mod-security-developers — Development discussion about mod_security

[Mod-security-developers] Hyperscan

[Breno S. <bre...@gm...>]

Interesting project to be considered by modsecurity https://01.org/hyperscan

Breno

Re: [Mod-security-developers] Draft Proposal

[Robert P. <rpa...@fe...>]

Probably no need to x-post this to the users list. :) I will be able to take a look either late Sunday afternoon PST, or at some point Tuesday. 

Sent from my iPhone

> On Mar 19, 2016, at 22:41, Akhil Koul <akh...@gm...> wrote:
> 
> Hello
> 
> I have uploaded the initial proposal for GSoC project. I would like the mentors to review it and point out the corrections before i am able to submit the final draft.
> 
> Regards
> Akhil
> ------------------------------------------------------------------------------
> Transform Data into Opportunity.
> Accelerate data analysis in your applications with
> Intel Data Analytics Acceleration Library.
> Click to learn more.
> http://pubads.g.doubleclick.net/gampad/clk?id=278785231&iu=/4140
> _______________________________________________
> mod-security-developers mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php

[Mod-security-developers] Draft Proposal

[Akhil K. <akh...@gm...>]

Hello

I have uploaded the initial proposal for GSoC project. I would like the
mentors to review it and point out the corrections before i am able to
submit the final draft.

Regards
Akhil

[Mod-security-developers] GSoC Proposal

[Akhil K. <akh...@gm...>]

Hello

As mentioned earlier, I am interested in working for ModSecurity under GSoC
during summers. I would be submitting a proposal in a couple of days
regarding the same under the topic "ModSecurity integration with Snort".

I wanted some resources on the same which would help me in better
understanding and working of the project, as the description in the page is
quite limited. That would also help in writing a kick-ass proposal.

Thanks

Re: [Mod-security-developers] Proposal for GSoC 2016

[Robert P. <rpa...@fe...>]

Hey Akhil,

GSoC has a student manual you can work though:
http://write.flossmanuals.net/gsocstudentguide/what-is-google-summer-of-code/

There is a specific section on writing a proposal:
http://write.flossmanuals.net/gsocstudentguide/writing-a-proposal/

Hopefully this is a good start.

On Tue, Mar 15, 2016 at 11:56 AM, Akhil Koul <akh...@gm...> wrote:

> Hello
>
> I would love to work on ModSecurity this summer as a part of GSoc 16. I am
> interested in the idea "ModSecuroty Snort Integration" which will involve
> replacing http regex checks in snort by rules in modsec.
>
> I am active on the irc channel under the nick @akoul. I have already
> contributed a little by submitting modsecurity install instructions for
> debian based systems.
>
> I would need some help in submitting my proposal.
>
> Thanks
> Akhil
>
>
>
> ------------------------------------------------------------------------------
> Transform Data into Opportunity.
> Accelerate data analysis in your applications with
> Intel Data Analytics Acceleration Library.
> Click to learn more.
> http://pubads.g.doubleclick.net/gampad/clk?id=278785231&iu=/4140
> _______________________________________________
> mod-security-developers mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php
>

[Mod-security-developers] Proposal for GSoC 2016

[Akhil K. <akh...@gm...>]

Hello

I would love to work on ModSecurity this summer as a part of GSoc 16. I am
interested in the idea "ModSecuroty Snort Integration" which will involve
replacing http regex checks in snort by rules in modsec.

I am active on the irc channel under the nick @akoul. I have already
contributed a little by submitting modsecurity install instructions for
debian based systems.

I would need some help in submitting my proposal.

Thanks
Akhil

[Mod-security-developers] ModSecurity version 2.9.1 announcement

[Felipe C. <FC...@tr...>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

It is a pleasure to announce the release of ModSecurity version 2.9.1.
This version does not differ in anything from its release candidate.

For the differences between the version 2.9.0 and 2.9.1, please check
the release notes of the version 2.9.1-rc1:
https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.1-rc1

The documentation for this release is available at:
https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual

The version 2.9.1 can be downloaded straight from GitHub:
https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.1

Thanks to all members of the community who participated and helped
in the construction of this release.

* Known issues

- - Depending upon your Apache configuration you may have two "client"
  entries on the logs. The extended description of this issue can be
  found at: #840.

Br.,
Felipe "Zimmerle" Costa
Lead Developer for ModSecurity
Security Researcher, SpiderLabs

Trustwave | SMART SECURITY ON DEMAND
www.trustwave.com <http://www.trustwave.com/>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: GPGTools - https://gpgtools.org

iEYEARECAAYFAlbghCkACgkQ5t+wjOixEnerwgCggNJnVOoG9NSk4FVYfE3TZeZ1
SdcAoJRYmWHvwOQrmFZo0iYiPH5t0ysO
=wvl+
-----END PGP SIGNATURE-----

________________________________

This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.

Re: [Mod-security-developers] ModSecurity version 2.9.1-rc1 announcement

[Christian F. <chr...@ne...>]

Hello,

On Tue, Mar 08, 2016 at 04:52:17PM +0000, Felipe Costa wrote:
> I don’t think we should make the dependency mandatory. As the example of other
> optional dependencies the feature will only be available if the dependency is
> there. Every dependency that we add make difficult the compilation in certain
> platforms. It is not fair to have it marked as mandatory if it is not really
> mandatory.
> 
> I think it is safe to delivery 2.9.1 with this feature as it is. What is your
> opinion?

I agree with your reasoning. This is better than mandatory. And the
the note in the reference manual is very clear.

Thank you.

> Just a quick note: on v3 we print a fancy summary after the configure step:
> https://gist.github.com/zimmerle/60cee54cef49603b1310

That's nice!

