pbi>
+ <depends_on_package_pbi>proxy_mod_security-2.2.23_6-amd64.pbi git-1.8.1.3-i386.pbi</depends_on_package_pbi>
<configurationfile>apache_virtualhost.xml</configurationfile>
<build_port_path>/usr/ports/devel/gettext</build_port_path>
<build_port_path>/usr/ports/misc/help2man</build_port_path>