diff options
author | Tom Schaefer <tom@tomschaefer.org> | 2011-01-31 13:39:26 -0500 |
---|---|---|
committer | Tom Schaefer <tom@tomschaefer.org> | 2011-01-31 13:41:37 -0500 |
commit | 7c61cec6833ae3c9dcb6a8105ef75af35a785016 (patch) | |
tree | db4c15f8748b4be5d4aa8a13463cbba85e67249b /config | |
parent | 686faeab1a7aac13e992b4b3d9d3bd2d4ea727dd (diff) | |
download | pfsense-packages-7c61cec6833ae3c9dcb6a8105ef75af35a785016.tar.gz pfsense-packages-7c61cec6833ae3c9dcb6a8105ef75af35a785016.tar.bz2 pfsense-packages-7c61cec6833ae3c9dcb6a8105ef75af35a785016.zip |
Update to be independant of countryipblocks site to relieve bandwidth
Diffstat (limited to 'config')
-rw-r--r-- | config/countryblock/countryblock.inc | 15 | ||||
-rw-r--r--[-rwxr-xr-x] | config/countryblock/countryblock.sh | 168 | ||||
-rw-r--r--[-rwxr-xr-x] | config/countryblock/countryblock.tmp | 57 | ||||
-rw-r--r-- | config/countryblock/countryblock.xml | 395 | ||||
-rw-r--r--[-rwxr-xr-x] | config/countryblock/countryblock_if.tmp | 0 | ||||
-rw-r--r--[-rwxr-xr-x] | config/countryblock/email.tmp | 0 | ||||
-rw-r--r--[-rwxr-xr-x] | config/countryblock/execute.sh | 168 | ||||
-rw-r--r--[-rwxr-xr-x] | config/countryblock/firewall_shaper.tmp | 0 | ||||
-rw-r--r--[-rwxr-xr-x] | config/countryblock/help.tmp | 0 | ||||
-rw-r--r--[-rwxr-xr-x] | config/countryblock/interfaces.txt | 0 | ||||
-rw-r--r--[-rwxr-xr-x] | config/countryblock/settings.tmp | 0 | ||||
-rw-r--r--[-rwxr-xr-x] | config/countryblock/whitelist.tmp | 0 |
12 files changed, 436 insertions, 367 deletions
diff --git a/config/countryblock/countryblock.inc b/config/countryblock/countryblock.inc index 902bcad5..25077311 100644 --- a/config/countryblock/countryblock.inc +++ b/config/countryblock/countryblock.inc @@ -4,7 +4,7 @@ /* ========================================================================== */ /* countryblock.inc - Copyright (C) 2010 Tom Schaefer + Copyright (C) 2011 Tom Schaefer All rights reserved. */ /* ========================================================================== */ @@ -54,6 +54,11 @@ function php_install_command_cb() exec("mkdir /usr/local/www/packages/countryblock/"); } + if (!is_dir('/usr/local/www/packages/countryblock/CIDR')) { + exec("mkdir /usr/local/www/packages/countryblock/CIDR"); + } + + //rename PHP files from .tmp to .php @@ -97,7 +102,15 @@ function php_install_command_cb() exec("cp /tmp/interfaces.txt /usr/local/www/packages/countryblock/interfaces.txt"); unlink_if_exists("/tmp/interfaces.txt"); + exec("cp /tmp/CIDR.tar.gz /usr/local/www/packages/countryblock/CIDR.tar.gz"); + unlink_if_exists("/tmp/CIDR.tar.gz"); + exec("tar xzf /usr/local/www/packages/countryblock/CIDR.tar.gz -C /usr/local/www/packages/countryblock/CIDR"); + exec("rm /usr/local/www/packages/countryblock/CIDR.tar.gz"); + + exec("mkdir /usr/local/www/packages/countryblock/lists"); + exec("touch /usr/local/www/packages/countryblock/lists/countries.txt"); + conf_mount_ro(); config_unlock(); diff --git a/config/countryblock/countryblock.sh b/config/countryblock/countryblock.sh index 11a8c335..c979045d 100755..100644 --- a/config/countryblock/countryblock.sh +++ b/config/countryblock/countryblock.sh @@ -1,84 +1,84 @@ -#!