Cheers,

Christian

> 
> 
> 
> Br.,
> Felipe “Zimmerle” Costa
> Security Researcher, Lead Developer ModSecurity.
> 
> Trustwave | SMART SECURITY ON DEMAND
> www.trustwave.com <http://www.trustwave.com/>
> 
> 
> 
> 
> 
> 
> 
> 
> On 3/3/16, 5:09 PM, "Christian Folini" <chr...@ne...> wrote:
> 
> >Robert,
> >
> >So you mean I need to read the logfiles before submitting?
> >
> >You are right on target.
> >
> >I installed libyajl-dev and both problems solved:
> >- compilation against apache 2.4.17 works
> >- Audit-Log Format JSON works
> >
> >Making yajl a mandatory item in configure seems like the
> >way to go then.
> >
> >Cheers,
> >
> >Christian
> >
> >
> >On Thu, Mar 03, 2016 at 06:54:13AM -0800, Robert Paprocki wrote:
> >> So here's the culprint:
> >>
> >> checking for yajl install... no
> >> configure: optional yajl library not found
> >>
> >> Christian, do you have anything odd about the system where this is running?
> >> Perhaps try re-installing the libyajl-dev package? Here's what it should
> >> provide on Trusty (running on my laptop):
> >> poprocks@soter:~$ dpkg -L libyajl-dev
> >> /.
> >> /usr
> >> /usr/share
> >> /usr/share/doc
> >> /usr/share/doc/libyajl-dev
> >> /usr/share/doc/libyajl-dev/copyright
> >> /usr/lib
> >> /usr/lib/x86_64-linux-gnu
> >> /usr/lib/x86_64-linux-gnu/libyajl_s.a
> >> /usr/lib/x86_64-linux-gnu/pkgconfig
> >> /usr/lib/x86_64-linux-gnu/pkgconfig/yajl.pc
> >> /usr/include
> >> /usr/include/yajl
> >> /usr/include/yajl/yajl_tree.h
> >> /usr/include/yajl/yajl_version.h
> >> /usr/include/yajl/yajl_parse.h
> >> /usr/include/yajl/yajl_gen.h
> >> /usr/include/yajl/yajl_common.h
> >> /usr/share/doc/libyajl-dev/README
> >> /usr/share/doc/libyajl-dev/TODO
> >> /usr/share/doc/libyajl-dev/changelog.Debian.gz
> >> /usr/lib/x86_64-linux-gnu/libyajl.so
> >>
> >> ModSec config should be relying on the
> >> '/usr/lib/x86_64-linux-gnu/pkgconfig/yajl.pc'
> >> package config file to make it's detection I believe. Does that exist for
> >> you?
> >>
> >>
> >> On Wed, Mar 2, 2016 at 9:23 PM, Christian Folini <
> >> chr...@ne...> wrote:
> >>
> >> > Unfortunately, the build problem against apache 2.4.17 did not go away
> >> > either:
> >> >
> >> > The OS Release:
> >> >   Ubuntu 14.04.4 LTS \n \l
> >> >
> >> > Apache build:
> >> >   Server version: Apache/2.4.18 (Unix)
> >> >   Server built:   Mar  3 2016 05:25:21
> >> >
> >> > $> ./configure --prefix=/opt/apache-2.4.18 \
> >> >   --with-apr=/usr/local/apr/bin/apr-1-config \
> >> >   --with-apr-util=/usr/local/apr/bin/apu-1-config \
> >> >   --enable-mpms-shared=event \
> >> >   --enable-mods-shared=all \
> >> >   --enable-nonportable-atomics=yes
> >> > ...
> >> >
> >> > ModSec Configure:
> >> > $> ./configure --with-apxs=/apache/bin/apxs./configure \
> >> >   --with-apxs=/apache/bin/apxs \
> >> >   --with-apr=/usr/local/apr/bin/apr-1-config \
> >> >   --with-pcre=/usr/bin/pcre-config \
> >> >   --enable-request-early
> >> > checking for a BSD-compatible install... /usr/bin/install -c
> >> > checking whether build environment is sane... yes
> >> > checking for a thread-safe mkdir -p... /bin/mkdir -p
> >> > checking for gawk... gawk
> >> > checking whether make sets $(MAKE)... yes
> >> > checking whether make supports nested variables... yes
> >> > checking for style of include used by make... GNU
> >> > checking for gcc... gcc
> >> > checking whether the C compiler works... yes
> >> > checking for C compiler default output file name... a.out
> >> > checking for suffix of executables...
> >> > checking whether we are cross compiling... no
> >> > checking for suffix of object files... o
> >> > checking whether we are using the GNU C compiler... yes
> >> > checking whether gcc accepts -g... yes
> >> > checking for gcc option to accept ISO C89... none needed
> >> > checking whether gcc understands -c and -o together... yes
> >> > checking dependency style of gcc... gcc3
> >> > checking for ar... ar
> >> > checking the archiver (ar) interface... ar
> >> > checking build system type... x86_64-unknown-linux-gnu
> >> > checking host system type... x86_64-unknown-linux-gnu
> >> > checking how to print strings... printf
> >> > checking for a sed that does not truncate output... /bin/sed
> >> > checking for grep that handles long lines and -e... /bin/grep
> >> > checking for egrep... /bin/grep -E
> >> > checking for fgrep... /bin/grep -F
> >> > checking for ld used by gcc... /usr/bin/ld
> >> > checking if the linker (/usr/bin/ld) is GNU ld... yes
> >> > checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B
> >> > checking the name lister (/usr/bin/nm -B) interface... BSD nm
> >> > checking whether ln -s works... yes
> >> > checking the maximum length of command line arguments... 1572864
> >> > checking whether the shell understands some XSI constructs... yes
> >> > checking whether the shell understands "+="... yes
> >> > checking how to convert x86_64-unknown-linux-gnu file names to
> >> > x86_64-unknown-linux-gnu format... func_convert_file_noop
> >> > checking how to convert x86_64-unknown-linux-gnu file names to toolchain
> >> > format... func_convert_file_noop
> >> > checking for /usr/bin/ld option to reload object files... -r
> >> > checking for objdump... objdump
> >> > checking how to recognize dependent libraries... pass_all
> >> > checking for dlltool... no
> >> > checking how to associate runtime and link libraries... printf %s\n
> >> > checking for archiver @FILE support... @
> >> > checking for strip... strip
> >> > checking for ranlib... ranlib
> >> > checking command to parse /usr/bin/nm -B output from gcc object... ok
> >> > checking for sysroot... no
> >> > checking for mt... mt
> >> > checking if mt is a manifest tool... no
> >> > checking how to run the C preprocessor... gcc -E
> >> > checking for ANSI C header files... yes
> >> > checking for sys/types.h... yes
> >> > checking for sys/stat.h... yes
> >> > checking for stdlib.h... yes
> >> > checking for string.h... yes
> >> > checking for memory.h... yes
> >> > checking for strings.h... yes
> >> > checking for inttypes.h... yes
> >> > checking for stdint.h... yes
> >> > checking for unistd.h... yes
> >> > checking for dlfcn.h... yes
> >> > checking for objdir... .libs
> >> > checking if gcc supports -fno-rtti -fno-exceptions... no
> >> > checking for gcc option to produce PIC... -fPIC -DPIC
> >> > checking if gcc PIC flag -fPIC -DPIC works... yes
> >> > checking if gcc static flag -static works... yes
> >> > checking if gcc supports -c -o file.o... yes
> >> > checking if gcc supports -c -o file.o... (cached) yes
> >> > checking whether the gcc linker (/usr/bin/ld -m elf_x86_64) supports
> >> > shared libraries... yes
> >> > checking whether -lc should be explicitly linked in... no
> >> > checking dynamic linker characteristics... GNU/Linux http://scanmail.trustwave.com/?c=4062&d=uJrY1n0_DrF3my2Z46kGTt5TajY6Gu34CSd-wO1wNQ&s=5&u=http%3a%2f%2fld%2eso
> >> > checking how to hardcode library paths into programs... immediate
> >> > checking for shl_load... no
> >> > checking for shl_load in -ldld... no
> >> > checking for dlopen... no
> >> > checking for dlopen in -ldl... yes
> >> > checking whether a program can dlopen itself... yes
> >> > checking whether a statically linked program can dlopen itself... no
> >> > checking whether stripping libraries is possible... yes
> >> > checking if libtool supports shared libraries... yes
> >> > checking whether to build shared libraries... yes
> >> > checking whether to build static libraries... yes
> >> > checking for gawk... (cached) gawk
> >> > checking for gcc... (cached) gcc
> >> > checking whether we are using the GNU C compiler... (cached) yes
> >> > checking whether gcc accepts -g... (cached) yes
> >> > checking for gcc option to accept ISO C89... (cached) none needed
> >> > checking whether gcc understands -c and -o together... (cached) yes
> >> > checking dependency style of gcc... (cached) gcc3
> >> > checking how to run the C preprocessor... gcc -E
> >> > checking whether ln -s works... yes
> >> > checking whether make sets $(MAKE)... (cached) yes
> >> > checking for grep that handles long lines and -e... (cached) /bin/grep
> >> > checking for perl... /usr/bin/perl
> >> > checking for env... /usr/bin/env
> >> > checking for ANSI C header files... (cached) yes
> >> > checking fcntl.h usability... yes
> >> > checking fcntl.h presence... yes
> >> > checking for fcntl.h... yes
> >> > checking limits.h usability... yes
> >> > checking limits.h presence... yes
> >> > checking for limits.h... yes
> >> > checking for stdlib.h... (cached) yes
> >> > checking for string.h... (cached) yes
> >> > checking for unistd.h... (cached) yes
> >> > checking for sys/types.h... (cached) yes
> >> > checking for sys/stat.h... (cached) yes
> >> > checking sys/utsname.h usability... yes
> >> > checking sys/utsname.h presence... yes
> >> > checking for sys/utsname.h... yes
> >> > checking for an ANSI C-conforming const... yes
> >> > checking for inline... inline
> >> > checking for C/C++ restrict keyword... __restrict
> >> > checking for pid_t... yes
> >> > checking for size_t... yes
> >> > checking whether struct tm is in sys/time.h or time.h... time.h
> >> > checking for uint8_t... yes
> >> > checking for stdlib.h... (cached) yes
> >> > checking for GNU libc compatible malloc... yes
> >> > checking for working memcmp... yes
> >> > checking for atexit... yes
> >> > checking for getcwd... yes
> >> > checking for memmove... yes
> >> > checking for memset... yes
> >> > checking for strcasecmp... yes
> >> > checking for strchr... yes
> >> > checking for strdup... yes
> >> > checking for strerror... yes
> >> > checking for strncasecmp... yes
> >> > checking for strrchr... yes
> >> > checking for strstr... yes
> >> > checking for strtol... yes
> >> > checking for fchmod... yes
> >> > checking for strcasestr... yes
> >> > Checking platform... Identified as Linux
> >> > checking for libcurl config script... /usr/bin/curl-config
> >> > checking if libcurl is at least v... yes, 7.35.0
> >> > checking if libcurl is linked with gnutls... no
> >> > configure: using curl v7.35.0
> >> > configure: looking for Apache module support via DSO through APXS
> >> > configure: found apxs at /opt/apache-2.4.17/bin/apxs
> >> > configure: checking httpd version
> >> > configure: httpd is recent enough
> >> > checking for libpcre config script... /usr/bin/pcre-config
> >> > configure: using pcre v8.31
> >> > checking for libapr config script... /usr/local/apr/bin/apr-1-config
> >> > configure: using apr v1.5.2
> >> > checking for libapu config script... /usr/local/apr/bin/apu-1-config
> >> > configure: using apu v1.5.4
> >> > checking for libxml2 config script... /usr/bin/xml2-config
> >> > checking if libxml2 is at least v2.6.29... yes, 2.9.1
> >> > configure: using libxml2 v2.9.1
> >> > checking for pkg-config... /usr/bin/pkg-config
> >> > checking pkg-config is at least version 0.9.0... yes
> >> > checking for liblua config script... /usr/bin/pkg-config
> >> > configure: using lua v5.2.0
> >> > checking for libyajl config script... no
> >> > checking for yajl install... no
> >> > configure: optional yajl library not found
> >> > checking for ssdeep path... no
> >> > configure: optional ssdeep library not found
> >> > checking that generated files are newer than configure... done
> >> > configure: creating ./config.status
> >> > config.status: creating Makefile
> >> > config.status: creating tools/Makefile
> >> > config.status: creating apache2/Makefile
> >> > config.status: creating build/apxs-wrapper
> >> > config.status: creating mlogc/mlogc-batch-load.pl
> >> > config.status: creating tests/regression/misc/40-secRemoteRules.t
> >> > config.status: creating tests/regression/misc/50-ipmatchfromfile-external.t
> >> > config.status: creating tests/regression/misc/60-pmfromfile-external.t
> >> > config.status: creating tests/run-unit-tests.pl
> >> > config.status: creating tests/run-regression-tests.pl
> >> > config.status: creating tests/gen_rx-pm.pl
> >> > config.status: creating tests/csv_rx-pm.pl
> >> > config.status: creating tests/regression/server_root/conf/httpd.conf
> >> > config.status: creating tools/rules-updater.pl
> >> > config.status: creating mlogc/Makefile
> >> > config.status: creating tests/Makefile
> >> > config.status: creating apache2/modsecurity_config_auto.h
> >> > config.status: apache2/modsecurity_config_auto.h is unchanged
> >> > config.status: executing depfiles commands
> >> > config.status: executing libtool commands
> >> >
> >> >
> >> > Make:
> >> > $> make
> >> > Making all in tools
> >> > make[1]: Entering directory
> >> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/tools'
> >> > make[1]: Nothing to be done for `all'.
> >> > make[1]: Leaving directory
> >> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/tools'
> >> > Making all in apache2
> >> > make[1]: Entering directory
> >> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
> >> > make  all-am
> >> > make[2]: Entering directory
> >> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
> >> > /bin/bash ../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H -I.
> >> > -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/usr/include/libxml2
> >> >  -I/usr/local/apr//include/apr-1 -I/usr/local/apr//include/apr-1
> >> > -I/opt/apache-2.4.17/include -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL
> >> > -I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
> >> > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
> >> > -DREQUEST_EARLY          -DWITH_REMOTE_RULES  -g -O2
> >> > -I/usr/local/apr//include/apr-1  -MT mod_security2_la-acmp.lo -MD -MP -MF
> >> > .deps/mod_security2_la-acmp.Tpo -c -o mod_security2_la-acmp.lo `test -f
> >> > 'acmp.c' || echo './'`acmp.c
> >> > libtool: compile:  gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT
> >> > -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1
> >> > -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include
> >> > -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2
> >> > -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
> >> > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
> >> > -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1
> >> > -MT mod_security2_la-acmp.lo -MD -MP -MF .deps/mod_security2_la-acmp.Tpo -c
> >> > acmp.c  -fPIC -DPIC -o .libs/mod_security2_la-acmp.o
> >> > libtool: compile:  gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT
> >> > -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1
> >> > -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include
> >> > -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2
> >> > -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
> >> > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
> >> > -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1
> >> > -MT mod_security2_la-acmp.lo -MD -MP -MF .deps/mod_security2_la-acmp.Tpo -c
> >> > acmp.c -o mod_security2_la-acmp.o >/dev/null 2>&1
> >> > mv -f .deps/mod_security2_la-acmp.Tpo .deps/mod_security2_la-acmp.Plo
> >> > /bin/bash ../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H -I.
> >> > -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/usr/include/libxml2
> >> >  -I/usr/local/apr//include/apr-1 -I/usr/local/apr//include/apr-1
> >> > -I/opt/apache-2.4.17/include -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL
> >> > -I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
> >> > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
> >> > -DREQUEST_EARLY          -DWITH_REMOTE_RULES  -g -O2
> >> > -I/usr/local/apr//include/apr-1  -MT mod_security2_la-apache2_config.lo -MD
> >> > -MP -MF .deps/mod_security2_la-apache2_config.Tpo -c -o
> >> > mod_security2_la-apache2_config.lo `test -f 'apache2_config.c' || echo
> >> > './'`apache2_config.c
> >> > libtool: compile:  gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT
> >> > -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1
> >> > -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include
> >> > -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2
> >> > -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
> >> > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
> >> > -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1
> >> > -MT mod_security2_la-apache2_config.lo -MD -MP -MF
> >> > .deps/mod_security2_la-apache2_config.Tpo -c apache2_config.c  -fPIC -DPIC
> >> > -o .libs/mod_security2_la-apache2_config.o
> >> > In file included from /opt/apache-2.4.17/include/apr_network_io.h:26:0,
> >> >                  from /opt/apache-2.4.17/include/apr_buckets.h:29,
> >> >                  from /opt/apache-2.4.17/include/util_filter.h:26,
> >> >                  from /opt/apache-2.4.17/include/http_core.h:32,
> >> >                  from apache2.h:18,
> >> >                  from re.h:42,
> >> >                  from msc_util.h:29,
> >> >                  from modsecurity.h:40,
> >> >                  from apache2_config.c:17:
> >> > /opt/apache-2.4.17/include/apr_file_io.h:612:46: error: unknown type name
> >> > 'apr_wait_type_t'
> >> >                                               apr_wait_type_t direction);
> >> >                                               ^
> >> > In file included from /opt/apache-2.4.17/include/apr_buckets.h:29:0,
> >> >                  from /opt/apache-2.4.17/include/util_filter.h:26,
> >> >                  from /opt/apache-2.4.17/include/http_core.h:32,
> >> >                  from apache2.h:18,
> >> >                  from re.h:42,
> >> >                  from msc_util.h:29,
> >> >                  from modsecurity.h:40,
> >> >                  from apache2_config.c:17:
> >> > /opt/apache-2.4.17/include/apr_network_io.h:650:43: error: unknown type
> >> > name 'apr_wait_type_t'
> >> >                                            apr_wait_type_t direction);
> >> >                                            ^
> >> > make[2]: *** [mod_security2_la-apache2_config.lo] Error 1
> >> > make[2]: Leaving directory
> >> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
> >> > make[1]: *** [all] Error 2
> >> > make[1]: Leaving directory
> >> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
> >> > make: *** [all-recursive] Error 1
> >> >
> >> >
> >> >
> >> > Sorry for the bad news....
> >> >
> >> > Ahoj,
> >> >
> >> > Christian
> >> >
> >> >
> >> >
> >> > --
> >> > I think IT projects are about supporting social systems - about
> >> > communications between people and machines. They tend to fail due to
> >> > cultural issues.
> >> > -- Tim Berners-Lee
> >> >
> >> >
> >> > ------------------------------------------------------------------------------
> >> > Site24x7 APM Insight: Get Deep Visibility into Application Performance
> >> > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
> >> > Monitor end-to-end web transactions and take corrective actions now
> >> > Troubleshoot faster and improve end-user experience. Signup Now!
> >> > http://scanmail.trustwave.com/?c=4062&d=uJrY1n0_DrF3my2Z46kGTt5TajY6Gu34CSJ4wLolYw&s=5&u=http%3a%2f%2fpubads%2eg%2edoubleclick%2enet%2fgampad%2fclk%3fid%3d272487151%26iu%3d%2f4140
> >> > _______________________________________________
> >> > mod-security-developers mailing list
> >> > mod...@li...
> >> > http://scanmail.trustwave.com/?c=4062&d=uJrY1n0_DrF3my2Z46kGTt5TajY6Gu34CXd6zLgiZA&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers
> >> > ModSecurity Services from Trustwave's SpiderLabs:
> >> > https://www.trustwave.com/spiderLabs.php
> >> >
> >
> >> ------------------------------------------------------------------------------
> >> Site24x7 APM Insight: Get Deep Visibility into Application Performance
> >> APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
> >> Monitor end-to-end web transactions and take corrective actions now
> >> Troubleshoot faster and improve end-user experience. Signup Now!
> >> http://scanmail.trustwave.com/?c=4062&d=uJrY1n0_DrF3my2Z46kGTt5TajY6Gu34CSJ4wLolYw&s=5&u=http%3a%2f%2fpubads%2eg%2edoubleclick%2enet%2fgampad%2fclk%3fid%3d272487151%26iu%3d%2f4140
> >
> >> _______________________________________________
> >> mod-security-developers mailing list
> >> mod...@li...
> >> http://scanmail.trustwave.com/?c=4062&d=uJrY1n0_DrF3my2Z46kGTt5TajY6Gu34CXd6zLgiZA&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers
> >> ModSecurity Services from Trustwave's SpiderLabs:
> >> https://www.trustwave.com/spiderLabs.php
> >
> >
> >--
> >mailto:chr...@ne...
> >http://scanmail.trustwave.com/?c=4062&d=uJrY1n0_DrF3my2Z46kGTt5TajY6Gu34CXYskbssNQ&s=5&u=http%3a%2f%2fwww%2echristian-folini%2ech
> >twitter: @ChrFolini
> >
> >------------------------------------------------------------------------------
> >Site24x7 APM Insight: Get Deep Visibility into Application Performance
> >APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
> >Monitor end-to-end web transactions and take corrective actions now
> >Troubleshoot faster and improve end-user experience. Signup Now!
> >http://scanmail.trustwave.com/?c=4062&d=uJrY1n0_DrF3my2Z46kGTt5TajY6Gu34CSJ4wLolYw&s=5&u=http%3a%2f%2fpubads%2eg%2edoubleclick%2enet%2fgampad%2fclk%3fid%3d272487151%26iu%3d%2f4140
> >_______________________________________________
> >mod-security-developers mailing list
> >mod...@li...
> >http://scanmail.trustwave.com/?c=4062&d=uJrY1n0_DrF3my2Z46kGTt5TajY6Gu34CXd6zLgiZA&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers
> >ModSecurity Services from Trustwave's SpiderLabs:
> >https://www.trustwave.com/spiderLabs.php
> 
> ________________________________
> 
> This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
> ------------------------------------------------------------------------------
> Transform Data into Opportunity.
> Accelerate data analysis in your applications with
> Intel Data Analytics Acceleration Library.
> Click to learn more.
> http://makebettercode.com/inteldaal-eval
> _______________________________________________
> mod-security-developers mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php

-- 
mailto:chr...@ne...
http://www.christian-folini.ch
twitter: @ChrFolini

Re: [Mod-security-developers] ModSecurity version 2.9.1-rc1 announcement

[Felipe C. <FC...@tr...>]

Hi,

I’ve just installed a virtual machine with Ubuntu 14.04. I have installed only
the needed dependencies (including yajl-dev package). The build was successfully.
The JSON logs feature was working like a charm.

I also removed the yajl-dev package and managed to built it successfully. Without
the yajl-dev package the JSON logs feature is not available.

I have added a note on the manual saying that without the yajl-dev package this
feature won’t be available. Here goes the link to the manual:

https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#secauditlogformat


I don’t think we should make the dependency mandatory. As the example of other
optional dependencies the feature will only be available if the dependency is
there. Every dependency that we add make difficult the compilation in certain
platforms. It is not fair to have it marked as mandatory if it is not really
mandatory.

I think it is safe to delivery 2.9.1 with this feature as it is. What is your
opinion?


Just a quick note: on v3 we print a fancy summary after the configure step:
https://gist.github.com/zimmerle/60cee54cef49603b1310



Br.,
Felipe “Zimmerle” Costa
Security Researcher, Lead Developer ModSecurity.

