diff options
| author | BBcan177 <bbcan177@gmail.com> | 2015-05-23 16:28:12 -0400 |
|---|---|---|
| committer | BBcan177 <bbcan177@gmail.com> | 2015-05-23 16:28:12 -0400 |
| commit | e80da3c57d0501d7a5962fcacd6416d47385e86a (patch) | |
| tree | ff8ec3e33e96a2312712faeb18538f5d2d7a7571 /config/pfblockerng/pfblockerng.xml | |
| parent | 5be0199960c6d8fe85d1e4085e26316b504a91cd (diff) | |
| download | pfsense-packages-e80da3c57d0501d7a5962fcacd6416d47385e86a.tar.gz pfsense-packages-e80da3c57d0501d7a5962fcacd6416d47385e86a.tar.bz2 pfsense-packages-e80da3c57d0501d7a5962fcacd6416d47385e86a.zip | |
pfBlockerNG v1.09
Diffstat (limited to 'config/pfblockerng/pfblockerng.xml')
| -rw-r--r-- | config/pfblockerng/pfblockerng.xml | 193 |
1 files changed, 127 insertions, 66 deletions
diff --git a/config/pfblockerng/pfblockerng.xml b/config/pfblockerng/pfblockerng.xml index 67deab8d..c8e07b21 100644 --- a/config/pfblockerng/pfblockerng.xml +++ b/config/pfblockerng/pfblockerng.xml @@ -49,7 +49,7 @@ <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> <name>pfblockerng</name> - <version>1.08</version> + <version>1.09</version> <title>pfBlockerNG: General Settings</title> <include_file>/usr/local/pkg/pfblockerng/pfblockerng.inc</include_file> <menu> @@ -219,45 +219,83 @@ <field> <fielddescr>LINKS</fielddescr> <fieldname></fieldname> - <description><![CDATA[<a href="/firewall_aliases.php">Firewall Alias</a> <a href="/firewall_rules.php">Firewall Rules</a> <a href="diag_logs_filter.php">Firewall Logs</a>]]></description> + <description><![CDATA[<a href="/firewall_aliases.php">Firewall Alias</a> + <a href="/firewall_rules.php">Firewall Rules</a> <a href="diag_logs_filter.php">Firewall Logs</a>]]> + </description> <type>info</type> </field> <field> - <fielddescr><![CDATA[<strong>Enable pfBlockerNG</strong>]]></fielddescr> + <fielddescr>Enable pfBlockerNG</fielddescr> <fieldname>enable_cb</fieldname> <type>checkbox</type> - <description><![CDATA[Note - with "Keep settings" enabled, pfBlockerNG will maintain run state on Installation/Upgrade<br /> - If "Keep Settings" is not "enabled" on pkg Install/De-Install, all Settings will be Wiped!]]></description> + <description><![CDATA[<div style="padding-right: 56px;">Enable/Disable</div>]]></description> + <usecolspan2/> + <combinefields>begin</combinefields> </field> <field> - <fielddescr><![CDATA[<strong>Keep Settings</strong>/Lists After Disable/Re-Install/De-Install]]></fielddescr> <fieldname>pfb_keep</fieldname> <type>checkbox</type> - <description>Keep Settings and Lists intact when pfBlockerNG is Disabled or After pfBlockerNG Re-Install/De-Install</description> + <description><![CDATA[Keep Settings: <br /><font color='red'>Note:</font> - with 'Keep settings' enabled, pfBlockerNG will maintain run state + on Installation/Upgrade<br />If 'Keep Settings' is not 'enabled' on pkg Install/De-Install, all Settings will be Wiped!<br /><br /> + <font color='red'>Note: </font>To clear all downloaded lists, uncheck these two checkboxes and 'Save'. + re-check both boxes and run a 'Force Update']]> + </description> <default_value>on</default_value> + <dontdisplayname/> + <usecolspan2/> + <combinefields>end</combinefields> + </field> + <field> + <fielddescr>CRON Settings</fielddescr> + <combinefields>begin</combinefields> + </field> + <field> + <fielddescr>Hour Interval</fielddescr> + <fieldname>pfb_interval</fieldname> + <description><![CDATA[Default: <strong>Every hour</strong><br /> + Select the cron Hour Interval. The interval selected will be used with the Start min/hour below.<br /> + <strong>Ensure that all List 'Update Settings' are within the selected Interval/Start Hour Settings.</strong>]]> + </description> + <type>select</type> + <options> + <option><name>Every hour</name><value>1</value></option> + <option><name>Every 2 hours</name><value>2</value></option> + <option><name>Every 3 hours</name><value>3</value></option> + <option><name>Every 4 hours</name><value>4</value></option> + <option><name>Every 6 hours</name><value>6</value></option> + <option><name>Every 8 hours</name><value>8</value></option> + <option><name>Every 12 hours</name><value>12</value></option> + <option><name>Once a day</name><value>24</value></option> + </options> + <default_value>1</default_value> + <combinefields/> </field> <field> - <fielddescr>CRON MIN Start Time</fielddescr> + <fielddescr>Start Min</fielddescr> <fieldname>pfb_min</fieldname> - <description><![CDATA[Default: <strong> : 00</strong><br /> - Select Cron Update Minute ]]></description> + <description><![CDATA[Default: <strong>:00</strong><br /> + Select Cron Update Minute]]> + </description> <type>select</type> <options> - <option><name> : 00</name><value>0</value></option> - <option><name> : 15</name><value>15</value></option> - <option><name> : 30</name><value>30</value></option> - <option><name> : 45</name><value>45</value></option> + <option><name>: 00</name><value>0</value></option> + <option><name>: 15</name><value>15</value></option> + <option><name>: 30</name><value>30</value></option> + <option><name>: 45</name><value>45</value></option> </options> + <default_value>0</default_value> + <combinefields/> </field> <field> - <fielddescr>CRON Base Hour Start Time</fielddescr> + <fielddescr>Start Hour</fielddescr> <fieldname>pfb_hour</fieldname> - <description><![CDATA[Default: <strong> 1 </strong><br /> - Select Cron Base Start Hour ]]></description> + <description><![CDATA[Default: <strong>0</strong><br /> + Select the Start Hour]]> + </description> <type>select</type> <options> - <option><name>1</name><value>0</value></option> - <option><name>0</name><value>1</value></option> + <option><name>0</name><value>0</value></option> + <option><name>1</name><value>1</value></option> <option><name>2</name><value>2</value></option> <option><name>3</name><value>3</value></option> <option><name>4</name><value>4</value></option> @@ -281,17 +319,17 @@ <option><name>22</name><value>22</value></option> <option><name>23</name><value>23</value></option> </options> + <default_value>0</default_value> + <combinefields/> </field> <field> - <fielddescr>'Daily/Weekly' Start Hour</fielddescr> + <fielddescr><![CDATA['Daily/Weekly'<br />Start Hour]]></fielddescr> <fieldname>pfb_dailystart</fieldname> - <description><![CDATA[Default: <strong> 1 </strong><br /> - Select 'Daily' Schedule Start Hour <br /> - This is used for the 'Daily/Weekly' Scheduler Only.]]></description> + <description><![CDATA[Default: <strong>0</strong><br />This is used for the 'Daily/Weekly' Scheduler Only.]]></description> <type>select</type> <options> - <option><name>1</name><value>0</value></option> - <option><name>0</name><value>1</value></option> + <option><name>0</name><value>0</value></option> + <option><name>1</name><value>1</value></option> <option><name>2</name><value>2</value></option> <option><name>3</name><value>3</value></option> <option><name>4</name><value>4</value></option> @@ -315,6 +353,8 @@ <option><name>22</name><value>22</value></option> <option><name>23</name><value>23</value></option> </options> + <default_value>0</default_value> + <combinefields>end</combinefields> </field> <field> <fielddescr>Enable De-Duplication</fielddescr> @@ -327,17 +367,20 @@ <fieldname>suppression</fieldname> <type>checkbox</type> <description><![CDATA[This will prevent Selected IPs from being Blocked. Only for IPv4 Lists (/32 and /24).<br /> - Country Blocking Lists cannot be Suppressed.<br /> - This will also remove any RFC1918 addresses from all Lists.<br /><br /> + Country Blocking Lists cannot be Suppressed.<br />This will also remove any RFC1918 addresses from all Lists.<br /><br /> Alerts can be Suppressed using the '+' icon in the Alerts Tab and IPs added to the 'pfBlockerNGSuppress' Alias<br /> - A Blocked IP in a CIDR other than /24 will need to be Suppressed by an 'Permit Outbound' Firewall Rule]]> + A Blocked IP in a CIDR other than /32 or /24 will need a 'Whitelist Alias' w/ List Action: 'Permit Outbound' Firewall Rule + <br />Do not use the pfBlockerNGSuppress Alias in a Firewall Rule. + This alias is used during the cron download process only.]]> </description> </field> <field> <fielddescr>Global Enable Logging</fielddescr> <fieldname>enable_log</fieldname> <type>checkbox</type> - <description>Enable Global Logging to Status: System Logs: FIREWALL ( Log ). This overrides any Log Settings in the Alias Tabs.</description> + <description><![CDATA[Firewall Rule logging - Enable Global Logging to [ Status: System Logs: FIREWALL Log ]<br /> + This overrides any Log Settings in the Alias Tabs.]]