diff options
author | Renato Botelho <garga@FreeBSD.org> | 2015-02-02 09:13:57 -0200 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2015-02-02 09:13:57 -0200 |
commit | ebbf8ee49e40075452334832a1463e4effe1b65b (patch) | |
tree | 523c0a2157990a70ac0d738b19ed3ca5705a1f34 /config | |
parent | 087976567c9202550088bc74f8b2954b44eb65db (diff) | |
parent | f05727b7ac237efa2ad446617da0db1aaf5512f8 (diff) | |
download | pfsense-packages-ebbf8ee49e40075452334832a1463e4effe1b65b.tar.gz pfsense-packages-ebbf8ee49e40075452334832a1463e4effe1b65b.tar.bz2 pfsense-packages-ebbf8ee49e40075452334832a1463e4effe1b65b.zip |
Merge pull request #801 from BBcan177/pfBlockerNG_020115_1
Diffstat (limited to 'config')
-rw-r--r-- | config/pfblockerng/pfblockerng.inc | 44 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng.php | 524 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng.priv.inc | 1 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng.sh | 2 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng.xml | 4 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng_alerts.php | 5 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng_log.php | 7 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng_sync.xml | 4 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng_top20.xml | 4 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng_update.php | 5 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng_v4lists.xml | 4 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng_v6lists.xml | 4 |
12 files changed, 275 insertions, 333 deletions
diff --git a/config/pfblockerng/pfblockerng.inc b/config/pfblockerng/pfblockerng.inc index 86052f6b..d612dbf1 100644 --- a/config/pfblockerng/pfblockerng.inc +++ b/config/pfblockerng/pfblockerng.inc @@ -56,12 +56,12 @@ function pfb_global() { $pfb['aliasdir'] = "{$g['vardb_path']}/aliastables"; $pfb['logdir'] = "{$g['varlog_path']}/pfblockerng"; $pfb['etdir'] = "{$pfb['dbdir']}/ET"; - $pfb['ccdir'] = "{$pfb['dbdir']}/cc"; $pfb['nativedir'] = "{$pfb['dbdir']}/native"; $pfb['denydir'] = "{$pfb['dbdir']}/deny"; $pfb['matchdir'] = "{$pfb['dbdir']}/match"; $pfb['permitdir'] = "{$pfb['dbdir']}/permit"; $pfb['origdir'] = "{$pfb['dbdir']}/original"; + $pfb['ccdir'] = "/usr/pbi/pfblockerng-" . php_uname("m") . "/share/GeoIP"; # Create Folders if not Exist. $folder_array = array ("{$pfb['dbdir']}","{$pfb['logdir']}","{$pfb['ccdir']}","{$pfb['origdir']}","{$pfb['nativedir']}","{$pfb['denydir']}","{$pfb['matchdir']}","{$pfb['permitdir']}","{$pfb['aliasdir']}"); @@ -457,14 +457,15 @@ function sync_package_pfblockerng($cron = "") { # Configure ARRAYS # ############################################# - $continents = array ( "Africa" => "pfB_Africa", - "Antartica" => "pfB_Antartica", - "Asia" => "pfB_Asia", - "Europe" => "pfB_Europe", - "North America" => "pfB_NAmerica", - "Oceania" => "pfB_Oceania", - "South America" => "pfB_SAmerica", - "Top Spammers" => "pfB_Top" + $continents = array ( "Africa" => "pfB_Africa", + "Antartica" => "pfB_Antartica", + "Asia" => "pfB_Asia", + "Europe" => "pfB_Europe", + "North America" => "pfB_NAmerica", + "Oceania" => "pfB_Oceania", + "South America" => "pfB_SAmerica", + "Top Spammers" => "pfB_Top", + "Proxy and Satellite" => "pfB_PS" ); #create rules vars and arrays @@ -1192,16 +1193,16 @@ function sync_package_pfblockerng($cron = "") { $log_tab = "\t\t"; } - # Collect Active Alias List (Used for pfctl Update when 'Reputation' is enabled. - $pfb_alias_lists_all[] = "{$alias}"; - // Empty Header Field Validation Check - if (empty($header_url)) { - $log = "\n [ {$row['url']} ] {$log_tab} Header Field cannot be Empty. *Skipping* \n"; + if (empty($header_url) || preg_match("/\W/",$header_url)) { + $log = "\n [ {$row['url']} ]\n ** TERMINATED - Header contains Blank/International/Special or Spaces\n"; pfb_logger("{$log}","2"); continue; } + # Collect Active Alias List (Used for pfctl Update when 'Reputation' is enabled. + $pfb_alias_lists_all[] = "{$alias}"; + if (file_exists($pfbfolder . '/' . $header_url . '.txt') && $pfb['reuse'] == "") { if ($row['state'] == "Hold") { $log = "\n[ {$header_url} ] {$log_tab} Static Hold [ NOW ]\n"; @@ -2330,12 +2331,19 @@ function pfblockerng_php_install_command() { global $config,$pfb; pfb_global(); + // Remove previously used CC folder location if exists + @rmdir_recursive("{$pfb['dbdir']}/cc"); + # Uncompress Country Code File and delete Archive after extraction. exec("cd /{$pfb['ccdir']}; /usr/bin/tar -jxvf {$pfb['ccdir']}/countrycodes.tar.bz2"); unlink_if_exists("{$pfb['ccdir']}/countrycodes.tar.bz2"); # Download MaxMind Files and Create Country Code files and Build Continent XML Files update_output_window(gettext("Downloading MaxMind Country Databases. This may take a minute...")); exec("/bin/sh /usr/local/pkg/pfblockerng/geoipupdate.sh all >> {$pfb['geolog']} 2>&1"); + + @rename("{$pfb['dbdir']}/GeoIP.dat", "{$pfb['ccdir']}/GeoIP.dat"); + @rename("{$pfb['dbdir']}/GeoIPv6.dat", "{$pfb['ccdir']}/GeoIPv6.dat"); + update_output_window(gettext("MaxMind Country Database downloads completed...")); update_output_window(gettext("Converting MaxMind Country Databases for pfBlockerNG. This may take a few minutes...")); pfblockerng_uc_countries(); @@ -2343,6 +2351,12 @@ function pfblockerng_php_install_command() { pfblockerng_get_countries(); update_output_window(gettext("Completed Creating pfBlockerNG Continenet XML Files...")); + // Remove Original Maxmind Database Files + @unlink_if_exists("{$pfb['dbdir']}/GeoIPCountryCSV.zip"); + @unlink_if_exists("{$pfb['dbdir']}/GeoIPCountryWhois.csv"); + @unlink_if_exists("{$pfb['dbdir']}/GeoIPv6.csv"); + @unlink_if_exists("{$pfb['dbdir']}/country_continent.csv"); + # Add Widget to Dashboard update_output_window(gettext("Adding pfBlockerNG Widget to Dashboard.")); if ($pfb['keep'] == "on" && !empty($pfb['widgets'])) { @@ -2407,6 +2421,8 @@ function pfblockerng_php_deinstall_command() { unset($config['installedpackages']['pfblockerngsouthamerica']); if (is_array($config['installedpackages']['pfblockerngtopspammers'])) unset($config['installedpackages']['pfblockerngtopspammers']); + if (is_array($config['installedpackages']['pfblockerngproxyandsatellite'])) + unset($config['installedpackages']['pfblockerngproxyandsatellite']); } # Remove Widget (code from Snort deinstall) diff --git a/config/pfblockerng/pfblockerng.php b/config/pfblockerng/pfblockerng.php index 20080aa4..1db36334 100644 --- a/config/pfblockerng/pfblockerng.php +++ b/config/pfblockerng/pfblockerng.php @@ -149,11 +149,12 @@ if ($uname['machine'] == "amd64") function pfb_update_check($header_url, $list_url, $url_format) { global $pfb; + $pfb['cron_update'] = FALSE; if ($url_format == "rsync" || $url_format == "html") { $log = "[ {$header_url} ]\n Skipping timestamp query\n"; pfb_logger("{$log}","1"); - return TRUE; + $pfb['cron_update'] = TRUE; } switch ($url_format) { @@ -195,14 +196,23 @@ function pfb_update_check($header_url, $list_url, $url_format) { $log = " Local timestamp: {$local_tds}\n"; pfb_logger("{$log}","1"); if ("{$remote_tds}" != "{$local_tds}") { - return TRUE; + $pfb['cron_update'] = TRUE; } else { $log = " Remote file unchanged. Download Terminated\n"; pfb_logger("{$log}","1"); - return FALSE; + $pfb['cron_update'] = FALSE; } } else { - return TRUE; + $pfb['cron_update'] = TRUE; + } + + if ($pfb['cron_update']) { + // Trigger CRON Process if Updates are Found. + $pfb['update_cron'] = TRUE; + + $log = " Updates Found\n"; + pfb_logger("{$log}","1"); + unlink_if_exists($pfbfolder . '/' . $header_url . '.txt'); } } @@ -233,6 +243,7 @@ if ($argv[1] == 'gc') { if ($argv[1] == 'cron') { $hour = date('H'); $dow = date('N'); + $pfb['update_cron'] = FALSE; # Start hour of the 'Once a day' Schedule $pfb['dailystart'] = $config['installedpackages']['pfblockerng']['config'][0]['pfb_dailystart']; @@ -344,101 +355,47 @@ if ($argv[1] == 'cron') { if (!file_exists($pfbfolder . '/' . $header_url . '.txt')) { $log = " Updates Found\n"; pfb_logger("{$log}","1"); - $updates++; + $pfb['update_cron'] = TRUE; continue; } switch ($list_cron) { case "01hour": - if (pfb_update_check($header_url, $list_url, $url_format)) { - $log = " Updates Found\n"; - pfb_logger("{$log}","1"); - unlink_if_exists($pfbfolder . '/' . $header_url . '.txt'); - $updates++; - } + pfb_update_check($header_url, $list_url, $url_format, $pfbfolder); break; case "02hours": - if (in_array($hour, $e_sch2)) { - if (pfb_update_check($header_url, $list_url, $url_format)) { - $log = " Updates Found\n"; - pfb_logger("{$log}","1"); - unlink_if_exists($pfbfolder . '/' . $header_url . '.txt'); - $updates++; - } - } + if (in_array($hour, $e_sch2)) + pfb_update_check($header_url, $list_url, $url_format, $pfbfolder); break; case "03hours": - if (in_array($hour, $e_sch3)) { - if (pfb_update_check($header_url, $list_url, $url_format)) { - $log = " Updates Found\n"; - pfb_logger("{$log}","1"); - unlink_if_exists($pfbfolder . '/' . $header_url . '.txt'); - $updates++; - } - } + if (in_array($hour, $e_sch3)) + pfb_update_check($header_url, $list_url, $url_format, $pfbfolder); break; case "04hours": - if (in_array($hour, $e_sch4)) { - if (pfb_update_check($header_url, $list_url, $url_format)) { - $log = " Updates Found\n"; - pfb_logger("{$log}","1"); - unlink_if_exists($pfbfolder . '/' . $header_url . '.txt'); - $updates++; - } - } + if (in_array($hour, $e_sch4)) + pfb_update_check($header_url, $list_url, $url_format, $pfbfolder); break; case "06hours": - if (in_array($hour, $e_sch6)) { - if (pfb_update_check($header_url, $list_url, $url_format)) { - $log = " Updates Found\n"; - pfb_logger("{$log}","1"); - unlink_if_exists($pfbfolder . '/' . $header_url . '.txt'); - $updates++; - } - } + if (in_array($hour, $e_sch6)) + pfb_update_check($header_url, $list_url, $url_format, $pfbfolder); break; case "08hours": - if (in_array($hour, $e_sch8)) { - if (pfb_update_check($header_url, $list_url, $url_format)) { - $log = " Updates Found\n"; - pfb_logger("{$log}","1"); - unlink_if_exists($pfbfolder . '/' . $header_url . '.txt'); - $updates++; - } - } + if (in_array($hour, $e_sch8)) + pfb_update_check($header_url, $list_url, $url_format, $pfbfolder); break; case "12hours": - if (in_array($hour, $e_sch12)) { - if (pfb_update_check($header_url, $list_url, $url_format)) { - $log = " Updates Found\n"; - pfb_logger("{$log}","1"); - unlink_if_exists($pfbfolder . '/' . $header_url . '.txt'); - $updates++; - } - } + if (in_array($hour, $e_sch12)) + pfb_update_check($header_url, $list_url, $url_format, $pfbfolder); break; case "EveryDay": - if ($hour == $pfb['dailystart']) { - if (pfb_update_check($header_url, $list_url, $url_format)) { - $log = " Updates Found\n"; - pfb_logger("{$log}","1"); - unlink_if_exists($pfbfolder . '/' . $header_url . '.txt'); - $updates++; - } - } + if ($hour == $pfb['dailystart']) + pfb_update_check($header_url, $list_url, $url_format, $pfbfolder); break; case "Weekly": - if ($hour == $pfb['dailystart'] && $dow == $header_dow) { - if (pfb_update_check($header_url, $list_url, $url_format)) { - $log = " Updates Found\n"; - pfb_logger("{$log}","1"); - unlink_if_exists($pfbfolder . '/' . $header_url . '.txt'); - $updates++; - } - } + if ($hour == $pfb['dailystart'] && $dow == $header_dow) + pfb_update_check($header_url, $list_url, $url_format, $pfbfolder); break; - default: { - } + default: break; } } @@ -448,7 +405,7 @@ if ($argv[1] == 'cron') { } } - if ($updates > 0) { + if ($pfb['update_cron']) { sync_package_pfblockerng("cron"); } else { $log = "\n No Updates required. \n\n"; @@ -465,14 +422,14 @@ if ($argv[1] == 'cron') { } +// Function to process the downloaded Maxmind Database and format into Continent txt files. function pfblockerng_uc_countries() { - global $g,$pfb; pfb_global(); - $maxmind_cont = "{$pfb['dbdir']}/country_continent.csv"; - $maxmind_cc4 = "{$pfb['dbdir']}/GeoIPCountryWhois.csv"; - $maxmind_cc6 = "{$pfb['dbdir']}/GeoIPv6.csv"; + $maxmind_cont = "{$pfb['dbdir']}/country_continent.csv"; + $maxmind_cc4 = "{$pfb['dbdir']}/GeoIPCountryWhois.csv"; + $maxmind_cc6 = "{$pfb['dbdir']}/GeoIPv6.csv"; # Create Folders if not Exist $folder_array = array ("{$pfb['dbdir']}","{$pfb['logdir']}","{$pfb['ccdir']}"); @@ -505,13 +462,12 @@ function pfblockerng_uc_countries() { $maxmind_ver .= "\nThese Timestamps should *match* \n"; @file_put_contents("{$pfb['logdir']}/maxmind_ver", $maxmind_ver); - // Collect ISO Codes for Each Continent - $log = "Processing Continent Data \n"; + $log = "Processing Continent Data\n"; print $log; pfb_logger("{$log}","3"); - $cont_array = array ( array($AF),array($AS),array($EU),array($NA),array($OC),array($SA)); + $cont_array = array ( array($AF),array($AS),array($EU),array($NA),array($OC),array($SA),array($AX)); if (($handle = fopen("{$maxmind_cont}",'r')) !== FALSE) { while (($cc = fgetcsv($handle)) !== FALSE) { @@ -560,244 +516,163 @@ function pfblockerng_uc_countries() { unset($cc); fclose($handle); - // Collect Country ISO Data IPv4 and Sort to Continent Array - $log = "Processing ISO IPv4 Continent/Country Data \n"; - print $log; - pfb_logger("{$log}","3"); + // Add Maxmind Anonymous Proxy and Satellite Providers to array + $cont_array[6]['continent'] = "Proxy and Satellite"; + $cont_array[6]['iso'] = "A1,A2"; + $cont_array[6]['file4'] = "{$pfb['ccdir']}/Proxy_Satellite_v4.txt"; + $cont_array[6]['file6'] = "{$pfb['ccdir']}/Proxy_Satellite_v6.txt"; - if (($handle = fopen("{$maxmind_cc4}",'r')) !== FALSE) { - while (($cc = fgetcsv($handle)) !== FALSE) { - - $ip1_key = $cc[0]; - $ip2_key = $cc[1]; - $var1_key = $cc[2]; - $var2_key = $cc[3]; - $cc_key = $cc[4]; - $country_key = $cc[5]; - $a_cidr = implode(",", ip_range_to_subnet_array_temp($cc[0],$cc[1])); - - $counter = 0; - foreach ($cont_array as $iso) { - if (preg_match("/\b$cc_key\b/", $iso['iso'])) { - $cont_array[$counter][$cc_key]['ip4'] .= $a_cidr . ","; - $cont_array[$counter][$cc_key]['country'] = $country_key; - continue; - } - $counter++; - } - } - } - unset($cc); - fclose($handle); + // Collect Country ISO data and sort to Continent arrays (IPv4 and IPv6) + foreach (array("4", "6") as $type) { + $log = "Processing ISO IPv{$type} Continent/Country Data\n"; + print $log; + pfb_logger("{$log}","3"); - // Build Continent IPv4 CIDR Files - $counter = 0; - foreach ($cont_array as $iso) { - $header = ""; - $pfb_file = ""; - $iso_key = ""; - $header .= "# Generated from MaxMind Inc. on: " . date("m/d/y G:i:s", time()) . "\n"; - $header .= "# Continent IPv4: " . $cont_array[$counter]['continent'] . "\n"; - $pfb_file = $cont_array[$counter]['file4']; - $iso_key = array_keys($iso); - foreach ($iso_key as $key) { - if (preg_match("/[A-Z]{2}/", $key)) { - $header .= "# Country: " . $iso[$key]['country'] . "\n"; - $header .= "# ISO Code: " . $key . "\n"; - $header .= "# Total Networks: " . substr_count($iso[$key]['ip4'], ",") . "\n"; - $header .= str_replace(",", "\n", $iso[$key]['ip4']); - $iso[$key]['ip4'] = ""; - } + if ($type == "4") { + $maxmind_cc = "{$pfb['dbdir']}/GeoIPCountryWhois.csv"; + } else { + $maxmind_cc = "{$pfb['dbdir']}/GeoIPv6.csv"; } - $counter++; - @file_put_contents($pfb_file, $header, LOCK_EX); - } - - - // Collect Country ISO Data IPv6 and Sort to Continent Array - $log = "Processing ISO IPv6 Continent/Country Data \n"; - print $log; - pfb_logger("{$log}","3"); - - if (($handle = fopen("{$maxmind_cc6}",'r')) !== FALSE) { - while (($cc = fgetcsv($handle)) !== FALSE) { - - $ip1_key = $cc[0]; - $ip2_key = $cc[1]; - $var1_key = $cc[2]; - $var2_key = $cc[3]; - $cc_key = $cc[4]; - $country_key = $cc[5]; - $a_cidr = implode(",", ip_range_to_subnet_array_temp($cc[0],$cc[1])); - - $counter = 0; - foreach ($cont_array as $iso) { - if (preg_match("/\b$cc_key\b/", $iso['iso'])) { - $cont_array[$counter][$cc_key]['ip6'] .= $a_cidr . ","; - continue; + $iptype = "ip{$type}"; + $filetype = "file{$type}"; + + if (($handle = fopen("{$maxmind_cc}",'r')) !== FALSE) { + while (($cc = fgetcsv($handle)) !== FALSE) { + $cc_key = $cc[4]; + $country_key = $cc[5]; + $a_cidr = implode(",", ip_range_to_subnet_array_temp($cc[0],$cc[1])); + $counter = 0; + foreach ($cont_array as $iso) { + if (preg_match("/\b$cc_key\b/", $iso['iso'])) { + $cont_array[$counter][$cc_key][$iptype] .= $a_cidr . ","; + $cont_array[$counter][$cc_key]['country'] = $country_key; + continue; + } + $counter++; } - $counter++; } } - } - unset($cc); - fclose($handle); - - // Build Continent IPv6 Files - $counter = 0; - foreach ($cont_array as $iso) { - $header = ""; - $pfb_file = ""; - $iso_key = ""; - - $header .= "# Generated from MaxMind Inc. on: " . date("m/d/y G:i:s", time()) . "\n"; - $header .= "# Continent IPv6: " . $cont_array[$counter]['continent'] . "\n"; - $pfb_file = $cont_array[$counter]['file6']; - $iso_key = array_keys($iso); - foreach ($iso_key as $key) { - if (preg_match("/[A-Z]{2}/", $key)) { - $header .= "# Country: " . $iso[$key]['country'] . "\n"; - $header .= "# ISO Code: " . $key . "\n"; - $header .= "# Total Networks: " . substr_count($iso[$key]['ip6'], ",") . "\n"; - $header .= str_replace(",", "\n", $iso[$key]['ip6']); - $iso[$key]['ip6'] = ""; + unset($cc); + fclose($handle); + + // Build Continent Files + $counter = 0; + foreach ($cont_array as $iso) { + $header = ""; + $pfb_file = ""; + $iso_key = ""; + $header .= "# Generated from MaxMind Inc. on: " . date("m/d/y G:i:s", time()) . "\n"; + $header .= "# Continent IPv{$type}: " . $cont_array[$counter]['continent'] . "\n"; + $pfb_file = $cont_array[$counter][$filetype]; + $iso_key = array_keys($iso); + foreach ($iso_key as $key) { + if (preg_match("/[A-Z]{2}|A1|A2/", $key)) { + $header .= "# Country: " . $iso[$key]['country'] . "\n"; + $header .= "# ISO Code: " . $key . "\n"; + $header .= "# Total Networks: " . substr_count($iso[$key][$iptype], ",") . "\n"; + $header .= str_replace(",", "\n", $iso[$key][$iptype]); + $iso[$key][$iptype] = ""; + } } + $counter++; + @file_put_contents($pfb_file, $header, LOCK_EX); } - $counter++; - @file_put_contents($pfb_file, $header, LOCK_EX); } - unset($cont_array); } +// Function to process Continent txt files and create Country ISO files and to Generate GUI XML files. function pfblockerng_get_countries() { - global $g,$pfb; pfb_global(); - # These arrays are used to collect the <option> tags for the XML Continent Files - $roptions4 = array(); - $coptions4 = array(); - $roptions6 = array(); - $coptions6 = array(); - - $files4 = array ( "Africa" => "{$pfb['ccdir']}/Africa_v4.txt", - "Asia" => "{$pfb['ccdir']}/Asia_v4.txt", - "Europe" => "{$pfb['ccdir']}/Europe_v4.txt", - "North America" => "{$pfb['ccdir']}/North_America_v4.txt", - "Oceania" => "{$pfb['ccdir']}/Oceania_v4.txt", - "South