- Update to 2.1.0

- Install core rules in DetectionOnly mode with logging in log files only.
  If you don't want to install rules, define SKIP_RULES

PR:		ports/109855
Submitted by:	Ruben van Staveren <ruben at verweg.com>
Approved by:	Dominic Mitchell <dom at happygiraffe.net> (maintainer)

www/mod_security2/Makefile

@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	mod_security2
-PORTVERSION=	2.0.4
+PORTVERSION=	2.1.0
 CATEGORIES=	www security
 MASTER_SITES=	http://www.modsecurity.org/download/
 DISTNAME=	${PORTNAME:S/_//:S/2//}-apache_${PORTVERSION}
@@ -22,8 +22,34 @@ WRKSRCTOP=	${WRKDIR}/${DISTNAME}
 WRKSRC=		${WRKSRCTOP}/apache2
 SRC_FILE=	*.c
 PORTDOCS=	*
-DOCS=		CHANGES LICENSE README.TXT modsecurity.conf-minimal doc
+DOCS=		CHANGES LICENSE README.TXT modsecurity.conf-minimal doc rules
 DOCSDIR=	${TARGETDIR}/share/doc/${MODULENAME}
+SUB_FILES+=	mod_security2.conf
+SUB_LIST+=	APACHEETCDIR="${APACHEETCDIR}"
+
+.if !defined(SKIP_RULES)
+SUB_FILES+=	pkg-message.rules
+
+PLIST_DIRS+=	${APACHEETCDIR}/Includes/mod_security2/blocking
+PLIST_DIRS+=	${APACHEETCDIR}/Includes/mod_security2
+
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/CHANGELOG
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/LICENSE
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/README
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/blocking/modsecurity_crs_20_protocol_violations.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/blocking/modsecurity_crs_21_protocol_anomalies.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/blocking/modsecurity_crs_40_generic_attacks.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_10_config.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_20_protocol_violations.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_21_protocol_anomalies.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_30_http_policy.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_35_bad_robots.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_40_generic_attacks.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_45_trojans.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_50_outbound.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_55_marketing.conf
+.endif
 
 .if defined(WITH_LIBXML2)
 AP_EXTRAS+=	-DWITH_LIBXML2
@@ -32,10 +58,25 @@ AP_LIB=		${LOCALBASE}/lib
 USE_GNOME=	libxml2
 .endif
 
+REINPLACE_ARGS=	-i ""
+
+post-patch:
+	@${REINPLACE_CMD} -e '\
+		s|SecRuleEngine On|SecRuleEngine DetectionOnly|; \
+		s|SecAuditLog.*logs/modsec_audit.log|SecAuditLog /var/log/httpd-modsec2_audit.log|; \
+		s|SecDebugLog.*logs/modsec_debug.log|SecAuditLog /var/log/httpd-modsec2_debug.log|; \
+		s|SecServerSignature "Apache/2.2.0 (Fedora)"|SecServerSignature "Apache/${APACHE_VERSION:C/[0-9]/\0./g}x (${OPSYS})"|; \
+		' ${WRKSRCTOP}/rules/modsecurity_crs_10_config.conf
+
 post-install:
 .if !defined(NOPORTDOCS)
 	@${MKDIR} ${DOCSDIR}
 	@(cd ${WRKSRCTOP} && ${TAR} cf - ${DOCS}) | (cd ${DOCSDIR} && ${TAR} xpof -)
 .endif
+.if !defined(SKIP_RULES)
+	@${INSTALL_DATA} ${WRKDIR}/mod_security2.conf ${PREFIX}/${APACHEETCDIR}/Includes/
+	@cd ${WRKSRCTOP} && ${PAX} -rw -pe -s +rules+mod_security2+ rules ${PREFIX}/${APACHEETCDIR}/Includes
+	@${CAT} ${PKGMESSAGE}
+.endif
 
 .include <bsd.port.mk>

www/mod_security2/distinfo

@@ -1,3 +1,3 @@
-MD5 (modsecurity-apache_2.0.4.tar.gz) = b63f093c7a24b766e6e8c9c8ffc13084
-SHA256 (modsecurity-apache_2.0.4.tar.gz) = 622c3478515c951189334aa9a60ae7e71dfbbc671d983bf2f4b732a5fdd230a1
-SIZE (modsecurity-apache_2.0.4.tar.gz) = 303477
+MD5 (modsecurity-apache_2.1.0.tar.gz) = 2e919766f2878c4ee46334816004dd15
+SHA256 (modsecurity-apache_2.1.0.tar.gz) = fd37d64f7ffe193101da20f6e6e2016105de62948f3976aceaa96f636606fe74
+SIZE (modsecurity-apache_2.1.0.tar.gz) = 650133

www/mod_security21/Makefile

@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	mod_security2
-PORTVERSION=	2.0.4
+PORTVERSION=	2.1.0
 CATEGORIES=	www security
 MASTER_SITES=	http://www.modsecurity.org/download/
 DISTNAME=	${PORTNAME:S/_//:S/2//}-apache_${PORTVERSION}
@@ -22,8 +22,34 @@ WRKSRCTOP=	${WRKDIR}/${DISTNAME}
 WRKSRC=		${WRKSRCTOP}/apache2
 SRC_FILE=	*.c
 PORTDOCS=	*
-DOCS=		CHANGES LICENSE README.TXT modsecurity.conf-minimal doc
+DOCS=		CHANGES LICENSE README.TXT modsecurity.conf-minimal doc rules
 DOCSDIR=	${TARGETDIR}/share/doc/${MODULENAME}
+SUB_FILES+=	mod_security2.conf
+SUB_LIST+=	APACHEETCDIR="${APACHEETCDIR}"
+
+.if !defined(SKIP_RULES)
+SUB_FILES+=	pkg-message.rules
+
+PLIST_DIRS+=	${APACHEETCDIR}/Includes/mod_security2/blocking
+PLIST_DIRS+=	${APACHEETCDIR}/Includes/mod_security2
+
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/CHANGELOG
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/LICENSE
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/README
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/blocking/modsecurity_crs_20_protocol_violations.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/blocking/modsecurity_crs_21_protocol_anomalies.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/blocking/modsecurity_crs_40_generic_attacks.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_10_config.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_20_protocol_violations.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_21_protocol_anomalies.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_30_http_policy.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_35_bad_robots.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_40_generic_attacks.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_45_trojans.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_50_outbound.conf
+PLIST_FILES+=	${APACHEETCDIR}/Includes/mod_security2/modsecurity_crs_55_marketing.conf
+.endif
 
 .if defined(WITH_LIBXML2)
 AP_EXTRAS+=	-DWITH_LIBXML2
@@ -32,10 +58,25 @@ AP_LIB=		${LOCALBASE}/lib
 USE_GNOME=	libxml2
 .endif
 
+REINPLACE_ARGS=	-i ""
+
+post-patch:
+	@${REINPLACE_CMD} -e '\
+		s|SecRuleEngine On|SecRuleEngine DetectionOnly|; \
+		s|SecAuditLog.*logs/modsec_audit.log|SecAuditLog /var/log/httpd-modsec2_audit.log|; \
+		s|SecDebugLog.*logs/modsec_debug.log|SecAuditLog /var/log/httpd-modsec2_debug.log|; \
+		s|SecServerSignature "Apache/2.2.0 (Fedora)"|SecServerSignature "Apache/${APACHE_VERSION:C/[0-9]/\0./g}x (${OPSYS})"|; \
+		' ${WRKSRCTOP}/rules/modsecurity_crs_10_config.conf
+
 post-install:
 .if !defined(NOPORTDOCS)
 	@${MKDIR} ${DOCSDIR}
 	@(cd ${WRKSRCTOP} && ${TAR} cf - ${DOCS}) | (cd ${DOCSDIR} && ${TAR} xpof -)
 .endif
+.if !defined(SKIP_RULES)
+	@${INSTALL_DATA} ${WRKDIR}/mod_security2.conf ${PREFIX}/${APACHEETCDIR}/Includes/
+	@cd ${WRKSRCTOP} && ${PAX} -rw -pe -s +rules+mod_security2+ rules ${PREFIX}/${APACHEETCDIR}/Includes
+	@${CAT} ${PKGMESSAGE}
+.endif
 
 .include <bsd.port.mk>

www/mod_security21/distinfo

@@ -1,3 +1,3 @@
-MD5 (modsecurity-apache_2.0.4.tar.gz) = b63f093c7a24b766e6e8c9c8ffc13084
-SHA256 (modsecurity-apache_2.0.4.tar.gz) = 622c3478515c951189334aa9a60ae7e71dfbbc671d983bf2f4b732a5fdd230a1
-SIZE (modsecurity-apache_2.0.4.tar.gz) = 303477
+MD5 (modsecurity-apache_2.1.0.tar.gz) = 2e919766f2878c4ee46334816004dd15
+SHA256 (modsecurity-apache_2.1.0.tar.gz) = fd37d64f7ffe193101da20f6e6e2016105de62948f3976aceaa96f636606fe74
+SIZE (modsecurity-apache_2.1.0.tar.gz) = 650133