diff options
author | Renato Botelho <garga@FreeBSD.org> | 2015-04-23 08:36:05 -0300 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2015-04-23 08:36:05 -0300 |
commit | 3def54fa50ce6050c0bb2e12e7c4a115266c4018 (patch) | |
tree | 123e21583ccfc10e57fbdc63916a9c7ccad2a904 /config/pfblockerng | |
parent | 799a01526591806f344e56556e21106130ec01df (diff) | |
download | pfsense-packages-3def54fa50ce6050c0bb2e12e7c4a115266c4018.tar.gz pfsense-packages-3def54fa50ce6050c0bb2e12e7c4a115266c4018.tar.bz2 pfsense-packages-3def54fa50ce6050c0bb2e12e7c4a115266c4018.zip |
Add run_depends and port_category to pfBlockerNG, also teach it to deal with non-PBI paths
Diffstat (limited to 'config/pfblockerng')
-rw-r--r-- | config/pfblockerng/geoipupdate.sh | 23 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng.inc | 14 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng.sh | 20 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng_alerts.php | 18 |
4 files changed, 52 insertions, 23 deletions
diff --git a/config/pfblockerng/geoipupdate.sh b/config/pfblockerng/geoipupdate.sh index dc6f2af6..39c08f70 100644 --- a/config/pfblockerng/geoipupdate.sh +++ b/config/pfblockerng/geoipupdate.sh @@ -23,7 +23,7 @@ # may be met by including the following in all advertising and documentation # mentioning features of or use of this database. -mtype=$(/usr/bin/uname -m); +pfs_version=$(cat /etc/version | cut -c 1-3) # Application Locations pathfetch=/usr/bin/fetch @@ -32,8 +32,13 @@ pathgunzip=/usr/bin/gunzip # Folder Locations pathdb=/var/db/pfblockerng -pathpbi=/usr/pbi/pfblockerng-$mtype/share/GeoIP pathlog=/var/log/pfblockerng +if [ "${pfs_version}" = "2.2" ]; then + mtype=$(/usr/bin/uname -m) + pathshare=/usr/pbi/pfblockerng-$mtype/share/GeoIP +else + pathshare=/usr/local/share/GeoIP +fi # File Locations errorlog=$pathlog/geoip.log @@ -60,12 +65,12 @@ binaryupdate() { echo " ** Downloading MaxMind GeoLite IPv4 Binary Database (For Reputation/Alerts Processes) **"; echo URL="http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz" -$pathfetch -v -o $pathpbi$geoipdat.gz -T 20 $URL +$pathfetch -v -o $pathshare$geoipdat.gz -T 20 $URL if [ "$?" -eq "0" ]; then - $pathgunzip -f $pathpbi$geoipdat.gz + $pathgunzip -f $pathshare$geoipdat.gz echo; echo " ( MaxMind IPv4 GeoIP.dat has been updated )"; echo echo "Current Date/Timestamp:" - /bin/ls -alh $pathpbi$geoipdat + /bin/ls -alh $pathshare$geoipdat echo else echo; echo " => MaxMind IPv4 GeoIP.dat Update [ FAILED ]"; echo @@ -76,12 +81,12 @@ fi echo; echo " ** Downloading MaxMind GeoLite IPv6 Binary Database (For Reputation/Alerts Processes) **"; echo URL="http://geolite.maxmind.com/download/geoip/database/GeoIPv6.dat.gz" -$pathfetch -v -o $pathpbi$geoipdatv6.gz -T 20 $URL +$pathfetch -v -o $pathshare$geoipdatv6.gz -T 20 $URL if [ "$?" -eq "0" ]; then - $pathgunzip -f $pathpbi$geoipdatv6.gz + $pathgunzip -f $pathshare$geoipdatv6.gz echo; echo " ( MaxMind IPv6 GeoIPv6.dat has been updated )"; echo echo "Current Date/Timestamp:" - /bin/ls -alh $pathpbi$geoipdatv6 + /bin/ls -alh $pathshare$geoipdatv6 echo else echo; echo " => MaxMind IPv6 GeoIPv6.dat Update [ FAILED ]"; echo @@ -163,4 +168,4 @@ case $1 in exit ;; esac -exit
\ No newline at end of file +exit diff --git a/config/pfblockerng/pfblockerng.inc b/config/pfblockerng/pfblockerng.inc index 1a1c87a2..18e22871 100644 --- a/config/pfblockerng/pfblockerng.inc +++ b/config/pfblockerng/pfblockerng.inc @@ -50,6 +50,14 @@ require_once("services.inc"); function pfb_global() { global $g,$config,$pfb; + $pfs_version = substr(trim(file_get_contents("/etc/version")),0,3); + + if ($pfs_version == "2.2") { + $prefix = "/usr/pbi/pfblockerng-" . php_uname("m"); + } else { + $prefix = "/usr/local"; + } + # Collect pfSense Version $pfb['pfsenseversion'] = substr(trim(file_get_contents("/etc/version")),0,3); @@ -63,7 +71,7 @@ function pfb_global() { $pfb['matchdir'] = "{$pfb['dbdir']}/match"; $pfb['permitdir'] = "{$pfb['dbdir']}/permit"; $pfb['origdir'] = "{$pfb['dbdir']}/original"; - $pfb['ccdir'] = "/usr/pbi/pfblockerng-" . php_uname("m") . "/share/GeoIP"; + $pfb['ccdir'] = $prefix . "/share/GeoIP"; # Create Folders if not Exist. $folder_array = array ("{$pfb['dbdir']}","{$pfb['logdir']}","{$pfb['ccdir']}","{$pfb['origdir']}","{$pfb['nativedir']}","{$pfb['denydir']}","{$pfb['matchdir']}","{$pfb['permitdir']}","{$pfb['aliasdir']}"); @@ -78,7 +86,7 @@ function pfb_global() { $pfb['log'] = "{$pfb['logdir']}/pfblockerng.log"; $pfb['supptxt'] = "{$pfb['dbdir']}/pfbsuppression.txt"; $pfb['script'] = 'sh /usr/local/pkg/pfblockerng/pfblockerng.sh'; - $pfb['aliasarchive'] = "/usr/pbi/pfblockerng-" . php_uname("m") . "/etc/aliastables.tar.bz2"; + $pfb['aliasarchive'] = $prefix . "/etc/aliastables.tar.bz2"; # General Variables $pfb['config'] = $config['installedpackages']['pfblockerng']['config'][0]; @@ -2701,4 +2709,4 @@ function pfblockerng_do_xmlrpc_sync($sync_to_ip, $port, $protocol, $username, $p } return $success; } -?>
\ No newline at end of file +?> diff --git a/config/pfblockerng/pfblockerng.sh b/config/pfblockerng/pfblockerng.sh index e010a6e5..ba0c908b 100644 --- a/config/pfblockerng/pfblockerng.sh +++ b/config/pfblockerng/pfblockerng.sh @@ -13,12 +13,20 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. +pfs_version=$(cat /etc/version | cut -c 1-3) + +if [ "${pfs_version}" = "2.2" ]; then + mtype=$(/usr/bin/uname -m) + prefix="/usr/pbi/pfblockerng-${mtype}" +else + prefix="/usr/local" +fi + now=$(/bin/date +%m/%d/%y' '%T) -mtype=$(/usr/bin/uname -m); # Application Paths -pathgrepcidr="/usr/pbi/pfblockerng-$mtype/bin/grepcidr" -pathgeoip="/usr/pbi/pfblockerng-$mtype/bin/geoiplookup" +pathgrepcidr="${prefix}/bin/grepcidr" +pathgeoip="${prefix}/bin/geoiplookup" pathtar=/usr/bin/tar pathgunzip=/usr/bin/gunzip @@ -35,8 +43,8 @@ etblock=$(echo $8 | sed 's/,/, /g') etmatch=$(echo $9 | sed 's/,/, /g') # File Locations -aliasarchive="/usr/pbi/pfblockerng-$mtype/etc/aliastables.tar.bz2" -pathgeoipdat=/usr/pbi/pfblockerng-$mtype/share/GeoIP/GeoIP.dat +aliasarchive="${prefix}/etc/aliastables.tar.bz2" +pathgeoipdat="${prefix}/share/GeoIP/GeoIP.dat" pfbsuppression=/var/db/pfblockerng/pfbsuppression.txt masterfile=/var/db/pfblockerng/masterfile mastercat=/var/db/pfblockerng/mastercat @@ -968,4 +976,4 @@ case $1 in exitnow ;; esac -exitnow
\ No newline at end of file +exitnow diff --git a/config/pfblockerng/pfblockerng_alerts.php b/config/pfblockerng/pfblockerng_alerts.php index c67420b9..0b251295 100644 --- a/config/pfblockerng/pfblockerng_alerts.php +++ b/config/pfblockerng/pfblockerng_alerts.php @@ -60,14 +60,22 @@ require_once("/usr/local/pkg/pfblockerng/pfblockerng.inc"); global $rule_list; pfb_global(); +$pfs_version = substr(trim(file_get_contents("/etc/version")),0,3); + +if ($pfs_version == "2.2") { + $prefix = "/usr/pbi/pfblockerng-" . php_uname("m"); +} else { + $prefix = "/usr/local"; +} + // Application Paths -$pathgeoip = "/usr/pbi/pfblockerng-" . php_uname("m") . "/bin/geoiplookup"; -$pathgeoip6 = "/usr/pbi/pfblockerng-" . php_uname("m") . "/bin/geoiplookup6"; +$pathgeoip = $prefix . "/bin/geoiplookup"; +$pathgeoip6 = $prefix . "/bin/geoiplookup6"; // Define File Locations $filter_logfile = "{$g['varlog_path']}/filter.log"; -$pathgeoipdat = "/usr/pbi/pfblockerng-" . php_uname("m") . "/share/GeoIP/GeoIP.dat"; -$pathgeoipdat6 = "/usr/pbi/pfblockerng-" . php_uname("m") . "/share/GeoIP/GeoIPv6.dat"; +$pathgeoipdat = $prefix . "/share/GeoIP/GeoIP.dat"; +$pathgeoipdat6 = $prefix . "/share/GeoIP/GeoIPv6.dat"; // Define Alerts Log filter Rollup window variable. (Alert Filtering Code adapted from B.Meeks - Snort Package) $pfb['filterlogentries'] = FALSE; @@ -1006,4 +1014,4 @@ function enable_hideFilter() { <?php include("fend.inc"); ?> </form> </body> -</html>
\ No newline at end of file +</html> |