/bin/sh - -#check if countryblock running -export resultr=`pfctl -s rules | grep -c countryblock` -#echo $resultr -if [ "$resultr" -gt "0" ]; then - echo running - exit 1 -else - echo not running - /usr/bin/logger -s "Countryblock was found not running" - echo "Countryblock not running" | /usr/local/bin/php /usr/local/www/packages/countryblock/email_send.php -fi - -pfctl -t countryblock -T kill -sed -i -e '/countryblock/d' /tmp/rules.debug - -#Now edit /tmp/rules.debug - -#find my line for table -export i=`grep -n 'block quick from any to <snort2c>' /tmp/rules.debug | grep -o '[0-9]\{2,4\}'` -export t=`grep -n 'User Aliases' /tmp/rules.debug |grep -o '[0-9]\{1,2\}'` - -i=$(($i+'1')) -t=$(($t+'1')) -#i = line where <snort2c> is -#t is where 'User Aliases' is -echo $i -echo $t - -rm /tmp/rules.debug.tmp - -#Insert table-entry limit -sed -i -e '/900000/d' /tmp/rules.debug -while read line - do a=$(($a+1)); - #echo $a; - if [ "$a" = "$t" ]; then - echo "" >> /tmp/rules.debug.tmp - echo "set limit table-entries 900000" >> /tmp/rules.debug.tmp - fi - echo $line >> /tmp/rules.debug.tmp -done < "/tmp/rules.debug" - -mv /tmp/rules.debug /tmp/rules.debug.old -mv /tmp/rules.debug.tmp /tmp/rules.debug - -pfctl -o basic -f /tmp/rules.debug > errorOUT.txt 2>&1 - -rm /tmp/rules.debug.tmp - -#Insert countryblock rules -a="0" -echo $a -while read line - do a=$(($a+1)); - echo $a; - if [ "$a" = "$i" ]; then - echo "" >> /tmp/rules.debug.tmp - echo "#countryblock" >> /tmp/rules.debug.tmp - echo "table <countryblock> persist file '/usr/local/www/packages/countryblock/lists/countries.txt'" >> /tmp/rules.debug.tmp - echo "table <countryblockW> persist file '/usr/local/www/packages/countryblock/countries-white.txt'" >> /tmp/rules.debug.tmp - - for i in $(cat /usr/local/www/packages/countryblock/interfaces.txt); do - echo "pass quick from <countryblockW> to $i label 'countryblock'" >> /tmp/rules.debug.tmp - echo "pass quick from $i to <countryblockW> label 'countryblock'" >> /tmp/rules.debug.tmp - if [ -f logging ]; then - echo "block log quick from <countryblock> to $i label 'countryblock'" >> /tmp/rules.debug.tmp - else - echo "block quick from <countryblock> to $i label 'countryblock'" >> /tmp/rules.debug.tmp - fi - if [ -f OUTBOUND ]; then - echo "block quick from $i to <countryblock> label 'countryblock'" >> /tmp/rules.debug.tmp - fi - done - fi - echo $line >> /tmp/rules.debug.tmp -done < "/tmp/rules.debug" - -mv /tmp/rules.debug /tmp/rules.debug.old -mv /tmp/rules.debug.tmp /tmp/rules.debug - -rm errorOUT.txt -pfctl -o basic -f /tmp/rules.debug > /usr/local/www/packages/countryblock/errorOUT.txt 2>&1 +#!/bin/sh
+
+#check if countryblock running
+export resultr=`pfctl -s rules | grep -c countryblock`
+#echo $resultr
+if [ "$resultr" -gt "0" ]; then
+ echo running
+ exit 1
+else
+ echo not running
+ /usr/bin/logger -s "Countryblock was found not running"
+ echo "Countryblock not running" | /usr/local/bin/php /usr/local/www/packages/countryblock/email_send.php
+fi
+
+pfctl -t countryblock -T kill
+sed -i -e '/countryblock/d' /tmp/rules.debug
+
+#Now edit /tmp/rules.debug
+
+#find my line for table
+export i=`grep -n 'block quick from any to <snort2c>' /tmp/rules.debug | grep -o '[0-9]\{2,4\}'`
+export t=`grep -n 'User Aliases' /tmp/rules.debug |grep -o '[0-9]\{1,2\}'`
+
+i=$(($i+'1'))
+t=$(($t+'1'))
+#i = line where <snort2c> is
+#t is where 'User Aliases' is
+echo $i
+echo $t
+
+rm /tmp/rules.debug.tmp
+
+#Insert table-entry limit
+sed -i -e '/900000/d' /tmp/rules.debug
+while read line
+ do a=$(($a+1));
+ #echo $a;
+ if [ "$a" = "$t" ]; then
+ echo "" >> /tmp/rules.debug.tmp
+ echo "set limit table-entries 900000" >> /tmp/rules.debug.tmp
+ fi
+ echo $line >> /tmp/rules.debug.tmp
+done < "/tmp/rules.debug"
+
+mv /tmp/rules.debug /tmp/rules.debug.old
+mv /tmp/rules.debug.tmp /tmp/rules.debug
+
+pfctl -o basic -f /tmp/rules.debug > errorOUT.txt 2>&1
+
+rm /tmp/rules.debug.tmp
+
+#Insert countryblock rules
+a="0"
+echo $a
+while read line
+ do a=$(($a+1));
+ echo $a;
+ if [ "$a" = "$i" ]; then
+ echo "" >> /tmp/rules.debug.tmp
+ echo "#countryblock" >> /tmp/rules.debug.tmp
+ echo "table <countryblock> persist file '/usr/local/www/packages/countryblock/lists/countries.txt'" >> /tmp/rules.debug.tmp
+ echo "table <countryblockW> persist file '/usr/local/www/packages/countryblock/countries-white.txt'" >> /tmp/rules.debug.tmp
+
+ for i in $(cat /usr/local/www/packages/countryblock/interfaces.txt); do
+ echo "pass quick from <countryblockW> to $i label 'countryblock'" >> /tmp/rules.debug.tmp
+ echo "pass quick from $i to <countryblockW> label 'countryblock'" >> /tmp/rules.debug.tmp
+ if [ -f logging ]; then
+ echo "block log quick from <countryblock> to $i label 'countryblock'" >> /tmp/rules.debug.tmp
+ else
+ echo "block quick from <countryblock> to $i label 'countryblock'" >> /tmp/rules.debug.tmp
+ fi
+ if [ -f OUTBOUND ]; then
+ echo "block quick from $i to <countryblock> label 'countryblock'" >> /tmp/rules.debug.tmp
+ fi
+ done
+ fi
+ echo $line >> /tmp/rules.debug.tmp
+done < "/tmp/rules.debug"
+
+mv /tmp/rules.debug /tmp/rules.debug.old
+mv /tmp/rules.debug.tmp /tmp/rules.debug
+
+rm errorOUT.txt
+pfctl -o basic -f /tmp/rules.debug > /usr/local/www/packages/countryblock/errorOUT.txt 2>&1
diff --git a/config/countryblock/countryblock.tmp b/config/countryblock/countryblock.tmp index 605b0d3a..94fffcc3 100755..100644 --- a/config/countryblock/countryblock.tmp +++ b/config/countryblock/countryblock.tmp @@ -41,7 +41,9 @@ if (count($_POST)>0) { exec("mkdir lists"); foreach ($lines as $line) { //echo("fetch -o lists http://www.countryipblocks.net/e_country_data/{$line}_cidr.txt"); - exec("fetch -o lists/temp http://www.countryipblocks.net/e_country_data/{$line}_cidr.txt"); + //Fetch countries from server + exec("fetch -o lists/temp http://127.0.0.1//packages/countryblock/CIDR/{$line}_cidr.txt"); + //exec("fetch -o lists/temp http://www.countryipblocks.net/e_country_data/{$line}_cidr.txt"); exec("cat lists/temp >> lists/countries.txt"); $filename = basename($line); //Extract list @@ -80,7 +82,7 @@ if (count($_POST)>0) { <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> -<p class="pgtitle"><?=$pgtitle?></p> + <?php if ($input_errors) print_input_errors($input_errors); ?> <?php if ($savemsg) print_info_box($savemsg); ?> <form method=POST action=""> @@ -304,7 +306,7 @@ background-color: #F3F3F3; ?> - of 246 selected. </h3><input type="checkbox" name="checkall" onClick="checkUncheckAll(this);"/>select/unselect + of 252 selected. </h3><input type="checkbox" name="checkall" onClick="checkUncheckAll(this);"/>select/unselect <br/> @@ -639,6 +641,14 @@ ob_end_clean(); echo "<li><input name='formCountry[]' type='checkbox' value='BO' checked/>Bolivia</li>"; else echo "<li><input name='formCountry[]' type='checkbox' value='BO' />Bolivia</li>"; + +ob_start(); +$results = exec("cat countries.txt | grep BQ"); +ob_end_clean(); + if ($results == 'BQ') + echo "<li><input name='formCountry[]' type='checkbox' value='BQ' checked/>Bonaire, Saint Eustatius and Saba</li>"; + else + echo "<li><input name='formCountry[]' type='checkbox' value='BQ' />Bonaire, Saint Eustatius and Saba</li>"; ob_start(); $results = exec("cat countries.txt | grep BA"); @@ -868,6 +878,15 @@ ob_end_clean(); echo "<li><input name='formCountry[]' type='checkbox' value='CU' checked/>Cuba</li>"; else echo "<li><input name='formCountry[]' type='checkbox' value='CU' />Cuba</li>"; + +ob_start(); +$results = exec("cat countries.txt | grep CW"); +ob_end_clean(); + if ($results == 'CW') + echo "<li><input name='formCountry[]' type='checkbox' value='CW' checked/>Curacao</li>"; + else + echo "<li><input name='formCountry[]' type='checkbox' value='CW' />Curacao</li>"; + ob_start(); $results = exec("cat countries.txt | grep CY"); @@ -1361,6 +1380,14 @@ ob_end_clean(); echo "<li><input name='formCountry[]' type='checkbox' value='JP' checked/>Japan</li>"; else echo "<li><input name='formCountry[]' type='checkbox' value='JP' />Japan</li>"; + +ob_start(); +$results = exec("cat countries.txt | grep JE"); +ob_end_clean(); + if ($results == 'JE') + echo "<li><input name='formCountry[]' type='checkbox' value='JE' checked/>Jersey</li>"; + else + echo "<li><input name='formCountry[]' type='checkbox' value='JE' />Jersey</li>"; ob_start(); $results = exec("cat countries.txt | grep JO"); @@ -2013,6 +2040,14 @@ ob_end_clean(); <ul class="categoryitems"> <?php ob_start(); +$results = exec("cat countries.txt | grep BL"); +ob_end_clean(); + if ($results == 'BL') + echo "<li><input name='formCountry[]' type='checkbox' value='BL' checked/>Saint Barthelemy</li>"; + else + echo "<li><input name='formCountry[]' type='checkbox' value='BL' />Saint Barthelemy</li>"; + +ob_start(); $results = exec("cat countries.txt | grep SH"); ob_end_clean(); if ($results == 'SH') @@ -2035,6 +2070,14 @@ ob_end_clean(); echo "<li><input name='formCountry[]' type='checkbox' value='LC' checked/>Saint Lucia</li>"; else echo "<li><input name='formCountry[]' type='checkbox' value='LC' />Saint Lucia</li>"; + +ob_start(); +$results = exec("cat countries.txt | grep MF"); +ob_end_clean(); + if ($results == 'MF') + echo "<li><input name='formCountry[]' type='checkbox' value='MF' checked/>Saint Martin</li>"; + else + echo "<li><input name='formCountry[]' type='checkbox' value='MF' />Saint Martin</li>"; ob_start(); $results = exec("cat countries.txt | grep PM"); @@ -2123,6 +2166,14 @@ ob_end_clean(); echo "<li><input name='formCountry[]' type='checkbox' value='SG' checked/>Singapore</li>"; else echo "<li><input name='formCountry[]' type='checkbox' value='SG' />Singapore</li>"; + +ob_start(); +$results = exec("cat countries.txt | grep SX"); +ob_end_clean(); + if ($results == 'SX') + echo "<li><input name='formCountry[]' type='checkbox' value='SX' checked/>Sint Maarten</li>"; + else + echo "<li><input name='formCountry[]' type='checkbox' value='SX' />Sint Maarten</li>"; ob_start(); $results = exec("cat countries.txt | grep SK"); diff --git a/config/countryblock/countryblock.xml b/config/countryblock/countryblock.xml index c58fc917..a91a5ed7 100644 --- a/config/countryblock/countryblock.xml +++ b/config/countryblock/countryblock.xml @@ -1,195 +1,200 @@ -<?xml version="1.0" encoding="utf-8" ?> -<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> -<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> -<packagegui> - <copyright> - <![CDATA[ -/* $Id$ */ -/* ========================================================================== */ -/* - countryblock.xml - Copyright (C) 2010 Tom Schaefer - All rights reserved. - */ -/* ========================================================================== */ -/* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> - <description>Country Block</description> - <requirements>Active Internet</requirements> - <faq>http://forum.pfsense.org/index.php/topic,25732.0.html</faq> - <name>Country Block Settings</name> - <version>0.1.9</version> - <title>Settings</title> - <include_file>/usr/local/pkg/countryblock.inc</include_file> - <menu> - <name>Country Block</name> - <tooltiptext>Country Block settings</tooltiptext> - <section>Firewall</section> - <configfile>countryblock.xml</configfile> - <url>/packages/countryblock/countryblock.php</url> - </menu> - <tabs> - <tab> - <text>Settings</text> - <url>/packages/countryblock/countryblock.php</url> - <active/> - </tab> - </tabs> - <configpath>installedpackages->package->$packagename->configuration->countryblock</configpath> - <additional_files_needed> - <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/countryblock.xml</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/countryblock.inc</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/interfaces.txt</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/countryblock.tmp</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/execute.sh</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/countryblock.sh</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/index.tmp</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/ddaccordion.js</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/jquery.min.js</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/public_smo_scripts.js</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/titlebar.png</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/titlebar-active.png</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/purge.tmp</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/whitelist.tmp</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/countryblock_if.tmp</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/firewall_shaper.tmp</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/help.tmp</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/settings.tmp</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/class.phpmailer.tmp</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/class.smtp.tmp</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/tmp/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/countryblock/email.tmp</item> - </additional_files_needed> - <fields> - <field> - <fielddescr>Variable One</fielddescr> - <fieldname>var1</fieldname> - <description>Enter the variable one here.</description> - <type>input</type> - </field> - <field> - <fielddescr>Variable Two</fielddescr> - <fieldname>var1</fieldname> - <description>Enter the variable one here.</description> - <type>input</type> - </field> - </fields> - <custom_add_php_command> - </custom_add_php_command> - <custom_php_resync_config_command> - php_sync_package_cb(); - </custom_php_resync_config_command> - <custom_delete_php_command> - php_sync_package_cb(); - </custom_delete_php_command> - <custom_php_install_command> - php_install_command_cb(); - </custom_php_install_command> - <custom_php_deinstall_command> - deinstall_command_cb(); - </custom_php_deinstall_command> -</packagegui> +<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ========================================================================== */
+/*
+ countryblock.xml
+ Copyright (C) 2011 Tom Schaefer
+ All rights reserved.
