diff options
Diffstat (limited to 'network/mod_evasive/fixup-for-httpd24.diff')
-rw-r--r-- | network/mod_evasive/fixup-for-httpd24.diff | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/network/mod_evasive/fixup-for-httpd24.diff b/network/mod_evasive/fixup-for-httpd24.diff new file mode 100644 index 0000000000..d6ae5a6ffc --- /dev/null +++ b/network/mod_evasive/fixup-for-httpd24.diff @@ -0,0 +1,84 @@ +diff -Nur mod_evasive.orig/mod_evasive20.c mod_evasive/mod_evasive20.c +--- mod_evasive.orig/mod_evasive20.c 2005-10-08 14:01:18.000000000 -0500 ++++ mod_evasive/mod_evasive20.c 2012-09-21 21:22:19.732985740 -0500 +@@ -139,11 +139,11 @@ + time_t t = time(NULL); + + /* Check whitelist */ +- if (is_whitelisted(r->connection->remote_ip)) ++ if (is_whitelisted(r->useragent_ip)) + return OK; + + /* First see if the IP itself is on "hold" */ +- n = ntt_find(hit_list, r->connection->remote_ip); ++ n = ntt_find(hit_list, r->useragent_ip); + + if (n != NULL && t-n->timestamp<blocking_period) { + +@@ -155,14 +155,14 @@ + } else { + + /* Has URI been hit too much? */ +- snprintf(hash_key, 2048, "%s_%s", r->connection->remote_ip, r->uri); ++ snprintf(hash_key, 2048, "%s_%s", r->useragent_ip, r->uri); + n = ntt_find(hit_list, hash_key); + if (n != NULL) { + + /* If URI is being hit too much, add to "hold" list and 403 */ + if (t-n->timestamp<page_interval && n->count>=page_count) { + ret = HTTP_FORBIDDEN; +- ntt_insert(hit_list, r->connection->remote_ip, time(NULL)); ++ ntt_insert(hit_list, r->useragent_ip, time(NULL)); + } else { + + /* Reset our hit count list as necessary */ +@@ -177,14 +177,14 @@ + } + + /* Has site been hit too much? */ +- snprintf(hash_key, 2048, "%s_SITE", r->connection->remote_ip); ++ snprintf(hash_key, 2048, "%s_SITE", r->useragent_ip); + n = ntt_find(hit_list, hash_key); + if (n != NULL) { + + /* If site is being hit too much, add to "hold" list and 403 */ + if (t-n->timestamp<site_interval && n->count>=site_count) { + ret = HTTP_FORBIDDEN; +- ntt_insert(hit_list, r->connection->remote_ip, time(NULL)); ++ ntt_insert(hit_list, r->useragent_ip, time(NULL)); + } else { + + /* Reset our hit count list as necessary */ +@@ -205,27 +205,27 @@ + struct stat s; + FILE *file; + +- snprintf(filename, sizeof(filename), "%s/dos-%s", log_dir != NULL ? log_dir : DEFAULT_LOG_DIR, r->connection->remote_ip); ++ snprintf(filename, sizeof(filename), "%s/dos-%s", log_dir != NULL ? log_dir : DEFAULT_LOG_DIR, r->useragent_ip); + if (stat(filename, &s)) { + file = fopen(filename, "w"); + if (file != NULL) { + fprintf(file, "%ld\n", getpid()); + fclose(file); + +- LOG(LOG_ALERT, "Blacklisting address %s: possible DoS attack.", r->connection->remote_ip); ++ LOG(LOG_ALERT, "Blacklisting address %s: possible DoS attack.", r->useragent_ip); + if (email_notify != NULL) { + snprintf(filename, sizeof(filename), MAILER, email_notify); + file = popen(filename, "w"); + if (file != NULL) { + fprintf(file, "To: %s\n", email_notify); +- fprintf(file, "Subject: HTTP BLACKLIST %s\n\n", r->connection->remote_ip); +- fprintf(file, "mod_evasive HTTP Blacklisted %s\n", r->connection->remote_ip); ++ fprintf(file, "Subject: HTTP BLACKLIST %s\n\n", r->useragent_ip); ++ fprintf(file, "mod_evasive HTTP Blacklisted %s\n", r->useragent_ip); + pclose(file); + } + } + + if (system_command != NULL) { +- snprintf(filename, sizeof(filename), system_command, r->connection->remote_ip); ++ snprintf(filename, sizeof(filename), system_command, r->useragent_ip); + system(filename); + } + |