aboutsummaryrefslogtreecommitdiffstats
path: root/config/pfblockerng
diff options
context:
space:
mode:
authorRenato Botelho <garga@FreeBSD.org>2015-02-13 16:20:59 -0200
committerRenato Botelho <garga@FreeBSD.org>2015-02-13 16:20:59 -0200
commit0feb19d9aa015ca9ca1065b12d116af755493ea6 (patch)
tree0d75946aa40c2e46e7c006eeb7d07fdca47da32f /config/pfblockerng
parentdcf3d32ea371e21b7c7f200df5532dcb8faa55bc (diff)
parentaf2c372454cae89f2311269f5858e66ebe6d3417 (diff)
downloadpfsense-packages-0feb19d9aa015ca9ca1065b12d116af755493ea6.tar.gz
pfsense-packages-0feb19d9aa015ca9ca1065b12d116af755493ea6.tar.bz2
pfsense-packages-0feb19d9aa015ca9ca1065b12d116af755493ea6.zip
Merge pull request #818 from BBcan177/pfBlockerNG_021015_1
Diffstat (limited to 'config/pfblockerng')
-rw-r--r--config/pfblockerng/pfblockerng.inc265
-rw-r--r--config/pfblockerng/pfblockerng.xml12
-rw-r--r--config/pfblockerng/pfblockerng_alerts.php46
3 files changed, 172 insertions, 151 deletions
diff --git a/config/pfblockerng/pfblockerng.inc b/config/pfblockerng/pfblockerng.inc
index 793bf7a4..a1ee6abc 100644
--- a/config/pfblockerng/pfblockerng.inc
+++ b/config/pfblockerng/pfblockerng.inc
@@ -48,9 +48,11 @@ require_once("services.inc");
# [ $pfb ] pfBlockerNG Global Array for Paths and Variables. This needs to be called to get the Updated Settings.
function pfb_global() {
-
global $g,$config,$pfb;
+ # Collect pfSense Version
+ $pfb['pfsenseversion'] = substr(trim(file_get_contents("/etc/version")),0,3);
+
# Folders
$pfb['dbdir'] = "{$g['vardb_path']}/pfblockerng";
$pfb['aliasdir'] = "{$g['vardb_path']}/aliastables";
@@ -77,9 +79,6 @@ function pfb_global() {
$pfb['supptxt'] = "{$pfb['dbdir']}/pfbsuppression.txt";
$pfb['script'] = 'sh /usr/local/pkg/pfblockerng/pfblockerng.sh';
- # Collect pfSense Version
- $pfb['pfsenseversion'] = substr(trim(file_get_contents("/etc/version")),0,3);
-
# General Variables
$pfb['config'] = $config['installedpackages']['pfblockerng']['config'][0];
@@ -461,9 +460,9 @@ function sync_package_pfblockerng($cron = "") {
}
- #############################################
- # Configure ARRAYS #
- #############################################
+ #################################
+ # Configure ARRAYS #
+ #################################
$continents = array ( "Africa" => "pfB_Africa",
"Antartica" => "pfB_Antartica",
@@ -522,9 +521,9 @@ function sync_package_pfblockerng($cron = "") {
);
- #############################################
- # Configure Rule Suffix #
- #############################################
+ #########################################
+ # Configure Rule Suffix #
+ #########################################
# Discover if any Rules are AutoRules (If no AutoRules found, $pfb['autorules'] is FALSE, Skip Rules Re-Order )
# To configure Auto Rule Suffix. pfBlockerNG must be disabled to change Suffix and to avoid Duplicate Rules
@@ -594,9 +593,9 @@ function sync_package_pfblockerng($cron = "") {
}
- #############################################
- # Configure INBOUND/OUTBOUND INTERFACES #
- #############################################
+ #########################################################
+ # Configure INBOUND/OUTBOUND INTERFACES #
+ #########################################################
# Collect pfSense Interface Order
$ifaces = get_configured_interface_list();
@@ -660,9 +659,9 @@ function sync_package_pfblockerng($cron = "") {
}
- #############################################
- # Clear Removed Lists from Masterfiles #
- #############################################
+ #################################################
+ # Clear Removed Lists from Masterfiles #
+ #################################################
# Process to keep Masterfiles in Sync with Valid Lists from config.conf file.
$pfb['sync_master'] = TRUE;
@@ -886,9 +885,9 @@ function sync_package_pfblockerng($cron = "") {
}
}
- ##############################################
- # Clear Match/Pass/ET/Original Files/Folders #
- ##############################################
+ #########################################################
+ # Clear Match/Pass/ET/Original Files/Folders #
+ #########################################################
# When pfBlockerNG is Disabled and 'Keep Blocklists' is Disabled.
if ($pfb['enable'] == "" && $pfb['keep'] == "" && !$pfb['install']) {
@@ -907,17 +906,17 @@ function sync_package_pfblockerng($cron = "") {
}
- #############################################
- # Create Suppression Txt File #
- #############################################
+ #########################################
+ # Create Suppression Txt File #
+ #########################################
if ($pfb['enable'] == "on" && $pfb['supp'] == "on")
pfb_create_suppression_file();
- #############################################
- # Assign Countries #
- #############################################
+ #################################
+ # Assign Countries #
+ #################################
foreach ($continents as $continent => $pfb_alias) {
if (is_array($config['installedpackages']['pfblockerng' . strtolower(preg_replace('/ /','',$continent))]['config'])) {
@@ -1143,9 +1142,9 @@ function sync_package_pfblockerng($cron = "") {
# UNSET variables
unset ($continent, $continent_existing, $continent_new);
- #############################################
- # Download and Collect IPv4/IPv6 lists #
- #############################################
+ #################################################
+ # Download and Collect IPv4/IPv6 lists #
+ #################################################
# IPv4 REGEX Definitions
$pfb['range'] = '/((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))-((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))/';
@@ -1156,21 +1155,25 @@ function sync_package_pfblockerng($cron = "") {
# IPv4 preg_replace Regex Filter array
$pfb_ipreg = array();
- $pfb_ipreg[0] = '/\b0+(?=\d)/'; # Remove any Leading Zeros in each Octet
- $pfb_ipreg[1] = '/\s/'; # Remove any Whitespaces
- $pfb_ipreg[2] = '/127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/'; # Remove any Loopback Addresses 127/8
- $pfb_ipreg[3] = '/0\.0\.0\.0/'; # Remove 0.0.0.0
+ $pfb_ipreg[0] = '/\b0+(?=\d)/'; # Remove any Leading Zeros in each Octet
+ $pfb_ipreg[1] = '/\s/'; # Remove any Whitespaces
+ $pfb_ipreg[2] = '/127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/'; # Remove any Loopback Addresses 127/8
+ $pfb_ipreg[3] = '/0\.0\.0\.0\/32/'; # Remove 0.0.0.0/32
+ $pfb_ipreg[4] = '/0\.0\.0\.0/'; # Remove 0.0.0.0
# IPv6 REGEX Definitions -- ** Still Needs some Adjustment on Regex Definition for IPv6 **
# https://mebsd.com/coding-snipits/php-regex-ipv6-with-preg_match.html
$pattern1 = '([A-Fa-f0-9]{1,4}:){7}[A-Fa-f0-9]{1,4}';
- $pattern2 = '([A-Fa-f0-9]{1,4}::([A-Fa-f0-9]{1,4}:){0,5}[A-Fa-f0-9]{1,4}';
+ $pattern2 = '[A-Fa-f0-9]{1,4}::([A-Fa-f0-9]{1,4}:){0,5}[A-Fa-f0-9]{1,4}';
$pattern3 = '([A-Fa-f0-9]{1,4}:){2}:([A-Fa-f0-9]{1,4}:){0,4}[A-Fa-f0-9]{1,4}';
$pattern4 = '([A-Fa-f0-9]{1,4}:){3}:([A-Fa-f0-9]{1,4}:){0,3}[A-Fa-f0-9]{1,4}';
$pattern5 = '([A-Fa-f0-9]{1,4}:){4}:([A-Fa-f0-9]{1,4}:){0,2}[A-Fa-f0-9]{1,4}';
$pattern6 = '([A-Fa-f0-9]{1,4}:){5}:([A-Fa-f0-9]{1,4}:){0,1}[A-Fa-f0-9]{1,4}';
$pattern7 = '([A-Fa-f0-9]{1,4}:){6}:[A-Fa-f0-9]{1,4}';
- $pfb['ipv6'] = "/^($pattern1)$|^($pattern2)$|^($pattern3)$|^($pattern4)$|^($pattern5)$|^($pattern6)$|^($pattern7)$/";
+ $pattern8 = '[A-Fa-f0-9]{1,4}:[A-Fa-f0-9]{1,4}:[A-Fa-f0-9]{1,4}::\/[0-9]{2}';
+ $pattern9 = '[A-Fa-f0-9]{1,4}:([A-Fa-f0-9]{1,4}::)\/[0-9]{2}';
+ $pattern10 = '[A-Fa-f0-9]{1,4}::\/[0-9]{2}';
+ $pfb['ipv6'] = "/^($pattern1)$|^($pattern2)$|^($pattern3)$|^($pattern4)$|^($pattern5)$|^($pattern6)$|^($pattern7)$|^($pattern8)$|^($pattern9)$|^($pattern10)$/";
$pfb['supp_update'] = FALSE;
$list_type = array ("pfblockernglistsv4" => "_v4", "pfblockernglistsv6" => "_v6");
@@ -1230,7 +1233,7 @@ function sync_package_pfblockerng($cron = "") {
$host = @parse_url($row['url']);
$list_url = "{$row['url']}";
if ($row['format'] != "rsync" || $row['format'] != "html") {
- if ($host['host'] == "127.0.0.1" || $host['host'] == $pfb['iplocal'] || empty($host['host'])) {
+ if ($host['host'] == "127.0.0.1" || $host['host'] == $pfb['iplocal'] || empty($host['host'])) {
$remote_tds = "local";
} else {
$remote_tds = @implode(preg_grep("/Last-Modified/", get_headers($list_url)));
@@ -1382,12 +1385,14 @@ function sync_package_pfblockerng($cron = "") {
if (!empty($url_list)) {
if ($row['format'] == "gz" && $vtype == "_v4") {
foreach ($url_list as $line) {
- # Network range 192.168.0.0-192.168.0.254
- if (preg_match($pfb['range'],$line,$matches)) {
- $a_cidr = ip_range_to_subnet_array_temp2($matches[1],$matches[2]);
- if (!empty($a_cidr)) {
- foreach ($a_cidr as $cidr) {
- $new_file .= preg_replace($pfb_ipreg,'',$cidr) . "\n";
+ if (!preg_match("/^#/", $line)) {
+ # Network range 192.168.0.0-192.168.0.254
+ if (preg_match($pfb['range'],$line,$matches)) {
+ $a_cidr = ip_range_to_subnet_array_temp2($matches[1],$matches[2]);
+ if (!empty($a_cidr)) {
+ foreach ($a_cidr as $cidr) {
+ $new_file .= preg_replace($pfb_ipreg,'',$cidr) . "\n";
+ }
}
}
}
@@ -1396,44 +1401,52 @@ function sync_package_pfblockerng($cron = "") {
elseif ($row['format'] == "block" && $vtype == "_v4") {
foreach ($url_list as $line) {
- # Block Type '218.77.79.0 218.77.79.255 24'
- if (preg_match($pfb['block'],$line,$matches)) {
- $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "/24\n";
+ if (!preg_match("/^#/", $line)) {
+ # Block Type '218.77.79.0 218.77.79.255 24'
+ if (preg_match($pfb['block'],$line,$matches)) {
+ $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "/24\n";
+ }
}
}
}
elseif ($row['format'] == "html" && $vtype == "_v4") {
foreach ($url_list as $line) {
- # CIDR format 192.168.0.0/16
- if (preg_match($pfb['cidr'],$line,$matches)) {
- $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
- }
- # Single ip addresses
- elseif (preg_match($pfb['s_html'],$line,$matches)) {
- $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
+ if (!preg_match("/^#/", $line)) {
+ # CIDR format 192.168.0.0/16
+ if (preg_match($pfb['cidr'],$line,$matches)) {
+ $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
+ }
+ # Single ip addresses
+ elseif (preg_match($pfb['s_html'],$line,$matches)) {
+ $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
+ }
}
}
}
elseif ($vtype == "_v6") {
foreach ($url_list as $line) {
- # IPv6 Regex Match
- if (preg_match($pfb['ipv6'],$line,$matches)) {
- $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
+ if (!preg_match("/^#/", $line)) {
+ # IPv6 Regex Match
+ if (preg_match($pfb['ipv6'],$line,$matches)) {
+ $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
+ }
}
}
}
else {
foreach ($url_list as $line) {
- # CIDR format 192.168.0.0/16
- if (preg_match($pfb['cidr'],$line,$matches)) {
- $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
- }
- # Single ip addresses
- elseif (preg_match($pfb['single'],$line,$matches)) {
- $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
+ if (!preg_match("/^#/", $line)) {
+ # CIDR format 192.168.0.0/16
+ if (preg_match($pfb['cidr'],$line,$matches)) {
+ $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
+ }
+ # Single ip addresses
+ elseif (preg_match($pfb['single'],$line,$matches)) {
+ $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
+ }
}
}
}
@@ -1510,7 +1523,7 @@ function sync_package_pfblockerng($cron = "") {
$ip2 = preg_replace("/(\d{1,3})\.(\d{1,3}).(\d{1,3}).(\d{1,3})/", "\"^$1\.$2\.$3\.\"", $ip);
# Only Perform these Checks if they are not "localfiles"
- if ($host['host'] == "127.0.0.1" || $host['host'] == $pfb['iplocal'] || empty($host['host'])) {
+ if ($host['host'] == "127.0.0.1" || $host['host'] == $pfb['iplocal'] || empty($host['host'])) {
$log = " [ {$alias} {$header_url} ] Local File Failure \n";
pfb_logger("{$log}","2");
} else {
@@ -1646,9 +1659,9 @@ function sync_package_pfblockerng($cron = "") {
}
- #############################################
- # REPUTATION PROCESSES #
- #############################################
+ #################################
+ # REPUTATION PROCESSES #
+ #################################
# IP Reputation processes (pdup and ddup)
if ($pfb['pdup'] == "on" && $pfb['dupcheck'] && !$pfb['save'] && $pfb['enable'] == "on") {
@@ -1660,9 +1673,9 @@ function sync_package_pfblockerng($cron = "") {
exec ("{$pfb['script']} dedup x {$pfb['dmax']} {$pfb['dedup']} {$pfb['ccexclude']} {$pfb['ccwhite']} {$pfb['ccblack']} >> {$pfb['log']} 2>&1");
}
- #############################################
- # CONFIGURE ALIASES #
- #############################################
+ #################################
+ # CONFIGURE ALIASES #
+ #################################
$list_type = array ("pfblockernglistsv4" => "_v4", "pfblockernglistsv6" => "_v6");
foreach ($list_type as $ip_type => $vtype) {
@@ -1871,9 +1884,9 @@ function sync_package_pfblockerng($cron = "") {
${$alias} = "";
- #############################################
- # UPDATE PfSENSE ALIAS TABLES #
- #############################################
+ #########################################
+ # UPDATE pfSense ALIAS TABLES #
+ #########################################
#update pfsense alias table
if (is_array($config['aliases']['alias'])) {
@@ -1910,9 +1923,9 @@ function sync_package_pfblockerng($cron = "") {
unset($new_aliases, $cbalias);
- #############################################
- # Assign rules #
- #############################################
+ #########################
+ # Assign Rules #
+ #########################
# Only Execute if AutoRules are defined or if an Alias has been removed.
if ($pfb['autorules'] || $pfb['enable'] == "" || $pfb['remove']) {
@@ -2178,50 +2191,9 @@ function sync_package_pfblockerng($cron = "") {
unset ($other_rules,$fother_rules,$permit_rules,$fpermit_rules,$match_rules,$fmatch_rules);
}
- #############################################
- # Define/Apply CRON Jobs #
- #############################################
-
- # Clear any existing pfBlockerNG Cron Jobs
- install_cron_job("pfblockerng.php cron", false);
-
- # Replace Cron job with any User Changes to $pfb_min
- if ($pfb['enable'] == "on") {
- # Define pfBlockerNG CRON Job
- $pfb_cmd = "/usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php cron >> {$pfb['log']} 2>&1";
- # $pfb['min'] ( User Defined Variable. Variable defined at start of Script )
- $pfb_hour = "*";
- $pfb_mday = "*";
- $pfb_month = "*";
- $pfb_wday = "*";
- $pfb_who = "root";
-
- install_cron_job($pfb_cmd, true, $pfb['min'], $pfb_hour, $pfb_mday, $pfb_month, $pfb_wday, $pfb_who);
- }
-
- # Clear any existing pfBlockerNG MaxMind CRON Job
- install_cron_job("pfblockerng.php dc", false);
-
- if ($pfb['enable'] == "on") {
- # Define pfBlockerNG MaxMind CRON Job
- $pfb_gcmd = "/usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php dc >> {$pfb['geolog']} 2>&1";
-
- # MaxMind GeoIP Cron Hour is randomized between 0-23 Hour to minimize effect on MaxMind Website
-
- $pfb_gmin = "0";
- $pfb_ghour = rand(0,23);
- $pfb_gmday = "1,2,3,4,5,6,7";
- $pfb_gmonth = "*";
- $pfb_gwday = "2";
- $pfb_gwho = "root";
-
- install_cron_job($pfb_gcmd, true, $pfb_gmin, $pfb_ghour, $pfb_gmday, $pfb_gmonth, $pfb_gwday, $pfb_gwho);
- }
-
-
- #############################################
- # Closing Processes #
- #############################################
+ #################################
+ # Closing Processes #
+ #################################
#uncheck Reusing Existing Downloads Check box
if (!$pfb['save'] && $pfb['enable'] == "on")
@@ -2234,11 +2206,13 @@ function sync_package_pfblockerng($cron = "") {
if ($pfb['autorules'] && $rules != $new_rules || $pfb['enable'] == "" || $pfb['remove']) {
require_once("filter.inc");
- $log = "\n===[ Aliastables / Rules ]================================\n\n";
- pfb_logger("{$log}","1");
+ if (!$pfb['save']) {
+ $log = "\n===[ Aliastables / Rules ]================================\n\n";
+ pfb_logger("{$log}","1");
- $log = "Firewall Rule Changes Found, Applying Filter Reload \n";
- pfb_logger("{$log}","1");
+ $log = "Firewall Rule Changes Found, Applying Filter Reload \n";
+ pfb_logger("{$log}","1");
+ }
# Remove all pfBlockerNG Alias tables
if (!empty($aliases_list)) {
@@ -2291,9 +2265,9 @@ function sync_package_pfblockerng($cron = "") {
#sync config
pfblockerng_sync_on_changes();
- #############################################
- # FINAL REPORTING #
- #############################################
+ #################################
+ # FINAL REPORTING #
+ #################################
# Only run with CRON or Force Invoked Process
if ((!$pfb['save'] && $pfb['dupcheck'] && $pfb['enable'] == "on") || $pfb['summary']) {
@@ -2305,6 +2279,47 @@ function sync_package_pfblockerng($cron = "") {
$log = "\n\n UPDATE PROCESS ENDED [ NOW ]\n";
pfb_logger("{$log}","1");
}
+
+
+ #########################################
+ # Define/Apply CRON Jobs #
+ #########################################
+
+ # Clear any existing pfBlockerNG Cron Jobs
+ install_cron_job("pfblockerng.php cron", false);
+
+ # Replace Cron job with any User Changes to $pfb_min
+ if ($pfb['enable'] == "on") {
+ # Define pfBlockerNG CRON Job
+ $pfb_cmd = "/usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php cron >> {$pfb['log']} 2>&1";
+ # $pfb['min'] ( User Defined Variable. Variable defined at start of Script )
+ $pfb_hour = "*";
+ $pfb_mday = "*";
+ $pfb_month = "*";
+ $pfb_wday = "*";
+ $pfb_who = "root";
+
+ install_cron_job($pfb_cmd, true, $pfb['min'], $pfb_hour, $pfb_mday, $pfb_month, $pfb_wday, $pfb_who);
+ }
+
+ # Clear any existing pfBlockerNG MaxMind CRON Job
+ install_cron_job("pfblockerng.php dc", false);
+
+ if ($pfb['enable'] == "on") {
+ # Define pfBlockerNG MaxMind CRON Job
+ $pfb_gcmd = "/usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php dc >> {$pfb['geolog']} 2>&1";
+
+ # MaxMind GeoIP Cron Hour is randomized between 0-23 Hour to minimize effect on MaxMind Website
+
+ $pfb_gmin = "0";
+ $pfb_ghour = rand(0,23);
+ $pfb_gmday = "1,2,3,4,5,6,7";
+ $pfb_gmonth = "*";
+ $pfb_gwday = "2";
+ $pfb_gwho = "root";
+
+ install_cron_job($pfb_gcmd, true, $pfb_gmin, $pfb_ghour, $pfb_gmday, $pfb_gmonth, $pfb_gwday, $pfb_gwho);
+ }
}
diff --git a/config/pfblockerng/pfblockerng.xml b/config/pfblockerng/pfblockerng.xml
index 7c548921..54c6c061 100644
--- a/config/pfblockerng/pfblockerng.xml
+++ b/config/pfblockerng/pfblockerng.xml
@@ -230,6 +230,12 @@
If "Keep Settings" is not "enabled" on pkg Install/De-Install, all Settings will be Wiped!]]></description>
</field>
<field>
+ <fielddescr><![CDATA[<strong>Keep Settings</strong>/Lists After Disable/Re-Install/De-Install]]></fielddescr>
+ <fieldname>pfb_keep</fieldname>
+ <type>checkbox</type>
+ <description>Keep Settings and Lists intact when pfBlockerNG is Disabled or After pfBlockerNG Re-Install/De-Install</description>
+ </field>
+ <field>
<fielddescr>CRON MIN Start Time</fielddescr>
<fieldname>pfb_min</fieldname>
<description><![CDATA[Default: <strong> : 00</strong><br />
@@ -327,12 +333,6 @@
</description>
</field>
<field>
- <fielddescr><![CDATA[<strong>Keep Settings</strong>/Lists After Disable/Re-Install/De-Install]]></fielddescr>
- <fieldname>pfb_keep</fieldname>
- <type>checkbox</type>
- <description>Keep Settings and Lists intact when pfBlockerNG is Disabled or After pfBlockerNG Re-Install/De-Install</description>
- </field>
- <field>
<fielddescr>Global Enable Logging</fielddescr>
<fieldname>enable_log</fieldname>
<type>checkbox</type>
diff --git a/config/pfblockerng/pfblockerng_alerts.php b/config/pfblockerng/pfblockerng_alerts.php
index 7b84bca8..f03f7040 100644
--- a/config/pfblockerng/pfblockerng_alerts.php
+++ b/config/pfblockerng/pfblockerng_alerts.php
@@ -39,9 +39,19 @@
POSSIBILITY OF SUCH DAMAGE.
*/
+// Auto-Resolve Hostnames
+if (isset($_REQUEST['getpfhostname'])) {
+ $getpfhostname = htmlspecialchars($_REQUEST['getpfhostname']);
+ $hostname = htmlspecialchars(gethostbyaddr($getpfhostname), ENT_QUOTES);
+ if ($hostname == $getpfhostname) {
+ $hostname = 'unknown';
+ }
+ echo $hostname;
+ die;
+}
+
require_once("util.inc");
require_once("guiconfig.inc");
-require_once("globals.inc");
require_once("filter_log.inc");
require_once("/usr/local/pkg/pfblockerng/pfblockerng.inc");
@@ -267,18 +277,6 @@ if (isset($_POST['addsuppress'])) {
}
}
-// Auto-Resolve Hostnames
-if (isset($_REQUEST['getpfhostname'])) {
- $getpfhostname = htmlspecialchars($_REQUEST['getpfhostname']);
- $hostname = htmlspecialchars(gethostbyaddr($getpfhostname), ENT_QUOTES);
- if ($hostname == $getpfhostname) {
- $hostname = 'unknown';
- }
- echo $hostname;
- die;
-}
-
-
// Host Resolve Function lookup
function getpfbhostname($type = 'src', $hostip, $countme = 0) {
$hostnames['src'] = '';
@@ -448,9 +446,9 @@ if ($pfb['runonce']) {
// pfSense versions below 2.2 have the Logfiles in two lines.
if ($pfb['pfsenseversion'] >= '2.2') {
- $pfblines = exec("/usr/bin/grep -c ^ {$filter_logfile}");
+ $pfblines = exec("/usr/local/sbin/clog {$filter_logfile} | /usr/bin/grep -c ^");
} else {
- $pfblines = (exec("/usr/bin/grep -c ^ {$filter_logfile}") /2 );
+ $pfblines = (exec("/usr/local/sbin/clog {$filter_logfile} | /usr/bin/grep -c ^") /2 );
}
$fields_array = conv_log_filter($filter_logfile, $pfblines, $pfblines);
@@ -683,6 +681,14 @@ if (!empty($fields_array)) {
}
}
+ $pfb_matchtitle = "Country Block Rules cannot be suppressed.\n\nTo allow a particular Country IP, either remove the particular Country or add the Host\nto a Permit Alias in the Firewall Tab.\n\nIf the IP is not listed beside the List, this means that the Block is a /32 entry.\nOnly /32 or /24 CIDR Hosts can be suppressed.\n\nIf (Duplication) Checking is not enabled. You may see /24 and /32 CIDR Blocks for a given blocked Host";
+
+ // Truncate Long List Names
+ if (strlen($pfb_match[1]) >= 17) {
+ $pfb_matchtitle = $pfb_match[1];
+ $pfb_match[1] = substr($pfb_match[1], 0, 16) . '...';
+ }
+
// Print Alternating Line Shading
if ($pfb['pfsenseversion'] > '2.0') {
$alertRowEvenClass = "listMReven";
@@ -706,7 +712,7 @@ if (!empty($fields_array)) {
<td nowrap='nowrap' class='listMRr' align='center' style='sorttable_customkey:{$fields['srcip']};' sorttable_customkey='{$fields['srcip']}'>{$src_icons}{$fields['srcip']}{$srcport}<br /><small>{$hostname['src']}</small></td>
<td nowrap='nowrap' class='listMRr' align='center' style='sorttable_customkey:{$fields['dstip']};' sorttable_customkey='{$fields['dstip']}'>{$dst_icons}{$fields['dstip']}{$dstport}<br /><small>{$hostname['dst']}</small></td>
<td class='listMRr' align='center'>{$countrycode}</td>
- <td class='listbg' align='center' title='Country Block Rules cannot be suppressed.\n\nTo allow a particular Country IP, either remove the particular Country or add the Host\nto a Permit Alias in the Firewall Tab.\n\nIf the IP is not listed beside the List, this means that the Block is a /32 entry.\nOnly /32 or /24 CIDR Hosts can be suppressed.\n\nIf (Duplication) Checking is not enabled. You may see /24 and /32 CIDR Blocks for a given blocked Host' style=\"font-size: 10px word-wrap:break-word;\">{$pfb_match[1]}<br />{$pfb_match[2]}</td></tr>";
+ <td class='listbg' align='center' title='{$pfb_matchtitle}' style=\"font-size: 10px word-wrap:break-word;\">{$pfb_match[1]}<br />{$pfb_match[2]}</td></tr>";
$counter++;
if ($counter > 0 && $rtype == "block") {
$mycounter = $counter;
@@ -756,10 +762,10 @@ function findhostnames(counter) {
)
}
- var lines = <?php echo $mycounter; ?>;
- for (i = 0; i < lines; i++) {
- findhostnames(i);
- }
+var lines = <?php echo $mycounter; ?>;
+for (alertcount = 0; alertcount < lines; alertcount++) {
+ setTimeout(findhostnames(alertcount), 30);
+}
//]]>
</script>