modsecurity 2.5.12 / 2.7.0 / 2.9.1 설치

리눅스/Security|2015. 1. 27. 08:57
반응형

[root@sysdocu]# wget http://www.modsecurity.org/download/modsecurity-apache_2.5.12.tar.gz

[root@sysdocu]# tar xvzf modsecurity-apache_2.5.12.tar.gz

[root@sysdocu]# cd modsecurity-apache_2.5.12/apache2
[root@sysdocu]# ./configure --with-apxs=/usr/local/apache/bin/apxs --with-apr=/usr/local/apache/bin/apr-1-config --with-apu=/usr/local/apache/bin/apu-1-config --with-lua
[root@sysdocu]# make
[root@sysdocu]# make install

 

1) 확인
    LoadModule security2_module    modules/mod_security2.so
 
2) 추가
    <IfModule mod_security2.c>
        Include conf/mod_security.conf
    </IfModule>

 


[에러]

apache 2.4 버전에 mod_security 2.5.12 를 설치하는중 아래와 같은 문제가 발생하였다.


[root@sysdocu]# make

/usr/local/apache/build/libtool --silent --mode=compile gcc -std=gnu99 -prefer-pic   -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache/include  -I/usr/local/apache/include   -I/usr/local/apache/include  -O2 -g -Wall -DWITH_PCRE_STUDY -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500 -I/usr/local/apache/include -I/usr/local/apache/include -I. -I/usr/local/src/APM_Setup/httpd-2.4.3/srclib/apr/include -I/usr/local/src/APM_Setup/httpd-2.4.3/srclib/apr-util/include -I/usr/local/pcre/include -I/usr/include/libxml2  -c -o mod_security2.lo mod_security2.c && touch mod_security2.slo

mod_security2.c: In function 'create_tx_context':

mod_security2.c:363: error: 'conn_rec' has no member named 'remote_ip'

mod_security2.c:364: error: 'conn_rec' has no member named 'remote_addr'

mod_security2.c: In function 'register_hooks':

mod_security2.c:1136: warning: passing argument 1 of 'ap_hook_error_log' from incompatible pointer type

/usr/local/apache/include/http_core.h:888: note: expected 'void (*)(const struct ap_errorlog_info *, const char *)' but argument is of type 'void (*)(const char *, int,  int,  apr_status_t,  const struct server_rec *, const struct request_rec *, struct apr_pool_t *, const char *)'

apxs:Error: Command failed with rc=65536

.

make: *** [mod_security2.la] 오류 1



[해결]

[root@sysdocu]# vi mod_security2.c

(363, 364 라인의 뒷부분의 remote 를 client 로 변경)


    msr->remote_addr = r->connection->client_ip;

    msr->remote_port = r->connection->client_addr->port;


[root@sysdocu]# vi apache2_util.c

(305 라인의 뒷부분의 remote 를 client 로 변경)


ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r->server,

            "[client %s] ModSecurity: %s%s [uri \"%s\"]%s", r->connection->client_ip, str1,

            hostname, log_escape(msr->mp, r->uri), unique_id);



그리고 make 진행..



그러나 httpd syntax 체크시 오류 출력..


지원되는 버전 문제로 보여 httpd 2.4 에는 mod_security 2.7.x mod_security 2.7.0 을 설치해서 해결함


mod_security 2.7


[root@sysdocu]# wget https://sourceforge.net/projects/mod-security/files/modsecurity-apache/2.7.0/modsecurity-apache_2.7.0.tar.gz

[root@sysdocu]# tar xvzf modsecurity-apache_2.7.0.tar.gz

[root@sysdocu]# cd modsecurity-apache_2.7.0

[root@sysdocu]# ./configure --with-apxs=/usr/local/apache/bin/apxs

[root@sysdocu]# make

[root@sysdocu]# make install



mod_security 2.9.1


[root@sysdocu]#./configure --with-apxs=/usr/local/apache/bin/apxs --with-pcre=/usr/local/pcre --with-apr=/usr/local/apache/bin/apr-1-config --with-apu=/usr/local/apache/bin/apu-1-config

[root@sysdocu]# make

[root@sysdocu]# make install



./configure 에서 잘 안되면 그냥 옵션 다 빼고 ./configure 만 해도 된다.



룰셋은 별도의 포스팅 참조..


반응형

댓글()