aboutsummaryrefslogtreecommitdiffstats
path: root/config/pf-blocker
diff options
context:
space:
mode:
authormarcelloc <marcellocoutinho@gmail.com>2011-10-27 20:33:09 -0200
committermarcelloc <marcellocoutinho@gmail.com>2011-10-27 20:33:09 -0200
commit024cda9664ca4c0ea314bdbae89eb33515948956 (patch)
tree03525445e0b055fd0258976661fe08a9b866ae69 /config/pf-blocker
parent28b22d66b19170763e4f400f731802108d119123 (diff)
downloadpfsense-packages-024cda9664ca4c0ea314bdbae89eb33515948956.tar.gz
pfsense-packages-024cda9664ca4c0ea314bdbae89eb33515948956.tar.bz2
pfsense-packages-024cda9664ca4c0ea314bdbae89eb33515948956.zip
pfBlocker-dev - version 0.1.1 with countryblock and ipblocklist together
Diffstat (limited to 'config/pf-blocker')
-rwxr-xr-xconfig/pf-blocker/pfblocker.inc190
-rw-r--r--config/pf-blocker/pfblocker.php47
-rwxr-xr-xconfig/pf-blocker/pfblocker.xml141
-rw-r--r--config/pf-blocker/pfblocker_sync.xml9
-rw-r--r--config/pf-blocker/pfblocker_topspammers.xml136
5 files changed, 425 insertions, 98 deletions
diff --git a/config/pf-blocker/pfblocker.inc b/config/pf-blocker/pfblocker.inc
index 7631111a..de28a432 100755
--- a/config/pf-blocker/pfblocker.inc
+++ b/config/pf-blocker/pfblocker.inc
@@ -34,7 +34,7 @@ require_once("functions.inc");
require_once("pkg-utils.inc");
require_once("globals.inc");
require_once("filter.inc");
-
+
function pfb_text_area_decode($text){
return preg_replace('/\r\n/', "\n",base64_decode($text));
}
@@ -47,6 +47,29 @@ function cb_get_real_interface_address($iface) {
return array($ip, long2ip(hexdec($netmask)));
}
+function pfblocker_Range2CIDR($ip_min, $ip_max) {
+ #function called without any args
+ if ($ip_min == "" || $ip_max == "")
+ return "";
+ #function called with same ip in min and max
+ if ($ip_min == $ip_max)
+ return $ip_min. "/32";
+ #convert ip to decimal numbers
+ $ip_min_long=ip2long($ip_min);
+ $ip_max_long=ip2long($ip_max);
+ #check long results
+ if ($ip_min_long == -1 || $ip_max_long == -1)
+ return "";
+ #identify bits mask
+ $bits=(32 -strlen(decbin($ip_max_long - $ip_min_long)));
+ if ($bits < 0)
+ return "";
+ #identify first ip on range network
+ $network=long2ip(bindec(substr(decbin($ip_min_long),0,$bits).preg_replace("/\d/","0",substr(decbin($ip_min_long),0,(32-$bits)))));
+ #print decbin($ip_min_long)."\n".$network."\n";
+ return $network . "/". (32 -strlen(decbin($ip_max_long - $ip_min_long)));
+ }
+
function sync_package_pfblocker() {
global $config;
$pfblocker_config=$config['installedpackages']['pfblocker']['config'][0];
@@ -56,82 +79,166 @@ function sync_package_pfblocker() {
$web_local=($config['system']['webgui']['protocol'] != ""?$config['system']['webgui']['protocol']:"http");
$port = $config['system']['webgui']['port'];
if($port == "") {
- if($config['system']['webgui']['protocol'] == "http")
+ if($config['system']['webgui']['protocol'] == "http")
$port = "80";
- else
+ else
$port = "443";
}
$web_local .= "://127.0.0.1:".$port.'/pfblocker.php';
#get all selected countries
- $countries=$config['installedpackages']['pfblocker']['config'][0]['topspammers'].",";
+ $countries=$config['installedpackages']['pfblockertopspammers']['config'][0]['countries'].",";
foreach ($continents as $continent){
if (is_array($config['installedpackages']['pfblocker'.strtolower(preg_replace('/ /','',$continent))]['config']))
$countries.=$config['installedpackages']['pfblocker'.strtolower(preg_replace('/ /','',$continent))]['config'][0]['countries'].",";
}
$cb_files = explode(",", $countries);
- $ips="";
+
+ $pfbdir='/usr/local/pkg/pfblocker';
+
+ #check folders
+ if (!is_dir($pfbdir))
+ mkdir ($pfbdir,0755);
+ if (! is_dir('/var/db/aliastables/'))
+ mkdir ('/var/db/aliastables/',0755);
+
+ #get custom lists
+ $whitelist=pfb_text_area_decode($pfblocker_config['whitelist']);
+ $ips_in="";
+ $ips_out="";
foreach ($cb_files as $iso){
if ($iso <> ""){
- if (file_exists('/usr/local/pkg/pfblocker/'.$iso.'.txt'))
- $ips.=file_get_contents('/usr/local/pkg/pfblocker/'.$iso.'.txt');
+ if (file_exists($pfbdir.'/'.$iso.'.txt'))
+ switch ($pfblocker_config['countryblock']){
+ case "inbound":
+ $ips_in.=file_get_contents($pfbdir.'/'.$iso.'.txt');
+ break;
+ case "outbound":
+ $ips_out.=file_get_contents($pfbdir.'/'.$iso.'.txt');
+ break;
+ case "both":
+ $ips_in.=file_get_contents($pfbdir.'/'.$iso.'.txt');
+ $ips_out.=file_get_contents($pfbdir.'/'.$iso.'.txt');
+ break;
+ case "whitelist":
+ $whitelist.=file_get_contents($pfbdir.'/'.$iso.'.txt');
+ break;
+ }
+ }
+ }
+
+ #Assign IP range lists
+ foreach ($pfblocker_config['row'] as $row){
+ $md5_url = md5($row['url']);
+ #print $row['action']."<br>";
+ if (file_exists($pfbdir."/".$md5_url.".txt")){
+ ${$row['action']}.= file_get_contents($pfbdir.'/'.$md5_url.'.txt');
+ }
+ else{
+ if ($row['format'] == "gz")
+ $url_list= gzfile($row['url']);
+ else
+ $url_list= file_get_contents($row['url']);
+ #extract range lists
+ $new_file="";
+ foreach ($url_list as $line){
+ # CIDR format 192.168.0.0/16
+ if (preg_match("/(\d+\.\d+\.\d+\.\d+\/\d+)/",$line,$matches)){
+ ${$row['action']}.= $matches[1]."\n";
+ $new_file.= $matches[1]."\n";
+ }
+
+ # Network range 192.168.0.0-192.168.0.254
+ if (preg_match("/(\d+\.\d+\.\d+\.\d+)-(\d+\.\d+\.\d+\.\d+)/",$line,$matches))
+ $cidr= pfblocker_Range2CIDR($matches[1],$matches[2]);
+ if ($cidr != ""){
+ ${$row['action']}.= $cidr."\n";
+ $new_file.= $cidr."\n";
+ }
+ }
+ if ($new_file != "")
+ file_put_contents($pfbdir.'/'.$md5_url.'.txt',$new_file, LOCK_EX);
}
+ #print $row['url']."<br>" .$md5_url.".txt<br>";
+ #var_dump(gzfile($row['url']));
}
+
#create all country block lists based on gui
- file_put_contents('/usr/local/pkg/cb.txt',$ips, LOCK_EX);
+ file_put_contents('/usr/local/pkg/pfb_in.txt',$ips_in, LOCK_EX);
+
+ #create all country block lists based on gui
+ file_put_contents('/usr/local/pkg/pfb_out.txt',$ips_out, LOCK_EX);
#write white_list to filesystem
- file_put_contents('/usr/local/pkg/cbw.txt',pfb_text_area_decode($pfblocker_config['whitelist']), LOCK_EX);
+ file_put_contents('/usr/local/pkg/pfb_w.txt',$whitelist, LOCK_EX);
+
#edit or assign alias "pfblocker" and "pfblockerWL"
$aliases=$config['aliases']['alias'];
#print "<pre>";
$new_aliases=array();
- if ($ips != ""){
+ $pfBlockerInbound='/var/db/aliastables/pfBlockerInbound.txt';
+ if ($ips_in != ""){
+ #create or reaply alias
+ $new_aliases[]=array("name"=> 'pfBlockerInbound',
+ "url"=> $web_local.'?pfb=in',
+ "updatefreq"=> "7",
+ "address"=>"",
+ "descr"=> "pfBlocker Inbound deny list",
+ "type"=> "urltable",
+ "detail"=> "DO NOT EDIT THIS ALIAS");
+ #force alias file update
+ if (file_exists($pfBlockerInbound))
+ file_put_contents($pfBlockerInbound,$ips_in, LOCK_EX);
+ }
+ else{
+ #remove previous aliastable if exist
+ if (file_exists($pfBlockerInbound))
+ unlink($pfBlockerInbound);
+ }
+ $pfBlockerOutbound='/var/db/aliastables/pfBlockerOutbound.txt';
+ if ($ips_out != "" && $pfblocker_config['outbound_interface'] != ""){
#create or reaply alias
- $new_aliases[]=array("name"=> 'pfblocker',
- "url"=> $web_local.'?cb=1',
+ $new_aliases[]=array("name"=> 'pfBlockerOutbound',
+ "url"=> $web_local.'?pfb=out',
"updatefreq"=> "7",
"address"=>"",
- "descr"=> "pfblocker deny list",
+ "descr"=> "pfBlocker Outbound deny list",
"type"=> "urltable",
"detail"=> "DO NOT EDIT THIS ALIAS");
#force alias file update
- if (! is_dir('/var/db/aliastables/'))
- mkdir ('/var/db/aliastables/',0755);
- if (file_exists('/var/db/aliastables/pfblocker.txt'))
- file_put_contents('/var/db/aliastables/pfblocker.txt',$ips, LOCK_EX);
+ if (file_exists($pfBlockerOutbound))
+ file_put_contents($pfBlockerOutbound,$ips_out, LOCK_EX);
}
else{
#remove previous aliastable if exist
- if (file_exists('/var/db/aliastables/pfblocker.txt'))
- unlink('/var/db/aliastables/pfblocker.txt');
+ if (file_exists($pfBlockerOutbound))
+ unlink($pfBlockerOutbound);
}
- if (pfb_text_area_decode($pfblocker_config['whitelist']) != ""){
+ $pfblockerWL='/var/db/aliastables/pfBlockerWL.txt';
+ if ($whitelist != ""){
#create or reaply alias
- $new_aliases[]=array("name"=> 'pfblockerWL',
- "url"=> $web_local.'?cbw=1',
+ $new_aliases[]=array("name"=> 'pfBlockerWL',
+ "url"=> $web_local.'?pfb=white',
"updatefreq"=> "7",
"address"=>"",
- "descr"=> "pfblocker white list",
+ "descr"=> "pfBlocker White list",
"type"=> "urltable",
"detail"=> "DO NOT EDIT THIS ALIAS");
#force alias file update
- if (! is_dir('/var/db/aliastables/'))
- mkdir ('/var/db/aliastables/',0755);
- if (file_exists('/var/db/aliastables/pfblockerWL.txt'))
- file_put_contents('/var/db/aliastables/pfblockerWL.txt',pfb_text_area_decode($pfblocker_config['whitelist']), LOCK_EX);
+ if (file_exists($pfblockerWL))
+ file_put_contents($pfblockerWL,$whitelist, LOCK_EX);
}
else{
#remove previous aliastable if exist
- if (file_exists('/var/db/aliastables/pfblockerWL.txt'))
- unlink('/var/db/aliastables/pfblockerWL.txt');
+ if (file_exists($pfblockerWL))
+ unlink($pfblockerWL);
}
if (is_array($aliases))
foreach($aliases as $cbalias){
- if (! preg_match("/pfblocker.*list/",$cbalias['descr']))
+ if (! preg_match("/pfBlocker.*list/",$cbalias['descr']))
$new_aliases[]= $cbalias;
}
$config['aliases']['alias']=$new_aliases;
@@ -152,14 +259,14 @@ function sync_package_pfblocker() {
"statetimeout"=>"",
"statetype"=>"keep state",
"os"=> "",
- "source"=>array("address"=>"pfblockerWL"),
+ "source"=>array("address"=>"pfBlockerWL"),
"destination"=>array("any"=>""),
- "descr"=>"pfblocker inbound whitelist rule");
+ "descr"=>"pfBlocker Whitelist rule");
if ($pfblocker_config['enable_log'])
${$iface}[0]["log"]="";
}
- if ($ips != ""){
+ if ($ips_in != ""){
${$iface}[1]=array( "id" => "",
"type"=>"block",
