Merge pull request #766 from BBcan177/pfBlockerNG_1.0

8 files changed, 51 insertions, 86 deletions

diff --git a/config/pfblockerng/countrycodes.tar.bz2 b/config/pfblockerng/countrycodes.tar.bz2
index 0884a882..afebf58a 100644
--- a/config/pfblockerng/countrycodes.tar.bz2
+++ b/config/pfblockerng/countrycodes.tar.bz2
diff --git a/config/pfblockerng/pfblockerng.php b/config/pfblockerng/pfblockerng.php
index 79f6c108..20080aa4 100644
--- a/config/pfblockerng/pfblockerng.php
+++ b/config/pfblockerng/pfblockerng.php
@@ -879,11 +879,11 @@ $xml = <<<EOF
 		</tab>
 		<tab>
 			<text>IPv4</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml</url>
+			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&amp;id=0</url>
 		</tab>
 		<tab>
 			<text>IPv6</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml</url>
+			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&amp;id=0</url>
 		</tab>
 		<tab>
 			<text>Top 20</text>
@@ -936,7 +936,7 @@ $xml = <<<EOF
 		</field>
 		<field>
 			<fielddescr>LINKS</fielddescr>
-			<fieldname>none</fieldname>
+			<fieldname></fieldname>
 			<description><![CDATA[<a href="/firewall_aliases.php">Firewall Alias</a> &nbsp;&nbsp;&nbsp; <a href="/firewall_rules.php">Firewall Rules</a> &nbsp;&nbsp;&nbsp; <a href="diag_logs_filter.php">Firewall Logs</a>]]>
 			</description>
 			<type>info</type>
@@ -1168,11 +1168,11 @@ $xmlrep = <<<EOF
 		</tab>
 		<tab>
 			<text>IPv4</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml</url>
+			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&amp;id=0</url>
 		</tab>
 		<tab>
 			<text>IPv6</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml</url>
+			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&amp;id=0</url>
 		</tab>
 		<tab>
 			<text>Top 20</text>
@@ -1218,14 +1218,14 @@ $xmlrep = <<<EOF
 		</field>
 		<field>
 			<fielddescr>LINKS</fielddescr>
-			<fieldname>none</fieldname>
+			<fieldname></fieldname>
 			<description><![CDATA[<a href="/firewall_aliases.php">Firewall Alias</a> &nbsp;&nbsp;&nbsp; <a href="/firewall_rules.php">Firewall Rules</a> &nbsp;&nbsp;&nbsp; <a href="diag_logs_filter.php">Firewall Logs</a>]]>
 			</description>
 			<type>info</type>
 		</field>
 		<field>
 			<fielddescr><![CDATA[<strong>Why Reputation Matters:</strong>]]></fielddescr>
-			<fieldname>why</fieldname>
+			<fieldname></fieldname>
 			<type>info</type>
 			<description><![CDATA[By Enabling '<strong>Reputation</strong>', each Blocklist will be analyzed for Repeat Offenders in each IP Range.
