Documentation

xdecock · Jul 1, 2019 · b36d2a7 · b36d2a7
1 parent 59e51d6
commit b36d2a7
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 11 deletions.
diff --git a/README.md b/README.md
@@ -0,0 +1,20 @@
+# VMod ModSecurity
+
+This Vmod allows you to interface modsecurity with varnish
+
+## How to Install
+Requires: libmodsecurity3, rules
+
+`./bootstrap; make; sudo make install`
+
+To get more doc, man vmod_sec, or check the vcl in vcl/example.vcl
+
+# See Also
+
+https://varnish-cache.org/
+
+https://github.com/varnishcache/varnish-cache
+
+https://modsecurity.org/
+
+https://github.com/SpiderLabs/ModSecurity/
diff --git a/security.spec.in b/security.spec.in
@@ -7,16 +7,16 @@
 Name:		@PACKAGE@
 Version:	@PACKAGE_VERSION@
 Release:	1%{?dist}
-Summary:	XXX: put your summary here
+Summary:	ModSecurity : This is a ModSecurity binding for varnish
 
-License:	XXX: put your license here
-URL:		XXX://put.your/url/here
+License:	BSD-3-Clause: https://opensource.org/licenses/BSD-3-Clause
+URL:		https://github.com/xdecock/vmod-modsecurity
 Source:		%{name}-%{version}.tar.gz
 
 BuildRequires:	pkgconfig(varnishapi) >= 6.0.0
 
 %description
-XXX: put your long description here
+ModSecurity: Provides way to configure and interface with modsecurity
 
 %prep
 %setup -q
@@ -37,5 +37,5 @@ rm -f %{buildroot}%{vmoddir}/*.la
 %{vmoddir}/libvmod_sec.so
 
 %changelog
-* Sat Jun 29 2019 XXX: author <your@email> - 0.1
-- Initial spec
+* Sat Jun 29 2019 : Xavier De Cock <[email protected]> - 0.9
+- Initial Version of the package, Body handling is still a poc and should be reimplement as VFP/VDP.
diff --git a/src/vmod_sec.vcc b/src/vmod_sec.vcc
@@ -1,13 +1,16 @@
-$Module sec 3 "Varnish sec Module"
+$Module sec 3 "Varnish modsecurity Module"
 $ABI vrt
 
 DESCRIPTION
 ===========
 
-This VCC file was generated by VCDK, it is used to for both the VMOD
-interface and its manual using reStructuredText.
+This modules links *modsecurity* in varnish as a vmod and gives the tooling to configure it and act on feedback.
 
-XXX: document vmod-sec
+Body treatment is still a **proof of concept**, and will probably kill your server.
+
+The -p *thread_pool_stack* should be high enough to allow modsecurity to run, (4M worked on my machine, but, ymmv)
+
+You still need to configure the ruleset you need, this should be a good starting point : https://www.netnea.com/cms/apache-tutorial-7_including-modsecurity-core-rules/
 
 Example
     ::
@@ -123,4 +126,8 @@ Get the log entry linked to the current ModSecurityIntervention
 
 
 SEE ALSO
-========vcl\(7),varnishd\(1)
+========
+
+vcl\(7),varnishd\(1)
+
+https://modsecurity.org/
diff --git a/doc/example.vcl → vcl/example.vcl b/doc/example.vcl → vcl/example.vcl