Trustwave | SMART SECURITY ON DEMAND
www.trustwave.com <http://www.trustwave.com/>








On 3/3/16, 5:09 PM, "Christian Folini" <chr...@ne...> wrote:

>Robert,
>
>So you mean I need to read the logfiles before submitting?
>
>You are right on target.
>
>I installed libyajl-dev and both problems solved:
>- compilation against apache 2.4.17 works
>- Audit-Log Format JSON works
>
>Making yajl a mandatory item in configure seems like the
>way to go then.
>
>Cheers,
>
>Christian
>
>
>On Thu, Mar 03, 2016 at 06:54:13AM -0800, Robert Paprocki wrote:
>> So here's the culprint:
>>
>> checking for yajl install... no
>> configure: optional yajl library not found
>>
>> Christian, do you have anything odd about the system where this is running?
>> Perhaps try re-installing the libyajl-dev package? Here's what it should
>> provide on Trusty (running on my laptop):
>> poprocks@soter:~$ dpkg -L libyajl-dev
>> /.
>> /usr
>> /usr/share
>> /usr/share/doc
>> /usr/share/doc/libyajl-dev
>> /usr/share/doc/libyajl-dev/copyright
>> /usr/lib
>> /usr/lib/x86_64-linux-gnu
>> /usr/lib/x86_64-linux-gnu/libyajl_s.a
>> /usr/lib/x86_64-linux-gnu/pkgconfig
>> /usr/lib/x86_64-linux-gnu/pkgconfig/yajl.pc
>> /usr/include
>> /usr/include/yajl
>> /usr/include/yajl/yajl_tree.h
>> /usr/include/yajl/yajl_version.h
>> /usr/include/yajl/yajl_parse.h
>> /usr/include/yajl/yajl_gen.h
>> /usr/include/yajl/yajl_common.h
>> /usr/share/doc/libyajl-dev/README
>> /usr/share/doc/libyajl-dev/TODO
>> /usr/share/doc/libyajl-dev/changelog.Debian.gz
>> /usr/lib/x86_64-linux-gnu/libyajl.so
>>
>> ModSec config should be relying on the
>> '/usr/lib/x86_64-linux-gnu/pkgconfig/yajl.pc'
>> package config file to make it's detection I believe. Does that exist for
>> you?
>>
>>
>> On Wed, Mar 2, 2016 at 9:23 PM, Christian Folini <
>> chr...@ne...> wrote:
>>
>> > Unfortunately, the build problem against apache 2.4.17 did not go away
>> > either:
>> >
>> > The OS Release:
>> >   Ubuntu 14.04.4 LTS \n \l
>> >
>> > Apache build:
>> >   Server version: Apache/2.4.18 (Unix)
>> >   Server built:   Mar  3 2016 05:25:21
>> >
>> > $> ./configure --prefix=/opt/apache-2.4.18 \
>> >   --with-apr=/usr/local/apr/bin/apr-1-config \
>> >   --with-apr-util=/usr/local/apr/bin/apu-1-config \
>> >   --enable-mpms-shared=event \
>> >   --enable-mods-shared=all \
>> >   --enable-nonportable-atomics=yes
>> > ...
>> >
>> > ModSec Configure:
>> > $> ./configure --with-apxs=/apache/bin/apxs./configure \
>> >   --with-apxs=/apache/bin/apxs \
>> >   --with-apr=/usr/local/apr/bin/apr-1-config \
>> >   --with-pcre=/usr/bin/pcre-config \
>> >   --enable-request-early
>> > checking for a BSD-compatible install... /usr/bin/install -c
>> > checking whether build environment is sane... yes
>> > checking for a thread-safe mkdir -p... /bin/mkdir -p
>> > checking for gawk... gawk
>> > checking whether make sets $(MAKE)... yes
>> > checking whether make supports nested variables... yes
>> > checking for style of include used by make... GNU
>> > checking for gcc... gcc
>> > checking whether the C compiler works... yes
>> > checking for C compiler default output file name... a.out
>> > checking for suffix of executables...
>> > checking whether we are cross compiling... no
>> > checking for suffix of object files... o
>> > checking whether we are using the GNU C compiler... yes
>> > checking whether gcc accepts -g... yes
>> > checking for gcc option to accept ISO C89... none needed
>> > checking whether gcc understands -c and -o together... yes
>> > checking dependency style of gcc... gcc3
>> > checking for ar... ar
>> > checking the archiver (ar) interface... ar
>> > checking build system type... x86_64-unknown-linux-gnu
>> > checking host system type... x86_64-unknown-linux-gnu
>> > checking how to print strings... printf
>> > checking for a sed that does not truncate output... /bin/sed
>> > checking for grep that handles long lines and -e... /bin/grep
>> > checking for egrep... /bin/grep -E
>> > checking for fgrep... /bin/grep -F
>> > checking for ld used by gcc... /usr/bin/ld
>> > checking if the linker (/usr/bin/ld) is GNU ld... yes
>> > checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B
>> > checking the name lister (/usr/bin/nm -B) interface... BSD nm
>> > checking whether ln -s works... yes
>> > checking the maximum length of command line arguments... 1572864
>> > checking whether the shell understands some XSI constructs... yes
>> > checking whether the shell understands "+="... yes
>> > checking how to convert x86_64-unknown-linux-gnu file names to
>> > x86_64-unknown-linux-gnu format... func_convert_file_noop
>> > checking how to convert x86_64-unknown-linux-gnu file names to toolchain
>> > format... func_convert_file_noop
>> > checking for /usr/bin/ld option to reload object files... -r
>> > checking for objdump... objdump
>> > checking how to recognize dependent libraries... pass_all
>> > checking for dlltool... no
>> > checking how to associate runtime and link libraries... printf %s\n
>> > checking for archiver @FILE support... @
>> > checking for strip... strip
>> > checking for ranlib... ranlib
>> > checking command to parse /usr/bin/nm -B output from gcc object... ok
>> > checking for sysroot... no
>> > checking for mt... mt
>> > checking if mt is a manifest tool... no
>> > checking how to run the C preprocessor... gcc -E
>> > checking for ANSI C header files... yes
>> > checking for sys/types.h... yes
>> > checking for sys/stat.h... yes
>> > checking for stdlib.h... yes
>> > checking for string.h... yes
>> > checking for memory.h... yes
>> > checking for strings.h... yes
>> > checking for inttypes.h... yes
>> > checking for stdint.h... yes
>> > checking for unistd.h... yes
>> > checking for dlfcn.h... yes
>> > checking for objdir... .libs
>> > checking if gcc supports -fno-rtti -fno-exceptions... no
>> > checking for gcc option to produce PIC... -fPIC -DPIC
>> > checking if gcc PIC flag -fPIC -DPIC works... yes
>> > checking if gcc static flag -static works... yes
>> > checking if gcc supports -c -o file.o... yes
>> > checking if gcc supports -c -o file.o... (cached) yes
>> > checking whether the gcc linker (/usr/bin/ld -m elf_x86_64) supports
>> > shared libraries... yes
>> > checking whether -lc should be explicitly linked in... no
>> > checking dynamic linker characteristics... GNU/Linux http://scanmail.trustwave.com/?c=4062&d=uJrY1n0_DrF3my2Z46kGTt5TajY6Gu34CSd-wO1wNQ&s=5&u=http%3a%2f%2fld%2eso
>> > checking how to hardcode library paths into programs... immediate
>> > checking for shl_load... no
>> > checking for shl_load in -ldld... no
>> > checking for dlopen... no
>> > checking for dlopen in -ldl... yes
>> > checking whether a program can dlopen itself... yes
>> > checking whether a statically linked program can dlopen itself... no
>> > checking whether stripping libraries is possible... yes
>> > checking if libtool supports shared libraries... yes
>> > checking whether to build shared libraries... yes
>> > checking whether to build static libraries... yes
>> > checking for gawk... (cached) gawk
>> > checking for gcc... (cached) gcc
>> > checking whether we are using the GNU C compiler... (cached) yes
>> > checking whether gcc accepts -g... (cached) yes
>> > checking for gcc option to accept ISO C89... (cached) none needed
>> > checking whether gcc understands -c and -o together... (cached) yes
>> > checking dependency style of gcc... (cached) gcc3
>> > checking how to run the C preprocessor... gcc -E
>> > checking whether ln -s works... yes
>> > checking whether make sets $(MAKE)... (cached) yes
>> > checking for grep that handles long lines and -e... (cached) /bin/grep
>> > checking for perl... /usr/bin/perl
>> > checking for env... /usr/bin/env
>> > checking for ANSI C header files... (cached) yes
>> > checking fcntl.h usability... yes
>> > checking fcntl.h presence... yes
>> > checking for fcntl.h... yes
>> > checking limits.h usability... yes
>> > checking limits.h presence... yes
>> > checking for limits.h... yes
>> > checking for stdlib.h... (cached) yes
>> > checking for string.h... (cached) yes
>> > checking for unistd.h... (cached) yes
>> > checking for sys/types.h... (cached) yes
>> > checking for sys/stat.h... (cached) yes
>> > checking sys/utsname.h usability... yes
>> > checking sys/utsname.h presence... yes
>> > checking for sys/utsname.h... yes
>> > checking for an ANSI C-conforming const... yes
>> > checking for inline... inline
>> > checking for C/C++ restrict keyword... __restrict
>> > checking for pid_t... yes
>> > checking for size_t... yes
>> > checking whether struct tm is in sys/time.h or time.h... time.h
>> > checking for uint8_t... yes
>> > checking for stdlib.h... (cached) yes
>> > checking for GNU libc compatible malloc... yes
>> > checking for working memcmp... yes
>> > checking for atexit... yes
>> > checking for getcwd... yes
>> > checking for memmove... yes
>> > checking for memset... yes
>> > checking for strcasecmp... yes
>> > checking for strchr... yes
>> > checking for strdup... yes
>> > checking for strerror... yes
>> > checking for strncasecmp... yes
>> > checking for strrchr... yes
>> > checking for strstr... yes
>> > checking for strtol... yes
>> > checking for fchmod... yes
>> > checking for strcasestr... yes
>> > Checking platform... Identified as Linux
>> > checking for libcurl config script... /usr/bin/curl-config
>> > checking if libcurl is at least v... yes, 7.35.0
>> > checking if libcurl is linked with gnutls... no
>> > configure: using curl v7.35.0
>> > configure: looking for Apache module support via DSO through APXS
>> > configure: found apxs at /opt/apache-2.4.17/bin/apxs
>> > configure: checking httpd version
>> > configure: httpd is recent enough
>> > checking for libpcre config script... /usr/bin/pcre-config
>> > configure: using pcre v8.31
>> > checking for libapr config script... /usr/local/apr/bin/apr-1-config
>> > configure: using apr v1.5.2
>> > checking for libapu config script... /usr/local/apr/bin/apu-1-config
>> > configure: using apu v1.5.4
>> > checking for libxml2 config script... /usr/bin/xml2-config
>> > checking if libxml2 is at least v2.6.29... yes, 2.9.1
>> > configure: using libxml2 v2.9.1
>> > checking for pkg-config... /usr/bin/pkg-config
>> > checking pkg-config is at least version 0.9.0... yes
>> > checking for liblua config script... /usr/bin/pkg-config
>> > configure: using lua v5.2.0
>> > checking for libyajl config script... no
>> > checking for yajl install... no
>> > configure: optional yajl library not found
>> > checking for ssdeep path... no
>> > configure: optional ssdeep library not found
>> > checking that generated files are newer than configure... done
>> > configure: creating ./config.status
>> > config.status: creating Makefile
>> > config.status: creating tools/Makefile
>> > config.status: creating apache2/Makefile
>> > config.status: creating build/apxs-wrapper
>> > config.status: creating mlogc/mlogc-batch-load.pl
>> > config.status: creating tests/regression/misc/40-secRemoteRules.t
>> > config.status: creating tests/regression/misc/50-ipmatchfromfile-external.t
>> > config.status: creating tests/regression/misc/60-pmfromfile-external.t
>> > config.status: creating tests/run-unit-tests.pl
>> > config.status: creating tests/run-regression-tests.pl
>> > config.status: creating tests/gen_rx-pm.pl
>> > config.status: creating tests/csv_rx-pm.pl
>> > config.status: creating tests/regression/server_root/conf/httpd.conf
>> > config.status: creating tools/rules-updater.pl
>> > config.status: creating mlogc/Makefile
>> > config.status: creating tests/Makefile
>> > config.status: creating apache2/modsecurity_config_auto.h
>> > config.status: apache2/modsecurity_config_auto.h is unchanged
>> > config.status: executing depfiles commands
>> > config.status: executing libtool commands
>> >
>> >
>> > Make:
>> > $> make
>> > Making all in tools
>> > make[1]: Entering directory
>> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/tools'
>> > make[1]: Nothing to be done for `all'.
>> > make[1]: Leaving directory
>> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/tools'
>> > Making all in apache2
>> > make[1]: Entering directory
>> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
>> > make  all-am
>> > make[2]: Entering directory
>> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
>> > /bin/bash ../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H -I.
>> > -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/usr/include/libxml2
>> >  -I/usr/local/apr//include/apr-1 -I/usr/local/apr//include/apr-1
>> > -I/opt/apache-2.4.17/include -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL
>> > -I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
>> > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
>> > -DREQUEST_EARLY          -DWITH_REMOTE_RULES  -g -O2
>> > -I/usr/local/apr//include/apr-1  -MT mod_security2_la-acmp.lo -MD -MP -MF
>> > .deps/mod_security2_la-acmp.Tpo -c -o mod_security2_la-acmp.lo `test -f
>> > 'acmp.c' || echo './'`acmp.c
>> > libtool: compile:  gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT
>> > -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1
>> > -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include
>> > -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2
>> > -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
>> > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
>> > -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1
>> > -MT mod_security2_la-acmp.lo -MD -MP -MF .deps/mod_security2_la-acmp.Tpo -c
>> > acmp.c  -fPIC -DPIC -o .libs/mod_security2_la-acmp.o
>> > libtool: compile:  gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT
>> > -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1
>> > -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include
>> > -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2
>> > -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
>> > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
>> > -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1
>> > -MT mod_security2_la-acmp.lo -MD -MP -MF .deps/mod_security2_la-acmp.Tpo -c
>> > acmp.c -o mod_security2_la-acmp.o >/dev/null 2>&1
>> > mv -f .deps/mod_security2_la-acmp.Tpo .deps/mod_security2_la-acmp.Plo
>> > /bin/bash ../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H -I.
>> > -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/usr/include/libxml2
>> >  -I/usr/local/apr//include/apr-1 -I/usr/local/apr//include/apr-1
>> > -I/opt/apache-2.4.17/include -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL
>> > -I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
>> > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
>> > -DREQUEST_EARLY          -DWITH_REMOTE_RULES  -g -O2
>> > -I/usr/local/apr//include/apr-1  -MT mod_security2_la-apache2_config.lo -MD
>> > -MP -MF .deps/mod_security2_la-apache2_config.Tpo -c -o
>> > mod_security2_la-apache2_config.lo `test -f 'apache2_config.c' || echo
>> > './'`apache2_config.c
>> > libtool: compile:  gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT
>> > -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1
>> > -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include
>> > -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2
>> > -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
>> > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
>> > -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1
>> > -MT mod_security2_la-apache2_config.lo -MD -MP -MF
>> > .deps/mod_security2_la-apache2_config.Tpo -c apache2_config.c  -fPIC -DPIC
>> > -o .libs/mod_security2_la-apache2_config.o
>> > In file included from /opt/apache-2.4.17/include/apr_network_io.h:26:0,
>> >                  from /opt/apache-2.4.17/include/apr_buckets.h:29,
>> >                  from /opt/apache-2.4.17/include/util_filter.h:26,
>> >                  from /opt/apache-2.4.17/include/http_core.h:32,
>> >                  from apache2.h:18,
>> >                  from re.h:42,
>> >                  from msc_util.h:29,
>> >                  from modsecurity.h:40,
>> >                  from apache2_config.c:17:
>> > /opt/apache-2.4.17/include/apr_file_io.h:612:46: error: unknown type name
>> > 'apr_wait_type_t'
>> >                                               apr_wait_type_t direction);
>> >                                               ^
>> > In file included from /opt/apache-2.4.17/include/apr_buckets.h:29:0,
>> >                  from /opt/apache-2.4.17/include/util_filter.h:26,
>> >                  from /opt/apache-2.4.17/include/http_core.h:32,
>> >                  from apache2.h:18,
>> >                  from re.h:42,
>> >                  from msc_util.h:29,
>> >                  from modsecurity.h:40,
>> >                  from apache2_config.c:17:
>> > /opt/apache-2.4.17/include/apr_network_io.h:650:43: error: unknown type
>> > name 'apr_wait_type_t'
>> >                                            apr_wait_type_t direction);
>> >                                            ^
>> > make[2]: *** [mod_security2_la-apache2_config.lo] Error 1
>> > make[2]: Leaving directory
>> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
>> > make[1]: *** [all] Error 2
>> > make[1]: Leaving directory
>> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
>> > make: *** [all-recursive] Error 1
>> >
>> >
>> >
>> > Sorry for the bad news....
>> >
>> > Ahoj,
>> >
>> > Christian
>> >
>> >
>> >
>> > --
>> > I think IT projects are about supporting social systems - about
>> > communications between people and machines. They tend to fail due to
>> > cultural issues.
>> > -- Tim Berners-Lee
>> >
>> >
>> > ------------------------------------------------------------------------------
>> > Site24x7 APM Insight: Get Deep Visibility into Application Performance
>> > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
>> > Monitor end-to-end web transactions and take corrective actions now
>> > Troubleshoot faster and improve end-user experience. Signup Now!
>> > http://scanmail.trustwave.com/?c=4062&d=uJrY1n0_DrF3my2Z46kGTt5TajY6Gu34CSJ4wLolYw&s=5&u=http%3a%2f%2fpubads%2eg%2edoubleclick%2enet%2fgampad%2fclk%3fid%3d272487151%26iu%3d%2f4140
>> > _______________________________________________
>> > mod-security-developers mailing list
>> > mod...@li...
>> > http://scanmail.trustwave.com/?c=4062&d=uJrY1n0_DrF3my2Z46kGTt5TajY6Gu34CXd6zLgiZA&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers
>> > ModSecurity Services from Trustwave's SpiderLabs:
>> > https://www.trustwave.com/spiderLabs.php
>> >
>
>> ------------------------------------------------------------------------------
>> Site24x7 APM Insight: Get Deep Visibility into Application Performance
>> APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
>> Monitor end-to-end web transactions and take corrective actions now
>> Troubleshoot faster and improve end-user experience. Signup Now!
>> http://scanmail.trustwave.com/?c=4062&d=uJrY1n0_DrF3my2Z46kGTt5TajY6Gu34CSJ4wLolYw&s=5&u=http%3a%2f%2fpubads%2eg%2edoubleclick%2enet%2fgampad%2fclk%3fid%3d272487151%26iu%3d%2f4140
>
>> _______________________________________________
>> mod-security-developers mailing list
>> mod...@li...
>> http://scanmail.trustwave.com/?c=4062&d=uJrY1n0_DrF3my2Z46kGTt5TajY6Gu34CXd6zLgiZA&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers
>> ModSecurity Services from Trustwave's SpiderLabs:
>> https://www.trustwave.com/spiderLabs.php
>
>
>--
>mailto:chr...@ne...
>http://scanmail.trustwave.com/?c=4062&d=uJrY1n0_DrF3my2Z46kGTt5TajY6Gu34CXYskbssNQ&s=5&u=http%3a%2f%2fwww%2echristian-folini%2ech
>twitter: @ChrFolini
>
>------------------------------------------------------------------------------
>Site24x7 APM Insight: Get Deep Visibility into Application Performance
>APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
>Monitor end-to-end web transactions and take corrective actions now
>Troubleshoot faster and improve end-user experience. Signup Now!
>http://scanmail.trustwave.com/?c=4062&d=uJrY1n0_DrF3my2Z46kGTt5TajY6Gu34CSJ4wLolYw&s=5&u=http%3a%2f%2fpubads%2eg%2edoubleclick%2enet%2fgampad%2fclk%3fid%3d272487151%26iu%3d%2f4140
>_______________________________________________
>mod-security-developers mailing list
>mod...@li...
>http://scanmail.trustwave.com/?c=4062&d=uJrY1n0_DrF3my2Z46kGTt5TajY6Gu34CXd6zLgiZA&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers
>ModSecurity Services from Trustwave's SpiderLabs:
>https://www.trustwave.com/spiderLabs.php

