aboutsummaryrefslogtreecommitdiffstats
path: root/config/pfblockerng
diff options
context:
space:
mode:
authorRenato Botelho <garga@FreeBSD.org>2015-04-23 08:36:05 -0300
committerRenato Botelho <garga@FreeBSD.org>2015-04-23 08:36:05 -0300
commit3def54fa50ce6050c0bb2e12e7c4a115266c4018 (patch)
tree123e21583ccfc10e57fbdc63916a9c7ccad2a904 /config/pfblockerng
parent799a01526591806f344e56556e21106130ec01df (diff)
downloadpfsense-packages-3def54fa50ce6050c0bb2e12e7c4a115266c4018.tar.gz
pfsense-packages-3def54fa50ce6050c0bb2e12e7c4a115266c4018.tar.bz2
pfsense-packages-3def54fa50ce6050c0bb2e12e7c4a115266c4018.zip
Add run_depends and port_category to pfBlockerNG, also teach it to deal with non-PBI paths
Diffstat (limited to 'config/pfblockerng')
-rw-r--r--config/pfblockerng/geoipupdate.sh23
-rw-r--r--config/pfblockerng/pfblockerng.inc14
-rw-r--r--config/pfblockerng/pfblockerng.sh20
-rw-r--r--config/pfblockerng/pfblockerng_alerts.php18
4 files changed, 52 insertions, 23 deletions
diff --git a/config/pfblockerng/geoipupdate.sh b/config/pfblockerng/geoipupdate.sh
index dc6f2af6..39c08f70 100644
--- a/config/pfblockerng/geoipupdate.sh
+++ b/config/pfblockerng/geoipupdate.sh
@@ -23,7 +23,7 @@
# may be met by including the following in all advertising and documentation
# mentioning features of or use of this database.
-mtype=$(/usr/bin/uname -m);
+pfs_version=$(cat /etc/version | cut -c 1-3)
# Application Locations
pathfetch=/usr/bin/fetch
@@ -32,8 +32,13 @@ pathgunzip=/usr/bin/gunzip
# Folder Locations
pathdb=/var/db/pfblockerng
-pathpbi=/usr/pbi/pfblockerng-$mtype/share/GeoIP
pathlog=/var/log/pfblockerng
+if [ "${pfs_version}" = "2.2" ]; then
+ mtype=$(/usr/bin/uname -m)
+ pathshare=/usr/pbi/pfblockerng-$mtype/share/GeoIP
+else
+ pathshare=/usr/local/share/GeoIP
+fi
# File Locations
errorlog=$pathlog/geoip.log
@@ -60,12 +65,12 @@ binaryupdate() {
echo " ** Downloading MaxMind GeoLite IPv4 Binary Database (For Reputation/Alerts Processes) **"; echo
URL="http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz"
-$pathfetch -v -o $pathpbi$geoipdat.gz -T 20 $URL
+$pathfetch -v -o $pathshare$geoipdat.gz -T 20 $URL
if [ "$?" -eq "0" ]; then
- $pathgunzip -f $pathpbi$geoipdat.gz
+ $pathgunzip -f $pathshare$geoipdat.gz
echo; echo " ( MaxMind IPv4 GeoIP.dat has been updated )"; echo
echo "Current Date/Timestamp:"
- /bin/ls -alh $pathpbi$geoipdat
+ /bin/ls -alh $pathshare$geoipdat
echo
else
echo; echo " => MaxMind IPv4 GeoIP.dat Update [ FAILED ]"; echo
@@ -76,12 +81,12 @@ fi
echo; echo " ** Downloading MaxMind GeoLite IPv6 Binary Database (For Reputation/Alerts Processes) **"; echo
URL="http://geolite.maxmind.com/download/geoip/database/GeoIPv6.dat.gz"
-$pathfetch -v -o $pathpbi$geoipdatv6.gz -T 20 $URL
+$pathfetch -v -o $pathshare$geoipdatv6.gz -T 20 $URL
if [ "$?" -eq "0" ]; then
- $pathgunzip -f $pathpbi$geoipdatv6.gz
+ $pathgunzip -f $pathshare$geoipdatv6.gz
echo; echo " ( MaxMind IPv6 GeoIPv6.dat has been updated )"; echo
echo "Current Date/Timestamp:"
- /bin/ls -alh $pathpbi$geoipdatv6
+ /bin/ls -alh $pathshare$geoipdatv6
echo
else
echo; echo " => MaxMind IPv6 GeoIPv6.dat Update [ FAILED ]"; echo
@@ -163,4 +168,4 @@ case $1 in
exit
;;
esac
-exit \ No newline at end of file
+exit
diff --git a/config/pfblockerng/pfblockerng.inc b/config/pfblockerng/pfblockerng.inc
index 1a1c87a2..18e22871 100644
--- a/config/pfblockerng/pfblockerng.inc
+++ b/config/pfblockerng/pfblockerng.inc
@@ -50,6 +50,14 @@ require_once("services.inc");
function pfb_global() {
global $g,$config,$pfb;
+ $pfs_version = substr(trim(file_get_contents("/etc/version")),0,3);
+
+ if ($pfs_version == "2.2") {
+ $prefix = "/usr/pbi/pfblockerng-" . php_uname("m");
+ } else {
+ $prefix = "/usr/local";
+ }
+
# Collect pfSense Version
$pfb['pfsenseversion'] = substr(trim(file_get_contents("/etc/version")),0,3);
@@ -63,7 +71,7 @@ function pfb_global() {
$pfb['matchdir'] = "{$pfb['dbdir']}/match";
$pfb['permitdir'] = "{$pfb['dbdir']}/permit";
$pfb['origdir'] = "{$pfb['dbdir']}/original";
- $pfb['ccdir'] = "/usr/pbi/pfblockerng-" . php_uname("m") . "/share/GeoIP";
+ $pfb['ccdir'] = $prefix . "/share/GeoIP";
# Create Folders if not Exist.
$folder_array = array ("{$pfb['dbdir']}","{$pfb['logdir']}","{$pfb['ccdir']}","{$pfb['origdir']}","{$pfb['nativedir']}","{$pfb['denydir']}","{$pfb['matchdir']}","{$pfb['permitdir']}","{$pfb['aliasdir']}");
@@ -78,7 +86,7 @@ function pfb_global() {
$pfb['log'] = "{$pfb['logdir']}/pfblockerng.log";
$pfb['supptxt'] = "{$pfb['dbdir']}/pfbsuppression.txt";
$pfb['script'] = 'sh /usr/local/pkg/pfblockerng/pfblockerng.sh';
- $pfb['aliasarchive'] = "/usr/pbi/pfblockerng-" . php_uname("m") . "/etc/aliastables.tar.bz2";
+ $pfb['aliasarchive'] = $prefix . "/etc/aliastables.tar.bz2";
# General Variables
$pfb['config'] = $config['installedpackages']['pfblockerng']['config'][0];
@@ -2701,4 +2709,4 @@ function pfblockerng_do_xmlrpc_sync($sync_to_ip, $port, $protocol, $username, $p
}
return $success;
}
-?> \ No newline at end of file
+?>
diff --git a/config/pfblockerng/pfblockerng.sh b/config/pfblockerng/pfblockerng.sh
index e010a6e5..ba0c908b 100644
--- a/config/pfblockerng/pfblockerng.sh
+++ b/config/pfblockerng/pfblockerng.sh
@@ -13,12 +13,20 @@
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
+pfs_version=$(cat /etc/version | cut -c 1-3)
+
+if [ "${pfs_version}" = "2.2" ]; then
+ mtype=$(/usr/bin/uname -m)
+ prefix="/usr/pbi/pfblockerng-${mtype}"
+else
+ prefix="/usr/local"
+fi
+
now=$(/bin/date +%m/%d/%y' '%T)
-mtype=$(/usr/bin/uname -m);
# Application Paths
-pathgrepcidr="/usr/pbi/pfblockerng-$mtype/bin/grepcidr"
-pathgeoip="/usr/pbi/pfblockerng-$mtype/bin/geoiplookup"
+pathgrepcidr="${prefix}/bin/grepcidr"
+pathgeoip="${prefix}/bin/geoiplookup"
pathtar=/usr/bin/tar
pathgunzip=/usr/bin/gunzip
@@ -35,8 +43,8 @@ etblock=$(echo $8 | sed 's/,/, /g')
etmatch=$(echo $9 | sed 's/,/, /g')
# File Locations
-aliasarchive="/usr/pbi/pfblockerng-$mtype/etc/aliastables.tar.bz2"
-pathgeoipdat=/usr/pbi/pfblockerng-$mtype/share/GeoIP/GeoIP.dat
+aliasarchive="${prefix}/etc/aliastables.tar.bz2"
+pathgeoipdat="${prefix}/share/GeoIP/GeoIP.dat"
pfbsuppression=/var/db/pfblockerng/pfbsuppression.txt
masterfile=/var/db/pfblockerng/masterfile
mastercat=/var/db/pfblockerng/mastercat
@@ -968,4 +976,4 @@ case $1 in
exitnow
;;
esac
-exitnow \ No newline at end of file
+exitnow
diff --git a/config/pfblockerng/pfblockerng_alerts.php b/config/pfblockerng/pfblockerng_alerts.php
index c67420b9..0b251295 100644
--- a/config/pfblockerng/pfblockerng_alerts.php
+++ b/config/pfblockerng/pfblockerng_alerts.php
@@ -60,14 +60,22 @@ require_once("/usr/local/pkg/pfblockerng/pfblockerng.inc");
global $rule_list;
pfb_global();
+$pfs_version = substr(trim(file_get_contents("/etc/version")),0,3);
+
+if ($pfs_version == "2.2") {
+ $prefix = "/usr/pbi/pfblockerng-" . php_uname("m");
+} else {
+ $prefix = "/usr/local";
+}
+
// Application Paths
-$pathgeoip = "/usr/pbi/pfblockerng-" . php_uname("m") . "/bin/geoiplookup";
-$pathgeoip6 = "/usr/pbi/pfblockerng-" . php_uname("m") . "/bin/geoiplookup6";
+$pathgeoip = $prefix . "/bin/geoiplookup";
+$pathgeoip6 = $prefix . "/bin/geoiplookup6";
// Define File Locations
$filter_logfile = "{$g['varlog_path']}/filter.log";
-$pathgeoipdat = "/usr/pbi/pfblockerng-" . php_uname("m") . "/share/GeoIP/GeoIP.dat";
-$pathgeoipdat6 = "/usr/pbi/pfblockerng-" . php_uname("m") . "/share/GeoIP/GeoIPv6.dat";
+$pathgeoipdat = $prefix . "/share/GeoIP/GeoIP.dat";
+$pathgeoipdat6 = $prefix . "/share/GeoIP/GeoIPv6.dat";
// Define Alerts Log filter Rollup window variable. (Alert Filtering Code adapted from B.Meeks - Snort Package)
$pfb['filterlogentries'] = FALSE;
@@ -1006,4 +1014,4 @@ function enable_hideFilter() {
<?php include("fend.inc"); ?>
</form>
</body>
-</html> \ No newline at end of file
+</html>