ports/124828: [new port] www/mod_security

[Marcelo Araujo <araujo@FreeBSD.org>]

>Number:         124828
>Category:       ports
>Synopsis:       [new port] www/mod_security
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Jun 21 13:00:16 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Marcelo Araujo <araujo at FreeBSD.org>
>Release:        FreeBSD 7.0-STABLE amd64
>Organization:
FreeBSD 
>Environment:


System: FreeBSD 7.0-STABLE #3: Sun Jun 15 11:46:24 BRT 2008
    araujo at ponderosa.intelbras.com.br:/usr/obj/usr/src/sys/PONDEROSA



>Description:


It's a new version of mod_security called up as mod_security-2.5.5.


>How-To-Repeat:





>Fix:


--- mod_security25.shar begins here ---
# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	mod_security25/
#	mod_security25/files
#	mod_security25/files/mod_security2.conf.in
#	mod_security25/files/pkg-message.rules.in
#	mod_security25/Makefile
#	mod_security25/distinfo
#	mod_security25/pkg-descr
#
echo c - mod_security25/
mkdir -p mod_security25/ > /dev/null 2>&1
echo c - mod_security25/files
mkdir -p mod_security25/files > /dev/null 2>&1
echo x - mod_security25/files/mod_security2.conf.in
sed 's/^X//' >mod_security25/files/mod_security2.conf.in << 'END-of-mod_security25/files/mod_security2.conf.in'
X<IfModule security2_module>
X    Include %%APACHEETCDIR%%/Includes/mod_security2/*.conf
X</IfModule>
END-of-mod_security25/files/mod_security2.conf.in
echo x - mod_security25/files/pkg-message.rules.in
sed 's/^X//' >mod_security25/files/pkg-message.rules.in << 'END-of-mod_security25/files/pkg-message.rules.in'
X
XThe modsecurity 2 Core Rules have been installed in 
X
X  %%PREFIX%%/%%APACHEETCDIR%%/Includes/mod_security2/
X
Xand run in "DetectionOnly" mode as not to disturb operatings.
X
XPlease read http://www.modsecurity.org/projects/rules/index.html
X
XModSecurity requires mod_unique_id to be actived.
XThis line must be present in your apache configuration file.
X
XLoadModule unique_id_module libexec/apache22/mod_unique_id.so
X
XYou must add the following to your Apache configuration file for
Xactivate mod_security:
X
XLoadModule security2_module libexec/apache22/mod_security2.so
X
XLogging is done to /var/log/httpd-modsec2*.log
END-of-mod_security25/files/pkg-message.rules.in
echo x - mod_security25/Makefile
sed 's/^X//' >mod_security25/Makefile << 'END-of-mod_security25/Makefile'
X# New ports collection makefile for:	mod_security2
X# Date created:				9 November 2006
X# Whom:					Dominic Mitchell <dom at happygiraffe.net>
X#
X# $FreeBSD: ports/www/mod_security2/Makefile,v 1.15 2008/04/11 14:33:37 araujo Exp $
X#
X
XPORTNAME=	mod_security2
XPORTVERSION=	2.5.5
XCATEGORIES=	www security
XMASTER_SITES=	http://www.modsecurity.org/download/
XDISTNAME=	${PORTNAME:S/_//:S/2//}-apache_${PORTVERSION}
X
XMAINTAINER=	araujo at FreeBSD.org
XCOMMENT=	An intrusion detection and prevention engine
X
XLIB_DEPENDS+=	pcre.0:${PORTSDIR}/devel/pcre \
X		apr-1.2:${PORTSDIR}/devel/apr
X
XUSE_APACHE=	2.0+
XGNU_CONFIGURE=	yes
XAP_GENPLIST=	yes
XAP_EXTRAS+=	-DWITH_LIBXML2
XAP_INC=	${LOCALBASE}/include/libxml2
XAP_LIB=	${LOCALBASE}/lib
XUSE_GNOME=	libxml2
XMODULENAME=	mod_security2
XWRKSRCTOP=	${WRKDIR}/${DISTNAME}
XWRKSRC=		${WRKSRCTOP}/apache2
XSRC_FILE=	*.c
XPORTDOCS=	*
XDOCS=		CHANGES LICENSE README.TXT modsecurity.conf-minimal
XDOCSDIR=	${PREFIX}/share/doc/${MODULENAME}
XSUB_FILES+=	mod_security2.conf
XSUB_LIST+=	APACHEETCDIR="${APACHEETCDIR}"
XPLIST_FILES+=	${APACHEMODDIR}/mod_security2.so
X
X.if !defined(SKIP_RULES)
XSUB_FILES+=	pkg-message.rules
X
XPLIST_DIRS+=	${APACHEETCDIR}/Includes/mod_security2/optional_rules