________________________________

This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.

Re: [Mod-security-developers] ModSecurity version 2.9.1-rc1 announcement

[Christian F. <chr...@ne...>]

Hi there,

In the community meeting, we also talked about issues supposed to
be related with the pull request #840:
https://github.com/SpiderLabs/ModSecurity/pull/840
https://github.com/SpiderLabs/ModSecurity/issues/1073

I think I was able to proof that the misformatting of Apache Error Log
messages in the audit log is not related to this change as I
see it on ModSecurity 2.7.5 as well.

There are other smaller concerns with 840, though. So I am not sure
if Felipe really wants to keep it in, or drop it. I am OK with both.

Ahoj,

Christian


-- 
There's no sense in being pessimistic. It wouldn't work out anyway.
--- Anonymous

Re: [Mod-security-developers] ModSecurity(-dev) community meeting

[Christian F. <chr...@ne...>]

Thank you Felipe.

I see you guys have been very active after I had left.

Ahoj,

Christian

On Mon, Mar 07, 2016 at 06:59:51PM +0000, Felipe Costa wrote:
> Hi,
> 
> The meeting minutes can be found in the following link:
> https://www.modsecurity.org/developers/meetings/modsecurity.2016-03-02-16.24.html
> 
> 
> Br.,
> Felipe “Zimmerle” Costa
> Security Researcher, Lead Developer ModSecurity.
> 
> Trustwave | SMART SECURITY ON DEMAND
> www.trustwave.com <http://www.trustwave.com/>
> 
> 
> 
> 
> 
> 
> 
> 
> On 3/2/16, 11:21 AM, "Felipe Costa" <FC...@tr...> wrote:
> 
> >
> >Just a quick reminder that we are going to have our dev- meeting today, in the upcoming hours.
> >
> >http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1W7Gbynvfg&s=5&u=http%3a%2f%2fdoodle%2ecom%2fpoll%2fkgb24dfyixg7ig4g
> >
> >Br.,
> >Felipe “Zimmerle” Costa
> >Security Researcher, Lead Developer ModSecurity.
> >
> >Trustwave | SMART SECURITY ON DEMAND
> >www.trustwave.com <http://www.trustwave.com/>
> >
> >
> >
> >
> >
> >
> >
> >
> >On 2/29/16, 10:56 AM, "Felipe Costa" <FC...@tr...> wrote:
> >
> >>Hi,
> >>
> >>Just to let you know that the doodle for the meeting is now closed,
> >>the information about the meeting is available at:
> >>
> >>http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1W7Gbynvfg&s=5&u=http%3a%2f%2fdoodle%2ecom%2fpoll%2fkgb24dfyixg7ig4g
> >>
> >>
> >>
> >>Br.,
> >>Felipe “Zimmerle” Costa
> >>Security Researcher, Lead Developer ModSecurity.
> >>
> >>Trustwave | SMART SECURITY ON DEMAND
> >>www.trustwave.com <http://www.trustwave.com/>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>On 2/24/16, 8:52 AM, "Felipe Costa" <FC...@tr...> wrote:
> >>
> >>>Hi,
> >>>
> >>>I would like to invite you to our ModSecurity(-dev) community meeting.
> >>>This invitation is extended to everyone which follow or participate actively
> >>>on the ModSecurity community.
> >>>
> >>>
> >>>The meeting agenda will be:
> >>>- Review of every open topic from the last meeting.
> >>>- Open Issues on GitHub, including issues related to our 2.9.1-RC1
> >>>- Open Merge requests on GitHub.
> >>>- Release dates (and content?) for v2.9.1.
> >>>- State of  ModSecurity v3, roadmap, testing and testing.
> >>>
> >>>
> >>>The meeting will be held at #modsecurity channel at FreeNode.
> >>>
> >>>
> >>>As suggested on our last meeting, the date will be: March 2.
> >>>
> >>>Please use Doodle to tell the best date/time for you:
> >>>http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1WzFaXi5dQ&s=5&u=http%3a%2f%2fdoodle%2ecom%2fpoll%2fd7wgb83bn4cxqyh4
> >>>
> >>>If you think that we should add or remove something from the agenda, please tell.
> >>>
> >>>The minutes from our last meeting can be found here:
> >>>http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1WyWOnW_eQ&s=5&u=https%3a%2f%2fwww%2emodsecurity%2eorg%2fdevelopers%2fmeetings%2f
> >>>
> >>>Br.,
> >>>Felipe “Zimmerle” Costa
> >>>Security Researcher, Lead Developer ModSecurity.
> >>>
> >>>Trustwave | SMART SECURITY ON DEMAND
> >>>www.trustwave.com <http://www.trustwave.com/>
> >>>
> >>>
> >>>
> >>>________________________________
> >>>
> >>>This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
> >>>------------------------------------------------------------------------------
> >>>Site24x7 APM Insight: Get Deep Visibility into Application Performance
> >>>APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
> >>>Monitor end-to-end web transactions and take corrective actions now
> >>>Troubleshoot faster and improve end-user experience. Signup Now!
> >>>http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1TnDbXrrLg&s=5&u=http%3a%2f%2fpubads%2eg%2edoubleclick%2enet%2fgampad%2fclk%3fid%3d272487151%26iu%3d%2f4140
> >>>_______________________________________________
> >>>mod-security-developers mailing list
> >>>mod...@li...
> >>>http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1WzBYXjsKQ&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers
> >>>ModSecurity Services from Trustwave's SpiderLabs:
> >>>https://www.trustwave.com/spiderLabs.php
> >>
> >>________________________________
> >>
> >>This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
> >>------------------------------------------------------------------------------
> >>Site24x7 APM Insight: Get Deep Visibility into Application Performance
> >>APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
> >>Monitor end-to-end web transactions and take corrective actions now
> >>Troubleshoot faster and improve end-user experience. Signup Now!
> >>http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1TnDbXrrLg&s=5&u=http%3a%2f%2fpubads%2eg%2edoubleclick%2enet%2fgampad%2fclk%3fid%3d272487151%26iu%3d%2f4140
> >>_______________________________________________
> >>mod-security-developers mailing list
> >>mod...@li...
> >>http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1WzBYXjsKQ&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers
> >>ModSecurity Services from Trustwave's SpiderLabs:
> >>https://www.trustwave.com/spiderLabs.php
> >
> >________________________________
> >
> >This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
> >------------------------------------------------------------------------------
> >Site24x7 APM Insight: Get Deep Visibility into Application Performance
> >APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
> >Monitor end-to-end web transactions and take corrective actions now
> >Troubleshoot faster and improve end-user experience. Signup Now!
> >http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1TnDbXrrLg&s=5&u=http%3a%2f%2fpubads%2eg%2edoubleclick%2enet%2fgampad%2fclk%3fid%3d272487151%26iu%3d%2f4140
> >_______________________________________________
> >mod-security-developers mailing list
> >mod...@li...
> >http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1WzBYXjsKQ&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers
> >ModSecurity Services from Trustwave's SpiderLabs:
> >https://www.trustwave.com/spiderLabs.php
> 
> ________________________________
> 
> This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
> ------------------------------------------------------------------------------
> Transform Data into Opportunity.
> Accelerate data analysis in your applications with
> Intel Data Analytics Acceleration Library.
> Click to learn more.
> http://makebettercode.com/inteldaal-eval
> _______________________________________________
> mod-security-developers mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php

-- 
mailto:chr...@ne...
http://www.christian-folini.ch
twitter: @ChrFolini

Re: [Mod-security-developers] ModSecurity(-dev) community meeting

[Felipe C. <FC...@tr...>]

Hi,

The meeting minutes can be found in the following link:
https://www.modsecurity.org/developers/meetings/modsecurity.2016-03-02-16.24.html


Br.,
Felipe “Zimmerle” Costa
Security Researcher, Lead Developer ModSecurity.

Trustwave | SMART SECURITY ON DEMAND
www.trustwave.com <http://www.trustwave.com/>








On 3/2/16, 11:21 AM, "Felipe Costa" <FC...@tr...> wrote:

>
>Just a quick reminder that we are going to have our dev- meeting today, in the upcoming hours.
>
>http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1W7Gbynvfg&s=5&u=http%3a%2f%2fdoodle%2ecom%2fpoll%2fkgb24dfyixg7ig4g
>
>Br.,
>Felipe “Zimmerle” Costa
>Security Researcher, Lead Developer ModSecurity.
>
>Trustwave | SMART SECURITY ON DEMAND
>www.trustwave.com <http://www.trustwave.com/>
>
>
>
>
>
>
>
>
>On 2/29/16, 10:56 AM, "Felipe Costa" <FC...@tr...> wrote:
>
>>Hi,
>>
>>Just to let you know that the doodle for the meeting is now closed,
>>the information about the meeting is available at:
>>
>>http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1W7Gbynvfg&s=5&u=http%3a%2f%2fdoodle%2ecom%2fpoll%2fkgb24dfyixg7ig4g
>>
>>
>>
>>Br.,
>>Felipe “Zimmerle” Costa
>>Security Researcher, Lead Developer ModSecurity.
>>
>>Trustwave | SMART SECURITY ON DEMAND
>>www.trustwave.com <http://www.trustwave.com/>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>On 2/24/16, 8:52 AM, "Felipe Costa" <FC...@tr...> wrote:
>>
>>>Hi,
>>>
>>>I would like to invite you to our ModSecurity(-dev) community meeting.
>>>This invitation is extended to everyone which follow or participate actively
>>>on the ModSecurity community.
>>>
>>>
>>>The meeting agenda will be:
>>>- Review of every open topic from the last meeting.
>>>- Open Issues on GitHub, including issues related to our 2.9.1-RC1
>>>- Open Merge requests on GitHub.
>>>- Release dates (and content?) for v2.9.1.
>>>- State of  ModSecurity v3, roadmap, testing and testing.
>>>
>>>
>>>The meeting will be held at #modsecurity channel at FreeNode.
>>>
>>>
>>>As suggested on our last meeting, the date will be: March 2.
>>>
>>>Please use Doodle to tell the best date/time for you:
>>>http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1WzFaXi5dQ&s=5&u=http%3a%2f%2fdoodle%2ecom%2fpoll%2fd7wgb83bn4cxqyh4
>>>
>>>If you think that we should add or remove something from the agenda, please tell.
>>>
>>>The minutes from our last meeting can be found here:
>>>http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1WyWOnW_eQ&s=5&u=https%3a%2f%2fwww%2emodsecurity%2eorg%2fdevelopers%2fmeetings%2f
>>>
>>>Br.,
>>>Felipe “Zimmerle” Costa
>>>Security Researcher, Lead Developer ModSecurity.
>>>
>>>Trustwave | SMART SECURITY ON DEMAND
>>>www.trustwave.com <http://www.trustwave.com/>
>>>
>>>
>>>
>>>________________________________
>>>
>>>This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
>>>------------------------------------------------------------------------------
>>>Site24x7 APM Insight: Get Deep Visibility into Application Performance
>>>APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
>>>Monitor end-to-end web transactions and take corrective actions now
>>>Troubleshoot faster and improve end-user experience. Signup Now!
>>>http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1TnDbXrrLg&s=5&u=http%3a%2f%2fpubads%2eg%2edoubleclick%2enet%2fgampad%2fclk%3fid%3d272487151%26iu%3d%2f4140
>>>_______________________________________________
>>>mod-security-developers mailing list
>>>mod...@li...
>>>http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1WzBYXjsKQ&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers
>>>ModSecurity Services from Trustwave's SpiderLabs:
>>>https://www.trustwave.com/spiderLabs.php
>>
>>________________________________
>>
>>This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
>>------------------------------------------------------------------------------
>>Site24x7 APM Insight: Get Deep Visibility into Application Performance
>>APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
>>Monitor end-to-end web transactions and take corrective actions now
>>Troubleshoot faster and improve end-user experience. Signup Now!
>>http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1TnDbXrrLg&s=5&u=http%3a%2f%2fpubads%2eg%2edoubleclick%2enet%2fgampad%2fclk%3fid%3d272487151%26iu%3d%2f4140
>>_______________________________________________
>>mod-security-developers mailing list
>>mod...@li...
>>http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1WzBYXjsKQ&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers
>>ModSecurity Services from Trustwave's SpiderLabs:
>>https://www.trustwave.com/spiderLabs.php
>
>________________________________
>
>This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
>------------------------------------------------------------------------------
>Site24x7 APM Insight: Get Deep Visibility into Application Performance
>APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
>Monitor end-to-end web transactions and take corrective actions now
>Troubleshoot faster and improve end-user experience. Signup Now!
>http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1TnDbXrrLg&s=5&u=http%3a%2f%2fpubads%2eg%2edoubleclick%2enet%2fgampad%2fclk%3fid%3d272487151%26iu%3d%2f4140
>_______________________________________________
>mod-security-developers mailing list
>mod...@li...
>http://scanmail.trustwave.com/?c=4062&d=offW1i_rQrzselDXuHaR4Xd1VE1nzh9M1WzBYXjsKQ&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers
>ModSecurity Services from Trustwave's SpiderLabs:
>https://www.trustwave.com/spiderLabs.php

________________________________

This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.

