diff options
125 files changed, 24663 insertions, 3510 deletions
diff --git a/config/asterisk/asterisk.inc b/config/asterisk/asterisk.inc new file mode 100644 index 00000000..b2f93532 --- /dev/null +++ b/config/asterisk/asterisk.inc @@ -0,0 +1,93 @@ +<?php +/* ========================================================================== */ +/* + asterisk.inc + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 Marcello Coutinho + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + + +function asterisk_install() { + sync_package_asterisk(); +} + +function asterisk_deinstall() { + $script='/usr/local/etc/rc.d/asterisk'; + if (file_exists($script)){ + mwexec("$script stop"); + chmod ($script,0444); + } +} + +function sync_package_asterisk() { + global $config, $g; + + #mount filesystem writeable + conf_mount_rw(); + + #fix asterisk options for nanobsd + if ($g['platform'] == "nanobsd"){ + $script='/usr/local/etc/asterisk/logger.conf'; + if (file_exists($script)){ + $script_file=file_get_contents($script); + $pattern[0]='/messages =/'; + $replace[0]='/tmp/log_asterisk ='; + $script_file=preg_replace($pattern,$replace,$script_file); + file_put_contents($script, $script_file, LOCK_EX); + } + + $script='/usr/local/etc/asterisk/asterisk.conf'; + if (file_exists($script)){ + $script_file=file_get_contents($script); + $pattern[0]='@astdbdir => [a-z,A-Z,/]+@'; + $replace[0]='astdbdir => /tmp'; + $pattern[1]='@astspooldir => [a-z,A-Z,/]+@'; + $replace[1]='astspooldir => /tmp'; + $script_file=preg_replace($pattern,$replace,$script_file); + file_put_contents($script, $script_file, LOCK_EX); + } + + } + + $script='/usr/local/etc/rc.d/asterisk'; + if (file_exists($script)){ + $script_file=file_get_contents($script); + if (preg_match('/NO/',$script_file)){ + $script_file=preg_replace("/NO/","YES",$script_file); + file_put_contents($script, $script_file, LOCK_EX); + } + chmod ($script,0755); + mwexec("$script stop"); + mwexec_bg("$script start"); + } + #mount filesystem readonly + conf_mount_ro(); + +} + +?> diff --git a/config/asterisk/asterisk.xml b/config/asterisk/asterisk.xml new file mode 100644 index 00000000..a0ce4833 --- /dev/null +++ b/config/asterisk/asterisk.xml @@ -0,0 +1,103 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* ========================================================================== */ +/* + asterisk.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 Marcello Coutinho + All rights reserved. +*/ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Asterisk status pacakge</description> + <requirements>Asterisk 1.8.x</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>asterisk</name> + <version>0.1</version> + <title>asterisk</title> + <include_file>/usr/local/pkg/asterisk.inc</include_file> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/asterisk/asterisk.inc</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/asterisk/asterisk_calls.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/asterisk/asterisk_edit_file.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/asterisk/asterisk_log.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/asterisk/asterisk_cmd.php</item> + </additional_files_needed> + <menu> + <name>Asterisk</name> + <tooltiptext>Asterisk</tooltiptext> + <section>Status</section> + <url>/asterisk_cmd.php</url> + </menu> + <service> + <name>asterisk</name> + <rcfile>asterisk</rcfile> + <executable>asterisk</executable> + <description><![CDATA[Asterisk VoIP telephony]]></description> + </service> + <tabs> + </tabs> + <fields> + </fields> + <custom_php_install_command> + asterisk_install(); + </custom_php_install_command> + <custom_php_deinstall_command> + asterisk_deinstall(); + </custom_php_deinstall_command> + <custom_php_command_before_form> + </custom_php_command_before_form> + <custom_php_validation_command> + </custom_php_validation_command> + <custom_delete_php_command> + </custom_delete_php_command> + <custom_php_resync_config_command> + sync_package_asterisk(); + </custom_php_resync_config_command> +</packagegui>
\ No newline at end of file diff --git a/config/asterisk/asterisk_calls.php b/config/asterisk/asterisk_calls.php new file mode 100644 index 00000000..77131d8d --- /dev/null +++ b/config/asterisk/asterisk_calls.php @@ -0,0 +1,167 @@ +<?php +/* $Id$ */ +/* + status_asterisk_calls.php + part of pfSense + Copyright (C) 2009 Scott Ullrich <sullrich@gmail.com>. + Copyright (C) 2012 robreg@zsurob.hu + All rights reserved. + + originally part of m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>. + Copyright (C) 2012 robreg@zsurob.hu + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* + pfSense_MODULE: asterisk +*/ + +##|+PRIV +##|*IDENT=page-status-asterisk +##|*NAME=Status: Asterisk Calls page +##|*DESCR=Allow access to the 'Status: Asterisk Calls' page. +##|*MATCH=status_asterisk_calls.php* +##|-PRIV + +require_once("guiconfig.inc"); + +$pgtitle = array(gettext("Status"),gettext("Asterisk Calls")); +include("head.inc"); + +/* Path to call log database */ +$callog = "/var/log/asterisk/cdr-csv/Master.csv"; + +/* Data input processing */ +$cmd = $_GET['cmd']; +//$cmd = str_replace("+", " ", $cmd); + +$file = $_SERVER["SCRIPT_NAME"]; +$break = Explode('/', $file); +$pfile = $break[count($break) - 1]; + +if (file_exists($callog)) + switch ($cmd){ + case "trim": + $trimres=shell_exec("tail -50 '$callog' > /tmp/trimmed.csv; rm '$callog'; mv /tmp/trimmed.csv '$callog'; chmod 666 '$callog'"); + break; + + case "clear": + $trimres=shell_exec("rm '$callog'; touch '$callog'; chmod 666 '$callog'"); + break; + + case "download": + // session_cache_limiter('none'); //*Use before session_start() + // session_start(); + + header('Content-Description: File Transfer'); + header('Content-Type: application/octet-stream'); + header('Content-Disposition: attachment; filename='.basename($callog)); + header('Content-Transfer-Encoding: binary'); + header('Expires: 0'); + header('Cache-Control: must-revalidate'); + header('Pragma: public'); + header('Content-Length: ' . filesize($callog)); + ob_clean(); + flush(); + readfile($callog); + exit; + break; + } +?> + + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> + <?php include("fbegin.inc"); ?> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td> + <?php + $tab_array = array(); + $tab_array[0] = array(gettext("Commands"), false, "asterisk_cmd.php"); + $tab_array[1] = array(gettext("Calls"), true, "asterisk_calls.php"); + $tab_array[2] = array(gettext("Log"), false, "asterisk_log.php"); + $tab_array[3] = array(gettext("Edit configuration"), false, "asterisk_edit_file.php"); + display_top_tabs($tab_array); + ?> + </td> + </tr> + <tr> + <td> + <div id="mainarea"> + <?php + //$trimres=shell_exec("tail -50 '$callog' > /tmp/trimmed.csv; rm '$callog'; mv /tmp/trimmed.csv '$callog'"); + //print $trimres . "Last 50 calls: <br>"; + if (file_exists($callog)) + $file_handle = fopen($callog, "r"); + ?> + <table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td colspan="6" class="listtopic">Last 50 Asterisk calls</td> + </tr> + <tr> + <td nowrap class="listhdrr"><?=gettext("From");?></td> + <td nowrap class="listhdrr"><?=gettext("To");?></a></td> + <td nowrap class="listhdrr"><?=gettext("Start");?></td> + <td nowrap class="listhdrr"><?=gettext("End");?></a></td> + <td nowrap class="listhdrr"><?=gettext("Duration");?></a></td> + <td nowrap class="listhdrr"><?=gettext("Status");?></td> + </tr> + <?php + $out = ''; + if (file_exists($callog)){ + while (!feof($file_handle) ) { + $lin = fgetcsv($file_handle, 102400); + if ($lin[12] != "") { + $out = "<tr>" . $out; + $out = "<td class='listlr'>" . str_replace('"', '', $lin[4]) . "</td><td class='listlr'>" . $lin[2] . "</td><td class='listlr'>" . $lin[9] . "</td><td class='listlr'>" . $lin[11] . "</td><td class='listlr'>" . gmdate("G:i:s", $lin[12]) . "</td><td class='listlr'>" . $lin[14] . "</td>" . $out; + $out = "</tr>" . $out; + } + } + fclose($file_handle); + } + echo $out; + echo "<tr><td colspan='6'><a href='$pfile?cmd=download'><input type='button' name='command' value='Download' class='formbtn'></a>"; + echo "<a href='$pfile?cmd=trim'><input type='button' name='command' value='Trim log' class='formbtn'></a>"; + echo "<a href='$pfile?cmd=clear'><input type='button' name='command' value='Clear log' class='formbtn'></a></td></tr>"; + ?> + </table> + </div> + </td> + </tr> + </table> + +<p/> + +<span class="vexpl"> + <span class="red"> + <strong><?=gettext("Notes:");?><br /></strong> + </span> + <?=gettext("Listed in reverse order (latest on top).");?> <br> + <?=gettext("Duration includes ringing time.");?> <br> + <?=gettext("Trim keeps the last 50 entries.");?> +</span> + + +<?php include("fend.inc"); ?> +</body> diff --git a/config/asterisk/asterisk_cmd.php b/config/asterisk/asterisk_cmd.php new file mode 100644 index 00000000..504c3cd1 --- /dev/null +++ b/config/asterisk/asterisk_cmd.php @@ -0,0 +1,120 @@ +<?php +/* $Id$ */ +/* + status_asterisk.php + part of pfSense + Copyright (C) 2009 Scott Ullrich <sullrich@gmail.com>. + Copyright (C) 2012 robreg@zsurob.hu + All rights reserved. + + originally part of m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* + pfSense_MODULE: asterisk +*/ + +##|+PRIV +##|*IDENT=page-status-asterisk +##|*NAME=Status: Asterisk page +##|*DESCR=Allow access to the 'Status: Asterisk' page. +##|*MATCH=status_asterisk.php* +##|-PRIV + +require_once("guiconfig.inc"); + +$pgtitle = array(gettext("Status"),gettext("Asterisk")); +include("head.inc"); + +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> + +<?php +/* Data input processing */ +$cmd = $_GET['cmd']; +$cmd = str_replace("+", " ", $cmd); + +if ($cmd == "") { + $cmd = "core show settings"; +} + +$file = $_SERVER["SCRIPT_NAME"]; +$break = Explode('/', $file); +$pfile = $break[count($break) - 1]; + +?> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td> + <?php + $tab_array = array(); + $tab_array[0] = array(gettext("Commands"), true, "asterisk_cmd.php"); + $tab_array[1] = array(gettext("Calls"), false, "asterisk_calls.php"); + $tab_array[2] = array(gettext("Log"), false, "asterisk_log.php"); + $tab_array[3] = array(gettext("Edit configuration"), false, "asterisk_edit_file.php"); + display_top_tabs($tab_array); + ?> + </td> + </tr> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont sortable" width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td class="listtopic"> + <?php + /* Print command buttons */ + echo "<a href='$pfile?cmd=sip+show+registry'><input type='button' name='command' value='SIP Registry' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=sip+show+peers'><input type='button' name='command' value='SIP Peers' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=sip+show+channels'><input type='button' name='command' value='SIP Channels' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=core+show+channels'><input type='button' name='command' value='Channels' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=core+show+codecs+audio'><input type='button' name='command' value='Codecs' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=core+show+translation+recalc+10'><input type='button' name='command' value='Translation' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=sip+show+settings'><input type='button' name='command' value='SIP Settings' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=sip+reload'><input type='button' name='command' value='!Reload SIP' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=core+reload'><input type='button' name='command' value='!Reload Core' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=core+show+uptime'><input type='button' name='command' value='Uptime' class='formbtns'></a>"; + ?> + </td> + </tr> + <tr valign="top"> + <td class="listlr" nowrap> + <?php + /* Run commands and print results */ + $asterisk_command=shell_exec("asterisk -rx '$cmd'"); + echo "<pre style='font-size:11px; background:white'>"; + echo $asterisk_command; + echo "</pre>"; + ?> + </td> + </tr> + </table> + </div> + </td> + </tr> + </table> +<?php include("fend.inc"); ?>
\ No newline at end of file diff --git a/config/asterisk/asterisk_edit_file.php b/config/asterisk/asterisk_edit_file.php new file mode 100644 index 00000000..50d00279 --- /dev/null +++ b/config/asterisk/asterisk_edit_file.php @@ -0,0 +1,246 @@ +<?php +/* + edit.php + Copyright (C) 2004, 2005 Scott Ullrich + Copyright (C) 2012 robreg@zsurob.hu + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* + pfSense_MODULE: shell +*/ + +##|+PRIV +##|*IDENT=page-status-asterisk +##|*NAME=Status: Asterisk config editor page +##|*DESCR=Allow access to the 'Status: Asterisk configuration files' page. +##|*MATCH=status_asterisk_edit.php* +##|-PRIV + +$pgtitle = array(gettext("Status"),gettext("Asterisk configuration files")); +require("guiconfig.inc"); + +if($_REQUEST['action']) { + switch($_REQUEST['action']) { + case 'load': + if(strlen($_REQUEST['file']) < 1) { + echo "|5|" . gettext("No file name specified") . ".|"; + } elseif(is_dir($_REQUEST['file'])) { + echo "|4|" . gettext("Loading a directory is not supported") . ".|"; + } elseif(! is_file($_REQUEST['file'])) { + echo "|3|" . gettext("File does not exist or is not a regular file") . ".|"; + } else { + $data = file_get_contents(urldecode($_REQUEST['file'])); + if($data === false) { + echo "|1|" . gettext("Failed to read file") . ".|"; + } else { + echo "|0|{$_REQUEST['file']}|{$data}|"; + } + } + exit; + case 'save': + if(strlen($_REQUEST['file']) < 1) { + echo "|" . gettext("No file name specified") . ".|"; + } else { + conf_mount_rw(); + $_REQUEST['data'] = str_replace("\r", "", base64_decode($_REQUEST['data'])); + $ret = file_put_contents($_REQUEST['file'], $_REQUEST['data']); + conf_mount_ro(); + if($_REQUEST['file'] == "/conf/config.xml" || $_REQUEST['file'] == "/cf/conf/config.xml") { + if(file_exists("/tmp/config.cache")) + unlink("/tmp/config.cache"); + disable_security_checks(); + } + if($ret === false) { + echo "|" . gettext("Failed to write file") . ".|"; + } elseif($ret <> strlen($_REQUEST['data'])) { + echo "|" . gettext("Error while writing file") . ".|"; + } else { + echo "|" . gettext("File successfully saved") . ".|"; + } + } + exit; + } + exit; +} + +require("head.inc"); +outputJavaScriptFileInline("filebrowser/browser.js"); +outputJavaScriptFileInline("javascript/base64.js"); + +?> + +<body link="#000000" vlink="#000000" alink="#000000"> +<?php include("fbegin.inc"); ?> + +<script type="text/javascript"> + function loadFile() { + $("fileStatus").innerHTML = "<?=gettext("Loading file"); ?> ..."; + Effect.Appear("fileStatusBox", { duration: 0.5 }); + + new Ajax.Request( + "<?=$_SERVER['SCRIPT_NAME'];?>", { + method: "post", + postBody: "action=load&file=" + $("fbTarget").value, + onComplete: loadComplete + } + ); + } + + function loadComplete(req) { + Element.show("fileContent") + var values = req.responseText.split("|"); + values.shift(); values.pop(); + + if(values.shift() == "0") { + var file = values.shift(); + $("fileStatus").innerHTML = "<?=gettext("File successfully loaded"); ?>."; + $("fileContent").value = values.join("|"); + + var lang = "none"; + if(file.indexOf(".php") > 0) lang = "php"; + else if(file.indexOf(".inc") > 0) lang = "php"; + else if(file.indexOf(".xml") > 0) lang = "xml"; + else if(file.indexOf(".js" ) > 0) lang = "js"; + else if(file.indexOf(".css") > 0) lang = "css"; + + } + else { + $("fileStatus").innerHTML = values[0]; + $("fileContent").value = ""; + } + new Effect.Appear("fileContent"); + } + + function saveFile(file) { + $("fileStatus").innerHTML = "<?=gettext("Saving file"); ?> ..."; + Effect.Appear("fileStatusBox", { duration: 0.5 }); + + var fileContent = Base64.encode($("fileContent").value); + fileContent = fileContent.replace(/\+/g,"%2B"); + + new Ajax.Request( + "<?=$_SERVER['SCRIPT_NAME'];?>", { + method: "post", + postBody: "action=save&file=" + $("fbTarget").value + + "&data=" + fileContent, + onComplete: function(req) { + var values = req.responseText.split("|"); + $("fileStatus").innerHTML = values[1]; + } + } + ); + } +</script> + + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td> + <?php + $tab_array = array(); + $tab_array[0] = array(gettext("Commands"), false, "asterisk_cmd.php"); + $tab_array[1] = array(gettext("Calls"), false, "asterisk_calls.php"); + $tab_array[2] = array(gettext("Log"), false, "asterisk_log.php"); + $tab_array[3] = array(gettext("Edit configuration"), true, "asterisk_edit_file.php"); + display_top_tabs($tab_array); + ?> + </td> + </tr> + <tr> + <td> + <div id="mainarea"> + + <!-- file status box --> + <div style="display:none; background:#eeeeee;" id="fileStatusBox"> + <div class="vexpl" style="padding-left:15px;"> + <strong id="fileStatus"></strong> + </div> + </div> + + + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td class="tabcont" align="center"> + + <!-- controls --> + <table width="100%" cellpadding="9" cellspacing="9"> + <tr> + <td align="center" class="list"> + <?=gettext("Save / Load from path"); ?>: + <input type="text" class="formfld file" id="fbTarget" value="<?=gettext('/usr/local/etc/asterisk');?>" size="45" /> + <input type="button" class="formbtn" id="fbOpen" value="<?=gettext('Browse');?>" /> + <!-- <input type="button" class="formbtn" onclick="loadFile();" value="<?=gettext('Load');?>" /> --> + <input type="button" class="formbtn" onclick="saveFile();" value="<?=gettext('Save');?>" /> + <br /> + </td> + </tr> + </table> + + <!-- filebrowser --> + <div id="fbBrowser" style="display:none; border:1px dashed gray; width:98%;"></div> + + <!-- file viewer/editor --> + <table width="100%"> + <tr> + <td valign="top" class="label"> + <div style="background:#eeeeee;" id="fileOutput"> + <textarea id="fileContent" name="fileContent" style="width:100%;" rows="30" wrap="off"></textarea> + </div> + </td> + </tr> + </table> + + </td> + </tr> + </table> + + <script type="text/javascript"> + Event.observe( + window, "load", + function() { + $("fbTarget").focus(); + + NiftyCheck(); + Rounded("div#fileStatusBox", "all", "#ffffff", "#eeeeee", "smooth"); + } + ); + + <?php if($_GET['action'] == "load"): ?> + Event.observe( + window, "load", + function() { + $("fbTarget").value = "<?=$_GET['path'];?>"; + loadFile(); + } + ); + <?php endif; ?> + </script> + + </div> + </td> + </tr> + </table> + +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/config/asterisk/asterisk_log.php b/config/asterisk/asterisk_log.php new file mode 100644 index 00000000..7d1328ed --- /dev/null +++ b/config/asterisk/asterisk_log.php @@ -0,0 +1,130 @@ +<?php +/* $Id$ */ +/* + status_asterisk_log.php + part of pfSense + Copyright (C) 2009 Scott Ullrich <sullrich@gmail.com>. + Copyright (C) 2012 robreg@zsurob.hu + Copyright (C) 2012 Marcello Coutinho + All rights reserved. + + originally part of m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* + pfSense_MODULE: asterisk +*/ + +##|+PRIV +##|*IDENT=page-status-asterisk +##|*NAME=Status: Asterisk Calls page +##|*DESCR=Allow access to the 'Status: Asterisk Log' page. +##|*MATCH=status_asterisk_log.php* +##|-PRIV + +require_once("guiconfig.inc"); + +$pgtitle = array(gettext("Status"),gettext("Asterisk Log")); +include("head.inc"); + +/* Path to Asterisk log file */ +if ($g['platform'] == "nanobsd") + $log = "/tmp/log_asterisk"; +else + $log = "/var/log/asterisk/messages"; + +?> + +<?php +/* Data input processing */ +$cmd = $_GET['cmd']; +//$cmd = str_replace("+", " ", $cmd); + +$file = $_SERVER["SCRIPT_NAME"]; +$break = Explode('/', $file); +$pfile = $break[count($break) - 1]; + +if ($cmd == "trim") { + $trimres=shell_exec("tail -50 '$log' > /tmp/trimmed.csv; rm '$log'; mv /tmp/trimmed.csv '$log'; chmod 666 '$log'"); +} + +if ($cmd == "clear") { + $trimres=shell_exec("rm '$log'; touch '$log'; chmod 666 '$log'"); +} + +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> + <?php include("fbegin.inc"); ?> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td> + <?php + $tab_array = array(); + $tab_array[0] = array(gettext("Commands"), false, "asterisk_cmd.php"); + $tab_array[1] = array(gettext("Calls"), false, "asterisk_calls.php"); + $tab_array[2] = array(gettext("Log"), true, "asterisk_log.php"); + $tab_array[3] = array(gettext("Edit configuration"), false, "asterisk_edit_file.php"); + display_top_tabs($tab_array); + ?> + </td> + </tr> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont sortable" width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td colspan="2" class="listtopic">Last 50 Asterisk log entries</td> + </tr> + + <tr valign="top"><td class="listlr" nowrap> + + <?php + $showlog_command=shell_exec("tail -50 '$log'"); + echo nl2br($showlog_command); + ?> + </td></tr> + <?php + echo "<tr><td colspan='6'><a href='$pfile?cmd=trim'><input type='button' name='command' value='Trim log' class='formbtn'></a>"; + echo "<a href='$pfile?cmd=clear'><input type='button' name='command' value='Clear log' class='formbtn'></a></td></tr>"; + ?> + </table> + </div> + </td> + </tr> + </table> + +<p/> + +<span class="vexpl"> + <span class="red"> + <strong><?=gettext("Note:");?><br /></strong> + </span> + <?=gettext("Trim keeps the last 50 lines of the log.");?> +</span> + +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/config/dansguardian/dansguardian.conf.template b/config/dansguardian/dansguardian.conf.template index 5bee053e..ab30527a 100755 --- a/config/dansguardian/dansguardian.conf.template +++ b/config/dansguardian/dansguardian.conf.template @@ -157,7 +157,8 @@ proxyport = {$proxyport} # # Individual filter groups can override this setting in their own configuration. # -accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl' +#accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl' +{$accessdeniedaddress} # Non standard delimiter (only used with accessdeniedaddress) # To help preserve the full banned URL, including parameters, the variables @@ -680,7 +681,7 @@ softrestart = {$softrestart} #SSL certificate checking path #Path to CA certificates used to validate the certificates of https sites. -sslcertificatepath = '/etc/ssl/certs/' +sslcertificatepath = '/usr/local/share/certs/' #SSL man in the middle #CA certificate path diff --git a/config/dansguardian/dansguardian.inc b/config/dansguardian/dansguardian.inc index 6c6d6e93..850c04e0 100755 --- a/config/dansguardian/dansguardian.inc +++ b/config/dansguardian/dansguardian.inc @@ -32,6 +32,9 @@ require_once("util.inc"); require("globals.inc"); #require("guiconfig.inc"); +$uname=posix_uname(); +if ($uname['machine']=='amd64') + ini_set('memory_limit', '250M'); function dg_text_area_decode($text){ return preg_replace('/\r\n/', "\n",base64_decode($text)); @@ -46,20 +49,55 @@ function dg_get_real_interface_address($iface) { return array($ip, long2ip(hexdec($netmask))); } +function check_ca_hashes(){ + global $config,$g; + + #check certificates + $cert_count=0; + if (is_dir('/usr/local/share/certs')) + if ($handle = opendir('/usr/local/share/certs')) { + while (false !== ($file = readdir($handle))) + if (preg_match ("/\d+.0/",$file)) + $cert_count++; + } + closedir($handle); + if ($cert_count < 10){ + conf_mount_rw(); + #create ca-root hashes from ca-root-nss package + log_error("Creating root certificate bundle hashes from the Mozilla Project"); + $cas=file('/usr/local/share/certs/ca-root-nss.crt'); + $cert=0; + foreach ($cas as $ca){ + if (preg_match("/--BEGIN CERTIFICATE--/",$ca)) + $cert=1; + if ($cert == 1) + $crt.=$ca; + if (preg_match("/-END CERTIFICATE-/",$ca)){ + file_put_contents("/tmp/cert.pem",$crt, LOCK_EX); + $cert_hash=array(); + exec("/usr/bin/openssl x509 -hash -noout -in /tmp/cert.pem",$cert_hash); + file_put_contents("/usr/local/share/certs/".$cert_hash[0].".0",$crt,LOCK_EX); + $crt=""; + $cert=0; + } + } + } +} + function sync_package_dansguardian() { global $config,$g; - #check if its booting - if ($g['booting']){ - if (is_array($config['installedpackages']['dansguardian'])) - if (!$config['installedpackages']['dansguardian']['config'][0]['enable']) - return; - if (file_exists("/var/run/dansguardian.pid")){ - exec("/bin/ps -p `cat /var/run/dansguardian.pid` 2>&1",$return); - if (preg_match("/dansguardian/",$return[1])) - return; - } + # detect boot process + if (is_array($_POST)){ + if (preg_match("/\w+/",$_POST['__csrf_magic'])) + unset($boot_process); + else + $boot_process="on"; } + + if (is_process_running('dansguardian') && isset($boot_process)) + return; + #assign xml arrays if (!is_array($config['installedpackages']['dansguardian'])) $config['installedpackages']['dansguardian']['config'][0]=array('interface'=>'lo0', @@ -132,7 +170,13 @@ function sync_package_dansguardian() { $recheckreplacedurls=(preg_match('/icapscan/',$dansguardian_config['misc_options'])?"on":"off"); $usexforwardedfor=(preg_match('/usexforwardedfor/',$dansguardian_config['misc_options'])?"on":"off"); $authplugin=(preg_match('/usr/',$dansguardian_config['auth_plugin'])?"authplugin = '".$dansguardian_config['auth_plugin']."'":""); - + /*if ($dansguardian_config['auth_plugin']!=""){ + $auth_plugins=explode(",",$dansguardian_config['auth_plugin']); + $authplugin=""; + foreach ($auth_plugins as $auth_selected) + $authplugin.="authplugin = '".$auth_selected."'\n"; + } + */ #limits $maxuploadsize=($dansguardian_limits['maxuploadsize']?$dansguardian_limits['maxuploadsize']:"-1"); $maxcontentfiltersize=($dansguardian_limits['maxcontentfiltersize']?$dansguardian_limits['maxcontentfiltersize']:"256"); @@ -143,6 +187,16 @@ function sync_package_dansguardian() { #report and log $reportlevel=($dansguardian_log['report_level']?$dansguardian_log['report_level']:"3"); + if ($reportlevel == 1 || $reportlevel== 2){ + if (preg_match("@(\w+://[a-zA-Z0-9.:/\-]+)@",$dansguardian_log['reportingcgi'],$cgimatches)){ + $accessdeniedaddress="accessdeniedaddress = '".$cgimatches[1]."'"; + } + else{ + log_error("dansguardian - " . $dansguardian_log['reportingcgi'] . " is not a valid access denied cgi url"); + file_notice("dansguardian - " . $dansguardian_log['reportingcgi'] . " is not a valid access denied cgi url",""); + } + } + $accessdenied=($dansguardian_log['reportingcgi']?$dansguardian_log['report_level']:"3"); $reportlanguage=($dansguardian_log['report_language']?$dansguardian_log['report_language']:"ukenglish"); $showweightedfound=(preg_match('/showweightedfound/',$dansguardian_log['report_options'])?"on":"off"); $usecustombannedflash=(preg_match('/usecustombannedflash/',$dansguardian_log['report_options'])?"on":"off"); @@ -215,27 +269,31 @@ function sync_package_dansguardian() { $load_samples=0; #ssl men-in-the-middle feature - $dirs=array($dansguardian_dir."/ssl",$dansguardian_dir."/ssl/generatedcerts",$dansguardian_dir."/ssl/generatedlinks"); + $dirs=array("/var/log/dansguardian/stats","/etc/ssl/demoCA","/etc/ssl/demoCA/private","/etc/ssl/demoCA/crl","/etc/ssl/demoCA/certs",$dansguardian_dir."/ssl/generatedcerts",$dansguardian_dir."/ssl/generatedlinks"); foreach ($dirs as $dir) if (!is_dir($dir)) - mkdir ($dir,0700,true); - $ca_cert = lookup_ca($dansguardian_config["ca"][0]); + mkdir ($dir,0755,true); + $ca_cert = lookup_ca($dansguardian_config["dca"]); if ($ca_cert != false) { if(base64_decode($ca_cert['prv'])) { - file_put_contents($dansguardian_dir. "/ssl/ssl_ca_key.pem",base64_decode($ca_cert['prv'])); - $ca_pk = "caprivatekeypath = ".$dansguardian_dir . "/ssl/ssl_ca_key.pem"; + file_put_contents("/etc/ssl/demoCA/private/cakey.pem",base64_decode($ca_cert['prv'])); + $ca_pk = "caprivatekeypath = '/etc/ssl/demoCA/private/cakey.pem'"; } if(base64_decode($ca_cert['crt'])) { - file_put_contents($dansguardian_dir . "/ssl/ssl_ca_cert.pem",base64_decode($ca_cert['crt'])); - $ca_pem = "cacertificatepath = ".$dansguardian_dir . "/ssl/ssl_ca_cert.pem"; - $generatedcertpath= "generatedcertpath = ".$dansguardian_dir . "/ssl/generatedcerts"; - $generatedlinkpath= "generatedlinkpath = ".$dansguardian_dir . "/ssl/generatedlinks"; + $cert_hash=array(); + file_put_contents("/etc/ssl/demoCA/cacert.pem",base64_decode($ca_cert['crt'])); + exec("/usr/bin/openssl x509 -hash -noout -in /etc/ssl/demoCA/cacert.pem",$cert_hash); + file_put_contents("/usr/local/share/certs/".$cert_hash[0].".0",base64_decode($ca_cert['crt'])); + $ca_pem = "cacertificatepath = '/etc/ssl/demoCA/cacert.pem'"; + $generatedcertpath= "generatedcertpath = '/etc/ssl/demoCA/certs/'"; + #generatedcertpath = ".$dansguardian_dir . "/ssl/generatedcerts"; + $generatedlinkpath= "generatedlinkpath = '".$dansguardian_dir . "/ssl/generatedlinks'"; } - $svr_cert = lookup_cert($dansguardian_config["cert"][0]); + $svr_cert = lookup_cert($dansguardian_config["dcert"]); if ($svr_cert != false) { if(base64_decode($svr_cert['prv'])) { - file_put_contents($dansguardian_dir . "/ssl/ssl_server_key.pem",base64_decode($svr_cert['prv'])."\n".base64_decode($svr_cert['crt'])); - $cert_key = "certprivatekeypath = ".$dansguardian_dir . '/ssl/ssl_server_key.pem'; + file_put_contents("/etc/ssl/demoCA/private/serverkey.pem",base64_decode($svr_cert['prv'])); + $cert_key = "certprivatekeypath = '/etc/ssl/demoCA/private/serverkey.pem' "; } } } @@ -615,7 +673,7 @@ function sync_package_dansguardian() { $config['installedpackages']['dansguardianlog']['config'][0]['report_file']=base64_encode($report_file); $dansguardian_log['report_file']=base64_encode($report_file); $load_samples++; - } + } if($load_samples > 0) write_config(); @@ -634,7 +692,8 @@ function sync_package_dansguardian() { 'urlacl'=> "Default", 'group_options' => "scancleancache,infectionbypasserrorsonly", 'reportinglevel'=>'3', - 'mode'=> "1"); + 'mode'=> "1", + 'report_level'=>"global"); $groups=array("scancleancache","hexdecodecontent","blockdownloads","enablepics","deepurlanalysis","infectionbypasserrorsonly","disablecontentscan","sslcertcheck","sslmitm"); #loop on array @@ -653,6 +712,29 @@ function sync_package_dansguardian() { $dansguardian_groups['bypass']=($dansguardian_groups['bypass']?$dansguardian_groups['bypass']:"0"); $dansguardian_groups['infectionbypass']=($dansguardian_groups['infectionbypass']?$dansguardian_groups['infectionbypass']:"0"); $dansguardian_groups['mitmkey']=($dansguardian_groups['mitmkey']?$dansguardian_groups['mitmkey']:"dgs3dD3da"); + switch ($dansguardian_groups['reportinglevel']){ + case "1": + case "2": + $groupreportinglevel="reportinglevel = ".$dansguardian_groups['reportinglevel']; + if (preg_match("@(\w+://[a-zA-Z0-9.:/\-]+)@",$dansguardian_groups['reportingcgi'],$cgimatches)){ + $groupaccessdeniedaddress="accessdeniedaddress = '".$cgimatches[1]."'"; + } + else{ + log_error('Dansguardian - Group '.$dansguardian_groups['name']. ' does not has a valid access denied cgi url.'); + file_notice('Dansguardian - Group '.$dansguardian_groups['name']. ' does not has a valid access denied cgi url.',""); + } + break; + case "-1": + case "0": + case "3": + $groupreportinglevel="reportinglevel = ".$dansguardian_groups['reportinglevel']; + $groupaccessdeniedaddress=""; + break; + default: + $groupreportinglevel=""; + $groupaccessdeniedaddress=""; + } + foreach ($groups as $group) $dansguardian_groups[$group]=(preg_match("/$group/",$dansguardian_groups['group_options'])?"on":"off"); include("/usr/local/pkg/dansguardianfx.conf.template"); @@ -796,10 +878,11 @@ EOF; $cron_found=0; if (is_array($config['cron']['item'])) foreach($config['cron']['item'] as $cron) - if (!preg_match("/usr.local.(bin.freshclam|www.dansguardian.php)/",$cron["command"])){ + if (preg_match("/usr.local.(bin.freshclam|www.dansguardian)/",$cron["command"])) $cron_found++; + else $new_cron['item'][]=$cron; - } + $cron_cmd="/usr/local/bin/freshclam"; if($dansguardian_config['cron'] && preg_match("/clamd/",$dansguardian_config['content_scanners'])) switch ($dansguardian_config['cron']){ @@ -875,7 +958,32 @@ EOF; break; } - + $cron_cmd="/usr/local/bin/php /usr/local/www/dansguardian_ldap.php"; + if (is_array($config['installedpackages']['dansguardiangroups']['config'])) + foreach ($config['installedpackages']['dansguardiangroups']['config'] as $dansguardian_groups){ + if(preg_match('/(\d+)m/',$dansguardian_groups['freq'],$matches)){ + $new_cron['item'][]=array( "minute" => "*/".$matches[1], + "hour" => "*", + "mday" => "*", + "month" => "*", + "wday" => "*", + "who" => "root", + "command"=> $cron_cmd." ".$dansguardian_groups['name']); + $config['cron']=$new_cron; + $cron_found++; + } + if(preg_match('/(\d+)h/',$dansguardian_groups['freq'],$matches)){ + $new_cron['item'][]=array( "minute" => "0", + "hour" => "*/".$matches[1], + "mday" => "*", + "month" => "*", + "wday" => "*", + "who" => "root", + "command"=> $cron_cmd." ".$dansguardian_groups['name']); + $config['cron']=$new_cron; + $cron_found++; + } + } #write files conf_mount_rw(); @@ -884,6 +992,7 @@ EOF; #update cron if ($cron_found > 0){ $config['cron']=$new_cron; + write_config(); configure_cron(); } @@ -933,8 +1042,9 @@ EOF; $script_file=file($script); foreach ($script_file as $script_line){ if(preg_match("/command=/",$script_line)){ - $new_clamav_startup.= "/bin/mkdir /var/run/clamav\n"; - $new_clamav_startup.= "chown ".$matches[1]." /var/run/clamav\n"; + $new_clamav_startup.= 'if [ ! -d /var/run/clamav ];then /bin/mkdir /var/run/clamav;fi'."\n"; + $new_clamav_startup.= "chown -R ".$matches[1]." /var/run/clamav\n"; + $new_clamav_startup.= "chown -R ".$matches[1]." /var/log/clamav\n"; $new_clamav_startup.=$script_line; } elseif(!preg_match("/(mkdir|chown|sleep|mailscanner)/",$script_line)) { @@ -943,50 +1053,70 @@ EOF; } file_put_contents($script, $new_clamav_startup, LOCK_EX); chmod ($script,0755); - if (file_exists('/var/run/dansguardian.pid')) + if (file_exists('/var/run/dansguardian.pid') && is_process_running('clamd')){ + log_error('Stopping clamav-clamd'); mwexec("$script stop"); + } unlink_if_exists("/tmp/.dguardianipc"); unlink_if_exists("/tmp/.dguardianurlipc"); - mwexec_bg("$script start"); + if (! is_process_running('clamd')){ + log_error('Starting clamav-clamd'); + mwexec_bg("$script start"); + } } } - - $script='/usr/local/etc/rc.d/dansguardian'; - if($config['installedpackages']['dansguardian']['config'][0]['enable']){ - $script_file=file_get_contents($script); - if (preg_match('/NO/',$script_file)){ - $script_file=preg_replace("/NO/","YES",$script_file); - file_put_contents($script, $script_file, LOCK_EX); - } + #check certificate hashed + + $script='/usr/local/etc/rc.d/dansguardian.sh'; + unlink_if_exists('/usr/local/etc/rc.d/dansguardian'); + if($config['installedpackages']['dansguardian']['config'][0]['enable']=="on"){ + copy('/usr/local/pkg/dansguardian_rc.template',$script); chmod ($script,0755); - mwexec("$script stop"); - mwexec_bg("$script start"); + if (is_process_running('dansguardian')){ + log_error('Reloading Dansguardian'); + exec("/usr/local/sbin/dansguardian -r"); + } + else{ + log_error('Starting Dansguardian'); + mwexec("$script start"); + } } else{ - mwexec("$script stop"); - chmod ($script,0444); + if (is_process_running('dansguardian')){ + log_error('Dansguardian is disabled, stopping process...'); + mwexec("$script stop"); + } + if (file_exists($script)) + chmod ($script,444); } if (!file_exists('/usr/local/etc/dansguardian/lists/phraselists/pornography/weighted_russian_utf8')) file_put_contents('/usr/local/etc/dansguardian/lists/phraselists/pornography/weighted_russian_utf8',"",LOCK_EX); - - conf_mount_ro(); - $synconchanges = $config['installedpackages']['dansguardiansync']['config'][0]['synconchanges']; - if(!$synconchanges && !$syncondbchanges) - return; - log_error("[dansguardian] dansguardian_xmlrpc_sync.php is starting."); - foreach ($config['installedpackages']['dansguardiansync']['config'] as $rs ){ - foreach($rs['row'] as $sh){ - $sync_to_ip = $sh['ipaddress']; - $password = $sh['password']; - $sync_type = $sh['sync_type']; - if($password && $sync_to_ip) - dansguardian_do_xmlrpc_sync($sync_to_ip, $password,$sync_type); - } - } - log_error("[dansguardian] dansguardian_xmlrpc_sync.php is ending."); + + #check ca certs hashes + check_ca_hashes(); + #mount read only + conf_mount_ro(); + + #avoid sync during boot process + if (!isset($boot_process)){ + $synconchanges = $config['installedpackages']['dansguardiansync']['config'][0]['synconchanges']; + if(!$synconchanges && !$syncondbchanges) + return; + log_error("[dansguardian] dansguardian_xmlrpc_sync.php is starting."); + foreach ($config['installedpackages']['dansguardiansync']['config'] as $rs ){ + foreach($rs['row'] as $sh){ + $sync_to_ip = $sh['ipaddress']; + $password = $sh['password']; + $sync_type = $sh['sync_type']; + if($password && $sync_to_ip) + dansguardian_do_xmlrpc_sync($sync_to_ip, $password,$sync_type); + } + } + log_error("[dansguardian] dansguardian_xmlrpc_sync.php is ending."); + } } function dansguardian_validate_input($post, &$input_errors) { @@ -997,20 +1127,30 @@ function dansguardian_validate_input($post, &$input_errors) { $input_errors[] = "{$value} cannot be used as name."; else if ($key == "name" && preg_match("/\W/",$value)) $input_errors[] = "{$value} cannot be used as name. Use only a-z 0-9 characters"; - + else if (empty($value)) + continue; + else if($key == "freq" && (!preg_match("/^\d+(h|m|d)$/",$value) || $value == 0)) + $input_errors[] = "A valid number with a time reference is required for the field 'Update Frequency'"; } } function dansguardian_php_install_command() { - sync_package_dansguardian(); + sync_package_dansguardian(); } function dansguardian_php_deinstall_command() { - mwexec("/usr/local/etc/rc.d/dansguardian stop"); - sleep(1); - conf_mount_rw(); - chmod ("/usr/local/etc/rc.d/dansguardian",0444); - conf_mount_ro(); + global $config,$g; + if(is_process_running('dansguardian')){ + log_error("stopping dansguardian.."); + mwexec("/usr/local/etc/rc.d/dansguardian.sh stop"); + sleep(1); + } + + if (file_exists("/usr/local/etc/rc.d/dansguardian.sh")){ + conf_mount_rw(); + chmod ("/usr/local/etc/rc.d/dansguardian.sh",0444); + conf_mount_ro(); + } } function dansguardian_do_xmlrpc_sync($sync_to_ip, $password,$sync_type) { @@ -1045,6 +1185,8 @@ function dansguardian_do_xmlrpc_sync($sync_to_ip, $password,$sync_type) { $xml['dansguardian'] = $config['installedpackages']['dansguardian']; $xml['dansguardianantivirusacl'] = $config['installedpackages']['dansguardianantivirusacl']; $xml['dansguardianconfig'] = $config['installedpackages']['dansguardianconfig']; + $xml['dansguardianblacklist'] = $config['installedpackages']['dansguardianblacklist']; + $xml['dansguardianldap'] = $config['installedpackages']['dansguardianldap']; $xml['dansguardiancontentacl'] = $config['installedpackages']['dansguardiancontentacl']; $xml['dansguardianfileacl'] = $config['installedpackages']['dansguardianfileacl']; $xml['dansguardiangroups'] = $config['installedpackages']['dansguardiangroups']; diff --git a/config/dansguardian/dansguardian.xml b/config/dansguardian/dansguardian.xml index 41f2a447..334c99e7 100644 --- a/config/dansguardian/dansguardian.xml +++ b/config/dansguardian/dansguardian.xml @@ -69,6 +69,16 @@ <chmod>0755</chmod> </additional_files_needed> <additional_files_needed> + <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_ldap.php</item> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_ldap.xml</item> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_limits.xml</item> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> @@ -174,6 +184,11 @@ <chmod>0755</chmod> </additional_files_needed> <additional_files_needed> + <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_rc.template</item> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> <item>http://www.pfsense.org/packages/config/dansguardian/blockedflash.swf</item> <prefix>/usr/local/share/dansguardian/</prefix> <chmod>0755</chmod> @@ -201,6 +216,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardian_about.php b/config/dansguardian/dansguardian_about.php index f9c9e260..49359472 100755 --- a/config/dansguardian/dansguardian_about.php +++ b/config/dansguardian/dansguardian_about.php @@ -57,6 +57,7 @@ include("head.inc"); $tab_array[] = array(gettext("Limits"), false, "/pkg_edit.php?xml=dansguardian_limits.xml&id=0"); $tab_array[] = array(gettext("Blacklist"), false, "/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0"); $tab_array[] = array(gettext("Access Lists"), false, "/pkg_edit.php?xml=dansguardian_antivirus.xml&id=0"); + $tab_array[] = array(gettext("LDAP"), false, "/pkg.php?xml=dansguardian_ldap.xml&id=0"); $tab_array[] = array(gettext("Groups"), false, "/pkg.php?xml=dansguardian_groups.xml&id=0"); $tab_array[] = array(gettext("Users"), false, "/pkg.php?xml=dansguardian_users.xml&id=0"); $tab_array[] = array(gettext("IPs"), false, "/pkg.php?xml=dansguardian_ips.xml&id=0"); diff --git a/config/dansguardian/dansguardian_blacklist.xml b/config/dansguardian/dansguardian_blacklist.xml index a8895342..d95558e6 100644 --- a/config/dansguardian/dansguardian_blacklist.xml +++ b/config/dansguardian/dansguardian_blacklist.xml @@ -69,6 +69,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardian_config.xml b/config/dansguardian/dansguardian_config.xml index 11a34434..0c14a7bb 100644 --- a/config/dansguardian/dansguardian_config.xml +++ b/config/dansguardian/dansguardian_config.xml @@ -69,6 +69,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> @@ -99,10 +103,10 @@ <type>listtopic</type> </field> <field> - <fielddescr>Auth Plugin</fielddescr> + <fielddescr>Auth Plugins</fielddescr> <fieldname>auth_plugin</fieldname> <description><![CDATA[This option handle the extraction of client usernames from various sources, such as Proxy-Authorisation headers and ident servers, - enabling requests to be handled according to the settings of the user's filter group.]]></description> + enabling requests to be handled according to the settings of the user's filter group]]></description> <type>select</type> <options> <option><name>Proxy-Basic</name><value>/usr/local/etc/dansguardian/authplugins/proxy-basic.conf</value></option> @@ -110,7 +114,7 @@ <option><name>Proxy-Ntlm</name><value>/usr/local/etc/dansguardian/authplugins/proxy-ntlm.conf</value></option> <option><name>Ident</name><value>/usr/local/etc/dansguardian/authplugins/ident.conf</value></option> <option><name>Ip Address</name><value>/usr/local/etc/dansguardian/authplugins/ip.conf</value></option> - <option><name>none</name><value></value></option> + <option><name>none</name><value>none</value></option> </options> </field> <field> @@ -198,7 +202,7 @@ </field> <field> <fielddescr>CA</fielddescr> - <fieldname>ca</fieldname> + <fieldname>dca</fieldname> <description><![CDATA[Select Certificate Authority to use when SSL filtering is enabled on Group options<br> To create a CA on pfsense, go to <strong>system -> Cert Manager<strong>]]></description> <type>select_source</type> @@ -208,7 +212,7 @@ </field> <field> <fielddescr>Cert</fielddescr> - <fieldname>cert</fieldname> + <fieldname>dcert</fieldname> <description><![CDATA[Select Certificate pair to use when SSL filtering is enabled on Group options<br> To create a Certificate on pfsense, go to <strong>system -> Cert Manager<strong>]]></description> <type>select_source</type> diff --git a/config/dansguardian/dansguardian_groups.xml b/config/dansguardian/dansguardian_groups.xml index 4849126d..96429567 100755 --- a/config/dansguardian/dansguardian_groups.xml +++ b/config/dansguardian/dansguardian_groups.xml @@ -67,6 +67,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> <active/> @@ -101,7 +105,10 @@ <fielddescr>Group mode</fielddescr> <fieldname>mode</fieldname> </columnitem> - + <columnitem> + <fielddescr>Reporting level</fielddescr> + <fieldname>reportinglevel</fieldname> + </columnitem> <columnitem> <fielddescr>Description</fielddescr> <fieldname>description</fieldname> @@ -148,7 +155,6 @@ <multiple/> <size>10</size> </field> - <field> <fielddescr>Pics</fielddescr> <fieldname>picsacl</fieldname> @@ -244,7 +250,8 @@ If defined, this overrides the global setting in dansguardian.conf for members of this filter group.]]></description> <type>select</type> <options> - <option><name>Use HTML template file (accessdeniedaddress ignored) - recommended</name><value>3</value></option> + <option><name>Use General log option selected on Report and log - recommended</name><value>global</value></option> + <option><name>Use HTML template file (accessdeniedaddress ignored)</name><value>3</value></option> <option><name>Report fully</name><value>2</value></option> <option><name>Report why but not what denied phrase</name><value>1</value></option> <option><name>Just say 'Access Denied'</name><value>0</value></option> @@ -252,6 +259,15 @@ </options> </field> <field> + <fielddescr>Access Denied cgi</fielddescr> + <fieldname>reportingcgi</fieldname> + <description><![CDATA[While using Report Level (report fully) or (Report why but not what denied phrase), specify here the url link to your access denied cgi script + ex:http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl]]></description> + <type>input</type> + <size>70</size> + </field> + + <field> <fielddescr>Weighted phrase mode</fielddescr> <fieldname>weightedphrasemode</fieldname> <description><![CDATA[IMPORTANT: Note that setting this to "0" turns off all features which extract phrases from page content, @@ -318,6 +334,15 @@ <type>input</type> <size>10</size> </field> + <field> + <fielddescr>Temporary Denied Page Bypass Secret Key</fielddescr> + <fieldname>bypasskey</fieldname> + <description><![CDATA[If not empty, rather than generating a random key you can specify one. It must be more than 8 chars.<br> + Ex1:Mary had a little lamb.<br> + Ex2:76b42abc1cd0fdcaf6e943dcbc93b826]]></description> + <type>input</type> + <size>70</size> + </field> <field> <fielddescr>Infection/Scan Error Bypass</fielddescr> <fieldname>infectionbypass</fieldname> @@ -328,6 +353,32 @@ <type>input</type> <size>10</size> </field> + <field> + <name>LDAP</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>LDAP</fielddescr> + <fieldname>ldap</fieldname> + <description><![CDATA[Select Active directory servers to extract users from<br> + The group must has the same name in dansguardian and on active directory<br> + <strong>This is not aplicable for default group</strong>]]></description> + <type>select_source</type> + <size>05</size> + <multiple/> + <source><![CDATA[$config['installedpackages']['dansguardianldap']['config']]]></source> + <source_name>dc</source_name> + <source_value>dc</source_value> + </field> + <field> + <fielddescr>Update frequency</fielddescr> + <fieldname>freq</fieldname> + <description><![CDATA[How often extract users from active directory and verify changes<br> + Valid options are minutes(m), hours(h)<br> + Sample: To update every two minute, use 2m]]></description> + <type>input</type> + <size>05</size> + </field> </fields> <custom_php_install_command> dansguardian_php_install_command(); diff --git a/config/dansguardian/dansguardian_ips_header.xml b/config/dansguardian/dansguardian_ips_header.xml index 2029fabf..33e50332 100644 --- a/config/dansguardian/dansguardian_ips_header.xml +++ b/config/dansguardian/dansguardian_ips_header.xml @@ -67,6 +67,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardian_ldap.php b/config/dansguardian/dansguardian_ldap.php new file mode 100644 index 00000000..c02289ac --- /dev/null +++ b/config/dansguardian/dansguardian_ldap.php @@ -0,0 +1,149 @@ +#!/usr/local/bin/php -f +<?php + +// based on http://samjlevy.com/2011/02/using-php-and-ldap-to-list-of-members-of-an-active-directory-group/ +// pfsense integration by marcelloc and ccesario +/* $Id$ */ +/* ========================================================================== */ +/* + dansguardian_ldap.php + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 Marcello Coutinho + + All rights reserved. +*/ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + +require_once("/etc/inc/util.inc"); +require_once("/etc/inc/functions.inc"); +require_once("/etc/inc/pkg-utils.inc"); +require_once("/etc/inc/globals.inc"); + +function explode_dn($dn, $with_attributes=0) +{ + $result = ldap_explode_dn($dn, $with_attributes); + if (is_array($result)) + foreach($result as $key => $value) { + $result[$key] = $value; + } + return $result; +} + +function get_ldap_members($group,$user,$password) { + global $ldap_host; + global $ldap_dn; + $LDAPFieldsToFind = array("member"); + $ldap = ldap_connect($ldap_host) or die("Could not connect to LDAP"); + + // OPTIONS TO AD + ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION,3); + ldap_set_option($ldap, LDAP_OPT_REFERRALS,0); + + ldap_bind($ldap, $user, $password) or die("Could not bind to LDAP"); + + $results = ldap_search($ldap,$ldap_dn,"cn=" . $group,$LDAPFieldsToFind); + + $member_list = ldap_get_entries($ldap, $results); + $group_member_details = array(); + if (is_array($member_list[0])) + foreach($member_list[0] as $list) + if (is_array($list)) + foreach($list as $member) { + $member_dn = explode_dn($member); + $member_cn = str_replace("CN=","",$member_dn[0]); + $member_search = ldap_search($ldap, $ldap_dn, "(CN=" . $member_cn . ")"); + $member_details = ldap_get_entries($ldap, $member_search); + $group_member_details[] = array($member_details[0]['samaccountname'][0], + $member_details[0]['displayname'][0]); + } + ldap_close($ldap); + array_shift($group_member_details); + return $group_member_details; + ldap_unbind($ldap); +} + +// Read Pfsense config +global $config,$g; + +#mount filesystem writable +conf_mount_rw(); + +$id=0; +$apply_config=0; +if (is_array($config['installedpackages']['dansguardiangroups']['config'])) + foreach($config['installedpackages']['dansguardiangroups']['config'] as $group) { + #ignore default group + if ($id > 0) + if ($argv[1] == "" || $argv[1] == $group['name']){ + $members=""; + $ldap_servers= explode (',',$group['ldap']); + echo "Group : " . $group['name']."\n"; + if (is_array($config['installedpackages']['dansguardianldap']['config'])) + foreach ($config['installedpackages']['dansguardianldap']['config'] as $server){ + if (in_array($server['dc'],$ldap_servers)){ + $ldap_dn = $server['dn']; + $ldap_host=$server['dc']; + $mask=(empty($server['mask'])?"USER":$server['mask']); + $result = get_ldap_members($group['name'],$server['username'].','.$server['dn'],$server['password']); + foreach($result as $key => $value) { + if (preg_match ("/\w+/",$value[0])){ + #var_dump($value); + $name= preg_replace('/[^(\x20-\x7F)]*/','', $value[1]); + $pattern[0]="/USER/"; + $pattern[1]="/,/"; + $pattern[2]="/NAME/"; + $replace[0]=$value[0]; + $replace[1]="\n"; + $replace[2]="$name"; + $members .= preg_replace($pattern,$replace,$mask)."\n"; + } + } + } + } + if (!empty($members)){ + $import_users = explode("\n", $members); + asort($import_users); + $members=base64_encode(implode("\n", $import_users)); + if($config['installedpackages']['dansguardianusers']['config'][0][strtolower($group['name'])] != $members){ + $config['installedpackages']['dansguardianusers']['config'][0][strtolower($group['name'])] = $members; + $apply_config++; + } + } + } + $id++; + } +if ($apply_config > 0){ + print "user list from LDAP is different from current group, applying new configuration..."; + write_config(); + include("/usr/local/pkg/dansguardian.inc"); + sync_package_dansguardian(); + print "done\n"; +} + +#mount filesystem read-only +conf_mount_ro(); + +?>
\ No newline at end of file diff --git a/config/dansguardian/dansguardian_ldap.xml b/config/dansguardian/dansguardian_ldap.xml new file mode 100755 index 00000000..3411f483 --- /dev/null +++ b/config/dansguardian/dansguardian_ldap.xml @@ -0,0 +1,171 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* ========================================================================== */ +/* + dansguardian_ldap.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 Marcello Coutinho + + All rights reserved. +*/ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>dansguardianldap</name> + <version>1.0</version> + <title>Services: Dansguardian</title> + <include_file>/usr/local/pkg/dansguardian.inc</include_file> + <tabs> + <tab> + <text>Daemon</text> + <url>/pkg_edit.php?xml=dansguardian.xml&id=0</url> + </tab> + <tab> + <text>General</text> + <url>/pkg_edit.php?xml=dansguardian_config.xml&id=0</url> + </tab> + <tab> + <text>Limits</text> + <url>/pkg_edit.php?xml=dansguardian_limits.xml&id=0</url> + </tab> + <tab> + <text>Blacklist</text> + <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> + </tab> + <tab> + <text>Access Lists</text> + <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + </tab> + <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + <active/> + </tab> + <tab> + <text>Groups</text> + <url>/pkg.php?xml=dansguardian_groups.xml</url> + </tab> + <tab> + <text>Users</text> + <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + </tab> + <tab> + <text>IPs</text> + <url>/pkg_edit.php?xml=dansguardian_ips.xml</url> + </tab> + <tab> + <text>Report and log</text> + <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> + </tab> + <tab> + <text>XMLRPC Sync</text> + <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> + </tab> + <tab> + <text>Help</text> + <url>/dansguardian_about.php</url> + </tab> +</tabs> +<adddeleteeditpagefields> + <columnitem> + <fielddescr>hostname</fielddescr> + <fieldname>dc</fieldname> + </columnitem> + <columnitem> + <fielddescr>domain</fielddescr> + <fieldname>dn</fieldname> + </columnitem> + + <columnitem> + <fielddescr>username</fielddescr> + <fieldname>username</fieldname> + </columnitem> + </adddeleteeditpagefields> + <fields> + <field> + <name>Ldap configuration</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Hostname</fielddescr> + <description><![CDATA[LDAP hostname example:<strong>dc1.mysite.com</strong>]]></description> + <fieldname>dc</fieldname> + <type>input</type> + <size>25</size> + </field> + <field> + <fielddescr>Domain</fielddescr> + <description><![CDATA[LDAP Domain example:<strong> dc=mysite,dc=com</strong>]]></description> + <fieldname>dn</fieldname> + <type>input</type> + <size>25</size> + </field> + <field> + <fielddescr>Username</fielddescr> + <description><![CDATA[Username Example:<strong>cn=antispam,cn=Users</strong>]]></description> + <fieldname>username</fieldname> + <type>input</type> + <size>25</size> + </field> + <field> + <fielddescr>Password</fielddescr> + <description><![CDATA[User password]]></description> + <fieldname>password</fieldname> + <type>password</type> + <size>10</size> + </field> + <field> + <fielddescr>mask</fielddescr> + <description><![CDATA[Default: USER<br>Apply prefix or sufix any info to username extracted.<br> + use "," if you need more than one mask for each user<br> + <strong>domain\USER #NAME,USER@MYDOMAIN.COM</strong><br> + NAME shows user name<br> + USER shows user login<br>]]></description> + <fieldname>mask</fieldname> + <type>input</type> + <size>50</size> + </field> + </fields> + <custom_php_install_command> + dansguardian_php_install_command(); + </custom_php_install_command> + <custom_php_deinstall_command> + dansguardian_php_deinstall_command(); + </custom_php_deinstall_command> + <custom_php_validation_command> + dansguardian_validate_input($_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> + sync_package_dansguardian(); + </custom_php_resync_config_command> +</packagegui>
