Add mod_extract_forwarded2 0.1,

an Apache module that can make proxied requests appear with client IP.

PR:             59094
Approved by:    erwin (mentor)
This commit is contained in:
Clement Laforet 2004-01-05 12:34:45 +00:00
parent 619fb0143d
commit ed7cfd72f4
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=97343
6 changed files with 65 additions and 0 deletions

View file

@ -219,6 +219,7 @@
SUBDIR += mod_dtcl
SUBDIR += mod_encoding
SUBDIR += mod_extract_forwarded
SUBDIR += mod_extract_forwarded2
SUBDIR += mod_fastcgi
SUBDIR += mod_filter
SUBDIR += mod_frontpage

View file

@ -0,0 +1,34 @@
# New ports collection makefile for: mod_extract_forwarded2
# Date created: Sun Nov 9
# Whom: Clement Laforet <sheepkiller@cultdeadsheep.org>
#
# $FreeBSD$
#
PORTNAME= mod_extract_forwarded2
PORTVERSION= 0.1
CATEGORIES= www
MASTER_SITES= http://www.cotds.org/${PORTNAME}/
DIST_SUBDIR= apache2
MAINTAINER= sheepkiller@cultdeadsheep.or
COMMENT= An Apache module that can make proxied requests appear with client IP
USE_APACHE= yes
WITH_APACHE2= yes
PORTDOCS= doc.html README
do-build:
cd ${WRKSRC} && ${APXS} -c ${PORTNAME}.c
do-install:
cd ${WRKSRC} && ${APXS} -A -i -n extract_forwarded ${PORTNAME}.la
.if !defined(NOPORTDOCS)
${MKDIR} ${DOCSDIR}
.for f in ${PORTDOCS}
${INSTALL_DATA} ${WRKSRC}/${f} ${DOCSDIR}
.endfor
.endif
${CAT} ${PKGMESSAGE}
.include <bsd.port.mk>

View file

@ -0,0 +1 @@
MD5 (apache2/mod_extract_forwarded2-0.1.tar.gz) = 2359d40383c0cb7cc298dc92f4f89b74

View file

@ -0,0 +1,11 @@
mod_extract_forwarded2 hooks itself into Apache's header parsing phase and looks
for the X-Forwarded-For header which some (most?) proxies add to the proxied
HTTP requests. It extracts the IP from the X-Forwarded-For and modifies the
connection data so to the rest of Apache the request looks like it came from
that IP rather than the proxy IP.
mod_extract_forwarded can be dangerous for host based access control because
X-Forwarded-For is easily spoofed. Because of this you can configure which
proxies you trust or don't trust.
WWW: http://www.cotds.org/mod_extract_forwarded2/

View file

@ -0,0 +1,15 @@
************************************************************
You've installed mod_extract_forward, an Apache module that
can make proxied requests appear with client IPs.
Edit your apache.conf or httpd.conf to enable and setup this
module. Have a look at the files in
${PREFIX}/share/doc/mod_extract_forward for information on
how to configure it.
Then do this to make it work effective:
# apachectl configtest (see if there are any config errors)
# apachectl restart
************************************************************

View file

@ -0,0 +1,3 @@
libexec/apache2/mod_extract_forwarded2.so
@exec %D/sbin/apxs -e -A -n extract_forwarded %D/%F
@unexec %D/sbin/apxs -e -A -n extract_forwarded %D/%F