diff options
-rwxr-xr-x | config/pf-blocker/pfblocker.inc | 23 | ||||
-rw-r--r-- | config/pf-blocker/pfblocker.php | 17 | ||||
-rwxr-xr-x | config/pf-blocker/pfblocker_lists.xml | 16 | ||||
-rw-r--r-- | config/pf-blocker/pfblocker_topspammers.xml | 16 | ||||
-rw-r--r-- | pkg_config.8.xml | 2 | ||||
-rw-r--r-- | pkg_config.8.xml.amd64 | 2 |
6 files changed, 56 insertions, 20 deletions
diff --git a/config/pf-blocker/pfblocker.inc b/config/pf-blocker/pfblocker.inc index fcaad65f..3472aea8 100755 --- a/config/pf-blocker/pfblocker.inc +++ b/config/pf-blocker/pfblocker.inc @@ -167,6 +167,15 @@ function sync_package_pfblocker() { "detail"=> "DO NOT EDIT THIS ALIAS"); #Create rule if action permits switch($continent_config['action']){ + case "Deny_Both": + $rule = $base_rule; + $rule["type"] = $deny_action_inbound; + $rule["descr"]= "$pfb_alias auto rule"; + $rule["source"]= array("address"=> $pfb_alias); + $rule["destination"]=array("any"=>""); + if ($pfblocker_config['enable_log']) + $rule["log"]=""; + $deny_inbound[]=$rule; case "Deny_Outbound": $rule = $base_rule; $rule["type"] = $deny_action_outbound; @@ -254,6 +263,11 @@ function sync_package_pfblocker() { ${$alias}.= $matches[1]."\n"; $new_file.= $matches[1]."\n"; } + # Single ip addresses + if (preg_match("/(\d+\.\d+\.\d+\.\d+)\s+/",$line,$matches)){ + ${$alias}.= $matches[1]."/32\n"; + $new_file.= $matches[1]."/32\n"; + } # Network range 192.168.0.0-192.168.0.254 if (preg_match("/(\d+\.\d+\.\d+\.\d+)-(\d+\.\d+\.\d+\.\d+)/",$line,$matches)){ $cidr= pfblocker_Range2CIDR($matches[1],$matches[2]); @@ -289,6 +303,15 @@ function sync_package_pfblocker() { "detail"=> "DO NOT EDIT THIS ALIAS"); #Create rule if action permits switch($list['action']){ + case "Deny_Both": + $rule = $base_rule; + $rule["type"] = $deny_action_inbound; + $rule["descr"]= "$alias auto rule"; + $rule["source"]= array("address"=> $alias); + $rule["destination"]=array("any"=>""); + if ($pfblocker_config['enable_log']) + $rule["log"]=""; + $deny_inbound[]=$rule; case "Deny_Outbound": $rule = $base_rule; $rule["type"] = $deny_action_outbound; diff --git a/config/pf-blocker/pfblocker.php b/config/pf-blocker/pfblocker.php index e6fcd75e..dc9b58dd 100644 --- a/config/pf-blocker/pfblocker.php +++ b/config/pf-blocker/pfblocker.php @@ -11,7 +11,8 @@ function get_networks($pfb){ if (preg_match("/(\w+)/",$_REQUEST['pfb'],$matches)) get_networks($matches[1]); #} - +if ($argv[1]=='uc') + pfblocker_get_countries(); if ($argv[1]=='cron'){ require_once("/etc/inc/util.inc"); require_once("/etc/inc/functions.inc"); @@ -215,17 +216,21 @@ $xml= <<<EOF <fieldname>action</fieldname> <description><![CDATA[Default:<strong>Disabled</strong><br> Select action for countries you have selected in {$cont}<br><br> - <strong>Note: </strong><br>'Deny Inbound' - Will deny access from selected countries to your network.<br> - 'Deny Outbound' - Will deny access from your users to countries you selected to block<br> + <strong>Note: </strong><br>'Deny Both' - Will deny access on Both directions.<br> + 'Deny Inbound' - Will deny access from selected countries to your network.<br> + 'Deny Outbound' - Will deny access from your users to countries you selected to block.<br> 'Permit Inbound' - Will allow access from selected countries to your network.<br> - 'Permit Outbound' - Will allow access from your users to countries you selected to block<br> - 'Alias Only' - Will create alias <strong>{$cont}</strong> with selected countries to help custom rule assignments.<br> - 'Disabled' - Will just keep selection and do nothing to selected countries.<br>]]></description> + 'Permit Outbound' - Will allow access from your users to countries you selected to block.<br> + 'Disabled' - Will just keep selection and do nothing to selected countries.<br> + 'Alias Only' - Will create alias <strong>pfBlocker{$cont}</strong> with selected countries to help custom rule assignments.<br><br> + <strong>While creating rules with this alias, keep aliasname in the beggining of rule description and do not end description with 'rule'.<br></strong> + Custom rules with 'Aliasname something rule' description will be removed by package.]]></description> <type>select</type> <options> <option><name>Disabled</name><value>Disabled</value></option> <option><name>Deny Inbound</name><value>Deny_Inbound</value></option> <option><name>Deny Outbound</name><value>Deny_Outbound</value></option> + <option><name>Deny Both</name><value>Deny_Both</value></option> <option><name>Permit Inbound</name><value>Permit_Inbound</value></option> <option><name>Permit Outbound</name><value>Permit_Outbound</value></option> <option><name>Alias only</name><value>Alias_only</value></option> diff --git a/config/pf-blocker/pfblocker_lists.xml b/config/pf-blocker/pfblocker_lists.xml index 90e2d07f..42f1c0ae 100755 --- a/config/pf-blocker/pfblocker_lists.xml +++ b/config/pf-blocker/pfblocker_lists.xml @@ -176,17 +176,21 @@ <fielddescr>List Action</fielddescr> <description><![CDATA[Default:<strong>Deny Inbound</strong><br> Select action for network on lists you have selected.<br><br> - <strong>Note: </strong><br>'Deny Inbound' - Will deny access from selected countries to your network.<br> - 'Deny Outbound' - Will deny access from your users to countries you selected to block<br> - 'Permit Inbound' - Will allow access from selected countries to your network.<br> - 'Permit Outbound' - Will allow access from your users to countries you selected to block<br> - 'Alias Only' - Will create an alias with selected countries to help custom rule assignments.<br> - 'Disabled' - Will just keep selection and do nothing to selected countries.<br>]]></description> + <strong>Note: </strong><br>'Deny Both' - Will deny access on Both directions.<br> + 'Deny Inbound' - Will deny access from selected lists to your network.<br> + 'Deny Outbound' - Will deny access from your users to ip lists you selected to block.<br> + 'Permit Inbound' - Will allow access from selected lists to your network.<br> + 'Permit Outbound' - Will allow access from your users to ip lists you selected to block.<br> + 'Disabled' - Will just keep selection and do nothing to selected Lists.<br> + 'Alias Only' - Will create an alias with selected Lists to help custom rule assignments.<br><br> + <strong>While creating rules with this list, keep aliasname in the beggining of rule description and do not end description with 'rule'.<br></strong> + custom rules with 'Aliasname something rule' description will be removed by package.]]></description> <fieldname>action</fieldname> <type>select</type> <options> <option><name>Deny Inbound</name><value>Deny_Inbound</value></option> <option><name>Deny Outbound</name><value>Deny_Outbound</value></option> + <option><name>Deny Both</name><value>Deny_Both</value></option> <option><name>Permit Inbound</name><value>Permit_Inbound</value></option> <option><name>Permit Outbound</name><value>Permit_Outbound</value></option> <option><name>Alias only</name><value>Alias_only</value></option> diff --git a/config/pf-blocker/pfblocker_topspammers.xml b/config/pf-blocker/pfblocker_topspammers.xml index f6bf8664..2536cf80 100644 --- a/config/pf-blocker/pfblocker_topspammers.xml +++ b/config/pf-blocker/pfblocker_topspammers.xml @@ -129,17 +129,21 @@ <fielddescr>Action</fielddescr> <fieldname>action</fieldname> <description><![CDATA[Default:<strong>Deny Inbound</strong><br> - Select action for countries you have selected.<br><br> - <strong>Note: </strong><br>'Deny Inbound' - Will deny access from selected countries to your network.<br> - 'Deny Outbound' - Will deny access from your users to countries you selected to block<br> + Select action for network on lists you have selected.<br><br> + <strong>Note: </strong><br>'Deny Both' - Will deny access on Both directions.<br> + 'Deny Inbound' - Will deny access from selected countries to your network.<br> + 'Deny Outbound' - Will deny access from your users to countries you selected to block.<br> 'Permit Inbound' - Will allow access from selected countries to your network.<br> - 'Permit Outbound' - Will allow access from your users to countries you selected to block<br> - 'Alias Only' - Will create alias <strong>pfBlockerTopSpammers</strong> with selected countries to help custom rule assignments. - 'Disabled' - Will just keep selection and do nothing to selected countries.<br>]]></description> + 'Permit Outbound' - Will allow access from your users to countries you selected to block.<br> + 'Disabled' - Will just keep selection and do nothing to selected countries.<br> + 'Alias Only' - Will create alias <strong>pfBlockerTopSpammers</strong> with selected countries to help custom rule assignments.<br><br> + <strong>While creating rules with this alias, keep aliasname in the beggining of rule description and do not end description with 'rule'.<br></strong> + Custom rules with 'Aliasname something rule' description will be removed by package.]]></description> <type>select</type> <options> <option><name>Deny Inbound</name><value>Deny_Inbound</value></option> <option><name>Deny Outbound</name><value>Deny_Outbound</value></option> + <option><name>Deny Both</name><value>Deny_Both</value></option> <option><name>Permit Inbound</name><value>Permit_Inbound</value></option> <option><name>Permit Outbound</name><value>Permit_Outbound</value></option> <option><name>Alias only</name><value>Alias_only</value></option> diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 417aff93..a8b4d357 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -55,7 +55,7 @@ <pkginfolink>http://forum.pfsense.org/index.php/topic,42543.0.html</pkginfolink> <config_file>http://pfsense.org/packages/config/pf-blocker/pfblocker.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> - <version>1.0</version> + <version>1.0.1</version> <status>Release</status> <required_version>2.0</required_version> <maintainer>tom@tomschaefer.org marcellocoutinho@gmail.com</maintainer> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index 1de281a2..6cd8f92c 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -134,7 +134,7 @@ <pkginfolink>http://forum.pfsense.org/index.php/topic,42543.0.html</pkginfolink> <config_file>http://pfsense.org/packages/config/pf-blocker/pfblocker.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> - <version>1.0</version> + <version>1.0.1</version> <status>Release</status> <required_version>2.0</required_version> <maintainer>tom@tomschaefer.org marcellocoutinho@gmail.com</maintainer> |