Re: [Mod-security-developers] Libmodsecurity C API

[Felipe C. <FC...@tr...>]

Hi Fakhri,

The “C API” was not created only to the pcap inspection, it has a bigger
goal. For instance: the Nginx connector make usage of the C API to inspect
the requests. Generally speaking the C and the C++ API should provide the
same level of functionality.


Br.,
Felipe “Zimmerle” Costa
Security Researcher, Lead Developer ModSecurity.

Trustwave | SMART SECURITY ON DEMAND
www.trustwave.com <http://www.trustwave.com/>








On 3/4/16, 9:34 AM, "Fakhri Zulkifli" <d0l...@ya...> wrote:

>Hi all,
>
>I have a couple questions and i wanted to ask this during the meeting
>the other day but i missed it. So the question is it seems that there
>are not so many C APIs, right? and Modsecurity-pcap connector seems to
>be an excellent features but it still lacks the capability to inspect
>HTTPS packet, so if i want to put it as "out-of-line" sniffer, it should
>be able to inspect both HTTP and HTTPS. Thanks.
>
>P/S: Even snort have the preprocessor to find the SSL handshake and
>skip the packet since it cannot inspect/analyze it.
>
>------------------------------------------------------------------------------
>Site24x7 APM Insight: Get Deep Visibility into Application Performance
>APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
>Monitor end-to-end web transactions and take corrective actions now
>Troubleshoot faster and improve end-user experience. Signup Now!
>http://scanmail.trustwave.com/?c=4062&d=jIHZ1guWGXLvoOCpN2JH7qml28dfC_5lpqnmaHY2uA&s=5&u=http%3a%2f%2fpubads%2eg%2edoubleclick%2enet%2fgampad%2fclk%3fid%3d272487151%26iu%3d%2f4140
>_______________________________________________
>mod-security-developers mailing list
>mod...@li...
>http://scanmail.trustwave.com/?c=4062&d=jIHZ1guWGXLvoOCpN2JH7qml28dfC_5lpvzkZHQxvw&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers
>ModSecurity Services from Trustwave's SpiderLabs:
>https://www.trustwave.com/spiderLabs.php

________________________________

This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.

[Mod-security-developers] Libmodsecurity C API

[Fakhri Z. <d0l...@ya...>]

Hi all,

I have a couple questions and i wanted to ask this during the meeting
the other day but i missed it. So the question is it seems that there
are not so many C APIs, right? and Modsecurity-pcap connector seems to
be an excellent features but it still lacks the capability to inspect
HTTPS packet, so if i want to put it as "out-of-line" sniffer, it should
be able to inspect both HTTP and HTTPS. Thanks.

P/S: Even snort have the preprocessor to find the SSL handshake and
skip the packet since it cannot inspect/analyze it.

[Mod-security-developers] Libmodsecurity C API

[Fakhri Z. <d0l...@ya...>]

Hi all,

I have a couple questions and i wanted to ask this during the meeting
the other day but i missed it. So the question is it seems that there
are not so many C APIs, right? and Modsecurity-pcap connector seems to
be an excellent features but it still lacks the capability to inspect
HTTPS packet, so if i want to put it as "out-of-line" sniffer, it should
be able to inspect both HTTP and HTTPS.

P/S: Even snort have the preprocessor to find the SSL handshake and
skip the packet since it cannot inspect/analyze it.

Re: [Mod-security-developers] ModSecurity version 2.9.1-rc1 announcement

[Christian F. <chr...@ne...>]

Robert,

So you mean I need to read the logfiles before submitting?

You are right on target.

I installed libyajl-dev and both problems solved:
- compilation against apache 2.4.17 works
- Audit-Log Format JSON works

Making yajl a mandatory item in configure seems like the
way to go then.

Cheers,

Christian


On Thu, Mar 03, 2016 at 06:54:13AM -0800, Robert Paprocki wrote:
> So here's the culprint:
> 
> checking for yajl install... no
> configure: optional yajl library not found
> 
> Christian, do you have anything odd about the system where this is running?
> Perhaps try re-installing the libyajl-dev package? Here's what it should
> provide on Trusty (running on my laptop):
> poprocks@soter:~$ dpkg -L libyajl-dev
> /.
> /usr
> /usr/share
> /usr/share/doc
> /usr/share/doc/libyajl-dev
> /usr/share/doc/libyajl-dev/copyright
> /usr/lib
> /usr/lib/x86_64-linux-gnu
> /usr/lib/x86_64-linux-gnu/libyajl_s.a
> /usr/lib/x86_64-linux-gnu/pkgconfig
> /usr/lib/x86_64-linux-gnu/pkgconfig/yajl.pc
> /usr/include
> /usr/include/yajl
> /usr/include/yajl/yajl_tree.h
> /usr/include/yajl/yajl_version.h
> /usr/include/yajl/yajl_parse.h
> /usr/include/yajl/yajl_gen.h
> /usr/include/yajl/yajl_common.h
> /usr/share/doc/libyajl-dev/README
> /usr/share/doc/libyajl-dev/TODO
> /usr/share/doc/libyajl-dev/changelog.Debian.gz
> /usr/lib/x86_64-linux-gnu/libyajl.so
> 
> ModSec config should be relying on the
> '/usr/lib/x86_64-linux-gnu/pkgconfig/yajl.pc'
> package config file to make it's detection I believe. Does that exist for
> you?
> 
> 
> On Wed, Mar 2, 2016 at 9:23 PM, Christian Folini <
> chr...@ne...> wrote:
> 
> > Unfortunately, the build problem against apache 2.4.17 did not go away
> > either:
> >
> > The OS Release:
> >   Ubuntu 14.04.4 LTS \n \l
> >
> > Apache build:
> >   Server version: Apache/2.4.18 (Unix)
> >   Server built:   Mar  3 2016 05:25:21
> >
> > $> ./configure --prefix=/opt/apache-2.4.18 \
> >   --with-apr=/usr/local/apr/bin/apr-1-config \
> >   --with-apr-util=/usr/local/apr/bin/apu-1-config \
> >   --enable-mpms-shared=event \
> >   --enable-mods-shared=all \
> >   --enable-nonportable-atomics=yes
> > ...
> >
> > ModSec Configure:
> > $> ./configure --with-apxs=/apache/bin/apxs./configure \
> >   --with-apxs=/apache/bin/apxs \
> >   --with-apr=/usr/local/apr/bin/apr-1-config \
> >   --with-pcre=/usr/bin/pcre-config \
> >   --enable-request-early
> > checking for a BSD-compatible install... /usr/bin/install -c
> > checking whether build environment is sane... yes
> > checking for a thread-safe mkdir -p... /bin/mkdir -p
> > checking for gawk... gawk
> > checking whether make sets $(MAKE)... yes
> > checking whether make supports nested variables... yes
> > checking for style of include used by make... GNU
> > checking for gcc... gcc
> > checking whether the C compiler works... yes
> > checking for C compiler default output file name... a.out
> > checking for suffix of executables...
> > checking whether we are cross compiling... no
> > checking for suffix of object files... o
> > checking whether we are using the GNU C compiler... yes
> > checking whether gcc accepts -g... yes
> > checking for gcc option to accept ISO C89... none needed
> > checking whether gcc understands -c and -o together... yes
> > checking dependency style of gcc... gcc3
> > checking for ar... ar
> > checking the archiver (ar) interface... ar
> > checking build system type... x86_64-unknown-linux-gnu
> > checking host system type... x86_64-unknown-linux-gnu
> > checking how to print strings... printf
> > checking for a sed that does not truncate output... /bin/sed
> > checking for grep that handles long lines and -e... /bin/grep
> > checking for egrep... /bin/grep -E
> > checking for fgrep... /bin/grep -F
> > checking for ld used by gcc... /usr/bin/ld
> > checking if the linker (/usr/bin/ld) is GNU ld... yes
> > checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B
> > checking the name lister (/usr/bin/nm -B) interface... BSD nm
> > checking whether ln -s works... yes
> > checking the maximum length of command line arguments... 1572864
> > checking whether the shell understands some XSI constructs... yes
> > checking whether the shell understands "+="... yes
> > checking how to convert x86_64-unknown-linux-gnu file names to
> > x86_64-unknown-linux-gnu format... func_convert_file_noop
> > checking how to convert x86_64-unknown-linux-gnu file names to toolchain
> > format... func_convert_file_noop
> > checking for /usr/bin/ld option to reload object files... -r
> > checking for objdump... objdump
> > checking how to recognize dependent libraries... pass_all
> > checking for dlltool... no
> > checking how to associate runtime and link libraries... printf %s\n
> > checking for archiver @FILE support... @
> > checking for strip... strip
> > checking for ranlib... ranlib
> > checking command to parse /usr/bin/nm -B output from gcc object... ok
> > checking for sysroot... no
> > checking for mt... mt
> > checking if mt is a manifest tool... no
> > checking how to run the C preprocessor... gcc -E
> > checking for ANSI C header files... yes
> > checking for sys/types.h... yes
> > checking for sys/stat.h... yes
> > checking for stdlib.h... yes
> > checking for string.h... yes
> > checking for memory.h... yes
> > checking for strings.h... yes
> > checking for inttypes.h... yes
> > checking for stdint.h... yes
> > checking for unistd.h... yes
> > checking for dlfcn.h... yes
> > checking for objdir... .libs
> > checking if gcc supports -fno-rtti -fno-exceptions... no
> > checking for gcc option to produce PIC... -fPIC -DPIC
> > checking if gcc PIC flag -fPIC -DPIC works... yes
> > checking if gcc static flag -static works... yes
> > checking if gcc supports -c -o file.o... yes
> > checking if gcc supports -c -o file.o... (cached) yes
> > checking whether the gcc linker (/usr/bin/ld -m elf_x86_64) supports
> > shared libraries... yes
> > checking whether -lc should be explicitly linked in... no
> > checking dynamic linker characteristics... GNU/Linux ld.so
> > checking how to hardcode library paths into programs... immediate
> > checking for shl_load... no
> > checking for shl_load in -ldld... no
> > checking for dlopen... no
> > checking for dlopen in -ldl... yes
> > checking whether a program can dlopen itself... yes
> > checking whether a statically linked program can dlopen itself... no
> > checking whether stripping libraries is possible... yes
> > checking if libtool supports shared libraries... yes
> > checking whether to build shared libraries... yes
> > checking whether to build static libraries... yes
> > checking for gawk... (cached) gawk
> > checking for gcc... (cached) gcc
> > checking whether we are using the GNU C compiler... (cached) yes
> > checking whether gcc accepts -g... (cached) yes
> > checking for gcc option to accept ISO C89... (cached) none needed
> > checking whether gcc understands -c and -o together... (cached) yes
> > checking dependency style of gcc... (cached) gcc3
> > checking how to run the C preprocessor... gcc -E
> > checking whether ln -s works... yes
> > checking whether make sets $(MAKE)... (cached) yes
> > checking for grep that handles long lines and -e... (cached) /bin/grep
> > checking for perl... /usr/bin/perl
> > checking for env... /usr/bin/env
> > checking for ANSI C header files... (cached) yes
> > checking fcntl.h usability... yes
> > checking fcntl.h presence... yes
> > checking for fcntl.h... yes
> > checking limits.h usability... yes
> > checking limits.h presence... yes
> > checking for limits.h... yes
> > checking for stdlib.h... (cached) yes
> > checking for string.h... (cached) yes
> > checking for unistd.h... (cached) yes
> > checking for sys/types.h... (cached) yes
> > checking for sys/stat.h... (cached) yes
> > checking sys/utsname.h usability... yes
> > checking sys/utsname.h presence... yes
> > checking for sys/utsname.h... yes
> > checking for an ANSI C-conforming const... yes
> > checking for inline... inline
> > checking for C/C++ restrict keyword... __restrict
> > checking for pid_t... yes
> > checking for size_t... yes
> > checking whether struct tm is in sys/time.h or time.h... time.h
> > checking for uint8_t... yes
> > checking for stdlib.h... (cached) yes
> > checking for GNU libc compatible malloc... yes
> > checking for working memcmp... yes
> > checking for atexit... yes
> > checking for getcwd... yes
> > checking for memmove... yes
> > checking for memset... yes
> > checking for strcasecmp... yes
> > checking for strchr... yes
> > checking for strdup... yes
> > checking for strerror... yes
> > checking for strncasecmp... yes
> > checking for strrchr... yes
> > checking for strstr... yes
> > checking for strtol... yes
> > checking for fchmod... yes
> > checking for strcasestr... yes
> > Checking platform... Identified as Linux
> > checking for libcurl config script... /usr/bin/curl-config
> > checking if libcurl is at least v... yes, 7.35.0
> > checking if libcurl is linked with gnutls... no
> > configure: using curl v7.35.0
> > configure: looking for Apache module support via DSO through APXS
> > configure: found apxs at /opt/apache-2.4.17/bin/apxs
> > configure: checking httpd version
> > configure: httpd is recent enough
> > checking for libpcre config script... /usr/bin/pcre-config
> > configure: using pcre v8.31
> > checking for libapr config script... /usr/local/apr/bin/apr-1-config
> > configure: using apr v1.5.2
> > checking for libapu config script... /usr/local/apr/bin/apu-1-config
> > configure: using apu v1.5.4
> > checking for libxml2 config script... /usr/bin/xml2-config
> > checking if libxml2 is at least v2.6.29... yes, 2.9.1
> > configure: using libxml2 v2.9.1
> > checking for pkg-config... /usr/bin/pkg-config
> > checking pkg-config is at least version 0.9.0... yes
> > checking for liblua config script... /usr/bin/pkg-config
> > configure: using lua v5.2.0
> > checking for libyajl config script... no
> > checking for yajl install... no
> > configure: optional yajl library not found
> > checking for ssdeep path... no
> > configure: optional ssdeep library not found
> > checking that generated files are newer than configure... done
> > configure: creating ./config.status
> > config.status: creating Makefile
> > config.status: creating tools/Makefile
> > config.status: creating apache2/Makefile
> > config.status: creating build/apxs-wrapper
> > config.status: creating mlogc/mlogc-batch-load.pl
> > config.status: creating tests/regression/misc/40-secRemoteRules.t
> > config.status: creating tests/regression/misc/50-ipmatchfromfile-external.t
> > config.status: creating tests/regression/misc/60-pmfromfile-external.t
> > config.status: creating tests/run-unit-tests.pl
> > config.status: creating tests/run-regression-tests.pl
> > config.status: creating tests/gen_rx-pm.pl
> > config.status: creating tests/csv_rx-pm.pl
> > config.status: creating tests/regression/server_root/conf/httpd.conf
> > config.status: creating tools/rules-updater.pl
> > config.status: creating mlogc/Makefile
> > config.status: creating tests/Makefile
> > config.status: creating apache2/modsecurity_config_auto.h
> > config.status: apache2/modsecurity_config_auto.h is unchanged
> > config.status: executing depfiles commands
> > config.status: executing libtool commands
> >
> >
> > Make:
> > $> make
> > Making all in tools
> > make[1]: Entering directory
> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/tools'
> > make[1]: Nothing to be done for `all'.
> > make[1]: Leaving directory
> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/tools'
> > Making all in apache2
> > make[1]: Entering directory
> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
> > make  all-am
> > make[2]: Entering directory
> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
> > /bin/bash ../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H -I.
> > -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/usr/include/libxml2
> >  -I/usr/local/apr//include/apr-1 -I/usr/local/apr//include/apr-1
> > -I/opt/apache-2.4.17/include -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL
> > -I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
> > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
> > -DREQUEST_EARLY          -DWITH_REMOTE_RULES  -g -O2
> > -I/usr/local/apr//include/apr-1  -MT mod_security2_la-acmp.lo -MD -MP -MF
> > .deps/mod_security2_la-acmp.Tpo -c -o mod_security2_la-acmp.lo `test -f
> > 'acmp.c' || echo './'`acmp.c
> > libtool: compile:  gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT
> > -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1
> > -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include
> > -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2
> > -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
> > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
> > -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1
> > -MT mod_security2_la-acmp.lo -MD -MP -MF .deps/mod_security2_la-acmp.Tpo -c
> > acmp.c  -fPIC -DPIC -o .libs/mod_security2_la-acmp.o
> > libtool: compile:  gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT
> > -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1
> > -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include
> > -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2
> > -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
> > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
> > -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1
> > -MT mod_security2_la-acmp.lo -MD -MP -MF .deps/mod_security2_la-acmp.Tpo -c
> > acmp.c -o mod_security2_la-acmp.o >/dev/null 2>&1
> > mv -f .deps/mod_security2_la-acmp.Tpo .deps/mod_security2_la-acmp.Plo
> > /bin/bash ../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H -I.
> > -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/usr/include/libxml2
> >  -I/usr/local/apr//include/apr-1 -I/usr/local/apr//include/apr-1
> > -I/opt/apache-2.4.17/include -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL
> > -I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
> > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
> > -DREQUEST_EARLY          -DWITH_REMOTE_RULES  -g -O2
> > -I/usr/local/apr//include/apr-1  -MT mod_security2_la-apache2_config.lo -MD
> > -MP -MF .deps/mod_security2_la-apache2_config.Tpo -c -o
> > mod_security2_la-apache2_config.lo `test -f 'apache2_config.c' || echo
> > './'`apache2_config.c
> > libtool: compile:  gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT
> > -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1
> > -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include
> > -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2
> > -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
> > -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
> > -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1
> > -MT mod_security2_la-apache2_config.lo -MD -MP -MF
> > .deps/mod_security2_la-apache2_config.Tpo -c apache2_config.c  -fPIC -DPIC
> > -o .libs/mod_security2_la-apache2_config.o
> > In file included from /opt/apache-2.4.17/include/apr_network_io.h:26:0,
> >                  from /opt/apache-2.4.17/include/apr_buckets.h:29,
> >                  from /opt/apache-2.4.17/include/util_filter.h:26,
> >                  from /opt/apache-2.4.17/include/http_core.h:32,
> >                  from apache2.h:18,
> >                  from re.h:42,
> >                  from msc_util.h:29,
> >                  from modsecurity.h:40,
> >                  from apache2_config.c:17:
> > /opt/apache-2.4.17/include/apr_file_io.h:612:46: error: unknown type name
> > 'apr_wait_type_t'
> >                                               apr_wait_type_t direction);
> >                                               ^
> > In file included from /opt/apache-2.4.17/include/apr_buckets.h:29:0,
> >                  from /opt/apache-2.4.17/include/util_filter.h:26,
> >                  from /opt/apache-2.4.17/include/http_core.h:32,
> >                  from apache2.h:18,
> >                  from re.h:42,
> >                  from msc_util.h:29,
> >                  from modsecurity.h:40,
> >                  from apache2_config.c:17:
> > /opt/apache-2.4.17/include/apr_network_io.h:650:43: error: unknown type
> > name 'apr_wait_type_t'
> >                                            apr_wait_type_t direction);
> >                                            ^
> > make[2]: *** [mod_security2_la-apache2_config.lo] Error 1
> > make[2]: Leaving directory
> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
> > make[1]: *** [all] Error 2
> > make[1]: Leaving directory
> > `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
> > make: *** [all-recursive] Error 1
> >
> >
> >
> > Sorry for the bad news....
> >
> > Ahoj,
> >
> > Christian
> >
> >
> >
> > --
> > I think IT projects are about supporting social systems - about
> > communications between people and machines. They tend to fail due to
> > cultural issues.
> > -- Tim Berners-Lee
> >
> >
> > ------------------------------------------------------------------------------
> > Site24x7 APM Insight: Get Deep Visibility into Application Performance
> > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
> > Monitor end-to-end web transactions and take corrective actions now
> > Troubleshoot faster and improve end-user experience. Signup Now!
> > http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
> > _______________________________________________
> > mod-security-developers mailing list
> > mod...@li...
> > https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> > ModSecurity Services from Trustwave's SpiderLabs:
> > https://www.trustwave.com/spiderLabs.php
> >

> ------------------------------------------------------------------------------
> Site24x7 APM Insight: Get Deep Visibility into Application Performance
> APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
> Monitor end-to-end web transactions and take corrective actions now
> Troubleshoot faster and improve end-user experience. Signup Now!
> http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140

> _______________________________________________
> mod-security-developers mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php


-- 
mailto:chr...@ne...
http://www.christian-folini.ch
twitter: @ChrFolini

Re: [Mod-security-developers] ModSecurity version 2.9.1-rc1 announcement

[Robert P. <rpa...@fe...>]

So here's the culprint:

checking for yajl install... no
configure: optional yajl library not found

Christian, do you have anything odd about the system where this is running?
Perhaps try re-installing the libyajl-dev package? Here's what it should
provide on Trusty (running on my laptop):
poprocks@soter:~$ dpkg -L libyajl-dev
/.
/usr
/usr/share
/usr/share/doc
/usr/share/doc/libyajl-dev
/usr/share/doc/libyajl-dev/copyright
/usr/lib
/usr/lib/x86_64-linux-gnu
/usr/lib/x86_64-linux-gnu/libyajl_s.a
/usr/lib/x86_64-linux-gnu/pkgconfig
/usr/lib/x86_64-linux-gnu/pkgconfig/yajl.pc
/usr/include
/usr/include/yajl
/usr/include/yajl/yajl_tree.h
/usr/include/yajl/yajl_version.h
/usr/include/yajl/yajl_parse.h
/usr/include/yajl/yajl_gen.h
/usr/include/yajl/yajl_common.h
/usr/share/doc/libyajl-dev/README
/usr/share/doc/libyajl-dev/TODO
/usr/share/doc/libyajl-dev/changelog.Debian.gz
/usr/lib/x86_64-linux-gnu/libyajl.so

ModSec config should be relying on the
'/usr/lib/x86_64-linux-gnu/pkgconfig/yajl.pc'
package config file to make it's detection I believe. Does that exist for
you?


On Wed, Mar 2, 2016 at 9:23 PM, Christian Folini <
chr...@ne...> wrote:

> Unfortunately, the build problem against apache 2.4.17 did not go away
> either:
>
> The OS Release:
>   Ubuntu 14.04.4 LTS \n \l
>
> Apache build:
>   Server version: Apache/2.4.18 (Unix)
>   Server built:   Mar  3 2016 05:25:21
>
> $> ./configure --prefix=/opt/apache-2.4.18 \
>   --with-apr=/usr/local/apr/bin/apr-1-config \
>   --with-apr-util=/usr/local/apr/bin/apu-1-config \
>   --enable-mpms-shared=event \
>   --enable-mods-shared=all \
>   --enable-nonportable-atomics=yes
> ...
>
> ModSec Configure:
> $> ./configure --with-apxs=/apache/bin/apxs./configure \
>   --with-apxs=/apache/bin/apxs \
>   --with-apr=/usr/local/apr/bin/apr-1-config \
>   --with-pcre=/usr/bin/pcre-config \
>   --enable-request-early
> checking for a BSD-compatible install... /usr/bin/install -c
> checking whether build environment is sane... yes
> checking for a thread-safe mkdir -p... /bin/mkdir -p
> checking for gawk... gawk
> checking whether make sets $(MAKE)... yes
> checking whether make supports nested variables... yes
> checking for style of include used by make... GNU
> checking for gcc... gcc
> checking whether the C compiler works... yes
> checking for C compiler default output file name... a.out
> checking for suffix of executables...
> checking whether we are cross compiling... no
> checking for suffix of object files... o
> checking whether we are using the GNU C compiler... yes
> checking whether gcc accepts -g... yes
> checking for gcc option to accept ISO C89... none needed
> checking whether gcc understands -c and -o together... yes
> checking dependency style of gcc... gcc3
> checking for ar... ar
> checking the archiver (ar) interface... ar
> checking build system type... x86_64-unknown-linux-gnu
> checking host system type... x86_64-unknown-linux-gnu
> checking how to print strings... printf
> checking for a sed that does not truncate output... /bin/sed
> checking for grep that handles long lines and -e... /bin/grep
> checking for egrep... /bin/grep -E
> checking for fgrep... /bin/grep -F
> checking for ld used by gcc... /usr/bin/ld
> checking if the linker (/usr/bin/ld) is GNU ld... yes
> checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B
> checking the name lister (/usr/bin/nm -B) interface... BSD nm
> checking whether ln -s works... yes
> checking the maximum length of command line arguments... 1572864
> checking whether the shell understands some XSI constructs... yes
> checking whether the shell understands "+="... yes
> checking how to convert x86_64-unknown-linux-gnu file names to
> x86_64-unknown-linux-gnu format... func_convert_file_noop
> checking how to convert x86_64-unknown-linux-gnu file names to toolchain
> format... func_convert_file_noop
> checking for /usr/bin/ld option to reload object files... -r
> checking for objdump... objdump
> checking how to recognize dependent libraries... pass_all
> checking for dlltool... no
> checking how to associate runtime and link libraries... printf %s\n
> checking for archiver @FILE support... @
> checking for strip... strip
> checking for ranlib... ranlib
> checking command to parse /usr/bin/nm -B output from gcc object... ok
> checking for sysroot... no
> checking for mt... mt
> checking if mt is a manifest tool... no
> checking how to run the C preprocessor... gcc -E
> checking for ANSI C header files... yes
> checking for sys/types.h... yes
> checking for sys/stat.h... yes
> checking for stdlib.h... yes
> checking for string.h... yes
> checking for memory.h... yes
> checking for strings.h... yes
> checking for inttypes.h... yes
> checking for stdint.h... yes
> checking for unistd.h... yes
> checking for dlfcn.h... yes
> checking for objdir... .libs
> checking if gcc supports -fno-rtti -fno-exceptions... no
> checking for gcc option to produce PIC... -fPIC -DPIC
> checking if gcc PIC flag -fPIC -DPIC works... yes
> checking if gcc static flag -static works... yes
> checking if gcc supports -c -o file.o... yes
> checking if gcc supports -c -o file.o... (cached) yes
> checking whether the gcc linker (/usr/bin/ld -m elf_x86_64) supports
> shared libraries... yes
> checking whether -lc should be explicitly linked in... no
> checking dynamic linker characteristics... GNU/Linux ld.so
> checking how to hardcode library paths into programs... immediate
> checking for shl_load... no
> checking for shl_load in -ldld... no
> checking for dlopen... no
> checking for dlopen in -ldl... yes
> checking whether a program can dlopen itself... yes
> checking whether a statically linked program can dlopen itself... no
> checking whether stripping libraries is possible... yes
> checking if libtool supports shared libraries... yes
> checking whether to build shared libraries... yes
> checking whether to build static libraries... yes
> checking for gawk... (cached) gawk
> checking for gcc... (cached) gcc
> checking whether we are using the GNU C compiler... (cached) yes
> checking whether gcc accepts -g... (cached) yes
> checking for gcc option to accept ISO C89... (cached) none needed
> checking whether gcc understands -c and -o together... (cached) yes
> checking dependency style of gcc... (cached) gcc3
> checking how to run the C preprocessor... gcc -E
> checking whether ln -s works... yes
> checking whether make sets $(MAKE)... (cached) yes
> checking for grep that handles long lines and -e... (cached) /bin/grep
> checking for perl... /usr/bin/perl
> checking for env... /usr/bin/env
> checking for ANSI C header files... (cached) yes
> checking fcntl.h usability... yes
> checking fcntl.h presence... yes
> checking for fcntl.h... yes
> checking limits.h usability... yes
> checking limits.h presence... yes
> checking for limits.h... yes
> checking for stdlib.h... (cached) yes
> checking for string.h... (cached) yes
> checking for unistd.h... (cached) yes
> checking for sys/types.h... (cached) yes
> checking for sys/stat.h... (cached) yes
> checking sys/utsname.h usability... yes
> checking sys/utsname.h presence... yes
> checking for sys/utsname.h... yes
> checking for an ANSI C-conforming const... yes
> checking for inline... inline
> checking for C/C++ restrict keyword... __restrict
> checking for pid_t... yes
> checking for size_t... yes
> checking whether struct tm is in sys/time.h or time.h... time.h
> checking for uint8_t... yes
> checking for stdlib.h... (cached) yes
> checking for GNU libc compatible malloc... yes
> checking for working memcmp... yes
> checking for atexit... yes
> checking for getcwd... yes
> checking for memmove... yes
> checking for memset... yes
> checking for strcasecmp... yes
> checking for strchr... yes
> checking for strdup... yes
> checking for strerror... yes
> checking for strncasecmp... yes
> checking for strrchr... yes
> checking for strstr... yes
> checking for strtol... yes
> checking for fchmod... yes
> checking for strcasestr... yes
> Checking platform... Identified as Linux
> checking for libcurl config script... /usr/bin/curl-config
> checking if libcurl is at least v... yes, 7.35.0
> checking if libcurl is linked with gnutls... no
> configure: using curl v7.35.0
> configure: looking for Apache module support via DSO through APXS
> configure: found apxs at /opt/apache-2.4.17/bin/apxs
> configure: checking httpd version
> configure: httpd is recent enough
> checking for libpcre config script... /usr/bin/pcre-config
> configure: using pcre v8.31
> checking for libapr config script... /usr/local/apr/bin/apr-1-config
> configure: using apr v1.5.2
> checking for libapu config script... /usr/local/apr/bin/apu-1-config
> configure: using apu v1.5.4
> checking for libxml2 config script... /usr/bin/xml2-config
> checking if libxml2 is at least v2.6.29... yes, 2.9.1
> configure: using libxml2 v2.9.1
> checking for pkg-config... /usr/bin/pkg-config
> checking pkg-config is at least version 0.9.0... yes
> checking for liblua config script... /usr/bin/pkg-config
> configure: using lua v5.2.0
> checking for libyajl config script... no
> checking for yajl install... no
> configure: optional yajl library not found
> checking for ssdeep path... no
> configure: optional ssdeep library not found
> checking that generated files are newer than configure... done
> configure: creating ./config.status
> config.status: creating Makefile
> config.status: creating tools/Makefile
> config.status: creating apache2/Makefile
> config.status: creating build/apxs-wrapper
> config.status: creating mlogc/mlogc-batch-load.pl
> config.status: creating tests/regression/misc/40-secRemoteRules.t
> config.status: creating tests/regression/misc/50-ipmatchfromfile-external.t
> config.status: creating tests/regression/misc/60-pmfromfile-external.t
> config.status: creating tests/run-unit-tests.pl
> config.status: creating tests/run-regression-tests.pl
> config.status: creating tests/gen_rx-pm.pl
> config.status: creating tests/csv_rx-pm.pl
> config.status: creating tests/regression/server_root/conf/httpd.conf
> config.status: creating tools/rules-updater.pl
> config.status: creating mlogc/Makefile
> config.status: creating tests/Makefile
> config.status: creating apache2/modsecurity_config_auto.h
> config.status: apache2/modsecurity_config_auto.h is unchanged
> config.status: executing depfiles commands
> config.status: executing libtool commands
>
>
> Make:
> $> make
> Making all in tools
> make[1]: Entering directory
> `/usr/src/modsecurity/modsecurity-2.9.1-RC1/tools'
> make[1]: Nothing to be done for `all'.
> make[1]: Leaving directory
> `/usr/src/modsecurity/modsecurity-2.9.1-RC1/tools'
> Making all in apache2
> make[1]: Entering directory
> `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
> make  all-am
> make[2]: Entering directory
> `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
> /bin/bash ../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H -I.
> -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/usr/include/libxml2
>  -I/usr/local/apr//include/apr-1 -I/usr/local/apr//include/apr-1
> -I/opt/apache-2.4.17/include -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL
> -I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
> -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
> -DREQUEST_EARLY          -DWITH_REMOTE_RULES  -g -O2
> -I/usr/local/apr//include/apr-1  -MT mod_security2_la-acmp.lo -MD -MP -MF
> .deps/mod_security2_la-acmp.Tpo -c -o mod_security2_la-acmp.lo `test -f
> 'acmp.c' || echo './'`acmp.c
> libtool: compile:  gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT
> -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1
> -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include
> -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2
> -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
> -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
> -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1
> -MT mod_security2_la-acmp.lo -MD -MP -MF .deps/mod_security2_la-acmp.Tpo -c
> acmp.c  -fPIC -DPIC -o .libs/mod_security2_la-acmp.o
> libtool: compile:  gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT
> -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1
> -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include
> -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2
> -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
> -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
> -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1
> -MT mod_security2_la-acmp.lo -MD -MP -MF .deps/mod_security2_la-acmp.Tpo -c
> acmp.c -o mod_security2_la-acmp.o >/dev/null 2>&1
> mv -f .deps/mod_security2_la-acmp.Tpo .deps/mod_security2_la-acmp.Plo
> /bin/bash ../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H -I.
> -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/usr/include/libxml2
>  -I/usr/local/apr//include/apr-1 -I/usr/local/apr//include/apr-1
> -I/opt/apache-2.4.17/include -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL
> -I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
> -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
> -DREQUEST_EARLY          -DWITH_REMOTE_RULES  -g -O2
> -I/usr/local/apr//include/apr-1  -MT mod_security2_la-apache2_config.lo -MD
> -MP -MF .deps/mod_security2_la-apache2_config.Tpo -c -o
> mod_security2_la-apache2_config.lo `test -f 'apache2_config.c' || echo
> './'`apache2_config.c
> libtool: compile:  gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT
> -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1
> -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include
> -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2
> -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY
> -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
> -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1
> -MT mod_security2_la-apache2_config.lo -MD -MP -MF
> .deps/mod_security2_la-apache2_config.Tpo -c apache2_config.c  -fPIC -DPIC
> -o .libs/mod_security2_la-apache2_config.o
> In file included from /opt/apache-2.4.17/include/apr_network_io.h:26:0,
>                  from /opt/apache-2.4.17/include/apr_buckets.h:29,
>                  from /opt/apache-2.4.17/include/util_filter.h:26,
>                  from /opt/apache-2.4.17/include/http_core.h:32,
>                  from apache2.h:18,
>                  from re.h:42,
>                  from msc_util.h:29,
>                  from modsecurity.h:40,
>                  from apache2_config.c:17:
> /opt/apache-2.4.17/include/apr_file_io.h:612:46: error: unknown type name
> 'apr_wait_type_t'
>                                               apr_wait_type_t direction);
>                                               ^
> In file included from /opt/apache-2.4.17/include/apr_buckets.h:29:0,
>                  from /opt/apache-2.4.17/include/util_filter.h:26,
>                  from /opt/apache-2.4.17/include/http_core.h:32,
>                  from apache2.h:18,
>                  from re.h:42,
>                  from msc_util.h:29,
>                  from modsecurity.h:40,
>                  from apache2_config.c:17:
> /opt/apache-2.4.17/include/apr_network_io.h:650:43: error: unknown type
> name 'apr_wait_type_t'
>                                            apr_wait_type_t direction);
>                                            ^
> make[2]: *** [mod_security2_la-apache2_config.lo] Error 1
> make[2]: Leaving directory
> `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
> make[1]: *** [all] Error 2
> make[1]: Leaving directory
> `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
> make: *** [all-recursive] Error 1
>
>
>
> Sorry for the bad news....
>
> Ahoj,
>
> Christian
>
>
>
> --
> I think IT projects are about supporting social systems - about
> communications between people and machines. They tend to fail due to
> cultural issues.
> -- Tim Berners-Lee
>
>
> ------------------------------------------------------------------------------
> Site24x7 APM Insight: Get Deep Visibility into Application Performance
> APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
> Monitor end-to-end web transactions and take corrective actions now
> Troubleshoot faster and improve end-user experience. Signup Now!
> http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
> _______________________________________________
> mod-security-developers mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php
>

