New port of mod_extract_forwarded, an Apache module that can make proxied

requests appear with client IP. PR: 27998 Submitted by: Anders Nordby <anders@fix.no>
svn path=/head/; revision=44195
2025-01-11 07:22:22 +00:00 · 2001-06-19 01:59:10 +00:00 · 2001-06-19 01:59:10 +00:00 · bf4b2173ef · 2021-03-31 03:12:20 +00:00
commit bf4b2173ef
parent 150a7b6b49
13 changed files with 147 additions and 0 deletions
--- a/www/Makefile
+++ b/www/Makefile
@ -129,6 +129,7 @@
    SUBDIR += mod_csacek
    SUBDIR += mod_dav
    SUBDIR += mod_dtcl
+    SUBDIR += mod_extract_forwarded
    SUBDIR += mod_fastcgi
    SUBDIR += mod_gzip
    SUBDIR += mod_hosts_access
--- a/www/mod_extract_forwarded/Makefile
+++ b/www/mod_extract_forwarded/Makefile
@ -0,0 +1,37 @@
+# New ports collection makefile for:	mod_extract_forwarded
+# Date created:		9 June 2001
+# Whom:			Anders Nordby <anders@fix.no>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	mod_extract_forwarded
+PORTVERSION=	1.2
+CATEGORIES=	www
+MASTER_SITES=	http://web.systhug.com/mod_extract_forwarded/ \
+		http://www.freenix.no/~anders/
+
+MAINTAINER=	anders@fix.no
+
+BUILD_DEPENDS=	${LOCALBASE}/sbin/apxs:${PORTSDIR}/www/apache13
+RUN_DEPENDS=	${LOCALBASE}/sbin/apxs:${PORTSDIR}/www/apache13
+
+WRKSRC=		${WRKDIR}/${PORTNAME}
+
+APXS?=		${LOCALBASE}/sbin/apxs
+DOCS=		mod_extract_forwarded.html README
+
+do-build:
+	cd ${WRKSRC} && ${APXS} -c ${PORTNAME}.c
+
+do-install:
+	cd ${WRKSRC} && ${APXS} -A -i ${PORTNAME}.so
+.if !defined(NOPORTDOCS)
+	${INSTALL} -d -o root -g wheel -m 0755 ${PREFIX}/share/doc/${PORTNAME}
+.for f in ${DOCS}
+	${INSTALL_DATA} ${WRKSRC}/${f} ${PREFIX}/share/doc/${PORTNAME}
+.endfor
+.endif
+	${CAT} ${PKGMESSAGE}
+
+.include <bsd.port.mk>
--- a/www/mod_extract_forwarded/distinfo
+++ b/www/mod_extract_forwarded/distinfo
@ -0,0 +1 @@
+MD5 (mod_extract_forwarded-1.2.tar.gz) = 70ecf6f26f5561377b97ba8cae10e95f
--- a/www/mod_extract_forwarded/pkg-comment
+++ b/www/mod_extract_forwarded/pkg-comment
@ -0,0 +1 @@
+An Apache module that can make proxied requests appear with client IP
--- a/www/mod_extract_forwarded/pkg-descr
+++ b/www/mod_extract_forwarded/pkg-descr
@ -0,0 +1,13 @@
+mod_extract_forwarded hooks itself into Apache's header parsing phase and looks
+for the X-Forwarded-For header which some (most?) proxies add to the proxied
+HTTP requests. It extracts the IP from the X-Forwarded-For and modifies the
+connection data so to the rest of Apache the request looks like it came from
+that IP rather than the proxy IP.
+
+mod_extract_forwarded can be dangerous for host based access control because
+X-Forwarded-For is easily spoofed. Because of this you can configure which
+proxies you trust or don't trust.
+
+WWW: http://web.systhug.com/mod_extract_forwarded/
+
+- Anders Nordby <anders@fix.no>
--- a/www/mod_extract_forwarded/pkg-message
+++ b/www/mod_extract_forwarded/pkg-message
@ -0,0 +1,15 @@
+************************************************************
+You've installed mod_extract_forward, an Apache module that
+can make proxied requests appear with client IPs.
+
+Edit your apache.conf or httpd.conf to enable and setup this
+module. Have a look at the files in
+${PREFIX}/share/doc/mod_extract_forward for information on
+how to configure it.
