aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
authorBBcan177 <bbcan177@gmail.com>2015-02-03 14:20:48 -0500
committerRenato Botelho <garga@FreeBSD.org>2015-02-03 19:42:44 -0200
commita65a77ecf95a2f7c1092755c9978b38f3a361d89 (patch)
treef5affd311c7040359fb8e5182ccac0ede6156aa6 /config
parentc7e9ae35de710b7fb142542fa116cf707a0f768c (diff)
downloadpfsense-packages-a65a77ecf95a2f7c1092755c9978b38f3a361d89.tar.gz
pfsense-packages-a65a77ecf95a2f7c1092755c9978b38f3a361d89.tar.bz2
pfsense-packages-a65a77ecf95a2f7c1092755c9978b38f3a361d89.zip
pfBlockerNG - Fix Cron Update process and other improvements
Changes: 1) Add missing $pfbfolder variable to Cron Update function 2) Modify how the include files get loaded. 3) Reputation Tab only requires IPv4, simplify code to use IPv4 only for this function. 4) Update geoipupdate.sh to use the New PBI folder location and remove Archive folders after MaxMind Update process
Diffstat (limited to 'config')
-rw-r--r--config/pfblockerng/geoipupdate.sh28
-rw-r--r--config/pfblockerng/pfblockerng.inc3
-rw-r--r--config/pfblockerng/pfblockerng.php34
3 files changed, 38 insertions, 27 deletions
diff --git a/config/pfblockerng/geoipupdate.sh b/config/pfblockerng/geoipupdate.sh
index 4b8fbb63..302f81f5 100644
--- a/config/pfblockerng/geoipupdate.sh
+++ b/config/pfblockerng/geoipupdate.sh
@@ -23,19 +23,23 @@
# may be met by including the following in all advertising and documentation
# mentioning features of or use of this database.
-# Folder Locations
+mtype=$(/usr/bin/uname -m);
+
+# Application Locations
pathfetch=/usr/bin/fetch
pathtar=/usr/bin/tar
pathgunzip=/usr/bin/gunzip
-# File Locations
+# Folder Locations
pathdb=/var/db/pfblockerng
+pathpbi=/usr/pbi/pfblockerng-$mtype/share/GeoIP
pathlog=/var/log/pfblockerng
+
+# File Locations
errorlog=$pathlog/geoip.log
-pathgeoipdatgz=$pathdb/GeoIP.dat.gz
-pathgeoipdatgzv6=$pathdb/GeoIPv6.dat.gz
-pathgeoipdat=$pathdb/GeoIP.dat
-pathgeoipdatv6=$pathdb/GeoIPv6.dat
+geoipdat=/GeoIP.dat
+geoipdatv6=/GeoIPv6.dat
+
pathgeoipcc=$pathdb/country_continent.csv
pathgeoipcsv4=$pathdb/GeoIPCountryCSV.zip
pathgeoipcsvfinal4=$pathdb/GeoIPCountryWhois.csv
@@ -56,12 +60,12 @@ binaryupdate() {
echo " ** Downloading MaxMind GeoLite IPv4 Binary Database (For Reputation/Alerts Processes) **"; echo
URL="http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz"
-$pathfetch -v -o $pathgeoipdatgz -T 20 $URL
+$pathfetch -v -o $pathpbi$geoipdat.gz -T 20 $URL
if [ "$?" -eq "0" ]; then
- $pathgunzip -f $pathgeoipdatgz
+ $pathgunzip -f $pathpbi$geoipdat.gz
echo; echo " ( MaxMind IPv4 GeoIP.dat has been updated )"; echo
echo "Current Date/Timestamp:"
- /bin/ls -alh $pathgeoipdat
+ /bin/ls -alh $pathpbi$geoipdat
echo
else
echo; echo " => MaxMind IPv4 GeoIP.dat Update [ FAILED ]"; echo
@@ -72,12 +76,12 @@ fi
echo; echo " ** Downloading MaxMind GeoLite IPv6 Binary Database (For Reputation/Alerts Processes) **"; echo
URL="http://geolite.maxmind.com/download/geoip/database/GeoIPv6.dat.gz"
-$pathfetch -v -o $pathgeoipdatgzv6 -T 20 $URL
+$pathfetch -v -o $pathpbi$geoipdatv6.gz -T 20 $URL
if [ "$?" -eq "0" ]; then
- $pathgunzip -f $pathgeoipdatgzv6
+ $pathgunzip -f $pathpbi$geoipdatv6.gz
echo; echo " ( MaxMind IPv6 GeoIPv6.dat has been updated )"; echo
echo "Current Date/Timestamp:"
- /bin/ls -alh $pathgeoipdatv6
+ /bin/ls -alh $pathpbi$geoipdatv6
echo
else
echo; echo " => MaxMind IPv6 GeoIPv6.dat Update [ FAILED ]"; echo
diff --git a/config/pfblockerng/pfblockerng.inc b/config/pfblockerng/pfblockerng.inc
index d612dbf1..66b5a313 100644
--- a/config/pfblockerng/pfblockerng.inc
+++ b/config/pfblockerng/pfblockerng.inc
@@ -2341,9 +2341,6 @@ function pfblockerng_php_install_command() {
update_output_window(gettext("Downloading MaxMind Country Databases. This may take a minute..."));
exec("/bin/sh /usr/local/pkg/pfblockerng/geoipupdate.sh all >> {$pfb['geolog']} 2>&1");
- @rename("{$pfb['dbdir']}/GeoIP.dat", "{$pfb['ccdir']}/GeoIP.dat");
- @rename("{$pfb['dbdir']}/GeoIPv6.dat", "{$pfb['ccdir']}/GeoIPv6.dat");
-
update_output_window(gettext("MaxMind Country Database downloads completed..."));
