I'm setting up stunnel and will be enabling x-forwarded-for patch for it to partner with haproxy. However, I'm having an issue in starting up haproxy.

[root@ZAPATUS stunnel]# /etc/init.d/stunnel start
Starting universal SSL tunnel: stunnelClients allowed=500
stunnel 4.53 on i686-pc-linux-gnu platform
Compiled/running with OpenSSL 1.0.1c 10 May 2012
Threading:PTHREAD SSL:+ENGINE+OCSP+FIPS Auth:LIBWRAP Sockets:POLL+IPv6
Reading configuration from file /usr/local/etc/stunnel/stunnel.conf
FIPS_mode_set: F06D065: error:0F06D065:common libcrypto routines:FIPS_mode_set:fips mode not supported
str_stats: 5 block(s), 93 data byte(s), 210 control byte(s)
 failed.

To fix, include fips=no on stunnel.conf. Here is the global portion of my stunnel.conf

sslVersion = all
setuid = stunnel 
setgid = stunnel
pid = /tmp/stunnel.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
fips=no 

Error compiling mod_security

Oh men! Compiling mod_security is hell! I've been trying to compile it for several days now. I successfully compile mod_evasive with a slight issue. Here is my error in mod_security

[root@ip-10-162-54-86 modsecurity-apache_2.6.7]# /usr/local/apache2/bin/apxs -cia apache2/modsecurity.c                        
/usr/local/apache/build/libtool --silent --mode=compile gcc -prefer-pic   -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -g -O2 -pthread -I/usr/local/apache2/include  -I/usr/local/apache/include   -I/usr/local/apache/include   -c -o apache2/modsecurity.lo apache2/modsecurity.c && touch apache2/modsecurity.slo
In file included from apache2/modsecurity.h:38,
                 from apache2/modsecurity.c:19:
apache2/msc_xml.h:21:31: error: libxml/xmlschemas.h: No such file or directory
apache2/msc_xml.h:22:26: error: libxml/xpath.h: No such file or directory
In file included from apache2/modsecurity.h:38,
                 from apache2/modsecurity.c:19:
apache2/msc_xml.h:27: error: expected specifier-qualifier-list before 'xmlSAXHandler'

There has been an issue with apxs. Upon searching in Google, solution was compile it this way

/usr/local/apache2/bin/apxs -cia -n modsecurity -I /usr/include/libxml2 apache2/modsecurity.c 

Viola! modsecurity module was successfully compiled.

semanage command not found

I need to run semanage in one of my Linux box to check the settings of selinux to users. But it seems semanage was not installed

[root@centosprod1 sysconfig]# semanage login -l
-bash: semanage: command not found

I don't have any idea what package to install. libsemanage was installed already. Thank you to yum. Use provides option to yum to find the package for semanage.

[root@centosprod1 sysconfig]# yum provides */semanage
Loaded plugins: fastestmirror, presto
Loading mirror speeds from cached hostfile
libsemanage-devel-2.0.43-4.1.el6.x86_64 : Header files and libraries used to build policy manipulation tools
Repo        : cdrom
Matched from:
Filename    : /usr/include/semanage



policycoreutils-python-2.0.83-19.18.el6.x86_64 : SELinux policy core python utilities
Repo        : cdrom
Matched from:
Filename    : /usr/sbin/semanage



libsemanage-devel-2.0.43-4.1.el6.i686 : Header files and libraries used to build policy manipulation tools
Repo        : cdrom
Matched from:
Filename    : /usr/include/semanage

Based on the output of yum, you need to install policycoreutils-python.