Issues (not surprising) with mod_security_dev packages



  • Hi folks,

    Thanks to all who work hard to make pfSense the great product that it is!

    Using:

    2.2.4-RELEASE (amd64)
    built on Sat Jul 25 19:57:37 CDT 2015
    FreeBSD 10.1-RELEASE-p15

    Just wanted to warn folks about the "Apache with mod_security-dev" and "Proxy Server with mod_security" packages.  I have confirmed that they are, indeed ALPHA status.

    I had been hoping to set up a way to monitor and log HTTP(S) traffic to and from some web servers (at a single IP address) on our LAN.  After lots of searching, I'm not really sure how to fully use these packages, as I wasn't able to find much helpful documentation, but thought I'd give them a try.  Also, I'm not sure at all which package of the two to select, in order to just monitor and record web server traffic.

    Anyway, after being unsuccessful getting either to function properly, I have run out of time, but just wanted to point out the following, in case it helps anyone:

    It seems "Apache with mod_security-dev", at least, has issues with the Apache httpd.conf file.  There seem to be numerous  errors in this file, which I don't have time to fix, unfortunately.  It seems Apache uses this file:

    /usr/pbi/proxy_mod_security-amd64/local/etc/apache24/httpd.conf

    even though Apache spits out errors similar to this when attempting to "onestart" it from a CLI:

    Performing sanity check on apache24 configuration:
    AH00526: Syntax error on line 591 of /usr/local/etc/apache24/httpd.conf:
    ModSecurity: No action id present within the rule
    Starting apache24.
    AH00526: Syntax error on line 591 of /usr/local/etc/apache24/httpd.conf:
    ModSecurity: No action id present within the rule
    /usr/pbi/proxy_mod_security-amd64/local/etc/rc.d/apache24: WARNING: failed to start apache24

    Sorry I don't have more time to investigate, and also if this is posted in the incorrect location.

    Thanks,

    phs


Log in to reply