+ */
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Country Block</description>
+ <requirements>Active Internet</requirements>
+ <faq>http://forum.pfsense.org/index.php/topic,25732.0.html</faq>
+ <name>Country Block Settings</name>
+ <version>0.2.0</version>
+ <title>Settings</title>
+ <include_file>/usr/local/pkg/countryblock.inc</include_file>
+ <menu>
+ <name>Country Block</name>
+ <tooltiptext>Country Block settings</tooltiptext>
+ <section>Firewall</section>
+ <configfile>countryblock.xml</configfile>
+ <url>/packages/countryblock/countryblock.php</url>
+ </menu>
+ <tabs>
+ <tab>
+ <text>Settings</text>
+ <url>/packages/countryblock/countryblock.php</url>
+ <active/>
+ </tab>
+ </tabs>
+ <configpath>installedpackages->package->$packagename->configuration->countryblock</configpath>
+ <additional_files_needed>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/countryblock.xml</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/countryblock.inc</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/interfaces.txt</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/countryblock.tmp</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/execute.sh</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/countryblock.sh</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/index.tmp</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/ddaccordion.js</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/jquery.min.js</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/public_smo_scripts.js</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/titlebar.png</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/titlebar-active.png</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/purge.tmp</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/whitelist.tmp</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/countryblock_if.tmp</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/firewall_shaper.tmp</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/help.tmp</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/settings.tmp</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/class.phpmailer.tmp</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/class.smtp.tmp</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/email.tmp</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.org/packages/config/countryblock/CIDR.tar.gz</item>
+ </additional_files_needed>
+ <fields>
+ <field>
+ <fielddescr>Variable One</fielddescr>
+ <fieldname>var1</fieldname>
+ <description>Enter the variable one here.</description>
+ <type>input</type>
+ </field>
+ <field>
+ <fielddescr>Variable Two</fielddescr>
+ <fieldname>var1</fieldname>
+ <description>Enter the variable one here.</description>
+ <type>input</type>
+ </field>
+ </fields>
+ <custom_add_php_command>
+ </custom_add_php_command>
+ <custom_php_resync_config_command>
+ php_sync_package_cb();
+ </custom_php_resync_config_command>
+ <custom_delete_php_command>
+ php_sync_package_cb();
+ </custom_delete_php_command>
+ <custom_php_install_command>
+ php_install_command_cb();
+ </custom_php_install_command>
+ <custom_php_deinstall_command>
+ deinstall_command_cb();
+ </custom_php_deinstall_command>
+</packagegui>