America" => "{$pfb['ccdir']}/South_America_v4.txt" + $files = array ( "Africa" => "{$pfb['ccdir']}/Africa_v4.txt", + "Asia" => "{$pfb['ccdir']}/Asia_v4.txt", + "Europe" => "{$pfb['ccdir']}/Europe_v4.txt", + "North America" => "{$pfb['ccdir']}/North_America_v4.txt", + "Oceania" => "{$pfb['ccdir']}/Oceania_v4.txt", + "South America" => "{$pfb['ccdir']}/South_America_v4.txt", + "Proxy and Satellite" => "{$pfb['ccdir']}/Proxy_Satellite_v4.txt" ); - # IPv4 Collect Data to generate new continent XML Files. + // Collect Data to generate new continent XML Files. $log = "Building pfBlockerNG XML Files \n"; print $log; pfb_logger("{$log}","3"); - foreach ($files4 as $cont => $file) { - $log = "IPv4 " . $cont . "\n"; - print $log; - pfb_logger("{$log}","3"); - $ips = file_get_contents($file); - $convert = explode("\n", $ips); - $cont_name = preg_replace("/ /","",$cont); - $cont_name_lower = strtolower($cont_name); - $active = array( "$cont" => '<active/>'); - $total4 = 0; - $pfb['complete'] = FALSE; - - foreach ($convert as $line) { - if (preg_match("/#/",$line)) { - if ($pfb['complete']) { - $coptions4[] = $Country . '-' . $ISOCode . ' ('. $total4 .') ' . ' </name><value>' . $ISOCode . '</value></option>'; - $roptions4[] = $Country . '-' . $ISOCode . ' ('. $total4 .') ' . ' </name><value>' . $ISOCode . '</value></option>'; - - // Save ISO IPv4 Data - @file_put_contents($pfb['ccdir'] . '/' . $ISOCode . '_v4.txt',$pfb_v4,LOCK_EX); - - // Clear Variables and Restart Continent Collection process - $total4 = 0; - $pfb_v4 = ""; - $pfb['complete'] = FALSE; + foreach ($files as $cont => $file) { + // Process the following for IPv4 and IPv6 + foreach (array("4", "6") as $type) { + $log = "IPv{$type} " . $cont . "\n"; + print $log; + pfb_logger("{$log}","3"); + + if ($type == "6") + $file = preg_replace("/v4/", "v6", $file); + $convert = explode("\n", file_get_contents($file)); + $cont_name = preg_replace("/ /", "", $cont); + $cont_name_lower = strtolower($cont_name); + $active = array("$cont" => '<active/>'); + $lastkey = count ($convert) - 1; + $pfb['complete'] = FALSE; + $keycount = 1; + $total = 0; + + foreach ($convert as $line) { + if (preg_match("/#/",$line)) { + if ($pfb['complete']) { + ${'coptions' . $type}[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>'; + ${'roptions' . $type}[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>'; + + // Save ISO data + @file_put_contents($pfb['ccdir'] . '/' . $isocode . '_v' . $type . '.txt', $xml_data, LOCK_EX); + + // Clear variables and restart Continent collection process + unset($total, $xml_data); + $pfb['complete'] = FALSE; + } + if (preg_match("/Total Networks: 0/", $line)) { continue;} // Don't Display Countries with Null Data + if (preg_match("/Country:\s(.*)/",$line, $matches)) { $country = $matches[1];} + if (preg_match("/ISO Code:\s(.*)/",$line, $matches)) { $isocode = $matches[1];} + } + elseif (!preg_match("/#/",$line)) { + $total++; + if (!empty($line)) + $xml_data .= $line . "\n"; + $pfb['complete'] = TRUE; } - if (preg_match("/Country:\s(.*)/",$line, $matches)) { $Country = $matches[1];} - if (preg_match("/ISO Code:\s(.*)/",$line, $matches)) { $ISOCode = $matches[1];} - } elseif (!preg_match("/#/",$line)) { - $total4++; - if (!empty($line)) - $pfb_v4 .= $line . "\n"; - $pfb['complete'] = TRUE; - } - } - unset ($ips, $convert); - - // Sort IPv4 Countries Alphabetically and Build XML <option> Data for Continents Tab - sort($coptions4, SORT_STRING); - $ftotal4 = count($coptions4); - $count = 1; - $options4 = ""; - - foreach ($coptions4 as $option4) { - if ($count == 1) { $options4 .= "\t" . '<option><name>' . $option4 . "\n"; $count++; continue;} - if ($ftotal4 == $count) { - $options4 .= "\t\t\t\t" . '<option><name>' . $option4; - } else { - $options4 .= "\t\t\t\t" . '<option><name>' . $option4 . "\n"; - } - $count++; - } - unset ($coptions4); - // IPv6 Collect Data to generate new continent XML Files. - $file6 = preg_replace("/v4/", "v6", $file); - $ips = file_get_contents($file6); - $convert = explode("\n", $ips); - $log = "IPv6 " . $cont . "\n"; - pfb_logger("{$log}","3"); - $total6 = 0; - $pfb['complete'] = FALSE; - - foreach ($convert as $line) { - if (preg_match("/#/",$line)) { - if ($pfb['complete']) { - $coptions6[] = $Country . '-' . $ISOCode . ' ('. $total6 .') ' . ' </name><value>' . $ISOCode . '</value></option>'; - $roptions6[] = $Country . '-' . $ISOCode . ' ('. $total6 .') ' . ' </name><value>' . $ISOCode . '</value></option>'; - - // Save ISO IPv6 Data - @file_put_contents($pfb['ccdir'] . '/' . $ISOCode . '_v6.txt',$pfb_v6,LOCK_EX); - - // Clear Variables and Restart Continent Collection process - $total6 = 0; - $pfb_v6 = ""; - $pfb['complete'] = FALSE; + // Save last EOF ISO IP data + if ($keycount == $lastkey) { + if (preg_match("/Total Networks: 0/", $line)) { continue;} // Dont Display Countries with Null Data + ${'coptions' . $type}[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>'; + ${'roptions' . $type}[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>'; + @file_put_contents($pfb['ccdir'] . '/' . $isocode . '_v' . $type . '.txt', $xml_data, LOCK_EX); + unset($total, $xml_data); } - if (preg_match("/Country:\s(.