\ No newline at end of file diff --git a/config/dansguardian/dansguardian_limits.xml b/config/dansguardian/dansguardian_limits.xml index eef24d52..4974bc7d 100644 --- a/config/dansguardian/dansguardian_limits.xml +++ b/config/dansguardian/dansguardian_limits.xml @@ -69,6 +69,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardian_log.xml b/config/dansguardian/dansguardian_log.xml index 3a0f241e..a9b9d0e9 100644 --- a/config/dansguardian/dansguardian_log.xml +++ b/config/dansguardian/dansguardian_log.xml @@ -68,6 +68,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> @@ -110,6 +114,14 @@ <option><name>Just say 'Access Denied'</name><value>0</value></option> <option><name>Log but do not block - Stealth mode</name><value>-1</value></option> </options> + </field> + <field> + <fielddescr>Access Denied cgi</fielddescr> + <fieldname>reportingcgi</fieldname> + <description><![CDATA[While using Report Level (report fully) or (Report why but not what denied phrase), specify here the url link to your access denied cgi script + ex:http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl]]></description> + <type>input</type> + <size>70</size> </field> <field> <fielddescr>Report Language</fielddescr> diff --git a/config/dansguardian/dansguardian_rc.template b/config/dansguardian/dansguardian_rc.template new file mode 100755 index 00000000..580fb835 --- /dev/null +++ b/config/dansguardian/dansguardian_rc.template @@ -0,0 +1,35 @@ +#!/bin/sh +# $FreeBSD: ports/www/dansguardian-devel/files/dansguardian.in,v 1.6 2012/01/14 08:57:12 dougb Exp $ + +# PROVIDE: dansguardian +# REQUIRE: NETWORKING SERVERS squid +# KEYWORD: shutdown + +# Define these dansguardian_* variables in one of these files: +# /etc/rc.conf +# /etc/rc.conf.local +# /etc/rc.conf.d/dansguardian +# +# DO YEST CHANGE THESE DEFAULT VALUES HERE +# +# dansguardian_enable="YES" +# dansguardian_flags="<set as needed>" +sysctl kern.ipc.somaxconn=16384 +sysctl kern.maxfiles=131072 +sysctl kern.maxfilesperproc=104856 +sysctl kern.threads.max_threads_per_proc=4096 + +dansguardian_enable=${dansguardian_enable:-"YES"} +dansguardian_pidfile=${dansguardian_pidfile:-"/var/run/dansguardian.pid"} + +. /etc/rc.subr + +name="dansguardian" +rcvar=dansguardian_enable +command="/usr/local/sbin/${name}" + +load_rc_config $name + +pidfile="${dansguardian_pidfile}" + +run_rc_command "$1" diff --git a/config/dansguardian/dansguardian_sync.xml b/config/dansguardian/dansguardian_sync.xml index c041f398..f91eae6a 100755 --- a/config/dansguardian/dansguardian_sync.xml +++ b/config/dansguardian/dansguardian_sync.xml @@ -67,6 +67,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardian_users_header.xml b/config/dansguardian/dansguardian_users_header.xml index 70edb5fe..1f15a610 100644 --- a/config/dansguardian/dansguardian_users_header.xml +++ b/config/dansguardian/dansguardian_users_header.xml @@ -67,6 +67,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardianfx.conf.template b/config/dansguardian/dansguardianfx.conf.template index d420871f..c827cfe4 100644 --- a/config/dansguardian/dansguardianfx.conf.template +++ b/config/dansguardian/dansguardianfx.conf.template @@ -268,8 +268,8 @@ deepurlanalysis = {$dansguardian_groups['deepurlanalysis']} # # If defined, this overrides the global setting in dansguardian.conf for # members of this filter group. -# -#reportinglevel = {$dansguardian_groups['reportinglevel']} +# reportinglevel = 3 +{$groupreportinglevel} # accessdeniedaddress is the address of your web server to which the cgi # dansguardian reporting script was copied. Only used in reporting levels @@ -284,8 +284,8 @@ deepurlanalysis = {$dansguardian_groups['deepurlanalysis']} # # If defined, this overrides the global setting in dansguardian.conf for # members of this filter group. -# -#accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl' +# accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl' +{$groupaccessdeniedaddress} # HTML Template override # If defined, this specifies a custom HTML template file for members of this @@ -376,7 +376,7 @@ sslcertcheck = {$dansguardian_groups['sslcertcheck']} # Forge ssl certificates for all sites, decrypt the data then re encrypt it # using a different private key. Used to filter ssl sites sslmitm = {$dansguardian_groups['sslmitm']} -mitmkey = '{$dansguardian_groups['mitmkey']}' +#mitmkey = '{$dansguardian_groups['mitmkey']}' EOF; diff --git a/config/filemgr/rbfminc/download.tmp b/config/filemgr/rbfminc/download.tmp index 232e90d0..badc6d19 100644 --- a/config/filemgr/rbfminc/download.tmp +++ b/config/filemgr/rbfminc/download.tmp @@ -1,22 +1,49 @@ <?php -include "config.php"; -include "session.php"; - -if($user_login == 'ok'){ - - include "functions.php"; - - $_GET['file_name'] = urldecode($_GET['file_name']); - $_GET['p'] = urldecode($_GET['p']); - +include_once("auth.inc"); +include "functions.php"; +//Set the cache policy +ob_end_clean(); +header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); +header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0"); +header("Cache-Control: post-check=0, pre-check=0", false); +header("Pragma: no-cache"); +//Gets the parameters +$_GET['file_name'] = urldecode($_GET['file_name']); +$_GET['p'] = urldecode($_GET['p']); +//Check Authentication +$candownload = false; +if (function_exists("session_auth")) + {//pfSense 2.X + $candownload = session_auth();} +else + {//pfSense 1.2.3 + $candownload = htpasswd_backed_basic_auth();} +if ($candownload) +{ if($_GET['file_name'] and $_GET['p']){ - if(file_exists($_GET['p'].$_GET['file_name'])){ - $file = file_get_contents($_GET['p'].$_GET['file_name']); - $type = wp_check_filetype($_GET['file_name']); - header('Content-type: {$type[type]}'); + $filepath = $_GET['p'].$_GET['file_name']; + if(file_exists($filepath)){ + $type = wp_check_filetype($_GET['file_name']); + header('Content-type: ' . $type[$_GET['file_name']]); header('Content-Disposition: attachment; filename="'.$_GET['file_name'].'"'); - echo $file; + header('Content-Length: ' . filesize($filepath)); + header('Last-Modified: '.gmdate('D, d M Y H:i:s', filemtime($filepath)).' GMT', true, 200); + flush(); + readfile($filepath); + exit; } + else + { + echo("File not found"); + } + } + else + { + echo("File Unknown"); } } +else +{ + echo("Session Expired"); +} ?>
\ No newline at end of file diff --git a/config/filer/filer.inc b/config/filer/filer.inc index b4512a49..b89553e4 100644 --- a/config/filer/filer.inc +++ b/config/filer/filer.inc @@ -4,8 +4,8 @@ filerinc part of pfSense (http://www.pfSense.com) Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com> - Copyright (C) 2011 Marcello Coutinho - Copyright (C) 2011 Brian Scholer + Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012 Brian Scholer All rights reserved. */ /* ========================================================================== */ @@ -48,30 +48,71 @@ function filer_start() { // reserved } +function filer_text_area_decode($text){ + return preg_replace('/\r\n/', "\n",base64_decode($text)); +} function sync_package_filer() { global $config, $g; + $update_conf=0; + #mount filesystem writeable + conf_mount_rw(); + #loop on configured files if($config['installedpackages']['filer']['config']!="") { + $count=0; foreach($config['installedpackages']['filer']['config'] as $file) { - $fname = $file['fullfile']; - $fdata = str_replace("\r", "", base64_decode($file['filedata'])); - if($file['mod']) { - if(!preg_match("/0?[0-7]{3}/", $file['mod'])) - $mod = 0700; - else - $mod = octdec($file['mod']); - } - conf_mount_rw(); - file_put_contents($fname, $fdata); - if($mod) - chmod($fname, $mod); - conf_mount_ro(); + if ($file['filedata']=="" && file_exists($file['fullfile'])){ + $config['installedpackages']['filer']['config'][$count]['filedata']=base64_encode(file_get_contents($file['fullfile'])); + $file['filedata']=base64_encode(file_get_contents($file['fullfile'])); + $update_conf++; + } + $count++; + if(preg_match("/0?[0-7]{3}/", $file['mod'])) + $mod = octdec($file['mod']); + else + $mod = 0700; + + #write file + file_put_contents($file['fullfile'], filer_text_area_decode($file['filedata']),LOCK_EX); + chmod($file['fullfile'], $mod); + + #check if there is a script to run after file save + if($file['cmd']!= "") + switch ($file['background']){ + case "background": + mwexec_bg($file['cmd']); + break; + case "foreground": + mwexec($file['cmd']); + break; + } + } + + #Write config if any file from filesystem was loaded + if ($update_conf > 0) + write_config(); } + #mount filesystem readonly + conf_mount_ro(); filer_sync_on_changes(); } +function filer_validate_input($post, &$input_errors) { + foreach ($post as $key => $value) { + if (empty($value)) + continue; + if (substr($key, 0, 3) == "mod" && !preg_match("/^0?[0-7]{3}$/", $value)) + $input_errors[] = "{$value} is valid permission number"; + if (substr($key, 0, 11) == "description" && !preg_match("@^[a-zA-Z0-9 _/.-]+$@", $value)) + $input_errors[] = "Do not use special characters on description"; + if (substr($key, 0, 8) == "fullfile" && !preg_match("@^[a-zA-Z0-9_/.-]+$@", $value)) + $input_errors[] = "Do not use special characters on filename"; + + } +} + /* Uses XMLRPC to synchronize the changes to a remote node */ function filer_sync_on_changes() { global $config, $g; diff --git a/config/filer/filer.xml b/config/filer/filer.xml index f772feb2..9196f889 100644 --- a/config/filer/filer.xml +++ b/config/filer/filer.xml @@ -10,6 +10,7 @@ part of pfSense (http://www.pfSense.com) Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com> Copyright (C) 2011 Brian Scholer + Copyright (C) 2012 Marcello Coutinho All rights reserved. */ /* ========================================================================== */ @@ -70,7 +71,6 @@ <tab> <text>XMLRPC Sync</text> <url>/pkg_edit.php?xml=filer_sync.xml</url> - <active/> </tab> </tabs> @@ -90,39 +90,74 @@ </adddeleteeditpagefields> <fields> <field> - <fielddescr>Full path to the file</fielddescr> + <type>listtopic</type> + <fieldname>temp</fieldname> + <name>File configuration</name> + </field> + <field> + <fielddescr>File</fielddescr> <fieldname>fullfile</fieldname> <type>input</type> + <size>60</size> + <description>Enter Full file path</description> <required/> </field> <field> - <fielddescr>Permissions</fielddescr> - <fieldname>mod</fieldname> - <type>input</type> - <description>Blank leaves the permissions alone.</description> - </field> - <field> <fielddescr>Description</fielddescr> <fieldname>description</fieldname> <description>Enter a description for this file.</description> <type>input</type> + <size>60</size> + </field> + <field> + <fielddescr>Permissions</fielddescr> + <fieldname>mod</fieldname> + <type>input</type> + <size>10</size> + <description><![CDATA[Enter file permission you want on this file<br>Blank leaves the permissions alone.]]></description> </field> <field> <fielddescr>File Contents</fielddescr> <fieldname>filedata</fieldname> - <description>Paste the files contents here.</description> + <description>Leave blank to load an existing file from file system or paste the file content you want to save.</description> <type>textarea</type> <encoding>base64</encoding> - <cols>60</cols> - <rows>30</rows> + <cols>75</cols> + <rows>25</rows> <required/> </field> + <field> + <type>listtopic</type> + <fieldname>temp</fieldname> + <name>cmd to run after file save/sync</name> + </field> + <field> + <fielddescr>script</fielddescr> + <fieldname>cmd</fieldname> + <description>Enter script or cmd to run after file save/sync</description> + <type>input</type> + <size>60</size> + </field> + <field> + <fielddescr>execute mode</fielddescr> + <fieldname>background</fieldname> + <type>select</type> + <options> + <option><name>Background (default)</name><value>background</value></option> + <option><name>Foreground</name><value>foreground</value></option> + <option><name>Do not run this script</name><value>disabled</value></option> + </options> + <description>Choose the way script will run.</description> + </field> </fields> <custom_php_install_command> filer_install(); </custom_php_install_command> <custom_php_command_before_form> </custom_php_command_before_form> + <custom_php_validation_command> + filer_validate_input($_POST, &$input_errors); + </custom_php_validation_command> <custom_delete_php_command> sync_package_filer(); </custom_delete_php_command> diff --git a/config/filer/filer_sync.xml b/config/filer/filer_sync.xml index ae8e48ba..c51bae86 100644 --- a/config/filer/filer_sync.xml +++ b/config/filer/filer_sync.xml @@ -9,8 +9,8 @@ filer_sync.xml part of pfSense (http://www.pfSense.com) Copyright (C) 2008 Scott Ullrich <sullrich@gmail.com> - Copyright (C) 2011 Marcello Coutinho Copyright (C) 2011 Brian Scholer + Copyright (C) 2012 Marcello Coutinho All rights reserved. */ /* ========================================================================== */ @@ -50,7 +50,6 @@ <tab> <text>Files</text> <url>/pkg.php?xml=filer.xml</url> - <active/> </tab> <tab> <text>XMLRPC Sync</text> diff --git a/config/freeradius2/freeradius.inc b/config/freeradius2/freeradius.inc index ac65ed88..35566e22 100644 --- a/config/freeradius2/freeradius.inc +++ b/config/freeradius2/freeradius.inc @@ -149,7 +149,15 @@ function freeradius_install_command() { function freeradius_settings_resync() { global $config; $conf = ''; - + + // We do some checks of some folders which will be deleted after reboot on nanobsd systems + if (!file_exists("/var/log/radacct/")) { exec("mkdir /var/log/radacct"); } + if (!file_exists("/var/log/radacct/datacounter/")) { exec("mkdir /var/log/radacct/datacounter && mkdir /var/log/radacct/datacounter/daily && mkdir /var/log/radacct/datacounter/weekly && mkdir /var/log/radacct/datacounter/monthly && mkdir /var/log/radacct/datacounter/forever"); } + if (!file_exists("/var/log/radacct/timecounter/")) { exec("mkdir /var/log/radacct/timecounter"); } + if (!file_exists("/var/log/radutmp")) { exec("touch /var/log/radutmp"); } + if (!file_exists("/var/log/radwtmp")) { exec("touch /var/log/radwtmp"); } + if (!file_exists("/var/log/radacct/")) { exec("chown -R root:wheel /var/log/radacct"); } + $varsettings = $config['installedpackages']['freeradiussettings']['config'][0]; // Variables: General configuration @@ -2457,7 +2465,7 @@ else { return; } // Read-only because of embedded systems -conf_mount_r0(); +conf_mount_ro(); } //end of function // ##### The following part is based on the code of pfblocker ##### @@ -2472,22 +2480,24 @@ function freeradius_sync_on_changes() { return; } - log_error("freeRADIUS is starting XMLRPC process (freeradius_do_xmlrpc_sync)."); + log_error("FreeRADIUS: Starting XMLRPC process (freeradius_do_xmlrpc_sync)."); // if checkbox is checked get IP and password of the destination hosts foreach ($config['installedpackages']['freeradiussync']['config'] as $rs ){ foreach($rs['row'] as $sh){ - $sync_to_ip = $sh['varsyncipaddress']; - $password = $sh['varsyncpassword']; - if($password && $sync_to_ip) - freeradius_do_xmlrpc_sync($sync_to_ip, $password); + $varsyncprotocol = $sh['varsyncprotocol']; + $sync_to_ip = $sh['varsyncipaddress']; + $password = $sh['varsyncpassword']; + $varsyncport = $sh['varsyncport']; + if($password && $sync_to_ip && $varsyncport && $varsyncprotocol) + freeradius_do_xmlrpc_sync($sync_to_ip, $password, $varsyncport, $varsyncprotocol); } } - log_error("freeRADIUS has finished XMLRPC process (freeradius_do_xmlrpc_sync)."); + log_error("FreeRADIUS: Finished XMLRPC process (freeradius_do_xmlrpc_sync)."); } /* Do the actual XMLRPC sync */ -function freeradius_do_xmlrpc_sync($sync_to_ip, $password) { +function freeradius_do_xmlrpc_sync($sync_to_ip, $password, $varsyncport, $varsyncprotocol) { global $config, $g; if(!$password) @@ -2496,20 +2506,16 @@ function freeradius_do_xmlrpc_sync($sync_to_ip, $password) { if(!$sync_to_ip) return; + if(!$varsyncport) + return; + + if(!$varsyncprotocol) + return; + // Check and choose correct protocol type, port number and IP address - $xmlrpc_sync_neighbor = $sync_to_ip; - if($config['system']['webgui']['protocol'] != "") { - $synchronizetoip = $config['system']['webgui']['protocol']; - $synchronizetoip .= "://"; - } - $port = $config['system']['webgui']['port']; - /* if port is empty lets rely on the protocol selection */ - if($port == "") { - if($config['system']['webgui']['protocol'] == "http") - $port = "80"; - else - $port = "443"; - } + $synchronizetoip .= "$varsyncprotocol" . '://'; + $port = "$varsyncport"; + $synchronizetoip .= $sync_to_ip; /* xml will hold the sections to sync */ @@ -2526,27 +2532,27 @@ function freeradius_do_xmlrpc_sync($sync_to_ip, $password) { /* set a few variables needed for sync code borrowed from filter.inc */ $url = $synchronizetoip; - log_error("Beginning freeRADIUS XMLRPC sync with {$url}:{$port}."); + log_error("FreeRADIUS: Beginning FreeRADIUS XMLRPC sync with {$url}:{$port}."); $method = 'pfsense.merge_installedpackages_section_xmlrpc'; $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials('admin', $password); if($g['debug']) $cli->setDebug(1); - /* send our XMLRPC message and timeout after 250 seconds */ - $resp = $cli->send($msg, "250"); + /* send our XMLRPC message and timeout after 150 seconds */ + $resp = $cli->send($msg, "150"); if(!$resp) { - $error = "A communications error occurred while freeRADIUS was attempting XMLRPC sync with {$url}:{$port}."; - log_error($error); + $error = "A communications error occurred while FreeRADIUS was attempting XMLRPC sync with {$url}:{$port}."; + log_error("FreeRADIUS: $error"); file_notice("sync_settings", $error, "freeradius Settings Sync", ""); } elseif($resp->faultCode()) { $cli->setDebug(1); - $resp = $cli->send($msg, "250"); - $error = "An error code was received while freeRADIUS XMLRPC was attempting to sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); - log_error($error); + $resp = $cli->send($msg, "150"); + $error = "An error code was received while FreeRADIUS XMLRPC was attempting to sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error("FreeRADIUS: $error"); file_notice("sync_settings", $error, "freeradius Settings Sync", ""); } else { - log_error("freeRADIUS XMLRPC has synced data successfully with {$url}:{$port}."); + log_error("FreeRADIUS: XMLRPC has synced data successfully with {$url}:{$port}."); } /* tell freeradius to reload our settings on the destionation sync host. */ @@ -2561,23 +2567,23 @@ function freeradius_do_xmlrpc_sync($sync_to_ip, $password) { XML_RPC_encode($execcmd) ); - log_error("freeRADIUS XMLRPC is reloading data on {$url}:{$port}."); + log_error("FreeRADIUS XMLRPC is reloading data on {$url}:{$port}."); $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials('admin', $password); - $resp = $cli->send($msg, "250"); + $resp = $cli->send($msg, "150"); if(!$resp) { - $error = "A communications error occurred while freeRADIUS was attempting XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; + $error = "A communications error occurred while FreeRADIUS was attempting XMLRPC sync with {$url}:{$port} (exec_php)."; log_error($error); file_notice("sync_settings", $error, "freeradius Settings Sync", ""); } elseif($resp->faultCode()) { $cli->setDebug(1); - $resp = $cli->send($msg, "250"); - $error = "An error code was received while freeRADIUS XMLRPC was attempting to sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + $resp = $cli->send($msg, "150"); + $error = "An error code was received while FreeRADIUS XMLRPC was attempting to sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); log_error($error); file_notice("sync_settings", $error, "freeradius Settings Sync", ""); } else { - log_error("freeRADIUS XMLRPC has reloaded data successfully on {$url}:{$port} (pfsense.exec_php)."); + log_error("FreeRADIUS: XMLRPC has reloaded data successfully on {$url}:{$port} (exec_php)."); } } @@ -2592,7 +2598,7 @@ function freeradius_all_after_XMLRPC_resync() { freeradius_authorizedmacs_resync(); freeradius_clients_resync(); - log_error("freeRADIUS has finished XMLRPC process. It should be OK. For more information look at the host which started sync."); + log_error("FreeRADIUS: Finished XMLRPC process. It should be OK. For more information look at the host which started sync."); exec("/usr/local/etc/rc.d/radiusd onerestart"); } @@ -4013,15 +4019,25 @@ function freeradius_datacounter_auth_resync() { #!/bin/sh ### USAGE: datacounter_auth.sh USERNAME TIMERANGE ### We need this parameters from freeradius users file and ../raddb/modules/datacounter_acct -USERNAME=`echo -n "\\$1" | sed 's/[^0-9a-zA-Z._-]/X/g' ` +USERNAME=`echo -n "\\$1" | sed 's/[^0-9a-zA-Z._:-]/X/g' ` TIMERANGE=`echo -n "\\$2" | sed 's/[^a-z]//g' ` + +### This is to make sure there is a used-octets file after the cronjob resetted the counter +if [ -e "/var/log/radacct/datacounter/\$TIMERANGE/max-octets-\$USERNAME" ] && [ ! -e "/var/log/radacct/datacounter/\$TIMERANGE/used-octets-\$USERNAME" ]; then + echo 0 > "/var/log/radacct/datacounter/\$TIMERANGE/used-octets-\$USERNAME" +fi + +### The next two lines are just for getting values for logging output +MAXOCTETSUSERNAMEMB=$((`cat "/var/log/radacct/datacounter/\$TIMERANGE/max-octets-\$USERNAME"`/1024/1024)) +USEDOCTETSUSERNAMEMB=$((`cat "/var/log/radacct/datacounter/\$TIMERANGE/used-octets-\$USERNAME"`/1024/1024)) + ### We check if MAX-OCTETS-USERNAME is greater than USED-OCTETS-USERNAME and accept or reject the user if [ `cat "/var/log/radacct/datacounter/\$TIMERANGE/max-octets-\$USERNAME"` -gt `cat "/var/log/radacct/datacounter/\$TIMERANGE/used-octets-\$USERNAME"` ]; then + logger -f /var/log/system.log "FreeRADIUS: Used amount of \$TIMERANGE traffic by \$USERNAME is \$USEDOCTETSUSERNAMEMB of \$MAXOCTETSUSERNAMEMB MB! The user was accepted!!!" exit 0 else - MAXOCTETSUSERNAMEMB=$((`cat "/var/log/radacct/datacounter/\$TIMERANGE/max-octets-\$USERNAME"`/1024/1024)) - logger -f /var/log/system.log "FreeRADIUS: Credentials are probably correct but the user \$USERNAME has reached the \$TIMERANGE Amount of Upload and Download Traffic which is \$MAXOCTETSUSERNAMEMB MB! The user was rejected!!!" + logger -f /var/log/system.log "FreeRADIUS: Credentials are probably correct but the user \$USERNAME has reached the \$TIMERANGE Amount of Upload and Download Traffic which is \$USEDOCTETSUSERNAMEMB of \$MAXOCTETSUSERNAMEMB MB! The user was rejected!!!" exit 99 fi EOD; @@ -4042,7 +4058,7 @@ function freeradius_datacounter_acct_resync() { #!/bin/sh ### USAGE: datacounter_acct.sh USERNAME TIMERANGE ACCTINPUTOCTETS ACCTOUTPUTOCTETS ### We need this from an Accounting-Request packet to count the octets -USERNAME=`echo -n "\\$1" | sed 's/[^0-9a-zA-Z._-]/X/g' ` +USERNAME=`echo -n "\\$1" | sed 's/[^0-9a-zA-Z.:_-]/X/g' ` TIMERANGE=`echo -n "\\$2" | sed 's/[^a-z]//g' ` ACCTINPUTOCTETS=`echo -n "\\$3" | sed 's/[^0-9]/0/g' ` ACCTOUTPUTOCTETS=`echo -n "\\$4" | sed 's/[^0-9]/0/g' ` @@ -4055,12 +4071,19 @@ if [ ! \$ACCTOUTPUTOCTETS ]; then ACCTOUTPUTOCTETS=0 fi -### We only write this to file if username exists +### We only write this to the file if username exists ### If all counters are activated (daily, weekly, monthly, forever) we need to check which is active for the user if [ ! -e "/var/log/radacct/datacounter/\$TIMERANGE/max-octets-\$USERNAME" ]; then exit 0 else + ### If no used-octets file exist then we assume that it was deleted by cron job and we need to create a new file starting from zero + if [ ! -e "/var/log/radacct/datacounter/\$TIMERANGE/used-octets-\$USERNAME" ]; then + echo 0 > "/var/log/radacct/datacounter/\$TIMERANGE/used-octets-\$USERNAME" + fi +### The following two lines (chose the one or the other) are a bad workaround to make accounting accurate with stop/start accounting on pfsense 2.0.1 - it only works if the session will not be interrupted (host disconnects) +### USEDOCTETS=\$((\$ACCTINPUTOCTETS+\$ACCTOUTPUTOCTETS)) USEDOCTETS=\$((\$ACCTINPUTOCTETS+\$ACCTOUTPUTOCTETS+`cat "/var/log/radacct/datacounter/\$TIMERANGE/used-octets-\$USERNAME"`)) + echo "\$USEDOCTETS" > "/var/log/radacct/datacounter/\$TIMERANGE/used-octets-\$USERNAME" exit 0 fi diff --git a/config/freeradius2/freeradius.xml b/config/freeradius2/freeradius.xml index fbd47013..4cdea6c3 100644 --- a/config/freeradius2/freeradius.xml +++ b/config/freeradius2/freeradius.xml @@ -209,13 +209,13 @@ <field> <fielddescr>Username</fielddescr> <fieldname>varusersusername</fieldname> - <description><![CDATA[Enter the username. Whitespace is possible. If you do not want to use username/password but custom options then leave this empty.]]></description> + <description><![CDATA[Enter the username. Whitespace is possible. If you do not want to use username/password but custom options then leave this field empty.]]></description> <type>input</type> </field> <field> <fielddescr>Password</fielddescr> <fieldname>varuserspassword</fieldname> - <description><![CDATA[Enter the password for this username. If you do not want to use username/password but custom options then leave this empty.]]></description> + <description><![CDATA[Enter the password for this username. If you do not want to use username/password but custom options then leave this field empty.]]></description> <type>password</type> </field> <field> @@ -256,13 +256,13 @@ <field> <fielddescr>Number of simultaneous connections</fielddescr> <fieldname>varuserssimultaneousconnect</fieldname> - <description><![CDATA[The maximum of simultaneous connections with this username. If you leave this field empty than there is no limit. If you are using FreeRADIUS with CaptivePortal you should leave this empty.]]></description> + <description><![CDATA[The maximum of simultaneous connections with this username. If you leave this field empty than there is no limit. If you are using FreeRADIUS with CaptivePortal you should leave this empty. Read the documentation!]]></description> <type>input</type> </field> <field> <fielddescr>Redirection URL</fielddescr> <fieldname>varuserswisprredirectionurl</fieldname> - <description><![CDATA[Enter the URL the user should be redirected to after successfull login. (e.g.: http://www.pfsense.org)]]></description> + <description><![CDATA[Enter the URL the user should be redirected to after successfull login. (e.g.: http://www.google.com)]]></description> <type>input</type> </field> <field> @@ -360,13 +360,13 @@ <field> <fielddescr>Amount of Download and Upload Traffic</fielddescr> <fieldname>varusersmaxtotaloctets</fieldname> - <description><![CDATA[Enter the amount of download and upload traffic (summarized) for this user in <b>MegaByte (MB)</b>. There is a bug in CaptivePortal which counts the traffic six times faster than in reality. So if a user should have 1MB of traffic you must calculate 6*1MB.]]></description> + <description><![CDATA[Enter the amount of download and upload traffic (summarized) for this user in <b>MegaByte (MB)</b>. There is a bug in CP which counts the real traffic six times faster. To set a real limit of 100MB you have to enter 600MB here.]]></description> <type>input</type> </field> <field> <fielddescr>Time Period</fielddescr> <fieldname>varusersmaxtotaloctetstimerange</fieldname> - <description><![CDATA[Select the time period for the amount of download and upload traffic.]]></description> + <description><![CDATA[Select the time period for the amount of download and upload traffic. This does not automatically reset the counter. You need to setup a cronjob (with cron package) which will reset the counter. Read the documentation!]]