mod-security-developers Mailing List for ModSecurity (Page 24)
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
mod-security-developers — Development discussion about mod_security
You can subscribe to this list here.
| 2006 |
Jan
(1) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(8) |
Aug
(2) |
Sep
(1) |
Oct
|
Nov
(1) |
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2009 |
Jan
(1) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(9) |
Sep
|
Oct
(1) |
Nov
|
Dec
(3) |
| 2010 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(2) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2011 |
Jan
|
Feb
(12) |
Mar
(42) |
Apr
(68) |
May
(30) |
Jun
(50) |
Jul
(17) |
Aug
(3) |
Sep
(5) |
Oct
(7) |
Nov
(3) |
Dec
(4) |
| 2012 |
Jan
(11) |
Feb
(11) |
Mar
(37) |
Apr
|
May
(21) |
Jun
(21) |
Jul
(12) |
Aug
(41) |
Sep
(19) |
Oct
(31) |
Nov
(24) |
Dec
(10) |
| 2013 |
Jan
(12) |
Feb
(18) |
Mar
(3) |
Apr
(8) |
May
(35) |
Jun
(5) |
Jul
(38) |
Aug
(5) |
Sep
(2) |
Oct
(4) |
Nov
(11) |
Dec
(6) |
| 2014 |
Jan
(3) |
Feb
(12) |
Mar
(11) |
Apr
(18) |
May
(2) |
Jun
(1) |
Jul
(11) |
Aug
(5) |
Sep
|
Oct
(15) |
Nov
(13) |
Dec
(9) |
| 2015 |
Jan
(2) |
Feb
(8) |
Mar
(7) |
Apr
(3) |
May
|
Jun
(1) |
Jul
(1) |
Aug
(1) |
Sep
(11) |
Oct
(14) |
Nov
(4) |
Dec
(1) |
| 2016 |
Jan
(11) |
Feb
(19) |
Mar
(20) |
Apr
(6) |
May
(3) |
Jun
(17) |
Jul
(5) |
Aug
|
Sep
(7) |
Oct
(2) |
Nov
(2) |
Dec
(12) |
| 2017 |
Jan
(4) |
Feb
(1) |
Mar
(1) |
Apr
|
May
|
Jun
|
Jul
(1) |
Aug
|
Sep
(3) |
Oct
(1) |
Nov
|
Dec
(15) |
| 2018 |
Jan
(13) |
Feb
(2) |
Mar
(14) |
Apr
(9) |
May
|
Jun
(6) |
Jul
(3) |
Aug
(1) |
Sep
(3) |
Oct
|
Nov
(13) |
Dec
(1) |
| 2019 |
Jan
(2) |
Feb
(9) |
Mar
(28) |
Apr
(4) |
May
(2) |
Jun
|
Jul
|
Aug
|
Sep
(4) |
Oct
|
Nov
|
Dec
(2) |
| 2020 |
Jan
(1) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
| 2021 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(2) |
Jul
(3) |
Aug
|
Sep
(4) |
Oct
|
Nov
|
Dec
|
| 2022 |
Jan
|
Feb
(10) |
Mar
(3) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2024 |
Jan
(1) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(4) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Breno S. P. (JIRA) <no...@mo...> - 2012-12-19 11:50:24
|
[ https://www.modsecurity.org/tracker/browse/MODSEC-364?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Breno Silva Pinto resolved MODSEC-364.
--------------------------------------
Resolution: Fixed
> Modsecurity displaying wrong IP Address in Apache 2.4 (as backend) error log
> ----------------------------------------------------------------------------
>
> Key: MODSEC-364
> URL: https://www.modsecurity.org/tracker/browse/MODSEC-364
> Project: ModSecurity
> Issue Type: Bug
> Security Level: Normal
> Components: Logging
> Affects Versions: 2.7.0, 2.7.1
> Environment: CentOS 5.8 x86, HTTPD 2.4.3
> Reporter: Aditya W
> Assignee: Breno Silva Pinto
> Labels: 2.4.x, httpd
> Fix For: 2.7.2
>
>
> Tested on Apache 2.4.3 with ModSecurity 2.7.0 (first) and then 2.7.1. Both of them displaying wrong ip address, it should display 192.168.11.1 not 127.0.0.1 or 192.168.11.2
> Apache configuration:
> 1. mod_remoteip enabled
> 2. logformat parameter has been changed to %a instead of the default %h so Apache can put the correct ip address in the logfile
> First Test using this configuration:
> ====================================
> RemoteIPHeader X-Remote-Addr
> RemoteIPInternalProxy 127.0.0.1
> RemoteIPInternalProxy 192.168.11.2
> Access Log
> ----------
> 192.168.11.1 - - [06/Dec/2012:14:49:48 +0700] "GET /test.html?i=%3Cscript%3Etest HTTP/1.1" 403 211 "http://www.domain-1.lan" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/17.0 Firefox/17.0"
> * Correct IP Address
> Modsecurity Audit Log
> ---------------------
> --aae1f609-A--
> [06/Dec/2012:15:08:59 +0700] UMBSm8CoCwIAABTYwcQAAABA 192.168.11.2 48573 192.168.11.2 82
> --aae1f609-B--
> GET /test.html?i=%3Cscript%3Etest HTTP/1.1
> Host: www.domain-1.lan
> Connection: close
> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/17.0 Firefox/17.0
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> Accept-Language: en-US,en;q=0.5
> Accept-Encoding: gzip, deflate
> Referer: http://www.domain-1.lan/
> * Wrong IP Address
> Apache Error Log by Modsecurity
> -------------------------
> [Thu Dec 06 14:59:43.263020 2012] [:error] [pid 5160:tid 3025914768] [client 127.0.0.1] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*?)([\\\\d\\\\w]++)([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*?)(?:(?:=|<=>|r?like|sounds\\\\s+like|regexp)([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*?)\\\\2|(?:!=|<=|>=|<>|<|>|\\\\^|is\\\\s+not|not\\\\ ..." at ARGS:i. [file "/usr/local/custom-apps/httpd/apache-2.4/conf/custom/modsec-rules/crs/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "77"] [id "950901"] [rev "2"] [msg "SQL Injection Attack: SQL Tautology Detected."] [data "Matched Data: script>test found within ARGS:i: <script>test"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.6"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "www.domain-1.lan"] [uri "/test.html"] [unique_id "UMBQb8CoCwIAABQoXmwAAADA"]
> [Thu Dec 06 15:04:01.802295 2012] [:error] [pid 5264:tid 3025914768] [client 192.168.11.2] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*?)([\\\\d\\\\w]++)([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*?)(?:(?:=|<=>|r?like|sounds\\\\s+like|regexp)([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*?)\\\\2|(?:!=|<=|>=|<>|<|>|\\\\^|is\\\\s+not|not\\\\ ..." at ARGS:i. [file "/usr/local/custom-apps/httpd/apache-2.4/conf/custom/modsec-rules/crs/base_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "77"] [id "950901"] [rev "2"] [msg "SQL Injection Attack: SQL Tautology Detected."] [data "Matched Data: script>test found within ARGS:i: <script>test"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.6"] [maturity "9"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "www.domain-1.lan"] [uri "/test.html"] [unique_id "UMBRccCoCwIAABSQ1YsAAADA"]
> Both of them are displaying wrong ip address it should be 192.168.11.1
> Forcing Apache to generate error log
> ----------------------------
> [Thu Dec 06 14:54:56.483077 2012] [core:alert] [pid 4439:tid 3025914768] [client 192.168.11.1:39711] /home/user-1/public_html/.htaccess: Invalid command 'aaa', perhaps misspelled or defined by a module not included in the server configuration, referer: http://www.domain-1.lan
> * Correct IP Address
> Second test using this configuration
> ====================================
> RemoteIPHeader X-Remote-Addr
> RemoteIPTrustedProxy 127.0.0.1
> RemoteIPTrustedProxy 192.168.11.2
> Note: i think the correct way in this case / if it's in the same machine is using RemoteIPInternalProxy because according to https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html
> Unlike the RemoteIPInternalProxy directive, any intranet or private IP address reported by such proxies, including the 10/8, 172.16/12, 192.168/16, 169.254/16 and 127/8 blocks (or outside of the IPv6 public 2000::/3 block) are not trusted as the useragent IP, and are left in the RemoteIPHeader header's value
> Access log
> ----------
> 192.168.11.2 - - [06/Dec/2012:15:54:38 +0700] "GET /test.html?i=%3Cscript%3Etest HTTP/1.1" 403 211 "http://www.domain-1.lan/" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/17.0 Firefox/17.0"
> * Wrong IP Address, i believe because of the reason i stated above but i could be wrong though
> Modsecurity Audit Log
> ---------------------
> --17d7e23e-A--
> [06/Dec/2012:15:54:38 +0700] UMBdTsCoCwIAABq@pdYAAADC 192.168.11.2 48598 192.168.11.2 82
> --17d7e23e-B--
> GET /test.html?i=%3Cscript%3Etest HTTP/1.1
> Host: www.domain-1.lan
> X-Remote-Addr: 192.168.11.1
> Connection: close
> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/17.0 Firefox/17.0
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> Accept-Language: en-US,en;q=0.5
> Accept-Encoding: gzip, deflate
> Referer: http://www.domain-1.lan/
> * Wrong IP Address but displaying the X-Remote-Addr specified on Apache config
> Forcing Apache to generate error log
> ----------------------------
> [Thu Dec 06 16:03:28.518751 2012] [core:alert] [pid 7077:tid 3025914768] [client 192.168.11.2:48604] /home/user-1/public_html/.htaccess: Invalid command 'aaa', perhaps misspelled or defined by a module not included in the server configuration, referer: http://www.domain-1.lan/
> * Wrong IP Address
> And i believe that's all, i'm sorry for a long post because i try to give as much info as i can
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
|
From: Breno S. P. (JIRA) <no...@mo...> - 2012-12-14 17:44:18
|
[ https://www.modsecurity.org/tracker/browse/MODSEC-350?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Breno Silva Pinto resolved MODSEC-350.
--------------------------------------
Fix Version/s: 2.7.2
Resolution: Fixed
> ModSecurityIIS:Outbound protections are not working
> ---------------------------------------------------
>
> Key: MODSEC-350
> URL: https://www.modsecurity.org/tracker/browse/MODSEC-350
> Project: ModSecurity
> Issue Type: Bug
> Security Level: Normal
> Components: Core
> Affects Versions: 2.7.0
> Environment: Server:IIS8 on Windows Server 2012
> Test Client: Wfetch on Windows Server 2008 R2
> Reporter: akurmi
> Assignee: Breno Silva Pinto
> Labels: IIS, ModSecurityIIS
> Fix For: 2.7.2
>
> Attachments: conf1.zip
>
>
> Here are the modsecurity rules:
> # Weblogic information disclosure
> SecRule RESPONSE_STATUS "^500$" "phase:4,rev:'2',ver:'OWASP_CRS/2.2.6',maturity:'9',accuracy:'9',chain,t:none,capture,ctl:auditLogParts=+E,block,msg:'WebLogic information disclosure',logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}',id:'970021',severity:'3'"
> SecRule RESPONSE_BODY "<title>JSP compile error<\/title>" "t:none,capture,setvar:'tx.msg=%{rule.msg}',setvar:tx.outbound_anomaly_score=+%{tx.error_anomaly_score},setvar:tx.anomaly_score=+%{tx.error_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/LEAKAGE/ERRORS-%{matched_var_name}=%{tx.0}"
> output from ModSecurityIIS:
> REQUEST: **************\nGET /testserver.aspx HTTP/1.1\r\n
> Response-Status: 500 Internal Server Error\r\n
> Response-Content: <title>JSP compile error</title>\r\n
> Host: iis-e111s\r\n
> Accept: */*\r\n
> \r\n
> RESPONSE: **************\nHTTP/1.1 500 Internal Server Error\r\n
> Cache-Control: private\r\n
> Content-Type: text/html; charset=utf-8\r\n
> Server: Microsoft-IIS/8.0\r\n
> X-AspNet-Version: 2.0.50727\r\n
> X-Powered-By: ASP.NET\r\n
> Date: Wed, 24 Oct 2012 05:29:52 GMT\r\n
> Content-Length: 3026\r\n
> \r\n
> <html>\r\n
> <head>\r\n
> <title>Runtime Error</title>\r\n
> <style>\r\n
> body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;} \r\n
> p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}\r\n
> b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}\r\n
> H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }\r\n
> H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }\r\n
> pre {font-family:"Lucida Console";font-size: .9em}\r\n
> .marker {font-weight: bold; color: black;text-decoration: none;}\r\n
> .version {color: gray;}\r\n
> .error {margin-bottom: 10px;}\r\n
> .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }\r\n
> </style>\r\n
> </head>\r\n
> \r\n
> <body bgcolor="white">\r\n
> \r\n
> <span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>\r\n
> \r\n
> <h2> <i>Runtime Error</i> </h2></span>\r\n
> \r\n
> <font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">\r\n
> \r\n
> <b> Description: </b>An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.\r\n
> <br><br>\r\n
> \r\n
> <b>Details:</b> To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".<br><br>\r\n
> \r\n
> <table width=100% bgcolor="#ffffcc">\r\n
> <tr>\r\n
> <td>\r\n
> <code><pre>\r\n
> \r\n
> <!-- Web.Config Configuration File -->\r\n
> \r\n
> <configuration>\r\n
> <system.web>\r\n
> <customErrors mode="Off"/>\r\n
> </system.web>\r\n
> </configuration></pre></code>\r\n
> \r\n
> </td>\r\n
> </tr>\r\n
> </table>\r\n
> \r\n
> <br>\r\n
> \r\n
> <b>Notes:</b> The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.<br><br>\r\n
> \r\n
> <table width=100% bgcolor="#ffffcc">\r\n
> <tr>\r\n
> <td>\r\n
> <code><pre>\r\n
> \r\n
> <!-- Web.Config Configuration File -->\r\n
> \r\n
> <configuration>\r\n
> <system.web>\r\n
> <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>\r\n
> </system.web>\r\n
> </configuration></pre></code>\r\n
> \r\n
> </td>\r\n
> </tr>\r\n
> </table>\r\n
> \r\n
> <br>\r\n
> \r\n
> </body>\r\n
> </html>\r\n
> finished.
> # The application is not available
> SecRule RESPONSE_STATUS "^5\d{2}$" "phase:4,rev:'2',ver:'OWASP_CRS/2.2.6',maturity:'9',accuracy:'9',t:none,capture,ctl:auditLogParts=+E,block,msg:'The application is not available',logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}',id:'970901',tag:'WASCTC/WASC-13',tag:'OWASP_TOP_10/A6',tag:'PCI/6.5.6',severity:'3',setvar:'tx.msg=%{rule.msg}',setvar:tx.outbound_anomaly_score=+%{tx.error_anomaly_score},setvar:tx.anomaly_score=+%{tx.error_anomaly_score},setvar:tx.%{rule.id}-AVAILABILITY/APP_NOT_AVAIL-%{matched_var_name}=%{tx.0}"
> SecRule RESPONSE_BODY "(?:Microsoft OLE DB Provider for SQL Server(?:<\/font>.{1,20}?error '800(?:04005|40e31)'.{1,40}?Timeout expired| \(0x80040e31\)<br>Timeout expired<br>)|<h1>internal server error<\/h1>.*?<h2>part of the server has crashed or it has a configuration error\.<\/h2>|cannot connect to the server: timed out)" \
> "phase:4,rev:'2',ver:'OWASP_CRS/2.2.6',maturity:'9',accuracy:'9',t:none,capture,ctl:auditLogParts=+E,block,msg:'The application is not available',logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}',id:'970118',tag:'WASCTC/WASC-13',tag:'OWASP_TOP_10/A6',tag:'PCI/6.5.6',severity:'3',setvar:'tx.msg=%{rule.msg}',setvar:tx.outbound_anomaly_score=+%{tx.error_anomaly_score},setvar:tx.anomaly_score=+%{tx.error_anomaly_score},setvar:tx.%{rule.id}-AVAILABILITY/APP_NOT_AVAIL-%{matched_var_name}=%{tx.0}"
> Response from ModSecurityIIS:
> REQUEST: **************\nGET /testserver.aspx HTTP/1.1\r\n
> Response-Status: 500 Internal Server Error\r\n
> Response-Content: <title>Microsoft OLE DB Provider for SQL Server</title>\r\n
> Host: iis-e111s\r\n
> Accept: */*\r\n
> \r\n
> RESPONSE: **************\nHTTP/1.1 500 Internal Server Error\r\n
> Cache-Control: private\r\n
> Content-Type: text/html; charset=utf-8\r\n
> Server: Microsoft-IIS/8.0\r\n
> X-AspNet-Version: 2.0.50727\r\n
> X-Powered-By: ASP.NET\r\n
> Date: Wed, 24 Oct 2012 05:31:36 GMT\r\n
> Content-Length: 3026\r\n
> \r\n
> <html>\r\n
> <head>\r\n
> <title>Runtime Error</title>\r\n
> <style>\r\n
> body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;} \r\n
> p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}\r\n
> b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}\r\n
> H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }\r\n
> H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }\r\n
> pre {font-family:"Lucida Console";font-size: .9em}\r\n
> .marker {font-weight: bold; color: black;text-decoration: none;}\r\n
> .version {color: gray;}\r\n
> .error {margin-bottom: 10px;}\r\n
> .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }\r\n
> </style>\r\n
> </head>\r\n
> \r\n
> <body bgcolor="white">\r\n
> \r\n
> <span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>\r\n
> \r\n
> <h2> <i>Runtime Error</i> </h2></span>\r\n
> \r\n
> <font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">\r\n
> \r\n
> <b> Description: </b>An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.\r\n
> <br><br>\r\n
> \r\n
> <b>Details:</b> To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".<br><br>\r\n
> \r\n
> <table width=100% bgcolor="#ffffcc">\r\n
> <tr>\r\n
> <td>\r\n
> <code><pre>\r\n
> \r\n
> <!-- Web.Config Configuration File -->\r\n
> \r\n
> <configuration>\r\n
> <system.web>\r\n
> <customErrors mode="Off"/>\r\n
> </system.web>\r\n
> </configuration></pre></code>\r\n
> \r\n
> </td>\r\n
> </tr>\r\n
> </table>\r\n
> \r\n
> <br>\r\n
> \r\n
> <b>Notes:</b> The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.<br><br>\r\n
> \r\n
> <table width=100% bgcolor="#ffffcc">\r\n
> <tr>\r\n
> <td>\r\n
> <code><pre>\r\n
> \r\n
> <!-- Web.Config Configuration File -->\r\n
> \r\n
> <configuration>\r\n
> <system.web>\r\n
> <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>\r\n
> </system.web>\r\n
> </configuration></pre></code>\r\n
> \r\n
> </td>\r\n
> </tr>\r\n
> </table>\r\n
> \r\n
> <br>\r\n
> \r\n
> </body>\r\n
> </html>\r\n
> finished.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
|
From: Breno S. P. (JIRA) <no...@mo...> - 2012-12-14 17:44:18
|
[ https://www.modsecurity.org/tracker/browse/MODSEC-349?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Breno Silva Pinto resolved MODSEC-349.
--------------------------------------
Fix Version/s: 2.7.2
Resolution: Fixed
> ModSecurityIIS: Request limit protections are not working
> ---------------------------------------------------------
>
> Key: MODSEC-349
> URL: https://www.modsecurity.org/tracker/browse/MODSEC-349
> Project: ModSecurity
> Issue Type: Bug
> Security Level: Normal
> Components: Core
> Affects Versions: 2.7.0
> Environment: Server:IIS8 on Windows Server 2012
> Test Client: WCAT on Windows Server 2008 R2
> Reporter: akurmi
> Assignee: Breno Silva Pinto
> Labels: IIS, ModsecurityIIS
> Fix For: 2.7.2
>
> Attachments: conf1.zip, RequestLimits.ubr
>
>
> The server returns 200 instead of 403 for the WCAT requests attached in the bug.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
|
From: Breno S. P. (JIRA) <no...@mo...> - 2012-12-14 17:44:17
|
[ https://www.modsecurity.org/tracker/browse/MODSEC-344?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Breno Silva Pinto resolved MODSEC-344.
--------------------------------------
Fix Version/s: 2.7.2
Resolution: Fixed
> ModSecurityIIS: HTTP Request Smuggling protection does not work
> ---------------------------------------------------------------
>
> Key: MODSEC-344
> URL: https://www.modsecurity.org/tracker/browse/MODSEC-344
> Project: ModSecurity
> Issue Type: Bug
> Security Level: Normal
> Affects Versions: 2.7.0
> Environment: Server: IIS 7 on Windows Server 2008 R2
> Test Client: WCAT on Windows Server 2008 R2
> Reporter: akurmi
> Assignee: Breno Silva Pinto
> Labels: IIS, ModSecurityIIS
> Fix For: 2.7.2
>
> Attachments: conf1.zip
>
>
> ModSecurity configuration file:
> #
> # HTTP Request Smuggling
> #
> # -=[ Rule Logic ]=-
> # This rule looks for a comma character in either the Content-Length or Transfer-Encoding
> # request headers. This character would indicate that there were more than one request header
> # with this same name. In these instances, Apache treats the data in a similar manner as
> # multiple cookie values.
> #
> # -=[ References ]=-
> # http://projects.webappsec.org/HTTP-Request-Smuggling
> # http://article.gmane.org/gmane.comp.apache.mod-security.user/3299
> #
> SecRule REQUEST_HEADERS:'/(Content-Length|Transfer-Encoding)/' "," "phase:1,rev:'2',ver:'OWASP_CRS/2.2.6',maturity:'9',accuracy:'9',t:none,capture,block,msg:'HTTP Request Smuggling Attack.',id:'950012',tag:'OWASP_CRS/WEB_ATTACK/REQUEST_SMUGGLING',tag:'WASCTC/WASC-26',tag:'OWASP_TOP_10/A1',tag:'PCI/6.5.2',severity:'2',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/WEB_ATTACK/REQUEST_SMUGGLING-%{matched_var_name}=%{tx.0}"
> WCAT Scenario:
> transaction
> {
> id = "HTTP Request Smuggling (950012) 2";
> weight = 100;
> request
> {
> addheader
> {
> name = "Content-Length";
> value = "3";
> }
> addheader
> {
> name = "Content-Length";
> value = "3";
> }
> url = "/default.aspx";
> statuscode= 403;
> port = 8080;
> verb = POST;
> postdata = "abc";
> }
> close
> {
> method = ka;
> }
> }
> It returns 405 instead of 403.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
|
From: Breno S. P. (JIRA) <no...@mo...> - 2012-12-14 17:44:16
|
[ https://www.modsecurity.org/tracker/browse/MODSEC-346?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Breno Silva Pinto resolved MODSEC-346.
--------------------------------------
Fix Version/s: 2.7.2
Resolution: Fixed
> ModSecurityIIS: PHP Injection Attack (958976) protection does not work
> ----------------------------------------------------------------------
>
> Key: MODSEC-346
> URL: https://www.modsecurity.org/tracker/browse/MODSEC-346
> Project: ModSecurity
> Issue Type: Bug
> Security Level: Normal
> Components: Core
> Affects Versions: 2.7.0
> Environment: Server:IIS8 on Windows Server 2012
> Test Client: WCAT on Windows Server 2008 R2
> Reporter: akurmi
> Assignee: Breno Silva Pinto
> Labels: IIS, ModSecurityIIS
> Fix For: 2.7.2
>
> Attachments: conf1.zip
>
>
> ModSecurity rule set:
> #
> # PHP injection
> #
>
> SecRule REQUEST_COOKIES|!REQUEST_COOKIES:/__utm/|REQUEST_COOKIES_NAMES|ARGS_NAMES|ARGS|XML:/* "<\?(?!xml)" \
> "phase:2,rev:'2',ver:'OWASP_CRS/2.2.6',maturity:'9',accuracy:'9',capture,t:none,t:htmlEntityDecode,t:compressWhitespace,t:lowercase,ctl:auditLogParts=+E,block,msg:'PHP Injection Attack',id:'959151',severity:'2',tag:'OWASP_CRS/WEB_ATTACK/PHP_INJECTION',tag:'WASCTC/WASC-15',tag:'OWASP_TOP_10/A6',tag:'PCI/6.5.2',tag:'WASCTC/WASC-25',tag:'OWASP_TOP_10/A1',tag:'OWASP_AppSensor/CIE4',tag:'PCI/6.5.2',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/WEB_ATTACK/PHP_INJECTION-%{matched_var_name}=%{tx.0}"
>
> SecRule REQUEST_COOKIES|!REQUEST_COOKIES:/__utm/|REQUEST_COOKIES_NAMES|ARGS_NAMES|ARGS|XML:/* "(?i)(?:\b(?:f(?:tp_(?:nb_)?f?(?:ge|pu)t|get(?:s?s|c)|scanf|write|open|read)|gz(?:(?:encod|writ)e|compress|open|read)|s(?:ession_start|candir)|read(?:(?:gz)?file|dir)|move_uploaded_file|(?:proc_|bz)open|call_user_func)|\$_(?:(?:pos|ge)t|session))\b" \
> "phase:2,rev:'2',ver:'OWASP_CRS/2.2.6',maturity:'9',accuracy:'9',capture,t:none,ctl:auditLogParts=+E,block,msg:'PHP Injection Attack',id:'958976',tag:'OWASP_CRS/WEB_ATTACK/PHP_INJECTION',tag:'WASCTC/WASC-15',tag:'OWASP_TOP_10/A6',tag:'PCI/6.5.2',tag:'WASCTC/WASC-25',tag:'OWASP_TOP_10/A1',tag:'OWASP_AppSensor/CIE4',tag:'PCI/6.5.2',logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}',severity:'2',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/WEB_ATTACK/PHP_INJECTION-%{matched_var_name}=%{tx.0}"
> WCAT Scenario:
> transaction
> {
> id = "PHP Injection Attack (958976) 1";
> weight = 100;
> request
> {
> setheader
> {
> name = "Content-Length";
> value = "1127";
> }
> url = "/default.aspx";
> statuscode= 403;
> port = 8080;
> verb = POST;
> postdata = "body=%20%20if%20(!function_exists(%22fs_copy_dir%22))%20%7B%0A%20%20%20%20function%20fs_copy_dir(%24d%2C%24t)%20%7B%0A%20%20%20%20%20%20%24d%20%3D%20str_replace(%22%5C%5C%22%2CDIRECTORY_SEPARATOR%2C%24d)%3B%0A%20%20%20%20%20%20if%20(substr(%24d%2C-1)%20!%3D%20DIRECTORY_SEPARATOR)%20%7B%24d%20.%3D%20DIRECTORY_SEPARATOR%3B%7D%0A%20%20%20%20%20%20%24h%20%3D%20opendir(%24d)%3B%0A%20%20%20%20%20%20while%20((%24o%20%3D%20readdir(%24h))%20!%3D%3D%20FALSE)%20%7B%0A%20%20%20%20%20%20%20%20if%20((%24o%20!%3D%20%22.%22)%20and%20(%24o%20!%3D%20%22..%22))%20%7B%0A%20%20%20%20%20%20%20%20%20%20if%20(!is_dir(%24d.DIRECTORY_SEPARATOR.%24o))%20%7B%24ret%20%3D%20copy(%24d.DIRECTORY_SEPARATOR.%24o%2C%24t.DIRECTORY_SEPARATOR.%24o)%3B%7D%0A%20%20%20%20%20%20%20%20%20%20else%20%7B%24ret%20%3D%20mkdir(%24t.DIRECTORY_SEPARATOR.%24o)%3B%20fs_copy_dir(%24d.DIRECTORY_SEPARATOR.%24o%2C%24t.DIRECTORY_SEPARATOR.%24o)%3B%7D%0A%20%20%20%20%20%20%20%20%20%20if%20(!%24ret)%20%7Breturn%20%24ret%3B%7D%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20closedir(%24h)%3B%0A%20%20%20%20%20%20return%20TRUE%3B%0A%20%20%20%20%7D";
> }
> close
> {
> method = ka;
> }
> }
> Web server returns 200 instead of 403.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
|
From: Greg W. <gwr...@ho...> - 2012-12-14 08:10:03
|
That is a weird result. Nginx version is certainly not ready for performance testing, but perhaps what is showing here is Apache's superior extensibility model. I would repeat the test with 10 simple header-only rules, that would tell us more what's going on. Greg > Date: Thu, 6 Dec 2012 14:47:24 +0800 > From: "Tan Feng" <ta...@le...> > Subject: [Mod-security-developers] nginx+modsecurity performance issue > To: <mod...@li...> > Message-ID: <002901cdd37d$8c90e050$a5b2a0f0$@leadsec.com.cn> > Content-Type: text/plain; charset="us-ascii" > > > > We just had a simple throughput test for modsecurity comparing between > Apache and Nginx, > > the result is as following, which is frustrate me much and hard to explain: > > > > > > Apache+modsecurity(engine enabled with *empty* rules) : 517Mbps > > > > > > Nginx+modsecurity(engine enabled with *empty* rules) : 131Mbps > > > > (Both are conducted with Avalanche box with a big web page of 32kB, working > in exactly the same reverse proxy mode) > > > > > > Anyone can tell me why Nginx+modsecurity has a so poor performance? > > (When modsecuriyty engine is disabled, Nginx will outperform Apache much > much) > > > > > > > > > > Felix Tan |
|
From: Breno S. <bre...@gm...> - 2012-12-10 19:42:34
|
Hello everybody, Not sure if someone here has some experience using apr atomic operations. Anybody can provide information about performance of apr atomic operations ? Thanks Breno |
|
From: Breno S. P. (JIRA) <no...@mo...> - 2012-12-10 18:49:02
|
[ https://www.modsecurity.org/tracker/browse/MODSEC-360?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Breno Silva Pinto resolved MODSEC-360.
--------------------------------------
Resolution: Fixed
> mod_security 2.7.1 can't be built on FreeBSD
> --------------------------------------------
>
> Key: MODSEC-360
> URL: https://www.modsecurity.org/tracker/browse/MODSEC-360
> Project: ModSecurity
> Issue Type: Bug
> Security Level: Normal
> Components: Build System
> Affects Versions: 2.7.1
> Environment: FreeBSD 7, FreeBSD 8
> Reporter: Alexey Dushechkin
> Assignee: Breno Silva Pinto
> Fix For: 2.7.2
>
>
> New apache2/Makefile.in, apache2/Makefile.am files contain "install -D" command instead of "cp -p" ("install-exec-hook" target). "-D" option is not supported by FreeBSD install, so mod_security can't be built there without reverting mentioned change.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
|
From: Tan F. <ta...@le...> - 2012-12-06 07:07:12
|
We just had a simple throughput test for modsecurity comparing between Apache and Nginx, the result is as following, which is frustrate me much and hard to explain: Apache+modsecurity(engine enabled with *empty* rules) : 517Mbps Nginx+modsecurity(engine enabled with *empty* rules) : 131Mbps (Both are conducted with Avalanche box with a big web page of 32kB, working in exactly the same reverse proxy mode) Anyone can tell me why Nginx+modsecurity has a so poor performance? (When modsecuriyty engine is disabled, Nginx will outperform Apache much much) Felix Tan |
|
From: Breno S. P. (JIRA) <no...@mo...> - 2012-12-05 13:54:51
|
[ https://www.modsecurity.org/tracker/browse/MODSEC-358?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Breno Silva Pinto resolved MODSEC-358.
--------------------------------------
Resolution: Fixed
> Code does not compile if IPv6 is not supported
> ----------------------------------------------
>
> Key: MODSEC-358
> URL: https://www.modsecurity.org/tracker/browse/MODSEC-358
> Project: ModSecurity
> Issue Type: Bug
> Security Level: Normal
> Components: Build System
> Affects Versions: 2.7.1
> Environment: Windows Visual C++ 6.0
> Reporter: Marc Stern
> Assignee: Breno Silva Pinto
> Fix For: 2.7.2
>
>
> When IPv6 is not supported, the compilation should not include the support for it:
> msc_util.c:
> #if APR_HAVE_IPV6
> #ifdef WIN32
> int inet_pton(int family, const char *src, void *dst) {
> re_operators.c:
> #if APR_HAVE_IPV6
> struct in6_addr in6;
> #endif
> [...]
> #if APR_HAVE_IPV6
> if (inet_pton(AF_INET6, var->value, &in6) <= 0) {
> if (msr->txcfg->debuglog_level >= 9) {
> msr_log(msr, 9, "IPmatchFromFile: bad IPv6 specification \"%s\".", var->value);
> }
> *error_msg = apr_psprintf(msr->mp, "IPmatchFromFile: bad IP specification \"%s\".", var->value);
> return 0;
> }
> if (CPTIpMatch(msr, (unsigned char *)&in6.s6_addr, rtree->ipv6_tree, IPV6_TREE) != NULL) {
> *error_msg = apr_psprintf(msr->mp, "IPmatchFromFile \"%s\" matched at %s.", var->value, var->name);
> return 1;
> }
> #endif
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
|
From: Breno S. P. (JIRA) <no...@mo...> - 2012-11-29 21:08:33
|
[ https://www.modsecurity.org/tracker/browse/MODSEC-356?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Breno Silva Pinto closed MODSEC-356.
------------------------------------
> Mod_Security: dependency incompatibility with Apache httpd 2.4.x
> ----------------------------------------------------------------
>
> Key: MODSEC-356
> URL: https://www.modsecurity.org/tracker/browse/MODSEC-356
> Project: ModSecurity
> Issue Type: Task
> Security Level: Normal
> Components: Build System
> Affects Versions: 2.7.1
> Environment: CentOS 6.3 x86-64 / Apache httpd 2.4.3
> Reporter: Jeff Kayser
> Assignee: Breno Silva Pinto
> Labels: 2.4.x, dependencies, httpd
> Fix For: 2.7.2
>
>
> Hello, mod_security developers.
> First of all, thank you for working on mod_security.
> To help with on this freely available software is really a labor of love.
> It's great to have mod_security between my web servers and the hackers out there.
> On a new installation, I am having an issue installing mod_security 2.6.7.
> My internet research indicates that I will have the same issue trying to install mod_security 2.7.1.
> I'm running CentOS 6.3 x86-64. I'm trying to use RPMs, because it the recommended approach for building software on CentOS.
> Here is my system type:
> [root@localhost APACHE]# uname -a
> Linux localhost.localdomain 2.6.32-279.11.1.el6.x86_64 #1 SMP Tue Oct 16 15:57:10 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux
> [root@localhost APACHE]# cat /etc/issue
> CentOS release 6.3 (Final)
> Kernel \r on an \m
> [root@localhost APACHE]#
> I've done an rpmbuild of Apache httpd 2.4.3, and then installed Apache httpd 2.4.3.
> When I try to install mod_security 2.6.7 RPM (from the EPEL repository), I get an error:
> [root@localhost APACHE]# yum --enablerepo=c6-testing install mod_security.x86_64
> Loaded plugins: fastestmirror, priorities, refresh-packagekit, security
> Loading mirror speeds from cached hostfile
> * base: mirror.web-ster.com
> * epel: mirrors.xmission.com
> * extras: centos.sonn.com
> * updates: centos.mirror.sea.rackd.net
> 200 packages excluded due to repository priority protections
> Setting up Install Process
> Resolving Dependencies
> --> Running transaction check
> ---> Package mod_security.x86_64 0:2.6.7-2.el6 will be installed
> --> Processing Dependency: httpd-mmn = 20051115 for package: mod_security-2.6.7-2.el6.x86_64
> --> Finished Dependency Resolution
> Error: Package: mod_security-2.6.7-2.el6.x86_64 (epel)
> Requires: httpd-mmn = 20051115
> Installed: httpd-2.4.3-1.x86_64 (installed)
> httpd-mmn = 20120211
> Available: httpd-2.2.15-15.el6.centos.1.x86_64 (base)
> httpd-mmn = 20051115
> You could try using --skip-broken to work around the problem
> You could try running: rpm -Va --nofiles --nodigest
> [root@localhost APACHE]#
> When I do internet research about it, it seems that, if I want the older version of httpd-mmn (for mod_security 2.6.7 compatibility),
> I will have to downgrade Apache httpd to version 2.2.x. Then, it would be compatible with mod_security 2.6.7.
> When I look at the package specs for mod_security 2.7.1, it looks like 2.7.1 will also be incompatible with Apache httpd 2.4.x.
> Bottom line:
> In order to install mod_security 2.6.7 or 2.7.x, you need to have Apache 2.2.x or lower.
> As far as I can tell, Apache httpd 2.4.x will not work.
> Caveat: I am not a Linux guru. Did I miss something, or do something wrong?
> Jeff Kayser
> Jibe Consulting, Inc.
> jef...@ji...
> Cell: 503-901-5021
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
|
From: Breno S. P. (JIRA) <no...@mo...> - 2012-11-29 21:08:32
|
[ https://www.modsecurity.org/tracker/browse/MODSEC-356?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Breno Silva Pinto resolved MODSEC-356.
--------------------------------------
Resolution: Not a Bug
> Mod_Security: dependency incompatibility with Apache httpd 2.4.x
> ----------------------------------------------------------------
>
> Key: MODSEC-356
> URL: https://www.modsecurity.org/tracker/browse/MODSEC-356
> Project: ModSecurity
> Issue Type: Task
> Security Level: Normal
> Components: Build System
> Affects Versions: 2.7.1
> Environment: CentOS 6.3 x86-64 / Apache httpd 2.4.3
> Reporter: Jeff Kayser
> Assignee: Breno Silva Pinto
> Labels: 2.4.x, dependencies, httpd
> Fix For: 2.7.2
>
>
> Hello, mod_security developers.
> First of all, thank you for working on mod_security.
> To help with on this freely available software is really a labor of love.
> It's great to have mod_security between my web servers and the hackers out there.
> On a new installation, I am having an issue installing mod_security 2.6.7.
> My internet research indicates that I will have the same issue trying to install mod_security 2.7.1.
> I'm running CentOS 6.3 x86-64. I'm trying to use RPMs, because it the recommended approach for building software on CentOS.
> Here is my system type:
> [root@localhost APACHE]# uname -a
> Linux localhost.localdomain 2.6.32-279.11.1.el6.x86_64 #1 SMP Tue Oct 16 15:57:10 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux
> [root@localhost APACHE]# cat /etc/issue
> CentOS release 6.3 (Final)
> Kernel \r on an \m
> [root@localhost APACHE]#
> I've done an rpmbuild of Apache httpd 2.4.3, and then installed Apache httpd 2.4.3.
> When I try to install mod_security 2.6.7 RPM (from the EPEL repository), I get an error:
> [root@localhost APACHE]# yum --enablerepo=c6-testing install mod_security.x86_64
> Loaded plugins: fastestmirror, priorities, refresh-packagekit, security
> Loading mirror speeds from cached hostfile
> * base: mirror.web-ster.com
> * epel: mirrors.xmission.com
> * extras: centos.sonn.com
> * updates: centos.mirror.sea.rackd.net
> 200 packages excluded due to repository priority protections
> Setting up Install Process
> Resolving Dependencies
> --> Running transaction check
> ---> Package mod_security.x86_64 0:2.6.7-2.el6 will be installed
> --> Processing Dependency: httpd-mmn = 20051115 for package: mod_security-2.6.7-2.el6.x86_64
> --> Finished Dependency Resolution
> Error: Package: mod_security-2.6.7-2.el6.x86_64 (epel)
> Requires: httpd-mmn = 20051115
> Installed: httpd-2.4.3-1.x86_64 (installed)
> httpd-mmn = 20120211
> Available: httpd-2.2.15-15.el6.centos.1.x86_64 (base)
> httpd-mmn = 20051115
> You could try using --skip-broken to work around the problem
> You could try running: rpm -Va --nofiles --nodigest
> [root@localhost APACHE]#
> When I do internet research about it, it seems that, if I want the older version of httpd-mmn (for mod_security 2.6.7 compatibility),
> I will have to downgrade Apache httpd to version 2.2.x. Then, it would be compatible with mod_security 2.6.7.
> When I look at the package specs for mod_security 2.7.1, it looks like 2.7.1 will also be incompatible with Apache httpd 2.4.x.
> Bottom line:
> In order to install mod_security 2.6.7 or 2.7.x, you need to have Apache 2.2.x or lower.
> As far as I can tell, Apache httpd 2.4.x will not work.
> Caveat: I am not a Linux guru. Did I miss something, or do something wrong?
> Jeff Kayser
> Jibe Consulting, Inc.
> jef...@ji...
> Cell: 503-901-5021
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
|
From: Breno S. <bre...@gm...> - 2012-11-29 15:37:42
|
Did you recompile from source ? Or install a package ?
On Thu, Nov 29, 2012 at 8:46 AM, Peter Vrabec <pv...@re...> wrote:
> Hello,
>
> On 11/27/2012 05:36 PM, Peter Vrabec wrote:
> > Hi,
> >
> > On 11/23/2012 07:19 PM, Breno Silva Pinto wrote:
> >> Hello Peter,
> >>
> >> Looks like your pcre file cannot compile a specific regex. What is your
> >> libpcre version ?
> >>
> >> Are you installing libpcre from a package ? Any chance you download the
> pcre
> >> tarball and recompile it ?
> >
> > I'm using.
> > pcre-8.21-5.fc17.x86_64
>
> same result with pcre-8.31.
>
> >
> >
> >>
> >> Thanks
> >>
> >> Brneo
> >>
> >>
> >> On 11/22/12 4:20 PM, "Peter Vrabec" <pv...@re...> wrote:
> >>
> >>> thnx. Breno,
> >>>
> >>> it helped.
> >>>
> >>>
> >>> I only get one error from make check.
> >>>
> >>> Loaded 8 tests from ./op/rx.t
> >>> 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
> >>> 2) op "rx": passed
> >>> 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
> >>> 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
> >>> 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
> >>> 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
> >>> 7) op "rx": passed
> >>> ERROR: Failed to create rule for op "rx": Error creating rule: Error
> >>> compiling pattern (offset 2): unrecognized character after (? or (?-
> >>> Test exited with signal 11.
> >>> Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
> >>> "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r" "1"
> >>> 8) op "rx": failed
> >>> Passed: 7; Failed: 1
> >>>
> >>>
> >>> Peter.
> >>>
> >>>
> >>> On 11/21/2012 09:42 PM, Breno Silva wrote:
> >>>> Peter,
> >>>>
> >>>> Please try:
> >>>>
> >>>> make clean
> >>>> make CFLAGS=-DMSC_TEST test.
> >>>>
> >>>> Thanks
> >>>>
> >>>>
> >>>> On Wed, Nov 21, 2012 at 9:25 AM, Peter Vrabec <pv...@re...
> >>>> <mailto:pv...@re...>> wrote:
> >>>>
> >>>> Hi Ulisses,
> >>>>
> >>>> this is my configure cmd line:
> >>>>
> >>>> ./configure --build=x86_64-unknown-linux-gnu
> >>>> --host=x86_64-unknown-linux-gnu --program-prefix=
> >>>> --disable-dependency-tracking --prefix=/usr --exec-prefix=/usr
> >>>> --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc
> >>>> --datadir=/usr/share --includedir=/usr/include
> --libdir=/usr/lib64
> >>>> --libexecdir=/usr/libexec --localstatedir=/var
> --sharedstatedir=/var/lib
> >>>> --mandir=/usr/share/man --infodir=/usr/share/info
> >>>> --enable-pcre-match-limit=1000000
> >>>> --enable-pcre-match-limit-recursion=1000000
> --with-apxs=/usr/sbin/apxs
> >>>>
> >>>>
> >>>> Peter.
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> On 11/21/2012 02:59 PM, Ulisses Montenegro wrote:
> >>>>> Peter,
> >>>>>
> >>>>> I've had similar issues when enabling certain test/debug flags while
> >>>>> configuring mod_security (I don't have access to my system right
> >>>> now, so
> >>>>> I can't list which ones in particular). What is your ./configure
> >>>> command
> >>>>> line?
> >>>>>
> >>>>> Thanks,
> >>>>> Ulisses
> >>>>>
> >>>>>
> >>>>> On Wed, Nov 21, 2012 at 11:56 AM, Peter Vrabec
> >>>> <pv...@re... <mailto:pv...@re...>
> >>>>> <mailto:pv...@re... <mailto:pv...@re...>>> wrote:
> >>>>>
> >>>>> Hi Breno,
> >>>>>
> >>>>> I'd like to run make check but it doesn't work for me. I
> >>>> don't know what
> >>>>> I do wrong. Could you help me please.
> >>>>>
> >>>>> libtool: link: gcc -I/usr/include/httpd -I/usr/include/apr-1
> >>>>> -I/usr/include/apr-1 -I/usr/include/libxml2 -DWITH_PCRE_STUDY
> >>>>> -DMODSEC_PCRE_MATCH_LIMIT=1000000
> >>>>> -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1000000 -DREQUEST_EARLY
> >>>> -DWITH_LUA
> >>>>> -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
> >>>>> -fstack-protector --param=ssp-buffer-size=4 -m64
> >>>> -mtune=generic -Wl,-z
> >>>>> -Wl,relro -o msc_test msc_test-msc_test.o msc_test-re.o
> >>>>> msc_test-re_operators.o msc_test-re_actions.o
> msc_test-re_tfns.o
> >>>>> msc_test-re_variables.o msc_test-msc_logging.o
> msc_test-msc_xml.o
> >>>>> msc_test-msc_multipart.o msc_test-modsecurity.o
> >>>> msc_test-msc_parsers.o
> >>>>> msc_test-msc_util.o msc_test-msc_pcre.o msc_test-msc_unicode.o
> >>>>> msc_test-persist_dbm.o msc_test-msc_reqbody.o
> >>>> msc_test-msc_crypt.o
> >>>>> msc_test-msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o
> >>>>> msc_test-acmp.o msc_test-msc_lua.o msc_test-msc_release.o
> >>>> -lpthread
> >>>>> -lldap -llber -lexpat -ldb-4.8 /usr/lib64/libapr-1.so
> >>>>> /usr/lib64/libaprutil-1.so -lpcre -lxml2 -lz -llua -lm -ldl
> >>>> -pthread
> >>>>> msc_test-re.o: In function `update_rule_target_ex':
> >>>>>
> >>>>
> >>>>
> /home/pvrabec/rpmbuild/BUILD/modsecurity-apache_2.7.1/tests/../apache2/re.c:3
> >>>> 66:
> >>>>> undefined reference to `ap_log_error'
> >>>>> ...
> >>>>>
> >>>>>
> >>>>> ap_log_error() is build in /usr/sbin/httpd.
> >>>>>
> >>>>> $ nm -D /usr/sbin/httpd | grep ap_log_error
> >>>>> 00000000002569a8 D ap_hack_ap_log_error
> >>>>> 0000000000030760 T ap_log_error
> >>>>>
> >>>>>
> >>>>> thnx.,
> >>>>> Peter.
> >>>>>
> >>>>>
> >>>>
> >>>>
> >>
> ----------------------------------------------------------------------------->>
> >> -
> >>>>> Monitor your physical, virtual and cloud infrastructure from
> >>>> a single
> >>>>> web console. Get in-depth insight into apps, servers,
> >>>> databases, vmware,
> >>>>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> >>>>> Pricing starts from $795 for 25 servers or applications!
> >>>>> http://p.sf.net/sfu/zoho_dev2dev_nov
> >>>>> _______________________________________________
> >>>>> mod-security-developers mailing list
> >>>>> mod...@li...
> >>>> <mailto:mod...@li...>
> >>>>> <mailto:mod...@li...
> >>>> <mailto:mod...@li...>>
> >>>>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> >>>>> ModSecurity Services from Trustwave's SpiderLabs:
> >>>>> https://www.trustwave.com/spiderLabs.php
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>> --
> >>>>> ³If debugging is the process of removing software bugs, then
> >>>> programming
> >>>>> must be the process of putting them in.² - Edsger Dijkstra
> >>>>>
> >>>>>
> >>>>>
> >>>>
> >>>>
> >>
> ----------------------------------------------------------------------------->>
> >> -
> >>>>> Monitor your physical, virtual and cloud infrastructure from a single
> >>>>> web console. Get in-depth insight into apps, servers, databases,
> >>>> vmware,
> >>>>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> >>>>> Pricing starts from $795 for 25 servers or applications!
> >>>>> http://p.sf.net/sfu/zoho_dev2dev_nov
> >>>>>
> >>>>>
> >>>>>
> >>>>> _______________________________________________
> >>>>> mod-security-developers mailing list
> >>>>> mod...@li...
> >>>> <mailto:mod...@li...>
> >>>>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> >>>>> ModSecurity Services from Trustwave's SpiderLabs:
> >>>>> https://www.trustwave.com/spiderLabs.php
> >>>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>
> ----------------------------------------------------------------------------->>
> >> -
> >>>> Monitor your physical, virtual and cloud infrastructure from a
> single
> >>>> web console. Get in-depth insight into apps, servers,
> databases, vmware,
> >>>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> >>>> Pricing starts from $795 for 25 servers or applications!
> >>>> http://p.sf.net/sfu/zoho_dev2dev_nov
> >>>> _______________________________________________
> >>>> mod-security-developers mailing list
> >>>> mod...@li...
> >>>> <mailto:mod...@li...>
> >>>>
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> >>>> ModSecurity Services from Trustwave's SpiderLabs:
> >>>> https://www.trustwave.com/spiderLabs.php
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>
> ----------------------------------------------------------------------------->>
> >> -
> >>>> Monitor your physical, virtual and cloud infrastructure from a single
> >>>> web console. Get in-depth insight into apps, servers, databases,
> vmware,
> >>>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> >>>> Pricing starts from $795 for 25 servers or applications!
> >>>> http://p.sf.net/sfu/zoho_dev2dev_nov
> >>>>
> >>>>
> >>>>
> >>>> _______________________________________________
> >>>> mod-security-developers mailing list
> >>>> mod...@li...
> >>>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> >>>> ModSecurity Services from Trustwave's SpiderLabs:
> >>>> https://www.trustwave.com/spiderLabs.php
> >>>>
> >>>
> >>>
> >>>
> ------------------------------------------------------------------------------
> >>> Monitor your physical, virtual and cloud infrastructure from a single
> >>> web console. Get in-depth insight into apps, servers, databases,
> vmware,
> >>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> >>> Pricing starts from $795 for 25 servers or applications!
> >>> http://p.sf.net/sfu/zoho_dev2dev_nov
> >>> _______________________________________________
> >>> mod-security-developers mailing list
> >>> mod...@li...
> >>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> >>> ModSecurity Services from Trustwave's SpiderLabs:
> >>> https://www.trustwave.com/spiderLabs.php
> >>>
> >>
> >>
> >> ________________________________
> >>
> >> This transmission may contain information that is privileged,
> confidential, and/or exempt from disclosure under applicable law. If you
> are not the intended recipient, you are hereby notified that any
> disclosure, copying, distribution, or use of the information contained
> herein (including any reliance thereon) is STRICTLY PROHIBITED. If you
> received this transmission in error, please immediately contact the sender
> and destroy the material in its entirety, whether in electronic or hard
> copy format.
> >>
> >>
> >>
> ------------------------------------------------------------------------------
> >> Monitor your physical, virtual and cloud infrastructure from a single
> >> web console. Get in-depth insight into apps, servers, databases, vmware,
> >> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> >> Pricing starts from $795 for 25 servers or applications!
> >> http://p.sf.net/sfu/zoho_dev2dev_nov
> >> _______________________________________________
> >> mod-security-developers mailing list
> >> mod...@li...
> >> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> >> ModSecurity Services from Trustwave's SpiderLabs:
> >> https://www.trustwave.com/spiderLabs.php
> >>
> >
> >
> >
> ------------------------------------------------------------------------------
> > Monitor your physical, virtual and cloud infrastructure from a single
> > web console. Get in-depth insight into apps, servers, databases, vmware,
> > SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> > Pricing starts from $795 for 25 servers or applications!
> > http://p.sf.net/sfu/zoho_dev2dev_nov
> > _______________________________________________
> > mod-security-developers mailing list
> > mod...@li...
> > https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> > ModSecurity Services from Trustwave's SpiderLabs:
> > https://www.trustwave.com/spiderLabs.php
> >
>
>
>
> ------------------------------------------------------------------------------
> Keep yourself connected to Go Parallel:
> VERIFY Test and improve your parallel project with help from experts
> and peers. http://goparallel.sourceforge.net
> _______________________________________________
> mod-security-developers mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php
>
|
|
From: Peter V. <pv...@re...> - 2012-11-29 14:46:30
|
Hello,
On 11/27/2012 05:36 PM, Peter Vrabec wrote:
> Hi,
>
> On 11/23/2012 07:19 PM, Breno Silva Pinto wrote:
>> Hello Peter,
>>
>> Looks like your pcre file cannot compile a specific regex. What is your
>> libpcre version ?
>>
>> Are you installing libpcre from a package ? Any chance you download the pcre
>> tarball and recompile it ?
>
> I'm using.
> pcre-8.21-5.fc17.x86_64
same result with pcre-8.31.
>
>
>>
>> Thanks
>>
>> Brneo
>>
>>
>> On 11/22/12 4:20 PM, "Peter Vrabec" <pv...@re...> wrote:
>>
>>> thnx. Breno,
>>>
>>> it helped.
>>>
>>>
>>> I only get one error from make check.
>>>
>>> Loaded 8 tests from ./op/rx.t
>>> 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
>>> 2) op "rx": passed
>>> 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
>>> 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
>>> 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
>>> 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
>>> 7) op "rx": passed
>>> ERROR: Failed to create rule for op "rx": Error creating rule: Error
>>> compiling pattern (offset 2): unrecognized character after (? or (?-
>>> Test exited with signal 11.
>>> Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
>>> "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r" "1"
>>> 8) op "rx": failed
>>> Passed: 7; Failed: 1
>>>
>>>
>>> Peter.
>>>
>>>
>>> On 11/21/2012 09:42 PM, Breno Silva wrote:
>>>> Peter,
>>>>
>>>> Please try:
>>>>
>>>> make clean
>>>> make CFLAGS=-DMSC_TEST test.
>>>>
>>>> Thanks
>>>>
>>>>
>>>> On Wed, Nov 21, 2012 at 9:25 AM, Peter Vrabec <pv...@re...
>>>> <mailto:pv...@re...>> wrote:
>>>>
>>>> Hi Ulisses,
>>>>
>>>> this is my configure cmd line:
>>>>
>>>> ./configure --build=x86_64-unknown-linux-gnu
>>>> --host=x86_64-unknown-linux-gnu --program-prefix=
>>>> --disable-dependency-tracking --prefix=/usr --exec-prefix=/usr
>>>> --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc
>>>> --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64
>>>> --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/var/lib
>>>> --mandir=/usr/share/man --infodir=/usr/share/info
>>>> --enable-pcre-match-limit=1000000
>>>> --enable-pcre-match-limit-recursion=1000000 --with-apxs=/usr/sbin/apxs
>>>>
>>>>
>>>> Peter.
>>>>
>>>>
>>>>
>>>>
>>>> On 11/21/2012 02:59 PM, Ulisses Montenegro wrote:
>>>>> Peter,
>>>>>
>>>>> I've had similar issues when enabling certain test/debug flags while
>>>>> configuring mod_security (I don't have access to my system right
>>>> now, so
>>>>> I can't list which ones in particular). What is your ./configure
>>>> command
>>>>> line?
>>>>>
>>>>> Thanks,
>>>>> Ulisses
>>>>>
>>>>>
>>>>> On Wed, Nov 21, 2012 at 11:56 AM, Peter Vrabec
>>>> <pv...@re... <mailto:pv...@re...>
>>>>> <mailto:pv...@re... <mailto:pv...@re...>>> wrote:
>>>>>
>>>>> Hi Breno,
>>>>>
>>>>> I'd like to run make check but it doesn't work for me. I
>>>> don't know what
>>>>> I do wrong. Could you help me please.
>>>>>
>>>>> libtool: link: gcc -I/usr/include/httpd -I/usr/include/apr-1
>>>>> -I/usr/include/apr-1 -I/usr/include/libxml2 -DWITH_PCRE_STUDY
>>>>> -DMODSEC_PCRE_MATCH_LIMIT=1000000
>>>>> -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1000000 -DREQUEST_EARLY
>>>> -DWITH_LUA
>>>>> -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
>>>>> -fstack-protector --param=ssp-buffer-size=4 -m64
>>>> -mtune=generic -Wl,-z
>>>>> -Wl,relro -o msc_test msc_test-msc_test.o msc_test-re.o
>>>>> msc_test-re_operators.o msc_test-re_actions.o msc_test-re_tfns.o
>>>>> msc_test-re_variables.o msc_test-msc_logging.o msc_test-msc_xml.o
>>>>> msc_test-msc_multipart.o msc_test-modsecurity.o
>>>> msc_test-msc_parsers.o
>>>>> msc_test-msc_util.o msc_test-msc_pcre.o msc_test-msc_unicode.o
>>>>> msc_test-persist_dbm.o msc_test-msc_reqbody.o
>>>> msc_test-msc_crypt.o
>>>>> msc_test-msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o
>>>>> msc_test-acmp.o msc_test-msc_lua.o msc_test-msc_release.o
>>>> -lpthread
>>>>> -lldap -llber -lexpat -ldb-4.8 /usr/lib64/libapr-1.so
>>>>> /usr/lib64/libaprutil-1.so -lpcre -lxml2 -lz -llua -lm -ldl
>>>> -pthread
>>>>> msc_test-re.o: In function `update_rule_target_ex':
>>>>>
>>>>
>>>> /home/pvrabec/rpmbuild/BUILD/modsecurity-apache_2.7.1/tests/../apache2/re.c:3
>>>> 66:
>>>>> undefined reference to `ap_log_error'
>>>>> ...
>>>>>
>>>>>
>>>>> ap_log_error() is build in /usr/sbin/httpd.
>>>>>
>>>>> $ nm -D /usr/sbin/httpd | grep ap_log_error
>>>>> 00000000002569a8 D ap_hack_ap_log_error
>>>>> 0000000000030760 T ap_log_error
>>>>>
>>>>>
>>>>> thnx.,
>>>>> Peter.
>>>>>
>>>>>
>>>>
>>>>
>> ----------------------------------------------------------------------------->>
>> -
>>>>> Monitor your physical, virtual and cloud infrastructure from
>>>> a single
>>>>> web console. Get in-depth insight into apps, servers,
>>>> databases, vmware,
>>>>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
>>>>> Pricing starts from $795 for 25 servers or applications!
>>>>> http://p.sf.net/sfu/zoho_dev2dev_nov
>>>>> _______________________________________________
>>>>> mod-security-developers mailing list
>>>>> mod...@li...
>>>> <mailto:mod...@li...>
>>>>> <mailto:mod...@li...
>>>> <mailto:mod...@li...>>
>>>>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>>>>> ModSecurity Services from Trustwave's SpiderLabs:
>>>>> https://www.trustwave.com/spiderLabs.php
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> ³If debugging is the process of removing software bugs, then
>>>> programming
>>>>> must be the process of putting them in.² - Edsger Dijkstra
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>> ----------------------------------------------------------------------------->>
>> -
>>>>> Monitor your physical, virtual and cloud infrastructure from a single
>>>>> web console. Get in-depth insight into apps, servers, databases,
>>>> vmware,
>>>>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
>>>>> Pricing starts from $795 for 25 servers or applications!
>>>>> http://p.sf.net/sfu/zoho_dev2dev_nov
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> mod-security-developers mailing list
>>>>> mod...@li...
>>>> <mailto:mod...@li...>
>>>>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>>>>> ModSecurity Services from Trustwave's SpiderLabs:
>>>>> https://www.trustwave.com/spiderLabs.php
>>>>>
>>>>
>>>>
>>>>
>>>>
>> ----------------------------------------------------------------------------->>
>> -
>>>> Monitor your physical, virtual and cloud infrastructure from a single
>>>> web console. Get in-depth insight into apps, servers, databases, vmware,
>>>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
>>>> Pricing starts from $795 for 25 servers or applications!
>>>> http://p.sf.net/sfu/zoho_dev2dev_nov
>>>> _______________________________________________
>>>> mod-security-developers mailing list
>>>> mod...@li...
>>>> <mailto:mod...@li...>
>>>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>>>> ModSecurity Services from Trustwave's SpiderLabs:
>>>> https://www.trustwave.com/spiderLabs.php
>>>>
>>>>
>>>>
>>>>
>>>>
>> ----------------------------------------------------------------------------->>
>> -
>>>> Monitor your physical, virtual and cloud infrastructure from a single
>>>> web console. Get in-depth insight into apps, servers, databases, vmware,
>>>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
>>>> Pricing starts from $795 for 25 servers or applications!
>>>> http://p.sf.net/sfu/zoho_dev2dev_nov
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> mod-security-developers mailing list
>>>> mod...@li...
>>>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>>>> ModSecurity Services from Trustwave's SpiderLabs:
>>>> https://www.trustwave.com/spiderLabs.php
>>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Monitor your physical, virtual and cloud infrastructure from a single
>>> web console. Get in-depth insight into apps, servers, databases, vmware,
>>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
>>> Pricing starts from $795 for 25 servers or applications!
>>> http://p.sf.net/sfu/zoho_dev2dev_nov
>>> _______________________________________________
>>> mod-security-developers mailing list
>>> mod...@li...
>>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>>> ModSecurity Services from Trustwave's SpiderLabs:
>>> https://www.trustwave.com/spiderLabs.php
>>>
>>
>>
>> ________________________________
>>
>> This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
>>
>>
>> ------------------------------------------------------------------------------
>> Monitor your physical, virtual and cloud infrastructure from a single
>> web console. Get in-depth insight into apps, servers, databases, vmware,
>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
>> Pricing starts from $795 for 25 servers or applications!
>> http://p.sf.net/sfu/zoho_dev2dev_nov
>> _______________________________________________
>> mod-security-developers mailing list
>> mod...@li...
>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> ModSecurity Services from Trustwave's SpiderLabs:
>> https://www.trustwave.com/spiderLabs.php
>>
>
>
> ------------------------------------------------------------------------------
> Monitor your physical, virtual and cloud infrastructure from a single
> web console. Get in-depth insight into apps, servers, databases, vmware,
> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> Pricing starts from $795 for 25 servers or applications!
> http://p.sf.net/sfu/zoho_dev2dev_nov
> _______________________________________________
> mod-security-developers mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php
>
|
|
From: Breno S. P. (JIRA) <no...@mo...> - 2012-11-29 11:31:37
|
[ https://www.modsecurity.org/tracker/browse/MODSEC-359?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Breno Silva Pinto resolved MODSEC-359.
--------------------------------------
Resolution: Fixed
> Compilation error
> -----------------
>
> Key: MODSEC-359
> URL: https://www.modsecurity.org/tracker/browse/MODSEC-359
> Project: ModSecurity
> Issue Type: Bug
> Security Level: Normal
> Components: Build System
> Affects Versions: 2.7.1
> Environment: Windows Visual C++ 6.0
> Reporter: Marc Stern
> Assignee: Breno Silva Pinto
> Fix For: 2.7.2
>
>
> stdint.h included without checking support for it in msc_tree.c:
> #if APR_HAVE_STDINT_H
> #include <stdint.h>
> #endif
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
|
From: Breno S. P. (JIRA) <no...@mo...> - 2012-11-28 13:13:33
|
[ https://www.modsecurity.org/tracker/browse/MODSEC-357?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Breno Silva Pinto resolved MODSEC-357.
--------------------------------------
Resolution: Fixed
> Bad pre-compiling check
> -----------------------
>
> Key: MODSEC-357
> URL: https://www.modsecurity.org/tracker/browse/MODSEC-357
> Project: ModSecurity
> Issue Type: Bug
> Security Level: Normal
> Components: Build System
> Affects Versions: 2.7.1
> Environment: Windows Visual C++ 6.0
> Reporter: Marc Stern
> Assignee: Breno Silva Pinto
> Fix For: 2.7.2
>
>
> In re_operators.c, the following check is performed:
> #if !defined(WIN32) || !defined(WINNT)
> #include <arpa/inet.h>
> #endif
> This should be replaced by
> #if APR_HAVE_ARPA_INET_H
> #include <arpa/inet.h>
> #endif
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
|
From: Peter V. <pv...@re...> - 2012-11-27 16:37:06
|
Hi,
On 11/23/2012 07:19 PM, Breno Silva Pinto wrote:
> Hello Peter,
>
> Looks like your pcre file cannot compile a specific regex. What is your
> libpcre version ?
>
> Are you installing libpcre from a package ? Any chance you download the pcre
> tarball and recompile it ?
I'm using.
pcre-8.21-5.fc17.x86_64
>
> Thanks
>
> Brneo
>
>
> On 11/22/12 4:20 PM, "Peter Vrabec" <pv...@re...> wrote:
>
>> thnx. Breno,
>>
>> it helped.
>>
>>
>> I only get one error from make check.
>>
>> Loaded 8 tests from ./op/rx.t
>> 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
>> 2) op "rx": passed
>> 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
>> 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
>> 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
>> 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
>> 7) op "rx": passed
>> ERROR: Failed to create rule for op "rx": Error creating rule: Error
>> compiling pattern (offset 2): unrecognized character after (? or (?-
>> Test exited with signal 11.
>> Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
>> "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r" "1"
>> 8) op "rx": failed
>> Passed: 7; Failed: 1
>>
>>
>> Peter.
>>
>>
>> On 11/21/2012 09:42 PM, Breno Silva wrote:
>>> Peter,
>>>
>>> Please try:
>>>
>>> make clean
>>> make CFLAGS=-DMSC_TEST test.
>>>
>>> Thanks
>>>
>>>
>>> On Wed, Nov 21, 2012 at 9:25 AM, Peter Vrabec <pv...@re...
>>> <mailto:pv...@re...>> wrote:
>>>
>>> Hi Ulisses,
>>>
>>> this is my configure cmd line:
>>>
>>> ./configure --build=x86_64-unknown-linux-gnu
>>> --host=x86_64-unknown-linux-gnu --program-prefix=
>>> --disable-dependency-tracking --prefix=/usr --exec-prefix=/usr
>>> --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc
>>> --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64
>>> --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/var/lib
>>> --mandir=/usr/share/man --infodir=/usr/share/info
>>> --enable-pcre-match-limit=1000000
>>> --enable-pcre-match-limit-recursion=1000000 --with-apxs=/usr/sbin/apxs
>>>
>>>
>>> Peter.
>>>
>>>
>>>
>>>
>>> On 11/21/2012 02:59 PM, Ulisses Montenegro wrote:
>>>> Peter,
>>>>
>>>> I've had similar issues when enabling certain test/debug flags while
>>>> configuring mod_security (I don't have access to my system right
>>> now, so
>>>> I can't list which ones in particular). What is your ./configure
>>> command
>>>> line?
>>>>
>>>> Thanks,
>>>> Ulisses
>>>>
>>>>
>>>> On Wed, Nov 21, 2012 at 11:56 AM, Peter Vrabec
>>> <pv...@re... <mailto:pv...@re...>
>>>> <mailto:pv...@re... <mailto:pv...@re...>>> wrote:
>>>>
>>>> Hi Breno,
>>>>
>>>> I'd like to run make check but it doesn't work for me. I
>>> don't know what
>>>> I do wrong. Could you help me please.
>>>>
>>>> libtool: link: gcc -I/usr/include/httpd -I/usr/include/apr-1
>>>> -I/usr/include/apr-1 -I/usr/include/libxml2 -DWITH_PCRE_STUDY
>>>> -DMODSEC_PCRE_MATCH_LIMIT=1000000
>>>> -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1000000 -DREQUEST_EARLY
>>> -DWITH_LUA
>>>> -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
>>>> -fstack-protector --param=ssp-buffer-size=4 -m64
>>> -mtune=generic -Wl,-z
>>>> -Wl,relro -o msc_test msc_test-msc_test.o msc_test-re.o
>>>> msc_test-re_operators.o msc_test-re_actions.o msc_test-re_tfns.o
>>>> msc_test-re_variables.o msc_test-msc_logging.o msc_test-msc_xml.o
>>>> msc_test-msc_multipart.o msc_test-modsecurity.o
>>> msc_test-msc_parsers.o
>>>> msc_test-msc_util.o msc_test-msc_pcre.o msc_test-msc_unicode.o
>>>> msc_test-persist_dbm.o msc_test-msc_reqbody.o
>>> msc_test-msc_crypt.o
>>>> msc_test-msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o
>>>> msc_test-acmp.o msc_test-msc_lua.o msc_test-msc_release.o
>>> -lpthread
>>>> -lldap -llber -lexpat -ldb-4.8 /usr/lib64/libapr-1.so
>>>> /usr/lib64/libaprutil-1.so -lpcre -lxml2 -lz -llua -lm -ldl
>>> -pthread
>>>> msc_test-re.o: In function `update_rule_target_ex':
>>>>
>>>
>>> /home/pvrabec/rpmbuild/BUILD/modsecurity-apache_2.7.1/tests/../apache2/re.c:3
>>> 66:
>>>> undefined reference to `ap_log_error'
>>>> ...
>>>>
>>>>
>>>> ap_log_error() is build in /usr/sbin/httpd.
>>>>
>>>> $ nm -D /usr/sbin/httpd | grep ap_log_error
>>>> 00000000002569a8 D ap_hack_ap_log_error
>>>> 0000000000030760 T ap_log_error
>>>>
>>>>
>>>> thnx.,
>>>> Peter.
>>>>
>>>>
>>>
>>>
> ----------------------------------------------------------------------------->>
> -
>>>> Monitor your physical, virtual and cloud infrastructure from
>>> a single
>>>> web console. Get in-depth insight into apps, servers,
>>> databases, vmware,
>>>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
>>>> Pricing starts from $795 for 25 servers or applications!
>>>> http://p.sf.net/sfu/zoho_dev2dev_nov
>>>> _______________________________________________
>>>> mod-security-developers mailing list
>>>> mod...@li...
>>> <mailto:mod...@li...>
>>>> <mailto:mod...@li...
>>> <mailto:mod...@li...>>
>>>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>>>> ModSecurity Services from Trustwave's SpiderLabs:
>>>> https://www.trustwave.com/spiderLabs.php
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> ³If debugging is the process of removing software bugs, then
>>> programming
>>>> must be the process of putting them in.² - Edsger Dijkstra
>>>>
>>>>
>>>>
>>>
>>>
> ----------------------------------------------------------------------------->>
> -
>>>> Monitor your physical, virtual and cloud infrastructure from a single
>>>> web console. Get in-depth insight into apps, servers, databases,
>>> vmware,
>>>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
>>>> Pricing starts from $795 for 25 servers or applications!
>>>> http://p.sf.net/sfu/zoho_dev2dev_nov
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> mod-security-developers mailing list
>>>> mod...@li...
>>> <mailto:mod...@li...>
>>>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>>>> ModSecurity Services from Trustwave's SpiderLabs:
>>>> https://www.trustwave.com/spiderLabs.php
>>>>
>>>
>>>
>>>
>>>
> ----------------------------------------------------------------------------->>
> -
>>> Monitor your physical, virtual and cloud infrastructure from a single
>>> web console. Get in-depth insight into apps, servers, databases, vmware,
>>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
>>> Pricing starts from $795 for 25 servers or applications!
>>> http://p.sf.net/sfu/zoho_dev2dev_nov
>>> _______________________________________________
>>> mod-security-developers mailing list
>>> mod...@li...
>>> <mailto:mod...@li...>
>>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>>> ModSecurity Services from Trustwave's SpiderLabs:
>>> https://www.trustwave.com/spiderLabs.php
>>>
>>>
>>>
>>>
>>>
> ----------------------------------------------------------------------------->>
> -
>>> Monitor your physical, virtual and cloud infrastructure from a single
>>> web console. Get in-depth insight into apps, servers, databases, vmware,
>>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
>>> Pricing starts from $795 for 25 servers or applications!
>>> http://p.sf.net/sfu/zoho_dev2dev_nov
>>>
>>>
>>>
>>> _______________________________________________
>>> mod-security-developers mailing list
>>> mod...@li...
>>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>>> ModSecurity Services from Trustwave's SpiderLabs:
>>> https://www.trustwave.com/spiderLabs.php
>>>
>>
>>
>> ------------------------------------------------------------------------------
>> Monitor your physical, virtual and cloud infrastructure from a single
>> web console. Get in-depth insight into apps, servers, databases, vmware,
>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
>> Pricing starts from $795 for 25 servers or applications!
>> http://p.sf.net/sfu/zoho_dev2dev_nov
>> _______________________________________________
>> mod-security-developers mailing list
>> mod...@li...
>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> ModSecurity Services from Trustwave's SpiderLabs:
>> https://www.trustwave.com/spiderLabs.php
>>
>
>
> ________________________________
>
> This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
>
>
> ------------------------------------------------------------------------------
> Monitor your physical, virtual and cloud infrastructure from a single
> web console. Get in-depth insight into apps, servers, databases, vmware,
> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> Pricing starts from $795 for 25 servers or applications!
> http://p.sf.net/sfu/zoho_dev2dev_nov
> _______________________________________________
> mod-security-developers mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php
>
|
|
From: Breno S. P. (JIRA) <no...@mo...> - 2012-11-27 13:22:29
|
[ https://www.modsecurity.org/tracker/browse/MODSEC-329?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Breno Silva Pinto resolved MODSEC-329.
--------------------------------------
Resolution: Fixed
> Scope of SecRequestBodyNoFilesLimit does not look work under Location directive
> -------------------------------------------------------------------------------
>
> Key: MODSEC-329
> URL: https://www.modsecurity.org/tracker/browse/MODSEC-329
> Project: ModSecurity
> Issue Type: Bug
> Security Level: Normal
> Components: Core
> Affects Versions: 2.6.5
> Environment: Any
> Reporter: Benoit Donneaux
> Assignee: Breno Silva Pinto
> Fix For: 2.7.2
>
>
> Since we've discovered what might be called a design mistake, we would like to increase the request limit size for a specific location only.
> After a couple of trial, it looks like the SecRequestBodyNoFilesLimit directive under a specific Location is overwritten by the value in the Main scope !
> We've tried to keep the default in the main "mod_security.conf" :
> SecRequestBodyNoFilesLimit 131072
> And include a custom file with this :
> <Location /endpoint>
> SecRequestBodyNoFilesLimit 13107200
> </Location>
> But requests keep failing.
> As soon We change to 13107200 in the main Scope, requests are going through !
> Is this an (un)expected behavior or are we doing things the wrong way ?
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
|
From: Breno S. P. <BP...@tr...> - 2012-11-23 18:20:05
|
Hello Peter,
Looks like your pcre file cannot compile a specific regex. What is your
libpcre version ?
Are you installing libpcre from a package ? Any chance you download the pcre
tarball and recompile it ?
Thanks
Brneo
On 11/22/12 4:20 PM, "Peter Vrabec" <pv...@re...> wrote:
> thnx. Breno,
>
> it helped.
>
>
> I only get one error from make check.
>
> Loaded 8 tests from ./op/rx.t
> 1) op "rx": passed (Pattern match "" at UNIT_TEST.)
> 2) op "rx": passed
> 3) op "rx": passed (Pattern match "" at UNIT_TEST.)
> 4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
> 5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
> 6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
> 7) op "rx": passed
> ERROR: Failed to create rule for op "rx": Error creating rule: Error
> compiling pattern (offset 2): unrecognized character after (? or (?-
> Test exited with signal 11.
> Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
> "(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r" "1"
> 8) op "rx": failed
> Passed: 7; Failed: 1
>
>
> Peter.
>
>
> On 11/21/2012 09:42 PM, Breno Silva wrote:
>> Peter,
>>
>> Please try:
>>
>> make clean
>> make CFLAGS=-DMSC_TEST test.
>>
>> Thanks
>>
>>
>> On Wed, Nov 21, 2012 at 9:25 AM, Peter Vrabec <pv...@re...
>> <mailto:pv...@re...>> wrote:
>>
>> Hi Ulisses,
>>
>> this is my configure cmd line:
>>
>> ./configure --build=x86_64-unknown-linux-gnu
>> --host=x86_64-unknown-linux-gnu --program-prefix=
>> --disable-dependency-tracking --prefix=/usr --exec-prefix=/usr
>> --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc
>> --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64
>> --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/var/lib
>> --mandir=/usr/share/man --infodir=/usr/share/info
>> --enable-pcre-match-limit=1000000
>> --enable-pcre-match-limit-recursion=1000000 --with-apxs=/usr/sbin/apxs
>>
>>
>> Peter.
>>
>>
>>
>>
>> On 11/21/2012 02:59 PM, Ulisses Montenegro wrote:
>>> Peter,
>>>
>>> I've had similar issues when enabling certain test/debug flags while
>>> configuring mod_security (I don't have access to my system right
>> now, so
>>> I can't list which ones in particular). What is your ./configure
>> command
>>> line?
>>>
>>> Thanks,
>>> Ulisses
>>>
>>>
>>> On Wed, Nov 21, 2012 at 11:56 AM, Peter Vrabec
>> <pv...@re... <mailto:pv...@re...>
>>> <mailto:pv...@re... <mailto:pv...@re...>>> wrote:
>>>
>>> Hi Breno,
>>>
>>> I'd like to run make check but it doesn't work for me. I
>> don't know what
>>> I do wrong. Could you help me please.
>>>
>>> libtool: link: gcc -I/usr/include/httpd -I/usr/include/apr-1
>>> -I/usr/include/apr-1 -I/usr/include/libxml2 -DWITH_PCRE_STUDY
>>> -DMODSEC_PCRE_MATCH_LIMIT=1000000
>>> -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1000000 -DREQUEST_EARLY
>> -DWITH_LUA
>>> -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
>>> -fstack-protector --param=ssp-buffer-size=4 -m64
>> -mtune=generic -Wl,-z
>>> -Wl,relro -o msc_test msc_test-msc_test.o msc_test-re.o
>>> msc_test-re_operators.o msc_test-re_actions.o msc_test-re_tfns.o
>>> msc_test-re_variables.o msc_test-msc_logging.o msc_test-msc_xml.o
>>> msc_test-msc_multipart.o msc_test-modsecurity.o
>> msc_test-msc_parsers.o
>>> msc_test-msc_util.o msc_test-msc_pcre.o msc_test-msc_unicode.o
>>> msc_test-persist_dbm.o msc_test-msc_reqbody.o
>> msc_test-msc_crypt.o
>>> msc_test-msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o
>>> msc_test-acmp.o msc_test-msc_lua.o msc_test-msc_release.o
>> -lpthread
>>> -lldap -llber -lexpat -ldb-4.8 /usr/lib64/libapr-1.so
>>> /usr/lib64/libaprutil-1.so -lpcre -lxml2 -lz -llua -lm -ldl
>> -pthread
>>> msc_test-re.o: In function `update_rule_target_ex':
>>>
>>
>> /home/pvrabec/rpmbuild/BUILD/modsecurity-apache_2.7.1/tests/../apache2/re.c:3
>> 66:
>>> undefined reference to `ap_log_error'
>>> ...
>>>
>>>
>>> ap_log_error() is build in /usr/sbin/httpd.
>>>
>>> $ nm -D /usr/sbin/httpd | grep ap_log_error
>>> 00000000002569a8 D ap_hack_ap_log_error
>>> 0000000000030760 T ap_log_error
>>>
>>>
>>> thnx.,
>>> Peter.
>>>
>>>
>>
>>
----------------------------------------------------------------------------->>
-
>>> Monitor your physical, virtual and cloud infrastructure from
>> a single
>>> web console. Get in-depth insight into apps, servers,
>> databases, vmware,
>>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
>>> Pricing starts from $795 for 25 servers or applications!
>>> http://p.sf.net/sfu/zoho_dev2dev_nov
>>> _______________________________________________
>>> mod-security-developers mailing list
>>> mod...@li...
>> <mailto:mod...@li...>
>>> <mailto:mod...@li...
>> <mailto:mod...@li...>>
>>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>>> ModSecurity Services from Trustwave's SpiderLabs:
>>> https://www.trustwave.com/spiderLabs.php
>>>
>>>
>>>
>>>
>>> --
>>> ³If debugging is the process of removing software bugs, then
>> programming
>>> must be the process of putting them in.² - Edsger Dijkstra
>>>
>>>
>>>
>>
>>
----------------------------------------------------------------------------->>
-
>>> Monitor your physical, virtual and cloud infrastructure from a single
>>> web console. Get in-depth insight into apps, servers, databases,
>> vmware,
>>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
>>> Pricing starts from $795 for 25 servers or applications!
>>> http://p.sf.net/sfu/zoho_dev2dev_nov
>>>
>>>
>>>
>>> _______________________________________________
>>> mod-security-developers mailing list
>>> mod...@li...
>> <mailto:mod...@li...>
>>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>>> ModSecurity Services from Trustwave's SpiderLabs:
>>> https://www.trustwave.com/spiderLabs.php
>>>
>>
>>
>>
>>
----------------------------------------------------------------------------->>
-
>> Monitor your physical, virtual and cloud infrastructure from a single
>> web console. Get in-depth insight into apps, servers, databases, vmware,
>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
>> Pricing starts from $795 for 25 servers or applications!
>> http://p.sf.net/sfu/zoho_dev2dev_nov
>> _______________________________________________
>> mod-security-developers mailing list
>> mod...@li...
>> <mailto:mod...@li...>
>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> ModSecurity Services from Trustwave's SpiderLabs:
>> https://www.trustwave.com/spiderLabs.php
>>
>>
>>
>>
>>
----------------------------------------------------------------------------->>
-
>> Monitor your physical, virtual and cloud infrastructure from a single
>> web console. Get in-depth insight into apps, servers, databases, vmware,
>> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
>> Pricing starts from $795 for 25 servers or applications!
>> http://p.sf.net/sfu/zoho_dev2dev_nov
>>
>>
>>
>> _______________________________________________
>> mod-security-developers mailing list
>> mod...@li...
>> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
>> ModSecurity Services from Trustwave's SpiderLabs:
>> https://www.trustwave.com/spiderLabs.php
>>
>
>
> ------------------------------------------------------------------------------
> Monitor your physical, virtual and cloud infrastructure from a single
> web console. Get in-depth insight into apps, servers, databases, vmware,
> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> Pricing starts from $795 for 25 servers or applications!
> http://p.sf.net/sfu/zoho_dev2dev_nov
> _______________________________________________
> mod-security-developers mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php
>
________________________________
This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
|
|
From: Peter V. <pv...@re...> - 2012-11-22 23:12:25
|
thnx. Breno,
it helped.
I only get one error from make check.
Loaded 8 tests from ./op/rx.t
1) op "rx": passed (Pattern match "" at UNIT_TEST.)
2) op "rx": passed
3) op "rx": passed (Pattern match "" at UNIT_TEST.)
4) op "rx": passed (Pattern match "abc" at UNIT_TEST.)
5) op "rx": passed (Pattern match "def" at UNIT_TEST.)
6) op "rx": passed (Pattern match "ghi" at UNIT_TEST.)
7) op "rx": passed
ERROR: Failed to create rule for op "rx": Error creating rule: Error
compiling pattern (offset 2): unrecognized character after (? or (?-
Test exited with signal 11.
Executed: ./msc_test "-t" "op" "-n" "rx" "-p"
"(?^i:^([^=])\s*=\s*((?:abc)+(?:def|ghi){2})$)" "-D" "0" "-r" "1"
8) op "rx": failed
Passed: 7; Failed: 1
Peter.
On 11/21/2012 09:42 PM, Breno Silva wrote:
> Peter,
>
> Please try:
>
> make clean
> make CFLAGS=-DMSC_TEST test.
>
> Thanks
>
>
> On Wed, Nov 21, 2012 at 9:25 AM, Peter Vrabec <pv...@re...
> <mailto:pv...@re...>> wrote:
>
> Hi Ulisses,
>
> this is my configure cmd line:
>
> ./configure --build=x86_64-unknown-linux-gnu
> --host=x86_64-unknown-linux-gnu --program-prefix=
> --disable-dependency-tracking --prefix=/usr --exec-prefix=/usr
> --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc
> --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64
> --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/var/lib
> --mandir=/usr/share/man --infodir=/usr/share/info
> --enable-pcre-match-limit=1000000
> --enable-pcre-match-limit-recursion=1000000 --with-apxs=/usr/sbin/apxs
>
>
> Peter.
>
>
>
>
> On 11/21/2012 02:59 PM, Ulisses Montenegro wrote:
> > Peter,
> >
> > I've had similar issues when enabling certain test/debug flags while
> > configuring mod_security (I don't have access to my system right
> now, so
> > I can't list which ones in particular). What is your ./configure
> command
> > line?
> >
> > Thanks,
> > Ulisses
> >
> >
> > On Wed, Nov 21, 2012 at 11:56 AM, Peter Vrabec
> <pv...@re... <mailto:pv...@re...>
> > <mailto:pv...@re... <mailto:pv...@re...>>> wrote:
> >
> > Hi Breno,
> >
> > I'd like to run make check but it doesn't work for me. I
> don't know what
> > I do wrong. Could you help me please.
> >
> > libtool: link: gcc -I/usr/include/httpd -I/usr/include/apr-1
> > -I/usr/include/apr-1 -I/usr/include/libxml2 -DWITH_PCRE_STUDY
> > -DMODSEC_PCRE_MATCH_LIMIT=1000000
> > -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1000000 -DREQUEST_EARLY
> -DWITH_LUA
> > -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
> > -fstack-protector --param=ssp-buffer-size=4 -m64
> -mtune=generic -Wl,-z
> > -Wl,relro -o msc_test msc_test-msc_test.o msc_test-re.o
> > msc_test-re_operators.o msc_test-re_actions.o msc_test-re_tfns.o
> > msc_test-re_variables.o msc_test-msc_logging.o msc_test-msc_xml.o
> > msc_test-msc_multipart.o msc_test-modsecurity.o
> msc_test-msc_parsers.o
> > msc_test-msc_util.o msc_test-msc_pcre.o msc_test-msc_unicode.o
> > msc_test-persist_dbm.o msc_test-msc_reqbody.o
> msc_test-msc_crypt.o
> > msc_test-msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o
> > msc_test-acmp.o msc_test-msc_lua.o msc_test-msc_release.o
> -lpthread
> > -lldap -llber -lexpat -ldb-4.8 /usr/lib64/libapr-1.so
> > /usr/lib64/libaprutil-1.so -lpcre -lxml2 -lz -llua -lm -ldl
> -pthread
> > msc_test-re.o: In function `update_rule_target_ex':
> >
> /home/pvrabec/rpmbuild/BUILD/modsecurity-apache_2.7.1/tests/../apache2/re.c:366:
> > undefined reference to `ap_log_error'
> > ...
> >
> >
> > ap_log_error() is build in /usr/sbin/httpd.
> >
> > $ nm -D /usr/sbin/httpd | grep ap_log_error
> > 00000000002569a8 D ap_hack_ap_log_error
> > 0000000000030760 T ap_log_error
> >
> >
> > thnx.,
> > Peter.
> >
> >
> ------------------------------------------------------------------------------
> > Monitor your physical, virtual and cloud infrastructure from
> a single
> > web console. Get in-depth insight into apps, servers,
> databases, vmware,
> > SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> > Pricing starts from $795 for 25 servers or applications!
> > http://p.sf.net/sfu/zoho_dev2dev_nov
> > _______________________________________________
> > mod-security-developers mailing list
> > mod...@li...
> <mailto:mod...@li...>
> > <mailto:mod...@li...
> <mailto:mod...@li...>>
> > https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> > ModSecurity Services from Trustwave's SpiderLabs:
> > https://www.trustwave.com/spiderLabs.php
> >
> >
> >
> >
> > --
> > “If debugging is the process of removing software bugs, then
> programming
> > must be the process of putting them in.” - Edsger Dijkstra
> >
> >
> >
> ------------------------------------------------------------------------------
> > Monitor your physical, virtual and cloud infrastructure from a single
> > web console. Get in-depth insight into apps, servers, databases,
> vmware,
> > SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> > Pricing starts from $795 for 25 servers or applications!
> > http://p.sf.net/sfu/zoho_dev2dev_nov
> >
> >
> >
> > _______________________________________________
> > mod-security-developers mailing list
> > mod...@li...
> <mailto:mod...@li...>
> > https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> > ModSecurity Services from Trustwave's SpiderLabs:
> > https://www.trustwave.com/spiderLabs.php
> >
>
>
> ------------------------------------------------------------------------------
> Monitor your physical, virtual and cloud infrastructure from a single
> web console. Get in-depth insight into apps, servers, databases, vmware,
> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> Pricing starts from $795 for 25 servers or applications!
> http://p.sf.net/sfu/zoho_dev2dev_nov
> _______________________________________________
> mod-security-developers mailing list
> mod...@li...
> <mailto:mod...@li...>
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php
>
>
>
>
> ------------------------------------------------------------------------------
> Monitor your physical, virtual and cloud infrastructure from a single
> web console. Get in-depth insight into apps, servers, databases, vmware,
> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> Pricing starts from $795 for 25 servers or applications!
> http://p.sf.net/sfu/zoho_dev2dev_nov
>
>
>
> _______________________________________________
> mod-security-developers mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php
>
|
|
From: Breno S. <bre...@gm...> - 2012-11-21 20:43:05
|
Peter, Please try: make clean make CFLAGS=-DMSC_TEST test. Thanks On Wed, Nov 21, 2012 at 9:25 AM, Peter Vrabec <pv...@re...> wrote: > Hi Ulisses, > > this is my configure cmd line: > > ./configure --build=x86_64-unknown-linux-gnu > --host=x86_64-unknown-linux-gnu --program-prefix= > --disable-dependency-tracking --prefix=/usr --exec-prefix=/usr > --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc > --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64 > --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/var/lib > --mandir=/usr/share/man --infodir=/usr/share/info > --enable-pcre-match-limit=1000000 > --enable-pcre-match-limit-recursion=1000000 --with-apxs=/usr/sbin/apxs > > > Peter. > > > > > On 11/21/2012 02:59 PM, Ulisses Montenegro wrote: > > Peter, > > > > I've had similar issues when enabling certain test/debug flags while > > configuring mod_security (I don't have access to my system right now, so > > I can't list which ones in particular). What is your ./configure command > > line? > > > > Thanks, > > Ulisses > > > > > > On Wed, Nov 21, 2012 at 11:56 AM, Peter Vrabec <pv...@re... > > <mailto:pv...@re...>> wrote: > > > > Hi Breno, > > > > I'd like to run make check but it doesn't work for me. I don't know > what > > I do wrong. Could you help me please. > > > > libtool: link: gcc -I/usr/include/httpd -I/usr/include/apr-1 > > -I/usr/include/apr-1 -I/usr/include/libxml2 -DWITH_PCRE_STUDY > > -DMODSEC_PCRE_MATCH_LIMIT=1000000 > > -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1000000 -DREQUEST_EARLY > -DWITH_LUA > > -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions > > -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic > -Wl,-z > > -Wl,relro -o msc_test msc_test-msc_test.o msc_test-re.o > > msc_test-re_operators.o msc_test-re_actions.o msc_test-re_tfns.o > > msc_test-re_variables.o msc_test-msc_logging.o msc_test-msc_xml.o > > msc_test-msc_multipart.o msc_test-modsecurity.o > msc_test-msc_parsers.o > > msc_test-msc_util.o msc_test-msc_pcre.o msc_test-msc_unicode.o > > msc_test-persist_dbm.o msc_test-msc_reqbody.o msc_test-msc_crypt.o > > msc_test-msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o > > msc_test-acmp.o msc_test-msc_lua.o msc_test-msc_release.o -lpthread > > -lldap -llber -lexpat -ldb-4.8 /usr/lib64/libapr-1.so > > /usr/lib64/libaprutil-1.so -lpcre -lxml2 -lz -llua -lm -ldl -pthread > > msc_test-re.o: In function `update_rule_target_ex': > > > /home/pvrabec/rpmbuild/BUILD/modsecurity-apache_2.7.1/tests/../apache2/re.c:366: > > undefined reference to `ap_log_error' > > ... > > > > > > ap_log_error() is build in /usr/sbin/httpd. > > > > $ nm -D /usr/sbin/httpd | grep ap_log_error > > 00000000002569a8 D ap_hack_ap_log_error > > 0000000000030760 T ap_log_error > > > > > > thnx., > > Peter. > > > > > ------------------------------------------------------------------------------ > > Monitor your physical, virtual and cloud infrastructure from a single > > web console. Get in-depth insight into apps, servers, databases, > vmware, > > SAP, cloud infrastructure, etc. Download 30-day Free Trial. > > Pricing starts from $795 for 25 servers or applications! > > http://p.sf.net/sfu/zoho_dev2dev_nov > > _______________________________________________ > > mod-security-developers mailing list > > mod...@li... > > <mailto:mod...@li...> > > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > > ModSecurity Services from Trustwave's SpiderLabs: > > https://www.trustwave.com/spiderLabs.php > > > > > > > > > > -- > > “If debugging is the process of removing software bugs, then programming > > must be the process of putting them in.” - Edsger Dijkstra > > > > > > > ------------------------------------------------------------------------------ > > Monitor your physical, virtual and cloud infrastructure from a single > > web console. Get in-depth insight into apps, servers, databases, vmware, > > SAP, cloud infrastructure, etc. Download 30-day Free Trial. > > Pricing starts from $795 for 25 servers or applications! > > http://p.sf.net/sfu/zoho_dev2dev_nov > > > > > > > > _______________________________________________ > > mod-security-developers mailing list > > mod...@li... > > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > > ModSecurity Services from Trustwave's SpiderLabs: > > https://www.trustwave.com/spiderLabs.php > > > > > > ------------------------------------------------------------------------------ > Monitor your physical, virtual and cloud infrastructure from a single > web console. Get in-depth insight into apps, servers, databases, vmware, > SAP, cloud infrastructure, etc. Download 30-day Free Trial. > Pricing starts from $795 for 25 servers or applications! > http://p.sf.net/sfu/zoho_dev2dev_nov > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php > |
|
From: Peter V. <pv...@re...> - 2012-11-21 15:25:23
|
Hi Ulisses, this is my configure cmd line: ./configure --build=x86_64-unknown-linux-gnu --host=x86_64-unknown-linux-gnu --program-prefix= --disable-dependency-tracking --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64 --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/var/lib --mandir=/usr/share/man --infodir=/usr/share/info --enable-pcre-match-limit=1000000 --enable-pcre-match-limit-recursion=1000000 --with-apxs=/usr/sbin/apxs Peter. On 11/21/2012 02:59 PM, Ulisses Montenegro wrote: > Peter, > > I've had similar issues when enabling certain test/debug flags while > configuring mod_security (I don't have access to my system right now, so > I can't list which ones in particular). What is your ./configure command > line? > > Thanks, > Ulisses > > > On Wed, Nov 21, 2012 at 11:56 AM, Peter Vrabec <pv...@re... > <mailto:pv...@re...>> wrote: > > Hi Breno, > > I'd like to run make check but it doesn't work for me. I don't know what > I do wrong. Could you help me please. > > libtool: link: gcc -I/usr/include/httpd -I/usr/include/apr-1 > -I/usr/include/apr-1 -I/usr/include/libxml2 -DWITH_PCRE_STUDY > -DMODSEC_PCRE_MATCH_LIMIT=1000000 > -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1000000 -DREQUEST_EARLY -DWITH_LUA > -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions > -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wl,-z > -Wl,relro -o msc_test msc_test-msc_test.o msc_test-re.o > msc_test-re_operators.o msc_test-re_actions.o msc_test-re_tfns.o > msc_test-re_variables.o msc_test-msc_logging.o msc_test-msc_xml.o > msc_test-msc_multipart.o msc_test-modsecurity.o msc_test-msc_parsers.o > msc_test-msc_util.o msc_test-msc_pcre.o msc_test-msc_unicode.o > msc_test-persist_dbm.o msc_test-msc_reqbody.o msc_test-msc_crypt.o > msc_test-msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o > msc_test-acmp.o msc_test-msc_lua.o msc_test-msc_release.o -lpthread > -lldap -llber -lexpat -ldb-4.8 /usr/lib64/libapr-1.so > /usr/lib64/libaprutil-1.so -lpcre -lxml2 -lz -llua -lm -ldl -pthread > msc_test-re.o: In function `update_rule_target_ex': > /home/pvrabec/rpmbuild/BUILD/modsecurity-apache_2.7.1/tests/../apache2/re.c:366: > undefined reference to `ap_log_error' > ... > > > ap_log_error() is build in /usr/sbin/httpd. > > $ nm -D /usr/sbin/httpd | grep ap_log_error > 00000000002569a8 D ap_hack_ap_log_error > 0000000000030760 T ap_log_error > > > thnx., > Peter. > > ------------------------------------------------------------------------------ > Monitor your physical, virtual and cloud infrastructure from a single > web console. Get in-depth insight into apps, servers, databases, vmware, > SAP, cloud infrastructure, etc. Download 30-day Free Trial. > Pricing starts from $795 for 25 servers or applications! > http://p.sf.net/sfu/zoho_dev2dev_nov > _______________________________________________ > mod-security-developers mailing list > mod...@li... > <mailto:mod...@li...> > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php > > > > > -- > “If debugging is the process of removing software bugs, then programming > must be the process of putting them in.” - Edsger Dijkstra > > > ------------------------------------------------------------------------------ > Monitor your physical, virtual and cloud infrastructure from a single > web console. Get in-depth insight into apps, servers, databases, vmware, > SAP, cloud infrastructure, etc. Download 30-day Free Trial. > Pricing starts from $795 for 25 servers or applications! > http://p.sf.net/sfu/zoho_dev2dev_nov > > > > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php > |
|
From: Ulisses M. <uli...@gm...> - 2012-11-21 13:59:54
|
Peter, I've had similar issues when enabling certain test/debug flags while configuring mod_security (I don't have access to my system right now, so I can't list which ones in particular). What is your ./configure command line? Thanks, Ulisses On Wed, Nov 21, 2012 at 11:56 AM, Peter Vrabec <pv...@re...> wrote: > Hi Breno, > > I'd like to run make check but it doesn't work for me. I don't know what > I do wrong. Could you help me please. > > libtool: link: gcc -I/usr/include/httpd -I/usr/include/apr-1 > -I/usr/include/apr-1 -I/usr/include/libxml2 -DWITH_PCRE_STUDY > -DMODSEC_PCRE_MATCH_LIMIT=1000000 > -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1000000 -DREQUEST_EARLY -DWITH_LUA > -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions > -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wl,-z > -Wl,relro -o msc_test msc_test-msc_test.o msc_test-re.o > msc_test-re_operators.o msc_test-re_actions.o msc_test-re_tfns.o > msc_test-re_variables.o msc_test-msc_logging.o msc_test-msc_xml.o > msc_test-msc_multipart.o msc_test-modsecurity.o msc_test-msc_parsers.o > msc_test-msc_util.o msc_test-msc_pcre.o msc_test-msc_unicode.o > msc_test-persist_dbm.o msc_test-msc_reqbody.o msc_test-msc_crypt.o > msc_test-msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o > msc_test-acmp.o msc_test-msc_lua.o msc_test-msc_release.o -lpthread > -lldap -llber -lexpat -ldb-4.8 /usr/lib64/libapr-1.so > /usr/lib64/libaprutil-1.so -lpcre -lxml2 -lz -llua -lm -ldl -pthread > msc_test-re.o: In function `update_rule_target_ex': > > /home/pvrabec/rpmbuild/BUILD/modsecurity-apache_2.7.1/tests/../apache2/re.c:366: > undefined reference to `ap_log_error' > ... > > > ap_log_error() is build in /usr/sbin/httpd. > > $ nm -D /usr/sbin/httpd | grep ap_log_error > 00000000002569a8 D ap_hack_ap_log_error > 0000000000030760 T ap_log_error > > > thnx., > Peter. > > > ------------------------------------------------------------------------------ > Monitor your physical, virtual and cloud infrastructure from a single > web console. Get in-depth insight into apps, servers, databases, vmware, > SAP, cloud infrastructure, etc. Download 30-day Free Trial. > Pricing starts from $795 for 25 servers or applications! > http://p.sf.net/sfu/zoho_dev2dev_nov > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php > -- “If debugging is the process of removing software bugs, then programming must be the process of putting them in.” - Edsger Dijkstra |
|
From: Peter V. <pv...@re...> - 2012-11-21 13:56:50
|
Hi Breno, I'd like to run make check but it doesn't work for me. I don't know what I do wrong. Could you help me please. libtool: link: gcc -I/usr/include/httpd -I/usr/include/apr-1 -I/usr/include/apr-1 -I/usr/include/libxml2 -DWITH_PCRE_STUDY -DMODSEC_PCRE_MATCH_LIMIT=1000000 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1000000 -DREQUEST_EARLY -DWITH_LUA -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wl,-z -Wl,relro -o msc_test msc_test-msc_test.o msc_test-re.o msc_test-re_operators.o msc_test-re_actions.o msc_test-re_tfns.o msc_test-re_variables.o msc_test-msc_logging.o msc_test-msc_xml.o msc_test-msc_multipart.o msc_test-modsecurity.o msc_test-msc_parsers.o msc_test-msc_util.o msc_test-msc_pcre.o msc_test-msc_unicode.o msc_test-persist_dbm.o msc_test-msc_reqbody.o msc_test-msc_crypt.o msc_test-msc_tree.o msc_test-msc_geo.o msc_test-msc_gsb.o msc_test-acmp.o msc_test-msc_lua.o msc_test-msc_release.o -lpthread -lldap -llber -lexpat -ldb-4.8 /usr/lib64/libapr-1.so /usr/lib64/libaprutil-1.so -lpcre -lxml2 -lz -llua -lm -ldl -pthread msc_test-re.o: In function `update_rule_target_ex': /home/pvrabec/rpmbuild/BUILD/modsecurity-apache_2.7.1/tests/../apache2/re.c:366: undefined reference to `ap_log_error' ... ap_log_error() is build in /usr/sbin/httpd. $ nm -D /usr/sbin/httpd | grep ap_log_error 00000000002569a8 D ap_hack_ap_log_error 0000000000030760 T ap_log_error thnx., Peter. |
|
From: Greg W. <gwr...@ho...> - 2012-11-20 18:35:31
|
Let's not give up, we might be onto something very important. Was your configuration Win2k8 R2 SP1 64bit?Did you run the scripts in 32-bit or 64-bit CMD window? Was it a clean installation of the OS? I would really like to nail down the configuration required to reproduce this problem. Thanks,Greg> From: mod...@li... > Subject: mod-security-developers Digest, Vol 25, Issue 3 > To: mod...@li... > Date: Mon, 19 Nov 2012 15:28:56 +0000 > > Send mod-security-developers mailing list submissions to > mod...@li... > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > or, via email, send a message with subject or body 'help' to > mod...@li... > > You can reach the person managing the list at > mod...@li... > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of mod-security-developers digest..." > > > Today's Topics: > > 1. Re: WS2008 R2 SP1 (64bit) IIS 7.5 (Greg Wroblewski) > 2. Re: WS2008 R2 SP1 (64bit) IIS 7.5 (Jan van Valen) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Fri, 16 Nov 2012 13:03:31 -0800 > From: Greg Wroblewski <gwr...@ho...> > Subject: Re: [Mod-security-developers] WS2008 R2 SP1 (64bit) IIS 7.5 > To: "mod...@li..." > <mod...@li...> > Message-ID: <BLU...@ph...l> > Content-Type: text/plain; charset="iso-8859-1" > > The event log error clearly indicates an issue with the installation. I just did a fresh test with latest bits on WS2008 R2 and everything worked for me. I used the administrator command line installation method and here is my output: Microsoft Windows [Version 6.1.7600] > Copyright (c) 2009 Microsoft Corporation. All rights reserved.C:\Users\gwroblew>cd \temp\modsecurityC:\Temp\modsecurity>copyfiles.batC:\Temp\modsecurity>IF /I AMD64 == x86 GOTO x86C:\Temp\modsecurity>copy x86\*.dll C:\Windows\syswow64\inetsrv > x86\libapr-1.dll > x86\libapriconv-1.dll > x86\libaprutil-1.dll > x86\libcurl.dll > x86\libxml2.dll > x86\lua5.1.dll > x86\ModSecurityIIS.dll > x86\pcre.dll > x86\zlib1.dll > 9 file(s) copied.C:\Temp\modsecurity>copy amd64\*.dll C:\Windows\system32\inetsrv > amd64\libapr-1.dll > amd64\libapriconv-1.dll > amd64\libaprutil-1.dll > amd64\libcurl.dll > amd64\libxml2.dll > amd64\lua5.1.dll > amd64\ModSecurityIIS.dll > amd64\pcre.dll > amd64\zlib1.dll > 9 file(s) copied.C:\Temp\modsecurity>copy x86\*.pdb C:\Windows\syswow64\inetsrv > x86\libapr-1.pdb > x86\libapriconv-1.pdb > x86\libaprutil-1.pdb > x86\libcurl.pdb > x86\lua5.1.pdb > x86\ModSecurityIIS.pdb > x86\pcre.pdb > x86\zlib1.pdb > 8 file(s) copied.C:\Temp\modsecurity>copy amd64\*.pdb C:\Windows\system32\inetsrv > amd64\libapr-1.pdb > amd64\libapriconv-1.pdb > amd64\libaprutil-1.pdb > amd64\libcurl.pdb > amd64\lua5.1.pdb > amd64\ModSecurityIIS.pdb > amd64\pcre.pdb > amd64\zlib1.pdb > 8 file(s) copied.C:\Temp\modsecurity>GOTO endC:\Temp\modsecurity>register.batC:\Temp\modsecurity>pushd \C:\>cd C:\Windows\system32\inetsrvC:\Windows\System32\inetsrv>appcmd.exe install module /name:ModSecurityIIS /imag > e:C:\Windows\system32\inetsrv\modsecurityiis.dll > GLOBAL MODULE object "ModSecurityIIS" added > MODULE object "ModSecurityIIS" addedC:\Windows\System32\inetsrv>popdC:\Temp\modsecurity>addschema.batC:\Temp\modsecurity>iisschema.exe /install ModSecurity.xml > Installing schema file: C:\Temp\modsecurity\ModSecurity.xml > Installed schema file: C:\Windows\system32\inetsrv\config\schema\ModSecurity.xmlRegistered section: system.webServer/ModSecurity > Finished > After that I modified a web.config file, added ModSecurity config file to wwwroot and it worked as expected. > Greg > ------------------------------ |
10 messages has been excluded from this view by a project administrator.
