libapache2-mod-rpaf 0.5-3+squeeze1build0.10.04.1 source package in Ubuntu


libapache2-mod-rpaf (0.5-3+squeeze1build0.10.04.1) lucid-security; urgency=low

  * fake sync from Debian

libapache2-mod-rpaf (0.5-3+squeeze1) stable-security; urgency=high

  * New maintainer (See: #636732)
  * Edit 030_ipv6.patch to fix DOS via crafted X-Forwarded-For
    header (Closes: #683984, thanks to S├ębastien Bocahu)
 -- Steve Beattie <email address hidden>   Wed, 22 Aug 2012 16:28:07 -0700

Upload details

Uploaded by:
Steve Beattie on 2012-08-22
Uploaded to:
Original maintainer:
Sergey B Kirpichev
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section
Lucid updates on 2012-08-29 universe web
Lucid security on 2012-08-29 universe web


File Size SHA-256 Checksum
libapache2-mod-rpaf_0.5.orig.tar.gz 4.4 KiB 5b9257b69fccd11d573b34d3a4014086abc9f2558e819005f71e44b094f5b2a5
libapache2-mod-rpaf_0.5-3+squeeze1build0.10.04.1.diff.gz 7.6 KiB bf053ccc705ffa69664cbaa73ec134ce8373f3fbaf5b6fc2fb1b2871f031d084
libapache2-mod-rpaf_0.5-3+squeeze1build0.10.04.1.dsc 2.0 KiB 6ffb3de6772e4eec63351d3f81b6b9be8f4696b68ce3a0dc686d226a63faa62a

View changes file

Binary packages built by this source

libapache2-mod-rpaf: module for Apache2 which takes the last IP from the 'X-Forwarded-For' header

 rpaf is short for reverse proxy add forward.
 rpaf is for backend Apache servers what mod_proxy_add_forward is for
 frontend Apache servers. It does exactly the opposite of
 mod_proxy_add_forward written by Ask Bjorn Hansen.
 It changes the remote address of the client visible to other Apache modules
 when two conditions are satisfied. First condition is that the remote client
 is actually a proxy that is defined in httpd.conf. Secondly if there is an
 incoming X-Forwarded-For header and the proxy is in its list of known
 proxies it takes the last IP from the incoming X-Forwarded-For header and
 changes the remote address of the client in the request structure.