diff options
| author | Marcello Coutinho <marcellocoutinho@gmail.com> | 2011-12-19 03:28:38 -0200 |
|---|---|---|
| committer | marcelloc <marcellocoutinho@gmail.com> | 2011-12-19 03:28:38 -0200 |
| commit | 682b36edb471b970e6f5b7251daf1a4bef1b4a5e (patch) | |
| tree | 316cb7e1d14f5e55573dc4fdcb74467a8b3a9e52 /config/pf-blocker | |
| parent | 9fa3b7fed179955897979c64e11af07208997f8a (diff) | |
| download | pfsense-packages-682b36edb471b970e6f5b7251daf1a4bef1b4a5e.tar.gz pfsense-packages-682b36edb471b970e6f5b7251daf1a4bef1b4a5e.tar.bz2 pfsense-packages-682b36edb471b970e6f5b7251daf1a4bef1b4a5e.zip | |
pfblocker - version 1.0.1 with minor fixes
Diffstat (limited to 'config/pf-blocker')
| -rwxr-xr-x | config/pf-blocker/pfblocker.inc | 23 | ||||
| -rw-r--r-- | config/pf-blocker/pfblocker.php | 17 | ||||
| -rwxr-xr-x | config/pf-blocker/pfblocker_lists.xml | 16 | ||||
| -rw-r--r-- | config/pf-blocker/pfblocker_topspammers.xml | 16 |
4 files changed, 54 insertions, 18 deletions
diff --git a/config/pf-blocker/pfblocker.inc b/config/pf-blocker/pfblocker.inc index fcaad65f..3472aea8 100755 --- a/config/pf-blocker/pfblocker.inc +++ b/config/pf-blocker/pfblocker.inc @@ -167,6 +167,15 @@ function sync_package_pfblocker() { "detail"=> "DO NOT EDIT THIS ALIAS"); #Create rule if action permits switch($continent_config['action']){ + case "Deny_Both": + $rule = $base_rule; + $rule["type"] = $deny_action_inbound; + $rule["descr"]= "$pfb_alias auto rule"; + $rule["source"]= array("address"=> $pfb_alias); + $rule["destination"]=array("any"=>""); + if ($pfblocker_config['enable_log']) + $rule["log"]=""; + $deny_inbound[]=$rule; case "Deny_Outbound": $rule = $base_rule; $rule["type"] = $deny_action_outbound; @@ -254,6 +263,11 @@ function sync_package_pfblocker() { ${$alias}.= $matches[1]."\n"; $new_file.= $matches[1]."\n"; } + # Single ip addresses + if (preg_match("/(\d+\.\d+\.\d+\.\d+)\s+/",$line,$matches)){ + ${$alias}.= $matches[1]."/32\n"; + $new_file.= $matches[1]."/32\n"; + } # Network range 192.168.0.0-192.168.0.254 if (preg_match("/(\d+\.\d+\.\d+\.\d+)-(\d+\.\d+\.\d+\.\d+)/",$line,$matches)){ $cidr= pfblocker_Range2CIDR($matches[1],$matches[2]); @@ -289,6 +303,15 @@ function sync_package_pfblocker() { "detail"=> "DO NOT EDIT THIS ALIAS"); #Create rule if action permits switch($list['action']){ + case "Deny_Both": + $rule = $base_rule; + $rule["type"] = $deny_action_inbound; + $rule["descr"]= "$alias auto rule"; + $rule["source"]= array("address"=> $alias); + $rule["destination"]=array("any"=>""); + if ($pfblocker_config['enable_log']) + $rule["log"]=""; + $deny_inbound[]=$rule; case "Deny_Outbound": $rule = $base_rule; $rule["type"] = $deny_action_outbound; diff --git a/config/pf-blocker/pfblocker.php b/config/pf-blocker/pfblocker.php index e6fcd75e..dc9b58dd 100644 --- a/config/pf-blocker/pfblocker.php +++ b/config/pf-blocker/pfblocker.php @@ -11,7 +11,8 @@ function get_networks($pfb){ if (preg_match("/(\w+)/",$_REQUEST['pfb'],$matches)) get_networks($matches[1]); #} - +if ($argv[1]=='uc') + pfblocker_get_countries(); if ($argv[1]=='cron'){ require_once("/etc/inc/util.inc"); require_once("/etc/inc/functions.inc"); @@ -215,17 +216,21 @@ $xml= <<<EOF <fieldname>action</fieldname> <description><![CDATA[Default:<strong>Disabled</strong><br> Select action for countries you have selected in {$cont}<br><br> - <strong>Note: </strong><br>'Deny Inbound' - Will deny access from selected countries to your network.<br> - 'Deny Outbound' - Will deny access from your users to countries you selected to block<br> + <strong>Note: </strong><br>'Deny Both' - Will deny access on Both directions.<br> + 'Deny Inbound' - Will deny access from selected countries to your network.<br> + 'Deny Outbound' - Will deny access from your users to countries you selected to block.<br> 'Permit Inbound' - Will allow access from selected countries to your network.<br> - 'Permit Outbound' - Will allow access from your users to countries you selected to block<br> - 'Alias Only' - Will create alias <strong>{$cont}</strong> with selected countries to help custom rule assignments.<br> - 'Disabled' - Will just keep selection and do nothing to selected countries.<br>]]></description> + 'Permit Outbound' - Will allow access from your users to countries you selected to block.<br> + 'Disabled' - Will just keep selection and do nothing to selected countries.<br> + 'Alias Only' - Will create alias <strong>pfBlocker{$cont}</strong> with selected countries to help custom rule assignments.<br><br> + <strong>While creating rules with this alias, keep aliasname in the beggining of rule description and do not end description with 'rule'.<br></strong> + Custom rules with 'Aliasname something rule' description will be removed by package.]]