Apache
概要 [#v40bfdb6]
接続元IPアドレスをSPAMHAUSを参照することで、ブラックリストに登録されている接続元からの接続を拒否することが可能です。
インストール手順 [#y62ae71e]
# mod_spamhaus
# cd /usr/local/src
# wget http://downloads.sourceforge.net/project/mod-spamhaus/mod-spamhaus/0.7/mod-spamhaus-0.7.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fmod-spamhaus%2F&ts=1385709161&use_mirror=jaist
# tar xfvz mod-spamhaus-0.7.tar.gz
# cd mod-spamhaus
# which apxs2
/usr/bin/which: no apxs2 in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)
# which apxs
/usr/sbin/apxs
# vi Makefile
APXS=apxs2
>
APXS=apxs
# make
apxs -Wc, -Wc,-DDST_CLASS=3 -c src/mod_spamhaus.c
/usr/lib64/apr-1/build/libtool --silent --mode=compile gcc -prefer-pic -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wformat-security -fno-strict-aliasing -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -pthread -I/usr/include/httpd -I/usr/include/apr-1 -I/usr/include/apr-1 -DDST_CLASS=3 -c -o src/mod_spamhaus.lo src/mod_spamhaus.c && touch src/mod_spamhaus.slo
src/mod_spamhaus.c: In function ‘update_whitelist’:
src/mod_spamhaus.c:127: 警告: statement with no effect
src/mod_spamhaus.c:139: 警告: ignoring return value of ‘fgets’, declared with attribute warn_unused_result
src/mod_spamhaus.c: In function ‘check_whitelist’:
src/mod_spamhaus.c:174: 警告: statement with no effect
src/mod_spamhaus.c: In function ‘core’:
src/mod_spamhaus.c:249: 警告: statement with no effect
src/mod_spamhaus.c: In function ‘white_list_conf’:
src/mod_spamhaus.c:328: 警告: statement with no effect
src/mod_spamhaus.c:339: 警告: statement with no effect
src/mod_spamhaus.c: In function ‘dns_to_query’:
src/mod_spamhaus.c:351: 警告: statement with no effect
src/mod_spamhaus.c: In function ‘looking_for’:
src/mod_spamhaus.c:363: 警告: statement with no effect
src/mod_spamhaus.c: In function ‘num_cached_ip’:
src/mod_spamhaus.c:374: 警告: statement with no effect
src/mod_spamhaus.c: In function ‘custom_err_cfg’:
src/mod_spamhaus.c:388: 警告: statement with no effect
src/mod_spamhaus.c: In function ‘add_cache’:
src/mod_spamhaus.c:237: 警告: 制御が非 void 関数の終りに到達しました
/usr/lib64/apr-1/build/libtool --silent --mode=link gcc -o src/mod_spamhaus.la -rpath /usr/lib64/httpd/modules -module -avoid-version src/mod_spamhaus.lo
write "make install" to install module
# make install
apxs -Wc, -Wc,-DDST_CLASS=3 -i -a -n spamhaus src/mod_spamhaus.la
/usr/lib64/httpd/build/instdso.sh SH_LIBTOOL='/usr/lib64/apr-1/build/libtool' src/mod_spamhaus.la /usr/lib64/httpd/modules
/usr/lib64/apr-1/build/libtool --mode=install cp src/mod_spamhaus.la /usr/lib64/httpd/modules/
libtool: install: cp src/.libs/mod_spamhaus.so /usr/lib64/httpd/modules/mod_spamhaus.so
libtool: install: cp src/.libs/mod_spamhaus.lai /usr/lib64/httpd/modules/mod_spamhaus.la
libtool: install: cp src/.libs/mod_spamhaus.a /usr/lib64/httpd/modules/mod_spamhaus.a
libtool: install: chmod 644 /usr/lib64/httpd/modules/mod_spamhaus.a
libtool: install: ranlib /usr/lib64/httpd/modules/mod_spamhaus.a
libtool: finish: PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin:/sbin" ldconfig -n /usr/lib64/httpd/modules
----------------------------------------------------------------------
Libraries have been installed in:
/usr/lib64/httpd/modules
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,-rpath -Wl,LIBDIR' linker flag
- have your system administrator add LIBDIR to `/etc/ld.so.conf'
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
chmod 755 /usr/lib64/httpd/modules/mod_spamhaus.so
[activating module `spamhaus' in /etc/httpd/conf/httpd.conf]
# cd /etc/httpd/conf/
# view httpd.conf
LoadModule spamhaus_module /usr/lib64/httpd/modules/mod_spamhaus.so
# cp -p hogehoge.conf hogehoge.conf.`date +%Y%m%d` <==設定ファイルをコピー
# vi hogehoge.conf <==対象の設定ファイルを参照。VirtualHostであればそのconfファイルに書く。
<IfModule mod_spamhaus.c>
MS_METHODS POST,PUT,OPTIONS,CONNECT
#MS_WhiteList /etc/spamhaus.wl
MS_WhiteList /etc/httpd/conf.d/spamhaus.wl
#MS_Dns local.rbldnsd.instance.of.sbl-xbl
MS_CacheSize 256
#MS_CustomError "My custom error"
</IfModule>
# service httpd configtest
# service httpd graceful