Open dvmalygin opened 1 month ago
Hi @dvmalygin,
thanks for reporting this issue.
You are right, database with 1MB couldn't be enough.
The simple solution would be using of mdb_env_set_mapsize() to set the expected size of database - but I'm not sure there is a valid value which would be good for everyone.
So I think the final solution would be that we create few new configuration directives which help us to control the database size - and place. (Now the database created in the root directory, of from where the admin starts the engine).
Something like
SecLMDBPath /path/to/database
SecLMDBSize 10485760 # size in bytes
What do you think?
Thanks for your reply. It will be great :)
Hello, I'm using ModSecurity-nginx with lmdb support and REQUEST-912-DOS-PROTECTION rule. The size of the lmdb database (modsec-shared-collections file) is always 1MB and does not change. To determine the actual size of the database, I used the commands described here: https://wiki.samba.org/index.php/Using_the_lmdb_database_backend![image (13)](https://github.com/owasp-modsecurity/ModSecurity-nginx/assets/160104471/3cd826bb-c1b6-42dd-8c26-ba15e038f862)
1MB size is not enough. Not all IP addresses are recorded in the database and "expire" does not work correctly. This is what an entry with "expire" looks like:
key: 0x7f307db15d66 **ip_address**_85a8bfc5e4d8eebd5dee39313b7462b0aacedf6e::::dos_block, data: 0x7f307db15daa {"__expire_":1713440905,"__value_":"1"}
The "dos_block" flag has an expiration date - the time until which the IP address is blocked.This is what a record that blocks an IP address forever (without expiration date) looks like:
key: 0x7f3444f23192 **ip_address**_4dc3eb4c759ce8aa387ad1a757061a314d369738::::dos_block, data: 0x7f3444f231d5 {"__value_":"1"}
Expire records stop being written to the lmdb database when there is a large number of IP addresses. I suspect that this is due to the lmdb database being full. Is it possible to increase the size of the lmdb database?