"tag"=> "",
@@ -172,9 +279,9 @@ function sync_package_pfblocker() {
"statetimeout"=>"",
"statetype"=>"keep state",
"os"=> "",
- "source"=>array("address"=>"pfblocker"),
+ "source"=>array("address"=>"pfBlockerInbound"),
"destination"=>array("any"=>""),
- "descr"=>"pfblocker inbound deny rule");
+ "descr"=>"pfBlocker Inbound deny rule");
if ($pfblocker_config['enable_log'])
${$iface}[1]["log"]="";
@@ -196,12 +303,12 @@ function sync_package_pfblocker() {
"statetype"=>"keep state",
"os"=> "",
"source"=>array("any"=>""),
- "destination"=>array("address"=>"pfblockerWL"),
- "descr"=>"pfblocker outbound whitelist rule");
+ "destination"=>array("address"=>"pfBlockerWL"),
+ "descr"=>"pfBlocker Whitelist rule");
if ($pfblocker_config['enable_log'])
${$iface}[2]["log"]="";
}
- if ($ips != ""){
+ if ($ips_out != ""){
${$iface}[3]= array("id" => "",
"type"=>"block",
"tag"=> "",
@@ -215,8 +322,8 @@ function sync_package_pfblocker() {
"statetype"=>"keep state",
"os"=> "",
"source"=>array("any"=>""),
- "destination"=>array("address"=>"pfblocker"),
- "descr"=>"pfblocker inbound deny rule");
+ "destination"=>array("address"=>"pfBlockerOutbound"),
+ "descr"=>"pfBlocker Outbound deny rule");
if ($pfblocker_config['enable_log'])
${$iface}[3]["log"]="";
@@ -232,7 +339,7 @@ function sync_package_pfblocker() {
foreach (${$rule['interface']} as $cb_rules)
$new_rules[]=$cb_rules;
}
- if (!preg_match("/pfblocker.*rule/",$rule['descr']))
+ if (!preg_match("/pfBlocker.*rule/",$rule['descr']))
$new_rules[]=$rule;
}
$config['filter']['rule']=$new_rules;
@@ -329,6 +436,7 @@ function pfblocker_do_xmlrpc_sync($sync_to_ip, $password) {
/* xml will hold the sections to sync */
$xml = array();
$xml['pfblocker'] = $config['installedpackages']['pfblocker'];
+ $xml['pfblockertopspammers'] = $config['installedpackages']['pfblockertopspammers'];
$xml['pfblockerafrica'] = $config['installedpackages']['pfblockerafrica'];
$xml['pfblockerantartica'] = $config['installedpackages']['pfblockerantartica'];
$xml['pfblockerasia'] = $config['installedpackages']['pfblockerasia'];
diff --git a/config/pf-blocker/pfblocker.php b/config/pf-blocker/pfblocker.php
index 73d3d466..e3caa585 100644
--- a/config/pf-blocker/pfblocker.php
+++ b/config/pf-blocker/pfblocker.php
@@ -1,28 +1,38 @@
<?php
-function get_networks($cb){
- if ($cb==1)
- $return= file_get_contents('/usr/local/pkg/cb.txt');
- if ($cb==2)
- $return=file_get_contents('/usr/local/pkg/cbw.txt');
+function get_networks($pfb){
+ if ($pfb==1)
+ $return= file_get_contents('/usr/local/pkg/pfb_in.txt');
+ if ($pfb==2)
+ $return= file_get_contents('/usr/local/pkg/pfb_out.txt');
+ if ($pfb==3)
+ $return=file_get_contents('/usr/local/pkg/pfb_w.txt');
#print "<pre>";
print $return;
}
-if ($_REQUEST['cb']== 1){# and $_SERVER['REMOTE_ADDR']== '127.0.0.1'){
- get_networks(1);
+# to be uncomented when this packages gets stable state
+#if($_SERVER['REMOTE_ADDR']== '127.0.0.1'){
+switch ($_REQUEST['pfb']){
+ case "in":
+ get_networks(1);
+ break;
+ case "out":
+ get_networks(2);
+ break;
+ case "white":
+ get_networks(3);
+ break;
}
-if ($_REQUEST['cbw']== 1){# and $_SERVER['REMOTE_ADDR']== '127.0.0.1'){
- get_networks(2);
-}
-
+#}
+
function pfblocker_get_countries(){