*)/",$line, $matches)) { $Country = $matches[1];} - if (preg_match("/ISO Code:\s(.*)/",$line, $matches)) { $ISOCode = $matches[1];} - } elseif (!preg_match("/#/",$line)) { - $total6++; - if (!empty($line)) - $pfb_v6 .= $line . "\n"; - $pfb['complete'] = TRUE; + $keycount++; } - } - - // Sort IPv6 Countries Alphabetically for Continents Tab - sort($coptions6, SORT_STRING); - $ftotal6 = count($coptions6); - $count = 1; - $options6 = ""; - - foreach ($coptions6 as $option6) { - if ($count == 1) { $options6 .= "\t" . '<option><name>' . $option6 . "\n"; $count++; continue;} - if ($ftotal6 == $count) { - $options6 .= "\t\t\t\t" . '<option><name>' . $option6; - } else { - $options6 .= "\t\t\t\t" . '<option><name>' . $option6 . "\n"; + unset ($ips, $convert); + + // Sort IP Countries alphabetically and build XML <option> data for Continents tab + if (!empty (${'coptions' . $type})) { + sort(${'coptions' . $type}, SORT_STRING); + ${'ftotal' . $type} = count(${'coptions' . $type}); + $count = 1; + ${'options' . $type} = ""; + + foreach (${'coptions' . $type} as $option) { + if ($count == 1) { ${'options' . $type} .= "\t" . '<option><name>' . $option . "\n"; $count++; continue;} + if (${'ftotal' . $type} == $count) { + ${'options' . $type} .= "\t\t\t\t" . '<option><name>' . $option; + } else { + ${'options' . $type} .= "\t\t\t\t" . '<option><name>' . $option . "\n"; + } + $count++; + } } - $count++; + unset (${'coptions' . $type}); } - unset ($coptions6); - $xml = <<<EOF <?xml version="1.0" encoding="utf-8" ?> @@ -888,7 +763,6 @@ $xml = <<<EOF <tab> <text>Top 20</text> <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_top20.xml&id=0</url> - {$active['top']} </tab> <tab> <text>Africa</text> @@ -921,6 +795,11 @@ $xml = <<<EOF {$active['South America']} </tab> <tab> + <text>P.S.</text> + <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&id=0</url> + {$active['Proxy and Satellite']} + </tab> + <tab> <text>Logs</text> <url>/pfblockerng/pfblockerng_log.php</url> </tab> @@ -950,11 +829,17 @@ $xml = <<<EOF </description> <type>select</type> <options> - {$options4} + ${'options4'} </options> - <size>{$ftotal4}</size> + <size>${'ftotal4'}</size> <multiple/> </field> + +EOF; + +// Skip IPv6 when Null data found +if (!empty (${'options6'})) { + $xml .= <<<EOF <field> <fielddescr><![CDATA[<br /><strong>IPv6</strong><br />Countries]]></fielddescr> <fieldname>countries6</fieldname> @@ -964,11 +849,16 @@ $xml = <<<EOF </description> <type>select</type> <options> - {$options6} + ${'options6'} </options> - <size>{$ftotal6}</size> + <size>${'ftotal6'}</size> <multiple/> </field> + +EOF; +} + +$xml .= <<<EOF <field> <fielddescr>List Action</fielddescr> <description><![CDATA[<br />Default : <strong>Disabled</strong><br /><br /> @@ -1062,19 +952,23 @@ $xml = <<<EOF </packagegui> EOF; - // Update Each Continent XML file. - @file_put_contents('/usr/local/pkg/pfblockerng/pfblockerng_'.$cont_name.'.xml',$xml,LOCK_EX); + // Update Each Continent XML file. + @file_put_contents('/usr/local/pkg/pfblockerng/pfblockerng_'.$cont_name.'.xml',$xml,LOCK_EX); - } // End foreach 'Six Continents' Update XML Process + // Unset Arrays + unset (${'options4'}, ${'options6'}, $xml); + } // End foreach 'Six Continents and Proxy/Satellite' Update XML Process // Sort Countries IPv4 Alphabetically and Build XML <option> Data for Reputation Tab (IPv6 not used by ET IQRisk) - sort($roptions4, SORT_STRING); - $eoa = count($roptions4); + + $type = "4"; + sort(${'roptions' . $type}, SORT_STRING); + $eoa = count(${'roptions' . $type}); $count = 1; - $options4 = ""; + $etoptions = ""; - foreach ($roptions4 as $option4) { + foreach (${'roptions' . $type} as $option4) { if ($count == 1) { $et_options .= "\t" . '<option><name>' . $option4 . "\n"; $count++; continue; } if ($eoa == $count) { $et_options .= "\t\t\t\t" . '<option><name>' . $option4; @@ -1084,10 +978,8 @@ EOF; $count++; } - // Update pfBlockerNG_Reputation.xml file with Country Code Changes - $xmlrep = <<<EOF <?xml version="1.0" encoding="utf-8" ?> <!