></description> <type>select</type> <default_value>daily</default_value> <options> diff --git a/config/freeradius2/freeradiusauthorizedmacs.xml b/config/freeradius2/freeradiusauthorizedmacs.xml index f9d9abe9..02bf2d2b 100644 --- a/config/freeradius2/freeradiusauthorizedmacs.xml +++ b/config/freeradius2/freeradiusauthorizedmacs.xml @@ -205,7 +205,7 @@ <field> <fielddescr>MAC Address</fielddescr> <fieldname>varmacsaddress</fieldname> - <description><![CDATA[Enter the MAC address.Format must be: 0a-1b-2c-4d-5f-fa<br>If you do not want to use MAC address but custom options then leave this empty.]]></description> + <description><![CDATA[Enter the MAC address.Format must be: 0a-1b-2c-4d-5f-fa<br>If you do not want to use MAC address but custom options then leave this field empty.]]></description> <type>input</type> </field> <field> @@ -215,13 +215,13 @@ <field> <fielddescr>Redirection URL</fielddescr> <fieldname>varmacsswisprredirectionurl</fieldname> - <description><![CDATA[Enter the URL the MAC should be redirected to after successfull login. (e.g.: http://www.pfsense.org)]]></description> + <description><![CDATA[Enter the URL the MAC should be redirected to after successfull login. (e.g.: http://www.google.com)]]></description> <type>input</type> </field> <field> <fielddescr>Number of simultaneous connections</fielddescr> <fieldname>varmacssimultaneousconnect</fieldname> - <description><![CDATA[The maximum of simultaneous connections with this MAC address. If you leave this field empty than there is no limit. If you are using FreeRADIUS with CaptivePortal you should leave this empty.]]></description> + <description><![CDATA[The maximum of simultaneous connections with this MAC address. If you leave this field empty than there is no limit. If you are using FreeRADIUS with CaptivePortal you should leave this empty. Read the documentation!]]></description> <default_value></default_value> <type>input</type> </field> @@ -319,13 +319,13 @@ <field> <fielddescr>Amount of Download and Upload Traffic</fielddescr> <fieldname>varmacsmaxtotaloctets</fieldname> - <description><![CDATA[Enter the amount of download and upload traffic (summarized) for this MAC in <b>MegaByte (MB)</b>. There is a bug in CaptivePortal which counts the traffic six times faster than in reality. So if a user should have 1MB of traffic you must calculate 6*1MB.]]></description> + <description><![CDATA[Enter the amount of download and upload traffic (summarized) for this MAC in <b>MegaByte (MB)</b>. There is a bug in CP which counts the real traffic six times faster. To set a real limit of 100MB you have to enter 600MB here.]]></description> <type>input</type> </field> <field> <fielddescr>Time Period</fielddescr> <fieldname>varmacsmaxtotaloctetstimerange</fieldname> - <description><![CDATA[Select the time period for the amount of download and upload traffic.]]></description> + <description><![CDATA[Select the time period for the amount of download and upload traffic. This does not automatically reset the counter. You need to setup a cronjob (with cron package) which will reset the counter. Read the documentation!]]></description> <type>select</type> <default_value>daily</default_value> <options> diff --git a/config/freeradius2/freeradiuscerts.xml b/config/freeradius2/freeradiuscerts.xml index e3f6365d..21f18643 100644 --- a/config/freeradius2/freeradiuscerts.xml +++ b/config/freeradius2/freeradiuscerts.xml @@ -124,7 +124,7 @@ This page uses the freeradius2 built-in script called "bootstrap" to create CA and certs. The disatvantage of this script is that nothing of your changes will be saved in the global config.xml file. So after a systemcrash or reinstallation of freeradius2 package all your CA and certs will be lost. If you have a backup of all these files on an USB stick or another server than you can copy them back in the freeradius certs folder.<br><br> - <b>The better way is to use the pfsense built-in Cert Manager (SYSTEM-> Cert Manager).</b> The CA-Cert and Server-Cert you created there you just have to choose in EAP. + <b>The better way is to use the firewall's built-in Cert Manager (SYSTEM-> Cert Manager).</b> The CA-Cert and Server-Cert you created there you just have to choose in EAP. The advantage of this is that all your CA and certs will be saved in global config.xml and can be restored.]]></description> <type>input</type> <required/> diff --git a/config/freeradius2/freeradiuseapconf.xml b/config/freeradius2/freeradiuseapconf.xml index b5358c37..ac761523 100644 --- a/config/freeradius2/freeradiuseapconf.xml +++ b/config/freeradius2/freeradiuseapconf.xml @@ -164,26 +164,26 @@ <type>listtopic</type> </field> <field> - <fielddescr>Choose pfSense Cert-Manager</fielddescr> + <fielddescr>Choose Cert-Manager</fielddescr> <fieldname>vareapconfchoosecertmanager</fieldname> <description><![CDATA[Choose your Cert manager. By default it is the freeradius cert manager because the server needs some default certs to start service. For more information take al look at "Certificates"-Tab.<br> - To use the pfsense Cert Manager you have to create a CA and an Server Certificate first. (SYSTEM -> Cert Manager).<br><br> + To use the firewall's built-in Cert Manager you have to create a CA and an Server Certificate first. (SYSTEM -> Cert Manager).<br><br> <b>uncheked</b>: FreeRADIUS Cert-Manager (not recommended) (Default: unchecked)<br> - <b>cheked</b>: pfSense Cert-Manager (recommended)]]></description> + <b>cheked</b>: Firewall Cert-Manager (recommended)]]></description> <type>checkbox</type> <enablefields>ssl_ca_cert,ssl_server_cert,vareapconfenableclientp12</enablefields> </field> <field> <fielddescr>Private Key Password</fielddescr> <fieldname>vareapconfprivatekeypassword</fieldname> - <description><![CDATA[By default the certificates created by freeradius are protected with an "input/ouput" password from reading the certificate. The certificates created by pfSense Cert Manager are not protected so you must leave this field empty. (Default: whatever)]]></description> + <description><![CDATA[By default the certificates created by freeradius are protected with an "input/ouput" password from reading the certificate. The certificates created by the firewall's built-in Cert Manager are not protected so you must leave this field empty. (Default: whatever)]]></description> <type>password</type> <default_value>whatever</default_value> </field> <field> <fielddescr>SSL CA Certificate</fielddescr> <fieldname>ssl_ca_cert</fieldname> - <description><![CDATA[Choose the SSL CA Certficate here which you created with the pfSense Cert Manager.<br> + <description><![CDATA[Choose the SSL CA Certficate here which you created with the firewall's Cert Manager.<br> Choose "none" if you do not use any kind of certificates or the freeradius Cert Manager. (Default: none)]]></description> <type>select_source</type> <source><![CDATA[freeradius_get_ca_certs()]]></source> @@ -193,7 +193,7 @@ <field> <fielddescr>SSL Server Certificate</fielddescr> <fieldname>ssl_server_cert</fieldname> - <description><![CDATA[Choose the SSL Server Certficate here which you created with the pfSense Cert Manager.<br> + <description><![CDATA[Choose the SSL Server Certficate here which you created with the firewall's Cert Manager.<br> Choose "none" if you do not use any kind of certificates or the freeradius Cert Manager. (Default: none)]]></description> <type>select_source</type> <source><![CDATA[freeradius_get_server_certs()]]></source> @@ -210,7 +210,7 @@ <field> <fielddescr>SSL Client Certificate</fielddescr> <fieldname>ssl_client_cert</fieldname> - <description><![CDATA[Choose the SSL Client Certficate here which you created with the pfSense Cert Manager.<br> + <description><![CDATA[Choose the SSL Client Certficate here which you created with the firewall's Cert Manager.<br> Choose "none" if you do not use any kind of certificates or the freeradius Cert Manager. (Default: none)]]></description> <type>select_source</type> <source><![CDATA[freeradius_get_server_certs()]]></source> diff --git a/config/freeradius2/freeradiusmodulesldap.xml b/config/freeradius2/freeradiusmodulesldap.xml index f6619afd..0fa98493 100644 --- a/config/freeradius2/freeradiusmodulesldap.xml +++ b/config/freeradius2/freeradiusmodulesldap.xml @@ -354,7 +354,7 @@ <field> <fielddescr>SSL CA Certificate</fielddescr> <fieldname>ssl_ca_cert1</fieldname> - <description><![CDATA[Choose the SSL CA Certficate here which you created with the pfSense Cert Manager.<br> + <description><![CDATA[Choose the SSL CA Certficate here which you created with the firewall's Cert Manager.<br> Choose "none" if you do not use any kind of certificates or the freeradius Cert Manager. (Default: none)]]></description> <type>select_source</type> <source><![CDATA[freeradius_get_ca_certs()]]></source> @@ -364,7 +364,7 @@ <field> <fielddescr>SSL Server Certificate</fielddescr> <fieldname>ssl_server_cert1</fieldname> - <description><![CDATA[Choose the SSL Server Certficate here which you created with the pfSense Cert Manager.<br> + <description><![CDATA[Choose the SSL Server Certficate here which you created with the firewall's Cert Manager.<br> Choose "none" if you do not use any kind of certificates or the freeradius Cert Manager. (Default: none)]]></description> <type>select_source</type> <source><![CDATA[freeradius_get_server_certs()]]></source> @@ -665,7 +665,7 @@ <field> <fielddescr>SSL CA Certificate</fielddescr> <fieldname>ssl_ca_cert2</fieldname> - <description><![CDATA[Choose the SSL CA Certficate here which you created with the pfSense Cert Manager.<br> + <description><![CDATA[Choose the SSL CA Certficate here which you created with the firewall's Cert Manager.<br> Choose "none" if you do not use any kind of certificates or the freeradius Cert Manager. (Default: none)]]></description> <type>select_source</type> <source><![CDATA[freeradius_get_ca_certs()]]></source> @@ -675,7 +675,7 @@ <field> <fielddescr>SSL Server Certificate</fielddescr> <fieldname>ssl_server_cert2</fieldname> - <description><![CDATA[Choose the SSL Server Certficate here which you created with the pfSense Cert Manager.<br> + <description><![CDATA[Choose the SSL Server Certficate here which you created with the firewall's Cert Manager.<br> Choose "none" if you do not use any kind of certificates or the freeradius Cert Manager. (Default: none)]]></description> <type>select_source</type> <source><![CDATA[freeradius_get_server_certs()]]></source> diff --git a/config/freeradius2/freeradiussettings.xml b/config/freeradius2/freeradiussettings.xml index afa890d4..4bc98723 100644 --- a/config/freeradius2/freeradiussettings.xml +++ b/config/freeradius2/freeradiussettings.xml @@ -323,7 +323,7 @@ <field> <fielddescr>OTP Lifetime</fielddescr> <fieldname>varsettingsmotptimespan</fieldname> - <description><![CDATA[Enter the lifetime of the OTP. 1=10, 2=20s, 3=30s (Default: 2)]]></description> + <description><![CDATA[Enter the lifetime of the OTP. 1=10s, 2=20s, 3=30s (Default: 2)]]></description> <type>input</type> <default_value>2</default_value> </field> diff --git a/config/freeradius2/freeradiussync.xml b/config/freeradius2/freeradiussync.xml index 27f4fe80..334a98f3 100644 --- a/config/freeradius2/freeradiussync.xml +++ b/config/freeradius2/freeradiussync.xml @@ -118,7 +118,8 @@ POSSIBILITY OF SUCH DAMAGE. <fielddescr>Automatically sync freeRADIUS configuration changes?</fielddescr> <fieldname>varsyncenablexmlrpc</fieldname> <description><![CDATA[All changes will be synced immediately to the IPs listed below if this option is checked.<br> - <b>Important:</b> Only <b>Users</b>, <b>MACs</b> and <b>NAS / Clients</b> will be synced.]]></description> + Only <b>Users</b>, <b>MACs</b> and <b>NAS / Clients</b> will be synced.<br> + <b>Important:</b> Only sync from host A to B, A to C but <b>do not</B> enable XMLRPC sync <b>to</b> A. This will result in a loop!]]></description> <type>checkbox</type> </field> <field> @@ -127,14 +128,32 @@ POSSIBILITY OF SUCH DAMAGE. <type>rowhelper</type> <rowhelper> <rowhelperfield> - <fielddescr>Destination IP Address</fielddescr> + <fielddescr>GUI Protocol</fielddescr> + <fieldname>varsyncprotocol</fieldname> + <description><![CDATA[Choose the protocol of the destination host. Probably <b>http</b> or <b>https</b>]]></description> + <type>select</type> + <default_value>HTTP</default_value> + <options> + <option><name>HTTP</name><value>http</value></option> + <option><name>HTTPS</name><value>https</value></option> + </options> + </rowhelperfield> + <rowhelperfield> + <fielddescr>GUI IP-Address</fielddescr> <fieldname>varsyncipaddress</fieldname> <description><![CDATA[IP Address of the destination host.]]></description> <type>input</type> - <size>20</size> + <size>15</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>GUI Port</fielddescr> + <fieldname>varsyncport</fieldname> + <description><![CDATA[Choose the port of the destination host.]]></description> + <type>input</type> + <size>3</size> </rowhelperfield> <rowhelperfield> - <fielddescr>Destination Admin Password</fielddescr> + <fielddescr>GUI Admin Password</fielddescr> <fieldname>varsyncpassword</fieldname> <description><![CDATA[Password of the user "admin" on the destination host.]]></description> <type>password</type> diff --git a/config/haproxy-legacy/haproxy.inc b/config/haproxy-legacy/haproxy.inc new file mode 100644 index 00000000..dfbec28c --- /dev/null +++ b/config/haproxy-legacy/haproxy.inc @@ -0,0 +1,432 @@ +<?php +/* + haproxy.inc + Copyright (C) 2009 Scott Ullrich <sullrich@pfsense.com> + Copyright (C) 2008 Remco Hoef + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +/* include all configuration functions */ +require_once("functions.inc"); +require_once("pkg-utils.inc"); +require_once("notices.inc"); + +$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; + +function haproxy_custom_php_deinstall_command() { + exec("rm /usr/local/sbin/haproxy"); + exec("rm /usr/local/pkg/haproxy.inc"); + exec("rm /usr/local/www/haproxy*"); +} + +function haproxy_custom_php_install_command() { + global $g, $config; + conf_mount_rw(); + + $haproxy = <<<EOD +#!/bin/sh + +# PROVIDE: haproxy +# REQUIRE: LOGIN +# KEYWORD: FreeBSD + +. /etc/rc.subr + +name="haproxy" +rcvar=`set_rcvar` +command="/usr/local/bin/haproxy" +haproxy_enable=\${haproxy-"YES"} + +start_cmd="haproxy_start" +stop_postcmd="haproxy_stop" + +load_rc_config \$name + +haproxy_start () { + echo "Starting haproxy." + /usr/bin/env \ + PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ + /usr/local/bin/php -q -d auto_prepend_file=config.inc <<ENDOFF + <?php + require_once("globals.inc"); + require_once("functions.inc"); + require_once("haproxy.inc"); + haproxy_configure(); + ?> +ENDOFF +} + +haproxy_stop () { + echo "Stopping haproxy." + killall haproxy +} + +run_rc_command "\$1" + +EOD; + + $fd = fopen("/usr/local/etc/rc.d/haproxy.sh", "w"); + fwrite($fd, $haproxy); + fclose($fd); + exec("chmod a+rx /usr/local/etc/rc.d/haproxy.sh"); + + conf_mount_ro(); + + exec("/usr/local/etc/rc.d/haproxy.sh start"); +} + +function haproxy_configure() { + global $config, $g; + + $a_global = &$config['installedpackages']['haproxy']; + $a_backends = &$config['installedpackages']['haproxy']['ha_backends']['item']; + $a_frontends = &$config['installedpackages']['haproxy']['ha_frontends']['item']; + $a_servers = &$config['installedpackages']['haproxy']['ha_servers']['item']; + + $fd = fopen("{$g['varetc_path']}/haproxy.cfg", "w"); + + if(is_array($a_global)) { + fwrite ($fd, "global\n"); + if($a_global['advanced']) + fwrite ($fd, "\t" . base64_decode($a_global['advanced']) . "\n"); + fwrite ($fd, "\tmaxconn\t\t\t".$a_global['maxconn']."\n"); + if($a_global['remotesyslog']) + fwrite ($fd, "\tlog\t\t\t{$a_global['remotesyslog']}\tlocal0\n"); + fwrite ($fd, "\tuid\t\t\t80\n"); + fwrite ($fd, "\tgid\t\t\t80\n"); + // Set numprocs if defined or use system default (#cores) + if($a_global['nbproc']) + $numprocs = $a_global['nbproc']; + else + $numprocs = trim(`/sbin/sysctl kern.smp.cpus | cut -d" " -f2`); + fwrite ($fd, "\tnbproc\t\t\t$numprocs\n"); + fwrite ($fd, "\tchroot\t\t\t/var/empty\n"); + fwrite ($fd, "\tdaemon\n"); + fwrite ($fd, "\n"); + } + + // Construct and write out configuration file + if(is_array($a_backends)) { + foreach ($a_backends as $backend) { + + // Define our backend name + $backendinfo = "listen {$backend['name']}\n"; + + // Prepare ports for processing by splitting + $portss = "{$backend['port']},"; + $ports = split(",", $portss); + + // Initialize variable + $listenip = ""; + + // Process and add bind directives for ports + foreach($ports as $port) { + if($port) { + if($backend['extaddr'] == "any") + $listenip .= "\tbind\t\t\t0.0.0.0:{$port}\n"; + elseif($backend['extaddr']) + $listenip .= "\tbind\t\t\t{$backend['extaddr']}:{$port}\n"; + else + $listenip .= "\tbind\t\t\t" . get_current_wan_address('wan') . ":{$port}\n"; + } + } + + fwrite ($fd, "{$backendinfo}"); + fwrite ($fd, "{$listenip}"); + + // Advanced pass thru + if($backend['advanced']) { + $advanced = base64_decode($backend['advanced']); + fwrite($fd, "\t" . $advanced . "\n"); + } + + // https is an alias for tcp for clarity purpouses + if(strtolower($backend['type']) == "https") { + $backend_type = "tcp"; + $httpchk = "ssl-hello-chk"; + } else { + $backend_type = $backend['type']; + $httpchk = "httpchk"; + } + + fwrite ($fd, "\tmode\t\t\t" . $backend_type . "\n"); + fwrite ($fd, "\tlog\t\t\tglobal\n"); + fwrite ($fd, "\toption\t\t\tdontlognull\n"); + + if($backend['httpclose']) + fwrite ($fd, "\toption\t\t\thttpclose\n"); + + if($backend['forwardfor']) + fwrite ($fd, "\toption\t\t\tforwardfor\n"); + + if($backend['max_connections']) + fwrite ($fd, "\tmaxconn\t\t\t" . $backend['max_connections'] . "\n"); + + if($backend['client_timeout']) + fwrite ($fd, "\tclitimeout\t\t" . $backend['client_timeout'] . "\n"); + + if($backend['balance']) + fwrite ($fd, "\tbalance\t\t\t" . $backend['balance'] . "\n"); + + if($backend['connection_timeout']) + fwrite ($fd, "\tcontimeout\t\t" . $backend['connection_timeout'] . "\n"); + + if($backend['server_timeout']) + fwrite ($fd, "\tsrvtimeout\t\t" . $backend['server_timeout'] . "\n"); + + if($backend['retries']) + fwrite ($fd, "\tretries\t\t\t" . $backend['retries'] . "\n"); + + if($backend['cookie_name']) + fwrite ($fd, "\tcookie\t\t\t" . $backend['cookie_name'] . " insert indirect\n"); + + if($backend['monitor_uri']) + fwrite ($fd, "\toption\t\t\t{$httpchk} HEAD " . $backend['monitor_uri'] . " HTTP/1.0\n"); + + if($backend['stats_enabled']=='yes') { + fwrite ($fd, "\tstats\t\t\tenable\n"); + if($backend['stats_uri']) + fwrite ($fd, "\tstats\t\t\turi ".$backend['stats_uri']."\n"); + if($backend['stats_realm']) + fwrite ($fd, "\tstats\t\t\trealm " . $backend['stats_realm'] . "\n"); + else + fwrite ($fd, "\tstats\t\t\trealm .\n"); + fwrite ($fd, "\tstats\t\t\tauth " . $backend['stats_username'].":". $backend['stats_password']."\n"); + if($backend['stats_node_enabled']=='yes') + fwrite ($fd, "\tstats\t\t\tshow-node " . $backend['stats_node'] . "\n"); + if($backend['stats_desc']) + fwrite ($fd, "\tstats\t\t\tshow-desc " . $backend['stats_desc'] . "\n"); + if($backend['stats_refresh']) + fwrite ($fd, "\tstats\t\t\trefresh " . $backend['stats_refresh'] . "\n"); + } + + $a_acl=&$frontend['ha_acls']['item']; + if(!is_array($a_acl)) + $a_acl=array(); + + foreach ($a_acl as $acl) + fwrite ($fd, "\tacl\t\t\t".$acl['name']."\t\t".$acl['expression']."\n"); + + $server['backend'] .= " "; + if(is_array($a_servers)) { + foreach ($a_servers as $server) { + $backends_to_process = split(" ", $server['backend']); + foreach($backends_to_process as $backends) { + if($backends == "") + continue; + if($backends == $backend['name']) { + $server_ports = array(); + if($server['status'] != 'inactive') { + if($server['cookie']) + $cookie = " cookie {$server['cookie']} "; + else + $cookie = ""; + if(!$server['port']) { + foreach($ports as $port) { + if($port) + $server_ports[] = $port; + } + } else { + $server_ports[] = $server['port']; + } + if($server['advanced']) { + $advanced = base64_decode($server['advanced']); + $advanced_txt = " " . $advanced; + } else { + $advanced_txt = ""; + } + if($server['status'] != 'active') { + $status = " " . $server['status']; + } else { + $status = ""; + } + if($server['checkinter']) + $checkinter = "check inter {$server['checkinter']}"; + else + $checkinter = "check inter 1000"; + foreach($server_ports as $pport) + fwrite ($fd, "\tserver\t\t\t" . $server['name'] . " " . $server['address'].":" . $pport . " $cookie " . " $checkinter weight " . $server['weight'] . $status . "{$advanced_txt}\n"); + } + } + } + } + } + fwrite ($fd, "\n"); + } + // Sync HAProxy configuration (if enabled) + if(isset($config['installedpackages']['haproxy']['enablesync'])) { + if($config['installedpackages']['haproxy']['synchost1']) { + haproxy_do_xmlrpc_sync($config['installedpackages']['haproxy']['synchost1'], + $config['installedpackages']['haproxy']['syncpassword']); + } + if($config['installedpackages']['haproxy']['synchost2']) { + haproxy_do_xmlrpc_sync($config['installedpackages']['haproxy']['synchost2'], + $config['installedpackages']['haproxy']['syncpassword']); + } + if($config['installedpackages']['haproxy']['synchost3']) { + haproxy_do_xmlrpc_sync($config['installedpackages']['haproxy']['synchost3'], + $config['installedpackages']['haproxy']['syncpassword']); + } + } + } + + // create config file + fclose($fd); + + $freebsd_version = substr(trim(`uname -r`), 0, 1); + if(!file_exists("/usr/bin/limits")) { + exec("fetch -q -o /usr/bin/limits http://files.pfsense.org/extras/{$freebsd_version}/limits"); + exec("chmod a+rx /usr/bin/limits"); + } + + exec("/usr/bin/limits -n 300014"); + + // reload haproxy + if(isset($a_global['enable'])) { + if(is_process_running('haproxy')) { + exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid -st `cat /var/run/haproxy.pid`"); + } else { + exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid -D"); + } + return (0); + } else { + return (1); + } +} + +function haproxy_do_xmlrpc_sync($sync_to_ip, $password) { + global $config, $g; + + if(!$password) + return; + + if(!$sync_to_ip) + return; + + // Do not allow syncing to self. + $donotsync = false; + $lanip = find_interface_ip($config['interfaces']['lan']['if']); + if($lanip == $sync_to_ip) + $donotsync = true; + $wanip = find_interface_ip($config['interfaces']['wan']['if']); + if($wanip == $sync_to_ip) + $donotsync = true; + for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) { + $optip = find_interface_ip($config['interfaces']['opt' . $j]['if']); + if($optip == $sync_to_ip) + $donotsync = true; + } + if($donotsync) { + log_error("Disallowing sync loop for HAProxy sync."); + return; + } + + $xmlrpc_sync_neighbor = $sync_to_ip; + if($config['system']['webgui']['protocol'] != "") { + $synchronizetoip = $config['system']['webgui']['protocol']; + $synchronizetoip .= "://"; + } + $port = $config['system']['webgui']['port']; + /* if port is empty lets rely on the protocol selection */ + if($port == "") { + if($config['system']['webgui']['protocol'] == "http") + $port = "80"; + else + $port = "443"; + } + $synchronizetoip .= $sync_to_ip; + + /* xml will hold the sections to sync */ + $xml = array(); + $xml['haproxy'] = $config['installedpackages']['haproxy']; + + // Prevent sync loops + unset($xml['haproxy']['synchost1']); + unset($xml['haproxy']['synchost2']); + unset($xml['haproxy']['synchost3']); + unset($xml['haproxy']['syncpassword']); + + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($xml) + ); + + /* set a few variables needed for sync code borrowed from filter.inc */ + $url = $synchronizetoip; + log_error("Beginning HAProxy XMLRPC sync to {$url}:{$port}."); + $method = 'pfsense.merge_installedpackages_section_xmlrpc'; + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials('admin', $password); + if($g['debug']) + $cli->setDebug(1); + /* send our XMLRPC message and timeout after 250 seconds */ + $resp = $cli->send($msg, "250"); + if(!$resp) { + $error = "A communications error occurred while attempting HAProxy XMLRPC sync with {$url}:{$port}."; + log_error($error); + file_notice("sync_settings", $error, "HAProxy Settings Sync", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, "250"); + $error = "An error code was received while attempting HAProxy XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "HAProxy Settings Sync", ""); + } else { + log_error("HAProxy XMLRPC sync successfully completed with {$url}:{$port}."); + } + + /* tell haproxy to reload our settings on the destionation sync host. */ + $method = 'pfsense.exec_php'; + $execcmd = "require_once('/usr/local/pkg/haproxy.inc');\n"; + $execcmd .= "haproxy_configure();\n"; + + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($execcmd) + ); + + log_error("HAProxy XMLRPC reload data {$url}:{$port}."); + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials('admin', $password); + $resp = $cli->send($msg, "250"); + if(!$resp) { + $error = "A communications error occurred while attempting HAProxy XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; + log_error($error); + file_notice("sync_settings", $error, "HAProxy Settings Reload", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, "250"); + $error = "An error code was received while attempting HAProxy XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "HAProxy Settings Sync", ""); + } else { + log_error("HAProxy XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); + } +} + +?> diff --git a/config/haproxy-legacy/haproxy.xml b/config/haproxy-legacy/haproxy.xml new file mode 100644 index 00000000..556a1178 --- /dev/null +++ b/config/haproxy-legacy/haproxy.xml @@ -0,0 +1,113 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + haproxy.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2009 Scott Ullrich + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>haproxy</name> + <version>1.0</version> + <title>HAProxy</title> + <aftersaveredirect>/pkg_edit.php?xml=haproxy_servers.php</aftersaveredirect> + <include_file>/usr/local/pkg/haproxy.inc</include_file> + <menu> + <name>HAProxy</name> + <tooltiptext></tooltiptext> + <section>Services</section> + <url>/haproxy_global.php</url> + </menu> + <service> + <name>HAProxy</name> + <rcfile>haproxy.sh</rcfile> + <executable>haproxy</executable> + <description>The Reliable, High Performance TCP/HTTP Load Balancer</description> + </service> + <configpath>installedpackages->haproxy->config</configpath> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/haproxy-legacy/haproxy.inc</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/haproxy-legacy/haproxy_frontends.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/haproxy-legacy/haproxy_frontends_edit.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/haproxy-legacy/haproxy_global.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/haproxy-legacy/haproxy_servers.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/haproxy-legacy/haproxy_servers_edit.php</item> + </additional_files_needed> + <custom_delete_php_command> + </custom_delete_php_command> + <custom_add_php_command> + </custom_add_php_command> + <custom_php_resync_config_command> + </custom_php_resync_config_command> + <custom_php_install_command> + /* + included in package install + $freebsdv=trim(`uname -r | cut -d'.' -f1`); + conf_mount_rw(); + `fetch -q -o /usr/local/sbin/ http://www.pfsense.org/packages/config/haproxy-legacy/binaries{$freebsdv}/haproxy`; + exec("chmod a+rx /usr/local/sbin/haproxy"); + */ + haproxy_custom_php_install_command(); + </custom_php_install_command> + <custom_php_deinstall_command> + haproxy_custom_php_deinstall_command(); + </custom_php_deinstall_command> + <custom_php_command_before_form> + </custom_php_command_before_form> +</packagegui>
