1 --- mod_antihak/mod_antihak.c.orig Tue Nov 20 03:59:29 2001
2 +++ mod_antihak/mod_antihak.c Tue Nov 20 03:59:46 2001
7 -#define IPCHAINS_PATH "/sbin/ipchains"
8 +#define IPCHAINS_PATH "/sbin/iptables"
9 #define SUDO_PATH "/usr/bin/sudo"
11 typedef struct hackentry
13 int antihak_block_ip( request_rec *r )
16 - const char *str_fmt = "%s %s -A input -s %s -d %s 80 -p tcp -j REJECT";
17 + const char *str_fmt = "%s %s -A INPUT -s %s -p tcp --dport 80 -j REJECT";
18 register int fmt_len = ( strlen( r->connection->remote_ip ) +
19 - strlen( r->connection->local_ip ) +
21 strlen( IPCHAINS_PATH ) +
22 strlen( str_fmt ) - 7 );
27 - sprintf( argv, str_fmt, SUDO_PATH, IPCHAINS_PATH, r->connection->remote_ip, r->connection->local_ip );
28 + sprintf( argv, str_fmt, SUDO_PATH, IPCHAINS_PATH, r->connection->remote_ip );
31 // XXXX: Find a replacement for this. execve is not good enough.