diff options
-rw-r--r-- | config/ipguard/ipguard.inc | 216 | ||||
-rw-r--r-- | config/ipguard/ipguard.xml | 168 | ||||
-rwxr-xr-x | config/ipguard/ipguard_sync.xml | 70 | ||||
-rw-r--r-- | config/shellcmd/shellcmd.inc | 307 | ||||
-rw-r--r-- | config/shellcmd/shellcmd.php | 179 | ||||
-rw-r--r-- | config/shellcmd/shellcmd.xml | 198 | ||||
-rw-r--r-- | config/shellcmd/shellcmd_edit.php | 303 | ||||
-rwxr-xr-x | config/snort/snort.inc | 8 | ||||
-rwxr-xr-x | config/snort/snort.xml | 2 | ||||
-rwxr-xr-x | config/squid3/34/squid.inc | 8 | ||||
-rw-r--r-- | pkg_config.10.xml | 8 | ||||
-rw-r--r-- | pkg_config.8.xml | 2 | ||||
-rw-r--r-- | pkg_config.8.xml.amd64 | 2 |
13 files changed, 627 insertions, 844 deletions
diff --git a/config/ipguard/ipguard.inc b/config/ipguard/ipguard.inc index 1891b24b..53284c96 100644 --- a/config/ipguard/ipguard.inc +++ b/config/ipguard/ipguard.inc @@ -1,88 +1,81 @@ <?php - -/* ========================================================================== */ -/* - ipguard.inc - part of the ipguard package for pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho - All rights reserved. - - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ -/* ========================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - require_once("config.inc"); - require_once("util.inc"); - -function ipguard_custom_php_deinstall_command(){ - global $g, $config; - - conf_mount_rw(); - + ipguard.inc + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2015 ESF, LLC + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +require_once("config.inc"); +require_once("util.inc"); + +function ipguard_custom_php_deinstall_command() { stop_service('ipguard'); - $ipguard_sh_file = "/usr/local/etc/rc.d/ipguard.sh"; - if (is_file($ipguard_sh_file)) - chmod($ipguard_sh_file,0444); - - conf_mount_ro(); - } + unlink_if_exists("/usr/local/etc/rc.d/ipguard.sh"); + $files = glob("/usr/local/etc/ipguard_*.conf"); + unlink_if_exists($files); +} -function ipguard_custom_php_write_config(){ +function ipguard_custom_php_write_config() { global $g, $config; - - # detect boot process - if (is_array($_POST)){ - if (!preg_match("/\w+/",$_POST['__csrf_magic'])) - return; - } - - if (is_array($config['installedpackages']['ipguard']['config'])){ + /* Detect boot process and do nothing */ + if (platform_booting()) { + return; + } + + if (is_array($config['installedpackages']['ipguard']['config'])) { // Read config $new_config=array(); - foreach ($config['installedpackages']['ipguard']['config'] as $ipguard){ - if ($ipguard['enable'] && $ipguard['interface'] && $ipguard['mac'] && $ipguard['ip']){ - $new_config[$ipguard['interface']].= "{$ipguard['mac']} {$ipguard['ip']} {$ipguard['description']}\n"; + foreach ($config['installedpackages']['ipguard']['config'] as $ipguard) { + if ($ipguard['enable'] && $ipguard['interface'] && $ipguard['mac'] && $ipguard['ip']) { + $new_config[$ipguard['interface']] .= "{$ipguard['mac']} {$ipguard['ip']} {$ipguard['description']}\n"; } } } - //Save /etc/ssh/ipguard_extra - $script="/usr/local/etc/rc.d/ipguard.sh"; $start=""; $stop="pkill -anx ipguard"; conf_mount_rw(); - if (count ($new_config) > 0 && $ipguard['enable']){ - foreach ($new_config as $key => $value){ - $conf_file="/usr/local/etc/ipguard_{$key}.conf"; - file_put_contents($conf_file,$value,LOCK_EX); - $config_file=file_put_contents($conf_file,$new_config[$key],LOCK_EX); - $iface=convert_friendly_interface_to_real_interface_name($key); - $start.="/usr/local/sbin/ipguard -l /var/log/ipguard_{$key}.log -p /var/run/ipguard_{$key}.pid -f {$conf_file} -u 300 -z {$iface}\n\t"; + /* Create rc script and restart service if ipguard is enabled */ + if (count($new_config) > 0 && $ipguard['enable']) { + foreach ($new_config as $key => $value) { + $conf_file = "/usr/local/etc/ipguard_{$key}.conf"; + file_put_contents($conf_file, $value, LOCK_EX); + $config_file = file_put_contents($conf_file, $new_config[$key], LOCK_EX); + /* Hack around PBI stupidity; ipguard does not find its own conf files otherwise */ + $pfs_version = substr(trim(file_get_contents("/etc/version")), 0, 3); + if ($pfs_version == "2.2") { + $conf_file_link = "/usr/pbi/ipguard-" . php_uname("m") . "/local/etc/ipguard_{$key}.conf"; + /* Better recreate this every time just in case users shuffle interfaces assignment somehow */ + if (is_link($conf_file_link)) { + unlink($conf_file_link); + } + symlink($conf_file, $conf_file_link); + } + $iface = convert_friendly_interface_to_real_interface_name($key); + $start .= "/usr/local/sbin/ipguard -l /var/log/ipguard_{$key}.log -p /var/run/ipguard_{$key}.pid -f {$conf_file} -u 300 -z {$iface}\n\t"; } write_rcfile(array( 'file' => 'ipguard.sh', @@ -90,38 +83,36 @@ function ipguard_custom_php_write_config(){ 'stop' => $stop )); restart_service('ipguard'); - - } - else{ - #remove config files + + } else { + /* Otherwise, stop the service and remove rc script */ stop_service('ipguard'); - $ipguard_sh_file = "/usr/local/etc/rc.d/ipguard.sh"; - if (is_file($ipguard_sh_file)) - chmod($ipguard_sh_file,0444); + unlink_if_exists("/usr/local/etc/rc.d/ipguard.sh"); + } - // Mount Read-only conf_mount_ro(); - - //sync config with other pfsense servers + + /* Sync config with other pfSense servers */ ipguard_sync_on_changes(); - } +} /* Uses XMLRPC to synchronize the changes to a remote node */ function ipguard_sync_on_changes() { global $config, $g; - + if (is_array($config['installedpackages']['ipguardsync'])) { - if ($config['installedpackages']['ipguardsync']['config'][0]['synconchanges']) { - log_error("[ipguard] xmlrpc sync is starting."); - foreach ($config['installedpackages']['ipguardsync']['config'] as $rs ){ - foreach($rs['row'] as $sh){ + if ($config['installedpackages']['ipguardsync']['config'][0]['synconchanges']) { + log_error("[ipguard] XMLRPC sync is starting."); + foreach ($config['installedpackages']['ipguardsync']['config'] as $rs ) { + foreach ($rs['row'] as $sh) { $sync_to_ip = $sh['ipaddress']; $password = $sh['password']; - if($password && $sync_to_ip) + if ($password && $sync_to_ip) { ipguard_do_xmlrpc_sync($sync_to_ip, $password); + } } } - log_error("[ipguard] xmlrpc sync is ending."); + log_error("[ipguard] XMLRPC sync is ending."); } } } @@ -130,53 +121,57 @@ function ipguard_sync_on_changes() { function ipguard_do_xmlrpc_sync($sync_to_ip, $password) { global $config, $g; - if(!$password) + if (!$password) { return; + } - if(!$sync_to_ip) + if (!$sync_to_ip) { return; + } - $username='admin'; + $username = 'admin'; $xmlrpc_sync_neighbor = $sync_to_ip; - if($config['system']['webgui']['protocol'] != "") { + if ($config['system']['webgui']['protocol'] != "") { $synchronizetoip = $config['system']['webgui']['protocol']; $synchronizetoip .= "://"; - } - $port = $config['system']['webgui']['port']; - /* if port is empty lets rely on the protocol selection */ - if($port == "") { - if($config['system']['webgui']['protocol'] == "http") + } + $port = $config['system']['webgui']['port']; + /* If port is empty, let's rely on the protocol selection */ + if ($port == "") { + if ($config['system']['webgui']['protocol'] == "http") { $port = "80"; - else + } else { $port = "443"; - } + } + } $synchronizetoip .= $sync_to_ip; /* xml will hold the sections to sync */ $xml = array(); $xml['ipguard'] = $config['installedpackages']['ipguard']; - /* assemble xmlrpc payload */ + /* Assemble XMLRPC payload */ $params = array( XML_RPC_encode($password), XML_RPC_encode($xml) ); - /* set a few variables needed for sync code borrowed from filter.inc */ + /* Set a few variables needed for sync code; borrowed from filter.inc */ $url = $synchronizetoip; log_error("Beginning ipguard XMLRPC sync to {$url}:{$port}."); $method = 'pfsense.merge_installedpackages_section_xmlrpc'; $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials($username, $password); - if($g['debug']) + if ($g['debug']) { $cli->setDebug(1); + } /* send our XMLRPC message and timeout after 250 seconds */ $resp = $cli->send($msg, "250"); - if(!$resp) { + if (!$resp) { $error = "A communications error occurred while attempting ipguard XMLRPC sync with {$url}:{$port}."; log_error($error); file_notice("sync_settings", $error, "ipguard Settings Sync", ""); - } elseif($resp->faultCode()) { + } elseif ($resp->faultCode()) { $cli->setDebug(1); $resp = $cli->send($msg, "250"); $error = "An error code was received while attempting ipguard XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); @@ -185,27 +180,27 @@ function ipguard_do_xmlrpc_sync($sync_to_ip, $password) { } else { log_error("ipguard XMLRPC sync successfully completed with {$url}:{$port}."); } - + /* tell ipguard to reload our settings on the destination sync host. */ $method = 'pfsense.exec_php'; - $execcmd = "require_once('/usr/local/pkg/ipguard.inc');\n"; + $execcmd = "require_once('/usr/local/pkg/ipguard.inc');\n"; $execcmd .= "ipguard_custom_php_write_config();"; /* assemble xmlrpc payload */ $params = array( XML_RPC_encode($password), XML_RPC_encode($execcmd) ); - + log_error("ipguard XMLRPC reload data {$url}:{$port}."); $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials($username, $password); $resp = $cli->send($msg, "250"); - if(!$resp) { + if (!$resp) { $error = "A communications error occurred while attempting ipguard XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; log_error($error); file_notice("sync_settings", $error, "ipguard Settings Sync", ""); - } elseif($resp->faultCode()) { + } elseif ($resp->faultCode()) { $cli->setDebug(1); $resp = $cli->send($msg, "250"); $error = "An error code was received while attempting ipguard XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); @@ -215,4 +210,5 @@ function ipguard_do_xmlrpc_sync($sync_to_ip, $password) { log_error("ipguard XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); } } - ?>
\ No newline at end of file + +?> diff --git a/config/ipguard/ipguard.xml b/config/ipguard/ipguard.xml index 74b58f86..2b13e7e0 100644 --- a/config/ipguard/ipguard.xml +++ b/config/ipguard/ipguard.xml @@ -1,55 +1,55 @@ <?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> -<copyright> - <![CDATA[ + <copyright> +<![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - ipguard.xml - part of the ipguard package for pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho - All rights reserved. - - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ -/* ========================================================================== */ + ipguard.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <name>ipguard</name> - <version>1.0</version> - <title>Ipguard</title> - <description>Ipguard macs/ip</description> + <version>0.1.1</version> + <title>Firewall: IPguard</title> + <description>IPguard MACs/IP</description> <savetext>Save</savetext> <include_file>/usr/local/pkg/ipguard.inc</include_file> <menu> - <name>Ipguard</name> - <tooltiptext>Tool designed to protect LAN IP address space by ARP spoofing</tooltiptext> + <name>IPguard</name> + <tooltiptext>Tool designed to protect LAN IP address space by ARP spoofing.</tooltiptext> <section>Firewall</section> <url>/pkg.php?xml=ipguard.xml</url> </menu> @@ -57,17 +57,15 @@ <name>ipguard</name> <rcfile>ipguard.sh</rcfile> <executable>ipguard</executable> - <description>Tool designed to protect LAN IP address space by ARP spoofing.</description> + <description>IPguard ARP Spoofing Daemon</description> </service> <configpath>installedpackages->package->ipguard</configpath> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>755</chmod> <item>https://packages.pfsense.org/packages/config/ipguard/ipguard.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>755</chmod> <item>https://packages.pfsense.org/packages/config/ipguard/ipguard_sync.xml</item> </additional_files_needed> <tabs> @@ -92,11 +90,11 @@ <fieldname>interface</fieldname> </columnitem> <columnitem> - <fielddescr>Mac Address</fielddescr> + <fielddescr>MAC Address</fielddescr> <fieldname>mac</fieldname> </columnitem> <columnitem> - <fielddescr>Ip Address(es)</fielddescr> + <fielddescr>IP Address(es)</fielddescr> <fieldname>ip</fieldname> </columnitem> <columnitem> @@ -104,43 +102,53 @@ <fieldname>description</fieldname> </columnitem> <movable>on</movable> - <description><![CDATA[If firewall receives traffic with MAC/IP pair not listed here, it will send ARP reply with configured fake address.<br>This will prevent not permitted host from working properly in the specified ethernet segment.]]></description> + <description> + <![CDATA[ + If firewall receives traffic with MAC/IP pair not listed here, it will send ARP reply with configured fake address.<br /> + This will prevent not permitted host from working properly in the specified ethernet segment. + ]]> + </description> </adddeleteeditpagefields> <fields> <field> <type>listtopic</type> - <name>Ipguard Options</name> + <name>IPguard Options</name> <fieldname>temp</fieldname> </field> <field> - <fielddescr>sortable</fielddescr> - <fieldname>sortable</fieldname> - <display_maximum_rows>20</display_maximum_rows> - <type>sorting</type> - <include_filtering_inputbox/> - <sortablefields> - <item> - <name>Mac Address</name> - <fieldname>mac</fieldname> - <regex>/%FILTERTEXT%/i</regex> - </item> - <item> - <name>Ip Address</name> - <fieldname>ip</fieldname> - <regex>/%FILTERTEXT%/i</regex> - </item> - </sortablefields> + <fielddescr>sortable</fielddescr> + <fieldname>sortable</fieldname> + <display_maximum_rows>20</display_maximum_rows> + <type>sorting</type> + <include_filtering_inputbox/> + <sortablefields> + <item> + <name>MAC Address</name> + <fieldname>mac</fieldname> + <regex>/%FILTERTEXT%/i</regex> + </item> + <item> + <name>IP Address</name> + <fieldname>ip</fieldname> + <regex>/%FILTERTEXT%/i</regex> + </item> + </sortablefields> </field> <field> - <fielddescr>Enable</fielddescr> + <fielddescr>Enable</fielddescr> <fieldname>enable</fieldname> <type>checkbox</type> - <description><![CDATA[Enable this mac rule.<br><strong>Important Note:</strong> Always create rules for pfsense mac and ip address to avoid denying access to pfsense gui.]]></description> + <description> + <![CDATA[ + Enable this MAC rule.<br /> + <strong>Important Note:</strong> Always create rules for pfSense MAC and IP address to avoid denying access to pfFense GUI! + ]]> + </description> </field> <field> <fielddescr>Interface</fielddescr> <fieldname>interface</fieldname> - <description>The interface on which ipguard server will check this mac</description> + <description>The interface on which IPguard server will check this MAC.</description> <type>interfaces_selection</type> <required/> <default_value>lan</default_value> @@ -148,39 +156,44 @@ <field> <fielddescr>Description</fielddescr> <fieldname>description</fieldname> - <description>Describe this mac rule.</description> + <description>Describe this MAC rule.</description> <type>input</type> <size>50</size> <required/> </field> <field> - <fielddescr>Mac address</fielddescr> + <fielddescr>MAC Address</fielddescr> <fieldname>mac</fieldname> - <description><![CDATA[Insert mac address you want to filter.<br> - <strong>To include a permit rule, use mac=00:00:00:00:00:00</strong>]]></description> + <description> + <![CDATA[ + Insert MAC address you want to filter.<br /> + <strong>To include a permit rule, use MAC 00:00:00:00:00:00</strong> + ]]> + </description> <type>input</type> <size>25</size> <required/> </field> <field> - <fielddescr>Ip address</fielddescr> + <fielddescr>IP Address</fielddescr> <fieldname>ip</fieldname> - <description><![CDATA[Insert ip address, hostname or network cidr you want to apply on this ipguard rule.<br> - <strong>To include a permit rule, use your lan cidr or 0.0.0.0</strong>]]></description> + <description> + <![CDATA[ + Insert IP address, hostname or network CIDR you want to apply on this IPguard rule.<br> + <strong>To include a permit rule, use your LAN CIDR or 0.0.0.0</strong> + ]]> + </description> <type>input</type> <size>40</size> <required/> </field> </fields> - <custom_delete_php_command> ipguard_custom_php_write_config(); </custom_delete_php_command> <custom_add_php_command> ipguard_custom_php_write_config(); </custom_add_php_command> - <custom_php_install_command> - </custom_php_install_command> <custom_php_deinstall_command> ipguard_custom_php_deinstall_command(); </custom_php_deinstall_command> @@ -190,5 +203,4 @@ <custom_php_command_before_form> unset($_POST['temp']); </custom_php_command_before_form> - -</packagegui>
\ No newline at end of file +</packagegui> diff --git a/config/ipguard/ipguard_sync.xml b/config/ipguard/ipguard_sync.xml index 0b5ffecb..609dd6ca 100755 --- a/config/ipguard/ipguard_sync.xml +++ b/config/ipguard/ipguard_sync.xml @@ -1,49 +1,49 @@ <?xml version="1.0" encoding="utf-8" ?> -<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> -<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> <copyright> - <![CDATA[ +<![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - ipguard_sync.xml - part of the ipguard package for pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho - All rights reserved. - */ -/* ========================================================================== */ + ipguard_sync.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ ]]> </copyright> - <description>Describe your package here</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> <name>ipguardsync</name> - <version>1.0</version> - <title>Ipguard - Sync</title> + <version>0.1.1</version> + <title>IPguard - Sync</title> <include_file>/usr/local/pkg/ipguard.inc</include_file> <tabs> <tab> @@ -89,8 +89,6 @@ </rowhelper> </field> </fields> - <custom_php_validation_command> - </custom_php_validation_command> <custom_php_resync_config_command> ipguard_custom_php_write_config(); </custom_php_resync_config_command> diff --git a/config/shellcmd/shellcmd.inc b/config/shellcmd/shellcmd.inc index 04cbf3d6..113b645c 100644 --- a/config/shellcmd/shellcmd.inc +++ b/config/shellcmd/shellcmd.inc @@ -1,14 +1,11 @@ <?php -/* $Id$ */ -/* -/* ========================================================================== */ -/* - shellcmd.inc - Copyright (C) 2008 Mark J Crane - All rights reserved. - */ -/* ========================================================================== */ /* + shellcmd.inc + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2008 Mark J Crane + Copyright (C) 2015 ESF, LLC + All rights reserved. + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: @@ -30,58 +27,278 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +function shellcmd_install_command() { + global $config; + + /* Remove garbage left over by previous broken package versions */ + unlink_if_exists("/usr/local/etc/rc.d/shellcmd.sh"); + if (is_dir("/usr/local/www/packages/shellcmd")) { + mwexec("/bin/rm -rf /usr/local/www/packages/shellcmd/"); + } + + shellcmd_import_config(); + shellcmd_sync_package(); + +} + -require_once("services.inc"); - -if (!function_exists("pkg_is_service_running")) { - function pkg_is_service_running($servicename) - { - exec("/bin/ps ax | awk '{ print $5 }'", $psout); - array_shift($psout); - foreach($psout as $line) { - $ps[] = trim(array_pop(explode(' ', array_pop(explode('/', $line))))); - } - if(is_service_running($servicename, $ps) or is_process_running($servicename) ) { - return true; - } - else { - return false; - } +function shellcmd_delete_php_command() { + global $config; + + /* When 'Delete item' is clicked in Shellcmd Settings */ + if ($_GET['act'] == "del") { + + /* System earlyshellcmd commands */ + $a_earlyshellcmd = &$config['system']['earlyshellcmd']; + if (!is_array($a_earlyshellcmd)) { + $a_earlyshellcmd = array(); + } + /* Shellcmd package commands */ + $a_shellcmd_config = &$config['installedpackages']['shellcmdsettings']['config']; + if (!is_array($a_shellcmd_config)) { + $a_shellcmd_config = array(); + } + + /* First check for a couple of special cases that we do NOT want deleted */ + /* TODO: Create a function for these checks */ + $pkg = ''; + /* pfBlockerNG - function to restore archived aliastables on nanobsd (see pfblockerng.inc) */ + $pfbcmd = "/usr/local/pkg/pfblockerng/pfblockerng.sh"; + /* If the entry exists in system config ... */ + if (in_array($pfbcmd, $a_earlyshellcmd)) { + $cnta = 0; + /* ... but does not exist in package config ... */ + foreach ($a_shellcmd_config as $item => $value) { + if (in_array($pfbcmd, $value)) { + $cnta++; + } + } + /* ... the user has deleted this protected entry. */ + if ($cnta === 0) { + $pkg .= "[pfBlockerNG]"; + /* Force reimport. */ + shellcmd_forced_restore($pkg); + } + } + /* System Patches auto-apply patch feature (see patches.inc) */ + $spcmd = "/usr/local/bin/php -f /usr/local/bin/apply_patches.php"; + if (in_array($spcmd, $a_earlyshellcmd)) { + $cntb = 0; + foreach ($a_shellcmd_config as $item => $value) { + if (in_array($spcmd, $value)) { + $cntb++; + } + } + if ($cntb === 0) { + $pkg .= "[System Patches]"; + shellcmd_forced_restore($pkg); + } + } + + /* Otherwise, sync package and system configuration normally */ + shellcmd_sync_package(); } } -function shellcmd_sync_package() -{ - global $config; - //synch shellcmd tab - //configure_shellcmd(); - //$handle = popen("/usr/local/etc/rc.d/shellcmd.sh stop", "r"); - //pclose($handle); - //$handle = popen("/usr/local/etc/rc.d/shellcmd.sh start", "r"); - //pclose($handle); +/* Force restore of protected (early)shellcmds from system config */ +function shellcmd_forced_restore($pkg) { + log_error("[shellcmd] Refused to delete {$pkg} earlyshellcmd. Use {$pkg} to configure this entry."); + shellcmd_import_config(); + write_config("[shellcmd] Restore of {$pkg} earlyshellcmd forced."); + /* Send the user back to settings */ + header("Location: pkg.php?xml=shellcmd.xml"); + exit; } - -function shellcmd_install_command() -{ +function shellcmd_sync_package() { global $config; conf_mount_rw(); - shellcmd_sync_package(); - conf_mount_ro(); + + $cmd = ''; + $cmdtype = ''; + $a_shellcmd = array(); + $a_earlyshellcmd = array(); + /* afterfilterchangeshellcmd is NOT treated as an array, it's a string! */ + /* See /etc/inc/xmlparse.inc and /etc/inc/xmlreader.inc */ + $afterfilterchangeshellcmd = ''; + $a_shellcmd_config = &$config['installedpackages']['shellcmdsettings']['config']; + if (!is_array($a_shellcmd_config)) { + $a_shellcmd_config = array(); + } + $i = 0; + /* When an item is added to shellcmd package configuration, make sure */ + /* we add corresponding entry to $config['system'] as well */ + foreach ($a_shellcmd_config as $item) { + /* Get the command from package configuration here */ + $cmd = $a_shellcmd_config[$i]['cmd']; + /* Lets see what type of command we are adding first... */ + $cmdtype = $a_shellcmd_config[$i]['cmdtype']; + /* shellcmd */ + if ($cmdtype == "shellcmd") { + $a_shellcmd[] = $cmd; + $i++; + /* earlyshellcmd */ + } elseif ($cmdtype == "earlyshellcmd") { + $a_earlyshellcmd[] = $cmd; + $i++; + /* afterfilterchangeshellcmd */ + } elseif ($cmdtype == "afterfilterchangeshellcmd") { + $afterfilterchangeshellcmd = $cmd; + $i++; + /* Either disabled, or possibly someone messing with config.xml manually?! */ + } else { + $i++; + } + } + + /* Write the new system configuration to config.xml from scratch when done */ + unset($config['system']['shellcmd']); + $config['system']['shellcmd'] = $a_shellcmd; + unset($config['system']['earlyshellcmd']); + $config['system']['earlyshellcmd'] = $a_earlyshellcmd; + unset($config['system']['afterfilterchangeshellcmd']); + $config['system']['afterfilterchangeshellcmd'] = $afterfilterchangeshellcmd; + write_config("[shellcmd] Successfully (re)synced shellcmd configuration."); } -function shellcmd_deinstall_command() -{ +function shellcmd_import_config() { + global $config; - conf_mount_rw(); - $handle = popen("/usr/local/etc/rc.d/shellcmd.sh stop", "r"); - //unlink_if_exists("/usr/local/etc/rc.d/shellcmd.sh"); - conf_mount_ro(); + $shellcmd_config = &$config['installedpackages']['shellcmdsettings']['config']; + if (!is_array($shellcmd_config)) { + $shellcmd_config = array(); + } + + $i = 0; + + /* First, preserve any disabled items */ + $a_shellcmd_config = &$shellcmd_config; + foreach ($a_shellcmd_config as $item => $value) { + $cmd = $value['cmd']; + $cmdtype = $value['cmdtype']; + $description = $value['description']; + if ($cmdtype == "disabled") { + $shellcmd_config[$i]['cmd'] = $cmd; + $shellcmd_config[$i]['cmdtype'] = "disabled"; + $shellcmd_config[$i]['description'] = $description ?: "Imported disabled item ({$i})"; + $i++; + } + } + + /* Import earlyshellcmd entries which were either created by previous package versions, */ + /* or manually, or added by some other package(s) (if there are any in config.xml) */ + /* Two currently known special cases are handled here - System Patches and pfBlockerNG */ + if (is_array($config['system']['earlyshellcmd'])) { + $earlyshellcmds = &$config['system']['earlyshellcmd']; + $pfbcmd = "/usr/local/pkg/pfblockerng/pfblockerng.sh"; + $spcmd = "/usr/local/bin/php -f /usr/local/bin/apply_patches.php"; + foreach ($earlyshellcmds as $earlyshellcmd) { + /* pfBlockerNG - function to restore archived aliastables on nanobsd (see pfblockerng.inc) */ + if (stristr($earlyshellcmd, "{$pfbcmd}")) { + $shellcmd_config[$i]['cmd'] = $earlyshellcmd; + $shellcmd_config[$i]['cmdtype'] = "earlyshellcmd"; + $shellcmd_config[$i]['description'] = "pfBlockerNG default earlyshellcmd. DO NOT EDIT/DELETE!"; + $i++; + /* System Patches auto-apply patch feature (see patches.inc) */ + } elseif (stristr($earlyshellcmd, "{$spcmd}")) { + $shellcmd_config[$i]['cmd'] = $earlyshellcmd; + $shellcmd_config[$i]['cmdtype'] = "earlyshellcmd"; + $shellcmd_config[$i]['description'] = "System Patches default earlyshellcmd. DO NOT EDIT/DELETE!"; + $i++; + /* Other manually added earlyshellcmd entries */ + } else { + $shellcmd_config[$i]['cmd'] = $earlyshellcmd; + $shellcmd_config[$i]['cmdtype'] = "earlyshellcmd"; + $shellcmd_config[$i]['description'] = $shellcmd_config[$i]['description'] ?: "Imported earlyshellcmd ({$i})"; + $i++; + } + + } + } + /* Import shellcmd entries which were created manually (if there are any in config.xml) */ + if (is_array($config['system']['shellcmd'])) { + $shellcmds = &$config['system']['shellcmd']; + foreach ($shellcmds as $shellcmd) { + $shellcmd_config[$i]['cmd'] = $shellcmd; + $shellcmd_config[$i]['cmdtype'] = "shellcmd"; + $shellcmd_config[$i]['description'] = $shellcmd_config[$i]['description'] ?: "Imported shellcmd ({$i})"; + $i++; + } + } + + /* Import afterfilterchangeshellcmd entry which was created manually (if there is any in config.xml) */ + /* afterfilterchangeshellcmd is NOT treated as an array, it's a string! See /etc/inc/xmlparse.inc and /etc/inc/xmlreader.inc */ + if ($config['system']['afterfilterchangeshellcmd'] != '') { + $shellcmd_config[$i]['cmd'] = $config['system']['afterfilterchangeshellcmd']; + $shellcmd_config[$i]['cmdtype'] = "afterfilterchangeshellcmd"; + $shellcmd_config[$i]['description'] = $shellcmd_config[$i]['description'] ?: "Imported afterfilterchangeshellcmd"; + $i++; + } + + /* Write the new config.xml when import is finished */ + write_config("[shellcmd] Successfully imported package configuration from config.xml."); + +} + +function shellcmd_validate_input($post, &$input_errors) { + global $config; + $a_shellcmd = &$config['system']['shellcmd']; + if (!is_array($a_shellcmd)) { + $a_shellcmd = array(); + } + $a_earlyshellcmd = &$config['system']['earlyshellcmd']; + if (!is_array($a_earlyshellcmd)) { + $a_earlyshellcmd = array(); + } + $a_shellcmd_config = &$config['installedpackages']['shellcmdsettings']['config']; + if (!is_array($a_shellcmd_config)) { + $a_shellcmd_config = array(); + } + /* afterfilterchangeshellcmd is NOT an array */ + $afterfilterchangeshellcmd = $config['system']['afterfilterchangeshellcmd']; + + /* Make sure we don't add the same command twice as it's just pointless */ + if (($post['cmd']) != '') { + $id = $post['id']; + if ($post['cmdtype'] == "shellcmd") { + if (in_array($post['cmd'], $a_shellcmd)) { + /* Allow changing description */ + if ((($post['cmd']) == $a_shellcmd_config[$id]['cmd']) && (($post['cmdtype']) == $a_shellcmd_config[$id]['cmdtype'])) { + return; + } else { + $input_errors[] = "{$post['cmd']} already exists as shellcmd."; + } + } + } + if ($post['cmdtype'] == "earlyshellcmd") { + if (in_array($post['cmd'], $a_earlyshellcmd)) { + /* Allow changing description */ + if ((($post['cmd']) == $a_shellcmd_config[$id]['cmd']) && (($post['cmdtype']) == $a_shellcmd_config[$id]['cmdtype'])) { + return; + } else { + $input_errors[] = "{$post['cmd']} already exists as earlyshellcmd."; + } + } + } + /* Only ONE item of this type may be configured */ + if ($post['cmdtype'] == "afterfilterchangeshellcmd") { + // Not yet configured, OK + if ($afterfilterchangeshellcmd == '') { + return; + // Allow changing description + } elseif ((($post['cmd']) == $a_shellcmd_config[$id]['cmd']) && (($post['cmdtype']) == $a_shellcmd_config[$id]['cmdtype'])) { + return; + // Tired of input validation... Needs something better in future. + } else { + $input_errors[] = "Only ONE afterfilterchangeshellcmd may be configured! Delete the existing entry and try again!"; + } + } + } } diff --git a/config/shellcmd/shellcmd.php b/config/shellcmd/shellcmd.php deleted file mode 100644 index fd386910..00000000 --- a/config/shellcmd/shellcmd.php +++ /dev/null @@ -1,179 +0,0 @@ -<?php -/* $Id$ */ -/* - shellcmd.php - Copyright (C) 2008 Mark J Crane - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require("guiconfig.inc"); -require("/usr/local/pkg/shellcmd.inc"); - -$a_earlyshellcmd = &$config['system']['earlyshellcmd']; -$a_shellcmd = &$config['system']['shellcmd']; -//$a_afterfilterchangeshellcmd = &$config['system']['afterfilterchangeshellcmd']; - -include("head.inc"); - -?> - - -<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> -<p class="pgtitle">Shellcmd: Settings</p> - -<div id="mainlevel"> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> -<tr><td class="tabnavtbl"> -<?php - - $tab_array = array(); - $tab_array[] = array(gettext("Settings"), false, "/packages/shellcmd/shellcmd.php"); - display_top_tabs($tab_array); - -?> -</td></tr> -</table> - -<table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td class="tabcont" > - -<form action="shellcmd.php" method="post" name="iform" id="iform"> -<?php - -//if ($savemsg) print_info_box($savemsg); -//if (file_exists($d_hostsdirty_path)): echo"<p>"; -//print_info_box_np("This is an info box."); -//echo"<br />"; -//endif; - -?> - <table width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> - <td><p><!--<span class="vexpl"><span class="red"><strong>shellcmd<br></strong></span>--> - The shellcmd utility is used to manage commands on system startup. - <br /><br /> - <!--For more information see: <a href='http://www.' target='_blank'>http://www.</a>--> - </p></td> - </tr> - </table> - <br /> - - <table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td width="50%" class="listhdrr">Command</td> - <td width="30%" class="listhdrr">Type</td> - <td width="10%" class="list"> - - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td width="17"></td> - <td valign="middle"><a href="shellcmd_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> - </tr> - </table> - - </td> - </tr> - - -<?php - - $categories = array("earlyshellcmd","shellcmd"); - //$categories = array("earlyshellcmd","shellcmd","afterfilterchangeshellcmd"); - - foreach ($categories as $category) { - $i = 0; - // dynamically create the category config name - $category_config = "a_".$category; - if (count($$category_config) > 0) { - foreach ($$category_config as $ent) { - // previous versions of shellcmd stored the command in an additional <command>-xmltag, this unnests this for backwards compatibility - if (is_array($ent)) { $ent = $ent['command']; } - - echo " <tr>\n"; - echo " <td class=\"listr\" ondblclick=\"document.location='shellcmd_edit.php?t=".$category."&id=".$i."';\">\n"; - echo " ".$ent."\n"; - echo " </td>\n"; - echo " <td class=\"listbg\" ondblclick=\"document.location='shellcmd_edit.php?t=".$category."&id=".$i."';\">\n"; - echo " ".$category."\n"; - echo " </td>\n"; - echo " <td valign=\"middle\" nowrap class=\"list\">\n"; - echo " <table border=\"0\" cellspacing=\"0\" cellpadding=\"1\">\n"; - echo " <tr>\n"; - echo " <td valign=\"middle\"><a href=\"shellcmd_edit.php?t=".$category."&id=".$i."\"><img src=\"/themes/".$g['theme']."/images/icons/icon_e.gif\" width=\"17\" height=\"17\" border=\"0\"></a></td>\n"; - echo " <td><a href=\"shellcmd_edit.php?t=".$category."&type=cmd&act=del&id=".$i."\" onclick=\"return confirm('Do you really want to delete this?')\"><img src=\"/themes/".$g['theme']."/images/icons/icon_x.gif\" width=\"17\" height=\"17\" border=\"0\"></a></td>\n"; - echo " </tr>\n"; - echo " </table>\n"; - echo " </td>\n"; - echo " </tr>"; - $i++; - } - } - } - - -?