diff options
| author | Renato Botelho <garga@FreeBSD.org> | 2015-02-13 16:20:59 -0200 |
|---|---|---|
| committer | Renato Botelho <garga@FreeBSD.org> | 2015-02-13 16:20:59 -0200 |
| commit | 0feb19d9aa015ca9ca1065b12d116af755493ea6 (patch) | |
| tree | 0d75946aa40c2e46e7c006eeb7d07fdca47da32f /config/pfblockerng | |
| parent | dcf3d32ea371e21b7c7f200df5532dcb8faa55bc (diff) | |
| parent | af2c372454cae89f2311269f5858e66ebe6d3417 (diff) | |
| download | pfsense-packages-0feb19d9aa015ca9ca1065b12d116af755493ea6.tar.gz pfsense-packages-0feb19d9aa015ca9ca1065b12d116af755493ea6.tar.bz2 pfsense-packages-0feb19d9aa015ca9ca1065b12d116af755493ea6.zip | |
Merge pull request #818 from BBcan177/pfBlockerNG_021015_1
Diffstat (limited to 'config/pfblockerng')
| -rw-r--r-- | config/pfblockerng/pfblockerng.inc | 265 | ||||
| -rw-r--r-- | config/pfblockerng/pfblockerng.xml | 12 | ||||
| -rw-r--r-- | config/pfblockerng/pfblockerng_alerts.php | 46 |
3 files changed, 172 insertions, 151 deletions
diff --git a/config/pfblockerng/pfblockerng.inc b/config/pfblockerng/pfblockerng.inc index 793bf7a4..a1ee6abc 100644 --- a/config/pfblockerng/pfblockerng.inc +++ b/config/pfblockerng/pfblockerng.inc @@ -48,9 +48,11 @@ require_once("services.inc"); # [ $pfb ] pfBlockerNG Global Array for Paths and Variables. This needs to be called to get the Updated Settings. function pfb_global() { - global $g,$config,$pfb; + # Collect pfSense Version + $pfb['pfsenseversion'] = substr(trim(file_get_contents("/etc/version")),0,3); + # Folders $pfb['dbdir'] = "{$g['vardb_path']}/pfblockerng"; $pfb['aliasdir'] = "{$g['vardb_path']}/aliastables"; @@ -77,9 +79,6 @@ function pfb_global() { $pfb['supptxt'] = "{$pfb['dbdir']}/pfbsuppression.txt"; $pfb['script'] = 'sh /usr/local/pkg/pfblockerng/pfblockerng.sh'; - # Collect pfSense Version - $pfb['pfsenseversion'] = substr(trim(file_get_contents("/etc/version")),0,3); - # General Variables $pfb['config'] = $config['installedpackages']['pfblockerng']['config'][0]; @@ -461,9 +460,9 @@ function sync_package_pfblockerng($cron = "") { } - ############################################# - # Configure ARRAYS # - ############################################# + ################################# + # Configure ARRAYS # + ################################# $continents = array ( "Africa" => "pfB_Africa", "Antartica" => "pfB_Antartica", @@ -522,9 +521,9 @@ function sync_package_pfblockerng($cron = "") { ); - ############################################# - # Configure Rule Suffix # - ############################################# + ######################################### + # Configure Rule Suffix # + ######################################### # Discover if any Rules are AutoRules (If no AutoRules found, $pfb['autorules'] is FALSE, Skip Rules Re-Order ) # To configure Auto Rule Suffix. pfBlockerNG must be disabled to change Suffix and to avoid Duplicate Rules @@ -594,9 +593,9 @@ function sync_package_pfblockerng($cron = "") { } - ############################################# - # Configure INBOUND/OUTBOUND INTERFACES # - ############################################# + ######################################################### + # Configure INBOUND/OUTBOUND INTERFACES # + ######################################################### # Collect pfSense Interface Order $ifaces = get_configured_interface_list(); @@ -660,9 +659,9 @@ function sync_package_pfblockerng($cron = "") { } - ############################################# - # Clear Removed Lists from Masterfiles # - ############################################# + ################################################# + # Clear Removed Lists from Masterfiles # + ################################################# # Process to keep Masterfiles in Sync with Valid Lists from config.conf file. $pfb['sync_master'] = TRUE; @@ -886,9 +885,9 @@ function sync_package_pfblockerng($cron = "") { } } - ############################################## - # Clear Match/Pass/ET/Original Files/Folders # - ############################################## + ######################################################### + # Clear Match/Pass/ET/Original Files/Folders # + ######################################################### # When pfBlockerNG is Disabled and 'Keep Blocklists' is Disabled. if ($pfb['enable'] == "" && $pfb['keep'] == "" && !$pfb['install']) { @@ -907,17 +906,17 @@ function sync_package_pfblockerng($cron = "") { } - ############################################# - # Create Suppression Txt File # - ############################################# + ######################################### + # Create Suppression Txt File # + ######################################### if ($pfb['enable'] == "on" && $pfb['supp'] == "on") pfb_create_suppression_file(); - ############################################# - # Assign Countries # - ############################################# + ################################# + # Assign Countries # + ################################# foreach ($continents as $continent => $pfb_alias) { if (is_array($config['installedpackages']['pfblockerng' . strtolower(preg_replace('/ /','',$continent))]['config'])) { @@ -1143,9 +1142,9 @@ function sync_package_pfblockerng($cron = "") { # UNSET variables unset ($continent, $continent_existing, $continent_new); - ############################################# - # Download and Collect IPv4/IPv6 lists # - ############################################# + ################################################# + # Download and Collect IPv4/IPv6 lists # + ################################################# # IPv4 REGEX Definitions $pfb['range'] = '/((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))-((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))/'; @@ -1156,21 +1155,25 @@ function sync_package_pfblockerng($cron = "") { # IPv4 preg_replace Regex Filter array $pfb_ipreg = array(); - $pfb_ipreg[0] = '/\b0+(?=\d)/'; # Remove any Leading Zeros in each Octet - $pfb_ipreg[1] = '/\s/'; # Remove any Whitespaces - $pfb_ipreg[2] = '/127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/'; # Remove any Loopback Addresses 127/8 - $pfb_ipreg[3] = '/0\.0\.0\.0/'; # Remove 0.0.0.0 + $pfb_ipreg[0] = '/\b0+(?=\d)/'; # Remove any Leading Zeros in each Octet + $pfb_ipreg[1] = '/\s/'; # Remove any Whitespaces + $pfb_ipreg[2] = '/127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/'; # Remove any Loopback Addresses 127/8 + $pfb_ipreg[3] = '/0\.0\.0\.0\/32/'; # Remove 0.0.0.0/32 + $pfb_ipreg[4] = '/0\.0\.0\.0/'; # Remove 0.0.0.0 # IPv6 REGEX Definitions -- ** Still Needs some Adjustment on Regex Definition for IPv6 ** # https://mebsd.com/coding-snipits/php-regex-ipv6-with-preg_match.html $pattern1 = '([A-Fa-f0-9]{1,4}:){7}[A-Fa-f0-9]{1,4}'; - $pattern2 = '([A-Fa-f0-9]{1,4}::([A-Fa-f0-9]{1,4}:){0,5}[A-Fa-f0-9]{1,4}'; + $pattern2 = '[A-Fa-f0-9]{1,4}::([A-Fa-f0-9]{1,4}:){0,5}[A-Fa-f0-9]{1,4}'; $pattern3 = '([A-Fa-f0-9]{1,4}:){2}:([A-Fa-f0-9]{1,4}:){0,4}[A-Fa-f0-9]{1,4}'; $pattern4 = '([A-Fa-f0-9]{1,4}:){3}:([A-Fa-f0-9]{1,4}:){0,3}[A-Fa-f0-9]{1,4}'; $pattern5 = '([A-Fa-f0-9]{1,4}:){4}:([A-Fa-f0-9]{1,4}:){0,2}[A-Fa-f0-9]{1,4}'; $pattern6 = '([A-Fa-f0-9]{1,4}:){5}:([A-Fa-f0-9]{1,4}:){0,1}[A-Fa-f0-9]{1,4}'; $pattern7 = '([A-Fa-f0-9]{1,4}:){6}:[A-Fa-f0-9]{1,4}'; - $pfb['ipv6'] = "/^($pattern1)$|^($pattern2)$|^($pattern3)$|^($pattern4)$|^($pattern5)$|^($pattern6)$|^($pattern7)$/"; + $pattern8 = '[A-Fa-f0-9]{1,4}:[A-Fa-f0-9]{1,4}:[A-Fa-f0-9]{1,4}::\/[0-9]{2}'; + $pattern9 = '[A-Fa-f0-9]{1,4}:([A-Fa-f0-9]{1,4}::)\/[0-9]{2}'; + $pattern10 = '[A-Fa-f0-9]{1,4}::\/[0-9]{2}'; + $pfb['ipv6'] = "/^($pattern1)$|^($pattern2)$|^($pattern3)$|^($pattern4)$|^($pattern5)$|^($pattern6)$|^($pattern7)$|^($pattern8)$|^($pattern9)$|^($pattern10)$/"; $pfb['supp_update'] = FALSE; $list_type = array ("pfblockernglistsv4" => "_v4", "pfblockernglistsv6" => "_v6"); @@ -1230,7 +1233,7 @@ function sync_package_pfblockerng($cron = "") { $host = @parse_url($row['url']); $list_url = "{$row['url']}"; if ($row['format'] != "rsync" || $row['format'] != "html") { - if ($host['host'] == "127.0.0.1" || $host['host'] == $pfb['iplocal'] || empty($host['host'])) { + if ($host['host'] == "127.0.0.1" || $host['host'] == $pfb['iplocal'] || empty($host['host'])) { $remote_tds = "local"; } else { $remote_tds = @implode(preg_grep("/Last-Modified/", get_headers($list_url))); @@ -1382,12 +1385,14 @@ function sync_package_pfblockerng($cron = "") { if (!empty($url_list)) { if ($row['format'] == "gz" && $vtype == "_v4") { foreach ($url_list as $line) { - # Network range 192.168.0.0-192.168.0.254 - if (preg_match($pfb['range'],$line,$matches)) { - $a_cidr = ip_range_to_subnet_array_temp2($matches[1],$matches[2]); - if (!empty($a_cidr)) { - foreach ($a_cidr as $cidr) { - $new_file .= preg_replace($pfb_ipreg,'',$cidr) . "\n"; + if (!preg_match("/^#/", $line)) { + # Network range 192.168.0.0-192.168.0.254 + if (preg_match($pfb['range'],$line,$matches)) { + $a_cidr = ip_range_to_subnet_array_temp2($matches[1],$matches[2]); + if (!empty($a_cidr)) { + foreach ($a_cidr as $cidr) { + $new_file .= preg_replace($pfb_ipreg,'',$cidr) . "\n"; + } } } } @@ -1396,44 +1401,52 @@ function sync_package_pfblockerng($cron = "") { elseif ($row['format'] == "block" && $vtype == "_v4") { foreach ($url_list as $line) { - # Block Type '218.77.79.0 218.77.79.255 24' - if (preg_match($pfb['block'],$line,$matches)) { - $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "/24\n"; + if (!preg_match("/^#/", $line)) { + # Block Type '218.77.79.0 218.77.79.255 24' + if (preg_match($pfb['block'],$line,$matches)) { + $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "/24\n"; + } } } } elseif ($row['format'] == "html" && $vtype == "_v4") { foreach ($url_list as $line) { - # CIDR format 192.168.0.0/16 - if (preg_match($pfb['cidr'],$line,$matches)) { - $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n"; - } - # Single ip addresses - elseif (preg_match($pfb['s_html'],$line,$matches)) { - $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n"; + if (!preg_match("/^#/", $line)) { + # CIDR format 192.168.0.0/16 + if (preg_match($pfb['cidr'],$line,$matches)) { + $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n"; + } + # Single ip addresses + elseif (preg_match($pfb['s_html'],$line,$matches)) { + $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n"; + } } } } elseif ($vtype == "_v6") { foreach ($url_list as $line) { - # IPv6 Regex Match - if (preg_match($pfb['ipv6'],$line,$matches)) { - $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n"; + if (!preg_match("/^#/", $line)) { + # IPv6 Regex Match + if (preg_match($pfb['ipv6'],$line,$matches)) { + $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n"; + } } } } else { foreach ($url_list as $line) { - # CIDR format 192.168.0.0/16 - if (preg_match($pfb['cidr'],$line,$matches)) { - $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n"; - } - # Single ip addresses - elseif (preg_match($pfb['single'],$line,$matches)) { - $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n"; + if (!preg_match("/^#/", $line)) { + # CIDR format 192.168.0.0/16 + if (preg_match($pfb['cidr'],$line,$matches)) { + $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n"; + } + # Single ip addresses + elseif (preg_match($pfb['single'],$line,$matches)) { + $new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n"; + } } } } @@ -1510,7 +1523,7 @@ function sync_package_pfblockerng($cron = "") { $ip2 = preg_replace("/(\d{1,3})\.(\d{1,3}).(\d{1,3}).(\d{1,3})/", "\"^$1\.$2\.$3\.\"", $ip); # Only Perform these Checks if they are not "localfiles" - if ($host['host'] == "127.0.0.1" || $host['host'] == $pfb['iplocal'] || empty($host['host'])) { + if ($host['host'] == "127.0.0.1" || $host['host'] == $pfb['iplocal'] || empty($host['host'])) { $log = " [ {$alias} {$header_url} ] Local File Failure \n"; pfb_logger("{$log}","2"); } else { @@ -1646,9 +1659,9 @@ function sync_package_pfblockerng($cron = "") { } - ############################################# - # REPUTATION PROCESSES # - ############################################# + ################################# + # REPUTATION PROCESSES # + ################################# # IP Reputation processes (pdup and ddup) if ($pfb['pdup'] == "on" && $pfb['dupcheck'] && !$pfb['save'] && $pfb['enable'] == "on") { @@ -1660,9 +1673,9 @@ function sync_package_pfblockerng($cron = "") { exec ("{$pfb['script']} dedup x {$pfb['dmax']} {$pfb['dedup']} {$pfb['ccexclude']} {$pfb['ccwhite']} {$pfb['ccblack']} >> {$pfb['log']} 2>&1"); } - ############################################# - # CONFIGURE ALIASES # - ############################################# + ################################# + # CONFIGURE ALIASES # + ################################# $list_type = array ("pfblockernglistsv4" => "_v4", "pfblockernglistsv6" => "_v6"); foreach ($list_type as $ip_type => $vtype) { @@ -1871,9 +1884,9 @@ function sync_package_pfblockerng($cron = "") { ${$alias} = ""; - ############################################# - # UPDATE PfSENSE ALIAS TABLES # - ############################################# + ######################################### + # UPDATE pfSense ALIAS TABLES # + ######################################### #update pfsense alias table if (is_array($config['aliases']['alias'])) { @@ -1910,9 +1923,9 @@ function sync_package_pfblockerng($cron = "") { unset($new_aliases, $cbalias); - ############################################# - # Assign rules # - ############################################# + ######################### + # Assign Rules # + ######################### # Only Execute if AutoRules are defined or if an Alias has been removed. if ($pfb['autorules'] || $pfb['enable'] == "" || $pfb['remove']) { @@ -2178,50 +2191,9 @@ function sync_package_pfblockerng($cron = "") { unset ($other_rules,$fother_rules,$permit_rules,$fpermit_rules,$match_rules,$fmatch_rules); } - ############################################# - # Define/Apply CRON Jobs # - ############################################# - - # Clear any existing pfBlockerNG Cron Jobs - install_cron_job("pfblockerng.php cron", false); - - # Replace Cron job with any User Changes to $pfb_min - if ($pfb['enable'] == "on") { - # Define pfBlockerNG CRON Job - $pfb_cmd = "/usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php cron >> {$pfb['log']} 2>&1"; - # $pfb['min'] ( User Defined Variable. Variable defined at start of Script ) - $pfb_hour = "*"; - $pfb_mday = "*"; - $pfb_month = "*"; - $pfb_wday = "*"; - $pfb_who = "root"; - - install_cron_job($pfb_cmd, true, $pfb['min'], $pfb_hour, $pfb_mday, $pfb_month, $pfb_wday, $pfb_who); - } - - # Clear any existing pfBlockerNG MaxMind CRON Job - install_cron_job("pfblockerng.php dc", false); - - if ($pfb['enable'] == "on") { - # Define pfBlockerNG MaxMind CRON Job - $pfb_gcmd = "/usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php dc >> {$pfb['geolog']} 2>&1"; - - # MaxMind GeoIP Cron Hour is randomized between 0-23 Hour to minimize effect on MaxMind Website - - $pfb_gmin = "0"; - $pfb_ghour = rand(0,23); - $pfb_gmday = "1,2,3,4,5,6,7"; - $pfb_gmonth = "*"; - $pfb_gwday = "2"; - $pfb_gwho = "root"; - - install_cron_job($pfb_gcmd, true, $pfb_gmin, $pfb_ghour, $pfb_gmday, $pfb_gmonth, $pfb_gwday, $pfb_gwho); - } - - - ############################################# - # Closing Processes # - ############################################# + ################################# + # Closing Processes # + ################################# #uncheck Reusing Existing Downloads Check box if (!$pfb['save'] && $pfb['enable'] == "on") @@ -2234,11 +2206,13 @@ function sync_package_pfblockerng($cron = "") { if ($pfb['autorules'] && $rules != $new_rules || $pfb['enable'] == "" || $pfb['remove']) { require_once("filter.inc"); - $log = "\n===[ Aliastables / Rules ]================================\n\n"; - pfb_logger("{$log}","1"); + if (!$pfb['save']) { + $log = "\n===[ Aliastables / Rules ]================================\n\n"; + pfb_logger("{$log}","1"); - $log = "Firewall Rule Changes Found, Applying Filter Reload \n"; - pfb_logger("{$log}","1"); + $log = "Firewall Rule Changes Found, Applying Filter Reload \n"; + pfb_logger("{$log}","1"); + } # Remove all pfBlockerNG Alias tables if (!empty($aliases_list)) { @@ -2291,9 +2265,9 @@ function sync_package_pfblockerng($cron = "") { #sync config pfblockerng_sync_on_changes(); - ############################################# - # FINAL REPORTING # - ############################################# + ################################# + # FINAL REPORTING # + ################################# # Only run with CRON or Force Invoked Process if ((!$pfb['save'] && $pfb['dupcheck'] && $pfb['enable'] == "on") || $pfb['summary']) { @@ -2305,6 +2279,47 @@ function sync_package_pfblockerng($cron = "") { $log = "\n\n UPDATE PROCESS ENDED [ NOW ]\n"; pfb_logger("{$log}","1"); } + + + ######################################### + # Define/Apply CRON Jobs # + ######################################### + + # Clear any existing pfBlockerNG Cron Jobs + install_cron_job("pfblockerng.php cron", false); + + # Replace Cron job with any User Changes to $pfb_min + if ($pfb['enable'] == "on") { + # Define pfBlockerNG CRON Job + $pfb_cmd = "/usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php cron >> {$pfb['log']} 2>&1"; + # $pfb['min'] ( User Defined Variable. Variable defined at start of Script ) + $pfb_hour = "*"; + $pfb_mday = "*"; + $pfb_month = "*"; + $pfb_wday = "*"; + $pfb_who = "root"; + + install_cron_job($pfb_cmd, true, $pfb['min'], $pfb_hour, $pfb_mday, $pfb_month, $pfb_wday, $pfb_who); + } + + # Clear any existing pfBlockerNG MaxMind CRON Job + install_cron_job("pfblockerng.php dc", false); + + if ($pfb['enable'] == "on") { + # Define pfBlockerNG MaxMind CRON Job + $pfb_gcmd = "/usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php dc >> {$pfb['geolog']} 2>&1"; + + # MaxMind GeoIP Cron Hour is randomized between 0-23 Hour to minimize effect on MaxMind Website + + $pfb_gmin = "0"; + $pfb_ghour = rand(0,23); + $pfb_gmday = "1,2,3,4,5,6,7"; + $pfb_gmonth = "*"; + $pfb_gwday = "2"; + $pfb_gwho = "root"; + + install_cron_job($pfb_gcmd, true, $pfb_gmin, $pfb_ghour, $pfb_gmday, $pfb_gmonth, $pfb_gwday, $pfb_gwho); + } } diff --git a/config/pfblockerng/pfblockerng.xml b/config/pfblockerng/pfblockerng.xml index 7c548921..54c6c061 100644 --- a/config/pfblockerng/pfblockerng.xml +++ b/config/pfblockerng/pfblockerng.xml @@ -230,6 +230,12 @@ If "Keep Settings" is not "enabled" on pkg Install/De-Install, all Settings will be Wiped!]]></description> </field> <field> + <fielddescr><![CDATA[<strong>Keep Settings</strong>/Lists After Disable/Re-Install/De-Install]]></fielddescr> + <fieldname>pfb_keep</fieldname> + <type>checkbox</type> + <description>Keep Settings and Lists intact when pfBlockerNG is Disabled or After pfBlockerNG Re-Install/De-Install</description> + </field> + <field> <fielddescr>CRON MIN Start Time</fielddescr> <fieldname>pfb_min</fieldname> <description><![CDATA[Default: <strong> : 00</strong><br /> @@ -327,12 +333,6 @@ </description> </field> <field> - <fielddescr><![CDATA[<strong>Keep Settings</strong>/Lists After Disable/Re-Install/De-Install]]></fielddescr> - <fieldname>pfb_keep</fieldname> - <type>checkbox</type> - <description>Keep Settings and Lists intact when pfBlockerNG is Disabled or After pfBlockerNG Re-Install/De-Install</description> - </field> - <field> <fielddescr>Global Enable Logging</fielddescr> <fieldname>enable_log</fieldname> <type>checkbox</type> diff --git a/config/pfblockerng/pfblockerng_alerts.php b/config/pfblockerng/pfblockerng_alerts.php index 7b84bca8..f03f7040 100644 --- a/config/pfblockerng/pfblockerng_alerts.php +++ b/config/pfblockerng/pfblockerng_alerts.php @@ -39,9 +39,19 @@ POSSIBILITY OF SUCH DAMAGE. */ +// Auto-Resolve Hostnames +if (isset($_REQUEST['getpfhostname'])) { + $getpfhostname = htmlspecialchars($_REQUEST['getpfhostname']); + $hostname = htmlspecialchars(gethostbyaddr($getpfhostname), ENT_QUOTES); + if ($hostname == $getpfhostname) { + $hostname = 'unknown'; + } + echo $hostname; + die; +} + require_once("util.inc"); require_once("guiconfig.inc"); -require_once("globals.inc"); require_once("filter_log.inc"); require_once("/usr/local/pkg/pfblockerng/pfblockerng.inc"); @@ -267,18 +277,6 @@ if (isset($_POST['addsuppress'])) { } } -// Auto-Resolve Hostnames -if (isset($_REQUEST['getpfhostname'])) { - $getpfhostname = htmlspecialchars($_REQUEST['getpfhostname']); - $hostname = htmlspecialchars(gethostbyaddr($getpfhostname), ENT_QUOTES); - if ($hostname == $getpfhostname) { - $hostname = 'unknown'; - } - echo $hostname; - die; -} - - // Host Resolve Function lookup function getpfbhostname($type = 'src', $hostip, $countme = 0) { $hostnames['src'] = ''; @@ -448,9 +446,9 @@ if ($pfb['runonce']) { // pfSense versions below 2.2 have the Logfiles in two lines. if ($pfb['pfsenseversion'] >= '2.2') { - $pfblines = exec("/usr/bin/grep -c ^ {$filter_logfile}"); + $pfblines = exec("/usr/local/sbin/clog {$filter_logfile} | /usr/bin/grep -c ^"); } else { - $pfblines = (exec("/usr/bin/grep -c ^ {$filter_logfile}") /2 ); + $pfblines = (exec("/usr/local/sbin/clog {$filter_logfile} | /usr/bin/grep -c ^") /2 ); } $fields_array = conv_log_filter($filter_logfile, $pfblines, $pfblines); @@ -683,6 +681,14 @@ if (!empty($fields_array)) { } } + $pfb_matchtitle = "Country Block Rules cannot be suppressed.\n\nTo allow a particular Country IP, either remove the particular Country or add the Host\nto a Permit Alias in the Firewall Tab.\n\nIf the IP is not listed beside the List, this means that the Block is a /32 entry.\nOnly /32 or /24 CIDR Hosts can be suppressed.\n\nIf (Duplication) Checking is not enabled. You may see /24 and /32 CIDR Blocks for a given blocked Host"; + + // Truncate Long List Names + if (strlen($pfb_match[1]) >= 17) { + $pfb_matchtitle = $pfb_match[1]; + $pfb_match[1] = substr($pfb_match[1], 0, 16) . '...'; + } + // Print Alternating Line Shading if ($pfb['pfsenseversion'] > '2.0') { $alertRowEvenClass = "listMReven"; @@ -706,7 +712,7 @@ if (!empty($fields_array)) { <td nowrap='nowrap' class='listMRr' align='center' style='sorttable_customkey:{$fields['srcip']};' sorttable_customkey='{$fields['srcip']}'>{$src_icons}{$fields['srcip']}{$srcport}<br /><small>{$hostname['src']}</small></td> <td nowrap='nowrap' class='listMRr' align='center' style='sorttable_customkey:{$fields['dstip']};' sorttable_customkey='{$fields['dstip']}'>{$dst_icons}{$fields['dstip']}{$dstport}<br /><small>{$hostname['dst']}</small></td> <td class='listMRr' align='center'>{$countrycode}</td> - <td class='listbg' align='center' title='Country Block Rules cannot be suppressed.\n\nTo allow a particular Country IP, either remove the particular Country or add the Host\nto a Permit Alias in the Firewall Tab.\n\nIf the IP is not listed beside the List, this means that the Block is a /32 entry.\nOnly /32 or /24 CIDR Hosts can be suppressed.\n\nIf (Duplication) Checking is not enabled. You may see /24 and /32 CIDR Blocks for a given blocked Host' style=\"font-size: 10px word-wrap:break-word;\">{$pfb_match[1]}<br />{$pfb_match[2]}</td></tr>"; + <td class='listbg' align='center' title='{$pfb_matchtitle}' style=\"font-size: 10px word-wrap:break-word;\">{$pfb_match[1]}<br />{$pfb_match[2]}</td></tr>"; $counter++; if ($counter > 0 && $rtype == "block") { $mycounter = $counter; @@ -756,10 +762,10 @@ function findhostnames(counter) { ) } - var lines = <?php echo $mycounter; ?>; - for (i = 0; i < lines; i++) { - findhostnames(i); - } +var lines = <?php echo $mycounter; ?>; +for (alertcount = 0; alertcount < lines; alertcount++) { + setTimeout(findhostnames(alertcount), 30); +} //]]> </script> |