]>
Commit | Line | Data |
---|---|---|
dc27ec1e | 1 | --- mod_antihak/mod_antihak.c.orig Tue Nov 20 03:59:29 2001 |
2 | +++ mod_antihak/mod_antihak.c Tue Nov 20 03:59:46 2001 | |
3 | @@ -50,7 +50,7 @@ | |
4 | #include <mysql.h> | |
5 | #endif | |
6 | ||
7 | -#define IPCHAINS_PATH "/sbin/ipchains" | |
8 | +#define IPCHAINS_PATH "/sbin/iptables" | |
9 | #define SUDO_PATH "/usr/bin/sudo" | |
10 | ||
11 | typedef struct hackentry | |
12 | @@ -179,9 +179,8 @@ | |
13 | int antihak_block_ip( request_rec *r ) | |
14 | { | |
15 | char *argv; | |
16 | - const char *str_fmt = "%s %s -A input -s %s -d %s 80 -p tcp -j REJECT"; | |
17 | + const char *str_fmt = "%s %s -A INPUT -s %s -p tcp --dport 80 -j REJECT"; | |
18 | register int fmt_len = ( strlen( r->connection->remote_ip ) + | |
19 | - strlen( r->connection->local_ip ) + | |
20 | strlen( SUDO_PATH ) + | |
21 | strlen( IPCHAINS_PATH ) + | |
22 | strlen( str_fmt ) - 7 ); | |
23 | @@ -198,7 +197,7 @@ | |
24 | return 0; | |
25 | } | |
26 | ||
27 | - sprintf( argv, str_fmt, SUDO_PATH, IPCHAINS_PATH, r->connection->remote_ip, r->connection->local_ip ); | |
28 | + sprintf( argv, str_fmt, SUDO_PATH, IPCHAINS_PATH, r->connection->remote_ip ); | |
29 | ||
30 | // | |
31 | // XXXX: Find a replacement for this. execve is not good enough. |