\ No newline at end of file diff --git a/config/haproxy-legacy/haproxy_frontends.php b/config/haproxy-legacy/haproxy_frontends.php new file mode 100755 index 00000000..d50133b8 --- /dev/null +++ b/config/haproxy-legacy/haproxy_frontends.php @@ -0,0 +1,149 @@ +<?php +/* $Id: load_balancer_virtual_server.php,v 1.6.2.1 2006/01/02 23:46:24 sullrich Exp $ */ +/* + haproxy_baclkends.php + part of pfSense (http://www.pfsense.com/) + Copyright (C) 2009 Scott Ullrich <sullrich@pfsense.com> + Copyright (C) 2008 Remco Hoef <remcoverhoef@pfsense.com> + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require_once("guiconfig.inc"); + +$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; + +require_once("haproxy.inc"); + +if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) { + $config['installedpackages']['haproxy']['ha_backends']['item'] = array(); +} +$a_backend = &$config['installedpackages']['haproxy']['ha_backends']['item']; + +if ($_POST) { + $pconfig = $_POST; + + if ($_POST['apply']) { + $retval = 0; + config_lock(); + $retval = haproxy_configure(); + config_unlock(); + $savemsg = get_std_save_message($retval); + unlink_if_exists($d_haproxyconfdirty_path); + } +} + +if ($_GET['act'] == "del") { + if ($a_backend[$_GET['id']]) { + if (!$input_errors) { + unset($a_backend[$_GET['id']]); + write_config(); + touch($d_haproxyconfdirty_path); + header("Location: haproxy_frontends.php"); + exit; + } + } +} + +$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); +if(strstr($pfSversion, "1.2")) + $one_two = true; + +$pgtitle = "Services: HAProxy: Frontend"; +include("head.inc"); + +?> +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> +<form action="haproxy_frontends.php" method="post"> +<?php if($one_two): ?> +<p class="pgtitle"><?=$pgtitle?></p> +<?php endif; ?> +<?php if ($input_errors) print_input_errors($input_errors); ?> +<?php if ($savemsg) print_info_box($savemsg); ?> +<?php if (file_exists($d_haproxyconfdirty_path)): ?><p> +<?php print_info_box_np("The virtual server configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br> +<?php endif; ?> +<table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr><td class="tabnavtbl"> + <?php + /* active tabs */ + $tab_array = array(); + $tab_array[] = array("Settings", false, "haproxy_global.php"); + $tab_array[] = array("Frontends", true, "haproxy_frontends.php"); + $tab_array[] = array("Servers", false, "haproxy_servers.php"); + display_top_tabs($tab_array); + ?> + </td></tr> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td width="30%" class="listhdrr">Name</td> + <td width="40%" class="listhdrr">Description</td> + <td width="10%" class="listhdrr">Stats URI</td> + <td width="10%" class="listhdrr">Type</td> + <td width="10%" class="list"></td> + </tr> + <?php $i = 0; foreach ($a_backend as $backend): ?> + <tr> + <td class="listlr" ondblclick="document.location='haproxy_frontends_edit.php?id=<?=$i;?>';"> + <?=$backend['name'];?> + </td> + <td class="listlr" ondblclick="document.location='haproxy_frontends_edit.php?id=<?=$i;?>';"> + <?=$backend['desc'];?> + </td> + <td class="listlr" ondblclick="document.location='haproxy_frontends_edit.php?id=<?=$i;?>';"> + <?=$backend['stats_uri'];?> + </td> + <td class="listlr" ondblclick="document.location='haproxy_frontends_edit.php?id=<?=$i;?>';"> + <?=$backend['type'];?> + </td> + <td class="list" nowrap> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle"><a href="haproxy_frontends_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0"></a></td> + <td valign="middle"><a href="haproxy_frontends.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this entry?')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a></td> + </tr> + </table> + </td> + </tr> + <?php $i++; endforeach; ?> + <tr> + <td class="list" colspan="4"></td> + <td class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle"><a href="haproxy_frontends_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> + </tr> + </table> + </td> + </tr> + </table> + </div> + </table> + </form> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/config/haproxy-legacy/haproxy_frontends_edit.php b/config/haproxy-legacy/haproxy_frontends_edit.php new file mode 100755 index 00000000..df2411b2 --- /dev/null +++ b/config/haproxy-legacy/haproxy_frontends_edit.php @@ -0,0 +1,735 @@ +<?php +/* $Id: load_balancer_pool_edit.php,v 1.24.2.23 2007/03/03 00:07:09 smos Exp $ */ +/* + haproxy_frontends_edit.php + part of pfSense (http://www.pfsense.com/) + Copyright (C) 2009 Scott Ullrich <sullrich@pfsense.com> + Copyright (C) 2008 Remco Hoef <remcoverhoef@pfsense.com> + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); + +$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; + +if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) { + $config['installedpackages']['haproxy']['ha_backends']['item'] = array(); +} + +$a_backend = &$config['installedpackages']['haproxy']['ha_backends']['item']; + +if (isset($_POST['id'])) + $id = $_POST['id']; +else + $id = $_GET['id']; + +if (isset($id) && $a_backend[$id]) { + $pconfig['name'] = $a_backend[$id]['name']; + $pconfig['desc'] = $a_backend[$id]['desc']; + $pconfig['connection_timeout'] = $a_backend[$id]['connection_timeout']; + $pconfig['server_timeout'] = $a_backend[$id]['server_timeout']; + $pconfig['retries'] = $a_backend[$id]['retries']; + + $pconfig['type'] = $a_backend[$id]['type']; + $pconfig['balance'] = $a_backend[$id]['balance']; + $pconfig['monitor_uri'] = $a_backend[$id]['monitor_uri']; + + $pconfig['forwardfor'] = $a_backend[$id]['forwardfor']; + $pconfig['httpclose'] = $a_backend[$id]['httpclose']; + + $pconfig['stats_enabled'] = $a_backend[$id]['stats_enabled']; + $pconfig['stats_username'] = $a_backend[$id]['stats_username']; + $pconfig['stats_password'] = $a_backend[$id]['stats_password']; + $pconfig['stats_uri'] = $a_backend[$id]['stats_uri']; + $pconfig['stats_realm'] = $a_backend[$id]['stats_realm']; + $pconfig['stats_node_enabled'] = $a_backend[$id]['stats_node_enabled']; + $pconfig['stats_node'] = $a_backend[$id]['stats_node']; + $pconfig['stats_desc'] = $a_backend[$id]['stats_desc']; + $pconfig['stats_refresh'] = $a_backend[$id]['stats_refresh']; + + $pconfig['type'] = $a_backend[$id]['type']; + $pconfig['extaddr'] = $a_backend[$id]['extaddr']; + $pconfig['max_connections'] = $a_backend[$id]['max_connections']; + $pconfig['client_timeout'] = $a_backend[$id]['client_timeout']; + $pconfig['port'] = $a_backend[$id]['port']; + $pconfig['a_acl']=&$a_backend[$id]['ha_acls']['item']; + $pconfig['advanced'] = base64_decode($a_backend[$id]['advanced']); + +} + +$changedesc = "Services: HAProxy: Frontend"; +$changecount = 0; + +if ($_POST) { + $changecount++; + + unset($input_errors); + $pconfig = $_POST; + + if ($_POST['stats_enabled']) { + $reqdfields = explode(" ", "name connection_timeout server_timeout stats_username stats_password stats_uri stats_realm"); + $reqdfieldsn = explode(",", "Name,Connection timeout,Server timeout,Stats Username,Stats Password,Stats Uri,Stats Realm"); + } else { + $reqdfields = explode(" ", "name connection_timeout server_timeout"); + $reqdfieldsn = explode(",", "Name,Connection timeout,Server timeout"); + } + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + $reqdfields = explode(" ", "name type port max_connections client_timeout"); + $reqdfieldsn = explode(",", "Name,Type,Port,Max connections,Client timeout"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name'])) + $input_errors[] = "The field 'Name' contains invalid characters."; + + if (!is_numeric($_POST['connection_timeout'])) + $input_errors[] = "The field 'Connection timeout' value is not a number."; + + if (!is_numeric($_POST['server_timeout'])) + $input_errors[] = "The field 'Server timeout' value is not a number."; + + if (!$_POST['retries'] && is_numeric($_POST['retries'])) + $input_errors[] = "The field 'Retries' value is not a number."; + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['stats_username'])) + $input_errors[] = "The field 'Stats Username' contains invalid characters."; + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['stats_password'])) + $input_errors[] = "The field 'Stats Password' contains invalid characters."; + + if (!is_numeric($_POST['max_connections'])) + $input_errors[] = "The field 'Max connections' value is not a number."; + + $ports = split(",", $_POST['port'] . ","); + foreach($ports as $port) + if ($port && !is_numeric($port)) + $input_errors[] = "The field 'Port' value is not a number."; + + if (!is_numeric($_POST['client_timeout'])) + $input_errors[] = "The field 'Client timeout' value is not a number."; + + /* Ensure that our pool names are unique */ + for ($i=0; isset($config['installedpackages']['haproxy']['ha_backends']['item'][$i]); $i++) + if (($_POST['name'] == $config['installedpackages']['haproxy']['ha_backends']['item'][$i]['name']) && ($i != $id)) + $input_errors[] = "This backend name has already been used. Frontend names must be unique."; + + $a_acl=array(); + $acl_names=array(); + for($x=0; $x<99; $x++) { + $acl_name=$_POST['acl_name'.$x]; + $acl_expression=$_POST['acl_expression'.$x]; + + if ($acl_name) { + // check for duplicates + if (in_array($acl_name, $acl_names)) { + $input_errors[] = "The name '$acl_name' is duplicate."; + } + + $acl_names[]=$acl_name; + + $acl=array(); + $acl['name']=$acl_name; + $acl['expression']=$acl_expression; + $a_acl[]=$acl; + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $acl_name)) + $input_errors[] = "The field 'Name' contains invalid characters."; + + if (!preg_match("/.{2,}/", $acl_expression)) + $input_errors[] = "The field 'Expression' is required."; + + if (!preg_match("/.{2,}/", $acl_name)) + $input_errors[] = "The field 'Name' is required."; + + } + } + + $pconfig['a_acl']=$a_acl; + + if (!$input_errors) { + $backend = array(); + if(isset($id) && $a_backend[$id]) + $backend = $a_backend[$id]; + + if($backend['name'] != "") + $changedesc .= " modified '{$backend['name']}' pool:"; + + if ($backend['name']!=$_POST['name']) { + // name changed: + // * update servers + // * update frontend (default backend and acl) + if (!is_array($config['installedpackages']['haproxy']['ha_servers']['item'])) { + $config['installedpackages']['haproxy']['ha_servers']['item'] = array(); + } + $a_server = &$config['installedpackages']['haproxy']['ha_servers']['item']; + + for ( $i = 0; $i < count($a_server); $i++) { + if ($a_server[$i]['backend']==$backend['name']) { + $a_server[$i]['backend']=$_POST['name']; + } + } + + if (!is_array($config['installedpackages']['haproxy']['ha_frontends']['item'])) { + $config['installedpackages']['haproxy']['ha_frontends']['item'] = array(); + } + $a_frontend = &$config['installedpackages']['haproxy']['ha_frontends']['item']; + + for ( $i = 0; $i < count($a_frontend); $i++) { + if ($a_frontend[$i]['backend']==$backend['name']) { + $a_frontend[$i]['backend']=$_POST['name']; + } + + if (!is_array($a_frontend[$i]['ha_acls']['item'])) { + $a_frontend[$i]['ha_acls']['item'] = array(); + } + + $a_acl = &$a_frontend[$i]['ha_acls']['item']; + for ( $j = 0; $j < count($a_acl); $j++) { + if ($a_acl[$j]['backend']==$backend['name']) { + $a_acl[$j]['backend']=$_POST['name']; + } + } + } + } + + update_if_changed("name", $backend['name'], $_POST['name']); + update_if_changed("description", $backend['desc'], $_POST['desc']); + update_if_changed("connection_timeout", $backend['connection_timeout'], $_POST['connection_timeout']); + update_if_changed("server_timeout", $backend['server_timeout'], $_POST['server_timeout']); + update_if_changed("retries", $backend['retries'], $_POST['retries']); + update_if_changed("type", $backend['type'], $_POST['type']); + update_if_changed("balance", $backend['balance'], $_POST['balance']); + update_if_changed("cookie_name", $backend['cookie_name'], $_POST['cookie_name']); + update_if_changed("monitor_uri", $backend['monitor_uri'], $_POST['monitor_uri']); + update_if_changed("forwardfor", $backend['forwardfor'], $_POST['forwardfor']); + update_if_changed("httpclose", $backend['httpclose'], $_POST['httpclose']); + update_if_changed("stats_enabled", $backend['stats_enabled'], $_POST['stats_enabled']); + update_if_changed("stats_username", $backend['stats_username'], $_POST['stats_username']); + update_if_changed("stats_password", $backend['stats_password'], $_POST['stats_password']); + update_if_changed("stats_uri", $backend['stats_uri'], $_POST['stats_uri']); + update_if_changed("stats_realm", $backend['stats_realm'], $_POST['stats_realm']); + update_if_changed("stats_node_enabled", $backend['stats_node_enabled'], $_POST['stats_node_enabled']); + update_if_changed("stats_node", $backend['stats_node'], $_POST['stats_node']); + update_if_changed("stats_desc", $backend['stats_desc'], $_POST['stats_desc']); + update_if_changed("stats_desc", $backend['stats_refresh'], $_POST['stats_refresh']); + update_if_changed("type", $backend['type'], $_POST['type']); + update_if_changed("port", $backend['port'], $_POST['port']); + update_if_changed("extaddr", $backend['extaddr'], $_POST['extaddr']); + update_if_changed("max_connections", $backend['max_connections'], $_POST['max_connections']); + update_if_changed("client_timeout", $backend['client_timeout'], $_POST['client_timeout']); + update_if_changed("advanced", $backend['advanced'], base64_encode($_POST['advanced'])); + + $backend['ha_acls']['item'] = $a_acl; + + if (isset($id) && $a_backend[$id]) { + $a_backend[$id] = $backend; + } else { + $a_backend[] = $backend; + } + + if ($changecount > 0) { + touch($d_haproxyconfdirty_path); + write_config($changedesc); + } + + header("Location: haproxy_frontends.php"); + exit; + } +} + +$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); +if(strstr($pfSversion, "1.2")) + $one_two = true; + +$pgtitle = "HAProxy: Frontend: Edit"; +include("head.inc"); + +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<script type="text/javascript"> + // Global Variables + var rowname = new Array(99); + var rowtype = new Array(99); + var newrow = new Array(99); + var rowsize = new Array(99); + + for (i = 0; i < 99; i++) { + rowname[i] = ''; + rowtype[i] = ''; + newrow[i] = ''; + rowsize[i] = '25'; + } + + var field_counter_js = 0; + var loaded = 0; + var is_streaming_progress_bar = 0; + var temp_streaming_text = ""; + + var addRowTo = (function() { + return (function (tableId) { + var d, tbody, tr, td, bgc, i, ii, j; + d = document; + tbody = d.getElementById(tableId).getElementsByTagName("tbody").item(0); + tr = d.createElement("tr"); + totalrows++; + for (i = 0; i < field_counter_js; i++) { + td = d.createElement("td"); + if(rowtype[i] == 'textbox') { + td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input size='" + rowsize[i] + "' name='" + rowname[i] + totalrows + "'></input> "; + } else if(rowtype[i] == 'select') { + td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><select name='" + rowname[i] + totalrows + "'><?php foreach ($a_backend as $backend) {?><option value=\"<?=$backend['name']?>\"><?=$backend['name']?></option><?php }?></select> "; + } else { + td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input type='checkbox' name='" + rowname[i] + totalrows + "'></input> "; + } + tr.appendChild(td); + } + td = d.createElement("td"); + td.rowSpan = "1"; + td.className = "list"; + td.innerHTML = '<img src="/themes/' + theme + '/images/icons/icon_x.gif" width="17" height="17" border="0" onclick="removeRow(this); return false;">'; + tr.appendChild(td); + tbody.appendChild(tr); + }); + })(); + + function removeRow(el) { + var cel; + while (el && el.nodeName.toLowerCase() != "tr") + el = el.parentNode; + + if (el && el.parentNode) { + cel = el.getElementsByTagName("td").item(0); + el.parentNode.removeChild(el); + } + } + + function find_unique_field_name(field_name) { + // loop through field_name and strip off -NUMBER + var last_found_dash = 0; + for (var i = 0; i < field_name.length; i++) { + // is this a dash, if so, update + // last_found_dash + if (field_name.substr(i,1) == "-" ) + last_found_dash = i; + } + if (last_found_dash < 1) + return field_name; + return(field_name.substr(0,last_found_dash)); + } + + rowname[0] = "acl_name"; + rowtype[0] = "textbox"; + rowsize[0] = "30"; + + rowname[1] = "acl_expression"; + rowtype[1] = "textbox"; + rowsize[1] = "35"; + + rowname[2] = "acl_backend"; + rowtype[2] = "select"; + rowsize[2] = "10"; + + function toggle_stats() { + var stats_enabled=document.getElementById('stats_enabled'); + var stats_realm_row=document.getElementById('stats_realm_row'); + var stats_username_row=document.getElementById('stats_username_row'); + var stats_password_row=document.getElementById('stats_password_row'); + var stats_uri_row=document.getElementById('stats_uri_row'); + var stats_node_enabled_row=document.getElementById('stats_node_enabled_row'); + var stats_node_row=document.getElementById('stats_node_row'); + var stats_desc_row=document.getElementById('stats_desc_row'); + var stats_desc_row=document.getElementById('stats_refresh_row'); + + if (stats_enabled.checked) { + stats_realm_row.style.display=''; + stats_username_row.style.display=''; + stats_password_row.style.display=''; + stats_uri_row.style.display=''; + stats_node_enabled_row.style.display=''; + stats_node_row.style.display=''; + stats_desc_row.style.display=''; + stats_refresh_row.style.display=''; + } else { + stats_realm_row.style.display='none'; + stats_username_row.style.display='none'; + stats_password_row.style.display='none'; + stats_uri_row.style.display='none'; + stats_node_enabled_row.style.display='none'; + stats_node_row.style.display='none'; + stats_desc_row.style.display='none'; + stats_refresh_row.style.display='none'; + } + } +</script> +<?php include("fbegin.inc"); ?> +<?php if ($input_errors) print_input_errors($input_errors); ?> +<?php if($one_two): ?> +<p class="pgtitle"><?=$pgtitle?></p> +<?php endif; ?> +<form action="haproxy_frontends_edit.php" method="post" name="iform" id="iform"> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td colspan="2" valign="top" class="listtopic">Edit haproxy backend</td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncellreq">Name</td> + <td width="78%" class="vtable" colspan="2"> + <input name="name" type="text" <?if(isset($pconfig['name'])) echo "value=\"{$pconfig['name']}\"";?> size="25" maxlength="25"> + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncellreq">Description</td> + <td width="78%" class="vtable" colspan="2"> + <input name="desc" type="text" <?if(isset($pconfig['desc'])) echo "value=\"{$pconfig['desc']}\"";?> size="64"> + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncellreq">Connection timeout</td> + <td width="78%" class="vtable" colspan="2"> + <input name="connection_timeout" type="text" <?if(isset($pconfig['connection_timeout'])) echo "value=\"{$pconfig['connection_timeout']}\"";?> size="64"> + <div>the time (in milliseconds) we give up if the connection does not complete within (30000).</div> + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncellreq">Server timeout</td> + <td width="78%" class="vtable" colspan="2"> + <input name="server_timeout" type="text" <?if(isset($pconfig['server_timeout'])) echo "value=\"{$pconfig['server_timeout']}\"";?> size="64"> + <div>the time (in milliseconds) we accept to wait for data from the server, or for the server to accept data (30000).</div> + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncell">Retries</td> + <td width="78%" class="vtable" colspan="2"> + <input name="retries" type="text" <?if(isset($pconfig['retries'])) echo "value=\"{$pconfig['retries']}\"";?> size="64"> + <div>After a connection failure to a server, it is possible to retry, potentially +on another server. This is useful if health-checks are too rare and you don't +want the clients to see the failures. The number of attempts to reconnect is +set by the 'retries' parameter (2).</div> + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncellreq">Type</td> + <td width="78%" class="vtable" colspan="2"> + <select name="type" id="type" onchange="type_change();"> + <option value="http"<?php if($pconfig['type'] == "http") echo " SELECTED"; ?>>HTTP</option> + <option value="https"<?php if($pconfig['type'] == "https") echo " SELECTED"; ?>>HTTPS</option> + <option value="tcp"<?php if($pconfig['type'] == "tcp") echo " SELECTED"; ?>>TCP</option> + <option value="health"<?php if($pconfig['type'] == "health") echo " SELECTED"; ?>>Health</option> + </select> + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncellreq">Balance</td> + <td width="78%" class="vtable" colspan="2"> + <table width="100%"> + <tr> + <td width="20%" valign="top"> + <input type="radio" name="balance" id="balance" value="roundrobin"<?php if($pconfig['balance'] == "roundrobin") echo " CHECKED"; ?>>Round robin</input> + </td> + <td> + Each server is used in turns, according to their weights. + This is the smoothest and fairest algorithm when the server's + processing time remains equally distributed. This algorithm + is dynamic, which means that server weights may be adjusted + on the fly for slow starts for instance. + </td> + </tr> + <tr> + <td width="20%" valign="top"> + <input type="radio" name="balance" id="balance" value="static-rr"<?php if($pconfig['balance'] == "static-rr") echo " CHECKED"; ?>>Static Round Robin</input> + </td> + <td> + Each server is used in turns, according to their weights. + This algorithm is as similar to roundrobin except that it is + static, which means that changing a server's weight on the + fly will have no effect. On the other hand, it has no design + limitation on the number of servers, and when a server goes + up, it is always immediately reintroduced into the farm, once + the full map is recomputed. It also uses slightly less CPU to + run (around -1%). + </td> + </tr> + <tr> + <td width="20%" valign="top"> + <input type="radio" name="balance" id="balance" value="leastconn"<?php if($pconfig['balance'] == "leastconn") echo " CHECKED"; ?>>Least Connections</input> + </td> + <td> + The server with the lowest number of connections receives the + connection. Round-robin is performed within groups of servers + of the same load to ensure that all servers will be used. Use + of this algorithm is recommended where very long sessions are + expected, such as LDAP, SQL, TSE, etc... but is not very well + suited for protocols using short sessions such as HTTP. This + algorithm is dynamic, which means that server weights may be + adjusted on the fly for slow starts for instance. + </td> + </tr> + <tr><td valign="top"><input type="radio" name="balance" id="balance" value="source"<?php if($pconfig['balance'] == +"source") echo " CHECKED"; ?>>Source</input></td><td> + The source IP address is hashed and divided by the total + weight of the running servers to designate which server will + receive the request. This ensures that the same client IP + address will always reach the same server as long as no + server goes down or up. If the hash result changes due to the + number of running servers changing, many clients will be + directed to a different server. This algorithm is generally + used in TCP mode where no cookie may be inserted. It may also + be used on the Internet to provide a best-effort stickyness + to clients which refuse session cookies. This algorithm is + static, which means that changing a server's weight on the + fly will have no effect. + </td> + </tr> + </table> + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncell">Stats Enabled</td> + <td width="78%" class="vtable" colspan="2"> + <input id="stats_enabled" name="stats_enabled" type="checkbox" value="yes" <?php if ($pconfig['stats_enabled']=='yes') echo "checked"; ?> onclick='toggle_stats();'><br/> + EXAMPLE: haproxystats + </td> + </tr> + <tr align="left" id='stats_realm_row' name='stats_realm_row' <?if ($pconfig['stats_enabled']!='yes') echo "style=\"display: none;\"";?>> + <td width="22%" valign="top" class="vncellreq">Stats Realm</td> + <td width="78%" class="vtable" colspan="2"> + <input id="stats_realm" name="stats_realm" type="text" <?if(isset($pconfig['stats_realm'])) echo "value=\"{$pconfig['stats_realm']}\"";?> size="64"> + </td> + </tr> + <tr align="left" id='stats_uri_row' name='stats_uri_row' <?if ($pconfig['stats_enabled']!='yes') echo "style=\"display: none;\"";?>> + <td width="22%" valign="top" class="vncellreq">Stats Uri</td> + <td width="78%" class="vtable" colspan="2"> + <input id="stats_uri" name="stats_uri" type="text" <?if(isset($pconfig['stats_uri'])) echo "value=\"{$pconfig['stats_uri']}\"";?> size="64"><br/> + EXAMPLE: /haproxy?stats + </td> + </tr> + <tr align="left" id='stats_username_row' name='stats_username_row' <?if ($pconfig['stats_enabled']!='yes') echo "style=\"display: none;\"";?>> + <td width="22%" valign="top" class="vncellreq">Stats Username</td> + <td width="78%" class="vtable" colspan="2"> + <input id="stats_username" name="stats_username" type="text" <?if(isset($pconfig['stats_username'])) echo "value=\"{$pconfig['stats_username']}\"";?> size="64"> + </td> + </tr> + + <tr align="left" id='stats_password_row' name='stats_password_row' <?if ($pconfig['stats_enabled']!='yes') echo "style=\"display: none;\"";?>> + <td width="22%" valign="top" class="vncellreq">Stats Password</td> + <td width="78%" class="vtable" colspan="2"> + <input id="stats_password" name="stats_password" type="password" <?if(isset($pconfig['stats_password'])) echo "value=\"{$pconfig['stats_password']}\"";?> size="64"> + <br/> + </td> + </tr> + <tr align="left" id='stats_node_enabled_row' name='stats_node_enabled_row' <?if ($pconfig['stats_enabled']!='yes') echo "style=\"display: none;\"";?>> + <td width="22%" valign="top" class="vncell">Stats Enable Node Name</td> + <td width="78%" class="vtable" colspan="2"> + <input id="stats_node_enabled" name="stats_node_enabled" type="checkbox" value="yes" <?php if ($pconfig['stats_node_enabled']=='yes') echo "checked"; ?>> + <br/> + </td> + </tr> + <tr align="left" id='stats_node_row' name='stats_node_row' <?if ($pconfig['stats_enabled']!='yes') echo "style=\"display: none;\"";?>> + <td width="22%" valign="top" class="vncell">Stats Node</td> + <td width="78%" class="vtable" colspan="2"> + <input id="stats_node" name="stats_node" type="text" <?if(isset($pconfig['stats_node'])) echo "value=\"{$pconfig['stats_node']}\"";?> size="64"><br/> + The node name is displayed in the stats and helps to differentiate which server in a cluster is actually serving clients.<br/> + Leave blank to use the system name. + </td> + </tr> + <tr align="left" id='stats_desc_row' name='stats_desc_row' <?if ($pconfig['stats_enabled']!='yes') echo "style=\"display: none;\"";?>> + <td width="22%" valign="top" class="vncell">Stats Description</td> + <td width="78%" class="vtable" colspan="2"> + <input id="stats_desc" name="stats_desc" type="text" <?if(isset($pconfig['stats_node'])) echo "value=\"{$pconfig['stats_desc']}\"";?> size="64"><br/> + </td> + </tr> + <tr align="left" id='stats_refresh_row' name='stats_refresh_row' <?if ($pconfig['stats_enabled']!='yes') echo "style=\"display: none;\"";?>> + <td width="22%" valign="top" class="vncell">Stats Refresh</td> + <td width="78%" class="vtable" colspan="2"> + <input id="stats_refresh" name="stats_refresh" type="text" <?if(isset($pconfig['stats_refresh'])) echo "value=\"{$pconfig['stats_refresh']}\"";?> size="10" maxlength="30"><br/> + Specify the refresh rate of the stats page in seconds, or specified time unit (us, ms, s, m, h, d). + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" id="monitorport_text" class="vncell">Monitor Uri</td> + <td width="78%" class="vtable" colspan="2"> + <input name="monitor_uri" type="text" <?if(isset($pconfig['monitor_uri'])) echo "value=\"{$pconfig['monitor_uri']}\"";?> size="50" maxlength="50"> + <br/> + Example: / or /index.php or /index.html or /testmypage.cgi + </td> + </tr> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncellreq">Port</td> + <td width="78%" class="vtable" colspan="2"> + <input name="port" type="text" <?if(isset($pconfig['port'])) echo "value=\"{$pconfig['port']}\"";?> size="30" maxlength="500"> + <div>The port to listen to. To specify multiple ports, separate with a comma (,). EXAMPLE: 80,443</div> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq">External address</td> + <td width="78%" class="vtable"> + <select name="extaddr" class="formfld"> + <option value="" <?php if (!$pconfig['extaddr']) echo "selected"; ?>>Interface address</option> + <?php + if (is_array($config['virtualip']['vip'])): + foreach ($config['virtualip']['vip'] as $sn): + ?> + <option value="<?=$sn['subnet'];?>" <?php if ($sn['subnet'] == $pconfig['extaddr']) echo "selected"; ?>> + <?=htmlspecialchars("{$sn['subnet']} ({$sn['descr']})");?> + </option> + <?php + endforeach; + endif; + ?> + <option value="any" <?php if($pconfig['extaddr'] == "any") echo "selected"; ?>>any</option> + </select> + <br /> + <span class="vexpl"> + If you want this rule to apply to another IP address than the IP address of the interface chosen above, + select it here (you need to define <a href="firewall_virtual_ip.php">Virtual IP</a> addresses on the first). + Also note that if you are trying to redirect connections on the LAN select the "any" option. + </span> + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncell">Max connections</td> + <td width="78%" class="vtable" colspan="2"> + <input name="max_connections" type="text" <?if(isset($pconfig['max_connections'])) echo "value=\"{$pconfig['max_connections']}\"";?> size="10" maxlength="10"> + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncell">Client timeout</td> + <td width="78%" class="vtable" colspan="2"> + <input name="client_timeout" type="text" <?if(isset($pconfig['client_timeout'])) echo "value=\"{$pconfig['client_timeout']}\"";?> size="10" maxlength="10"> + <div>the time (in milliseconds) we accept to wait for data from the client, or for the client to accept data (30000).</div> + </td> + </tr> +<?php +/* + <tr> + <td width="22%" valign="top" class="vncell">Access Control lists</td> + <td width="78%" class="vtable" colspan="2" valign="top"> + <table class="" width="100%" cellpadding="0" cellspacing="0" id='acltable'> + <tr> + <td width="35%" class="">Name</td> + <td width="40%" class="">Expression</td> + <td width="20%" class="">Backend</td> + <td width="5%" class=""></td> + </tr> + <?php + $a_acl=$pconfig['a_acl']; + + if (!is_array($a_acl)) { + $a_acl=array(); + } + + $i=0; + foreach ($a_acl as $acl) { + ?> + <tr> + <td><input name="acl_name<?=$i;?>" type="text" value="<?=$acl['name']; ?>" size="30"/></td> + <td><input name="acl_expression<?=$i;?>" type="text" value="<?=$acl['expression']; ?>" size="35"/></td> + <td> + <select name="acl_backend<?=$i;?>" id="acl_backend<?=$i;?>"> + <?php + if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) { + $config['installedpackages']['haproxy']['ha_backends']['item'] = array(); + } + $a_backend = &$config['installedpackages']['haproxy']['ha_backends']['item']; + foreach ($a_backend as $backend) { ?> + <option value="<?=$backend['name'];?>"<?php if($acl['backend'] == $backend['name']) echo " SELECTED"; ?>><?=$backend['name'];?></option> + <?php $i++; } ?> + </select> + </td> + <td class="list"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" onclick="removeRow(this); return false;"></td> + </tr> + <?php + $i++; + } + ?> + </table> + <a onclick="javascript:addRowTo('acltable'); return false;" href="#"> + <img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" alt="" title="add another entry" /> + </a><br/> + Fore more information about ACL's please see <a href='http://haproxy.1wt.eu/download/1.3/doc/configuration.txt' target='_new'>HAProxy Documentation</a> Section 7 - Using ACL's + </td> + </tr> +*/ +?> + <tr align="left"> + <td width="22%" valign="top" class="vncell">Use 'forwardfor' option</td> + <td width="78%" class="vtable" colspan="2"> + <input id="forwardfor" name="forwardfor" type="checkbox" value="yes" <?php if ($pconfig['forwardfor']=='yes') echo "checked"; ?>> + <br/> + The 'forwardfor' option creates an HTTP 'X-Forwarded-For' header which + contains the client's IP address. This is useful to let the final web server + know what the client address was (eg for statistics on domains) + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncell">Use 'httpclose' option</td> + <td width="78%" class="vtable" colspan="2"> + <input id="httpclose" name="httpclose" type="checkbox" value="yes" <?php if ($pconfig['httpclose']=='yes') echo "checked"; ?>> + <br/> + The 'httpclose' option removes any 'Connection' header both ways, and + adds a 'Connection: close' header in each direction. This makes it easier to + disable HTTP keep-alive than the previous 4-rules block. + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncell">Advanced pass thru</td> + <td width="78%" class="vtable" colspan="2"> + <textarea name='advanced' rows="4" cols="70" id='advanced'><?php echo $pconfig['advanced']; ?></textarea> + <br/> + NOTE: paste text into this box that you would like to pass thru. + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="Save"> + <input type="button" class="formbtn" value="Cancel" onclick="history.back()"> + <?php if (isset($id) && $a_backend[$id]): ?> + <input name="id" type="hidden" value="<?=$id;?>"> + <?php endif; ?> + </td> + </tr> + <tr> + <br/> <br/> + <td colspan='3'> + <span class="vexpl"><b>NOTE:</b> You must add a firewall rule permitting access to this frontend!</span> + </td> + </tr> + </table> + </form> +<br> +<script type="text/javascript"> + field_counter_js = 3; + rows = 1; + <?php $counter=0; ?> + totalrows = <?php echo $counter; ?>;; + loaded = <?php echo $counter; ?>;; +</script> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/config/haproxy-legacy/haproxy_global.php b/config/haproxy-legacy/haproxy_global.php new file mode 100755 index 00000000..b0486fb8 --- /dev/null +++ b/config/haproxy-legacy/haproxy_global.php @@ -0,0 +1,328 @@ +<?php +/* $Id: load_balancer_pool.php,v 1.5.2.6 2007/03/02 23:48:32 smos Exp $ */ +/* + haproxy_global.php + part of pfSense (http://www.pfsense.com/) + Copyright (C) 2009 Scott Ullrich <sullrich@pfsense.com> + Copyright (C) 2008 Remco Hoef <remcoverhoef@pfsense.com> + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("globals.inc"); +require("guiconfig.inc"); +require_once("haproxy.inc"); + +$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; + +if (!is_array($config['installedpackages']['haproxy'])) + $config['installedpackages']['haproxy'] = array(); + + +if ($_POST) { + unset($input_errors); + $pconfig = $_POST; + + if ($_POST['apply']) { + $retval = 0; + config_lock(); + $retval = haproxy_configure(); + config_unlock(); + $savemsg = get_std_save_message($retval); + unlink_if_exists($d_haproxyconfdirty_path); + } else { + if ($_POST['enable']) { + $reqdfields = explode(" ", "maxconn"); + $reqdfieldsn = explode(",", "Maximum connections"); + } + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if ($_POST['maxconn'] && (!is_numeric($_POST['maxconn']))) + $input_errors[] = "The maximum number of connections should be numeric."; + + if($_POST['synchost1'] && !is_ipaddr($_POST['synchost1'])) + $input_errors[] = "Synchost1 needs to be an IPAddress."; + if($_POST['synchost2'] && !is_ipaddr($_POST['synchost2'])) + $input_errors[] = "Synchost2 needs to be an IPAddress."; + if($_POST['synchost3'] && !is_ipaddr($_POST['synchost3'])) + $input_errors[] = "Synchost3 needs to be an IPAddress."; + + if (!$input_errors) { + $config['installedpackages']['haproxy']['enable'] = $_POST['enable'] ? true : false; + $config['installedpackages']['haproxy']['maxconn'] = $_POST['maxconn'] ? $_POST['maxconn'] : false; + $config['installedpackages']['haproxy']['enablesync'] = $_POST['enablesync'] ? true : false; + $config['installedpackages']['haproxy']['synchost1'] = $_POST['synchost1'] ? $_POST['synchost1'] : false; + $config['installedpackages']['haproxy']['synchost2'] = $_POST['synchost2'] ? $_POST['synchost2'] : false; + $config['installedpackages']['haproxy']['synchost3'] = $_POST['synchost3'] ? $_POST['synchost3'] : false; + $config['installedpackages']['haproxy']['remotesyslog'] = $_POST['remotesyslog'] ? $_POST['remotesyslog'] : false; + $config['installedpackages']['haproxy']['syncpassword'] = $_POST['syncpassword'] ? $_POST['syncpassword'] : false; + $config['installedpackages']['haproxy']['advanced'] = $_POST['advanced'] ? base64_encode($_POST['advanced']) : false; + $config['installedpackages']['haproxy']['nbproc'] = $_POST['nbproc'] ? $_POST['nbproc'] : false; + touch($d_haproxyconfdirty_path); + write_config(); + } + } + +} + +$pconfig['enable'] = isset($config['installedpackages']['haproxy']['enable']); +$pconfig['maxconn'] = $config['installedpackages']['haproxy']['maxconn']; +$pconfig['enablesync'] = isset($config['installedpackages']['haproxy']['enablesync']); +$pconfig['syncpassword'] = $config['installedpackages']['haproxy']['syncpassword']; +$pconfig['synchost1'] = $config['installedpackages']['haproxy']['synchost1']; +$pconfig['synchost2'] = $config['installedpackages']['haproxy']['synchost2']; +$pconfig['synchost3'] = $config['installedpackages']['haproxy']['synchost3']; +$pconfig['remotesyslog'] = $config['installedpackages']['haproxy']['remotesyslog']; +$pconfig['advanced'] = base64_decode($config['installedpackages']['haproxy']['advanced']); +$pconfig['nbproc'] = $config['installedpackages']['haproxy']['nbproc']; + +$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); +if(strstr($pfSversion, "1.2")) + $one_two = true; + +$pgtitle = "Services: HAProxy: Settings"; +include("head.inc"); + +?> +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<script type="text/javascript" src="javascript/scriptaculous/prototype.js"></script> +<script type="text/javascript" src="javascript/scriptaculous/scriptaculous.js"></script> +<?php include("fbegin.inc"); ?> +<script language="JavaScript"> +<!-- +function enable_change(enable_change) { + var endis; + endis = !(document.iform.enable.checked || enable_change); + document.iform.maxconn.disabled = endis; +} +//--> +</script> +<?php if($one_two): ?> +<p class="pgtitle"><?=$pgtitle?></p> +<?php endif; ?> +<form action="haproxy_global.php" method="post" name="iform"> +<?php if ($input_errors) print_input_errors($input_errors); ?> +<?php if ($savemsg) print_info_box($savemsg); ?> +<?php if (file_exists($d_haproxyconfdirty_path)): ?><p> +<?php print_info_box_np("The load balancer configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br> +<?php endif; ?> +<table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr><td class="tabnavtbl"> + <?php + /* active tabs */ + $tab_array = array(); + $tab_array[] = array("Settings", true, "haproxy_global.php"); + $tab_array[] = array("Frontends", false, "haproxy_frontends.php"); + $tab_array[] = array("Servers", false, "haproxy_servers.php"); + display_top_tabs($tab_array); + ?> + </td></tr> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td colspan="2" valign="top" class="listtopic">General settings</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"> </td> + <td width="78%" class="vtable"> + <input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false)"> + <strong>Enable HAProxy</strong></td> + </tr> + <tr> + <td valign="top" class="vncell"> + Maximum connections + </td> + <td class="vtable"> + <table><tr><td> + <table cellpadding="0" cellspacing="0"> + <tr> + <td> + <input name="maxconn" type="text" class="formfld" id="maxconn" size="5" <?if ($pconfig['enable']!='yes') echo "enabled=\"false\"";?> value="<?=htmlspecialchars($pconfig['maxconn']);?>"> per Backend. + </td> + </tr> + </table> + Sets the maximum per-process number of concurrent connections to X.<br/> + <strong>NOTE:</strong> setting this value too high will result in HAProxy not being able to allocate enough memory.<br/> + <?php + $hascpu = trim(`top | grep haproxy | awk '{ print $6 }'`); + if($hascpu) + echo "<p>Current memory usage {$hascpu}.</p>"; + ?> + </td><td> + <table style="border: 1px solid #000;"> + <tr> + <td><font size=-1>Connections</td> + <td><font size=-1>Memory usage</td> + </tr> + <tr> + <td colspan="2"> + <hr noshade style="border: 1px solid #000;"> + </td> + </tr> + <tr> + <td align="right"><font size=-1>999</td> + <td><font size=-1>1888K</td> + </tr> + <tr> + <td align="right"><font size=-1>99999</td> + <td><font size=-1>8032K</td> + </tr> + <tr> + <td align="right"><font size=-1>999999</td> + <td><font size=-1>50016K</td> + </tr> + <tr> + <td align="right"><font size=-1>9999999</td> + <td><font size=-1>467M</td> + </tr> + </table> + </td></tr></table> + </td> + </tr> + <tr> + <td valign="top" class="vncell"> + Number of processes to start + </td> + <td class="vtable"> + <input name="nbproc" type="text" class="formfld" id="nbproc" size="18" value="<?=htmlspecialchars($pconfig['nbproc']);?>"> + <br/> + Defaults to number of cores/processors installed if left blank (<?php echo trim(`/sbin/sysctl kern.smp.cpus | cut -d" " -f2`); ?> detected). + </td> + </tr> + <tr> + <td valign="top" class="vncell"> + Remote syslog host + </td> + <td class="vtable"> + <input name="remotesyslog" type="text" class="formfld" id="remotesyslog" size="18" value="<?=htmlspecialchars($pconfig['remotesyslog']);?>"> + </td> + </tr> + <tr> + <td> + + </td> + </tr> + <tr> + <td colspan="2" valign="top" class="listtopic">Global Advanced pass thru</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"> </td> + <td width="78%" class="vtable"> + <textarea name='advanced' rows="4" cols="70" id='advanced'><?php echo $pconfig['advanced']; ?></textarea> + <br/> + NOTE: paste text into this box that you would like to pass thru in the global settings area. + </td> + </tr> + <tr> + <td> + + </td> + </tr> + <tr> + <td colspan="2" valign="top" class="listtopic">Configuration synchronization</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"> </td> + <td width="78%" class="vtable"> + <input name="enablesync" type="checkbox" value="yes" <?php if ($pconfig['enablesync']) echo "checked"; ?>> + <strong>Sync HAProxy configuration to backup CARP members via XMLRPC.</strong> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">Synchronization password</td> + <td width="78%" class="vtable"> + <input name="syncpassword" type="password" value="<?=$pconfig['syncpassword'];?>"> + <br/> + <strong>Enter the password that will be used during configuration synchronization. This is generally the remote webConfigurator password.</strong> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">Sync host #1</td> + <td width="78%" class="vtable"> + <input name="synchost1" value="<?=$pconfig['synchost1'];?>"> + <br/> + <strong>Synchronize settings to this hosts IP address.</strong> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">Sync host #2</td> + <td width="78%" class="vtable"> + <input name="synchost2" value="<?=$pconfig['synchost2'];?>"> + <br/> + <strong>Synchronize settings to this hosts IP address.</strong> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">Sync host #3</td> + <td width="78%" class="vtable"> + <input name="synchost3" value="<?=$pconfig['synchost3'];?>"> + <br/> + <strong>Synchronize settings to this hosts IP address.</strong> + </td> + </tr> + <tr> + <td> + + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="Save" onClick="enable_change(true)"> + </td> + </td> + </tr> + </table> + </div> +</table> + +<?php if(file_exists("/var/etc/haproxy.cfg")): ?> + <p/> + <div id="configuration" style="display:none; border-style:dashed; padding: 8px;"> + <b><i>/var/etc/haproxy.cfg file contents:</b></i> + <?php + if(file_exists("/var/etc/haproxy.cfg")) { + echo "<pre>" . trim(file_get_contents("/var/etc/haproxy.cfg")) . "</pre>"; + } + ?> + </div> + <div id="showconfiguration"> + <a onClick="new Effect.Fade('showconfiguration'); new Effect.Appear('configuration'); setTimeout('scroll_after_fade();', 250); return false;" href="#">Show</a> automatically generated configuration. + </div> +<?php endif; ?> + +</form> +<script language="JavaScript"> + function scroll_after_fade() { + scrollTo(0,99999999999); + } +<!-- +enable_change(false); +//--> +</script> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/config/haproxy-legacy/haproxy_servers.php b/config/haproxy-legacy/haproxy_servers.php new file mode 100755 index 00000000..cacf995a --- /dev/null +++ b/config/haproxy-legacy/haproxy_servers.php @@ -0,0 +1,169 @@ +<?php +/* $Id: load_balancer_virtual_server.php,v 1.6.2.1 2006/01/02 23:46:24 sullrich Exp $ */ +/* + haproxy_servers.php + part of pfSense (http://www.pfsense.com/) + Copyright (C) 2009 Scott Ullrich <sullrich@pfsense.com> + Copyright (C) 2008 Remco Hoef <remcoverhoef@pfsense.com> + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require_once("guiconfig.inc"); +require_once("haproxy.inc"); + +$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; + +if (!is_array($config['installedpackages']['haproxy']['ha_servers']['item'])) { + $config['installedpackages']['haproxy']['ha_servers']['item'] = array(); +} + +$a_server = &$config['installedpackages']['haproxy']['ha_servers']['item']; +$a_backends = &$config['installedpackages']['haproxy']['ha_backends']['item']; + +if ($_POST) { + $pconfig = $_POST; + + if ($_POST['apply']) { + $retval = 0; + config_lock(); + $retval = haproxy_configure(); + config_unlock(); + $savemsg = get_std_save_message($retval); + unlink_if_exists($d_haproxyconfdirty_path); + } +} + +if ($_GET['act'] == "del") { + if ($a_server[$_GET['id']]) { + if (!$input_errors) { + unset($a_server[$_GET['id']]); + write_config(); + touch($d_haproxyconfdirty_path); + header("Location: haproxy_servers.php"); + exit; + } + } +} + +$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); +if(strstr($pfSversion, "1.2")) + $one_two = true; + +$pgtitle = "Services: HAProxy: Servers"; +include("head.inc"); + +?> +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> +<?php if($one_two): ?> +<p class="pgtitle"><?=$pgtitle?></p> +<?php endif; ?> +<form action="haproxy_servers.php" method="post"> +<?php if ($input_errors) print_input_errors($input_errors); ?> +<?php if ($savemsg) print_info_box($savemsg); ?> +<?php if (file_exists($d_haproxyconfdirty_path)): ?><p> +<?php print_info_box_np("The virtual server configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br> +<?php endif; ?> +<table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr><td class="tabnavtbl"> + <?php + /* active tabs */ + $tab_array = array(); + $tab_array[] = array("Settings", false, "haproxy_global.php"); + $tab_array[] = array("Frontends", false, "haproxy_frontends.php"); + $tab_array[] = array("Servers", true, "haproxy_servers.php"); + display_top_tabs($tab_array); + ?> + </td></tr> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td width="30%" class="listhdrr">Name</td> + <td width="30%" class="listhdrr">Server</td> + <td width="20%" class="listhdrr">Status</td> + <td width="30%" class="listhdrr">Frontend</td> + <td width="10%" class="listhdrr">Cookie</td> + <td width="10%" class="listhdrr">Weight</td> + <td width="10%" class="list"></td> + </tr> + <?php $i = 0; foreach ($a_server as $server): ?> + <tr> + <td class="listlr" ondblclick="document.location='haproxy_servers_edit.php?id=<?=$i;?>';"> + <?=$server['name'];?> + </td> + <td class="listlr" ondblclick="document.location='haproxy_servers_edit.php?id=<?=$i;?>';"> + <?=$server['address'] . ":"?> +<?php + if($server['port']) { + echo $server['port']; + } else { + foreach ($a_backends as $backend) { + if($backend['name'] == $server['backend']) { + echo $backend['port']; + } + } + } +?> + </td> + <td class="listlr" ondblclick="document.location='haproxy_servers_edit.php?id=<?=$i;?>';"> + <?=$server['status'];?> + </td> + <td class="listlr" ondblclick="document.location='haproxy_servers_edit.php?id=<?=$i;?>';"> + <?=$server['backend'];?> + </td> + <td class="listlr" ondblclick="document.location='haproxy_servers_edit.php?id=<?=$i;?>';"> + <?=$server['cookie'];?> + </td> + <td class="listlr" ondblclick="document.location='haproxy_servers_edit.php?id=<?=$i;?>';"> + <?=$server['weight'];?> + </td> + <td class="list" nowrap> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle"><a href="haproxy_servers_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0"></a></td> + <td valign="middle"><a href="haproxy_servers.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this entry?')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a></td> + </tr> + </table> + </td> + </tr> + <?php $i++; endforeach; ?> + <tr> + <td class="list" colspan="6"></td> + <td class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle"><a href="haproxy_servers_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> + </tr> + </table> + </td> + </tr> + </table> + </div> + </table> + </form> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/config/haproxy-legacy/haproxy_servers_edit.php b/config/haproxy-legacy/haproxy_servers_edit.php new file mode 100755 index 00000000..a4360b04 --- /dev/null +++ b/config/haproxy-legacy/haproxy_servers_edit.php @@ -0,0 +1,435 @@ +<?php +/* $Id: load_balancer_pool_edit.php,v 1.24.2.23 2007/03/03 00:07:09 smos Exp $ */ +/* + haproxy_servers_edit.php + part of pfSense (http://www.pfsense.com/) + Copyright (C) 2009 Scott Ullrich <sullrich@pfsense.com> + Copyright (C) 2008 Remco Hoef <remcoverhoef@pfsense.com> + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); + +$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; +$a_backend = &$config['installedpackages']['haproxy']['ha_backends']['item']; + +if (!is_array($config['installedpackages']['haproxy']['ha_servers']['item'])) { + $config['installedpackages']['haproxy']['ha_servers']['item'] = array(); +} + +$a_server = &$config['installedpackages']['haproxy']['ha_servers']['item']; + +if (isset($_POST['id'])) + $id = $_POST['id']; +else + $id = $_GET['id']; + +if (isset($id) && $a_server[$id]) { + $pconfig['name'] = $a_server[$id]['name']; + $pconfig['address'] = $a_server[$id]['address']; + $pconfig['port'] = $a_server[$id]['port']; + $pconfig['backend'] = $a_server[$id]['backend']; + $pconfig['weight'] = $a_server[$id]['weight']; + $pconfig['checkinter'] = $a_server[$id]['checkinter']; + $pconfig['cookie'] = $a_server[$id]['cookie']; + $pconfig['status'] = $a_server[$id]['status']; + $pconfig['advanced'] = base64_decode($a_server[$id]['advanced']); +} + +$changedesc = "Services: HAProxy: Servers: "; +$changecount = 0; + +if ($_POST) { + $changecount++; + + unset($input_errors); + $pconfig = $_POST; + + $reqdfields = explode(" ", "name address weight"); + $reqdfieldsn = explode(",", "Name,Address,Weight"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name'])) + $input_errors[] = "The field 'Name' contains invalid characters."; + + if (preg_match("/[^a-zA-Z0-9\.]/", $_POST['address'])) + $input_errors[] = "The field 'Address' contains invalid characters."; + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['cookie'])) + $input_errors[] = "The field 'Cookie' contains invalid characters."; + + if ($_POST['port'] && !is_numeric($_POST['port'])) + $input_errors[] = "The field 'Port' value is not a number."; + else { + if ($_POST['port']) + if (!($_POST['port']>=1 && $_POST['port']<=65535)) + $input_errors[] = "The field 'Port' value must be between 1 and 65535."; + } + + if (!is_numeric($_POST['weight'])) + $input_errors[] = "The field 'Weight' value is not a number."; + else { + if (!($_POST['weight']>=1 && $_POST['weight']<=256)) + $input_errors[] = "The field 'Weight' value must be between 1 and 256."; + } + + /* Ensure that our pool names are unique */ + for ($i=0; isset($config['installedpackages']['haproxy']['ha_servers']['item'][$i]); $i++) + if (($_POST['name'] == $config['installedpackages']['haproxy']['ha_servers']['item'][$i]['name']) && ($i != $id)) + $input_errors[] = "This server name has already been used. Server names must be unique."; + + $backend = ""; + for($x=0; $x<299; $x++) { + $comd = "\$backends = \$_POST['backend" . $x . "'];"; + eval($comd); + if($backends) + $backend .= "$backends "; + } + $backend = trim($backend); + + if (!$input_errors) { + $server = array(); + if(isset($id) && $a_server[$id]) + $server = $a_server[$id]; + + if($server['name'] != "") + $changedesc .= " modified '{$server['name']}' pool:"; + + update_if_changed("name", $server['name'], $_POST['name']); + update_if_changed("port", $server['port'], $_POST['port']); + update_if_changed("backend", $server['backend'], $backend); + update_if_changed("cookie", $server['cookie'], $_POST['cookie']); + update_if_changed("weight", $server['weight'], $_POST['weight']); + update_if_changed("status", $server['status'], $_POST['status']); + update_if_changed("address", $server['address'], $_POST['address']); + update_if_changed("advanced", $server['advanced'], base64_encode($_POST['advanced'])); + update_if_changed("checkinter", $server['checkinter'], $_POST['checkinter']); + + if (isset($id) && $a_server[$id]) { + $a_server[$id] = $server; + } else { + $a_server[] = $server; + } + + if ($changecount > 0) { + touch($d_haproxyconfdirty_path); + write_config($changedesc); + /* + echo "<PRE>"; + print_r($config); + echo "</PRE>"; + */ + } + + header("Location: haproxy_servers.php"); + exit; + } +} + +$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); +if(strstr($pfSversion, "1.2")) + $one_two = true; + +$pgtitle = "HAProxy: Server: Edit"; +include("head.inc"); + +row_helper(); + +?> + +<input type='hidden' name='address_type' value='textbox' /> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<script type="text/javascript" language="javascript" src="pool.js"></script> + +<script language="javascript"> +function clearcombo(){ + for (var i=document.iform.serversSelect.options.length-1; i>=0; i--){ + document.iform.serversSelect.options[i] = null; + } + document.iform.serversSelect.selectedIndex = -1; +} +</script> +<script type="text/javascript"> + rowname[0] = "backend"; + rowtype[0] = "select"; + rowsize[0] = "1"; +</script> +<?php include("fbegin.inc"); ?> +<?php if ($input_errors) print_input_errors($input_errors); ?> +<?php if($one_two): ?> +<p class="pgtitle"><?=$pgtitle?></p> +<?php endif; ?> + <form action="haproxy_servers_edit.php" method="post" name="iform" id="iform"> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td colspan="2" valign="top" class="listtopic">Edit HAProxy server</td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncellreq">Name</td> + <td width="78%" class="vtable" colspan="2"> + <input name="name" type="text" <?if(isset($pconfig['name'])) echo "value=\"{$pconfig['name']}\"";?> size="16" maxlength="16"> + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncellreq">Frontend(s)</td> + <td width="78%" class="vtable"> + <table id="frontendtable"> + <tbody> + <tr> + <td><div id="onecolumn"></div></td> + </tr> + <?php + $counter = 0; + $tracker = 0; + $backend = $pconfig['backend']; + $item = explode(" ", $backend); + foreach($item as $ww) { + $address = $ww; + if($counter > 0) + $tracker = $counter + 1; + ?> + <tr> + <td> + <select name="backend<?php echo $tracker; ?>"> + <?php + $i = 0; + if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) + $config['installedpackages']['haproxy']['ha_backends']['item'] = array(); + $backends = split(" ", $pconfig['backend']); + foreach ($a_backend as $backend) { + ?> + <option value="<?=$backend['name'];?>" <?php if($backend['name'] == $ww) echo "SELECTED";?>> + <?=$backend['name'];?> + </option> + <?php } ?> + </select> + </td> + <td> + <?php + if($counter > 0) + echo "<input type=\"image\" src=\"/themes/".$g['theme']."/images/icons/icon_x.gif\" onclick=\"removeRow(this); return false;\" value=\"Delete\" />"; + ?> + </td> + </tr> + <?php + $counter++; + } // end foreach + ?> + </tbody> + <tfoot> + </tfoot> + </table> + <a onclick="javascript:addRowTo('frontendtable'); return false;" href="#"> + <img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" alt="" title="add another entry" /> + </a> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"> + <div id="addressnetworkport"> + IP Address + </div> + </td> + <td width="78%" class="vtable"> + <input name="address" type="text" id="address" size="30" value="<?=htmlspecialchars($pconfig['address']);?>" /> + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncell">Port</td> + <td width="78%" class="vtable" colspan="2"> + <input name="port" type="text" <?if(isset($pconfig['port'])) echo "value=\"{$pconfig['port']}\"";?> size="5"> + <br/> + NOTE: Leave blank to use Frontend port selection. + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncellreq">Status</td> + <td width="78%" class="vtable" colspan="2"> + <select name="status"> + <option value="active" <?php if($pconfig['status']=='active') echo "SELECTED";?>>active</option> + <option value="backup" <?php if($pconfig['status']=='backup') echo "SELECTED";?>>backup</option> + <option value="disabled" <?php if($pconfig['status']=='disabled') echo "SELECTED";?>>disabled</option> + <option value="inactive" <?php if($pconfig['status']=='inactive') echo "SELECTED";?>>inactive</option> + </select> + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncell">Cookie</td> + <td width="78%" class="vtable" colspan="2"> + <input name="cookie" type="text" <?if(isset($pconfig['cookie'])) echo "value=\"{$pconfig['cookie']}\"";?>size="64"><br/> + This value will be checked in incoming requests, and the first + operational server possessing the same value will be selected. In return, in + cookie insertion or rewrite modes, this value will be assigned to the cookie + sent to the client. There is nothing wrong in having several servers sharing + the same cookie value, and it is in fact somewhat common between normal and + backup servers. See also the "cookie" keyword in backend section. + + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncell">Check inter</td> + <td width="78%" class="vtable" colspan="2"> + <input name="checkinter" type="text" <?if(isset($pconfig['checkinter'])) echo "value=\"{$pconfig['checkinter']}\"";?>size="64"> + <br/>Defaults to 1000 if left blank. + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncell">Weight</td> + <td width="78%" class="vtable" colspan="2"> + <input name="weight" type="text" <?if(isset($pconfig['weight'])) echo "value=\"{$pconfig['weight']}\"";?>size="64"><br/> + The default weight is 1, and the maximal value is 255.<br/> + NOTE: If this + parameter is used to distribute the load according to server's capacity, it + is recommended to start with values which can both grow and shrink, for + instance between 10 and 100 to leave enough room above and below for later + adjustments. + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncell">Advanced pass thru</td> + <td width="78%" class="vtable" colspan="2"> + <textarea name='advanced' rows="4" cols="70" id='advanced'><?php echo $pconfig['advanced']; ?></textarea> + <br/> + NOTE: paste text into this box that you would like to pass thru. + </td> + </tr> + <tr align="left"> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="Save"> + <input type="button" class="formbtn" value="Cancel" onclick="history.back()"> + <?php if (isset($id) && $a_server[$id]): ?> + <input name="id" type="hidden" value="<?=$id;?>"> + <?php endif; ?> + </td> + </tr> + </table> + </form> +<br> +<?php include("fend.inc"); ?> +<script type="text/javascript"> + field_counter_js = 1; + rows = 1; + totalrows = <?php echo $counter; ?>; + loaded = <?php echo $counter; ?>; +</script> +</body> +</html> + +<?php + +function row_helper() { + global $pconfig, $a_backend; + $options = ""; + if($a_backend) { + foreach ($a_backend as $backend) { + $options .= "<option value='{$backend['name']}'"; + if($backend['name'] == $pconfig['backend']) + $options .= "SELECTED"; + $options .= ">"; + $options .= $backend['name']; + $options .= "</option>"; + } + } + + echo <<<EOF +<script type="text/javascript"> +// Global Variables +var rowname = new Array(99); +var rowtype = new Array(99); +var newrow = new Array(99); +var rowsize = new Array(99); + +for (i = 0; i < 99; i++) { + rowname[i] = ''; + rowtype[i] = ''; + newrow[i] = ''; + rowsize[i] = '25'; +} + +var field_counter_js = 0; +var loaded = 0; +var is_streaming_progress_bar = 0; +var temp_streaming_text = ""; + +var addRowTo = (function() { + return (function (tableId) { + var d, tbody, tr, td, bgc, i, ii, j; + d = document; + tbody = d.getElementById(tableId).getElementsByTagName("tbody").item(0); + tr = d.createElement("tr"); + totalrows++; + for (i = 0; i < field_counter_js; i++) { + td = d.createElement("td"); + if(rowtype[i] == 'textbox') { + td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input size='" + rowsize[i] + "' name='" + rowname[i] + totalrows + "'></input> "; + } else if(rowtype[i] == 'select') { + td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><select size='" + rowsize[i] + "' name='" + rowname[i] + totalrows + "'>$options</select> "; + } else { + td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input type='checkbox' name='" + rowname[i] + totalrows + "'></input> "; + } + tr.appendChild(td); + } + td = d.createElement("td"); + td.rowSpan = "1"; + + td.innerHTML = '<input type="image" src="/themes/' + theme + '/images/icons/icon_x.gif" onclick="removeRow(this); return false;" value="Delete">'; + tr.appendChild(td); + tbody.appendChild(tr); + }); +})(); + +function removeRow(el) { + var cel; + while (el && el.nodeName.toLowerCase() != "tr") + el = el.parentNode; + + if (el && el.parentNode) { + cel = el.getElementsByTagName("td").item(0); + el.parentNode.removeChild(el); + } +} + +function find_unique_field_name(field_name) { + // loop through field_name and strip off -NUMBER + var last_found_dash = 0; + for (var i = 0; i < field_name.length; i++) { + // is this a dash, if so, update + // last_found_dash + if (field_name.substr(i,1) == "-" ) + last_found_dash = i; + } + if (last_found_dash < 1) + return field_name; + return(field_name.substr(0,last_found_dash)); +} +</script> + +EOF; + +} + +?>
\ No newline at end of file diff --git a/config/haproxy/haproxy.inc b/config/haproxy/haproxy.inc index 96b57190..4ed5f393 100644 --- a/config/haproxy/haproxy.inc +++ b/config/haproxy/haproxy.inc @@ -758,7 +758,7 @@ function haproxy_do_xmlrpc_sync($sync_to_ip, $password) { $cli->setCredentials('admin', $password); $resp = $cli->send($msg, "250"); if(!$resp) { - $error = "A communications error occurred while attempting HAProxy XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; + $error = "A communications error occurred while attempting HAProxy XMLRPC sync with {$url}:{$port} (exec_php)."; log_error($error); file_notice("sync_settings", $error, "HAProxy Settings Reload", ""); } elseif($resp->faultCode()) { @@ -768,7 +768,7 @@ function haproxy_do_xmlrpc_sync($sync_to_ip, $password) { log_error($error); file_notice("sync_settings", $error, "HAProxy Settings Sync", ""); } else { - log_error("HAProxy XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); + log_error("HAProxy XMLRPC reload data success with {$url}:{$port} (exec_php)."); } } diff --git a/config/havp/havp.inc b/config/havp/havp.inc index ffca491e..b68aab7a 100644 --- a/config/havp/havp.inc +++ b/config/havp/havp.inc @@ -160,6 +160,7 @@ define('F_SCANIMG', 'scanimg'); define('F_SCANARC', 'scanarc'); define('F_SCANSTREAM', 'scanstream'); define('F_SCANARCMAXSIZE', 'scanarcmaxsize'); +define('F_SCANBROKENEXE', 'scanbrokenexe'); # antivirus options define('F_HAVPUPDATE', 'havpavupdate'); define('F_DBREGION', 'dbregion'); @@ -539,6 +540,7 @@ function havp_convert_pfxml_xml() $havp_config[F_SCANIMG] = ( $pfconf[F_SCANIMG] === 'on' ? 'true' : 'false' ); $havp_config[F_SCANARC] = ( $pfconf[F_SCANARC] === 'on' ? 'true' : 'false' ); $havp_config[F_SCANSTREAM] = ( $pfconf[F_SCANSTREAM] === 'on' ? 'true' : 'false' ); + $havp_config[F_SCANBROKENEXE] = ( $pfconf[F_SCANBROKENEXE] === 'on' ? 'true' : 'false' ); $havp_config[F_SCANARCMAXSIZE] = ( is_numeric($pfconf[F_SCANARCMAXSIZE]) ? $pfconf[F_SCANARCMAXSIZE] : HVDEF_MAXARCSCANSIZE ); # log $havp_config[F_SYSLOG] = ( $pfconf[F_SYSLOG] === 'on' ? 'true' : 'false' ); @@ -751,9 +753,13 @@ function havp_config_clam() $conf[] = "DetectPUA no"; # possible unwanted applications $conf[] = "AlgorithmicDetection yes"; $conf[] = "# executable"; + if ($havp_config[F_SCANBROKENEXE] === 'true') + {$conf[] = "DetectBrokenExecutables yes";} + else + {$conf[] = "DetectBrokenExecutables no";} + # $conf[] = "ScanPE yes"; $conf[] = "ScanELF yes"; - $conf[] = "DetectBrokenExecutables yes"; $conf[] = "# documents"; $conf[] = "ScanOLE2 yes"; $conf[] = "ScanPDF yes"; diff --git a/config/havp/havp.xml b/config/havp/havp.xml index c7841956..df03fca9 100644 --- a/config/havp/havp.xml +++ b/config/havp/havp.xml @@ -170,7 +170,7 @@ <fieldname>whitelist</fieldname> <description> Enter each destination url on a new line that will be accessable to the users without scanning. - Use '*' symbol for mask. Example: *.pfsense.com/*, *sourceforge.net/*clamav-*, */*.xml, */*.inc + Use '*' symbol for mask. Example: *.github.com/*, *sourceforge.net/*clamav-*, */*.xml, */*.inc </description> <type>textarea</type> <cols>60</cols> @@ -267,6 +267,13 @@ <type>checkbox</type> </field> <field> + <fielddescr>Scan Broken Executables</fielddescr> + <fieldname>scanbrokenexe</fieldname> + <description>Check this to enable the Heuristic Broken Executable scan.</description> + <type>checkbox</type> + <default_value>on</default_value> + </field> + <field> <fielddescr>Log</fielddescr> <fieldname>log</fieldname> <description>Check this for enable log.</description> diff --git a/config/imspector-dev/imspector.inc b/config/imspector-dev/imspector.inc new file mode 100644 index 00000000..7ac603ba --- /dev/null +++ b/config/imspector-dev/imspector.inc @@ -0,0 +1,536 @@ +<?php +/* + imspector.inc + part of pfSense (http://www.pfsense.com/) + Copyright (C) 2012 Marcello Coutinho. + Copyright (C) 2011 Scott Ullrich <sullrich@gmail.com>. + Copyright (C) 2011 Bill Marquette <billm@gmail.com>. + Copyright (C) 2007 Ryan Wagoner <rswagoner@gmail.com>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ + + require_once("config.inc"); + require_once("functions.inc"); + require_once("service-utils.inc"); + + /* IMSpector */ + + define('IMSPECTOR_RCFILE', '/usr/local/etc/rc.d/imspector.sh'); + define('IMSPECTOR_ETC', '/usr/local/etc/imspector'); + define('IMSPECTOR_CONFIG', IMSPECTOR_ETC . '/imspector.conf'); + + function imspector_warn ($msg) { syslog(LOG_WARNING, "imspector: {$msg}"); } + + function ims_text_area_decode($text){ + return preg_replace('/\r\n/', "\n",base64_decode($text)); + } + + function imspector_action ($action) { + if (file_exists(IMSPECTOR_RCFILE)) + mwexec(IMSPECTOR_RCFILE.' '.$action); + } + + function write_imspector_config($file, $text) { + $conf = fopen($file, 'w'); + if(!$conf) { + imspector_warn("Could not open {$file} for writing."); + exit; + } + fwrite($conf, $text); + fclose($conf); + } + + function imspector_pf_rdr($iface, $port) { + return "rdr pass on {$iface} inet proto tcp from any to any port = {$port} -> 127.0.0.1 port 16667\n"; + } + + function imspector_pf_rule($iface, $port) { + return "pass in quick on {$iface} inet proto tcp from any to any port {$port} keep state\n"; + } + + function imspector_proto_to_port ($proto) + { + switch ($proto) { + case 'gadu-gadu': + return 8074; + case 'jabber': + return 5222; + case 'jabber-ssl': + return 5223; + case 'msn': + return 1863; + case 'icq': + return 5190; + case 'yahoo': + return 5050; + case 'irc': + return 6667; + default: + return null; + } + } + + function validate_form_imspector($post, $input_errors) { + if($post['iface_array']) + foreach($post['iface_array'] as $iface) + if($iface == 'wanx') + $input_errors[] = 'It is a security risk to specify WAN in the \'Interface\' field'; + } + + function deinstall_package_imspector() { + imspector_action('stop'); + + @unlink(IMSPECTOR_RCFILE); + @unlink(IMSPECTOR_CONFIG); + @unlink(IMSPECTOR_ETC . '/badwords_custom.txt'); + @unlink(IMSPECTOR_ETC . '/acl_blacklist.txt'); + @unlink(IMSPECTOR_ETC . '/acl_whitelist.txt'); + + //exec('pkg_delete imspector-0.4'); + } + + function imspector_generate_rules($type) { + + $rules = ""; + switch ($type) { + case 'rdr': + case 'nat': + $rules = "# IMSpector rdr anchor\n"; + $rules .= "rdr-anchor \"imspector\"\n"; + break; + case 'rule': + $rules = "# IMSpector \n"; + $rules .= "anchor \"imspector\"\n"; + break; + } + + return $rules; + } + + function sync_package_imspector() { + global $config; + global $input_errors; + + /*detect boot process*/ + if (is_array($_POST)){ + if (preg_match("/\w+/",$_POST['__csrf_magic'])) + unset($boot_process); + else + $boot_process="on"; + } + + if (is_process_running('imspector') && isset($boot_process)) + return; + + /* check default options and sample files*/ + $load_samples=0; + + #bannedphraselist + if (!is_array($config['installedpackages']['imspectoracls'])){ + $config['installedpackages']['imspectoracls']['config'][]=array('enable'=> 'on', + 'action' => 'allow', + 'localid' => 'all', + 'remoteid' => base64_encode('all')); + $load_samples++; + } + $ims_acls = $config['installedpackages']['imspectoracls']['config']; + + if (is_array($config['installedpackages']['imspectorreplacements'])){ + if ($config['installedpackages']['imspectorreplacements']['config'][0]['badwords_list'] == "" && file_exists(IMSPECTOR_ETC . '/badwords.txt')){ + $config['installedpackages']['imspectorreplacements']['config'][0]['badwords_list'] = base64_encode(file_get_contents(IMSPECTOR_ETC . '/badwords.txt')); + $load_samples++; + } + $ims_replacements = $config['installedpackages']['imspectorreplacements']['config'][0]; + } + + if (is_array($config['installedpackages']['imspector'])) + $ims_config = $config['installedpackages']['imspector']['config'][0]; + + if($load_samples > 0) + write_config(); + + /*continue sync process*/ + log_error("Imspector: Saving changes."); + config_lock(); + + /* remove existing rules */ + exec('/sbin/pfctl -a imspector -Fr > /dev/null'); + exec('/sbin/pfctl -a imspector -Fn > /dev/null'); + + $ifaces_active = ''; + + if($ims_config['enable'] && $ims_config['proto_array']) + $proto_array = explode(',', $ims_config['proto_array']); + + if($ims_config['enable'] && $ims_config['iface_array']) + $iface_array = explode(',', $ims_config['iface_array']); + + if($iface_array && $proto_array) { + foreach($iface_array as $iface) { + $if = convert_friendly_interface_to_real_interface_name($iface); + /* above function returns iface if fail */ + if($if!=$iface) { + $addr = find_interface_ip($if); + /* non enabled interfaces are displayed in list on imspector settings page */ + /* check that the interface has an ip address before adding parameters */ + if($addr) { + foreach($proto_array as $proto) { + if(imspector_proto_to_port($proto)) { + /* we can use rdr pass to auto create the filter rule */ + $pf_rules .= imspector_pf_rdr($if,imspector_proto_to_port($proto)); + } + } + if(!$ifaces_active) + $ifaces_active = "{$iface}"; + else + $ifaces_active .= ", {$iface}"; + } else { + imspector_warn("Interface {$iface} has no ip address, ignoring"); + } + } else { + imspector_warn("Could not resolve real interface for {$iface}"); + } + } + + + /*reload rules*/ + if($pf_rules) { + log_error("Imspector: Reloading rules."); + exec("echo \"{$pf_rules}\" | /sbin/pfctl -a imspector -f -"); + + conf_mount_rw(); + + /* generate configuration files */ + + $conf['plugin_dir'] = '/usr/local/lib/imspector'; + + foreach($proto_array as $proto) + $conf[$proto . '_protocol'] = 'on'; + + if($ims_config['log_file']) { + @mkdir('/var/imspector'); + $conf['file_logging_dir'] = '/var/imspector'; + } + + if($ims_config['log_mysql']) { + $conf['mysql_server'] = $ims_config['mysql_server']; + $conf['mysql_database'] = $ims_config['mysql_database']; + $conf['mysql_username'] = $ims_config['mysql_username']; + $conf['mysql_password'] = $ims_config['mysql_password']; + } + + if($ims_replacements['filter_badwords']) { + write_imspector_config(IMSPECTOR_ETC . '/badwords_custom.txt', ims_text_area_decode($ims_replacements["badwords_list"])); + $conf['badwords_filename'] = IMSPECTOR_ETC . '/badwords_custom.txt'; + } + + if($ims_replacements['block_files']) + $conf['block_files'] = 'on'; + + if($ims_replacements['block_webcams']) + $conf['block_webcams'] = 'on'; + + if($ims_replacements['block_unlisted']) + $conf['block_unlisted'] = 'on'; + + $acls=""; + $conf['acl_filename'] = IMSPECTOR_ETC . '/acls.txt'; + foreach ($ims_acls as $rule){ + if ($rule['enable']){ + $acls.= "{$rule['action']} {$rule['localid']} ".preg_replace("/\s+/"," ",base64_decode($rule['remoteid']))."\n"; + } + } + write_imspector_config(IMSPECTOR_ETC . '/acls.txt', $acls); + + // Handle Jabber SSL options + if(isset($ims_config["ssl_ca_cert"]) && $ims_config["ssl_ca_cert"] != "none" && + isset($ims_config["ssl_server_cert"]) && $ims_config["ssl_server_cert"] != "none") { + $conf['ssl'] = "on"; + if(!is_dir(IMSPECTOR_ETC . "/ssl")) + mkdir(IMSPECTOR_ETC . "/ssl"); + + $ca_cert = lookup_ca($ims_config["ssl_ca_cert"]); + if ($ca_cert != false) { + if(base64_decode($ca_cert['prv'])) { + file_put_contents(IMSPECTOR_ETC . "/ssl/ssl_ca_key.pem", base64_decode($ca_cert['prv'])); + $conf['ssl_ca_key'] = IMSPECTOR_ETC . '/ssl/ssl_ca_key.pem'; + } + if(base64_decode($ca_cert['crt'])) { + file_put_contents(IMSPECTOR_ETC . "/ssl/ssl_ca_cert.pem", base64_decode($ca_cert['crt'])); + $conf['ssl_ca_cert'] = IMSPECTOR_ETC . "/ssl/ssl_ca_cert.pem"; + } + $svr_cert = lookup_cert($ims_config["ssl_server_cert"]); + if ($svr_cert != false) { + if(base64_decode($svr_cert['prv'])) { + file_put_contents(IMSPECTOR_ETC . "/ssl/ssl_server_key.pem", base64_decode($svr_cert['prv'])); + $conf['ssl_key'] = IMSPECTOR_ETC . '/ssl/ssl_server_key.pem'; + } + + } + $conf['ssl_cert_dir'] = IMSPECTOR_ETC . '/ssl'; + } + } else { + // SSL Not enabled. Make sure Jabber-SSL is not processed. + unset($conf['jabber-ssl']); + unset($conf['ssl']); + } + + if (isset($ims_replacements['responder']) && $ims_replacements['responder'] == 'on') { + $conf['responder_filename'] = IMSPECTOR_ETC . "/responder.db"; + if (isset($ims_replacements['prefix_message']) && $ims_replacements['prefix_message'] != '' ) { + $conf['response_prefix'] = " .={$ims_replacements['prefix_message']}=."; + } + else{ + $conf['response_prefix'] = " .=Your activities are being logged=."; + } + if (isset($ims_replacements['notice_days']) && is_numeric($ims_replacements['notice_days'])) { + if ($ims_replacements['notice_days'] != 0) { + $conf['notice_days'] = $ims_replacements['notice_days']; + } + } else { + $conf['notice_days'] = 1; + } + + /*Custom recorded message response*/ + if(isset($ims_replacements['recorded_message']) && $ims_replacements['recorded_message'] != '' ){ + $conf['notice_response'] = ims_text_area_decode($ims_replacements['recorded_message']); + } + else{ + $conf['notice_response'] = "Your activities are being logged"; + } + + /*Filtered Frequency*/ + if (isset($ims_replacements['filtered_minutes']) && is_numeric($ims_replacements['filtered_minutes'])) { + if ($ims_replacements['filtered_minutes'] != 0) { + $conf['filtered_mins'] = $ims_replacements['filtered_minutes']; + } + } else { + $conf['filtered_mins'] = 15; + } + + /*Custom filtered message response*/ + if(isset($ims_replacements['filtered_message']) && $ims_replacements['filtered_message'] != '' ){ + $conf['filtered_response'] = ims_text_area_decode($ims_replacements['filtered_message']); + } + else{ + $conf['filtered_response'] = "Your message has been filtered"; + } + } + + $conftext = ''; + foreach($conf as $var => $key) + $conftext .= "{$var}={$key}\n"; + write_imspector_config(IMSPECTOR_CONFIG, $conftext); + + /* generate rc file start and stop */ + $stop = <<<EOD +/bin/pkill -x imspector +/bin/sleep 1 +EOD; + $start = $stop."\n\tldconfig -m /usr/local/lib/mysql\n"; + $start .= "\t/usr/local/sbin/imspector -c \"".IMSPECTOR_CONFIG."\""; + + write_rcfile(array( + 'file' => 'imspector.sh', + 'start' => $start, + 'stop' => $stop + ) + ); + + conf_mount_ro(); + } + } + + if(!$iface_array || !$proto_array || !$pf_rules) { + /* no parameters user does not want imspector running */ + /* lets stop the service and remove the rc file */ + + if(file_exists(IMSPECTOR_RCFILE)) { + if(!$ims_config['enable']) + log_error('Impsector: Stopping service: imspector disabled'); + else + log_error('Impsector: Stopping service: no interfaces and/or protocols selected'); + + imspector_action('stop'); + + conf_mount_rw(); + unlink(IMSPECTOR_RCFILE); + unlink(IMSPECTOR_CONFIG); + @unlink(IMSPECTOR_ETC . '/badwords_custom.txt'); + @unlink(IMSPECTOR_ETC . '/acl_blacklist.txt'); + @unlink(IMSPECTOR_ETC . '/acl_whitelist.txt'); + conf_mount_ro(); + } + } + else{ + /* if imspector not running start it */ + if(!is_process_running('imspector')) { + log_error("Impsector: Starting service on interface: {$ifaces_active}"); + imspector_action('start'); + } + /* or restart imspector if settings were changed */ + else{ + log_error("Impsector: Restarting service on interface: {$ifaces_active}"); + imspector_action('restart'); + } + } + config_unlock(); + + /*check xmlrpc sync*/ + imspector_sync_on_changes(); + } + + function imspector_get_ca_certs() { + global $config; + + $ca_arr = array(); + $ca_arr[] = array('refid' => 'none', 'descr' => 'none'); + foreach ($config['ca'] as $ca) { + $ca_arr[] = array('refid' => $ca['refid'], 'descr' => $ca['descr']); + } + return $ca_arr; + } + + function imspector_get_server_certs() { + global $config; + $cert_arr = array(); + $cert_arr[] = array('refid' => 'none', 'descr' => 'none'); + + foreach ($config['cert'] as $cert) { + $cert_arr[] = array('refid' => $cert['refid'], 'descr' => $cert['descr']); + } + return $cert_arr; + } + +/* Uses XMLRPC to synchronize the changes to a remote node */ +function imspector_sync_on_changes() { + global $config, $g; + + $synconchanges = $config['installedpackages']['imspectorsync']['config'][0]['synconchanges']; + if(!$synconchanges) + return; + log_error("Imspector: xmlrpc sync is starting."); + foreach ($config['installedpackages']['imspectorsync']['config'] as $rs ){ + foreach($rs['row'] as $sh){ + $sync_to_ip = $sh['ipaddress']; + $password = $sh['password']; + if($password && $sync_to_ip) + imspector_do_xmlrpc_sync($sync_to_ip, $password); + } + } + log_error("Imspector: xmlrpc sync is ending."); +} +/* Do the actual XMLRPC sync */ +function imspector_do_xmlrpc_sync($sync_to_ip, $password) { + global $config, $g; + + if(!$password) + return; + + if(!$sync_to_ip) + return; + $username="admin"; + + $xmlrpc_sync_neighbor = $sync_to_ip; + if($config['system']['webgui']['protocol'] != "") { + $synchronizetoip = $config['system']['webgui']['protocol']; + $synchronizetoip .= "://"; + } + $port = $config['system']['webgui']['port']; + /* if port is empty lets rely on the protocol selection */ + if($port == "") { + if($config['system']['webgui']['protocol'] == "http") + $port = "80"; + else + $port = "443"; + } + $synchronizetoip .= $sync_to_ip; + + /* xml will hold the sections to sync */ + $xml = array(); + $xml['imspector'] = $config['installedpackages']['imspector']; + $xml['imspectorreplacements'] = $config['installedpackages']['imspectorreplacements']; + $xml['imspectoracls'] = $config['installedpackages']['imspectoracls']; + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($xml) + ); + + /* set a few variables needed for sync code borrowed from filter.inc */ + $url = $synchronizetoip; + log_error("Imspector: Beginning XMLRPC sync to {$url}:{$port}."); + $method = 'pfsense.merge_installedpackages_section_xmlrpc'; + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials($username, $password); + if($g['debug']) + $cli->setDebug(1); + /* send our XMLRPC message and timeout after 250 seconds */ + $resp = $cli->send($msg, "250"); + if(!$resp) { + $error = "A communications error occurred while attempting imspector XMLRPC sync with {$url}:{$port}."; + log_error($error); + file_notice("sync_settings", $error, "imspector Settings Sync", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, "250"); + $error = "An error code was received while attempting imspector XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "imspector Settings Sync", ""); + } else { + log_error("imspector XMLRPC sync successfully completed with {$url}:{$port}."); + } + + /* tell imspector to reload our settings on the destionation sync host. */ + $method = 'pfsense.exec_php'; + $execcmd = "require_once('/usr/local/pkg/imspector.inc');\n"; + $execcmd .= "sync_package_imspector();"; + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($execcmd) + ); + + log_error("imspector XMLRPC reload data {$url}:{$port}."); + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials($username, $password); + $resp = $cli->send($msg, "250"); + if(!$resp) { + $error = "A communications error occurred while attempting imspector XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; + log_error($error); + file_notice("sync_settings", $error, "imspector Settings Sync", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, "250"); + $error = "An error code was received while attempting imspector XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "imspector Settings Sync", ""); + } else { + log_error("imspector XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); + } + +} +?> diff --git a/config/imspector-dev/imspector.xml b/config/imspector-dev/imspector.xml new file mode 100644 index 00000000..4d12a3d2 --- /dev/null +++ b/config/imspector-dev/imspector.xml @@ -0,0 +1,219 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* ========================================================================== */ +/* + imspector.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2011 Scott Ullrich <sullrich@gmail.com> + Copyright (C) 2011 Bill Marquette <billm@gmail.com> + Copyright (C) 2007 Ryan Wagoner <rswagoner@gmail.com> + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>imspector</name> + <version>20111108</version> + <title>Services: IMSpector</title> + <savetext>Save</savetext> + <include_file>/usr/local/pkg/imspector.inc</include_file> + <menu> + <name>IMSpector</name> + <tooltiptext>Set IMSpector settings such as protocols to listen on.