LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-08-2007, 04:00 AM   #1
lavinya
LQ Newbie
 
Registered: Jun 2007
Location: istanbul
Posts: 21

Rep: Reputation: 15
Unhappy Mod_evasive and iptables


Hello all linuxquestions.org users,

I installed mod_evasive and here my config:

Code:
LoadModule evasive20_module   /usr/lib/httpd/modules/mod_evasive20.so

<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 5
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 60
DOSEmailNotify notspam @ notspam. com 
DOSWhitelist 127.0.0.1
DOSWhitelist 85.105.241.10
DOSSystemCommand "su - root -c 'iptables -I INPUT -s %s -j DROP'"
</IfModule>
Ok no problem in Mod_evasive. But this line does not work
Code:
DOSSystemCommand "su - root -c 'iptables -I INPUT -s %s -j DROP'"
Apache error_log says:
Code:
standard in must be a tty
How to fix?

Note: i read this topic: http://www.linuxquestions.org/questi...roblem-354527/
and i try sudo but apache error_log says:
Code:
sudo: sorry, you must have a tty to run sudo
if you reply me messages i will be happy. Thanks.

Last edited by lavinya; 12-08-2007 at 04:03 AM.
 
Old 12-08-2007, 08:22 AM   #2
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 678Reputation: 678Reputation: 678Reputation: 678Reputation: 678Reputation: 678
Could you try the full path to the command. If you use sudo, it is often configured to require it. I don't know if the same thing can occur with su.

Looking on the web, every example using this directive has a full path to the command being executed.

Last edited by jschiwal; 12-08-2007 at 08:24 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Mitigate Attacks With mod_evasive jeremy LQ Articles Discussion 1 06-22-2007 10:59 AM
Can I install mod_evasive in apache2 when installed from repo? OneBinary Debian 3 04-20-2006 10:11 AM
iptables v1.2.9: Unknown arg `/sbin/iptables' Try `iptables -h' or 'iptables --help' Niceman2005 Linux - Security 4 12-29-2005 08:20 PM
IPtables Log Analyzer from http://www.gege.org/iptables/ brainlego Linux - Software 0 08-11-2003 06:08 AM
My iptables script is /etc/sysconfig/iptables. How do i make this baby execute on boo ForumKid Linux - General 3 01-22-2002 07:36 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:17 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration