Apache

概要 [#v40bfdb6]

接続元IPアドレスをSPAMHAUSを参照することで、ブラックリストに登録されている接続元からの接続を拒否することが可能です。

インストール手順 [#y62ae71e]

 # mod_spamhaus
 
 # cd /usr/local/src
 # wget http://downloads.sourceforge.net/project/mod-spamhaus/mod-spamhaus/0.7/mod-spamhaus-0.7.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fmod-spamhaus%2F&ts=1385709161&use_mirror=jaist
 # tar xfvz mod-spamhaus-0.7.tar.gz
 # cd mod-spamhaus
 # which apxs2
 /usr/bin/which: no apxs2 in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)
 # which apxs
 /usr/sbin/apxs
 # vi Makefile
 APXS=apxs2
 >
 APXS=apxs
 # make
 apxs -Wc, -Wc,-DDST_CLASS=3 -c src/mod_spamhaus.c
 /usr/lib64/apr-1/build/libtool --silent --mode=compile gcc -prefer-pic -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wformat-security -fno-strict-aliasing  -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -pthread -I/usr/include/httpd  -I/usr/include/apr-1   -I/usr/include/apr-1   -DDST_CLASS=3  -c -o src/mod_spamhaus.lo src/mod_spamhaus.c && touch src/mod_spamhaus.slo
 src/mod_spamhaus.c: In function ‘update_whitelist’:
 src/mod_spamhaus.c:127: 警告: statement with no effect
 src/mod_spamhaus.c:139: 警告: ignoring return value of ‘fgets’, declared with attribute warn_unused_result
 src/mod_spamhaus.c: In function ‘check_whitelist’:
 src/mod_spamhaus.c:174: 警告: statement with no effect
 src/mod_spamhaus.c: In function ‘core’:
 src/mod_spamhaus.c:249: 警告: statement with no effect
 src/mod_spamhaus.c: In function ‘white_list_conf’:
 src/mod_spamhaus.c:328: 警告: statement with no effect
 src/mod_spamhaus.c:339: 警告: statement with no effect
 src/mod_spamhaus.c: In function ‘dns_to_query’:
 src/mod_spamhaus.c:351: 警告: statement with no effect
 src/mod_spamhaus.c: In function ‘looking_for’:
 src/mod_spamhaus.c:363: 警告: statement with no effect
 src/mod_spamhaus.c: In function ‘num_cached_ip’:
 src/mod_spamhaus.c:374: 警告: statement with no effect
 src/mod_spamhaus.c: In function ‘custom_err_cfg’:
 src/mod_spamhaus.c:388: 警告: statement with no effect
 src/mod_spamhaus.c: In function ‘add_cache’:
 src/mod_spamhaus.c:237: 警告: 制御が非 void 関数の終りに到達しました
 /usr/lib64/apr-1/build/libtool --silent --mode=link gcc -o src/mod_spamhaus.la  -rpath /usr/lib64/httpd/modules -module -avoid-version    src/mod_spamhaus.lo
 
 write "make install" to install module
 
 # make install
 apxs -Wc, -Wc,-DDST_CLASS=3 -i -a -n spamhaus src/mod_spamhaus.la
 /usr/lib64/httpd/build/instdso.sh SH_LIBTOOL='/usr/lib64/apr-1/build/libtool' src/mod_spamhaus.la /usr/lib64/httpd/modules
 /usr/lib64/apr-1/build/libtool --mode=install cp src/mod_spamhaus.la /usr/lib64/httpd/modules/
 libtool: install: cp src/.libs/mod_spamhaus.so /usr/lib64/httpd/modules/mod_spamhaus.so
 libtool: install: cp src/.libs/mod_spamhaus.lai /usr/lib64/httpd/modules/mod_spamhaus.la
 libtool: install: cp src/.libs/mod_spamhaus.a /usr/lib64/httpd/modules/mod_spamhaus.a
 libtool: install: chmod 644 /usr/lib64/httpd/modules/mod_spamhaus.a
 libtool: install: ranlib /usr/lib64/httpd/modules/mod_spamhaus.a
 libtool: finish: PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin:/sbin" ldconfig -n /usr/lib64/httpd/modules
 ----------------------------------------------------------------------
 Libraries have been installed in:
    /usr/lib64/httpd/modules
 
 If you ever happen to want to link against installed libraries
 in a given directory, LIBDIR, you must either use libtool, and
 specify the full pathname of the library, or use the `-LLIBDIR'
 flag during linking and do at least one of the following:
    - add LIBDIR to the `LD_LIBRARY_PATH' environment variable
      during execution
    - add LIBDIR to the `LD_RUN_PATH' environment variable
      during linking
    - use the `-Wl,-rpath -Wl,LIBDIR' linker flag
    - have your system administrator add LIBDIR to `/etc/ld.so.conf'
 
 See any operating system documentation about shared libraries for
 more information, such as the ld(1) and ld.so(8) manual pages.
 ----------------------------------------------------------------------
 chmod 755 /usr/lib64/httpd/modules/mod_spamhaus.so
 [activating module `spamhaus' in /etc/httpd/conf/httpd.conf]
 
 # cd /etc/httpd/conf/
 # view httpd.conf
 LoadModule spamhaus_module    /usr/lib64/httpd/modules/mod_spamhaus.so
 
 # cp -p hogehoge.conf hogehoge.conf.`date +%Y%m%d` <==設定ファイルをコピー
 # vi hogehoge.conf <==対象の設定ファイルを参照。VirtualHostであればそのconfファイルに書く。
 <IfModule mod_spamhaus.c>
 MS_METHODS POST,PUT,OPTIONS,CONNECT
 #MS_WhiteList /etc/spamhaus.wl
 MS_WhiteList /etc/httpd/conf.d/spamhaus.wl
 #MS_Dns local.rbldnsd.instance.of.sbl-xbl
 MS_CacheSize 256
 #MS_CustomError "My custom error"
 </IfModule>
 
 # service httpd configtest
 # service httpd graceful