Re: [Mod-security-developers] ModSecurity version 2.9.1-rc1 announcement

[Christian F. <chr...@ne...>]

Unfortunately, the build problem against apache 2.4.17 did not go away
either:

The OS Release:
  Ubuntu 14.04.4 LTS \n \l

Apache build:
  Server version: Apache/2.4.18 (Unix)
  Server built:   Mar  3 2016 05:25:21

$> ./configure --prefix=/opt/apache-2.4.18 \
  --with-apr=/usr/local/apr/bin/apr-1-config \
  --with-apr-util=/usr/local/apr/bin/apu-1-config \
  --enable-mpms-shared=event \
  --enable-mods-shared=all \
  --enable-nonportable-atomics=yes
...

ModSec Configure:
$> ./configure --with-apxs=/apache/bin/apxs./configure \
  --with-apxs=/apache/bin/apxs \
  --with-apr=/usr/local/apr/bin/apr-1-config \
  --with-pcre=/usr/bin/pcre-config \
  --enable-request-early
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /bin/mkdir -p
checking for gawk... gawk
checking whether make sets $(MAKE)... yes
checking whether make supports nested variables... yes
checking for style of include used by make... GNU
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables... 
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking whether gcc understands -c and -o together... yes
checking dependency style of gcc... gcc3
checking for ar... ar
checking the archiver (ar) interface... ar
checking build system type... x86_64-unknown-linux-gnu
checking host system type... x86_64-unknown-linux-gnu
checking how to print strings... printf
checking for a sed that does not truncate output... /bin/sed
checking for grep that handles long lines and -e... /bin/grep
checking for egrep... /bin/grep -E
checking for fgrep... /bin/grep -F
checking for ld used by gcc... /usr/bin/ld
checking if the linker (/usr/bin/ld) is GNU ld... yes
checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B
checking the name lister (/usr/bin/nm -B) interface... BSD nm
checking whether ln -s works... yes
checking the maximum length of command line arguments... 1572864
checking whether the shell understands some XSI constructs... yes
checking whether the shell understands "+="... yes
checking how to convert x86_64-unknown-linux-gnu file names to x86_64-unknown-linux-gnu format... func_convert_file_noop
checking how to convert x86_64-unknown-linux-gnu file names to toolchain format... func_convert_file_noop
checking for /usr/bin/ld option to reload object files... -r
checking for objdump... objdump
checking how to recognize dependent libraries... pass_all
checking for dlltool... no
checking how to associate runtime and link libraries... printf %s\n
checking for archiver @FILE support... @
checking for strip... strip
checking for ranlib... ranlib
checking command to parse /usr/bin/nm -B output from gcc object... ok
checking for sysroot... no
checking for mt... mt
checking if mt is a manifest tool... no
checking how to run the C preprocessor... gcc -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking for dlfcn.h... yes
checking for objdir... .libs
checking if gcc supports -fno-rtti -fno-exceptions... no
checking for gcc option to produce PIC... -fPIC -DPIC
checking if gcc PIC flag -fPIC -DPIC works... yes
checking if gcc static flag -static works... yes
checking if gcc supports -c -o file.o... yes
checking if gcc supports -c -o file.o... (cached) yes
checking whether the gcc linker (/usr/bin/ld -m elf_x86_64) supports shared libraries... yes
checking whether -lc should be explicitly linked in... no
checking dynamic linker characteristics... GNU/Linux ld.so
checking how to hardcode library paths into programs... immediate
checking for shl_load... no
checking for shl_load in -ldld... no
checking for dlopen... no
checking for dlopen in -ldl... yes
checking whether a program can dlopen itself... yes
checking whether a statically linked program can dlopen itself... no
checking whether stripping libraries is possible... yes
checking if libtool supports shared libraries... yes
checking whether to build shared libraries... yes
checking whether to build static libraries... yes
checking for gawk... (cached) gawk
checking for gcc... (cached) gcc
checking whether we are using the GNU C compiler... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking for gcc option to accept ISO C89... (cached) none needed
checking whether gcc understands -c and -o together... (cached) yes
checking dependency style of gcc... (cached) gcc3
checking how to run the C preprocessor... gcc -E
checking whether ln -s works... yes
checking whether make sets $(MAKE)... (cached) yes
checking for grep that handles long lines and -e... (cached) /bin/grep
checking for perl... /usr/bin/perl
checking for env... /usr/bin/env
checking for ANSI C header files... (cached) yes
checking fcntl.h usability... yes
checking fcntl.h presence... yes
checking for fcntl.h... yes
checking limits.h usability... yes
checking limits.h presence... yes
checking for limits.h... yes
checking for stdlib.h... (cached) yes
checking for string.h... (cached) yes
checking for unistd.h... (cached) yes
checking for sys/types.h... (cached) yes
checking for sys/stat.h... (cached) yes
checking sys/utsname.h usability... yes
checking sys/utsname.h presence... yes
checking for sys/utsname.h... yes
checking for an ANSI C-conforming const... yes
checking for inline... inline
checking for C/C++ restrict keyword... __restrict
checking for pid_t... yes
checking for size_t... yes
checking whether struct tm is in sys/time.h or time.h... time.h
checking for uint8_t... yes
checking for stdlib.h... (cached) yes
checking for GNU libc compatible malloc... yes
checking for working memcmp... yes
checking for atexit... yes
checking for getcwd... yes
checking for memmove... yes
checking for memset... yes
checking for strcasecmp... yes
checking for strchr... yes
checking for strdup... yes
checking for strerror... yes
checking for strncasecmp... yes
checking for strrchr... yes
checking for strstr... yes
checking for strtol... yes
checking for fchmod... yes
checking for strcasestr... yes
Checking platform... Identified as Linux
checking for libcurl config script... /usr/bin/curl-config
checking if libcurl is at least v... yes, 7.35.0
checking if libcurl is linked with gnutls... no
configure: using curl v7.35.0
configure: looking for Apache module support via DSO through APXS
configure: found apxs at /opt/apache-2.4.17/bin/apxs
configure: checking httpd version
configure: httpd is recent enough
checking for libpcre config script... /usr/bin/pcre-config
configure: using pcre v8.31
checking for libapr config script... /usr/local/apr/bin/apr-1-config
configure: using apr v1.5.2
checking for libapu config script... /usr/local/apr/bin/apu-1-config
configure: using apu v1.5.4
checking for libxml2 config script... /usr/bin/xml2-config
checking if libxml2 is at least v2.6.29... yes, 2.9.1
configure: using libxml2 v2.9.1
checking for pkg-config... /usr/bin/pkg-config
checking pkg-config is at least version 0.9.0... yes
checking for liblua config script... /usr/bin/pkg-config
configure: using lua v5.2.0
checking for libyajl config script... no
checking for yajl install... no
configure: optional yajl library not found
checking for ssdeep path... no
configure: optional ssdeep library not found
checking that generated files are newer than configure... done
configure: creating ./config.status
config.status: creating Makefile
config.status: creating tools/Makefile
config.status: creating apache2/Makefile
config.status: creating build/apxs-wrapper
config.status: creating mlogc/mlogc-batch-load.pl
config.status: creating tests/regression/misc/40-secRemoteRules.t
config.status: creating tests/regression/misc/50-ipmatchfromfile-external.t
config.status: creating tests/regression/misc/60-pmfromfile-external.t
config.status: creating tests/run-unit-tests.pl
config.status: creating tests/run-regression-tests.pl
config.status: creating tests/gen_rx-pm.pl
config.status: creating tests/csv_rx-pm.pl
config.status: creating tests/regression/server_root/conf/httpd.conf
config.status: creating tools/rules-updater.pl
config.status: creating mlogc/Makefile
config.status: creating tests/Makefile
config.status: creating apache2/modsecurity_config_auto.h
config.status: apache2/modsecurity_config_auto.h is unchanged
config.status: executing depfiles commands
config.status: executing libtool commands


Make:
$> make
Making all in tools
make[1]: Entering directory `/usr/src/modsecurity/modsecurity-2.9.1-RC1/tools'
make[1]: Nothing to be done for `all'.
make[1]: Leaving directory `/usr/src/modsecurity/modsecurity-2.9.1-RC1/tools'
Making all in apache2
make[1]: Entering directory `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
make  all-am
make[2]: Entering directory `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
/bin/bash ../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H -I.  -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/usr/include/libxml2   -I/usr/local/apr//include/apr-1 -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500  -DREQUEST_EARLY          -DWITH_REMOTE_RULES  -g -O2  -I/usr/local/apr//include/apr-1  -MT mod_security2_la-acmp.lo -MD -MP -MF .deps/mod_security2_la-acmp.Tpo -c -o mod_security2_la-acmp.lo `test -f 'acmp.c' || echo './'`acmp.c
libtool: compile:  gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1 -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500 -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1 -MT mod_security2_la-acmp.lo -MD -MP -MF .deps/mod_security2_la-acmp.Tpo -c acmp.c  -fPIC -DPIC -o .libs/mod_security2_la-acmp.o
libtool: compile:  gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1 -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500 -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1 -MT mod_security2_la-acmp.lo -MD -MP -MF .deps/mod_security2_la-acmp.Tpo -c acmp.c -o mod_security2_la-acmp.o >/dev/null 2>&1
mv -f .deps/mod_security2_la-acmp.Tpo .deps/mod_security2_la-acmp.Plo
/bin/bash ../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H -I.  -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/usr/include/libxml2   -I/usr/local/apr//include/apr-1 -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500  -DREQUEST_EARLY          -DWITH_REMOTE_RULES  -g -O2  -I/usr/local/apr//include/apr-1  -MT mod_security2_la-apache2_config.lo -MD -MP -MF .deps/mod_security2_la-apache2_config.Tpo -c -o mod_security2_la-apache2_config.lo `test -f 'apache2_config.c' || echo './'`apache2_config.c
libtool: compile:  gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/usr/include/libxml2 -I/usr/local/apr//include/apr-1 -I/usr/local/apr//include/apr-1 -I/opt/apache-2.4.17/include -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.2 -DWITH_PCRE_STUDY -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500 -DREQUEST_EARLY -DWITH_REMOTE_RULES -g -O2 -I/usr/local/apr//include/apr-1 -MT mod_security2_la-apache2_config.lo -MD -MP -MF .deps/mod_security2_la-apache2_config.Tpo -c apache2_config.c  -fPIC -DPIC -o .libs/mod_security2_la-apache2_config.o
In file included from /opt/apache-2.4.17/include/apr_network_io.h:26:0,
                 from /opt/apache-2.4.17/include/apr_buckets.h:29,
                 from /opt/apache-2.4.17/include/util_filter.h:26,
                 from /opt/apache-2.4.17/include/http_core.h:32,
                 from apache2.h:18,
                 from re.h:42,
                 from msc_util.h:29,
                 from modsecurity.h:40,
                 from apache2_config.c:17:
/opt/apache-2.4.17/include/apr_file_io.h:612:46: error: unknown type name 'apr_wait_type_t'
                                              apr_wait_type_t direction);
                                              ^
In file included from /opt/apache-2.4.17/include/apr_buckets.h:29:0,
                 from /opt/apache-2.4.17/include/util_filter.h:26,
                 from /opt/apache-2.4.17/include/http_core.h:32,
                 from apache2.h:18,
                 from re.h:42,
                 from msc_util.h:29,
                 from modsecurity.h:40,
                 from apache2_config.c:17:
/opt/apache-2.4.17/include/apr_network_io.h:650:43: error: unknown type name 'apr_wait_type_t'
                                           apr_wait_type_t direction);
                                           ^
make[2]: *** [mod_security2_la-apache2_config.lo] Error 1
make[2]: Leaving directory `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
make[1]: *** [all] Error 2
make[1]: Leaving directory `/usr/src/modsecurity/modsecurity-2.9.1-RC1/apache2'
make: *** [all-recursive] Error 1



Sorry for the bad news....