> - - <tr> - <td class="list" colspan="2"></td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td width="17"></td> - <td valign="middle"><a href="shellcmd_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> - </tr> - </table> - </td> - </tr> - - - <tr> - <td class="list" colspan="3"></td> - <td class="list"></td> - </tr> - </table> - -</form> - - -<br> -<br> -<br> -<br> -<br> -<br> -<br> -<br> - -</td> -</tr> -</table> - -</div> - - -<?php include("fend.inc"); ?> -</body> -</html> diff --git a/config/shellcmd/shellcmd.xml b/config/shellcmd/shellcmd.xml index 094c3d30..f6b34ee4 100644 --- a/config/shellcmd/shellcmd.xml +++ b/config/shellcmd/shellcmd.xml @@ -1,115 +1,157 @@ <?xml version="1.0" encoding="utf-8" ?> -<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> -<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ + <copyright> +<![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - shellcmd.xml - Copyright (C) 2008 Mark J Crane - All rights reserved. - */ -/* ========================================================================== */ + shellcmd.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2008 Mark J Crane + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> - <description>Shellcmd</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <name>Shellcmd Settings</name> - <version>0.4</version> - <title>Settings</title> + <version>1.0</version> + <title>Shellcmd Settings</title> <include_file>/usr/local/pkg/shellcmd.inc</include_file> + <aftersaveredirect>/pkg.php?xml=shellcmd.xml</aftersaveredirect> + <addedit_string>[shellcmd] Successfully created/modified custom (early)shellcmd.</addedit_string> + <delete_string>[shellcmd] Successfully deleted custom (early)shellcmd.</delete_string> <menu> <name>Shellcmd</name> - <tooltiptext>shellcmd settings.</tooltiptext> <section>Services</section> <configfile>shellcmd.xml</configfile> - <url>/packages/shellcmd/shellcmd.php</url> + <url>/pkg.php?xml=shellcmd.xml</url> </menu> <tabs> <tab> <text>Settings</text> - <url>/pkg_edit.php?xml=shellcmd.xml&id=0</url> + <url>/pkg.php?xml=shellcmd.xml</url> <active/> </tab> - <tab> - <text>Settings</text> - <url>/packages/shellcmd/shellcmd.php</url> - <active/> - </tab> </tabs> - <configpath>installedpackages->package->$packagename->configuration->shellcmd</configpath> + <configpath>['installedpackages']['shellcmdsettings']['config']</configpath> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> - <item>https://packages.pfsense.org/packages/config/shellcmd/shellcmd.xml</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> <item>https://packages.pfsense.org/packages/config/shellcmd/shellcmd.inc</item> </additional_files_needed> - <additional_files_needed> - <prefix>/usr/local/www/packages/shellcmd/</prefix> - <chmod>0755</chmod> - <item>https://packages.pfsense.org/packages/config/shellcmd/shellcmd.php</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/usr/local/www/packages/shellcmd/</prefix> - <chmod>0755</chmod> - <item>https://packages.pfsense.org/packages/config/shellcmd/shellcmd_edit.php</item> - </additional_files_needed> + <adddeleteeditpagefields> + <columnitem> + <fielddescr>Command</fielddescr> + <fieldname>cmd</fieldname> + </columnitem> + <columnitem> + <fielddescr>Shellcmd Type</fielddescr> + <fieldname>cmdtype</fieldname> + </columnitem> + <columnitem> + <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> + </columnitem> + <addtext>Add a new (early)shellcmd entry</addtext> + <edittext>Edit this (early)shellcmd entry</edittext> + <deletetext>Delete this (early)shellcmd entry</deletetext> + </adddeleteeditpagefields> <fields> <field> - <fielddescr>Variable One</fielddescr> - <fieldname>var1</fieldname> - <description>Enter the variable one here.</description> + <type>listtopic</type> + <fieldname>none</fieldname> + <name>Shellcmd Configuration</name> + </field> + <field> + <fielddescr>Command</fielddescr> + <fieldname>cmd</fieldname> <type>input</type> + <size>60</size> + <description>Enter the command to run.</description> + <required/> + </field> + <field> + <fielddescr>Shellcmd Type</fielddescr> + <fieldname>cmdtype</fieldname> + <type>select</type> + <options> + <option> + <name>shellcmd</name> + <value>shellcmd</value> + </option> + <option> + <name>earlyshellcmd</name> + <value>earlyshellcmd</value> + </option> + <option> + <name>afterfilterchangeshellcmd</name> + <value>afterfilterchangeshellcmd</value> + </option> + <option> + <name>disabled</name> + <value>disabled</value> + </option> + </options> + <description> + <![CDATA[ + Choose the shellcmd type.<br /><br /> + <strong>shellcmd</strong> will run the command specified towards the end of the boot process.<br /> + <strong>earlyshellcmd</strong> will run the command specified at the beginning of the boot process.<br /> + <strong>afterfilterchangeshellcmd</strong> will run after each filter_configure() call. + See <a href="https://github.com/pfsense/pfsense/blob/master/etc/inc/filter.inc">filter.inc source code</a> for "documentation". + <span class="errmsg">N.B.: Only one entry of this type can be configured!</span><br /> + <strong>disabled</strong> will save the command in package configuration but it will NOT run on boot.<br /><br /> + See <a href="https://doc.pfsense.org/index.php/Executing_commands_at_boot_time">Executing commands at boot time</a> for detailed explanation. + ]]> + </description> + <required/> </field> <field> - <fielddescr>Variable Two</fielddescr> - <fieldname>var1</fieldname> - <description>Enter the variable one here.</description> + <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> + <description>Enter a description for this command.</description> <type>input</type> + <typehint>(This is for your reference only.)</typehint> + <size>60</size> </field> - </fields> - <custom_add_php_command> - </custom_add_php_command> + </fields> + <custom_php_install_command> + shellcmd_import_config(); + </custom_php_install_command> <custom_php_resync_config_command> shellcmd_sync_package(); </custom_php_resync_config_command> - <custom_delete_php_command> - shellcmd_sync_package(); + <custom_delete_php_command> + shellcmd_delete_php_command(); </custom_delete_php_command> - <custom_php_install_command> - shellcmd_install_command(); - </custom_php_install_command> - <custom_php_deinstall_command> - shellcmd_deinstall_command(); - </custom_php_deinstall_command> + <custom_php_validation_command> + shellcmd_validate_input($_POST, $input_errors); + </custom_php_validation_command> </packagegui> diff --git a/config/shellcmd/shellcmd_edit.php b/config/shellcmd/shellcmd_edit.php deleted file mode 100644 index 5ae466d5..00000000 --- a/config/shellcmd/shellcmd_edit.php +++ /dev/null @@ -1,303 +0,0 @@ -<?php -/* $Id$ */ -/* - - shellcmd_edit.php - Copyright (C) 2008 Mark J Crane - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require("guiconfig.inc"); -require("/usr/local/pkg/shellcmd.inc"); - - -$id = $_GET['id']; -if (strlen($_POST['id'])>0) { - $id = $_POST['id']; -} - -$type = $_GET['t']; -if (strlen($_POST['t'])>0) { - $type = $_POST['t']; -} - -if ($_GET['act'] == "del") { - if ($_GET['type'] == 'cmd') { - - switch (htmlspecialchars($type)) { - case "earlyshellcmd": - $a_earlyshellcmd = &$config['system']['earlyshellcmd']; - unset($a_earlyshellcmd[$_GET['id']]); - write_config(); - shellcmd_sync_package(); - header("Location: shellcmd.php"); - exit; - break; - case "shellcmd": - $a_shellcmd = &$config['system']['shellcmd']; - unset($a_shellcmd[$_GET['id']]); - write_config(); - shellcmd_sync_package(); - header("Location: shellcmd.php"); - exit; - break; - case "afterfilterchangeshellcmd": - // $a_afterfilterchangeshellcmd = &$config['system']['afterfilterchangeshellcmd']; - // unset($a_afterfilterchangeshellcmd[$_GET['id']]); - // write_config(); - // shellcmd_sync_package(); - // header("Location: shellcmd.php"); - // exit; - break; - default: - break; - } - - } -} - -//get value for the form edit value -if (strlen($id) > 0) { - - switch (htmlspecialchars($type)) { - case "earlyshellcmd": - $a_earlyshellcmd = &$config['system']['earlyshellcmd']; - if ($a_earlyshellcmd[$id]) { - $pconfig['command'] = $a_earlyshellcmd[$id]; - } - break; - case "shellcmd": - $a_shellcmd = &$config['system']['shellcmd']; - if ($a_shellcmd[$id]) { - $pconfig['command'] = $a_shellcmd[$id]; - } - break; - case "afterfilterchangeshellcmd": - //$a_afterfilterchangeshellcmd = &$config['system']['afterfilterchangeshellcmd']; - //if ($a_afterfilterchangeshellcmd[$id]) { - // $pconfig['command'] = $a_afterfilterchangeshellcmd[$id]; - //} - break; - default: - break; - } - - // previous version of shellcmd wrapped all commands in a <command>-xmltag, unnesting this for backwards compatibility - if (is_array($pconfig['command'])) $pconfig['command'] = $pconfig['command']['command']; - -} - -if ($_POST) { - - unset($input_errors); - - if (!$input_errors) { - if (strlen($_POST['command']) > 0) { - - $ent = $_POST['command']; - - if (strlen($id)>0) { - //update - - switch (htmlspecialchars($type)) { - case "earlyshellcmd": - $a_earlyshellcmd = &$config['system']['earlyshellcmd']; - if ($a_earlyshellcmd[$id]) { - $a_earlyshellcmd[$id] = $ent; - } - break; - case "shellcmd": - $a_shellcmd = &$config['system']['shellcmd']; - if ($a_shellcmd[$id]) { - $a_shellcmd[$id] = $ent; - } - break; - case "afterfilterchangeshellcmd": - //$a_afterfilterchangeshellcmd = &$config['system']['afterfilterchangeshellcmd']; - //if ($a_afterfilterchangeshellcmd[$id]) { - // $a_afterfilterchangeshellcmd[$id] = $ent; - //} - break; - default: - break; - } - - } - else { - //add - switch (htmlspecialchars($type)) { - case "earlyshellcmd": - $a_earlyshellcmd = &$config['system']['earlyshellcmd']; - $a_earlyshellcmd[] = $ent; - break; - case "shellcmd": - $a_shellcmd = &$config['system']['shellcmd']; - $a_shellcmd[] = $ent; - break; - case "afterfilterchangeshellcmd": - //$a_afterfilterchangeshellcmd = &$config['system']['afterfilterchangeshellcmd']; - //$a_afterfilterchangeshellcmd[] = $ent; - break; - default: - break; - } - - } - - write_config(); - shellcmd_sync_package(); - } - - header("Location: shellcmd.php"); - exit; - } -} - -include("head.inc"); - -?> - -<script type="text/javascript" language="JavaScript"> - -function show_advanced_config() { - document.getElementById("showadvancedbox").innerHTML=''; - aodiv = document.getElementById('showadvanced'); - aodiv.style.display = "block"; -</script> - -<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> -<p class="pgtitle">Shellcmd: Edit</p> -<?php if ($input_errors) print_input_errors($input_errors); ?> - -<div id="mainlevel"> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> -<tr><td class="tabnavtbl"> -<?php - - $tab_array = array(); - $tab_array[] = array(gettext("Settings"), false, "/packages/shellcmd/shellcmd.php"); - display_top_tabs($tab_array); - -?> -</td></tr> -</table> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td class="tabcont" > - - <!-- - <table width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> - <td><p><span class="vexpl"><span class="red"><strong>shellcmd<br> - </strong></span> - </p></td> - </tr> - </table> - --> - <br /> - - - <form action="shellcmd_edit.php" method="post" name="iform" id="iform"> - <table width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> - <td width="25%" valign="top" class="vncellreq">Command</td> - <td width="75%" class="vtable"> - <input name="command" type="text" class="formfld" id="command" size="40" value="<?=htmlspecialchars($pconfig['command']);?>"> - </td> - </tr> - - <tr> - <td width="25%" valign="top" class="vncellreq">Type</td> - <td width="75%" class="vtable"> - <?php - echo " <select name='t' class='formfld'>\n"; - echo " <option></option>\n"; - switch (htmlspecialchars($type)) { - case "earlyshellcmd": - echo " <option value='earlyshellcmd' selected='yes'>earlyshellcmd</option>\n"; - echo " <option value='shellcmd'>shellcmd</option>\n"; - //echo " <option value='afterfilterchangeshellcmd'>afterfilterchangeshellcmd</option>\n"; - break; - case "shellcmd": - echo " <option value='earlyshellcmd'>earlyshellcmd</option>\n"; - echo " <option value='shellcmd' selected='yes'>shellcmd</option>\n"; - //echo " <option value='afterfilterchangeshellcmd'>afterfilterchangeshellcmd</option>\n"; - break; - case "afterfilterchangeshellcmd": - //echo " <option value='earlyshellcmd'>earlyshellcmd</option>\n"; - //echo " <option value='shellcmd'>shellcmd</option>\n"; - //echo " <option value='afterfilterchangeshellcmd' selected='yes'>afterfilterchangeshellcmd</option>\n"; - break; - default: - echo " <option value=''></option>\n"; - echo " <option value='earlyshellcmd'>earlyshellcmd</option>\n"; - echo " <option value='shellcmd'>shellcmd</option>\n"; - //echo " <option value='afterfilterchangeshellcmd'>afterfilterchangeshellcmd</option>\n"; - break; - } - echo " </select>\n"; - ?> - </td> - </tr> - - - <!-- - <tr> - <td width="25%" valign="top" class="vncellreq">Description</td> - <td width="75%" class="vtable"> - <input name="description" type="text" class="formfld" id="description" size="40" value="<?=htmlspecialchars($pconfig['description']);?>"> - <br><span class="vexpl">Enter the description here.