debian/ 0000755 0000000 0000000 00000000000 12167501060 007164 5 ustar debian/watch 0000644 0000000 0000000 00000000100 12167234670 010216 0 ustar version=3
http://sf.net/mod-spamhaus/mod-spamhaus-(.+)\.tar\.gz
debian/apache2 0000644 0000000 0000000 00000000132 12167240573 010417 0 ustar mod src/.libs/mod_spamhaus.so
mod debian/conf/spamhaus.load
mod debian/conf/spamhaus.conf
debian/rules 0000755 0000000 0000000 00000001524 12167235110 010246 0 ustar #!/usr/bin/make -f
# -*- makefile -*-
# Uncomment this to turn on verbose mode.
#export DH_VERBOSE=1
build: build-stamp
build-stamp:
dh_testdir
$(MAKE)
touch $@
clean:
dh_testdir
dh_testroot
rm -f build-stamp
mkdir -p src/.libs
$(MAKE) clean
dh_clean
install: build
dh_testdir
dh_testroot
dh_clean -k
dh_installdirs
# Build architecture-independent files here.
binary-indep: build install
# We have nothing to do by default.
# Build architecture-dependent files here.
binary-arch: build install
dh_testdir
dh_testroot
dh_installchangelogs
dh_installdocs
dh_installexamples
dh_install
dh_apache2
dh_link
dh_strip
dh_compress
dh_fixperms
dh_makeshlibs
dh_installdeb
dh_shlibdeps
dh_gencontrol
dh_md5sums
dh_builddeb
binary: binary-indep binary-arch
.PHONY: build clean binary-indep binary-arch binary install
debian/conf/ 0000755 0000000 0000000 00000000000 12167240551 010116 5 ustar debian/conf/spamhaus.load 0000644 0000000 0000000 00000000106 12167234670 012602 0 ustar LoadModule spamhaus_module /usr/lib/apache2/modules/mod_spamhaus.so
debian/conf/spamhaus.conf 0000644 0000000 0000000 00000003107 12167234670 012614 0 ustar
#MS_Methods
# Syntax: MS_Methods POST,PUT,OPTIONS
# Default: POST,PUT,OPTIONS
#
# The values admitted are the httpd's methods (GET,POST,etc)
# Module verify remote ip address if the method used by the user is present
# in the value passed to this variable. Methods must be comma-separated
MS_METHODS POST,PUT,OPTIONS,CONNECT
#MS_WhiteList
# Syntax: MS_WhiteList /etc/spamhaus.wl
# Default: no value
# Path of whitelist file.
# After you've edit it, you mustn't reload apache. This file will be read only
# when 'data modification time' change. You can add an individual IP address or
# subnets with CIDR.
#MS_WhiteList /etc/spamhaus.wl
#MS_DNS
# Syntax: MS_DNS sbl-xbl.spamhaus.org
# Default: sbl-xbl.spamhaus.org
# Name server to use for verify is an ip is blacklisted.
# Using a local rbldnsd instance of sbl-xbl, you can increase query performance
#MS_Dns local.rbldnsd.instance.of.sbl-xbl
#MS_CacheSize
# Syntax: MS_CacheSize 256
# Default: 512
# Max value: 8192
# This directive can manage the number of cache entries.
#MS_CacheSize 512
#MS_CustomError
# Syntax: MS_CustomError "My custom error message"
# Default: "Access Denied! Your address is blacklisted. More information about this error may be available in the server error log."
# A custom error message that allows you to replace default error message with one you create
#MS_CustomError "Access Denied! Your address is blacklisted. More information about this error may be available in the server error log."
debian/copyright 0000644 0000000 0000000 00000002356 12167234670 011137 0 ustar This package was debianized by Giuseppe Iuculano on
Sat, 25 Oct 2008 17:54:55 +0200.
It was downloaded from http://sourceforge.net/projects/mod-spamhaus/
Upstream Author: Luca Ercoli
Copyright: Copyright (C) 2008 Luca Ercoli
License:
This package is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This package is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this package; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
On Debian systems, the complete text of the GNU General
Public License can be found in `/usr/share/common-licenses/GPL'.
The Debian packaging is (C) 2008, Giuseppe Iuculano and
is licensed under the same license as the software itself.
debian/postrm 0000644 0000000 0000000 00000000502 12167245645 010446 0 ustar #! /bin/sh
set -e
dpkg-maintscript-helper mv_conffile /etc/apache2/mods-available/mod-spamhaus.conf /etc/apache2/mods-available/spamhaus.conf 0.7-1.1~ -- "$@"
dpkg-maintscript-helper mv_conffile /etc/apache2/mods-available/mod-spamhaus.load /etc/apache2/mods-available/spamhaus.load 0.7-1.1~ -- "$@"
#DEBHELPER#
exit 0
debian/preinst 0000644 0000000 0000000 00000001260 12167305671 010604 0 ustar #! /bin/sh
set -e
# We have to tell a2dismod about the removal before moving the conffile.
if ([ "$1" = install ] || [ "$1" = "upgrade" ]) && [ "$2" ] && \
dpkg --compare-versions "$2" le-nl 0.7-1.1~; then
if [ ! -h /etc/apache2/mods-enabled/mod-spamhaus.load ]; then
touch /etc/apache2/mods-enabled/mod-spamhaus.load.dpkg-was-disabled
fi
a2dismod -p -m -f -q mod-spamhaus
fi
dpkg-maintscript-helper mv_conffile /etc/apache2/mods-available/mod-spamhaus.conf /etc/apache2/mods-available/spamhaus.conf 0.7-1.1~ -- "$@"
dpkg-maintscript-helper mv_conffile /etc/apache2/mods-available/mod-spamhaus.load /etc/apache2/mods-available/spamhaus.load 0.7-1.1~ -- "$@"
#DEBHELPER#
exit 0
debian/source/ 0000755 0000000 0000000 00000000000 12167235535 010477 5 ustar debian/source/format 0000644 0000000 0000000 00000000014 12167235535 011705 0 ustar 3.0 (quilt)
debian/patches/ 0000755 0000000 0000000 00000000000 12167236044 010622 5 ustar debian/patches/aplog-use-module.patch 0000644 0000000 0000000 00000001060 12167236030 015012 0 ustar Description: Add APLOG_USE_MODULE for Apache 2.4 per-module loglevels
Author: Colin Watson
Forwarded: no
Last-Update: 2013-07-10
Index: b/src/mod_spamhaus.c
===================================================================
--- a/src/mod_spamhaus.c
+++ b/src/mod_spamhaus.c
@@ -47,6 +47,10 @@
#define WHITELIST_SIZE 2048
#define MAX_CACHE_SIZE 8192
+#ifdef APLOG_USE_MODULE
+APLOG_USE_MODULE(spamhaus);
+#endif
+
module AP_MODULE_DECLARE_DATA spamhaus_module;
static void *spamhaus_create_config(apr_pool_t *p, server_rec *s);
debian/patches/series 0000644 0000000 0000000 00000000060 12167235762 012041 0 ustar aplog-use-module.patch
conn-rec-remote-ip.patch
debian/patches/conn-rec-remote-ip.patch 0000644 0000000 0000000 00000006512 12167236044 015252 0 ustar Description: Handle conn_rec->remote_ip split in Apache 2.4
Author: Colin Watson
Forwarded: no
Last-Update: 2013-07-10
Index: b/src/mod_spamhaus.c
===================================================================
--- a/src/mod_spamhaus.c
+++ b/src/mod_spamhaus.c
@@ -53,6 +53,13 @@
module AP_MODULE_DECLARE_DATA spamhaus_module;
+#if AP_SERVER_MAJORVERSION_NUMBER > 2 || \
+ (AP_SERVER_MAJORVERSION_NUMBER == 2 && AP_SERVER_MINORVERSION_NUMBER >= 4)
+#define CLIENT_IP(conn) ((conn)->client_ip)
+#else
+#define CLIENT_IP(conn) ((conn)->remote_ip)
+#endif
+
static void *spamhaus_create_config(apr_pool_t *p, server_rec *s);
static void *spamhaus_create_dir_config(apr_pool_t *p, char *path);
static int spamhaus_handler(request_rec *r);
@@ -184,7 +191,7 @@
if ( brokenfeed ) *brokenfeed = '\0';
if ( (strchr(lista[count],'/') == NULL )){
- if ( strcmp(lista[count],r->connection->remote_ip) == 0 ) return 1;
+ if ( strcmp(lista[count],CLIENT_IP(r->connection)) == 0 ) return 1;
}
else {
@@ -206,7 +213,7 @@
in.s_addr = last;
sscanf(inet_ntoa(in), "%d.%d.%d.%d", &a_max, &b_max, &c_max, &d_max);
- sscanf(r->connection->remote_ip, "%d.%d.%d.%d", &a_daverificare, &b_daverificare, &c_daverificare, &d_daverificare);
+ sscanf(CLIENT_IP(r->connection), "%d.%d.%d.%d", &a_daverificare, &b_daverificare, &c_daverificare, &d_daverificare);
if (
@@ -250,14 +257,14 @@
if ( strstr(cfg->methods,r->method) != NULL )
{
- for (counter; counter < cfg->nip_incache; counter++) if (strcmp(cached_ip[counter],r->connection->remote_ip) == 0 ) return DECLINED;
+ for (counter; counter < cfg->nip_incache; counter++) if (strcmp(cached_ip[counter],CLIENT_IP(r->connection)) == 0 ) return DECLINED;
struct hostent *hp = 0;
memset(lookup_this,'\0',512);
- sscanf(r->connection->remote_ip, "%d.%d.%d.%d",&oct1, &oct2, &oct3, &oct4);
+ sscanf(CLIENT_IP(r->connection), "%d.%d.%d.%d",&oct1, &oct2, &oct3, &oct4);
snprintf(lookup_this,512,"%d.%d.%d.%d.%s",oct4,oct3,oct2,oct1,cfg->dnshost);
@@ -275,15 +282,15 @@
if (oct1 != 127)
{
- ap_log_rerror(APLOG_MARK, APLOG_CRIT, 0, r, "mod_spamhaus: address %s is blacklisted but it's not in the 127.0.0.0/8 range. POSSIBLE WILD-CARDING TYPOSQUATTERS ATTACK! IP address will not get filtered",r->connection->remote_ip);
+ ap_log_rerror(APLOG_MARK, APLOG_CRIT, 0, r, "mod_spamhaus: address %s is blacklisted but it's not in the 127.0.0.0/8 range. POSSIBLE WILD-CARDING TYPOSQUATTERS ATTACK! IP address will not get filtered",CLIENT_IP(r->connection));
return DECLINED;
}
if ( (strcmp(cfg->whitelist,"no-white-list")!= 0) )
{
if ( check_whitelist(cfg->whitelist,r) ) {
- ap_log_rerror(APLOG_MARK, APLOG_CRIT, 0, r, "mod_spamhaus: address %s is whitelisted. Allow connection to %s%s", r->connection->remote_ip,r->hostname,r->uri);
- add_cache(r->connection->remote_ip,cfg->nip_incache);
+ ap_log_rerror(APLOG_MARK, APLOG_CRIT, 0, r, "mod_spamhaus: address %s is whitelisted. Allow connection to %s%s", CLIENT_IP(r->connection),r->hostname,r->uri);
+ add_cache(CLIENT_IP(r->connection),cfg->nip_incache);
return DECLINED;
}
@@ -301,7 +308,7 @@
}
- add_cache(r->connection->remote_ip,cfg->nip_incache);
+ add_cache(CLIENT_IP(r->connection),cfg->nip_incache);
return DECLINED;
debian/compat 0000644 0000000 0000000 00000000002 12167234670 010374 0 ustar 5
debian/control 0000644 0000000 0000000 00000001362 12167234726 010605 0 ustar Source: mod-spamhaus
Section: web
Priority: extra
Maintainer: Giuseppe Iuculano
Build-Depends: debhelper (>= 5), dh-apache2, apache2-dev
Standards-Version: 3.8.0
Homepage: http://sourceforge.net/projects/mod-spamhaus/
Package: libapache2-mod-spamhaus
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}
Description: Apache DNSBL module that blocks listed IP addresses
mod_spamhaus is an Apache module for DNS Block Listing that protects web
services by denying access to particular IP addresses. It can stop spam
relaying via web form URL injection, and block HTTP DDoS attacks from
bot-nets.
.
It queries sbl-xbl.spamhaus.org, taking advantage of the Spamhaus Block
List (SBL) and the Exploits Block List (XBL).
debian/postinst 0000644 0000000 0000000 00000002146 12167304305 011000 0 ustar #! /bin/sh
set -e
# We cannot use dh_installdeb and debian/maintscript for this, because the
# conffile must be renamed before dh_apache2's generated postinst fragment
# tries to reload the server.
dpkg-maintscript-helper mv_conffile /etc/apache2/mods-available/mod-spamhaus.conf /etc/apache2/mods-available/spamhaus.conf 0.7-1.1~ -- "$@"
dpkg-maintscript-helper mv_conffile /etc/apache2/mods-available/mod-spamhaus.load /etc/apache2/mods-available/spamhaus.load 0.7-1.1~ -- "$@"
#DEBHELPER#
if [ "$1" = configure ] && [ "$2" ] && \
dpkg --compare-versions "$2" le-nl 0.7-1.1~ && \
[ -e /etc/apache2/mods-enabled/mod-spamhaus.load.dpkg-was-disabled ]; then
# We're upgrading, and the old name was disabled, so it must
# have been disabled by the site administrator. Preserve
# this.
rm -f /etc/apache2/mods-enabled/mod-spamhaus.load.dpkg-was-disabled
if [ -e /usr/share/apache2/apache2-maintscript-helper ]; then
echo "Disabling spamhaus again to reflect previous mod-spamhaus configuration."
. /usr/share/apache2/apache2-maintscript-helper
a2dismod -f -q spamhaus
apache2_reload restart
fi
fi
exit 0
debian/changelog 0000644 0000000 0000000 00000001057 12167501055 011045 0 ustar mod-spamhaus (0.7-1.1) unstable; urgency=low
* Non-maintainer upload.
* Port to Apache 2.4 (closes: #666847).
* Rename mod-spamhaus.conf and mod-spamhaus.load to the standard form of
spamhaus.conf and spamhaus.load, otherwise the prerm/postrm scripts
generated by dh_apache2 are unable to unload the module.
-- Colin Watson Thu, 11 Jul 2013 11:00:10 +0100
mod-spamhaus (0.7-1) unstable; urgency=low
* Initial release (Closes: #503395)
-- Giuseppe Iuculano Sun, 02 Nov 2008 10:50:43 +0100