diff --git a/config/countryblock/countryblock_if.tmp b/config/countryblock/countryblock_if.tmp index 8471f075..8471f075 100755..100644 --- a/config/countryblock/countryblock_if.tmp +++ b/config/countryblock/countryblock_if.tmp diff --git a/config/countryblock/email.tmp b/config/countryblock/email.tmp index e5ac6c18..e5ac6c18 100755..100644 --- a/config/countryblock/email.tmp +++ b/config/countryblock/email.tmp diff --git a/config/countryblock/execute.sh b/config/countryblock/execute.sh index 41f6d2cf..f30e9d20 100755..100644 --- a/config/countryblock/execute.sh +++ b/config/countryblock/execute.sh @@ -1,84 +1,84 @@ -#!/bin/sh - -#is countryblock running -#export resultr=`pfctl -s rules | grep -c countryblock` -#echo $resultr -#if [ "$resultr" -gt "0" ]; then -# echo running -# exit 1 -#else -# echo not running -# /usr/bin/logger -s "Countryblock was found not running" -# echo "Countryblock not running" | /usr/local/bin/php /usr/local/www/packages/countryblock/email_send.php -#fi - -pfctl -t countryblock -T kill -sed -i -e '/countryblock/d' /tmp/rules.debug - -#Now edit /tmp/rules.debug - -#find my line for table -export i=`grep -n 'block quick from any to <snort2c>' /tmp/rules.debug | grep -o '[0-9]\{2,4\}'` -export t=`grep -n 'User Aliases' /tmp/rules.debug |grep -o '[0-9]\{1,2\}'` - -i=$(($i+'1')) -t=$(($t+'1')) -#i = line where <snort2c> is -#t is where 'User Aliases' is -echo $i -echo $t - -rm /tmp/rules.debug.tmp - -#Insert table-entry limit -sed -i -e '/900000/d' /tmp/rules.debug -while read line - do a=$(($a+1)); - #echo $a; - if [ "$a" = "$t" ]; then - echo "" >> /tmp/rules.debug.tmp - echo "set limit table-entries 900000" >> /tmp/rules.debug.tmp - fi - echo $line >> /tmp/rules.debug.tmp -done < "/tmp/rules.debug" - -mv /tmp/rules.debug /tmp/rules.debug.old -mv /tmp/rules.debug.tmp /tmp/rules.debug - -pfctl -o basic -f /tmp/rules.debug > errorOUT.txt 2>&1 - -rm /tmp/rules.debug.tmp - -#Insert countryblock rules -a="0" -echo $a -while read line - do a=$(($a+1)); - echo $a; - if [ "$a" = "$i" ]; then - echo "" >> /tmp/rules.debug.tmp - echo "#countryblock" >> /tmp/rules.debug.tmp - echo "table <countryblock> persist file '/usr/local/www/packages/countryblock/lists/countries.txt'" >> /tmp/rules.debug.tmp - echo "table <countryblockW> persist file '/usr/local/www/packages/countryblock/countries-white.txt'" >> /tmp/rules.debug.tmp - - for i in $(cat /usr/local/www/packages/countryblock/interfaces.txt); do - echo "pass quick from <countryblockW> to $i label 'countryblock'" >> /tmp/rules.debug.tmp - echo "pass quick from $i to <countryblockW> label 'countryblock'" >> /tmp/rules.debug.tmp - if [ -f logging ]; then - echo "block log quick from <countryblock> to $i label 'countryblock'" >> /tmp/rules.debug.tmp - else - echo "block quick from <countryblock> to $i label 'countryblock'" >> /tmp/rules.debug.tmp - fi - if [ -f OUTBOUND ]; then - echo "block quick from $i to <countryblock> label 'countryblock'" >> /tmp/rules.debug.tmp - fi - done - fi - echo $line >> /tmp/rules.debug.tmp -done < "/tmp/rules.debug" - -mv /tmp/rules.debug /tmp/rules.debug.old -mv /tmp/rules.debug.tmp /tmp/rules.debug - -rm errorOUT.txt -pfctl -o basic -f /tmp/rules.debug > /usr/local/www/packages/countryblock/errorOUT.txt 2>&1 +#!/bin/sh
+
+#is countryblock running
+#export resultr=`pfctl -s rules | grep -c countryblock`
+#echo $resultr
+#if [ "$resultr" -gt "0" ]; then
+# echo running
+# exit 1
+#else
+# echo not running
+# /usr/bin/logger -s "Countryblock was found not running"