+
+Then do this to make it work effective:
+
+# apachectl configtest (see if there are any config errors)
+# apachectl restart
+
+************************************************************
--- a/www/mod_extract_forwarded/pkg-plist
+++ b/www/mod_extract_forwarded/pkg-plist
@ -0,0 +1,6 @@
+libexec/apache/mod_extract_forwarded.so
+@exec %D/sbin/apxs -e -A -n extract_forwarded %D/%F
+@unexec %D/sbin/apxs -e -A -n extract_forwarded %D/%F
+%%PORTDOCS%%share/doc/mod_extract_forwarded/mod_extract_forwarded.html
+%%PORTDOCS%%share/doc/mod_extract_forwarded/README
+%%PORTDOCS%%@dirrm share/doc/mod_extract_forwarded
--- a/www/mod_extract_forwarded_ap13/Makefile
+++ b/www/mod_extract_forwarded_ap13/Makefile
@ -0,0 +1,37 @@
+# New ports collection makefile for:	mod_extract_forwarded
+# Date created:		9 June 2001
+# Whom:			Anders Nordby <anders@fix.no>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	mod_extract_forwarded
+PORTVERSION=	1.2
+CATEGORIES=	www
+MASTER_SITES=	http://web.systhug.com/mod_extract_forwarded/ \
+		http://www.freenix.no/~anders/
+
+MAINTAINER=	anders@fix.no
+
+BUILD_DEPENDS=	${LOCALBASE}/sbin/apxs:${PORTSDIR}/www/apache13
+RUN_DEPENDS=	${LOCALBASE}/sbin/apxs:${PORTSDIR}/www/apache13
+
+WRKSRC=		${WRKDIR}/${PORTNAME}
+
+APXS?=		${LOCALBASE}/sbin/apxs
+DOCS=		mod_extract_forwarded.html README
+
+do-build:
+	cd ${WRKSRC} && ${APXS} -c ${PORTNAME}.c
+
+do-install:
+	cd ${WRKSRC} && ${APXS} -A -i ${PORTNAME}.so
+.if !defined(NOPORTDOCS)
+	${INSTALL} -d -o root -g wheel -m 0755 ${PREFIX}/share/doc/${PORTNAME}
+.for f in ${DOCS}
+	${INSTALL_DATA} ${WRKSRC}/${f} ${PREFIX}/share/doc/${PORTNAME}
+.endfor
+.endif
+	${CAT} ${PKGMESSAGE}
+
+.include <bsd.port.mk>
--- a/www/mod_extract_forwarded_ap13/distinfo
+++ b/www/mod_extract_forwarded_ap13/distinfo
@ -0,0 +1 @@
+MD5 (mod_extract_forwarded-1.2.tar.gz) = 70ecf6f26f5561377b97ba8cae10e95f
--- a/www/mod_extract_forwarded_ap13/pkg-comment
+++ b/www/mod_extract_forwarded_ap13/pkg-comment
@ -0,0 +1 @@
+An Apache module that can make proxied requests appear with client IP
--- a/www/mod_extract_forwarded_ap13/pkg-descr
+++ b/www/mod_extract_forwarded_ap13/pkg-descr
@ -0,0 +1,13 @@
+mod_extract_forwarded hooks itself into Apache's header parsing phase and looks
+for the X-Forwarded-For header which some (most?) proxies add to the proxied
+HTTP requests. It extracts the IP from the X-Forwarded-For and modifies the
+connection data so to the rest of Apache the request looks like it came from
+that IP rather than the proxy IP.
+
+mod_extract_forwarded can be dangerous for host based access control because
+X-Forwarded-For is easily spoofed. Because of this you can configure which
+proxies you trust or don't trust.
+
+WWW: http://web.systhug.com/mod_extract_forwarded/
+
+- Anders Nordby <anders@fix.no>
--- a/www/mod_extract_forwarded_ap13/pkg-message
+++ b/www/mod_extract_forwarded_ap13/pkg-message
@ -0,0 +1,15 @@
+************************************************************
+You've installed mod_extract_forward, an Apache module that
+can make proxied requests appear with client IPs.
+
+Edit your apache.conf or httpd.conf to enable and setup this
+module. Have a look at the files in
+${PREFIX}/share/doc/mod_extract_forward for information on
+how to configure it.
+
+Then do this to make it work effective:
+
+# apachectl configtest (see if there are any config errors)
+# apachectl restart
+
+************************************************************
--- a/www/mod_extract_forwarded_ap13/pkg-plist
+++ b/www/mod_extract_forwarded_ap13/pkg-plist
@ -0,0 +1,6 @@
+libexec/apache/mod_extract_forwarded.so
+@exec %D/sbin/apxs -e -A -n extract_forwarded %D/%F
+@unexec %D/sbin/apxs -e -A -n extract_forwarded %D/%F
+%%PORTDOCS%%share/doc/mod_extract_forwarded/mod_extract_forwarded.html
+%%PORTDOCS%%share/doc/mod_extract_forwarded/README
+%%PORTDOCS%%@dirrm share/doc/mod_extract_forwarded
				`@ -0,0 +1 @@`
				`MD5 (mod_extract_forwarded-1.2.tar.gz) = 70ecf6f26f5561377b97ba8cae10e95f`
				`@ -0,0 +1 @@`
				`An Apache module that can make proxied requests appear with client IP`