Ahoj,

Christian



-- 
I think IT projects are about supporting social systems - about
communications between people and machines. They tend to fail due to
cultural issues.
-- Tim Berners-Lee

Re: [Mod-security-developers] ModSecurity version 2.9.1-rc1 announcement

[Christian F. <chr...@ne...>]

Good morning,

Following up on yesterday's community meeting, I have more detailed info
on the JSON audit log failure on 2.9.1-rc1. The problem is real.

Details below.

If you need more info, Felipe, I'll be glad to help out.

Ahoj,

Christian

-----------------------------------------------------------------------

The error message (on launch):
  AH00526: Syntax error on line 110 of /apache/conf/httpd.conf_problem_...
  Invalid command 'SecAuditLogFormat', perhaps misspelled or defined by 
  a module not included in the server configuration

-> it dies

The OS Release:
  Ubuntu 14.04.4 LTS \n \l

Apache build:
  Server version: Apache/2.4.18 (Unix)
  Server built:   Mar  3 2016 05:25:21

  ./configure --prefix=/opt/apache-2.4.18 \
  --with-apr=/usr/local/apr/bin/apr-1-config \
  --with-apr-util=/usr/local/apr/bin/apu-1-config \
  --enable-mpms-shared=event \
  --enable-mods-shared=all \
  --enable-nonportable-atomics=yes

yajl version:
ii  libyajl2:amd64                    2.0.4-4 ...

ModSecurity:
  ModSecurity for Apache/2.9.1-RC1 (http://www.modsecurity.org/)

  ./configure --with-apxs=/apache/bin/apxs./configure \
  --with-apxs=/apache/bin/apxs \
  --with-apr=/usr/local/apr/bin/apr-1-config \
  --with-pcre=/usr/bin/pcre-config \
  --enable-request-early

Apache config:
...

SecRuleEngine                 On

SecRequestBodyAccess          On
SecRequestBodyLimit           10000000
SecRequestBodyNoFilesLimit    64000

SecResponseBodyAccess         On
SecResponseBodyLimit          10000000

SecTmpDir                     /tmp/
SecDataDir                    /tmp/
SecUploadDir                  /tmp/

SecDebugLog                   /apache/logs/modsec_debug.log
SecDebugLogLevel              3

SecAuditEngine                RelevantOnly
SecAuditLogRelevantStatus     "^(?:5|4(?!04))"
SecAuditLogParts              ABIJEFHKZ

SecAuditLogType               Concurrent
SecAuditLog                   /apache/logs/modsec_audit.log
SecAuditLogStorageDir         /apache/logs/audit/
SecAuditLogFormat             JSON

Re: [Mod-security-developers] ModSecurity(-dev) community meeting

[Felipe C. <FC...@tr...>]

Just a quick reminder that we are going to have our dev- meeting today, in the upcoming hours.

http://doodle.com/poll/kgb24dfyixg7ig4g

Br.,
Felipe “Zimmerle” Costa
Security Researcher, Lead Developer ModSecurity.

Trustwave | SMART SECURITY ON DEMAND
www.trustwave.com <http://www.trustwave.com/>








On 2/29/16, 10:56 AM, "Felipe Costa" <FC...@tr...> wrote:

>Hi,
>
>Just to let you know that the doodle for the meeting is now closed,
>the information about the meeting is available at:
>
>http://scanmail.trustwave.com/?c=4062&d=ps7U1tMnPkxksi-NSyMhcGXscVAbAnIssMqCBy6K7w&s=5&u=http%3a%2f%2fdoodle%2ecom%2fpoll%2fkgb24dfyixg7ig4g
>
>
>
>Br.,
>Felipe “Zimmerle” Costa
>Security Researcher, Lead Developer ModSecurity.
>
>Trustwave | SMART SECURITY ON DEMAND
>www.trustwave.com <http://www.trustwave.com/>
>
>
>
>
>
>
>
>
>
>On 2/24/16, 8:52 AM, "Felipe Costa" <FC...@tr...> wrote:
>
>>Hi,
>>
>>I would like to invite you to our ModSecurity(-dev) community meeting.
>>This invitation is extended to everyone which follow or participate actively
>>on the ModSecurity community.
>>
>>
>>The meeting agenda will be:
>>- Review of every open topic from the last meeting.
>>- Open Issues on GitHub, including issues related to our 2.9.1-RC1
>>- Open Merge requests on GitHub.
>>- Release dates (and content?) for v2.9.1.
>>- State of  ModSecurity v3, roadmap, testing and testing.
>>
>>
>>The meeting will be held at #modsecurity channel at FreeNode.
>>
>>
>>As suggested on our last meeting, the date will be: March 2.
>>
>>Please use Doodle to tell the best date/time for you:
>>http://scanmail.trustwave.com/?c=4062&d=ps7U1tMnPkxksi-NSyMhcGXscVAbAnIssMiBAX_c5A&s=5&u=http%3a%2f%2fdoodle%2ecom%2fpoll%2fd7wgb83bn4cxqyh4
>>
>>If you think that we should add or remove something from the agenda, please tell.
>>
>>The minutes from our last meeting can be found here:
>>http://scanmail.trustwave.com/?c=4062&d=ps7U1tMnPkxksi-NSyMhcGXscVAbAnIssMjSUnLa6A&s=5&u=https%3a%2f%2fwww%2emodsecurity%2eorg%2fdevelopers%2fmeetings%2f
>>
>>Br.,
>>Felipe “Zimmerle” Costa
>>Security Researcher, Lead Developer ModSecurity.
>>
>>Trustwave | SMART SECURITY ON DEMAND
>>www.trustwave.com <http://www.trustwave.com/>
>>
>>
>>
>>________________________________
>>
>>This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
>>------------------------------------------------------------------------------
>>Site24x7 APM Insight: Get Deep Visibility into Application Performance
>>APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
>>Monitor end-to-end web transactions and take corrective actions now
>>Troubleshoot faster and improve end-user experience. Signup Now!
>>http://scanmail.trustwave.com/?c=4062&d=ps7U1tMnPkxksi-NSyMhcGXscVAbAnIssJ2HBX2Ovw&s=5&u=http%3a%2f%2fpubads%2eg%2edoubleclick%2enet%2fgampad%2fclk%3fid%3d272487151%26iu%3d%2f4140
>>_______________________________________________
>>mod-security-developers mailing list
>>mod...@li...
>>http://scanmail.trustwave.com/?c=4062&d=ps7U1tMnPkxksi-NSyMhcGXscVAbAnIssMiFCX-JuA&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers
>>ModSecurity Services from Trustwave's SpiderLabs:
>>https://www.trustwave.com/spiderLabs.php
>
>________________________________
>
>This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
>------------------------------------------------------------------------------
>Site24x7 APM Insight: Get Deep Visibility into Application Performance
>APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
>Monitor end-to-end web transactions and take corrective actions now
>Troubleshoot faster and improve end-user experience. Signup Now!
>http://scanmail.trustwave.com/?c=4062&d=ps7U1tMnPkxksi-NSyMhcGXscVAbAnIssJ2HBX2Ovw&s=5&u=http%3a%2f%2fpubads%2eg%2edoubleclick%2enet%2fgampad%2fclk%3fid%3d272487151%26iu%3d%2f4140
>_______________________________________________
>mod-security-developers mailing list
>mod...@li...
>http://scanmail.trustwave.com/?c=4062&d=ps7U1tMnPkxksi-NSyMhcGXscVAbAnIssMiFCX-JuA&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers
>ModSecurity Services from Trustwave's SpiderLabs:
>https://www.trustwave.com/spiderLabs.php

________________________________

This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.

Re: [Mod-security-developers] ModSecurity(-dev) community meeting

[Felipe C. <FC...@tr...>]

Hi,

Just to let you know that the doodle for the meeting is now closed,
the information about the meeting is available at:

http://doodle.com/poll/kgb24dfyixg7ig4g



Br.,
Felipe “Zimmerle” Costa
Security Researcher, Lead Developer ModSecurity.

Trustwave | SMART SECURITY ON DEMAND
www.trustwave.com <http://www.trustwave.com/>









On 2/24/16, 8:52 AM, "Felipe Costa" <FC...@tr...> wrote:

>Hi,
>
>I would like to invite you to our ModSecurity(-dev) community meeting.
>This invitation is extended to everyone which follow or participate actively
>on the ModSecurity community.
>
>
>The meeting agenda will be:
>- Review of every open topic from the last meeting.
>- Open Issues on GitHub, including issues related to our 2.9.1-RC1
>- Open Merge requests on GitHub.
>- Release dates (and content?) for v2.9.1.
>- State of  ModSecurity v3, roadmap, testing and testing.
>
>
>The meeting will be held at #modsecurity channel at FreeNode.
>
>
>As suggested on our last meeting, the date will be: March 2.
>
>Please use Doodle to tell the best date/time for you:
>http://scanmail.trustwave.com/?c=4062&d=pZnN1qcmJGX47VhQfORt8yLUcjlL4Jq3ywuEjewNIA&s=5&u=http%3a%2f%2fdoodle%2ecom%2fpoll%2fd7wgb83bn4cxqyh4
>
>If you think that we should add or remove something from the agenda, please tell.
>
>The minutes from our last meeting can be found here:
>http://scanmail.trustwave.com/?c=4062&d=pZnN1qcmJGX47VhQfORt8yLUcjlL4Jq3ywvX3uELLA&s=5&u=https%3a%2f%2fwww%2emodsecurity%2eorg%2fdevelopers%2fmeetings%2f
>
>Br.,
>Felipe “Zimmerle” Costa
>Security Researcher, Lead Developer ModSecurity.
>
>Trustwave | SMART SECURITY ON DEMAND
>www.trustwave.com <http://www.trustwave.com/>
>
>
>
>________________________________
>
>This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
>------------------------------------------------------------------------------
>Site24x7 APM Insight: Get Deep Visibility into Application Performance
>APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
>Monitor end-to-end web transactions and take corrective actions now
>Troubleshoot faster and improve end-user experience. Signup Now!
>http://scanmail.trustwave.com/?c=4062&d=pZnN1qcmJGX47VhQfORt8yLUcjlL4Jq3y16Cie5few&s=5&u=http%3a%2f%2fpubads%2eg%2edoubleclick%2enet%2fgampad%2fclk%3fid%3d272487151%26iu%3d%2f4140
>_______________________________________________
>mod-security-developers mailing list
>mod...@li...
>http://scanmail.trustwave.com/?c=4062&d=pZnN1qcmJGX47VhQfORt8yLUcjlL4Jq3ywuAhexYfA&s=5&u=https%3a%2f%2flists%2esourceforge%2enet%2flists%2flistinfo%2fmod-security-developers
>ModSecurity Services from Trustwave's SpiderLabs:
>https://www.trustwave.com/spiderLabs.php

________________________________

This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.

Re: [Mod-security-developers] Planned community meeting 3/2?

[Felipe C. <FC...@tr...>]

Hi Robert,

Sorry for the delay to send the invitation. I have just sent the invitation to this very same mailing list.

Thank you,
Felipe “Zimmerle” Costa
Security Researcher, Lead Developer ModSecurity.

Trustwave | SMART SECURITY ON DEMAND
www.trustwave.com<http://www.trustwave.com/>


From: Robert Paprocki <rpa...@fe...<mailto:rpa...@fe...>>
Reply-To: "ro...@cr...<mailto:ro...@cr...>" <ro...@cr...<mailto:ro...@cr...>>, "mod...@li...<mailto:mod...@li...>" <mod...@li...<mailto:mod...@li...>>
Date: Tuesday, February 23, 2016 at 10:24 PM
To: "mod...@li...<mailto:mod...@li...>" <mod...@li...<mailto:mod...@li...>>
Subject: [Mod-security-developers] Planned community meeting 3/2?

Hello!

From the minutes from the January 27 meeting (https://www.modsecurity.org/developers/meetings/modsecurity.2016-01-27-15.08.html<http://scanmail.trustwave.com/?c=4062&d=iobN1sHgnU59Q7vIDQ1ZOM20MRwvfvnM5WLGSVvthw&s=5&u=https%3a%2f%2fwww%2emodsecurity%2eorg%2fdevelopers%2fmeetings%2fmodsecurity%2e2016-01-27-15%2e08%2ehtml>) we see the following:

AGREED: Next community meeting will be on March 2. (zimmerle, 16:20:34)
ACTION: zimmerle create another doodle to make sure that everyone can attend to the meeting (zimmerle, 16:20:58)
ACTION: zimmerle announce to the community the next date at least 15 before it, so people can plan and consequently attend the meeting with further problems. (zimmerle, 16:21:30)

That date is approaching (next week). Any updates on if this will happen?

________________________________

This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.

[Mod-security-developers] ModSecurity(-dev) community meeting

[Felipe C. <FC...@tr...>]

Hi,

I would like to invite you to our ModSecurity(-dev) community meeting.
This invitation is extended to everyone which follow or participate actively
on the ModSecurity community.


The meeting agenda will be:
- Review of every open topic from the last meeting.
- Open Issues on GitHub, including issues related to our 2.9.1-RC1
- Open Merge requests on GitHub.
- Release dates (and content?) for v2.9.1.
- State of  ModSecurity v3, roadmap, testing and testing.


The meeting will be held at #modsecurity channel at FreeNode.


As suggested on our last meeting, the date will be: March 2.

Please use Doodle to tell the best date/time for you:
http://doodle.com/poll/d7wgb83bn4cxqyh4

If you think that we should add or remove something from the agenda, please tell.

The minutes from our last meeting can be found here:
https://www.modsecurity.org/developers/meetings/

Br.,
Felipe “Zimmerle” Costa
Security Researcher, Lead Developer ModSecurity.

Trustwave | SMART SECURITY ON DEMAND
www.trustwave.com <http://www.trustwave.com/>



________________________________

This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.

[Mod-security-developers] Planned community meeting 3/2?

[Robert P. <rpa...@fe...>]

Hello!

>From the minutes from the January 27 meeting (
https://www.modsecurity.org/developers/meetings/modsecurity.2016-01-27-15.08.html)
we see the following:

AGREED: Next community meeting will be on March 2. (zimmerle, 16:20:34)
ACTION: zimmerle create another doodle to make sure that everyone can
attend to the meeting (zimmerle, 16:20:58)
ACTION: zimmerle announce to the community the next date at least 15 before
it, so people can plan and consequently attend the meeting with further
problems. (zimmerle, 16:21:30)

That date is approaching (next week). Any updates on if this will happen?

Re: [Mod-security-developers] libmodsec rpm spec

[Athmane M. <at...@fe...>]

On Mon, Feb 22, 2016 at 8:55 PM, Phil Daws <ux...@sp...> wrote:
> has anybody produced an rpm spec for libmodsec that they would be willing to share please ?

I'm currently preparing to update Fedora (and EPEL ?) once 3.0 is
officially out, here the spec so far:

SPEC: https://athmane.fedorapeople.org/pkgs/libmodsecurity.spec
SRPM: https://athmane.fedorapeople.org/pkgs/libmodsecurity-3.0-0.gitf44143.fc23.src.rpm


Best regards.

- Athmane