+# echo "Countryblock not running" | /usr/local/bin/php /usr/local/www/packages/countryblock/email_send.php
+#fi
+
+pfctl -t countryblock -T kill
+sed -i -e '/countryblock/d' /tmp/rules.debug
+
+#Now edit /tmp/rules.debug
+
+#find my line for table
+export i=`grep -n 'block quick from any to <snort2c>' /tmp/rules.debug | grep -o '[0-9]\{2,4\}'`
+export t=`grep -n 'User Aliases' /tmp/rules.debug |grep -o '[0-9]\{1,2\}'`
+
+i=$(($i+'1'))
+t=$(($t+'1'))
+#i = line where <snort2c> is
+#t is where 'User Aliases' is
+echo $i
+echo $t
+
+rm /tmp/rules.debug.tmp
+
+#Insert table-entry limit
+sed -i -e '/900000/d' /tmp/rules.debug
+while read line
+ do a=$(($a+1));
+ #echo $a;
+ if [ "$a" = "$t" ]; then
+ echo "" >> /tmp/rules.debug.tmp
+ echo "set limit table-entries 900000" >> /tmp/rules.debug.tmp
+ fi
+ echo $line >> /tmp/rules.debug.tmp
+done < "/tmp/rules.debug"
+
+mv /tmp/rules.debug /tmp/rules.debug.old
+mv /tmp/rules.debug.tmp /tmp/rules.debug
+
+pfctl -o basic -f /tmp/rules.debug > errorOUT.txt 2>&1
+
+rm /tmp/rules.debug.tmp
+
+#Insert countryblock rules
+a="0"
+echo $a
+while read line
+ do a=$(($a+1));
+ echo $a;
+ if [ "$a" = "$i" ]; then
+ echo "" >> /tmp/rules.debug.tmp
+ echo "#countryblock" >> /tmp/rules.debug.tmp
+ echo "table <countryblock> persist file '/usr/local/www/packages/countryblock/lists/countries.txt'" >> /tmp/rules.debug.tmp
+ echo "table <countryblockW> persist file '/usr/local/www/packages/countryblock/countries-white.txt'" >> /tmp/rules.debug.tmp
+
+ for i in $(cat /usr/local/www/packages/countryblock/interfaces.txt); do
+ echo "pass quick from <countryblockW> to $i label 'countryblock'" >> /tmp/rules.debug.tmp
+ echo "pass quick from $i to <countryblockW> label 'countryblock'" >> /tmp/rules.debug.tmp
+ if [ -f logging ]; then
+ echo "block log quick from <countryblock> to $i label 'countryblock'" >> /tmp/rules.debug.tmp
+ else
+ echo "block quick from <countryblock> to $i label 'countryblock'" >> /tmp/rules.debug.tmp
+ fi
+ if [ -f OUTBOUND ]; then
+ echo "block quick from $i to <countryblock> label 'countryblock'" >> /tmp/rules.debug.tmp
+ fi
+ done
+ fi
+ echo $line >> /tmp/rules.debug.tmp
+done < "/tmp/rules.debug"
+
+mv /tmp/rules.debug /tmp/rules.debug.old
+mv /tmp/rules.debug.tmp /tmp/rules.debug
+
+rm errorOUT.txt
+pfctl -o basic -f /tmp/rules.debug > /usr/local/www/packages/countryblock/errorOUT.txt 2>&1
diff --git a/config/countryblock/firewall_shaper.tmp b/config/countryblock/firewall_shaper.tmp index d01ed55c..d01ed55c 100755..100644 --- a/config/countryblock/firewall_shaper.tmp +++ b/config/countryblock/firewall_shaper.tmp diff --git a/config/countryblock/help.tmp b/config/countryblock/help.tmp index 0100981d..0100981d 100755..100644 --- a/config/countryblock/help.tmp +++ b/config/countryblock/help.tmp diff --git a/config/countryblock/interfaces.txt b/config/countryblock/interfaces.txt index 124009d7..124009d7 100755..100644 --- a/config/countryblock/interfaces.txt +++ b/config/countryblock/interfaces.txt diff --git a/config/countryblock/settings.tmp b/config/countryblock/settings.tmp index 5bbfedc3..5bbfedc3 100755..100644 --- a/config/countryblock/settings.tmp +++ b/config/countryblock/settings.tmp diff --git a/config/countryblock/whitelist.tmp b/config/countryblock/whitelist.tmp index 0dbed5d0..0dbed5d0 100755..100644 --- a/config/countryblock/whitelist.tmp +++ b/config/countryblock/whitelist.tmp |