Install Roboo to Ubuntu for DDOS protection.

I was fortunate enough to take part in Black Hat 2011 EU where was first public presentation of Roboo the HTTP mitigator http://www.ecl-labs.org/2011/03/17/roboo-http-mitigator.html. What is less fortunate is that it can be a pain to install, mostly because of dependency on perl modules. I have tried it a few times and present my experience in here.

Get yourself roboo which comes as a nginx module written in perl. Also get nginx example configuration. Newest versions are available in github https://github.com/yuri-gushin/Roboo. Place these files to those locations

/etc/nginx/nginx.conf
/opt/local/share/nginx/Roboo.pm
To avoid problem below modify first line of nginx.conf and change user nobody to www-data for example:
Starting nginx: [emerg]: getgrnam("nobody") failed in /etc/nginx/nginx.conf:1
configuration file /etc/nginx/nginx.conf test failed

It is tempting to install nginx from reposotory but you will get error.

Starting nginx: [emerg]: unknown directive "perl_modules" in /etc/nginx/nginx.conf:10
configuration file /etc/nginx/nginx.conf test failed


This means that perl modules support is not compiled into that version of nginx and you can compile ngix yourself. Other and simpler solution is to install nginx-extras instead.

sudo apt-get install nginx-extras

mime.types seems to be missing but in Ubuntu these are located in different location so update nginx.conf with

/etc/nginx/mime.types

to avoid

Starting nginx: [emerg]: open() "/opt/local/etc/nginx/mime.types" failed (2: No such file or directory) in /etc/nginx/nginx.conf:13
configuration file /etc/nginx/nginx.conf test failed

This concludes easy part and fun begins

Starting nginx: [emerg]: require_pv("Roboo.pm") failed: "Can't locate Net/IP/Match/Regexp.pm in @INC (@INC contains: /opt/local/share/nginx /etc/perl /usr/local/lib/perl/5.10.1 /usr/local/share/perl/5.10.1 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.10 /usr/share/perl/5.10 /usr/local/lib/site_perl .) at /opt/local/share/nginx/Roboo.pm line 25.
BEGIN failed--compilation aborted at /opt/local/share/nginx/Roboo.pm line 25.
Compilation failed in require at (eval 1) line 1."
configuration file /etc/nginx/nginx.conf test failed

With the help of cpan we need to configure perl so that it will include these modules

Digest::SHA
Net::IP::Match::Regexp
Crypt::Random
Compress::Zlib

Run cpan shell, update module repository and install modules in order stated below to give you most progress.

$ cpan
cpan[1]> install CPAN
cpan[2]> reload cpan
cpan[3]> install Net::IP::Match::Regexp
cpan[4]> install Compress::Zlib
cpan[5]> install Digest::SHA
cpan[5]> install Crypt::Random

In Ubuntu desktop version progress gets stuck when you see

Running make for V/VI/VIPUL/Crypt-Random-1.25.tar.gz
  Has already been unwrapped into directory /root/.cpan/build/Crypt-Random-1.25-WXpw6a
.....
Running make test
PERL_DL_NONLAZY=1 /usr/bin/perl "-MExtUtils::Command::MM" "-e" "test_harness(0, 'blib/lib', 'blib/arch')" t/*.t
t/generator.t ........ 5/18

Manually finishing installation is much faster (or only) option in this case. Also it might help if you have problems with downloading other perl modules and cpan fails to automatically install.

# cd /root/.cpan/build/Crypt-Random-1.25-WXpw6a
# perl Makefile.PL
# make
# make install

If you are using ubuntu minimal server then you need to install make, gpp and gcc or you see such errors.

Scanning header files...
Error No such file or directory from: cc -E -D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include utils/inc.h 2>&1
Creating libPARI/paricfg.h...
sh: gp: not found
.......
Running make test
  Can't test without successful make
Running make install
  Make had returned bad status, install seems impossible
cc -c  -I ../pari-2.1.7/src -I ../pari-2.1.7/src/headers -I ../pari-2.1.7/src/graph -I . -D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -g   -DVERSION="" -DXS_VERSION="" -fPIC -Derr=pari_err -DASMINLINE -DGCC_INLINE -DDYNAMIC_PLOTTING -o es.o ../pari-2.1.7/src/language/es.c
make[1]: cc: Command not found
make[1]: *** [es.o] Error 127

Please comment ad hit +1 button above if this helped you.

See also Observations of Roboo effectiveness


3 thoughts on “Install Roboo to Ubuntu for DDOS protection.

  1. Are you running Roboo with Nginx in Production Environment.
    We are using Centos for this and want to mitigate Http GET Flood.

    Can you please send me your email address,So we can communicate easily.

  2. Pingback:Optimize website to AdWords performance « Margus Pala is fixing IT!

  3. Pingback:nginx: Fight against dDOS (Part 1) | weBLOG

Leave a Reply

Your email address will not be published.


*