update_output_window(gettext("Converting MaxMind Country Databases for pfBlockerNG. This may take a few minutes..."));
pfblockerng_uc_countries();
diff --git a/config/pfblockerng/pfblockerng.php b/config/pfblockerng/pfblockerng.php
index 1db36334..ca8a23a9 100644
--- a/config/pfblockerng/pfblockerng.php
+++ b/config/pfblockerng/pfblockerng.php
@@ -44,9 +44,13 @@ require_once("functions.inc");
require_once("pkg-utils.inc");
require_once("globals.inc");
require_once("services.inc");
-require_once("/usr/local/pkg/pfblockerng/pfblockerng.inc");
-pfb_global();
+// Call Include File and Collect updated Global Settings
+if (in_array($argv[1], array( 'update','dc','uc','gc','cron' ))) {
+ require_once("/usr/local/pkg/pfblockerng/pfblockerng.inc");
+ pfb_global();
+}
+
// IPv6 Range to CIDR function used courtesey from:
// https://github.com/stilez/pfsense-leases/blob/50cc0fa81dba5fe91bcddaea016c245d1b8479cc/etc/inc/util.inc
@@ -147,7 +151,7 @@ $uname = posix_uname();
if ($uname['machine'] == "amd64")
ini_set('memory_limit', '256M');
-function pfb_update_check($header_url, $list_url, $url_format) {
+function pfb_update_check($header_url, $list_url, $url_format, $pfbfolder) {
global $pfb;
$pfb['cron_update'] = FALSE;
@@ -230,6 +234,12 @@ if ($argv[1] == 'dc') {
}
pfblockerng_uc_countries();
pfblockerng_get_countries();
+
+ // Remove Original Maxmind Database Files
+ @unlink_if_exists("{$pfb['dbdir']}/GeoIPCountryCSV.zip");
+ @unlink_if_exists("{$pfb['dbdir']}/GeoIPCountryWhois.csv");
+ @unlink_if_exists("{$pfb['dbdir']}/GeoIPv6.csv");
+ @unlink_if_exists("{$pfb['dbdir']}/country_continent.csv");
}
if ($argv[1] == 'uc') {
@@ -425,7 +435,6 @@ if ($argv[1] == 'cron') {
// Function to process the downloaded Maxmind Database and format into Continent txt files.
function pfblockerng_uc_countries() {
global $g,$pfb;
- pfb_global();
$maxmind_cont = "{$pfb['dbdir']}/country_continent.csv";
$maxmind_cc4 = "{$pfb['dbdir']}/GeoIPCountryWhois.csv";
@@ -584,7 +593,6 @@ function pfblockerng_uc_countries() {
// Function to process Continent txt files and create Country ISO files and to Generate GUI XML files.
function pfblockerng_get_countries() {
global $g,$pfb;
- pfb_global();
$files = array ( "Africa" => "{$pfb['ccdir']}/Africa_v4.txt",
"Asia" => "{$pfb['ccdir']}/Asia_v4.txt",
@@ -622,7 +630,9 @@ function pfblockerng_get_countries() {
if (preg_match("/#/",$line)) {
if ($pfb['complete']) {
${'coptions' . $type}[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>';
- ${'roptions' . $type}[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>';
+ // Only collect IPv4 for Reputation Tab
+ if ($type == "4")
+ $roptions4[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>';
// Save ISO data
@file_put_contents($pfb['ccdir'] . '/' . $isocode . '_v' . $type . '.txt', $xml_data, LOCK_EX);
@@ -646,7 +656,8 @@ function pfblockerng_get_countries() {
if ($keycount == $lastkey) {
if (preg_match("/Total Networks: 0/", $line)) { continue;} // Dont Display Countries with Null Data
${'coptions' . $type}[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>';
- ${'roptions' . $type}[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>';
+ if ($type == "4")
+ $roptions4[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>';
@file_put_contents($pfb['ccdir'] . '/' . $isocode . '_v' . $type . '.txt', $xml_data, LOCK_EX);
unset($total, $xml_data);
}
@@ -962,13 +973,12 @@ EOF;
// Sort Countries IPv4 Alphabetically and Build XML <option> Data for Reputation Tab (IPv6 not used by ET IQRisk)
- $type = "4";
- sort(${'roptions' . $type}, SORT_STRING);
- $eoa = count(${'roptions' . $type});
+ sort($roptions4, SORT_STRING);
+ $eoa = count($roptions4);
$count = 1;
$etoptions = "";
- foreach (${'roptions' . $type} as $option4) {
+ foreach ($roptions4 as $option4) {
if ($count == 1) { $et_options .= "\t" . '<option><name>' . $option4 . "\n"; $count++; continue; }
if ($eoa == $count) {
$et_options .= "\t\t\t\t" . '<option><name>' . $option4;
@@ -1470,6 +1480,6 @@ EOF;
pfb_logger("{$log}","3");
// Unset Arrays
- unset ($et_options, $xmlrep);
+ unset ($roptions4, $et_options, $xmlrep);
}
?> \ No newline at end of file