<br></span> - </td> - </tr> - --> - - <tr> - <td valign="top"> </td> - <td> - <?php if (strlen($id)>0) { ?> - <input name="id" type="hidden" value="<?=$id;?>"> - <?php }; ?> - <input name="Submit" type="submit" class="formbtn" value="Save"> <input class="formbtn" type="button" value="Cancel" onclick="history.back()"> - </td> - </tr> - </table> - </form> - - <br> - <br> - <br> - <br> - <br> - <br> - - </td> - </tr> -</table> - -</div> - -<?php include("fend.inc"); ?> -</body> -</html> diff --git a/config/snort/snort.inc b/config/snort/snort.inc index fb8cd9d8..b7d4299e 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -3748,8 +3748,8 @@ function snort_sync_on_changes() { $syncdownloadrules = $snort_sync['vardownloadrules']; switch ($synconchanges){ case "manual": - if (is_array($snort_sync[row])){ - $rs=$snort_sync[row]; + if (is_array($snort_sync['row'])){ + $rs=$snort_sync['row']; } else{ log_error("[snort] xmlrpc sync is enabled but there are no hosts configured as replication targets."); @@ -3757,8 +3757,8 @@ function snort_sync_on_changes() { } break; case "auto": - if (is_array($config['installedpackages']['carpsettings']) && is_array($config['installedpackages']['carpsettings']['config'])){ - $system_carp=$config['installedpackages']['carpsettings']['config'][0]; + if (is_array($config['hasync'])) { + $system_carp=$config['hasync']; $rs[0]['varsyncipaddress']=$system_carp['synchronizetoip']; $rs[0]['varsyncusername']=$system_carp['username']; $rs[0]['varsyncpassword']=$system_carp['password']; diff --git a/config/snort/snort.xml b/config/snort/snort.xml index b8444009..18e6ef20 100755 --- a/config/snort/snort.xml +++ b/config/snort/snort.xml @@ -45,7 +45,7 @@ </copyright> <description>Snort IDS/IPS Package</description> <name>Snort</name> - <version>3.2.7</version> + <version>3.2.8</version> <title>Services: Snort IDS</title> <include_file>/usr/local/pkg/snort/snort.inc</include_file> <menu> diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc index 7155d560..2705ceb6 100755 --- a/config/squid3/34/squid.inc +++ b/config/squid3/34/squid.inc @@ -153,7 +153,7 @@ function squid_dash_z($cache_action='none') { if (file_exists("/var/squid/cache/swap.state")) { chown("/var/squid/cache/swap.state", SQUID_UID); chgrp("/var/squid/cache/swap.state", SQUID_GID); - chmod("/var/squid/cache/swap.state", "a+rw"); + chmod("/var/squid/cache/swap.state", 0666); } } @@ -308,7 +308,7 @@ function squid_install_command() { /* make sure pinger is executable */ if (file_exists(SQUID_LOCALBASE. "/libexec/squid/pinger")) - @chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", "a+x"); + @chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 0755); // XXX: Is it really necessary? if (file_exists("/usr/local/etc/rc.d/squid")) @@ -318,7 +318,7 @@ function squid_install_command() { // XXX: Is it really necessary? mode is set to 0755 in squid.xml if (file_exists("/usr/local/pkg/swapstate_check.php")) - @chmod("/usr/local/pkg/swapstate_check.php", "a+x"); + @chmod("/usr/local/pkg/swapstate_check.php", 0755); write_rcfile(array( "file" => "sqp_monitor.sh", @@ -1934,7 +1934,7 @@ function squid_resync($via_rpc="no") { /* make sure pinger is executable */ // XXX: Is it really necessary? Who could change its permission? if (file_exists(SQUID_LOCALBASE . "/libexec/squid/pinger")) - exec("chmod a+x " . SQUID_LOCALBASE . "/libexec/squid/pinger"); + @chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 0755); $log_dir=""; // check if squid is enabled diff --git a/pkg_config.10.xml b/pkg_config.10.xml index 46c2a65d..d0ea37e1 100644 --- a/pkg_config.10.xml +++ b/pkg_config.10.xml @@ -395,7 +395,7 @@ </build_pbi> <build_options>barnyard2_UNSET_FORCE=ODBC PGSQL PRELUDE;barnyard2_SET_FORCE=GRE IPV6 MPLS MYSQL PORT_PCAP BRO;snort_SET_FORCE=BARNYARD PERFPROFILE SOURCEFIRE GRE IPV6 NORMALIZER APPID;snort_UNSET_FORCE=PULLEDPORK FILEINSPECT HA</build_options> <config_file>https://packages.pfsense.org/packages/config/snort/snort.xml</config_file> - <version>3.2.7</version> + <version>3.2.8</version> <required_version>2.2</required_version> <status>Stable</status> <configurationfile>/snort.xml</configurationfile> @@ -633,7 +633,7 @@ <config_file>https://packages.pfsense.org/packages/config/ipguard/ipguard.xml</config_file> <pkginfolink>https://forum.pfsense.org/index.php/topic,49917.msg263664.html#msg263664</pkginfolink> <depends_on_package_pbi>ipguard-1.04_2-##ARCH##.pbi</depends_on_package_pbi> - <version>0.1</version> + <version>0.1.1</version> <status>beta</status> <required_version>2.2</required_version> <configurationfile>ipguard.xml</configurationfile> @@ -1052,7 +1052,7 @@ <pkginfolink>https://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> <website>http://www.squid-cache.org/</website> <category>Network</category> - <version>0.2.8</version> + <version>0.2.9</version> <status>beta</status> <required_version>2.2</required_version> <maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> @@ -1281,7 +1281,7 @@ <descr>The shellcmd utility is used to manage commands on system startup.</descr> <category>Services</category> <config_file>https://packages.pfsense.org/packages/config/shellcmd/shellcmd.xml</config_file> - <version>0.6</version> + <version>1.0</version> <status>Beta</status> <required_version>2.2</required_version> <maintainer>markjcrane@gmail.com</maintainer> diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 1b5d6d58..4b02bcdd 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -472,7 +472,7 @@ </build_pbi> <build_options>barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP BRO;snort_SET=PERFPROFILE SOURCEFIRE GRE IPV6 NORMALIZER APPID;snort_UNSET=PULLEDPORK FILEINSPECT HA;perl_SET=THREADS</build_options> <config_file>https://packages.pfsense.org/packages/config/snort/snort.xml</config_file> - <version>2.9.7.2 pkg v3.2.4</version> + <version>2.9.7.2 pkg v3.2.5</version> <required_version>2.1</required_version> <status>Stable</status> <configurationfile>/snort.xml</configurationfile> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index 026b18fe..e93af0be 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -459,7 +459,7 @@ </build_pbi> <build_options>barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP BRO;snort_SET=PERFPROFILE SOURCEFIRE GRE IPV6 NORMALIZER APPID;snort_UNSET=PULLEDPORK FILEINSPECT HA;perl_SET=THREADS</build_options> <config_file>https://packages.pfsense.org/packages/config/snort/snort.xml</config_file> - <version>2.9.7.2 pkg v3.2.4</version> + <version>2.9.7.2 pkg v3.2.5</version> <required_version>2.1</required_version> <status>Stable</status> <configurationfile>/snort.xml</configurationfile> |