reorg repo

3 files changed, 185 insertions, 0 deletions

diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..1e65467
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,4 @@
+SRCDIR := $(shell pwd)
+NAME := $(shell basename $(SRCDIR))
+include ../common/Makefile
+
diff --git a/mod_evasive.conf b/mod_evasive.conf
new file mode 100644
index 0000000..9215966
--- /dev/null
+++ b/mod_evasive.conf
@@ -0,0 +1,73 @@
+# mod_evasive configuration
+LoadModule evasive20_module modules/mod_evasive20.so
+
+<IfModule mod_evasive20.c>
+    # The hash table size defines the number of top-level nodes for each
+    # child's hash table.  Increasing this number will provide faster
+    # performance by decreasing the number of iterations required to get to the
+    # record, but consume more memory for table space.  You should increase
+    # this if you have a busy web server.  The value you specify will
+    # automatically be tiered up to the next prime number in the primes list
+    # (see mod_evasive.c for a list of primes used).
+    DOSHashTableSize    3097
+
+    # This is the threshhold for the number of requests for the same page (or
+    # URI) per page interval.  Once the threshhold for that interval has been
+    # exceeded, the IP address of the client will be added to the blocking
+    # list.
+    DOSPageCount        2
+
+    # This is the threshhold for the total number of requests for any object by
+    # the same client on the same listener per site interval.  Once the
+    # threshhold for that interval has been exceeded, the IP address of the
+    # client will be added to the blocking list.
+    DOSSiteCount        50
+
+    # The interval for the page count threshhold; defaults to 1 second
+    # intervals.
+    DOSPageInterval     1
+
+    # The interval for the site count threshhold; defaults to 1 second
+    # intervals.
+    DOSSiteInterval     1
+
+    # The blocking period is the amount of time (in seconds) that a client will
+    # be blocked for if they are added to the blocking list.  During this time,
+    # all subsequent requests from the client will result in a 403 (Forbidden)
+    # and the timer being reset (e.g. another 10 seconds).  Since the timer is
+    # reset for every subsequent request, it is not necessary to have a long
+    # blocking period; in the event of a DoS attack, this timer will keep
+    # getting reset.
+    DOSBlockingPeriod   10
+
+    # If this value is set, an email will be sent to the address specified
+    # whenever an IP address becomes blacklisted.  A locking mechanism using
+    # /tmp prevents continuous emails from being sent.
+    #
+    # NOTE: Requires /bin/mail (provided by mailx)
+    #DOSEmailNotify      you@yourdomain.com
+
+    # If this value is set, the system command specified will be executed
+    # whenever an IP address becomes blacklisted.  This is designed to enable
+    # system calls to ip filter or other tools.  A locking mechanism using /tmp
+    # prevents continuous system calls.  Use %s to denote the IP address of the
+    # blacklisted IP.
+    #DOSSystemCommand    "su - someuser -c '/sbin/... %s ...'"
+
+    # Choose an alternative temp directory By default "/tmp" will be used for
+    # locking mechanism, which opens some security issues if your system is
+    # open to shell users.
+    #
+    #   http://security.lss.hr/index.php?page=details&ID=LSS-2005-01-01
+    #
+    # In the event you have nonprivileged shell users, you'll want to create a
+    # directory writable only to the user Apache is running as (usually root),
+    # then set this in your httpd.conf.
+    #DOSLogDir           "/var/lock/mod_evasive"
+
+    # You can use whitelists to disable the module for certain ranges of
+    # IPs. Wildcards can be used on up to the last 3 octets if necessary.  
+    # Multiple DOSWhitelist commands may be used in the configuration.
+    #DOSWhitelist   127.0.0.1
+    #DOSWhitelist   192.168.0.*
+</IfModule>
diff --git a/mod_evasive.spec b/mod_evasive.spec
new file mode 100644
index 0000000..09a89d6
--- /dev/null
+++ b/mod_evasive.spec
@@ -0,0 +1,108 @@
+Name:           mod_evasive
+Version:        1.10.1
+Release:        13%{?dist}
+Summary:        Denial of Service evasion module for Apache
+
+Group:          System Environment/Daemons
+License:        GPLv2+
+URL:            http://www.zdziarski.com/projects/mod_evasive/
+Source0:        http://www.zdziarski.com/projects/mod_evasive/mod_evasive_%{version}.tar.gz
+Source1:        mod_evasive.conf
+BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+
+BuildRequires:  httpd-devel
+Requires:       httpd
+Requires:       httpd-mmn = %([ -a %{_includedir}/httpd/.mmn ] && cat %{_includedir}/httpd/.mmn || echo missing)
+
+%description
+mod_evasive is an evasive maneuvers module for Apache to provide evasive 
+action in the event of an HTTP DoS or DDoS attack or brute force attack. It 
+is also designed to be a detection and network management tool, and can be 
+easily configured to talk to firewalls, routers, etc. mod_evasive presently 
+reports abuses via email and syslog facilities. 
+
+
+%prep
+%setup -q -n %{name}
+
+
+%build
+# create apache httpd-2.4 version and compile it
+sed 's/connection->remote_ip/connection->client_ip/' \
+  < mod_evasive20.c > mod_evasive24.c
+apxs -Wc,"%{optflags}" -c mod_evasive24.c
+
+
+%install
+rm -rf $RPM_BUILD_ROOT
+mkdir -pm 755 \
+    $RPM_BUILD_ROOT%{_libdir}/httpd/modules \
+    $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d
+install -pm 755 .libs/mod_evasive24.so $RPM_BUILD_ROOT%{_libdir}/httpd/modules/
+install -pm 644 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/
+
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+
+%files
+%defattr(-,root,root,-)
+%doc README LICENSE CHANGELOG test.pl
+%config(noreplace) %{_sysconfdir}/httpd/conf.d/*
+%{_libdir}/httpd/modules/*
+
+
+%changelog
+* Sat Mar 31 2012 Remi Collet <RPMS@FamilleCollet.com> - 1.1.1-4
+- rebuild for remi repo and httpd 2.4
+
+* Sat Mar 31 2012 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 1.10.1-13
+- adapt to httpd-2.4: changed remote_ip to client_ip
+
+* Thu Mar 29 2012 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 1.10.1-12
+- apxs moved to bindir, do not use sbindir macro
+
+* Tue Mar 27 2012 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> - 1.10.1-11
+- Rebuild for new httpd-mmn
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.10.1-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.10.1-9
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.10.1-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.10.1-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Mon Aug 11 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 1.10.1-6
+- fix license tag
+
+* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 1.10.1-5.1
+- Autorebuild for GCC 4.3
+
+* Wed Sep 05 2007 Konstantin Ryabitsev <icon@fedoraproject.org> - 1.10.1-4.1
+- Rebuild for APR changes
+
+* Wed Aug 29 2007 Fedora Release Engineering <rel-eng at fedoraproject dot org> - 1.10.1-4
+- Rebuild for selinux ppc32 issue.
+
+* Tue Apr 10 2007 Konstantin Ryabitsev <icon@fedoraproject.org> - 1.10.1-3
+- Modify the URL and finally import into extras.
+
+* Mon Jan 29 2007 Konstantin Ryabitsev <icon@fedoraproject.org> - 1.10.1-2
+- The source moved to another domain since last year.
+- use _sbindir macro for apxs.
+
+* Tue Dec 06 2005 Konstantin Ryabitsev <icon@fedoraproject.org> - 1.10.1-1
+- Cleaning up description
+- Cleaning up install
+- Slight modification to default config (add DOSWhitelist entries)
+- Disttagging
+- Adding test.pl to docs
+
+* Wed Nov 16 2005 Kosntantin Ryabitsev <icon@fedoraproject.org> - 1.10.1-0.1
+- Initial packaging.