[Mod-security-developers] [JIRA] Resolved: (MODSEC-323) Found another rule with the same id

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

     [ https://www.modsecurity.org/tracker/browse/MODSEC-323?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Breno Silva Pinto resolved MODSEC-323.
--------------------------------------

    Resolution: Invalid Config

Breno,

As it turns out, the duplicate ID issue may not be a defect after all.  IN the httpd.conf file was the following:

LoadModule security2_module modules/mod_security2.so
<IfModule security2_module>
    Include /usr/local/apache2/conf/crs/activated_rules/modsecurity_crs_10_setup.conf
    Include /usr/local/apache2/conf/crs/activated_rules/*.conf
</IfModule>

I changed it to...

LoadModule security2_module modules/mod_security2.so
<IfModule security2_module>
    Include /usr/local/apache2/conf/crs/activated_rules/*.conf
</IfModule>

Now it works fine.  I guess it loads the conf files in each time and considers that duplication.  Sorry about that.

Best Regards,
Mark Detrick

> Found another rule with the same id
> -----------------------------------
>
>                 Key: MODSEC-323
>                 URL: https://www.modsecurity.org/tracker/browse/MODSEC-323
>             Project: ModSecurity
>          Issue Type: Bug
>      Security Level: Normal
>          Components: Rules
>    Affects Versions: 2.7.0
>         Environment: Arch Linux 2.6.35.4-rscloud #8 SMP Mon Sep 20 15:54:33 UTC 2010 x86_64 Quad-Core AMD Opteron(tm) Processor 2374 HE AuthenticAMD GNU/Linux.  Apache2 2.4.2.
>            Reporter: Mark Detrick
>            Assignee: Breno Silva Pinto
>             Fix For: 2.7.0
>
>         Attachments: crs2.2.5_rules_modsec2.7.0-bug323.tar.gz
>
>
> After due diligence to ensure that there are no duplicate id numbers in any modsecure conf file, the error: "Found another rule with the same id" continues to terminate apachectl.
> Screen output:
> [root@Dev1 activated_rules]# apachectl -t
> AH00526: Syntax error on line 29 of /usr/local/apache2/conf/crs/activated_rules/modsecurity_crs_10_setup.conf:
> Found another rule with the same id
> Line 29 is as follows:
> SecRule REQBODY_ERROR "!@eq 0" \
> "id:123486,phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2"
> If I remove the id number then I get an error saying I need an action id number.  No matter what number I enter into this SecRule the error is the same.  If I enclose the number in as such: "id:'444555', ..." it makes no difference with or without the single quotes.  There is currently no way to use both modsecure and apache2 at the same time with this bug.  Versions prior to 2.7.0 are also not usable for other reasons.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira