Index: head/www/mod_evasive/Makefile =================================================================== --- head/www/mod_evasive/Makefile (revision 540568) +++ head/www/mod_evasive/Makefile (revision 540569) @@ -1,44 +1,45 @@ # Created by: Xavier Beaudouin # $FreeBSD$ PORTNAME= mod_evasive PORTVERSION= 1.10.1 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= www security DISTNAME= mod_evasive_${PORTVERSION} DIST_SUBDIR= apache2 MAINTAINER= kiwi@oav.net COMMENT= Apache module to try to protect the HTTP Server from DoS/DDoS attacks -USE_GITHUB= yes -GH_ACCOUNT= jzdziarski -GH_TAGNAME= ad6e89f6c7d835945a7d329cc0f04adaefc3d114 - LICENSE= GPLv2 LICENSE_FILE= ${WRKSRC}/LICENSE USES= apache:2.2+ + +USE_GITHUB= yes +GH_ACCOUNT= jzdziarski +GH_TAGNAME= ad6e89f6c7d835945a7d329cc0f04adaefc3d114 + AP_FAST_BUILD= yes AP_GENPLIST= yes MODULENAME= ${PORTNAME}20 PORTDOCS= README test.pl OPTIONS_DEFINE= DOCS .include post-patch: @${REINPLACE_CMD} -e "s|/bin/mail|/usr/bin/mail|g" \ ${WRKSRC}/mod_evasive.c ${WRKSRC}/mod_evasive20.c \ ${WRKSRC}/mod_evasiveNSAPI.c .if ${APACHE_VERSION:M2.4} @${REINPLACE_CMD} -e 's/remote_ip/client_ip/g' ${WRKSRC}/mod_evasive20.c .endif post-install: @${MKDIR} ${STAGEDIR}${DOCSDIR} ${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/|} ${STAGEDIR}${DOCSDIR} .include Index: head/www/mod_evasive/files/patch-test.pl =================================================================== --- head/www/mod_evasive/files/patch-test.pl (nonexistent) +++ head/www/mod_evasive/files/patch-test.pl (revision 540569) @@ -0,0 +1,11 @@ +--- test.pl.orig 2017-02-22 02:33:36 UTC ++++ test.pl +@@ -10,7 +10,7 @@ for(0..100) { + my($SOCKET) = new IO::Socket::INET( Proto => "tcp", + PeerAddr=> "127.0.0.1:80"); + if (! defined $SOCKET) { die $!; } +- print $SOCKET "GET /?$_ HTTP/1.0\n\n"; ++ print $SOCKET "GET /?$_ HTTP/1.0\r\n\r\n"; + $response = <$SOCKET>; + print $response; + close($SOCKET); Property changes on: head/www/mod_evasive/files/patch-test.pl ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/www/mod_evasive/pkg-descr =================================================================== --- head/www/mod_evasive/pkg-descr (revision 540568) +++ head/www/mod_evasive/pkg-descr (revision 540569) @@ -1,30 +1,7 @@ mod_dosevasive is an evasive maneuvers module for Apache to provide evasive -action in the event of an HTTP DoS or DDoS attack or brute force attack. -It is also designed to be a detection and network management tool, and can be -easily configured to talk to ipchains, firewalls, routers, and etcetera. +action in the event of an HTTP DoS or DDoS attack or brute force attack. It is +also designed to be a detection and network management tool, and can be easily +configured to talk to ipchains, firewalls, routers, and etcetera. mod_dosevasive presently reports abuses via email and syslog facilities. - -Detection is performed by creating an internal dynamic hash table of IP -Addresses and URIs, and denying any single IP address from any of the -following: - - * Requesting the same page more than a few times per second - * Making more than 50 concurrent requests on the same child per second - * Making any requests while temporarily blacklisted (on a blocking list) - -This method has worked well in both single-server script attacks as well as -distributed attacks, but just like other evasive tools, is only as useful to -the point of bandwidth and processor consumption (e.g. the amount of bandwidth -and processor required to receive/process/respond to invalid requests), which -is why it's a good idea to integrate this with your firewalls and routers for -maximum protection. - -This module instantiates for each listener individually, and therefore has a -built-in cleanup mechanism and scaling capabilities. Because of this per-child -design, legitimate requests are never compromised (even from proxies and NAT -addresses) but only scripted attacks. Even a user repeatedly clicking on -'reload' should not be affected unless they do it maliciously. mod_dosevasive -is fully tweakable through the Apache configuration file, easy to incorporate -into your web server, and easy to use. WWW: https://github.com/jzdziarski/mod_evasive