></description> <type>select</type> <options> <option><name>Disabled</name><value>Disabled</value></option> <option><name>Deny Inbound</name><value>Deny_Inbound</value></option> <option><name>Deny Outbound</name><value>Deny_Outbound</value></option> + <option><name>Deny Both</name><value>Deny_Both</value></option> <option><name>Permit Inbound</name><value>Permit_Inbound</value></option> <option><name>Permit Outbound</name><value>Permit_Outbound</value></option> <option><name>Alias only</name><value>Alias_only</value></option> diff --git a/config/pf-blocker/pfblocker_lists.xml b/config/pf-blocker/pfblocker_lists.xml index 90e2d07f..42f1c0ae 100755 --- a/config/pf-blocker/pfblocker_lists.xml +++ b/config/pf-blocker/pfblocker_lists.xml @@ -176,17 +176,21 @@ <fielddescr>List Action</fielddescr> <description><![CDATA[Default:<strong>Deny Inbound</strong><br> Select action for network on lists you have selected.<br><br> - <strong>Note: </strong><br>'Deny Inbound' - Will deny access from selected countries to your network.<br> - 'Deny Outbound' - Will deny access from your users to countries you selected to block<br> - 'Permit Inbound' - Will allow access from selected countries to your network.<br> - 'Permit Outbound' - Will allow access from your users to countries you selected to block<br> - 'Alias Only' - Will create an alias with selected countries to help custom rule assignments.<br> - 'Disabled' - Will just keep selection and do nothing to selected countries.<br>]]></description> + <strong>Note: </strong><br>'Deny Both' - Will deny access on Both directions.<br> + 'Deny Inbound' - Will deny access from selected lists to your network.<br> + 'Deny Outbound' - Will deny access from your users to ip lists you selected to block.<br> + 'Permit Inbound' - Will allow access from selected lists to your network.<br> + 'Permit Outbound' - Will allow access from your users to ip lists you selected to block.<br> + 'Disabled' - Will just keep selection and do nothing to selected Lists.<br> + 'Alias Only' - Will create an alias with selected Lists to help custom rule assignments.<br><br> + <strong>While creating rules with this list, keep aliasname in the beggining of rule description and do not end description with 'rule'.<br></strong> + custom rules with 'Aliasname something rule' description will be removed by package.]]></description> <fieldname>action</fieldname> <type>select</type> <options> <option><name>Deny Inbound</name><value>Deny_Inbound</value></option> <option><name>Deny Outbound</name><value>Deny_Outbound</value></option> + <option><name>Deny Both</name><value>Deny_Both</value></option> <option><name>Permit Inbound</name><value>Permit_Inbound</value></option> <option><name>Permit Outbound</name><value>Permit_Outbound</value></option> <option><name>Alias only</name><value>Alias_only</value></option> diff --git a/config/pf-blocker/pfblocker_topspammers.xml b/config/pf-blocker/pfblocker_topspammers.xml index f6bf8664..2536cf80 100644 --- a/config/pf-blocker/pfblocker_topspammers.xml +++ b/config/pf-blocker/pfblocker_topspammers.xml @@ -129,17 +129,21 @@ <fielddescr>Action</fielddescr> <fieldname>action</fieldname> <description><![CDATA[Default:<strong>Deny Inbound</strong><br> - Select action for countries you have selected.<br><br> - <strong>Note: </strong><br>'Deny Inbound' - Will deny access from selected countries to your network.<br> - 'Deny Outbound' - Will deny access from your users to countries you selected to block<br> + Select action for network on lists you have selected.<br><br> + <strong>Note: </strong><br>'Deny Both' - Will deny access on Both directions.<br> + 'Deny Inbound' - Will deny access from selected countries to your network.<br> + 'Deny Outbound' - Will deny access from your users to countries you selected to block.<br> 'Permit Inbound' - Will allow access from selected countries to your network.<br> - 'Permit Outbound' - Will allow access from your users to countries you selected to block<br> - 'Alias Only' - Will create alias <strong>pfBlockerTopSpammers</strong> with selected countries to help custom rule assignments. - 'Disabled' - Will just keep selection and do nothing to selected countries.<br>]]></description> + 'Permit Outbound' - Will allow access from your users to countries you selected to block.<br> + 'Disabled' - Will just keep selection and do nothing to selected countries.<br> + 'Alias Only' - Will create alias <strong>pfBlockerTopSpammers</strong> with selected countries to help custom rule assignments.<br><br> + <strong>While creating rules with this alias, keep aliasname in the beggining of rule description and do not end description with 'rule'.<br></strong> + Custom rules with 'Aliasname something rule' description will be removed by package.]]></description> <type>select</type> <options> <option><name>Deny Inbound</name><value>Deny_Inbound</value></option> <option><name>Deny Outbound</name><value>Deny_Outbound</value></option> + <option><name>Deny Both</name><value>Deny_Both</value></option> <option><name>Permit Inbound</name><value>Permit_Inbound</value></option> <option><name>Permit Outbound</name><value>Permit_Outbound</value></option> <option><name>Alias only</name><value>Alias_only</value></option> |