aboutsummaryrefslogtreecommitdiffstats
path: root/config/pfblockerng
diff options
context:
space:
mode:
authorBBcan177 <bbcan177@gmail.com>2015-12-19 14:23:14 -0500
committerBBcan177 <bbcan177@gmail.com>2015-12-19 14:23:14 -0500
commitf09e61c1a2282088cbbd4133f013a439ea6876b9 (patch)
treef9c8b5701b583b3dbc77bb4968e7703e79499b22 /config/pfblockerng
parent26c1744f34d378b9408023a894825fce9d8c4dc5 (diff)
downloadpfsense-packages-f09e61c1a2282088cbbd4133f013a439ea6876b9.tar.gz
pfsense-packages-f09e61c1a2282088cbbd4133f013a439ea6876b9.tar.bz2
pfsense-packages-f09e61c1a2282088cbbd4133f013a439ea6876b9.zip
Update pfblockerng.inc
* Fix 'Match Outbound' rule variable name * Remove duplicate Alexa variable as its already in pfb_global() * Determine if a DNSBL background reload is running before updating DNSBL * Change "${cmd}" variable name to "{$cmd}"
Diffstat (limited to 'config/pfblockerng')
-rw-r--r--config/pfblockerng/pfblockerng.inc24
1 files changed, 16 insertions, 8 deletions
diff --git a/config/pfblockerng/pfblockerng.inc b/config/pfblockerng/pfblockerng.inc
index 7bfc6f0e..afd7a0ce 100644
--- a/config/pfblockerng/pfblockerng.inc
+++ b/config/pfblockerng/pfblockerng.inc
@@ -1075,7 +1075,7 @@ function find_reported_header($ip, $pfbfolder, $exclude=FALSE) {
// Query for any active pfBlockerNG CRON jobs
exec('/bin/ps -wax', $result_cron);
- if (preg_grep("/pfblockerng[.]php\s+?(cron|update)/", $result_cron)) {
+ if (preg_grep("/pfblockerng[.]php\s+?(cron|update|updatednsbl)/", $result_cron)) {
return array('updating..', 'CRON Task');
}
return array('', 'no match', FALSE);
@@ -1532,7 +1532,7 @@ function pfb_firewall_rule($action, $pfb_alias, $vtype='', $pfb_log, $adest='',
$rule['log'] = '';
}
$rule['created'] = array('time' => (int)microtime(true), 'username' => 'Auto');
- $rule['match_outbound'][] = $rule;
+ $pfb['match_outbound'][] = $rule;
if ($action != 'Match_Both') {
break;
}
@@ -1860,7 +1860,6 @@ function sync_package_pfblockerng($cron='') {
$pfb['dnsbl_iface'] = $pfb['dnsblconfig']['dnsbl_interface']?: 'lan'; // VIP Local Interface setting
$pfb['dnsbl_ip'] = $pfb['dnsblconfig']['action'] ?: 'Disabled'; // Enable/Disable IP blocking from DNSBL lists
$pfb['dnsbl_rule'] = $pfb['dnsblconfig']['pfb_dnsbl_rule'] ?: 'Disabled'; // Auto create a Floating Pass Rule for other Lan subnets
- $pfb['dnsbl_alexa'] = $pfb['dnsblconfig']['alexa_enable'] ?: 'Disabled'; // Enable Alexa whitelist
$pfb['dnsbl_alexa_cnt'] = $pfb['dnsblconfig']['alexa_count'] ?: '1000'; // Alexa whitelist domain setting
$pfb['dnsbl_alexa_inc'] = $pfb['dnsblconfig']['alexa_inclusion'] ?: ''; // Alexa TLDs inclusions for whitelisting
@@ -2163,8 +2162,8 @@ function sync_package_pfblockerng($cron='') {
}
}
- $pfb['remove'] = FALSE; // Flag to execute pfctl and rules ordering or reload of DNSBL domains
- $pfb['summary'] = FALSE; // Execute final summary as a list was removed
+ $pfb['remove'] = FALSE; // Flag to execute pfctl and rules ordering or reload of DNSBL domains
+ $pfb['summary'] = FALSE; // Execute final summary as a list was removed
// Process to remove lists from Masterfile/DB folder if they do not exist
if (isset($pfb['existing'])) {
@@ -2214,7 +2213,7 @@ function sync_package_pfblockerng($cron='') {
// Query for any active pfBlockerNG CRON jobs
$result_cron = array();
exec('/bin/ps -wax', $result_cron);
- if (preg_grep("/pfblockerng[.]php\s+?(cron|update)/", $result_cron)) {
+ if (preg_grep("/pfblockerng[.]php\s+?(cron|update|updatednsbl)/", $result_cron)) {
$log = "\n ** DNSBL Reload Terminated due to active pfBlockerNG cron process\n";
pfb_logger("{$log}", 1);
} else {
@@ -2223,7 +2222,7 @@ function sync_package_pfblockerng($cron='') {
// Clear any existing pfBlockerNG Cron Jobs to avoid collision
install_cron_job('pfblockerng.php cron', false);
$cmd = "/usr/local/bin/php /usr/local/www/pfblockerng/pfblockerng.php";
- mwexec_bg("${cmd} updatednsbl >> {$pfb['log']} 2>&1");
+ mwexec_bg("{$cmd} updatednsbl >> {$pfb['log']} 2>&1");
}
}
}
@@ -2304,6 +2303,15 @@ function sync_package_pfblockerng($cron='') {
pfb_logger("{$log}", 1);
$dnsbl_error = TRUE;
}
+
+ // Determine if a DNSBL Reload is running
+ $result_cron = array();
+ exec('/bin/ps -wax', $result_cron);
+ if (preg_grep("/pfblockerng[.]php\s+?(updatednsbl)/", $result_cron)) {
+ $log = "\n ** DNSBL Update Terminated due to active pfBlockerNG cron process\n";
+ pfb_logger("{$log}", 1);
+ $dnsbl_error = TRUE;
+ }
}
if ($pfb['dnsbl'] == 'on' && !$pfb['save'] && !$dnsbl_error) {
@@ -4780,4 +4788,4 @@ function pfblockerng_do_xmlrpc_sync($sync_to_ip, $port, $protocol, $username, $p
}
return $success;
}
-?> \ No newline at end of file
+?>