aboutsummaryrefslogtreecommitdiffstats
path: root/config/pfblockerng/pfblockerng.inc
diff options
context:
space:
mode:
authorRenato Botelho <renato@netgate.com>2015-12-21 10:28:45 -0200
committerRenato Botelho <renato@netgate.com>2015-12-21 10:28:45 -0200
commit3bd905893f4eeb15485783e49a8ea2af14b31f4e (patch)
treeb7e105af89a0c05a187bd6ba3a860902a2469ee3 /config/pfblockerng/pfblockerng.inc
parent26c1744f34d378b9408023a894825fce9d8c4dc5 (diff)
parent47649151b8856ede50c22f4d1f7f26e8866c5e69 (diff)
downloadpfsense-packages-RELENG_2_2_6.tar.gz
pfsense-packages-RELENG_2_2_6.tar.bz2
pfsense-packages-RELENG_2_2_6.zip
Merge pull request #1223 from BBcan177/pfBNG-12-19-15-1RELENG_2_2_6
Diffstat (limited to 'config/pfblockerng/pfblockerng.inc')
-rw-r--r--config/pfblockerng/pfblockerng.inc28
1 files changed, 20 insertions, 8 deletions
diff --git a/config/pfblockerng/pfblockerng.inc b/config/pfblockerng/pfblockerng.inc
index 7bfc6f0e..4ec46d85 100644
--- a/config/pfblockerng/pfblockerng.inc
+++ b/config/pfblockerng/pfblockerng.inc
@@ -1075,7 +1075,7 @@ function find_reported_header($ip, $pfbfolder, $exclude=FALSE) {
// Query for any active pfBlockerNG CRON jobs
exec('/bin/ps -wax', $result_cron);
- if (preg_grep("/pfblockerng[.]php\s+?(cron|update)/", $result_cron)) {
+ if (preg_grep("/pfblockerng[.]php\s+?(cron|update|updatednsbl)/", $result_cron)) {
return array('updating..', 'CRON Task');
}
return array('', 'no match', FALSE);
@@ -1532,7 +1532,7 @@ function pfb_firewall_rule($action, $pfb_alias, $vtype='', $pfb_log, $adest='',
$rule['log'] = '';
}
$rule['created'] = array('time' => (int)microtime(true), 'username' => 'Auto');
- $rule['match_outbound'][] = $rule;
+ $pfb['match_outbound'][] = $rule;
if ($action != 'Match_Both') {
break;
}
@@ -1784,6 +1784,7 @@ function sync_package_pfblockerng($cron='') {
// Reloads existing lists without downloading new lists when defined 'on'
$pfb['reuse'] = $pfb['config']['pfb_reuse'];
$pfb['reuse_dnsbl'] = '';
+ $pfb['updatednsbl'] = FALSE; // Set flag to allow DNSBL Reload, only when called via background cmd.
// Define update process (update or reload)
switch ($cron) {
@@ -1801,6 +1802,7 @@ function sync_package_pfblockerng($cron='') {
case 'updatednsbl':
$pfb['reuse'] = '';
$pfb['reuse_dnsbl'] = 'on';
+ $pfb['updatednsbl'] = TRUE;
break;
case 'updateip':
$pfb['reuse'] = 'on';
@@ -1860,7 +1862,6 @@ function sync_package_pfblockerng($cron='') {
$pfb['dnsbl_iface'] = $pfb['dnsblconfig']['dnsbl_interface']?: 'lan'; // VIP Local Interface setting
$pfb['dnsbl_ip'] = $pfb['dnsblconfig']['action'] ?: 'Disabled'; // Enable/Disable IP blocking from DNSBL lists
$pfb['dnsbl_rule'] = $pfb['dnsblconfig']['pfb_dnsbl_rule'] ?: 'Disabled'; // Auto create a Floating Pass Rule for other Lan subnets
- $pfb['dnsbl_alexa'] = $pfb['dnsblconfig']['alexa_enable'] ?: 'Disabled'; // Enable Alexa whitelist
$pfb['dnsbl_alexa_cnt'] = $pfb['dnsblconfig']['alexa_count'] ?: '1000'; // Alexa whitelist domain setting
$pfb['dnsbl_alexa_inc'] = $pfb['dnsblconfig']['alexa_inclusion'] ?: ''; // Alexa TLDs inclusions for whitelisting
@@ -2163,8 +2164,8 @@ function sync_package_pfblockerng($cron='') {
}
}
- $pfb['remove'] = FALSE; // Flag to execute pfctl and rules ordering or reload of DNSBL domains
- $pfb['summary'] = FALSE; // Execute final summary as a list was removed
+ $pfb['remove'] = FALSE; // Flag to execute pfctl and rules ordering or reload of DNSBL domains
+ $pfb['summary'] = FALSE; // Execute final summary as a list was removed
// Process to remove lists from Masterfile/DB folder if they do not exist
if (isset($pfb['existing'])) {
@@ -2214,7 +2215,7 @@ function sync_package_pfblockerng($cron='') {
// Query for any active pfBlockerNG CRON jobs
$result_cron = array();
exec('/bin/ps -wax', $result_cron);
- if (preg_grep("/pfblockerng[.]php\s+?(cron|update)/", $result_cron)) {
+ if (preg_grep("/pfblockerng[.]php\s+?(cron|update|updatednsbl)/", $result_cron)) {
$log = "\n ** DNSBL Reload Terminated due to active pfBlockerNG cron process\n";
pfb_logger("{$log}", 1);
} else {
@@ -2223,7 +2224,7 @@ function sync_package_pfblockerng($cron='') {
// Clear any existing pfBlockerNG Cron Jobs to avoid collision
install_cron_job('pfblockerng.php cron', false);
$cmd = "/usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php";
- mwexec_bg("${cmd} updatednsbl >> {$pfb['log']} 2>&1");
+ mwexec_bg("{$cmd} updatednsbl >> {$pfb['log']} 2>&1");
}
}
}
@@ -2304,6 +2305,17 @@ function sync_package_pfblockerng($cron='') {
pfb_logger("{$log}", 1);
$dnsbl_error = TRUE;
}
+
+ if (!$pfb['updatednsbl']) {
+ // Determine if a DNSBL Reload is running
+ $result_cron = array();
+ exec('/bin/ps -wax', $result_cron);
+ if (preg_grep("/pfblockerng[.]php\s+?(updatednsbl)/", $result_cron)) {
+ $log = "\n ** DNSBL Reload Terminated due to active pfBlockerNG cron process\n";
+ pfb_logger("{$log}", 1);
+ $dnsbl_error = TRUE;
+ }
+ }
}
if ($pfb['dnsbl'] == 'on' && !$pfb['save'] && !$dnsbl_error) {
@@ -4780,4 +4792,4 @@ function pfblockerng_do_xmlrpc_sync($sync_to_ip, $port, $protocol, $username, $p
}
return $success;
}
-?> \ No newline at end of file
+?>