network/mod_evasive: Added to 12.1 repository

2024-11-22 19:44:21 +01:00 · 2010-05-11 22:54:55 +02:00 · 2010-05-11 22:54:55 +02:00 · 4559304ed9
commit 4559304ed9
parent ea78ddeb37
4 changed files with 131 additions and 0 deletions
--- a/network/mod_evasive/README
+++ b/network/mod_evasive/README
@ -0,0 +1,39 @@
+mod_evasive maneuvers module for Apache to provide evasive action in the event
+of an HTTP DoS or DDoS attack or brute force attack. It is also designed
+to be a detection and network management tool, and can be easily configured
+to talk to ipchains, firewalls, routers, and etcetera. mod_evasive presently
+reports abuses via email and syslog facilities.
+
+Detection is performed by creating an internal dynamic hash table of IP
+Addresses and URIs, and denying any single IP address from any of the
+following:
+
+
+    * Requesting the same page more than a few times per second
+    * Making more than 50 concurrent requests on the same child per second
+    * Making any requests while temporarily blacklisted (on a blocking list)
+
+
+To enable it edit /etc/httpd/httpd.conf to have like the following:
+
+LoadModule evasive20_module lib/httpd/modules/mod_evasive20.so
+
+<IfModule mod_evasive20.c>
+    DOSHashTableSize    3097
+    DOSPageCount        2
+    DOSSiteCount        50
+    DOSPageInterval     1
+    DOSSiteInterval     1
+    DOSBlockingPeriod   10
+</IfModule>
+
+
+To test enter the following command:
+
+	perl /usr/doc/mod_evasive-$VERSION/test.pl | more
+
+Which should output some HTTP/1.1 200 OK lines; then HTTP/1.1 403 Forbidden
+
+mod_evasive is fully tweakable through the Apache configuration file, see
+the READE file in /usr/doc/mod_evasive-$VERSION for configuration details.
+
--- a/network/mod_evasive/mod_evasive.SlackBuild
+++ b/network/mod_evasive/mod_evasive.SlackBuild
@ -0,0 +1,65 @@
+#!/bin/sh
+
+# Slackware build script for mod_evasive (an Apache DoS protection module)
+
+# Written by Menno E. Duursma
+
+# This program is free software. It comes without any warranty.
+# Granted WTFPL, Version 2, as published by Sam Hocevar. See
+# http://sam.zoy.org/wtfpl/COPYING for more details.
+
+# Modified by SlackBuilds.org
+
+PRGNAM=mod_evasive
+VERSION=1.10.1
+ARCH=${ARCH:-i486}
+BUILD=${BUILD:-1}
+TAG=${TAG:-_SBo}
+CWD=`pwd`
+TMP=${TMP:-/tmp/SBo}
+PKG=$TMP/package-$PRGNAM
+OUTPUT=${OUTPUT:-/tmp}
+
+if [ "$ARCH" = "i486" ]; then
+  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+elif [ "$ARCH" = "i686" ]; then
+  SLKCFLAGS="-O2 -march=i686 -mtune=i686"
+elif [ "$ARCH" = "x86_64" ]; then
+  SLKCFLAGS="-O2 -fPIC"
+fi
+
+set -e # exit on most errors
+
+rm -rf $PKG
+mkdir -p $TMP $PKG $OUTPUT
+cd $TMP
+rm -rf $PRGNAM
+tar -xzvf $CWD/${PRGNAM}_${VERSION}.tar.gz
+cd $PRGNAM
+chown -R root:root .
+chmod -R a-s,u+w,go+r-w .
+
+# Create target dir
+mkdir -p $PKG/usr/lib/httpd/modules
+
+# Compile module as DSO (dynmically shared object)
+CFLAGS="$SLACKFLAGS" \
+apxs -ca mod_evasive20.c
+
+# copy into place
+cp -v .libs/mod_evasive20.so $PKG/usr/lib/httpd/modules
+
+( cd $PKG || exit 1
+  find . -type f | xargs file | grep -e "executable" -e "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded  2> /dev/null
+)
+
+mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
+cp -a CHANGELOG LICENSE README test.pl $PKG/usr/doc/$PRGNAM-$VERSION
+cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
+find $PKG/usr/doc -type f -exec chmod 0644 {} \;
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+
+cd $PKG
+/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.tgz
--- a/network/mod_evasive/mod_evasive.info
+++ b/network/mod_evasive/mod_evasive.info
@ -0,0 +1,8 @@
+PRGNAM="mod_evasive"
+VERSION="1.10.1"
+HOMEPAGE="http://www.zdziarski.com/projects/mod_evasive/"
+DOWNLOAD="http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz"
+MD5SUM="784fca4a124f25ccff5b48c7a69a65e5"
+MAINTAINER="Menno E. Duursma"
+EMAIL="druiloor@zonnet.nl"
+APPROVED="Erik Hanson"
--- a/network/mod_evasive/slack-desc
+++ b/network/mod_evasive/slack-desc
@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description.  Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in.  You must
+# make exactly 11 lines for the formatting to be correct.  It's also
+# customary to leave one space after the ':'.
+
+       |-----handy-ruler------------------------------------------------------|
+mod_evasive: mod_evasive (an Apache anti-DoS module)
+mod_evasive:
+mod_evasive: mod_evasive is an evasive maneuvers module for Apache to
+mod_evasive: provide evasive action in the event of an HTTP DoS or DDoS
+mod_evasive: attack or brute force attack. 
+mod_evasive:
+mod_evasive: mod_evasive is maintained by Jonathan A. Zdziarski.
+mod_evasive:
+mod_evasive:
+mod_evasive:
+mod_evasive: