MINOR: Add Mod Defender integration as contrib This is a service that talks SPOE protocol and uses the Mod Defender (a NAXSI clone) functionality to detect HTTP attacks. It returns a HTTP status code to indicate whether the request is suspicious or not, based on NAXSI rules. The value of the returned code can be used in HAProxy rules to determine if the HTTP request should be blocked/rejected.

commit: 59bb97a19279610b2cbae996bd726c8336cb1a02 [log] [tgz]
author: Dragan Dosen <ddosen@haproxy.com> Fri Jun 02 12:03:16 2017 +0200
committer: Willy Tarreau <w@1wt.eu> Fri Jun 02 12:14:55 2017 +0200
tree: 2f4880fa8015fe9c3dd07c6d426f79529e205f59
parent: 9ac143b6070e78afa3086b676f1049c6eb93cc13 [diff] [blame]
diff --git a/contrib/mod_defender/Makefile b/contrib/mod_defender/Makefile
new file mode 100644
index 0000000..119d824
--- /dev/null
+++ b/contrib/mod_defender/Makefile

@@ -0,0 +1,50 @@
+DESTDIR    =
+PREFIX     = /usr/local
+BINDIR     = $(PREFIX)/bin
+
+CC = gcc
+LD = $(CC)
+
+CXX = g++
+
+ifeq ($(MOD_DEFENDER_SRC),)
+MOD_DEFENDER_SRC := ./mod_defender_src
+endif
+
+ifeq ($(APACHE2_INC),)
+APACHE2_INC := /usr/include/apache2
+endif
+
+ifeq ($(APR_INC),)
+APR_INC := /usr/include/apr-1.0
+endif
+
+CFLAGS  = -g -Wall -pthread
+LDFLAGS = -lpthread  -levent -levent_pthreads -lapr-1 -laprutil-1 -lstdc++
+INCS += -I../../include -I../../ebtree -I$(MOD_DEFENDER_SRC) -I$(APACHE2_INC) -I$(APR_INC)
+LIBS =
+
+CXXFLAGS = -g -std=gnu++11
+CXXINCS += -I$(MOD_DEFENDER_SRC) -I$(MOD_DEFENDER_SRC)/deps -I$(APACHE2_INC) -I$(APR_INC)
+
+SRCS = standalone.o spoa.o defender.o \
+	$(wildcard $(MOD_DEFENDER_SRC)/deps/libinjection/*.c)
+OBJS = $(patsubst %.c, %.o, $(SRCS))
+
+CXXSRCS = $(wildcard $(MOD_DEFENDER_SRC)/*.cpp)
+CXXOBJS = $(patsubst %.cpp, %.o, $(CXXSRCS))
+
+defender: $(OBJS) $(CXXOBJS)
+	$(LD) -o $@ $^ $(LDFLAGS) $(LIBS)
+
+install: defender
+	install defender $(DESTDIR)$(BINDIR)
+
+clean:
+	rm -f defender $(OBJS) $(CXXOBJS)
+
+%.o:	%.c
+	$(CC) $(CFLAGS) $(INCS) -c -o $@ $<
+
+%.o:	%.cpp
+	$(CXX) $(CXXFLAGS) $(CXXINCS) -c -o $@ $<
commit	59bb97a19279610b2cbae996bd726c8336cb1a02	[log] [tgz]
author	Dragan Dosen <ddosen@haproxy.com>	Fri Jun 02 12:03:16 2017 +0200
committer	Willy Tarreau <w@1wt.eu>	Fri Jun 02 12:14:55 2017 +0200
tree	2f4880fa8015fe9c3dd07c6d426f79529e205f59
parent	9ac143b6070e78afa3086b676f1049c6eb93cc13 [diff] [blame]