[Bug 203454] patch for www/mod_evasive (unbreaks port)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue Oct 6 09:43:08 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203454
--- Comment #2 from Walter Schwarzenfeld <w.litter at aon.at> ---
Comment on attachment 161575
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=161575
mod_evasive.diff
>Index: Makefile
>===================================================================
>--- Makefile (revision 398216)
>+++ Makefile (working copy)
>@@ -3,13 +3,13 @@
>
> PORTNAME= mod_evasive
> PORTVERSION= 1.10.1
>-PORTREVISION= 1
>+PORTREVISION= 2
> CATEGORIES= www security
> MASTER_SITES= http://www.zdziarski.com/blog/wp-content/uploads/2010/02/
> DISTNAME= mod_evasive_${PORTVERSION}
> DIST_SUBDIR= apache2
>
>-MAINTAINER= kiwi at oav.net
>+MAINTAINER= w.litter at aon.at
> COMMENT= Apache module to try to protect the HTTP Server from DoS/DDoS attacks
>
> LICENSE= GPLv2
>@@ -16,7 +16,7 @@
>
> WRKSRC= ${WRKDIR}/${PORTNAME}
>
>-USE_APACHE= 22
>+USE_APACHE= 22+
> AP_FAST_BUILD= yes
> AP_GENPLIST= yes
> MODULENAME= ${PORTNAME}20
>Index: files/patch-mod_evasive20.c
>===================================================================
>--- files/patch-mod_evasive20.c (revision 0)
>+++ files/patch-mod_evasive20.c (working copy)
>@@ -0,0 +1,102 @@
>+--- mod_evasive20.c.orig 2015-07-05 17:29:09 UTC
>++++ mod_evasive20.c
>+@@ -115,6 +115,7 @@ static void * create_hit_list(apr_pool_t
>+ /* Create a new hit list for this listener */
>+
>+ hit_list = ntt_create(hash_table_size);
>++ return 0;
>+ }
>+
>+ static const char *whitelist(cmd_parms *cmd, void *dconfig, const char *ip)
>+@@ -139,11 +140,11 @@ static int access_checker(request_rec *r
>+ time_t t = time(NULL);
>+
>+ /* Check whitelist */
>+- if (is_whitelisted(r->connection->remote_ip))
>++ if (is_whitelisted(r->connection->client_ip))
>+ return OK;
>+
>+ /* First see if the IP itself is on "hold" */
>+- n = ntt_find(hit_list, r->connection->remote_ip);
>++ n = ntt_find(hit_list, r->connection->client_ip);
>+
>+ if (n != NULL && t-n->timestamp<blocking_period) {
>+
>+@@ -155,14 +156,14 @@ static int access_checker(request_rec *r
>+ } else {
>+
>+ /* Has URI been hit too much? */
>+- snprintf(hash_key, 2048, "%s_%s", r->connection->remote_ip, r->uri);
>++ snprintf(hash_key, 2048, "%s_%s", r->connection->client_ip, r->uri);
>+ n = ntt_find(hit_list, hash_key);
>+ if (n != NULL) {
>+
>+ /* If URI is being hit too much, add to "hold" list and 403 */
>+ if (t-n->timestamp<page_interval && n->count>=page_count) {
>+ ret = HTTP_FORBIDDEN;
>+- ntt_insert(hit_list, r->connection->remote_ip, time(NULL));
>++ ntt_insert(hit_list, r->connection->client_ip, time(NULL));
>+ } else {
>+
>+ /* Reset our hit count list as necessary */
>+@@ -177,14 +178,14 @@ static int access_checker(request_rec *r
>+ }
>+
>+ /* Has site been hit too much? */
>+- snprintf(hash_key, 2048, "%s_SITE", r->connection->remote_ip);
>++ snprintf(hash_key, 2048, "%s_SITE", r->connection->client_ip);
>+ n = ntt_find(hit_list, hash_key);
>+ if (n != NULL) {
>+
>+ /* If site is being hit too much, add to "hold" list and 403 */
>+ if (t-n->timestamp<site_interval && n->count>=site_count) {
>+ ret = HTTP_FORBIDDEN;
>+- ntt_insert(hit_list, r->connection->remote_ip, time(NULL));
>++ ntt_insert(hit_list, r->connection->client_ip, time(NULL));
>+ } else {
>+
>+ /* Reset our hit count list as necessary */
>+@@ -204,28 +205,29 @@ static int access_checker(request_rec *r
>+ char filename[1024];
>+ struct stat s;
>+ FILE *file;
>++ int getpid();
>+
>+- snprintf(filename, sizeof(filename), "%s/dos-%s", log_dir != NULL ? log_dir : DEFAULT_LOG_DIR, r->connection->remote_ip);
>++ snprintf(filename, sizeof(filename), "%s/dos-%s", log_dir != NULL ? log_dir : DEFAULT_LOG_DIR, r->connection->client_ip);
>+ if (stat(filename, &s)) {
>+ file = fopen(filename, "w");
>+ if (file != NULL) {
>+- fprintf(file, "%ld\n", getpid());
>++ fprintf(file, "%d\n", getpid());
>+ fclose(file);
>+
>+- LOG(LOG_ALERT, "Blacklisting address %s: possible DoS attack.", r->connection->remote_ip);
>++ LOG(LOG_ALERT, "Blacklisting address %s: possible DoS attack.", r->connection->client_ip);
>+ if (email_notify != NULL) {
>+ snprintf(filename, sizeof(filename), MAILER, email_notify);
>+ file = popen(filename, "w");
>+ if (file != NULL) {
>+ fprintf(file, "To: %s\n", email_notify);
>+- fprintf(file, "Subject: HTTP BLACKLIST %s\n\n", r->connection->remote_ip);
>+- fprintf(file, "mod_evasive HTTP Blacklisted %s\n", r->connection->remote_ip);
>++ fprintf(file, "Subject: HTTP BLACKLIST %s\n\n", r->connection->client_ip);
>++ fprintf(file, "mod_evasive HTTP Blacklisted %s\n", r->connection->client_ip);
>+ pclose(file);
>+ }
>+ }
>+
>+ if (system_command != NULL) {
>+- snprintf(filename, sizeof(filename), system_command, r->connection->remote_ip);
>++ snprintf(filename, sizeof(filename), system_command, r->connection->client_ip);
>+ system(filename);
>+ }
>+
>+@@ -298,6 +300,7 @@ static apr_status_t destroy_hit_list(voi
>+ ntt_destroy(hit_list);
>+ free(email_notify);
>+ free(system_command);
>++ return 0;
>+ }
>+
>+
>
>Property changes on: files/patch-mod_evasive20.c
>___________________________________________________________________
>Added: fbsd:nokeywords
>## -0,0 +1 ##
>+yes
>\ No newline at end of property
>Added: svn:eol-style
>## -0,0 +1 ##
>+native
>\ No newline at end of property
>Added: svn:mime-type
>## -0,0 +1 ##
>+text/plain
>\ No newline at end of property
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list