1 # Copyright 1999-2018 Gentoo Authors
2 # Distributed under the terms of the GNU General Public License v2
11 DESCRIPTION="Application firewall and intrusion detection for Apache"
12 HOMEPAGE="http://www.modsecurity.org/"
13 SRC_URI="http://www.modsecurity.org/tarball/${PV}/${MY_P}.tar.gz"
18 IUSE="doc fuzzyhash geoip jit json lua mlogc"
20 COMMON_DEPEND="dev-libs/apr
21 dev-libs/apr-util[openssl]
23 dev-libs/libpcre[jit?]
24 fuzzyhash? ( app-crypt/ssdeep )
25 json? ( dev-libs/yajl )
26 lua? ( dev-lang/lua:0 )
27 mlogc? ( net-misc/curl )
28 www-servers/apache[apache2_modules_unique_id]"
29 DEPEND="${COMMON_DEPEND}
30 doc? ( app-doc/doxygen )"
31 RDEPEND="${COMMON_DEPEND}
32 geoip? ( dev-libs/geoip )
33 mlogc? ( dev-lang/perl )"
34 PDEPEND=">=www-apache/modsecurity-crs-2.2.6-r1"
36 S="${WORKDIR}/${MY_P}"
38 APACHE2_MOD_FILE="apache2/.libs/${PN}2.so"
39 APACHE2_MOD_CONF="79_${PN}"
40 APACHE2_MOD_DEFINE="SECURITY"
42 # Tests require symbols only defined within the Apache binary.
48 econf --enable-shared \
50 --with-apxs="${APXS}" \
51 --enable-request-early \
53 $(use_with fuzzyhash ssdeep) \
54 $(use_with json yajl) \
57 $(use_enable lua lua-cache) \
58 $(use_enable jit pcre-jit)
64 # Building the docs is broken at the moment, see e.g.
65 # https://github.com/SpiderLabs/ModSecurity/issues/1322
67 doxygen doc/doxygen-apache.conf || die 'failed to build documentation'
72 apache-module_src_install
74 dodoc CHANGES README.TXT modsecurity.conf-recommended
77 dodoc -r doc/apache/html
82 newins mlogc/mlogc-default.conf mlogc.conf
84 dobin mlogc/mlogc-batch-load.pl
85 newdoc mlogc/INSTALL INSTALL-mlogc
88 # Use /var/lib instead of /var/cache. This stuff is "persistent,"
89 # and isn't a cached copy of something that we can recreate.
91 keepdir /var/lib/modsecurity
92 fowners apache:apache /var/lib/modsecurity
93 fperms 0750 /var/lib/modsecurity
94 for dir in data tmp upload; do
95 keepdir "/var/lib/modsecurity/${dir}"
96 fowners apache:apache "/var/lib/modsecurity/${dir}"
97 fperms 0750 "/var/lib/modsecurity/${dir}"
102 elog "The base configuration file has been renamed ${APACHE2_MOD_CONF}"
103 elog "so that you can put your own configuration in (for example)"
104 elog "90_modsecurity_local.conf."
106 elog "That would be the correct place for site-global security rules."
107 elog "Note: 80_modsecurity_crs.conf is used by www-apache/modsecurity-crs"