Closed hexgu closed 3 years ago
--with-pcre=pcre-8.43
/bin/sh: line 0: cd: pcre-8.43: No such file or directory
请确保路径 ./pcre-8.43
存在,从当前的信息来看不属于本模块的问题。
您好
pcre 问题我依旧无法解决,所以我选择了编译动态模块,但是我仍然无法正常编译
root@VM-4-13-debian:/usr/local/src/nginx-1.18.0# make modules
make -f objs/Makefile modules
make[1]: Entering directory '/usr/local/src/nginx-1.18.0'
cc -c -fPIC -pipe -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g -I src/core -I src/event -I src/event/modules -I src/os/unix -I /usr/local/src/ngx_waf/inc -I /usr/local/src/uthash/include -I objs -I src/http -I src/http/modules \
-o objs/addon/src/ngx_http_waf_module_core.o \
/usr/local/src/ngx_waf/src/ngx_http_waf_module_core.c
cc -c -fPIC -pipe -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g -I src/core -I src/event -I src/event/modules -I src/os/unix -I /usr/local/src/ngx_waf/inc -I /usr/local/src/uthash/include -I objs -I src/http -I src/http/modules \
-o objs/addon/src/libinjection_html5.o \
/usr/local/src/ngx_waf/inc/libinjection/src/libinjection_html5.c
cc -c -fPIC -pipe -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g -I src/core -I src/event -I src/event/modules -I src/os/unix -I /usr/local/src/ngx_waf/inc -I /usr/local/src/uthash/include -I objs -I src/http -I src/http/modules \
-o objs/addon/src/libinjection_sqli.o \
/usr/local/src/ngx_waf/inc/libinjection/src/libinjection_sqli.c
cc -c -fPIC -pipe -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g -I src/core -I src/event -I src/event/modules -I src/os/unix -I /usr/local/src/ngx_waf/inc -I /usr/local/src/uthash/include -I objs -I src/http -I src/http/modules \
-o objs/addon/src/libinjection_xss.o \
/usr/local/src/ngx_waf/inc/libinjection/src/libinjection_xss.c
cc -c -fPIC -pipe -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g -I src/core -I src/event -I src/event/modules -I src/os/unix -I /usr/local/src/ngx_waf/inc -I /usr/local/src/uthash/include -I objs -I src/http -I src/http/modules \
-o objs/ngx_http_waf_module_modules.o \
objs/ngx_http_waf_module_modules.c
cc -o objs/ngx_http_waf_module.so \
objs/addon/src/ngx_http_waf_module_core.o \
objs/addon/src/libinjection_html5.o \
objs/addon/src/libinjection_sqli.o \
objs/addon/src/libinjection_xss.o \
objs/ngx_http_waf_module_modules.o \
-l sodium \
-shared
make[1]: Leaving directory '/usr/local/src/nginx-1.18.0'
从给出的信息来看动态模块是编译成功的。PCRE 库的路径是否正确,权限是否正确?我使用 nginx-1.19.10 和 pcre-8.43 加上本模块,按照静态模块的编译方式一切正常。
您好
PCRE 库的路径我手动下载了一份源码然后在
./configure ARG --add-module=/usr/local/src/ngx_waf
后手动指定了--with-pcre=/opt/pcre-8.43
PCRE 库的路径
目前可以静态模块编译了
此外我刚刚编译好的动态模块并没有办法在 nginx 的配置文件顶部添加load_module "/usr/local/nginx/modules/ngx_http_waf_module.so";
提示
nginx: [emerg] module "/www/server/nginx/src/modules/ngx_http_waf_module.so" is not binary compatible in /www/server/nginx/conf/nginx.conf:1
nginx: configuration file /www/server/nginx/conf/nginx.conf test failed
静态模块在替换 nginx 的二进制文件后修改 nginx.conf 过程中报错
nginx: [emerg] "waf" directive is not allowed here in /www/server/nginx/conf/nginx.conf:73
nginx: configuration file /www/server/nginx/conf/nginx.conf test failed
静态模块在替换 nginx 的二进制文件后修改 nginx.conf 过程中报错
nginx: [emerg] "waf" directive is not allowed here in /www/server/nginx/conf/nginx.conf:73 nginx: configuration file /www/server/nginx/conf/nginx.conf test failed
本模块的相关配置写错位置了吧,必须写到 server 块里。
server
{
listen 888;
server_name phpmyadmin;
index index.html index.htm index.php;
root /www/server/phpmyadmin;
location ~ /tmp/ {
return 403;
waf on;
waf_rule_path /usr/local/src/ngx_waf/assets/rules/;
waf_mode STD;
waf_cc_deny rate=1000r/m duration=60m;
waf_cache capacity=50;
}
server { listen 888; server_name phpmyadmin; index index.html index.htm index.php; root /www/server/phpmyadmin; location ~ /tmp/ { return 403; waf on; waf_rule_path /usr/local/src/ngx_waf/assets/rules/; waf_mode STD; waf_cc_deny rate=1000r/m duration=60m; waf_cache capacity=50; }
不支持写到 location 里。
明白了,问题已经解决,感谢
强烈建议提供的信息
如何触发错误。 静态模块make
ngx_waf 的版本/分支。 master
nginx -V
命令的输出内容。 engine version: Tengine/2.3.3 nginx version: nginx/1.18.0 built by gcc 8.3.0 (Debian 8.3.0-6) built with OpenSSL 1.1.1k 25 Mar 2021 TLS SNI support enabled configure arguments: --user=www --group=www --prefix=/www/server/nginx --add-module=/www/server/nginx/src/ngx_devel_kit --add-module=/www/server/nginx/src/lua_nginx_module --add-module=/www/server/ngx_brotli --add-module=/www/server/nginx/src/ngx_cache_purge --add-module=/www/server/nginx/src/nginx-sticky-module --with-openssl=/www/server/nginx/src/openssl --with-pcre=pcre-8.43 --with-http_v2_module --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module --with-http_stub_status_module --with-http_ssl_module --with-http_image_filter_module --with-http_gzip_static_module --with-http_gunzip_module --with-ipv6 --with-http_sub_module --with-http_flv_module --with-http_addition_module --with-http_realip_module --with-http_mp4_module --with-ld-opt=-Wl,-E --with-cc-opt=-Wno-error --with-ld-opt=-ljemalloc --with-http_dav_module --add-module=/www/server/nginx/src/nginx-dav-ext-module出错时
shell
的输出内容。 root@VM-4-13-debian:/usr/local/src/nginx-1.18.0# make make -f objs/Makefile make[1]: Entering directory '/usr/local/src/nginx-1.18.0' cd pcre-8.43 \ && if [ -f Makefile ]; then make distclean; fi \ && CC="cc" CFLAGS="-O2 -fomit-frame-pointer -pipe " \ ./configure --disable-shared /bin/sh: line 0: cd: pcre-8.43: No such file or directory make[1]: [objs/Makefile:2475: pcre-8.43/Makefile] Error 1 make[1]: Leaving directory '/usr/local/src/nginx-1.18.0' make: [Makefile:8: build] Error 2操作系统,包括名称和版本。 Distributor ID: Debian Description: Debian GNU/Linux 10 (buster) Release: 10