XPLIST_DIRS+=	${APACHEETCDIR}/Includes/mod_security2
X
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2.conf
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/CHANGELOG
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/LICENSE
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/README
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_23_request_limits.conf
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_10_config.conf
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_20_protocol_violations.conf
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_21_protocol_anomalies.conf
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_30_http_policy.conf
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_35_bad_robots.conf
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_40_generic_attacks.conf
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_45_trojans.conf
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_50_outbound.conf
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/optional_rules/modsecurity_crs_20_protocol_violations.conf
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/optional_rules/modsecurity_crs_21_protocol_anomalies.conf
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/optional_rules/modsecurity_crs_40_generic_attacks.conf
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/optional_rules/modsecurity_crs_42_comment_spam.conf
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/optional_rules/modsecurity_crs_42_tight_security.conf
XPLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/optional_rules/modsecurity_crs_55_marketing.conf
X
X.endif
X
XREINPLACE_ARGS=	-i ""
X
Xpost-patch:
X	@${REINPLACE_CMD} -e '\
X		s|SecRuleEngine On|SecRuleEngine DetectionOnly|; \
X		s|SecAuditLog.*logs/modsec_audit.log|SecAuditLog /var/log/httpd-modsec2_audit.log|; \
X		s|SecDebugLog.*logs/modsec_debug.log|SecDebugLog /var/log/httpd-modsec2_debug.log|; \
X		s|SecServerSignature "Apache/2.2.0 (Fedora)"|SecServerSignature "Apache/${APACHE_VERSION:C/[0-9]/\0./g}x (${OPSYS})"|; \
X		' ${WRKSRCTOP}/rules/modsecurity_crs_10_config.conf
X
Xpost-install:
X.if !defined(NOPORTDOCS)
X	@${MKDIR} ${DOCSDIR}
X	@(cd ${WRKSRCTOP} && ${COPYTREE_SHARE} "doc rules" ${DOCSDIR}/)
X.endif
X.if !defined(SKIP_RULES)
X	@${INSTALL_DATA} ${WRKDIR}/mod_security2.conf ${PREFIX}/${APACHEETCDIR}/Includes/
X	@cd ${WRKSRCTOP} && ${PAX} -rw -pe -s +rules+mod_security2+ rules ${PREFIX}/${APACHEETCDIR}/Includes
X	@${CAT} ${PKGMESSAGE}
X.endif
X
X.include <bsd.port.mk>
END-of-mod_security25/Makefile
echo x - mod_security25/distinfo
sed 's/^X//' >mod_security25/distinfo << 'END-of-mod_security25/distinfo'
XMD5 (modsecurity-apache_2.5.5.tar.gz) = 8bd027fe079ff2516e3c722a3be6cd4c
XSHA256 (modsecurity-apache_2.5.5.tar.gz) = 626909c8408e2fd9e387f592f49e9d2c6501513b4cdc18dd89a8e9f3e124d959
XSIZE (modsecurity-apache_2.5.5.tar.gz) = 1073723
END-of-mod_security25/distinfo
echo x - mod_security25/pkg-descr
sed 's/^X//' >mod_security25/pkg-descr << 'END-of-mod_security25/pkg-descr'
XModSecurity is an embeddable web application firewall. It provides
Xprotection from a range of attacks against web applications and allows
Xfor HTTP traffic monitoring and real-time analysis with no changes to
Xexisting infrastructure.
X
XIt is also an open source project that aims to make the web application
Xfirewall technology available to everyone. 
X
XWWW: http://www.modsecurity.org/
END-of-mod_security25/pkg-descr
exit

--- mod_security25.shar ends here ---



>Release-Note:
>Audit-Trail:
>Unformatted: