#はじめに
DOS対策で、mod_dosdetectorを導入しようとしたら、apxsコマンドがないと怒られました。(こちらの記事より)
Makefileの中身を編集して、apxsコマンドを実行できるようにするも、よくわからないエラーが出ました。。。
mod_dosdetector.c:262:25: error: 'conn_rec' has no member named 'remote_ip'
address = r->connection->remote_ip;
^
mod_dosdetector.c:275:22: error: 'conn_rec' has no member named 'remote_addr'
addr = r->connection->remote_addr->sa.sin.sin_addr;
#原因(構造体なるものがApache2.2とApache2.4では異なるらしい)
こちらの方の記事によると、**「conn_rec構造体のメンバ名がApache2.2からApache2.4で変更されたっぽい」**です。
よくわからないですが、
Apache2.4から変更になったようですね!
#解決策(mod_dosdetector.c内のremote_ipをclient_ipに、remote_addrをclient_addr変更!)
●変更前
# vi /tmp/mod_dosdetector-0.2/mod_dosdetector.c ※該当箇所付近を抜粋!
262 address = r->connection->remote_ip; ★「remote_ip」を「client_ip」に変更!
263
264 ap_regmatch_t regmatch[AP_MAX_REG_MATCH];
265 ap_regex_t **contenttype_regexp = (ap_regex_t **) cfg->contenttype_regexp->elts;
266 for (i = 0; i < cfg->contenttype_regexp->nelts; i++) {
267 if(!ap_regexec(contenttype_regexp[i], content_type, AP_MAX_REG_MATCH, regmatch, 0)){
268 //ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, 0, "ignoring content-type: %s", content_type);
269 return OK;
270 }
271 }
272 DEBUGLOG("dosdetector: processing content-type: %s", content_type);
273
274 struct in_addr addr;
275 addr = r->connection->remote_addr->sa.sin.sin_addr; ★「remote_addr」を「client_addr」に変更!
276 if(addr.s_addr == 0){
277 inet_aton(address, &addr);
●変更後
# vi /tmp/mod_dosdetector-0.2/mod_dosdetector.c ※該当箇所付近を抜粋!
262 address = r->connection->client_ip; ★変更箇所
263
264 ap_regmatch_t regmatch[AP_MAX_REG_MATCH];
265 ap_regex_t **contenttype_regexp = (ap_regex_t **) cfg->contenttype_regexp->elts;
266 for (i = 0; i < cfg->contenttype_regexp->nelts; i++) {
267 if(!ap_regexec(contenttype_regexp[i], content_type, AP_MAX_REG_MATCH, regmatch, 0)){
268 //ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, 0, "ignoring content-type: %s", content_type);
269 return OK;
270 }
271 }
272 DEBUGLOG("dosdetector: processing content-type: %s", content_type);
273
274 struct in_addr addr;
275 addr = r->connection->client_addr->sa.sin.sin_addr; ★変更箇所
276 if(addr.s_addr == 0){
277 inet_aton(address, &addr);
##makeします。
# make(mod_dosdetector-0.2ディレクトリ内で実行しています。)
/bin/apxs -c mod_dosdetector.c
/usr/lib64/apr15u-1/build/libtool --silent --mode=compile gcc -std=gnu99 -prefer-pic -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -DLINUX -D_REENTRANT -D_GNU_SOURCE -pthread -I/usr/include/httpd -I/usr/include/apr15u-1 -I/usr/include/apr15u-1 -c -o mod_dosdetector.lo mod_dosdetector.c && touch mod_dosdetector.slo
mod_dosdetector.c: In function 'create_shm':
mod_dosdetector.c:143:5: warning: format '%d' expects argument of type 'int', but argument 9 has type 'size_t' [-Wformat=]
ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
^
mod_dosdetector.c: In function 'dosdetector_handler':
mod_dosdetector.c:260:5: warning: implicit declaration of function 'ap_default_type' [-Wimplicit-function-declaration]
if (!content_type) content_type = ap_default_type(r);
^
mod_dosdetector.c:260:37: warning: assignment makes pointer from integer without a cast [enabled by default]
if (!content_type) content_type = ap_default_type(r);
^
mod_dosdetector.c:283:6: warning: unused variable 'last_count' [-Wunused-variable]
int last_count = client->count;
^
mod_dosdetector.c: In function 'register_hooks':
mod_dosdetector.c:465:8: warning: ignoring return value of 'tmpnam', declared with attribute warn_unused_result [-Wunused-result]
tmpnam(shm_name);
^
mod_dosdetector.c: In function 'create_shm':
mod_dosdetector.c:135:8: warning: ignoring return value of 'tmpnam', declared with attribute warn_unused_result [-Wunused-result]
tmpnam(lock_name);
^
/usr/lib64/apr15u-1/build/libtool --silent --mode=link gcc -std=gnu99 -Wl,-z,relro,-z,now -o mod_dosdetector.la -rpath /usr/lib64/httpd/modules -module -avoid-version mod_dosdetector.lo
.libs/mod_dosdetector.o: In function `register_hooks':
/tmp/mod_dosdetector-0.2/mod_dosdetector.c:465: warning: the use of `tmpnam' is dangerous, better use `mkstemp'
##makeインストールします。
# make install(mod_dosdetector-0.2ディレクトリ内で実行しています。)
/bin/apxs -c mod_dosdetector.c
/usr/lib64/apr15u-1/build/libtool --silent --mode=compile gcc -std=gnu99 -prefer-pic -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -DLINUX -D_REENTRANT -D_GNU_SOURCE -pthread -I/usr/include/httpd -I/usr/include/apr15u-1 -I/usr/include/apr15u-1 -c -o mod_dosdetector.lo mod_dosdetector.c && touch mod_dosdetector.slo
mod_dosdetector.c: In function 'create_shm':
mod_dosdetector.c:143:5: warning: format '%d' expects argument of type 'int', but argument 9 has type 'size_t' [-Wformat=]
ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
^
mod_dosdetector.c: In function 'dosdetector_handler':
mod_dosdetector.c:260:5: warning: implicit declaration of function 'ap_default_type' [-Wimplicit-function-declaration]
if (!content_type) content_type = ap_default_type(r);
^
mod_dosdetector.c:260:37: warning: assignment makes pointer from integer without a cast [enabled by default]
if (!content_type) content_type = ap_default_type(r);
^
mod_dosdetector.c:283:6: warning: unused variable 'last_count' [-Wunused-variable]
int last_count = client->count;
^
mod_dosdetector.c: In function 'register_hooks':
mod_dosdetector.c:465:8: warning: ignoring return value of 'tmpnam', declared with attribute warn_unused_result [-Wunused-result]
tmpnam(shm_name);
^
mod_dosdetector.c: In function 'create_shm':
mod_dosdetector.c:135:8: warning: ignoring return value of 'tmpnam', declared with attribute warn_unused_result [-Wunused-result]
tmpnam(lock_name);
^
/usr/lib64/apr15u-1/build/libtool --silent --mode=link gcc -std=gnu99 -Wl,-z,relro,-z,now -o mod_dosdetector.la -rpath /usr/lib64/httpd/modules -module -avoid-version mod_dosdetector.lo
.libs/mod_dosdetector.o: In function `register_hooks':
/tmp/mod_dosdetector-0.2/mod_dosdetector.c:465: warning: the use of `tmpnam' is dangerous, better use `mkstemp'
/bin/apxs -c -i -a -n 'dosdetector' mod_dosdetector.c
/usr/lib64/apr15u-1/build/libtool --silent --mode=compile gcc -std=gnu99 -prefer-pic -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -DLINUX -D_REENTRANT -D_GNU_SOURCE -pthread -I/usr/include/httpd -I/usr/include/apr15u-1 -I/usr/include/apr15u-1 -c -o mod_dosdetector.lo mod_dosdetector.c && touch mod_dosdetector.slo
mod_dosdetector.c: In function 'create_shm':
mod_dosdetector.c:143:5: warning: format '%d' expects argument of type 'int', but argument 9 has type 'size_t' [-Wformat=]
ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
^
mod_dosdetector.c: In function 'dosdetector_handler':
mod_dosdetector.c:260:5: warning: implicit declaration of function 'ap_default_type' [-Wimplicit-function-declaration]
if (!content_type) content_type = ap_default_type(r);
^
mod_dosdetector.c:260:37: warning: assignment makes pointer from integer without a cast [enabled by default]
if (!content_type) content_type = ap_default_type(r);
^
mod_dosdetector.c:283:6: warning: unused variable 'last_count' [-Wunused-variable]
int last_count = client->count;
^
mod_dosdetector.c: In function 'register_hooks':
mod_dosdetector.c:465:8: warning: ignoring return value of 'tmpnam', declared with attribute warn_unused_result [-Wunused-result]
tmpnam(shm_name);
^
mod_dosdetector.c: In function 'create_shm':
mod_dosdetector.c:135:8: warning: ignoring return value of 'tmpnam', declared with attribute warn_unused_result [-Wunused-result]
tmpnam(lock_name);
^
/usr/lib64/apr15u-1/build/libtool --silent --mode=link gcc -std=gnu99 -Wl,-z,relro,-z,now -o mod_dosdetector.la -rpath /usr/lib64/httpd/modules -module -avoid-version mod_dosdetector.lo
.libs/mod_dosdetector.o: In function `register_hooks':
/tmp/mod_dosdetector-0.2/mod_dosdetector.c:465: warning: the use of `tmpnam' is dangerous, better use `mkstemp'
/usr/lib64/httpd/build/instdso.sh SH_LIBTOOL='/usr/lib64/apr15u-1/build/libtool' mod_dosdetector.la /usr/lib64/httpd/modules
/usr/lib64/apr15u-1/build/libtool --mode=install install mod_dosdetector.la /usr/lib64/httpd/modules/
libtool: install: install .libs/mod_dosdetector.so /usr/lib64/httpd/modules/mod_dosdetector.so
libtool: install: install .libs/mod_dosdetector.lai /usr/lib64/httpd/modules/mod_dosdetector.la
libtool: install: install .libs/mod_dosdetector.a /usr/lib64/httpd/modules/mod_dosdetector.a
libtool: install: chmod 644 /usr/lib64/httpd/modules/mod_dosdetector.a
libtool: install: ranlib /usr/lib64/httpd/modules/mod_dosdetector.a
libtool: finish: PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin:/root/bin:/usr/sbin/apxs:/root/bin:/usr/sbin/apxs:/root/bin:/root/bin:/sbin" ldconfig -n /usr/lib64/httpd/modules
----------------------------------------------------------------------
Libraries have been installed in:
/usr/lib64/httpd/modules
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,-rpath -Wl,LIBDIR' linker flag
- have your system administrator add LIBDIR to `/etc/ld.so.conf'
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
chmod 755 /usr/lib64/httpd/modules/mod_dosdetector.so
[activating module `dosdetector' in /etc/httpd/conf/httpd.conf]
なにやら警告はいろいろ出てますが、インストールできました!
httpd.conf内に、LoadModule dosdetector_module /usr/lib64/httpd/modules/mod_dosdetector.so
が追記され、追記前の古い設定ファイルはhttpd.conf.bakとして保存されています。