Date: Sun, 4 Mar 2007 18:50:10 GMT From: Ruben van Staveren <ruben@verweg.com> To: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/109855: Update www/mod_security2 to version 2.1.0 and install core rules Message-ID: <200703041850.l24IoArK064649@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/109855; it has been noted by GNATS. From: Ruben van Staveren <ruben@verweg.com> To: bug-followup@FreeBSD.org Cc: Subject: Re: ports/109855: Update www/mod_security2 to version 2.1.0 and install core rules Date: Sun, 4 Mar 2007 19:22:55 +0100 There is a small nit in the patch - It should be mod_security2.c for the IfModule. www/apache20 wants this, tested with www/apache22 originally - Copy and paste error for the REINPLACE_CMD substitution of the logfile locations. Please use the new patch, apologies. Regards, Ruben diff -Nur mod_security2.orig/Makefile mod_security2/Makefile --- mod_security2.orig/Makefile Sun Mar 4 13:34:56 2007 +++ mod_security2/Makefile Sun Mar 4 16:34:59 2007 @@ -6,7 +6,7 @@ # PORTNAME= mod_security2 -PORTVERSION= 2.0.4 +PORTVERSION= 2.1.0 CATEGORIES= www security MASTER_SITES= http://www.modsecurity.org/download/ DISTNAME= ${PORTNAME:S/_//:S/2//}-apache_${PORTVERSION} @@ -24,6 +24,32 @@ PORTDOCS= * DOCS= CHANGES LICENSE README.TXT modsecurity.conf-minimal doc DOCSDIR= ${TARGETDIR}/share/doc/${MODULENAME} +SUB_FILES+=mod_security2.conf +SUB_LIST+=APACHEETCDIR="${APACHEETCDIR}" + +.if !defined(SKIP_RULES) +SUB_FILES+=pkg-message.rules + +PLIST_DIRS+=${APACHEETCDIR}/Includes/mod_security2/blocking +PLIST_DIRS+=${APACHEETCDIR}/Includes/mod_security2 + +PLIST_FILES+=${APACHEETCDIR}/Includes/mod_security2.conf +PLIST_FILES+=${APACHEETCDIR}/Includes/mod_security2/CHANGELOG +PLIST_FILES+=${APACHEETCDIR}/Includes/mod_security2/LICENSE +PLIST_FILES+=${APACHEETCDIR}/Includes/mod_security2/README +PLIST_FILES+=${APACHEETCDIR}/Includes/mod_security2/blocking/modsecurity_crs_20_protocol_violations.conf +PLIST_FILES+=${APACHEETCDIR}/Includes/mod_security2/blocking/modsecurity_crs_21_protocol_anomalies.conf +PLIST_FILES+=${APACHEETCDIR}/Includes/mod_security2/blocking/modsecurity_crs_40_generic_attacks.conf +PLIST_FILES+=${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_10_config.conf +PLIST_FILES+=${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_20_protocol_violations.conf +PLIST_FILES+=${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_21_protocol_anomalies.conf +PLIST_FILES+=${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_30_http_policy.conf +PLIST_FILES+=${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_35_bad_robots.conf +PLIST_FILES+=${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_40_generic_attacks.conf +PLIST_FILES+=${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_45_trojans.conf +PLIST_FILES+=${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_50_outbound.conf +PLIST_FILES+=${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_55_marketing.conf +.endif .if defined(WITH_LIBXML2) AP_EXTRAS+= -DWITH_LIBXML2 @@ -32,10 +58,22 @@ USE_GNOME= libxml2 .endif +post-patch: + @${REINPLACE_CMD} -e 's|SecRuleEngine On|SecRuleEngine DetectionOnly|' \ + -e 's|SecAuditLog.*logs/modsec_audit.log|SecAuditLog /var/log/httpd-modsec2_audit.log|' \ + -e 's|SecDebugLog.*logs/modsec_debug.log|SecDebugLog /var/log/httpd-modsec2_debug.log|' \ + -e 's|SecServerSignature "Apache/2.2.0 (Fedora)"|SecServerSignature "Apache/${APACHE_VERSION:C/[0-9]/\0./g}x (${OPSYS})"|' \ + ${WRKSRCTOP}/rules/modsecurity_crs_10_config.conf + post-install: .if !defined(NOPORTDOCS) @${MKDIR} ${DOCSDIR} @(cd ${WRKSRCTOP} && ${TAR} cf - ${DOCS}) | (cd ${DOCSDIR} && ${TAR} xpof -) +.endif +.if !defined(SKIP_RULES) + @${INSTALL_DATA} ${WRKDIR}/mod_security2.conf ${PREFIX}/${APACHEETCDIR}/Includes/ + @cd ${WRKSRCTOP} && ${PAX} -rw -pe -s +rules+mod_security2+ rules ${PREFIX}/${APACHEETCDIR}/Includes + @${CAT} ${PKGMESSAGE} .endif .include <bsd.port.mk> diff -Nur mod_security2.orig/distinfo mod_security2/distinfo --- mod_security2.orig/distinfo Sun Mar 4 13:34:56 2007 +++ mod_security2/distinfo Sun Mar 4 13:35:49 2007 @@ -1,3 +1,3 @@ -MD5 (modsecurity-apache_2.0.4.tar.gz) = b63f093c7a24b766e6e8c9c8ffc13084 -SHA256 (modsecurity-apache_2.0.4.tar.gz) = 622c3478515c951189334aa9a60ae7e71dfbbc671d983bf2f4b732a5fdd230a1 -SIZE (modsecurity-apache_2.0.4.tar.gz) = 303477 +MD5 (modsecurity-apache_2.1.0.tar.gz) = 2e919766f2878c4ee46334816004dd15 +SHA256 (modsecurity-apache_2.1.0.tar.gz) = fd37d64f7ffe193101da20f6e6e2016105de62948f3976aceaa96f636606fe74 +SIZE (modsecurity-apache_2.1.0.tar.gz) = 650133 diff -Nur mod_security2.orig/files/mod_security2.conf.in mod_security2/files/mod_security2.conf.in --- mod_security2.orig/files/mod_security2.conf.in Thu Jan 1 01:00:00 1970 +++ mod_security2/files/mod_security2.conf.in Sun Mar 4 15:27:21 2007 @@ -0,0 +1,5 @@ +<IfModule mod_security2.c> + + Include %%APACHEETCDIR%%/Includes/mod_security2/*.conf + +</IfModule> diff -Nur mod_security2.orig/files/pkg-message.rules.in mod_security2/files/pkg-message.rules.in --- mod_security2.orig/files/pkg-message.rules.in Thu Jan 1 01:00:00 1970 +++ mod_security2/files/pkg-message.rules.in Sun Mar 4 16:01:17 2007 @@ -0,0 +1,10 @@ + +The modsecurity 2 Core Rules have been installed in + +%%PREFIX%%/%%APACHEETCDIR%%/Includes/mod_security2/ + +and run in "DetectionOnly" mode as not to disturb operatings. + +Please read http://www.modsecurity.org/projects/rules/index.html + +logging is done to /var/log/httpd-modsec-*.log
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200703041850.l24IoArK064649>