Add mod_extract_forwarded2 0.1,

an Apache module that can make proxied requests appear with client IP.

PR:             59094
Approved by:    erwin (mentor)

6 files changed, 65 insertions, 0 deletions

diff --git a/www/Makefile b/www/Makefile
index c1e24f1e661b..b70e90fd101e 100644
--- a/www/Makefile
+++ b/www/Makefile
@@ -219,6 +219,7 @@
     SUBDIR += mod_dtcl
     SUBDIR += mod_encoding
     SUBDIR += mod_extract_forwarded
+    SUBDIR += mod_extract_forwarded2
     SUBDIR += mod_fastcgi
     SUBDIR += mod_filter
     SUBDIR += mod_frontpage
diff --git a/www/mod_extract_forwarded2/Makefile b/www/mod_extract_forwarded2/Makefile
new file mode 100644
index 000000000000..826a4e0386b0
--- /dev/null
+++ b/www/mod_extract_forwarded2/Makefile
@@ -0,0 +1,34 @@
+# New ports collection makefile for:	mod_extract_forwarded2
+# Date created:				Sun Nov  9
+# Whom:					Clement Laforet <sheepkiller@cultdeadsheep.org>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	mod_extract_forwarded2
+PORTVERSION=	0.1
+CATEGORIES=	www
+MASTER_SITES=	http://www.cotds.org/${PORTNAME}/
+DIST_SUBDIR=	apache2
+
+MAINTAINER=	sheepkiller@cultdeadsheep.or
+COMMENT=	An Apache module that can make proxied requests appear with client IP
+
+USE_APACHE=	yes
+WITH_APACHE2=	yes
+PORTDOCS=	doc.html README
+
+do-build:
+	cd ${WRKSRC} && ${APXS} -c ${PORTNAME}.c
+
+do-install:
+	cd ${WRKSRC} && ${APXS} -A -i -n extract_forwarded ${PORTNAME}.la
+.if !defined(NOPORTDOCS)
+	${MKDIR} ${DOCSDIR}
+.for f in ${PORTDOCS}
+	${INSTALL_DATA} ${WRKSRC}/${f} ${DOCSDIR}
+.endfor
+.endif
+	${CAT} ${PKGMESSAGE}
+
+.include <bsd.port.mk>
diff --git a/www/mod_extract_forwarded2/distinfo b/www/mod_extract_forwarded2/distinfo
new file mode 100644
index 000000000000..b66414ef9d9f
--- /dev/null
+++ b/www/mod_extract_forwarded2/distinfo
@@ -0,0 +1 @@
+MD5 (apache2/mod_extract_forwarded2-0.1.tar.gz) = 2359d40383c0cb7cc298dc92f4f89b74
diff --git a/www/mod_extract_forwarded2/pkg-descr b/www/mod_extract_forwarded2/pkg-descr
new file mode 100644
index 000000000000..a127605b6b6d
--- /dev/null
+++ b/www/mod_extract_forwarded2/pkg-descr
@@ -0,0 +1,11 @@
+mod_extract_forwarded2 hooks itself into Apache's header parsing phase and looks
+for the X-Forwarded-For header which some (most?) proxies add to the proxied
+HTTP requests. It extracts the IP from the X-Forwarded-For and modifies the
+connection data so to the rest of Apache the request looks like it came from
+that IP rather than the proxy IP.
+
+mod_extract_forwarded can be dangerous for host based access control because
+X-Forwarded-For is easily spoofed. Because of this you can configure which
+proxies you trust or don't trust.
+
+WWW: http://www.cotds.org/mod_extract_forwarded2/
diff --git a/www/mod_extract_forwarded2/pkg-message b/www/mod_extract_forwarded2/pkg-message
new file mode 100644
index 000000000000..de71faa90343
--- /dev/null
+++ b/www/mod_extract_forwarded2/pkg-message
@@ -0,0 +1,15 @@
+************************************************************
+You've installed mod_extract_forward, an Apache module that
+can make proxied requests appear with client IPs.
+
+Edit your apache.conf or httpd.conf to enable and setup this
+module. Have a look at the files in
+${PREFIX}/share/doc/mod_extract_forward for information on
+how to configure it.
+
+Then do this to make it work effective:
+
+# apachectl configtest (see if there are any config errors)
+# apachectl restart
+
+************************************************************
diff --git a/www/mod_extract_forwarded2/pkg-plist b/www/mod_extract_forwarded2/pkg-plist
new file mode 100644
index 000000000000..6b8324c59fa9
--- /dev/null
+++ b/www/mod_extract_forwarded2/pkg-plist
@@ -0,0 +1,3 @@
+libexec/apache2/mod_extract_forwarded2.so
+@exec %D/sbin/apxs -e -A -n extract_forwarded %D/%F
+@unexec %D/sbin/apxs -e -A -n extract_forwarded %D/%F