> + </description> </field> <field> <fielddescr>Disable MaxMind Country Database CRON Updates</fielddescr> @@ -350,8 +393,9 @@ <field> <fielddescr>Logfile Size</fielddescr> <fieldname>log_maxlines</fieldname> - <description><![CDATA[Default:<strong>20000</strong><br /> - Select number of Lines to Keep in Log File]]></description> + <description><![CDATA[Default: <strong>20000</strong><br /> + Select number of Lines to keep in the pfblockerng.log and dnsbl.log files]]> + </description> <type>select</type> <options> <option><name>20000</name><value>20000</value></option> @@ -361,72 +405,89 @@ <option><name>100000</name><value>100000</value></option> <option><name>No Limit</name><value>nolimit</value></option> </options> + <default_value>20000</default_value> </field> <field> - <name><![CDATA[Interface/Rules Configuration]]> </name> + <name><![CDATA[Interface/Rules Configuration]]></name> <type>listtopic</type> </field> <field> - <fielddescr>Inbound Interface(s)</fielddescr> + <fielddescr>Inbound Firewall Rules</fielddescr> + <combinefields>begin</combinefields> + </field> + <field> <fieldname>inbound_interface</fieldname> + <fielddescr>Interface(s)</fielddescr> <description>Select the Inbound interface(s) you want to Apply Auto Rules to</description> <type>interfaces_selection</type> <hideinterfaceregex>loopback</hideinterfaceregex> <required/> <multiple/> + <combinefields/> </field> <field> - <fielddescr> - Rule Action</fielddescr> + <fielddescr>Rule Action</fielddescr> <fieldname>inbound_deny_action</fieldname> - <description><![CDATA[Default:<strong>Block</strong><br /> - Select 'Rule Action' for Inbound Rules]]></description> + <description><![CDATA[Default: <strong>Block</strong><br />Select 'Rule Action' for Inbound Rules]]></description> <type>select</type> <options> <option><name>Block</name><value>block</value></option> <option><name>Reject</name><value>reject</value></option> </options> + <default_value>block</default_value> + <required/> + <combinefields>end</combinefields> </field> <field> - <fielddescr>Outbound Interface(s)</fielddescr> + <fielddescr>Outbound Firewall Rules</fielddescr> + <combinefields>begin</combinefields> + </field> + <field> + <fielddescr>Interface(s)</fielddescr> <fieldname>outbound_interface</fieldname> <description>Select the Outbound interface(s) you want to Apply Auto Rules to</description> <type>interfaces_selection</type> <hideinterfaceregex>loopback</hideinterfaceregex> <required/> <multiple/> + <combinefields/> </field> <field> - <fielddescr> - Rule Action</fielddescr> + <fielddescr>Rule Action</fielddescr> <fieldname>outbound_deny_action</fieldname> - <description><![CDATA[Default:<strong>Reject</strong><br /> - Select 'Rule Action' for Outbound rules]]></description> + <description><![CDATA[Default: <strong>Reject</strong><br />Select 'Rule Action' for Outbound rules]]></description> <type>select</type> <options> <option><name>Reject</name><value>reject</value></option> <option><name>Block</name><value>block</value></option> </options> + <default_value>reject</default_value> + <required/> + <combinefields>end</combinefields> </field> <field> - <fielddescr><![CDATA[<strong>OpenVPN Interface</strong>]]></fielddescr> + <fielddescr>OpenVPN Interface</fielddescr> <fieldname>openvpn_action</fieldname> <type>checkbox</type> <description>Select to add Auto-Rules for OpenVPN. These will be added to 'Floating Rules' or OpenVPN Rules Tab.</description> </field> <field> - <fielddescr><![CDATA[<strong>Floating Rules</strong>]]></fielddescr> + <fielddescr>Floating Rules</fielddescr> <fieldname>enable_float</fieldname> <type>checkbox</type> - <description><![CDATA[<strong>Enabled: </strong> Auto-Rules will be generated in the 'Floating Rules' Tab<br /><br /> + <description><![CDATA[<strong>Enabled:</strong> Auto-Rules will be generated in the 'Floating Rules' Tab<br /><br /> <strong>Disabled:</strong> Auto-Rules will be generated in the Selected Inbound/Outbound Interfaces<br /><br /> - <strong>Rules will be ordered by the selection below.</strong>]]></description> + <strong>Rules will be ordered by the selection below.</strong>]]> + </description> </field> <field> - <fielddescr><![CDATA[<strong>Rule Order</strong>]]></fielddescr> + <fielddescr>Rule Order</fielddescr> <fieldname>pass_order</fieldname> - <description><![CDATA[<br />Default Order: <strong> | pfB_Block/Reject | All other Rules | (original format)<br /></strong><br /> + <description><![CDATA[<br />Default Order:<strong> | pfB_Block/Reject | All other Rules | (original format)<br /></strong><br /> Select The '<strong>Order</strong>' of the Rules<br /> Selecting 'original format', sets pfBlockerNG rules at the top of the Firewall TAB.<br /> - Selecting any other 'Order' will re-order <strong>all the Rules to the format indicated!</strong>]]></description> + Selecting any other 'Order' will re-order <strong>all the Rules to the format indicated!</strong>]]> + </description> <type>select</type> <options> <option><name>| pfB_Block/Reject | All other Rules | (original format)</name><value>order_0</value></option> @@ -434,48 +495,48 @@ <option><name>| pfB_Pass/Match | pfSense Pass/Match | pfB_Block/Reject |</name><value>order_2</value></option> <option><name>| pfB_Pass/Match | pfB_Block/Reject | pfSense Pass/Match |</name><value>order_3</value></option> </options> + <default_value>order_0</default_value> </field> <field> - <fielddescr><![CDATA[<strong>Auto Rule Suffix</strong>]]></fielddescr> + <fielddescr>Auto Rule Suffix</fielddescr> <fieldname>autorule_suffix</fieldname> - <description><![CDATA[Default:<strong>auto rule</strong><br /> - Select 'Auto Rule' Description Suffix for Auto Defined rules. pfBlockerNG Must be Disabled to Modify Suffix]]></description> + <description><![CDATA[Default: <strong>auto rule</strong><br /> + Select 'Auto Rule' Description Suffix for Auto Defined rules. pfBlockerNG Must be Disabled to Modify Suffix]]> + </description> <type>select</type> <options> <option><name>auto rule</name><value>autorule</value></option> <option><name>Null (no suffix)</name><value>standard</value></option> <option><name>AR</name><value>ar</value></option> </options> + <default_value>autorule</default_value> </field> <field> - <name><![CDATA[Acknowledgements]]> </name> + <name><![CDATA[Acknowledgements]]></name> <type>listtopic</type> </field> <field> <fielddescr>Credits</fielddescr> <fieldname>credits</fieldname> <type>info</type> - <description><![CDATA[<strong> - pfBlockerNG</strong> Created in 2015 by <a target=_new href='https://forum.pfsense.org/index.php?action=profile;u=238481'>BBcan177.</a> - <br /><br />Based upon pfBlocker by Marcello Coutinho and Tom Schaefer.<br /> + <description><![CDATA[<strong>pfBlockerNG </strong> + Created in 2015 by <a target=_new href='https://forum.pfsense.org/index.php?action=profile;u=238481'>BBcan177.</a><br /><br /> + Based upon pfBlocker by Marcello Coutinho and Tom Schaefer.<br /> Country Database GeoLite distributed under the Creative Commons Attribution-ShareAlike 3.0 Unported License by: MaxMind Inc. @ <a target=_new href='http://www.maxmind.com'>MaxMind.com</a>. - The Database is Automatically Updated the First Tuesday of Each Month]]></description> - </field> - <field> - <fielddescr>pfBlocker Validation Check</fielddescr> - <fieldname>pfblocker_cb</fieldname> - <type>checkbox</type> - <description>Disable pfBlockerNG if the pfBlocker package is Enabled. Click to Disable this validation check.</description> + The Database is Automatically Updated the First Tuesday of Each Month]]> + </description> </field> <field> - <fielddescr>Gold Membership</fielddescr> + <fielddescr>Support</fielddescr> <type>info</type> - <description><![CDATA[If you like this package, please Support pfSense by subscribing to a <a target=_new href='https://portal.pfsense.org/gold-subscription.php'>Gold Membership</a><br /> or support the developer @ BBCan177@gmail.com]]></description> + <description><![CDATA[This package has been developed by BBcan177.<br /> + If you like this package, please support the developer @ BBCan177@gmail.com.]]> + </description> </field> <field> - <name><![CDATA[<ul>Click to SAVE Settings and/or Rule Edits. Changes are Applied via CRON or - 'Force Update'</ul>]]></name> + <name><![CDATA[<center>Click to SAVE Settings and/or Rule Edits. Changes are Applied via CRON or + 'Force Update'</center>]]></name> <type>listtopic</type> </field> </fields> @@ -493,4 +554,4 @@ $pfb['save'] = TRUE; sync_package_pfblockerng(); </custom_php_resync_config_command> -</packagegui> +</packagegui>
\ No newline at end of file |