$files= array ( "Africa" => "/usr/local/pkg/Africa_cidr.txt",
- "Antartica" => "/usr/local/pkg/Antartica_cidr.txt",
"Asia" => "/usr/local/pkg/Asia_cidr.txt",
"Europe" => "/usr/local/pkg/Europe_cidr.txt",
"North America" => "/usr/local/pkg/North_America_cidr.txt",
"Oceania" => "/usr/local/pkg/Oceania_cidr.txt",
"South America"=>"/usr/local/pkg/South_America_cidr.txt");
+
$cdir='/usr/local/pkg/pfblocker';
if (! is_dir($cdir))
mkdir ($cdir,0755);
@@ -44,7 +54,7 @@ foreach ($files as $cont => $file){
else{
if (${$ISOCode}==0){
${$ISOCode}++;
- $options.= '<option><name>'.$Country.' </name><value>'.$ISOCode.'</value></option>'."\n";
+ $options.= '<option><name>'.$Country .'-'.$ISOCode.' ('.$TotalNetworks.') '.' </name><value>'.$ISOCode.'</value></option>'."\n";
}
${$ISOCode}.=$line."\n";
}
@@ -114,16 +124,17 @@ $xml= <<<EOF
<url>/pkg_edit.php?xml=pfblocker.xml&amp;id=0</url>
</tab>
<tab>
+ <text>Top Spammers</text>
+ <url>/pkg_edit.php?xml=pfblocker_topspammers.xml&amp;id=0</url>
+ {$active['top']}
+ </tab>
+
+ <tab>
<text>Africa</text>
<url>/pkg_edit.php?xml=pfblocker_Africa.xml&amp;id=0</url>
{$active['Africa']}
</tab>
<tab>
- <text>Antartica</text>
- <url>/pkg_edit.php?xml=pfblocker_Antartica.xml&amp;id=0</url>
- {$active['Antartica']}
- </tab>
- <tab>
<text>Asia</text>
<url>/pkg_edit.php?xml=pfblocker_Asia.xml&amp;id=0</url>
{$active['Asia']}
diff --git a/config/pf-blocker/pfblocker.xml b/config/pf-blocker/pfblocker.xml
index edbe64d8..e88d7907 100755
--- a/config/pf-blocker/pfblocker.xml
+++ b/config/pf-blocker/pfblocker.xml
@@ -109,13 +109,13 @@
<active/>
</tab>
<tab>
- <text>Africa</text>
- <url>/pkg_edit.php?xml=pfblocker_Africa.xml&amp;id=0</url>
-
+ <text>Top Spammers</text>
+ <url>/pkg_edit.php?xml=pfblocker_topspammers.xml&amp;id=0</url>
</tab>
+
<tab>
- <text>Antartica</text>
- <url>/pkg_edit.php?xml=pfblocker_Antartica.xml&amp;id=0</url>
+ <text>Africa</text>
+ <url>/pkg_edit.php?xml=pfblocker_Africa.xml&amp;id=0</url>
</tab>
<tab>
@@ -173,47 +173,120 @@
<field>
<fielddescr>Outbound Interface(s)</fielddescr>
<fieldname>outbound_interface</fieldname>
- <description><![CDATA[Default:<strong>LAN</strong><br>Select interface(s) that you do not want to send outgoing traffic.<br>
+ <description><![CDATA[Default:<strong>LAN</strong> or none.<br>Select interface(s) that you do not want to send outgoing traffic.<br>
If you want to create custom outbound rules for blocked countries based on pfBlocker firewall alias, leave this list empty.]]></description>
<type>interfaces_selection</type>
<required/>
<multiple/>
</field>
<field>
- <fielddescr>Whitelist</fielddescr>
- <fieldname>whitelist</fieldname>
- <description><![CDATA[Enter a CIDR range for the Address you wish to whitlist. One network per line.<br>
- Example: 192.168.1.0/24]]></description>
- <type>textarea</type>
- <cols>20</cols>
- <rows>06</rows>
- <encoding>base64</encoding>
- </field>
- <field>
- <name>Shortcut</name>
+ <name>Network ranges / CIDR lists</name>
<type>listtopic</type>
</field>
+ <field>
+ <fielddescr>Country Action</fielddescr>
+ <fieldname>countryblock</fieldname>
+ <description><![CDATA[Default:<strong>Block Inbound</strong><br>
+ Select action for countries you have selected<br><br>
+ <strong>Note: </strong><br>'Block Inbound' traffic will deny access from selected countries to your network.<br>
+ 'Block Outgoing' traffic will deny access from your users to countries you selected to block<br>
+ 'Whitelist' will allow access from and to selected countries to your network.<br>
+ 'None' will not apply rules to selected countries.]]></description>
+ <type>select</type>
+ <options>
+ <option><name>Block Inbound</name><value>inbound</value></option>
+ <option><name>Block Outbound</name><value>outbound</value></option>
+ <option><name>Block Inbound and Outbound</name><value>both</value></option>
+ <option><name>whitelist</name><value>whitelist</value></option>
+ <option><name>None</name><value>none</value></option>
+ </options>
+ </field>
<field>
- <fielddescr>Top Spammers</fielddescr>
- <fieldname>topspammers</fieldname>
- <description>
- <![CDATA[Select top spammers countries you want to block.]]>
- </description>
+ <fielddescr>Update frequency</fielddescr>
+ <fieldname>update</fieldname>
+ <description><![CDATA[Default:<strong>Never</strong><br>
+ Select how often pfsense will download Lists files]]></description>
<type>select</type>
<options>
- <option><name>Korea</name><value>KR</value></option>
- <option><name>China</name><value>CN</value></option>
- <option><name>India</name><value>IN</value></option>
- <option><name>Russia</name><value>RU</value></option>
- <option><name>Turkey</name><value>TR</value></option>
- <option><name>Vietnam</name><value>VN</value></option>
- <option><name>Ukraine</name><value>UA</value></option>
- <option><name>Brazil</name><value>BR</value></option>
- <option><name>Venezuela </name><value>VE</value></option>
- <option><name>Pakistan</name><value>PK</value></option>
+ <option><name>Never</name><value>never</value></option>
+ <option><name>Every Hour</name><value>hour</value></option>
+ <option><name>Every 4 Hours</name><value>4hours</value></option>
+ <option><name>Every 12 Hours</name><value>12hours</value></option>
+ <option><name>Once a day</name><value>day</value></option>
+ <option><name>Once a week</name><value>week</value></option>
</options>
- <size>10</size>
- <multiple/>
+ </field>
+
+ <field>
+ <fielddescr><![CDATA[Lists]]></fielddescr>
+ <fieldname>none</fieldname>
+ <description><![CDATA[In 'list action' choose the way you want to use the list and in 'Format' choose the file format on url.<br>
+ ON url field, add direct link to list (Example: <a target=_new href='http://list.iblocklist.com/?list=bt_ads&fileformat=p2p&archiveformat=gz'>Ads</a>,
+ <a target=_new href='http://list.iblocklist.com/?list=bt_spyware&fileformat=p2p&archiveformat=gz'>Spyware</a>,
+ <a target=_new href='http://list.iblocklist.com/?list=bt_proxy&fileformat=p2p&archiveformat=gz'>Proxies</a> )<br>
+ Compressed lists must be in gz format.<br>
+ File must have only one network per line and could follows PeerBlock syntax or this below:<br>
+ Network ranges: <strong>172.16.1.0-172.16.1.255</strong><br>
+ CIDR: <strong>172.16.1.0/24</strong>
+ ]]></description>
+ <type>rowhelper</type>
+ <rowhelper>
+ <rowhelperfield>
+ <fielddescr>List Action</fielddescr>
+ <fieldname>action</fieldname>