 				<ul>Example: &nbsp;&nbsp; x.x.x.1, x.x.x.2, x.x.x.3, x.x.x.4, x.x.x.5<br />
@@ -1237,7 +1237,8 @@ $xmlrep = <<<EOF
 				Its Important to select a Broad Range of Blocklists that cover different types of Malicious Activity.<br /><br />
 				You *may* experience some False Positives. Add any False Positive IPs manually to the<br />
 				<strong>pfBlockerNGSuppress Alias</strong> or use the "+" suppression Icon in the Alerts TAB<br /><br />
-				To help mitigate False Positives 'Countries' can be '<strong>Excluded</strong>' from this Process. (Refer to Country Code Settings)]]>
+				To help mitigate False Positives 'Countries' can be '<strong>Excluded</strong>' from this Process. (Refer to Country Code Settings)
+				<br /><br />Enabling <strong>De-Duplication</strong> is highly recommended before utilizing 'Reputation' processes.]]>
 			</description>
 		</field>
 		<field>
diff --git a/config/pfblockerng/pfblockerng.xml b/config/pfblockerng/pfblockerng.xml
index a8517a30..9442bc7f 100644
--- a/config/pfblockerng/pfblockerng.xml
+++ b/config/pfblockerng/pfblockerng.xml
@@ -55,11 +55,16 @@
 	<menu>
 		<name>pfBlockerNG</name>
 		<configfile>pfblockerng.xml</configfile>
-		<tooltiptext>Configure pfblockerNG</tooltiptext>
+		<tooltiptext>Configure pfBlockerNG</tooltiptext>
 		<section>Firewall</section>
 		<url>/pkg_edit.php?xml=pfblockerng.xml</url>
 	</menu>
 	<additional_files_needed>
+		<item>https://packages.pfsense.org/packages/config/pfblockerng/pfblockerng.priv.inc</item>
+		<prefix>/etc/inc/priv/</prefix>
+		<chmod>0644</chmod>
+	</additional_files_needed>
+	<additional_files_needed>
 		<item>https://packages.pfsense.org/packages/config/pfblockerng/pfblockerng.inc</item>
 		<prefix>/usr/local/pkg/pfblockerng/</prefix>
 		<chmod>0644</chmod>
@@ -125,62 +130,7 @@
 		<chmod>0644</chmod>
 	</additional_files_needed>
 	<additional_files_needed>
-		<item>https://packages.pfsense.org/packages/config/pfblockerng/cc/Africa_v4.txt</item>
-		<prefix>/var/db/pfblockerng/cc/</prefix>
-		<chmod>0444</chmod>
-	</additional_files_needed>
-	<additional_files_needed>
-		<item>https://packages.pfsense.org/packages/config/pfblockerng/cc/Africa_v6.txt</item>
-		<prefix>/var/db/pfblockerng/cc/</prefix>
-		<chmod>0444</chmod>
-	</additional_files_needed>
-	<additional_files_needed>
-		<item>https://packages.pfsense.org/packages/config/pfblockerng/cc/Asia_v4.txt</item>
-		<prefix>/var/db/pfblockerng/cc/</prefix>
-		<chmod>0444</chmod>
-	</additional_files_needed>
-	<additional_files_needed>
-		<item>https://packages.pfsense.org/packages/config/pfblockerng/cc/Asia_v6.txt</item>
-		<prefix>/var/db/pfblockerng/cc/</prefix>
-		<chmod>0444</chmod>
-	</additional_files_needed>
-	<additional_files_needed>
-		<item>https://packages.pfsense.org/packages/config/pfblockerng/cc/Europe_v4.txt</item>
-		<prefix>/var/db/pfblockerng/cc/</prefix>
-		<chmod>0444</chmod>
-	</additional_files_needed>
-	<additional_files_needed>
-		<item>https://packages.pfsense.org/packages/config/pfblockerng/cc/Europe_v6.txt</item>
-		<prefix>/var/db/pfblockerng/cc/</prefix>
-		<chmod>0444</chmod>
-	</additional_files_needed>
-	<additional_files_needed>
-		<item>https://packages.pfsense.org/packages/config/pfblockerng/cc/North_America_v4.txt</item>
-		<prefix>/var/db/pfblockerng/cc/</prefix>
-		<chmod>0444</chmod>
-	</additional_files_needed>
-	<additional_files_needed>
-		<item>https://packages.pfsense.org/packages/config/pfblockerng/cc/North_America_v6.txt</item>
-		<prefix>/var/db/pfblockerng/cc/</prefix>
-		<chmod>0444</chmod>