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> @@ -1203,6 +1095,10 @@ $xmlrep = <<<EOF <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&id=0</url> </tab> <tab> + <text>P.S.</text> + <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&id=0</url> + </tab> + <tab> <text>Logs</text> <url>/pfblockerng/pfblockerng_log.php</url> </tab> @@ -1558,22 +1454,22 @@ $xmlrep = <<<EOF </custom_php_resync_config_command> </packagegui> EOF; - # Unset Arrays - unset ($options4, $options6, $et_options); - $log = "Saving pfBlockerNG Reputation TAB \n"; print $log; pfb_logger("{$log}","3"); // Save pfBlockerng_reputation.xml file - @file_put_contents('/usr/local/pkg/pfblockerng/pfblockerng_reputation.xml',$xmlrep,LOCK_EX); + @file_put_contents('/usr/local/pkg/pfblockerng/pfblockerng_reputation.xml', $xmlrep, LOCK_EX); + $log = "\n Country Code - XML File Update completed.\n"; print $log; pfb_logger("{$log}","3"); - $now = date("m/d/y G.i:s", time()); $log = "Country Code Update Ended - [ NOW ]\n"; print "Country Code Update Ended - [ $now ]\n"; pfb_logger("{$log}","3"); + + // Unset Arrays + unset ($et_options, $xmlrep); } ?>
\ No newline at end of file diff --git a/config/pfblockerng/pfblockerng.priv.inc b/config/pfblockerng/pfblockerng.priv.inc index 092c34ae..970ab25f 100644 --- a/config/pfblockerng/pfblockerng.priv.inc +++ b/config/pfblockerng/pfblockerng.priv.inc @@ -17,6 +17,7 @@ $priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblocker $priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblockerng/pfblockerng_NorthAmerica.xml*"; $priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblockerng/pfblockerng_Oceania.xml*"; $priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblockerng/pfblockerng_SouthAmerica.xml*"; +$priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblockerng/pfblockerng_ProxyandSatellite.xml*"; $priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblockerng/pfblockerng_sync.xml*"; $priv_list['page-firewall-pfblockerng']['match'][] = "pfblockerng/pfblockerng_update.php*"; $priv_list['page-firewall-pfblockerng']['match'][] = "pfblockerng/pfblockerng_alerts.php*"; diff --git a/config/pfblockerng/pfblockerng.sh b/config/pfblockerng/pfblockerng.sh index c09d52e1..cc11be6b 100644 --- a/config/pfblockerng/pfblockerng.sh +++ b/config/pfblockerng/pfblockerng.sh @@ -35,7 +35,7 @@ etblock=$(echo $8 | sed 's/,/, /g') etmatch=$(echo $9 | sed 's/,/, /g') # File Locations -pathgeoipdat=/var/db/pfblockerng/GeoIP.dat +pathgeoipdat=/usr/pbi/pfblockerng-$mtype/share/GeoIP/GeoIP.dat pfbsuppression=/var/db/pfblockerng/pfbsuppression.txt masterfile=/var/db/pfblockerng/masterfile mastercat=/var/db/pfblockerng/mastercat diff --git a/config/pfblockerng/pfblockerng.xml b/config/pfblockerng/pfblockerng.xml index 9442bc7f..e2f4b508 100644 --- a/config/pfblockerng/pfblockerng.xml +++ b/config/pfblockerng/pfblockerng.xml @@ -199,6 +199,10 @@ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&id=0</url> </tab> <tab> + <text>P.S.</text> + <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&id=0</url> + </tab> + <tab> <text>Logs</text> <url>/pfblockerng/pfblockerng_log.php</url> </tab> diff --git a/config/pfblockerng/pfblockerng_alerts.php b/config/pfblockerng/pfblockerng_alerts.php index 541d1e03..7b84bca8 100644 --- a/config/pfblockerng/pfblockerng_alerts.php +++ b/config/pfblockerng/pfblockerng_alerts.php @@ -53,8 +53,8 @@ $pathgeoip6 = "/usr/pbi/pfblockerng-" . php_uname("m") . "/bin/geoiplookup6"; // Define File Locations $filter_logfile = "{$g['varlog_path']}/filter.log"; -$pathgeoipdat = "{$pfb['dbdir']}/GeoIP.dat"; -$pathgeoipdat6 = "{$pfb['dbdir']}/GeoIPv6.dat"; +$pathgeoipdat = "/usr/pbi/pfblockerng-" . php_uname("m") . "/share/GeoIP/GeoIP.dat"; +$pathgeoipdat6 = "/usr/pbi/pfblockerng-" . php_uname("m") . "/share/GeoIP/GeoIPv6.dat"; // Emerging Threats IQRisk Header Name Reference $pfb['et_header'] = TRUE; @@ -334,6 +334,7 @@ if ($savemsg) { $tab_array[] = array(gettext("N.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_NorthAmerica.xml&id=0"); $tab_array[] = array(gettext("Oceania"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_Oceania.xml&id=0"); $tab_array[] = array(gettext("S.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&id=0"); + $tab_array[] = array(gettext("P.S."