+ <type>select</type>
+ <options>
+ <option><name>Block Inbound</name><value>ips_in</value></option>
+ <option><name>Block Outbound</name><value>ips_out</value></option>
+ <option><name>whitelist</name><value>whitelist</value></option>
+ <option><name>None</name><value>none</value></option>
+ </options>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>Format</fielddescr>
+ <fieldname>format</fieldname>
+ <type>select</type>
+ <options>
+ <option><name>gz</name><value>gz</value></option>
+ <option><name>txt</name><value>txt</value></option>
+ </options>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>Url</fielddescr>
+ <fieldname>url</fieldname>
+ <type>input</type>
+ <size>57</size>
+ </rowhelperfield>
+ </rowhelper>
+ </field>
+ <field>
+ <name>List info help</name>
+ <fieldname>list_info</fieldname>
+ <description><![CDATA[In 'list action' choose the way you want to use the list and in 'Format' choose the file format on url.<br>
+ ON url field, add direct link to list (Example: <a target=_new href='http://list.iblocklist.com/?list=bt_ads&fileformat=p2p&archiveformat=gz'>Ads</a>,
+ <a target=_new href='http://list.iblocklist.com/?list=bt_spyware&fileformat=p2p&archiveformat=gz'>Spyware</a>,
+ <a target=_new href='http://list.iblocklist.com/?list=bt_proxy&fileformat=p2p&archiveformat=gz'>Proxies</a> )<br>
+ Compressed lists must be in gz format.<br>
+ File must have only one network per line and could follows PeerBlock syntax or this below:<br>
+ Network ranges: <strong>172.16.1.0-172.16.1.255</strong><br>
+ CIDR: <strong>172.16.1.0/24</strong>
+ ]]></description>
+ <type>checkbox</type>
+
+ </field>
+ <field>
+ <name>Custom list</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Whitelist</fielddescr>
+ <fieldname>whitelist</fieldname>
+ <description><![CDATA[Enter CIDR network ranges you want to whitlist. One network per line.<br>
+ Example: 192.168.1.0/24]]></description>
+ <type>textarea</type>
+ <cols>50</cols>
+ <rows>06</rows>
+ <encoding>base64</encoding>
</field>
</fields>
<custom_php_install_command>
diff --git a/config/pf-blocker/pfblocker_sync.xml b/config/pf-blocker/pfblocker_sync.xml
index bc525aa3..43cca1f9 100644
--- a/config/pf-blocker/pfblocker_sync.xml
+++ b/config/pf-blocker/pfblocker_sync.xml
@@ -57,13 +57,12 @@
<url>/pkg_edit.php?xml=pfblocker.xml&amp;id=0</url>
</tab>
<tab>
- <text>Africa</text>
- <url>/pkg_edit.php?xml=pfblocker_Africa.xml&amp;id=0</url>
-
+ <text>Top Spammers</text>
+ <url>/pkg_edit.php?xml=pfblocker_topspammers.xml&amp;id=0</url>
</tab>
<tab>
- <text>Antartica</text>
- <url>/pkg_edit.php?xml=pfblocker_Antartica.xml&amp;id=0</url>
+ <text>Africa</text>
+ <url>/pkg_edit.php?xml=pfblocker_Africa.xml&amp;id=0</url>
</tab>
<tab>
diff --git a/config/pf-blocker/pfblocker_topspammers.xml b/config/pf-blocker/pfblocker_topspammers.xml
new file mode 100644
index 00000000..dcb02524
--- /dev/null
+++ b/config/pf-blocker/pfblocker_topspammers.xml
@@ -0,0 +1,136 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ========================================================================== */
+/*
+ pfblocker_topspammers.xml
+ part of the pfblocker for pfSense
+ Copyright (C) 2011 Marcello Coutinho
+
+ All rights reserved.
+ */
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Describe your package here</description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
+ <name>pfblockertopspammers</name>
+ <version>1.0</version>
+ <title>Firewall: pfBlocker</title>
+ <include_file>/usr/local/pkg/pfblocker.inc</include_file>
+ <menu>
+ <name>pfBlocker</name>
+ <tooltiptext>Configure pfblocker</tooltiptext>
+ <section>Firewall</section>
+ <url>pkg_edit.php?xml=pfblocker.xml&amp;id=0</url>
+ </menu>
+<tabs>
+ <tab>
+ <text>General</text>
+ <url>/pkg_edit.php?xml=pfblocker.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Top Spammers</text>
+ <url>/pkg_edit.php?xml=pfblocker_topspammers.xml&amp;id=0</url>
+ <active/>
+ </tab>
+ <tab>
+ <text>Africa</text>
+ <url>/pkg_edit.php?xml=pfblocker_Africa.xml&amp;id=0</url>
+
+ </tab>
+ <tab>
+ <text>Asia</text>
+ <url>/pkg_edit.php?xml=pfblocker_Asia.xml&amp;id=0</url>
+
+ </tab>
+ <tab>
+ <text>Europe</text>
+ <url>/pkg_edit.php?xml=pfblocker_Europe.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>North America</text>
+ <url>/pkg_edit.php?xml=pfblocker_NorthAmerica.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>Oceania</text>
+ <url>/pkg_edit.php?xml=pfblocker_Oceania.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>South America</text>
+ <url>/pkg_edit.php?xml=pfblocker_SouthAmerica.xml&amp;id=0</url>
+ </tab>
+ <tab>
+ <text>XMLRPC Sync</text>
+ <url>/pkg_edit.php?xml=pfblocker_sync.xml&amp;id=0</url>
+ </tab>
+</tabs>
+ <fields>
+ <field>
+ <name>Countries Shortcut</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Top Spammers</fielddescr>
+ <fieldname>countries</fieldname>
+ <description>
+ <![CDATA[Select top spammers countries you want to block.]]>
+ </description>
+ <type>select</type>
+ <options>
+ <option><name>Korea</name><value>KR</value></option>
+ <option><name>China</name><value>CN</value></option>
+ <option><name>India</name><value>IN</value></option>
+ <option><name>Russia</name><value>RU</value></option>
+ <option><name>Turkey</name><value>TR</value></option>
+ <option><name>Vietnam</name><value>VN</value></option>
+ <option><name>Ukraine</name><value>UA</value></option>
+ <option><name>Brazil</name><value>BR</value></option>
+ <option><name>Venezuela </name><value>VE</value></option>
+ <option><name>Pakistan</name><value>PK</value></option>
+ </options>
+ <size>10</size>
+ <multiple/>
+ </field>
+ </fields>
+ <custom_php_install_command>
+ pfblocker_php_install_command();
+ </custom_php_install_command>
+ <custom_php_deinstall_command>
+ pfblocker_php_deinstall_command();
+ </custom_php_deinstall_command>
+ <custom_php_validation_command>
+ pfblocker_validate_input($_POST, &amp;$input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+ sync_package_pfblocker();
+ </custom_php_resync_config_command>
+</packagegui>