Re: [Mod-security-developers] Do not work with 2.6.0
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [Mod-security-developers] Do not work with 2.6.0
|
From: Breno S. <bre...@gm...> - 2011-06-03 20:59:47
|
Also .. please make sure you are compiling and using the same APR version in your apache and modsecurity. Your bucket is an EOS but APR_BUCKET_IS_EOF appears to be not recognizing it. So my first idea is something wrong with APR... maybe different compiled and linked versions used in apache and modsecurity. Check it please .. and send your log and conf. thanks Breno On Fri, Jun 3, 2011 at 3:54 PM, Breno Silva <bre...@gm...> wrote: > Hi, > > Could you send your error.log and your main conf file ? > > thanks > > Breno > > > On Fri, Jun 3, 2011 at 9:04 AM, momo-i <web...@mo...> wrote: > >> Hi all, >> >> # first, my native language is japanese. >> # I'm not so good at English, may be difficult to read, please forgive me. >> >> I have searched for on Google, I could not find a similar case, so send >> to mailing list for the first time. >> Please forgive become long ones. >> >> (1) I have compiled 2.6.0 yesterday, If configured SecResponseBodyAccess >> to On, IE displays the error. >> (2) And generating post traffic on Drupal(7.2), >> httpd is an abnormally high CPU. >> I tried httpd 2.2.17-19, and the results were all the same. >> I also tried 2.5.13 with the same settings, no problem. >> >> (1) >> Set to debug level 9 and using telnet command. >> Using modsecurity-crs_2.2.0 and modsecurity.conf-recommended >> --- >> # telnet localhost 80 >> Trying 127.0.0.1... >> Connected to localhost. >> Escape character is '^]'. >> GET / HTTP/1.0 >> Host: localhost >> >> Connection closed by foreign host. >> --- >> >> debug.log >> http://ja.pastebin.ca/2074112 >> >> I think that the reason for this result is always returned null. >> "APR_BUCKET_IS_EOS(bucket)" >> >> And, for testing, comment out the following line, this issue is resolved. >> http://ja.pastebin.ca/2074116 >> >> However, I am so familiar with Apache modules, whether or not I would >> not know this is a permanent solution. >> >> apache2/apache2_io.c line: 862 >> --- >> if (msr->of_done_reading == 0) { >> /* We are done for now. We will be called again with more >> data. */ >> return APR_SUCCESS; >> } >> --- >> >> (2) >> Also, using drupal(7.2) POST, loops following line... >> (25 million lines per second) >> [03/Jun/2011:22:47:18 +0900] >> [localhost/sid#2538b78][rid#7f341c002970][/][9] Input filter: Bucket >> type EOS contains 0 bytes. >> http://ja.pastebin.ca/2074118 >> >> --- >> POST / HTTP/1.1 >> Accept: text/html, application/xhtml+xml, */* >> Referer: http://localhost/ >> Accept-Language: ja-JP >> User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; >> Trident/5.0) >> Content-Type: application/x-www-form-urlencoded >> Accept-Encoding: gzip, deflate >> Host: localhost >> Content-Length: 133 >> Connection: Keep-Alive >> Cache-Control: no-cache >> --- >> >> here is httpd version. >> --- >> # /opt/apache2/bin/httpd -V >> Server version: Apache/2.2.19 (Unix) >> Server built: Jun 3 2011 10:01:37 >> Server's Module Magic Number: 20051115:28 >> Server loaded: APR 1.4.5, APR-Util 1.3.12 >> Compiled using: APR 1.4.5, APR-Util 1.3.12 >> Architecture: 64-bit >> Server MPM: Worker >> threaded: yes (fixed thread count) >> forked: yes (variable process count) >> Server compiled with.... >> -D APACHE_MPM_DIR="server/mpm/worker" >> -D APR_HAS_SENDFILE >> -D APR_HAS_MMAP >> -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) >> -D APR_USE_SYSVSEM_SERIALIZE >> -D APR_USE_PTHREAD_SERIALIZE >> -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT >> -D APR_HAS_OTHER_CHILD >> -D AP_HAVE_RELIABLE_PIPED_LOGS >> -D DYNAMIC_MODULE_LIMIT=128 >> -D HTTPD_ROOT="/opt/apache2" >> -D SUEXEC_BIN="/opt/apache2/bin/suexec" >> -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" >> -D DEFAULT_ERRORLOG="logs/error_log" >> -D AP_TYPES_CONFIG_FILE="conf/mime.types" >> -D SERVER_CONFIG_FILE="conf/httpd.conf" >> --- >> >> 2.6.0 compile option >> ------------------------ >> LUA_SONAMES=so ./configure --prefix=/opt/apache2/modsec >> --with-apxs=/opt/apache2/bin/apxs >> ------------------------ >> >> Thank you for your kind cooperation. >> Regards, >> momo-i. >> >> >> ------------------------------------------------------------------------------ >> Simplify data backup and recovery for your virtual environment with >> vRanger. >> Installation's a snap, and flexible recovery options mean your data is >> safe, >> secure and there when you need it. Discover what all the cheering's about. >> Get your free trial download today. >> http://p.sf.net/sfu/quest-dev2dev2 >> _______________________________________________ >> mod-security-developers mailing list >> mod...@li... >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers >> ModSecurity Services from Trustwave's SpiderLabs: >> https://www.trustwave.com/spiderLabs.php >> > > |