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&id=0"); $tab_array[] = array(gettext("Logs"), false, "/pfblockerng/pfblockerng_log.php"); $tab_array[] = array(gettext("Sync"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_sync.xml&id=0"); display_top_tabs($tab_array, true); diff --git a/config/pfblockerng/pfblockerng_log.php b/config/pfblockerng/pfblockerng_log.php index 39f9eb06..74f513a2 100644 --- a/config/pfblockerng/pfblockerng_log.php +++ b/config/pfblockerng/pfblockerng_log.php @@ -144,6 +144,12 @@ $pfb_logtypes = array( 'defaultlogs' => array('name' => 'Log Files', 'logdir' => "{$pfb['etdir']}/", 'download' => TRUE, 'clear' => FALSE + ), + 'country' => array('name' => 'Country Files', + 'ext' => 'txt', + 'logdir' => "{$pfb['ccdir']}/", + 'download' => TRUE, + 'clear' => FALSE ) ); @@ -288,6 +294,7 @@ if ($savemsg) { $tab_array[] = array(gettext("N.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_NorthAmerica.xml&id=0"); $tab_array[] = array(gettext("Oceania"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_Oceania.xml&id=0"); $tab_array[] = array(gettext("S.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&id=0"); + $tab_array[] = array(gettext("P.S."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&id=0"); $tab_array[] = array(gettext("Logs"), true, "/pfblockerng/pfblockerng_log.php"); $tab_array[] = array(gettext("Sync"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_sync.xml&id=0"); display_top_tabs($tab_array, true); diff --git a/config/pfblockerng/pfblockerng_sync.xml b/config/pfblockerng/pfblockerng_sync.xml index 856af2f4..00186af8 100644 --- a/config/pfblockerng/pfblockerng_sync.xml +++ b/config/pfblockerng/pfblockerng_sync.xml @@ -112,6 +112,10 @@ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&id=0</url> </tab> <tab> + <text>P.S.</text> + <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&id=0</url> + </tab> + <tab> <text>Logs</text> <url>/pfblockerng/pfblockerng_log.php</url> </tab> diff --git a/config/pfblockerng/pfblockerng_top20.xml b/config/pfblockerng/pfblockerng_top20.xml index 4974c488..ccaf68a0 100644 --- a/config/pfblockerng/pfblockerng_top20.xml +++ b/config/pfblockerng/pfblockerng_top20.xml @@ -113,6 +113,10 @@ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&id=0</url> </tab> <tab> + <text>P.S.</text> + <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&id=0</url> + </tab> + <tab> <text>Logs</text> <url>/pfblockerng/pfblockerng_log.php</url> </tab> diff --git a/config/pfblockerng/pfblockerng_update.php b/config/pfblockerng/pfblockerng_update.php index dc0fab85..99480900 100644 --- a/config/pfblockerng/pfblockerng_update.php +++ b/config/pfblockerng/pfblockerng_update.php @@ -128,7 +128,7 @@ function pfb_cron_update($type) { while (!feof($f)) { $pfb_buffer = fread($f, 2048); - $pfb_output .= str_replace( "\r", "", $pfb_buffer); + $pfb_output .= str_replace( array ("\r", "\")"), "", $pfb_buffer); // Refresh on new lines only. This allows Scrolling. if ($lastpos != $lastpos_old) @@ -184,6 +184,7 @@ include_once("head.inc"); $tab_array[] = array(gettext("N.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_NorthAmerica.xml&id=0"); $tab_array[] = array(gettext("Oceania"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_Oceania.xml&id=0"); $tab_array[] = array(gettext("S.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&id=0"); + $tab_array[] = array(gettext("P.S."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&id=0"); $tab_array[] = array(gettext("Logs"), false, "/pfblockerng/pfblockerng_log.php"); $tab_array[] = array(gettext("Sync"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_sync.xml&id=0"); display_top_tabs($tab_array, true); @@ -378,7 +379,7 @@ if (isset($_POST['pfbview'])) { while (!feof($f)) { $pfb_buffer = fread($f, 4096); - $pfb_output .= str_replace( "\r", "", $pfb_buffer); + $pfb_output .= str_replace( array ("\r", "\")"), "", $pfb_buffer); // Refresh on new lines only. This allows scrolling. if ($lastpos != $lastpos_old) { diff --git a/config/pfblockerng/pfblockerng_v4lists.xml b/config/pfblockerng/pfblockerng_v4lists.xml index ce92f4be..6df839ed 100644 --- a/config/pfblockerng/pfblockerng_v4lists.xml +++ b/config/pfblockerng/pfblockerng_v4lists.xml @@ -116,6 +116,10 @@ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&id=0</url> </tab> <tab> + <text>P.S.</text> + <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&id=0</url> + </tab> + <tab> <text>Logs</text> <url>/pfblockerng/pfblockerng_log.php</url> </tab> diff --git a/config/pfblockerng/pfblockerng_v6lists.xml b/config/pfblockerng/pfblockerng_v6lists.xml index 6f507057..15d788cf 100644 --- a/config/pfblockerng/pfblockerng_v6lists.xml +++ b/config/pfblockerng/pfblockerng_v6lists.xml @@ -116,6 +116,10 @@ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&id=0</url> </tab> <tab> + <text>P.S.</text> + <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&id=0</url> + </tab> + <tab> <text>Logs</text> <url>/pfblockerng/pfblockerng_log.php</url> </tab> |