diff options
| author |   Diego Elio Pettenò <flameeyes@gentoo.org> | 2010-12-31 13:03:26 +0000 |
|---|---|---|
| committer | Diego Elio Pettenò <flameeyes@gentoo.org> | 2010-12-31 13:03:26 +0000 |
| commit | 1fcaf9eb8f31fa89ffcd2081f3ca982ded2b5dab (patch) | |
| tree | 1ed62b3346113f010410f405f9f6b2a1b3070e9f /www-apache | |
| parent | Remove gemcutter dependency from gemspec: it is optional and not important fo... (diff) | |
| download | historical-1fcaf9eb8f31fa89ffcd2081f3ca982ded2b5dab.tar.gz historical-1fcaf9eb8f31fa89ffcd2081f3ca982ded2b5dab.tar.bz2 historical-1fcaf9eb8f31fa89ffcd2081f3ca982ded2b5dab.zip | |
Version bump, this version introduces experimental rules as well.
Package-Manager: portage-2.2.0_alpha10/cvs/Linux x86_64
Diffstat (limited to 'www-apache')
| -rw-r--r-- | www-apache/modsecurity-crs/ChangeLog | 8 | ||||
| -rw-r--r-- | www-apache/modsecurity-crs/Manifest | 10 | ||||
| -rw-r--r-- | www-apache/modsecurity-crs/modsecurity-crs-2.1.1.ebuild | 70 |
3 files changed, 83 insertions, 5 deletions
diff --git a/www-apache/modsecurity-crs/ChangeLog b/www-apache/modsecurity-crs/ChangeLog index f6bb760a65ab..5e0299bb090b 100644 --- a/www-apache/modsecurity-crs/ChangeLog +++ b/www-apache/modsecurity-crs/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for www-apache/modsecurity-crs # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/www-apache/modsecurity-crs/ChangeLog,v 1.5 2010/12/03 01:34:34 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-apache/modsecurity-crs/ChangeLog,v 1.6 2010/12/31 13:03:26 flameeyes Exp $ + +*modsecurity-crs-2.1.1 (31 Dec 2010) + + 31 Dec 2010; Diego E. Pettenò <flameeyes@gentoo.org> + +modsecurity-crs-2.1.1.ebuild: + Version bump, this version introduces experimental rules as well. 03 Dec 2010; Diego E. Pettenò <flameeyes@gentoo.org> modsecurity-crs-2.0.10.ebuild: diff --git a/www-apache/modsecurity-crs/Manifest b/www-apache/modsecurity-crs/Manifest index 264c88b78a5f..3be2b20644d4 100644 --- a/www-apache/modsecurity-crs/Manifest +++ b/www-apache/modsecurity-crs/Manifest @@ -3,14 +3,16 @@ Hash: SHA1 DIST modsecurity-crs_2.0.10.tar.gz 149997 RMD160 00ef9f03b69e86b5dcd930ce352b734b80ef8560 SHA1 32e52f534f84d0c2bb9ce57464670bf76b8578be SHA256 9f26c579f802fe1ef9ab254e34a6a34a4c3e468bfe0d61d09eea36485b208865 DIST modsecurity-crs_2.0.8.tar.gz 155889 RMD160 c4fb5ef6c48a8aade6d9b8c95e9acd2f9c5d2a40 SHA1 382713ecdb6ab57904a03fdae0eae311f8d4b3c3 SHA256 11ec4bb68f455924298e998a283664ba710aeb45d4ea6e70dd5ac8a22345f890 +DIST modsecurity-crs_2.1.1.tar.gz 170673 RMD160 90757ab8996145d5847d0030f6c0d0b096902c9b SHA1 67224288a111de028e7f127abe79955eba3641d4 SHA256 f97d4e6506d6a3c480828a4733f668bdc6a3c58ab08d5d28931233de1c158f30 EBUILD modsecurity-crs-2.0.10.ebuild 2769 RMD160 f077099c6bd0696b9b05437f474eb7257dc428ea SHA1 6b89cebe2263219c1a3b04069448cd67e1d0f302 SHA256 3b5dbbd7d7818a79abbd4901765ed111a7ced0c8cd1815feb5eed3f22795b817 EBUILD modsecurity-crs-2.0.8.ebuild 2176 RMD160 1c627c98c4491a89db6e0aeabaeac3005fe28b38 SHA1 7c98f5444697f8af091d48782af8c2fb49d5f5fd SHA256 6586b994e412d1122a1dd3f6fde94c4cbae75140e6beb067b9a2a6847dc537ea -MISC ChangeLog 1011 RMD160 2409f67efbc65dadde3ebc0f973d6f4dc1e5219a SHA1 14457454e49bdeb2735b07bdc0661bbca514cdac SHA256 1f574ed302e08172d7ba8c46f15f56337a83ecc2de124b8ad61cb1741833873e +EBUILD modsecurity-crs-2.1.1.ebuild 2479 RMD160 f5832525ea5651a4e968cb1623794c524d7e9fd3 SHA1 96cbf5d01054d64ae77f17be18de8cbc8db74030 SHA256 604a8d8aa5c3566f114a58d64d7911c884a6782e976d3f06c7254b79f5b97e7c +MISC ChangeLog 1207 RMD160 f30339873c7bdd73cf35d6dbafd30e9b7f54981d SHA1 3c1f4f8085d0d774f07a9407c8acbdc022efe6dc SHA256 15038dbf4fb7e4bfeb4a7d77eb4a7bbacd3e2a4700f64b855b663d97bd83fa5a MISC metadata.xml 663 RMD160 86ce5a300643284f72a5c9a657f6946163e23e44 SHA1 6b9a9355f552f3c869a1b00ad8586b77a132cf16 SHA256 aceb77ecf1564c16e052cfb222a508649ffe176ed6745d13a22d2b1a2cceae45 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) -iEYEARECAAYFAkz4SRYACgkQAiZjviIA2XilOQCgmoO0J7YNjnNGshy6G4+lu2f8 -ppcAnRY6rItJlG7gw3nI7WqS2Kq+c0OU -=ydzG +iEYEARECAAYFAk0d1FkACgkQAiZjviIA2XguEQCeKbo39uD2rQDOB2k8ia2hmtbb +mRsAmwR+3ZzP78hmo7hB1EQLtWtnJqQ+ +=hGA8 -----END PGP SIGNATURE----- diff --git a/www-apache/modsecurity-crs/modsecurity-crs-2.1.1.ebuild b/www-apache/modsecurity-crs/modsecurity-crs-2.1.1.ebuild new file mode 100644 index 000000000000..4e0ea5d36571 --- /dev/null +++ b/www-apache/modsecurity-crs/modsecurity-crs-2.1.1.ebuild @@ -0,0 +1,70 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/www-apache/modsecurity-crs/modsecurity-crs-2.1.1.ebuild,v 1.1 2010/12/31 13:03:26 flameeyes Exp $ + +EAPI=2 + +DESCRIPTION="Core Rule Set for ModSecurity" +HOMEPAGE="http://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project" +SRC_URI="mirror://sourceforge/mod-security/${PN}_${PV}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~sparc ~x86" +IUSE="vanilla" + +RDEPEND=">=www-apache/mod_security-2.5.12-r1" +DEPEND="" + +S="${WORKDIR}/${PN}_${PV}" + +RULESDIR=/etc/apache2/modules.d/mod_security + +src_install() { + insinto "${RULESDIR}" || die + doins base_rules/* || die + + # these are considered examples, but we install them anyway, and let + # etc-update deal with them. + for file in *.conf.example; do + newins "${file}" "${file%.example}" || die "failed to install ${file}" + done + + insinto "${RULESDIR}"/optional_rules + doins optional_rules/* || die + + insinto "${RULESDIR}"/experimental_rules + doins experimental_rules/* || die + + if ! use vanilla; then + mv "${D}${RULESDIR}"/modsecurity_*50_outbound* \ + "${D}${RULESDIR}"/optional_rules || die + fi + + dodoc CHANGELOG README || die +} + +pkg_postinst() { + if ! use vanilla; then + elog "Please note that the Core Rule Set is quite draconic; to make it more usable," + elog "the Gentoo distribution disables a few rule set files, that are relevant for" + elog "PHP-only websites or that would make it kill a website that discussed of source code." + else + elog "You decided to enable the original Core Rule Set from ModSecurity." + elog "Be warned that the original Core Rule Set is draconic and most likely will" + elog "render your web application unusable if you don't disable at leat some of" + elog "the rules." + fi + elog + elog "If you want to enable further rules, check the following directories:" + elog " ${APACHE_MODULES_CONFDIR}/mod_security/optional_rules" + elog " ${APACHE_MODULES_CONFDIR}/mod_security/experimental_rules" + elog "" + elog "Starting from version 2.0.9, the default for the Core Rule Set is again to block" + elog "when rules hit. If you wish to go back to the 2.0.8 method of anomaly scoring, you" + elog "should change modsecurity_crs_10_config.conf so that you have these settings enabled:" + elog "" + elog " #SecDefaultAction \"phase:2,deny,log\"" + elog " SecAction \"phase:1,t:none,nolog,pass,setvar:tx.anomaly_score_blocking=on\"" + elog "" +} |