diff options
| -rw-r--r-- | config/apache_mod_security/apache_mod_security.inc | 10 | ||||
| -rw-r--r-- | config/apache_mod_security/apache_mod_security.priv.inc | 42 | ||||
| -rw-r--r-- | config/apache_mod_security/apache_mod_security.xml | 6 | ||||
| -rw-r--r-- | pkg_config.10.xml | 2 | ||||
| -rw-r--r-- | pkg_config.8.xml | 2 | ||||
| -rw-r--r-- | pkg_config.8.xml.amd64 | 2 |
6 files changed, 58 insertions, 6 deletions
diff --git a/config/apache_mod_security/apache_mod_security.inc b/config/apache_mod_security/apache_mod_security.inc index 69cc2126..63960b9e 100644 --- a/config/apache_mod_security/apache_mod_security.inc +++ b/config/apache_mod_security/apache_mod_security.inc @@ -49,7 +49,10 @@ function apache_mod_security_install() { generate_apache_configuration(); $filename = "apache_mod_security.sh"; - $start = APACHEDIR . "/sbin/httpd -k start"; + if (APACHEDIR != "/usr/local") { + $start = "/sbin/ldconfig -m " . APACHEDIR . "/lib\n"; + } + $start .= APACHEDIR . "/sbin/httpd -k start"; $stop = APACHEDIR . "/sbin/httpd -k stop"; write_rcfile(array( @@ -73,6 +76,9 @@ function apache_mod_security_deinstall() { // Check Apache configuration syntax function apache_mod_security_checkconfig() { global $config, $g; + if (APACHEDIR != "/usr/local") { + mwexec("/sbin/ldconfig -m " . APACHEDIR . "/lib"); + } $status = mwexec(APACHEDIR . "/sbin/httpd -t"); if ($status) { $input_errors[] = "[apache_mod_security]: There was an error parsing the Apache configuration: {$status}"; @@ -550,7 +556,7 @@ LoadModule status_module libexec/{$apache_version}/mod_status.so LoadModule autoindex_module libexec/{$apache_version}/mod_autoindex.so LoadModule asis_module libexec/{$apache_version}/mod_asis.so LoadModule info_module libexec/{$apache_version}/mod_info.so -LoadModule cgi_module libexec/{$apache_version}/mod_cgi.so +# LoadModule cgi_module libexec/{$apache_version}/mod_cgi.so LoadModule vhost_alias_module libexec/{$apache_version}/mod_vhost_alias.so LoadModule negotiation_module libexec/{$apache_version}/mod_negotiation.so LoadModule dir_module libexec/{$apache_version}/mod_dir.so diff --git a/config/apache_mod_security/apache_mod_security.priv.inc b/config/apache_mod_security/apache_mod_security.priv.inc new file mode 100644 index 00000000..e3989c9f --- /dev/null +++ b/config/apache_mod_security/apache_mod_security.priv.inc @@ -0,0 +1,42 @@ +<?php +/* + apache_mod_security.priv.inc + part of pfSense (http://www.pfSense.org/) + Copyright (C) 2015 ESF, LLC + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +global $priv_list; + +$priv_list['page-services-apache-modsecurity'] = array(); +$priv_list['page-services-apache-modsecurity']['name'] = "WebCfg - Services: ModSecurity/Apache Proxy Server"; +$priv_list['page-services-apache-modsecurity']['descr'] = "Allow access to ModSecurity/Apache Proxy Server package GUI"; + +$priv_list['page-services-apache-modsecurity']['match'] = array(); +$priv_list['page-services-apache-modsecurity']['match'][] = "pkg.php?xml=apache_mod_security.xml*"; +$priv_list['page-services-apache-modsecurity']['match'][] = "pkg.php?xml=apache_mod_security_settings.xml*"; +$priv_list['page-services-apache-modsecurity']['match'][] = "pkg_edit.php?xml=apache_mod_security.xml*"; +$priv_list['page-services-apache-modsecurity']['match'][] = "pkg_edit.php?xml=apache_mod_security_settings.xml*"; +$priv_list['page-services-apache-modsecurity']['match'][] = "apache_mod_security_view_logs.php*"; + +?> diff --git a/config/apache_mod_security/apache_mod_security.xml b/config/apache_mod_security/apache_mod_security.xml index ee8c7fbb..a5b6e009 100644 --- a/config/apache_mod_security/apache_mod_security.xml +++ b/config/apache_mod_security/apache_mod_security.xml @@ -42,7 +42,7 @@ ]]> </copyright> <name>apache_mod_security</name> - <version>0.1.8</version> + <version>0.1.9</version> <title>Services: Mod_Security+Apache+Proxy: Site Proxies</title> <include_file>/usr/local/pkg/apache_mod_security.inc</include_file> <menu> @@ -62,6 +62,10 @@ <item>https://packages.pfsense.org/packages/config/apache_mod_security/apache_mod_security.inc</item> </additional_files_needed> <additional_files_needed> + <prefix>/etc/priv/inc/</prefix> + <item>https://packages.pfsense.org/packages/config/apache_mod_security/apache_mod_security.priv.inc</item> + </additional_files_needed> + <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <item>https://packages.pfsense.org/packages/config/apache_mod_security/apache_mod_security_settings.xml</item> </additional_files_needed> diff --git a/pkg_config.10.xml b/pkg_config.10.xml index 14309220..526682d9 100644 --- a/pkg_config.10.xml +++ b/pkg_config.10.xml @@ -232,7 +232,7 @@ ]]> </descr> <category>Security</category> - <version>0.1.8</version> + <version>0.1.9</version> <status>ALPHA</status> <required_version>2.2</required_version> <maximum_version>2.2.999</maximum_version> diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 6a2cc68b..f3734fc6 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -261,7 +261,7 @@ <website>http://www.modsecurity.org/</website> <descr>ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. In addition this package allows URL forwarding which can be convenient for hosting multiple websites behind pfSense using 1 IP address.</descr> <category>Network Management</category> - <version>0.1.8</version> + <version>0.1.9</version> <status>ALPHA</status> <required_version>2.0</required_version> <config_file>https://packages.pfsense.org/packages/config/apache_mod_security/apache_mod_security.xml</config_file> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index 203140e2..c1f61979 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -248,7 +248,7 @@ <website>http://www.modsecurity.org/</website> <descr>ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. In addition this package allows URL forwarding which can be convenient for hosting multiple websites behind pfSense using 1 IP address.</descr> <category>Network Management</category> - <version>0.1.8</version> + <version>0.1.9</version> <status>ALPHA</status> <required_version>2.0</required_version> <config_file>https://packages.pfsense.org/packages/config/apache_mod_security/apache_mod_security.xml</config_file> |