-	</additional_files_needed>
-	<additional_files_needed>
-		<item>https://packages.pfsense.org/packages/config/pfblockerng/cc/Oceania_v4.txt</item>
-		<prefix>/var/db/pfblockerng/cc/</prefix>
-		<chmod>0444</chmod>
-	</additional_files_needed>
-	<additional_files_needed>
-		<item>https://packages.pfsense.org/packages/config/pfblockerng/cc/Oceania_v6.txt</item>
-		<prefix>/var/db/pfblockerng/cc/</prefix>
-		<chmod>0444</chmod>
-	</additional_files_needed>
-	<additional_files_needed>
-		<item>https://packages.pfsense.org/packages/config/pfblockerng/cc/South_America_v4.txt</item>
-		<prefix>/var/db/pfblockerng/cc/</prefix>
-		<chmod>0444</chmod>
-	</additional_files_needed>
-	<additional_files_needed>
-		<item>https://packages.pfsense.org/packages/config/pfblockerng/cc/South_America_v6.txt</item>
+		<item>https://packages.pfsense.org/packages/config/pfblockerng/countrycodes.tar.bz2</item>
 		<prefix>/var/db/pfblockerng/cc/</prefix>
 		<chmod>0444</chmod>
 	</additional_files_needed>
@@ -214,11 +164,11 @@
 		</tab>
 		<tab>
 			<text>IPv4</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml</url>
+			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&amp;id=0</url>
 		</tab>
 		<tab>
 			<text>IPv6</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml</url>
+			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&amp;id=0</url>
 		</tab>
 		<tab>
 			<text>Top20</text>
@@ -264,7 +214,7 @@
 		</field>
 		<field>
 			<fielddescr>LINKS</fielddescr>
-			<fieldname>none</fieldname>
+			<fieldname></fieldname>
 			<description><![CDATA[<a href="/firewall_aliases.php">Firewall Alias</a> &nbsp;&nbsp;&nbsp; <a href="/firewall_rules.php">Firewall Rules</a> &nbsp;&nbsp;&nbsp; <a href="diag_logs_filter.php">Firewall Logs</a>]]></description>
 			<type>info</type>
 		</field>
@@ -356,7 +306,7 @@
 			</options>
 		</field>
 		<field>
-			<fielddescr>Remove Duplication</fielddescr>
+			<fielddescr>Enable De-Duplication</fielddescr>
 			<fieldname>enable_dup</fieldname>
 			<type>checkbox</type>
 			<description>Only for IPv4 Lists</description>
@@ -414,7 +364,7 @@
 		<field>
 			<fielddescr>Inbound Interface(s)</fielddescr>
 			<fieldname>inbound_interface</fieldname>
-			<description><![CDATA[Default: <strong>WAN</strong><br />Select the interface(s) you want to Apply Rules to]]></description>
+			<description>Select the Inbound interface(s) you want to Apply Auto Rules to</description>
 			<type>interfaces_selection</type>
 			<hideinterfaceregex>loopback</hideinterfaceregex>
 			<required/>
@@ -434,7 +384,7 @@
 		<field>
 			<fielddescr>Outbound Interface(s)</fielddescr>
 			<fieldname>outbound_interface</fieldname>
-			<description><![CDATA[Default:<strong>LAN</strong> or none.<br />Select the interface(s) you want to Apply Rules to]]></description>
+			<description>Select the Outbound interface(s) you want to Apply Auto Rules to</description>
 			<type>interfaces_selection</type>
 			<hideinterfaceregex>loopback</hideinterfaceregex>
 			<required/>
diff --git a/config/pfblockerng/pfblockerng_alerts.php b/config/pfblockerng/pfblockerng_alerts.php
index 1b54f8f2..541d1e03 100644
--- a/config/pfblockerng/pfblockerng_alerts.php
+++ b/config/pfblockerng/pfblockerng_alerts.php
@@ -143,9 +143,14 @@ if (isset($_POST['addsuppress'])) {
 		$ip = $_POST['ip'];
 		$table = $_POST['table'];
 		$descr = $_POST['descr'];
-		if (empty($descr))
-			$descr = sprintf(gettext("Entry added %s"), date('r'));
 		$cidr = $_POST['cidr'];
+
+		// If Description or CIDR field is empty, exit.
+		if (empty($descr) || empty($cidr)) {
+			header("Location: " . $_SERVER['PHP_SELF']);
+			exit;
+		}
+
 		if (is_ipaddr($ip)) {
 
 			$savemsg1 = "Host IP address {$ip}";
@@ -730,8 +735,10 @@ function hostruleid(host,table) {
 	var description = prompt("Please enter Suppression Description");
 	document.getElementById("descr").value = description;
 
-	var cidr = prompt("Please enter CIDR [ 32 or 24 CIDR only supported ]","32");
-	document.getElementById("cidr").value = cidr;
+	if (description.value != "") {
+		var cidr = prompt("Please enter CIDR [ 32 or 24 CIDR only supported ]","32");
+		document.getElementById("cidr").value = cidr;
+	}
 }
 
 // Auto-Resolve of Alerted Hostnames
diff --git a/config/pfblockerng/pfblockerng_sync.xml b/config/pfblockerng/pfblockerng_sync.xml
index 06ea40db..856af2f4 100644
--- a/config/pfblockerng/pfblockerng_sync.xml
+++ b/config/pfblockerng/pfblockerng_sync.xml
@@ -77,11 +77,11 @@
 		</tab>
 		<tab>
 			<text>IPv4</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml</url>
+			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&amp;id=0</url>
 		</tab>
 		<tab>
 			<text>IPv6</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml</url>
+			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&amp;id=0</url>
 		</tab>
 		<tab>
 			<text>Top 20</text>
@@ -190,21 +190,28 @@
 					</options>
 				</rowhelperfield>
 				<rowhelperfield>
-					<fielddescr>IP-Address</fielddescr>
+					<fielddescr>Target IP Address</fielddescr>
 					<fieldname>varsyncipaddress</fieldname>
 					<description><![CDATA[IP Address of the destination host.]]></description>
 					<type>input</type>
 					<size>15</size>
 				</rowhelperfield>
 				<rowhelperfield>
-					<fielddescr>Port</fielddescr>
+					<fielddescr>Target Port</fielddescr>
 					<fieldname>varsyncport</fieldname>
 					<description><![CDATA[Choose the sync port of the destination host.]]></description>
 					<type>input</type>
 					<size>3</size>
 				</rowhelperfield>
 				<rowhelperfield>
-					<fielddescr>Admin Password</fielddescr>
+					<fielddescr>Target Username (admin)</fielddescr>
+					<fieldname>varsyncusername</fieldname>
+					<description><![CDATA[Enter the Username Account for Authentication]]></description>
+					<type>input</type>
+					<size>15</size>
+				</rowhelperfield>
+				<rowhelperfield>
+					<fielddescr>Target Password</fielddescr>
 					<fieldname>varsyncpassword</fieldname>
 					<description><![CDATA[Password of the user "admin" on the destination host.]]></description>
 					<type>password</type>
diff --git a/config/pfblockerng/pfblockerng_top20.xml b/config/pfblockerng/pfblockerng_top20.xml
index 7d2cf033..4974c488 100644
--- a/config/pfblockerng/pfblockerng_top20.xml
+++ b/config/pfblockerng/pfblockerng_top20.xml
@@ -77,11 +77,11 @@
 		</tab>
 		<tab>
 			<text>IPv4</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml</url>
+			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&amp;id=0</url>
 		</tab>
 		<tab>
 			<text>IPv6</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml</url>
+			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&amp;id=0</url>
 		</tab>
 		<tab>
 			<text>Top 20</text>
diff --git a/config/pfblockerng/pfblockerng_v4lists.xml b/config/pfblockerng/pfblockerng_v4lists.xml
index 17f1a14d..ce92f4be 100644
--- a/config/pfblockerng/pfblockerng_v4lists.xml
+++ b/config/pfblockerng/pfblockerng_v4lists.xml
@@ -80,12 +80,12 @@
 		</tab>
 		<tab>
 			<text>IPv4</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml</url>
+			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&amp;id=0</url>
 			<active/>
 		</tab>
 		<tab>
 			<text>IPv6</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml</url>
+			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&amp;id=0</url>
 		</tab>
 		<tab>
 			<text>Top 20</text>
diff --git a/config/pfblockerng/pfblockerng_v6lists.xml b/config/pfblockerng/pfblockerng_v6lists.xml
index 2a381451..6f507057 100644
--- a/config/pfblockerng/pfblockerng_v6lists.xml
+++ b/config/pfblockerng/pfblockerng_v6lists.xml
@@ -80,11 +80,11 @@
 		</tab>
 		<tab>
 			<text>IPv4</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml</url>
+			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&amp;id=0</url>
 		</tab>
 		<tab>
 			<text>IPv6</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml</url>
+			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&amp;id=0</url>
 			<active/>
 		</tab>
 		<tab>