</tooltiptext> + <section>Services</section> + <url>/services_imspector_logs.php</url> + </menu> + <service> + <name>imspector</name> + <rcfile>imspector.sh</rcfile> + <executable>imspector</executable> + <description><![CDATA[Instant Messenger transparent proxy]]></description> + </service> + <tabs> + <tab> + <text>Settings</text> + <url>/pkg_edit.php?xml=imspector.xml&id=0</url> + <active/> + </tab> + <tab> + <text>Replacements</text> + <url>/pkg_edit.php?xml=imspector_replacements.xml&id=0</url> + </tab> + <tab> + <text>Access Lists</text> + <url>/pkg.php?xml=imspector_acls.xml</url> + </tab> + <tab> + <text>Log</text> + <url>/services_imspector_logs.php</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=imspector_sync.xml</url> + </tab> + </tabs> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/imspector-dev/imspector_sync.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/imspector-dev/imspector_replacements.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/imspector-dev/imspector_acls.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/imspector-dev/imspector.inc</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/imspector-dev/services_imspector_logs.php</item> + </additional_files_needed> + <fields> + <field> + <name>General Settings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Enable IMSpector</fielddescr> + <fieldname>enable</fieldname> + <type>checkbox</type> + </field> + <field> + <fielddescr>Interfaces</fielddescr> + <fieldname>iface_array</fieldname> + <description><![CDATA[<strong>Generally select internal interface(s) like LAN</strong><br> + You can use the CTRL or COMMAND key to select multiple interfaces.]]></description> + <type>interfaces_selection</type> + <size>3</size> + <required/> + <value>lan</value> + <multiple>true</multiple> + </field> + <field> + <fielddescr>Listen on protocols</fielddescr> + <fieldname>proto_array</fieldname> + <description><![CDATA[<strong>NOTE: Gtalk/Jabber-SSL requires SSL certificates.</strong><br> + You can use the CTRL or COMMAND key to select multiple protocols.]]></description> + <type>select</type> + <size>7</size> + <required/> + <multiple>true</multiple> + <options> + <option><name>MSN</name><value>msn</value></option> + <option><name>ICQ/AIM</name><value>icq</value></option> + <option><name>Yahoo</name><value>yahoo</value></option> + <option><name>IRC</name><value>irc</value></option> + <option><name>Jabber</name><value>jabber</value></option> + <option><name>Gtalk/Jabber-SSL</name><value>jabber-ssl</value></option> + <option><name>Gadu-Gadu</name><value>gadu-gadu</value></option> + </options> + </field> + <field> + <fielddescr>SSL CA Certificate</fielddescr> + <fieldname>ssl_ca_cert</fieldname> + <description> + Choose the SSL CA Certficate here. + </description> + <type>select_source</type> + <source><![CDATA[imspector_get_ca_certs()]]></source> + <source_name>descr</source_name> + <source_value>refid</source_value> + </field> + <field> + <fielddescr>SSL Certificate</fielddescr> + <fieldname>ssl_server_cert</fieldname> + <description> + Choose the SSL Server Certificate here. + </description> + <type>select_source</type> + <source><![CDATA[imspector_get_server_certs()]]></source> + <source_name>descr</source_name> + <source_value>refid</source_value> + </field> + <field> + <name>Logging</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Enable file logging</fielddescr> + <fieldname>log_file</fieldname> + <description>Log files stored in /var/imspector.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Enable mySQL logging</fielddescr> + <fieldname>log_mysql</fieldname> + <description>Make sure to specify your MySQL credentials below.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>mySQL server</fielddescr> + <fieldname>mysql_server</fieldname> + <type>input</type> + </field> + <field> + <fielddescr>mySQL database</fielddescr> + <fieldname>mysql_database</fieldname> + <type>input</type> + </field> + <field> + <fielddescr>mySQL username</fielddescr> + <fieldname>mysql_username</fieldname> + <type>input</type> + </field> + <field> + <fielddescr>mySQL password</fielddescr> + <fieldname>mysql_password</fieldname> + <type>password</type> + </field> + </fields> + <custom_php_validation_command> + validate_form_imspector($_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> + sync_package_imspector(); + </custom_php_resync_config_command> + <custom_php_deinstall_command> + deinstall_package_imspector(); + </custom_php_deinstall_command> + <filter_rules_needed>imspector_generate_rules</filter_rules_needed> +</packagegui>
\ No newline at end of file diff --git a/config/imspector-dev/imspector_acls.xml b/config/imspector-dev/imspector_acls.xml new file mode 100644 index 00000000..02d57052 --- /dev/null +++ b/config/imspector-dev/imspector_acls.xml @@ -0,0 +1,161 @@ +<?xml version="1.0" encoding="utf-8" ?> +<packagegui> +<copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + imspector_acls.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 Marcello Coutinho + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + + <name>imspectoracls</name> + <version>20111108</version> + <title>Imspector acls</title> + <description>Imspectors Access Lists</description> + <savetext>Save</savetext> + <include_file>/usr/local/pkg/imspector.inc</include_file> + + <menu> + <name>SSH Conditions</name> + <tooltiptext>Configure SSH conditional exceptions</tooltiptext> + <section>Services</section> + <url>/pkg.php?xml=sshdcond.xml</url> + </menu> + <configpath>installedpackages->package->sshdcond</configpath> + + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>755</chmod> + <item>http://www.pfsense.com/packages/config/sshdcond/sshdcond.inc</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>755</chmod> + <item>http://www.pfsense.com/packages/config/sshdcond/sshdcond_sync.xml</item> + </additional_files_needed> + <tabs> + <tab> + <text>Settings</text> + <url>/pkg_edit.php?xml=imspector.xml&id=0</url> + </tab> + <tab> + <text>Replacements</text> + <url>/pkg_edit.php?xml=imspector_replacements.xml&id=0</url> + </tab> + <tab> + <text>Access Lists</text> + <url>/pkg.php?xml=imspector_acls.xml</url> + <active/> + </tab> + <tab> + <text>Log</text> + <url>/services_imspector_logs.php</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=imspector_sync.xml&id=0</url> + </tab> + </tabs> + <adddeleteeditpagefields> + <columnitem> + <fielddescr>Status</fielddescr> + <fieldname>enable</fieldname> + </columnitem> + <columnitem> + <fielddescr>action</fielddescr> + <fieldname>action</fieldname> + </columnitem> + <columnitem> + <fielddescr>local ID</fielddescr> + <fieldname>localid</fieldname> + </columnitem> + </adddeleteeditpagefields> + <fields> + <field> + <type>listtopic</type> + <name>Imspector Access Lists</name> + <fieldname>temp</fieldname> + </field> + <field> + <fielddescr>Enable</fielddescr> + <fieldname>enable</fieldname> + <type>checkbox</type> + <description><![CDATA[Enable this access list.<br> + Rules are processed in order, from top to bottom.]]></description> + </field> + <field> + <fielddescr>Action</fielddescr> + <fieldname>action</fieldname> + <description>Select action to take on this rule</description> + <type>select</type> + <options> + <option><name>allow</name><value>allow</value></option> + <option><name>deny</name><value>deny</value></option> + </options> + <required/> + </field> + <field> + <fielddescr>Local ID</fielddescr> + <fieldname>localid</fieldname> + <description><![CDATA[Specify local id for this rule<br> + Local IDs can either be complete, such as <strong>user@company.com</strong>, partial like <strong>company.com</strong> or <strong>all</strong> to match any id.]]></description> + <type>input</type> + <size>50</size> + <required/> + </field> + <field> + <fielddescr>Remote ID</fielddescr> + <fieldname>remoteid</fieldname> + <description><![CDATA[Specify the list of remote ids(one per line) that localid can chat with.<br> + Remote IDs can be complete ids like <strong>user@company.com</strong>, partial <strong>company.com</strong>, <strong>all</strong> to match any id or <strong>groupchat</strong>.]]></description> + <type>textarea</type> + <rows>10</rows> + <cols>60</cols> + <encoding>base64</encoding> + </field> + </fields> + + <custom_php_validation_command> + validate_form_imspector($_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> + sync_package_imspector(); + </custom_php_resync_config_command> + <custom_php_deinstall_command> + deinstall_package_imspector(); + </custom_php_deinstall_command> + <filter_rules_needed>imspector_generate_rules</filter_rules_needed> +</packagegui>
\ No newline at end of file diff --git a/config/imspector-dev/imspector_replacements.xml b/config/imspector-dev/imspector_replacements.xml new file mode 100644 index 00000000..e0ff4a06 --- /dev/null +++ b/config/imspector-dev/imspector_replacements.xml @@ -0,0 +1,194 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* ========================================================================== */ +/* + imspector.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2011 Scott Ullrich <sullrich@gmail.com> + Copyright (C) 2011 Bill Marquette <billm@gmail.com> + Copyright (C) 2007 Ryan Wagoner <rswagoner@gmail.com> + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>imspectorreplacements</name> + <version>20111108</version> + <title>Services: IMSpector</title> + <savetext>Save</savetext> + <include_file>/usr/local/pkg/imspector.inc</include_file> + <menu> + <name>IMSpector</name> + <tooltiptext>Set IMSpector settings such as protocols to listen on.</tooltiptext> + <section>Services</section> + <url>/services_imspector_logs.php</url> + </menu> + <service> + <name>imspector</name> + <rcfile>imspector.sh</rcfile> + <executable>imspector</executable> + </service> + <tabs> + <tab> + <text>Settings</text> + <url>/pkg_edit.php?xml=imspector.xml&id=0</url> + </tab> + <tab> + <text>Replacements</text> + <url>/pkg_edit.php?xml=imspector_replacements.xml&id=0</url> + <active/> + </tab> + <tab> + <text>Access Lists</text> + <url>/pkg.php?xml=imspector_acls.xml</url> + </tab> + <tab> + <text>Log</text> + <url>/services_imspector_logs.php</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=imspector_sync.xml&id=0</url> + </tab> + </tabs> + <fields> + <field> + <name>Response messages</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Enable response messages</fielddescr> + <fieldname>responder</fieldname> + <description> + Inform the users (both local and remote) that the conversation they are having is being recorded. This might be needed for legal reasons. + Inform the sender that a file (or message) was blocked. This is useful because the sender will know a block occured, instead of the transfer simply failing.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Notification frequency</fielddescr> + <fieldname>notice_days</fieldname> + <type>input</type> + <size>10</size> + <description>Frequency in number of days for notifying users they are being logged. Default 1 day if responses are enabled, set to 0 to disable</description> + </field> + <field> + <fielddescr>Filtered frequency</fielddescr> + <fieldname>filtered_minutes</fieldname> + <type>input</type> + <size>10</size> + <description>The time between sending "filtered" in minutes. Default 15 minutes if responses are enabled, set to 0 to disable</description> + </field> + <field> + <fielddescr>Custom message prefix</fielddescr> + <fieldname>prefix_message</fieldname> + <description> + Message to prepend to all IMSpector generated messages. The default is "Message from IMSpector" + </description> + <type>input</type> + <size>60</size> + </field> + <field> + <fielddescr>Custom recorded message response</fielddescr> + <fieldname>recorded_message</fieldname> + <description> + Message to send to users to let them know they are being recorded. The default is "Your activities are being logged" + </description> + <type>textarea</type> + <encoding>base64</encoding> + <rows>5</rows> + <cols>60</cols> + </field> + <field> + <fielddescr>Custom filtered message response</fielddescr> + <fieldname>filtered_message</fieldname> + <description> + Message to send to users to let them know about filtered messages. + </description> + <type>textarea</type> + <encoding>base64</encoding> + <rows>5</rows> + <cols>60</cols> + </field> + <field> + <name>Restrictions</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Block file transfers</fielddescr> + <fieldname>block_files</fieldname> + <description>Block file transfers on supported protocols.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Block web cameras</fielddescr> + <fieldname>block_webcams</fieldname> + <description>This option will block all webcam sessions. Currently IMSpector can only spot webcam sessions on Yahoo.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Block non ACL defined</fielddescr> + <fieldname>block_unlisted</fieldname> + <description>Overide the default of allowing user's not defined the whitelist or blacklist ACLs.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Enable bad word filtering</fielddescr> + <fieldname>filter_badwords</fieldname> + <description>Replace characters of matched bad word with *.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Bad words list</fielddescr> + <fieldname>badwords_list</fieldname> + <description> + Place one word or phrase to match per line.<br /> + Leave blank to load default list. + </description> + <type>textarea</type> + <encoding>base64</encoding> + <rows>10</rows> + <cols>60</cols> + </field> + </fields> + <custom_php_validation_command> + validate_form_imspector($_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> + sync_package_imspector(); + </custom_php_resync_config_command> + <custom_php_deinstall_command> + deinstall_package_imspector(); + </custom_php_deinstall_command> + <filter_rules_needed>imspector_generate_rules</filter_rules_needed> + +</packagegui>
\ No newline at end of file diff --git a/config/imspector-dev/imspector_sync.xml b/config/imspector-dev/imspector_sync.xml new file mode 100644 index 00000000..8959af02 --- /dev/null +++ b/config/imspector-dev/imspector_sync.xml @@ -0,0 +1,109 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + imspector_sync.xml + part of the imspector package for pfSense + Copyright (C) 2012 Marcello Coutinho + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>imspectorsync</name> + <version>1.0</version> + <title>Services: IMSpector</title> + <include_file>/usr/local/pkg/imspector.inc</include_file> +<tabs> + <tab> + <text>Settings</text> + <url>/pkg_edit.php?xml=imspector.xml&id=0</url> + </tab> + <tab> + <text>Replacements</text> + <url>/pkg_edit.php?xml=imspector_replacements.xml&id=0</url> + </tab> + <tab> + <text>Access Lists</text> + <url>/pkg.php?xml=imspector_acls.xml</url> + </tab> + <tab> + <text>Log</text> + <url>/services_imspector_logs.php</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=imspector_sync.xml&id=0</url> + <active/> + </tab> + </tabs> + <fields> + <field> + <name>XMLRPC Sync</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Automatically sync imspector configuration changes</fielddescr> + <fieldname>synconchanges</fieldname> + <description>Automatically sync imspector(normal and reverse) changes to the hosts defined below.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Remote Server</fielddescr> + <fieldname>none</fieldname> + <type>rowhelper</type> + <rowhelper> + <rowhelperfield> + <fielddescr>IP Address</fielddescr> + <fieldname>ipaddress</fieldname> + <description>IP Address of remote server</description> + <type>input</type> + <size>20</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Password</fielddescr> + <fieldname>password</fieldname> + <description>Password for remote server.</description> + <type>password</type> + <size>20</size> + </rowhelperfield> + </rowhelper> + </field> + </fields> + <custom_php_validation_command> + </custom_php_validation_command> + <custom_php_resync_config_command> + sync_package_imspector(); + </custom_php_resync_config_command> +</packagegui> diff --git a/config/imspector-dev/services_imspector_logs.php b/config/imspector-dev/services_imspector_logs.php new file mode 100644 index 00000000..09e732b8 --- /dev/null +++ b/config/imspector-dev/services_imspector_logs.php @@ -0,0 +1,299 @@ +<?php +/* + services_imspector_logs.php + part of pfSense (http://www.pfsense.com/) + + JavaScript Code is GPL Licensed from SmoothWall Express. + + Copyright (C) 2007 Ryan Wagoner <rswagoner@gmail.com>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); + +/* variables */ +$log_dir = '/var/imspector'; +$imspector_config = $config['installedpackages']['imspector']['config'][0]; + +$border_color = '#c0c0c0'; +$default_bgcolor = '#eeeeee'; + +$list_protocol_color = '#000000'; +$list_local_color = '#000000'; +$list_remote_color = '#000000'; +$list_convo_color = '#000000'; + +$list_protocol_bgcolor = '#cccccc'; +$list_local_bgcolor = '#dddddd'; +$list_remote_bgcolor = '#eeeeee'; +$list_end_bgcolor = '#bbbbbb'; + +$convo_title_color = 'black'; +$convo_local_color = 'blue'; +$convo_remote_color = 'red'; + +$convo_title_bgcolor = '#cccccc'; +$convo_local_bgcolor = '#dddddd'; +$convo_remote_bgcolor = '#eeeeee'; + +/* functions */ + +function convert_dir_list ($topdir) { + if (!is_dir($topdir)) return; + if ($dh = opendir($topdir)) { + while (($file = readdir($dh)) !== false) { + if(!preg_match('/^\./', $file) == 0) continue; + if (is_dir("$topdir/$file")) { + $list .= convert_dir_list("$topdir/$file"); + } else { + $list .= "$topdir/$file\n"; + } + } + closedir($dh); + } + return $list; +} + +/* ajax response */ +if ($_POST['mode'] == "render") { + + /* user list */ + print(str_replace(array($log_dir,'/'),array('','|'),convert_dir_list($log_dir))); + print("--END--\n"); + + /* log files */ + if ($_POST['section'] != "none") { + $section = explode('|',$_POST['section']); + $protocol = $section[0]; + $localuser = $section[1]; + $remoteuser = $section[2]; + $conversation = $section[3]; + + /* conversation title */ + print(implode(', ', $section)."\n"); + print("--END--\n"); + + /* conversation content */ + $filename = $log_dir.'/'.implode('/', $section); + if($fd = fopen($filename, 'r')) { + print("<table width='100%' border='0' cellpadding='2' cellspacing='0'>\n"); + while (!feof($fd)) { + $line = fgets($fd); + if(feof($fd)) continue; + $new_format = '([^,]*),([^,]*),([^,]*),([^,]*),([^,]*),([^,]*),(.*)'; + $old_format = '([^,]*),([^,]*),([^,]*),([^,]*),([^,]*),(.*)'; + preg_match("/${new_format}|${old_format}/", $line, $matches); + $address = $matches[1]; + $timestamp = $matches[2]; + $direction = $matches[3]; + $type = $matches[4]; + $filtered = $matches[5]; + if(count($matches) == 8) { + $category = $matches[6]; + $data = $matches[7]; + } else { + $category = ""; + $data = $matches[6]; + } + + if($direction == '0') { + $bgcolor = $convo_remote_bgcolor; + $user = "<<span style='color: $convo_remote_color;'>$remoteuser</span>>"; + } + if($direction == '1') { + $bgcolor = $convo_local_bgcolor; + $user = "<<span style='color: $convo_local_color;'>$localuser</span>>"; + } + + $time = strftime("%H:%M:%S", $timestamp); + + print("<tr bgcolor='$bgcolor'><td style='width: 30px; vertical-align: top;'>[$time]</td>\n + <td style=' width: 60px; vertical-align: top;'>$user</td>\n + <td style=' width: 60px; vertical-align: top;'>$category</td>\n + <td style='vertical-align: top;'>$data</td></tr>\n"); + } + print("</table>\n"); + fclose($fd); + } + } + exit; +} +/* defaults to this page but if no settings are present, redirect to setup page */ +if(!$imspector_config["enable"] || !$imspector_config["iface_array"] || !$imspector_config["proto_array"]) + Header("Location: /pkg_edit.php?xml=imspector.xml&id=0"); + +$pgtitle = "Services: IMSpector Log Viewer"; +include("head.inc"); +/* put your custom HTML head content here */ +/* using some of the $pfSenseHead function calls */ +//$pfSenseHead->addMeta("<meta http-equiv=\"refresh\" content=\"120;url={$_SERVER['SCRIPT_NAME']}\" />"); +//echo $pfSenseHead->getHTML(); +?> +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> +<?php if ($savemsg) print_info_box($savemsg); ?> +<div id="mainlevel"> +<table width="100%" border="0" cellpadding="0" cellspacing="0"> +<?php + $tab_array = array(); + $tab_array[] = array(gettext("Settings "), false, "/pkg_edit.php?xml=imspector.xml&id=0"); + $tab_array[] = array(gettext("Replacements "), false, "/pkg_edit.php?xml=imspector_replacements.xml&id=0"); + $tab_array[] = array(gettext("Access Lists "), false, "/pkg.php?xml=imspector_acls.xml"); + $tab_array[] = array(gettext("Log "), true, "/services_imspector_logs.php"); + $tab_array[] = array(gettext("Sync "), false, "/pkg_edit.php?xml=imspector_sync.xml&id=0"); + + display_top_tabs($tab_array); +?> +</table> + +<?php +$zz = <<<EOD +<script type="text/javascript"> +var section = 'none'; +var moveit = 1; +var the_timeout; + +function xmlhttpPost() +{ + var xmlHttpReq = false; + var self = this; + + if (window.XMLHttpRequest) + self.xmlHttpReq = new XMLHttpRequest(); + else if (window.ActiveXObject) + self.xmlHttpReq = new ActiveXObject("Microsoft.XMLHTTP"); + + self.xmlHttpReq.open('POST', 'services_imspector_logs.php', true); + self.xmlHttpReq.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded'); + + self.xmlHttpReq.onreadystatechange = function() { + if (self.xmlHttpReq && self.xmlHttpReq.readyState == 4) + updatepage(self.xmlHttpReq.responseText); + } + + document.getElementById('im_status').style.display = "inline"; + self.xmlHttpReq.send("mode=render§ion=" + section); +} + +function updatepage(str) +{ + /* update the list of conversations ( if we need to ) */ + var parts = str.split("--END--\\n"); + var lines = parts[0].split("\\n"); + + for (var line = 0 ; line < lines.length ; line ++) { + var a = lines[line].split("|"); + + if (!a[1] || !a[2] || !a[3]) continue; + + /* create titling information if needed */ + if (!document.getElementById(a[1])) { + document.getElementById('im_convos').innerHTML += + "<div id='" + a[1] + "_t' style='width: 100%; background-color: $list_protocol_bgcolor; color: $list_protocol_color;'>" + a[1] + "</div>" + + "<div id='" + a[1] + "' style='width: 100%; background-color: $list_local_bgcolor;'></div>"; + } + if (!document.getElementById(a[1] + "_" + a[2])) { + var imageref = ""; + if (a[0]) imageref = "<img src='" + a[0] + "' alt='" + a[1] + "'/>"; + document.getElementById(a[1]).innerHTML += + "<div id='" + a[1] + "_" + a[2] + "_t' style='width: 100%; color: $list_local_color; padding-left: 5px;'>" + imageref + a[2] + "</div>" + + "<div id='" + a[1] + "_" + a[2] + "' style='width: 100%; background-color: $list_remote_bgcolor; border-bottom: solid 1px $list_end_bgcolor;'></div>"; + } + if (!document.getElementById(a[1] + "_" + a[2] + "_" + a[3])) { + document.getElementById(a[1] + "_" + a[2]).innerHTML += + "<div id='" + a[1] + "_" + a[2] + "_" + a[3] + "_t' style='width: 100%; color: $list_remote_color; padding-left: 10px;'>" + a[3] + "</div>" + + "<div id='" + a[1] + "_" + a[2] + "_" + a[3] + "' style='width: 100%;'></div>"; + } + if (!document.getElementById(a[1] + "_" + a[2] + "_" + a[3] + "_" + a[4])) { + document.getElementById(a[1] + "_" + a[2] + "_" + a[3]).innerHTML += + "<div id='" + a[1] + "_" + a[2] + "_" + a[3] + "_" + a[4] + + "' style='width: 100%; color: $list_convo_color; cursor: pointer; padding-left: 15px;' onClick=" + + '"' + "setsection('" + a[1] + "|" + a[2] + "|" + a[3] + "|" + a[4] + "');" + '"' + "' + >»" + a[4] + "</div>"; + } + } + + /* determine the title of this conversation */ + var details = parts[1].split(","); + var title = details[0] + " conversation between <span style='color: $convo_local_color;'>" + details[ 1 ] + + "</span> and <span style='color: $convo_remote_color;'>" + details[2] + "</span>"; + if (!details[1]) title = " "; + if (!parts[2]) parts[2] = " "; + + document.getElementById('im_status').style.display = "none"; + var bottom = parseInt(document.getElementById('im_content').scrollTop); + var bottom2 = parseInt(document.getElementById('im_content').style.height); + var absheight = parseInt( bottom + bottom2 ); + if (absheight == document.getElementById('im_content').scrollHeight) { + moveit = 1; + } else { + moveit = 0; + } + document.getElementById('im_content').innerHTML = parts[2]; + if (moveit == 1) { + document.getElementById('im_content').scrollTop = 0; + document.getElementById('im_content').scrollTop = document.getElementById('im_content').scrollHeight; + } + document.getElementById('im_content_title').innerHTML = title; + the_timeout = setTimeout( "xmlhttpPost();", 5000 ); +} + +function setsection(value) +{ + section = value; + clearTimeout(the_timeout); + xmlhttpPost(); + document.getElementById('im_content').scrollTop = 0; + document.getElementById('im_content').scrollTop = document.getElementById('im_content').scrollHeight; +} +</script> +EOD; +print($zz); +?> + +<table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td class="tabcont"> + <div style='width: 100%; text-align: right;'><span id='im_status' style='display: none;'>Updating</span> </div> + <table width="100%"> + <tr> + <td width="15%" bgcolor="<?=$default_bgcolor?>" style="overflow: auto; border: solid 1px <?=$border_color?>;"> + <div id="im_convos" style="height: 400px; overflow: auto; overflow-x: hidden;"></div> + </td> + <td width="75%" bgcolor="<?=$default_bgcolor?>" style="border: solid 1px <?=$border_color?>;"> + <div id="im_content_title" style="height: 20px; overflow: auto; vertical-align: top; + color: <?=$convo_title_color?>; background-color: <?=$convo_title_bgcolor?>;"></div> + <div id="im_content" style="height: 380px; overflow: auto; vertical-align: bottom; overflow-x: hidden;"></div> + </td> + </tr> + </table> + </td> + </tr> +</table> + +<script type="text/javascript">xmlhttpPost();</script> + +</div> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/config/ntop2/ntop.xml b/config/ntop2/ntop.xml index f0c3ed61..898df4d7 100644 --- a/config/ntop2/ntop.xml +++ b/config/ntop2/ntop.xml @@ -97,11 +97,6 @@ <fieldname>allowmerge</fieldname> <type>checkbox</type> </field> - <field> - <fielddescr>Track all traffic<br>(Def: IPv4 only)</fielddescr> - <fieldname>alltraffic</fieldname> - <type>checkbox</type> - </field> </fields> <custom_php_global_functions> <![CDATA[ @@ -125,7 +120,6 @@ system("/bin/cp -Rp /usr/local/lib/X11/fonts/webfonts/ /usr/local/lib/X11/fonts/TTF/"); $first = 0; $mergeifs = ($ntop_config['allowmerge'] == "on") ? "" : "-M"; - $alltraffic = ($ntop_config['alltraffic'] == "on") ? "" : "--ipv4"; foreach($ntop_config['interface_array'] as $iface) { $if = convert_friendly_interface_to_real_interface_name($iface); if($if) { @@ -135,7 +129,7 @@ $first = 1; } } - $start = "/usr/local/bin/ntop -i {$ifaces_final} -u root -d {$alltraffic} {$mergeifs} -x 8102 -X 8192 &"; + $start = "/usr/local/bin/ntop -i {$ifaces_final} -u root -d -4 {$mergeifs} -x 8102 -X 8192 &"; write_rcfile(array( "file" => "ntop.sh", "start" => $start, diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc index b9ac8866..f023bf21 100755 --- a/config/openvpn-client-export/openvpn-client-export.inc +++ b/config/openvpn-client-export/openvpn-client-export.inc @@ -71,7 +71,7 @@ function openvpn_client_export_prefix($srvid) { if ($settings['disable']) return false; - $host = $config['system']['hostname']; + $host = empty($config['system']['hostname']) ? "openvpn" : $config['system']['hostname']; $prot = ($settings['protocol'] == 'UDP' ? 'udp' : $settings['protocol']); $port = $settings['local_port']; @@ -161,7 +161,8 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke $server_host = get_interface_ip($interface); } } else if ($useaddr == "serverhostname" || empty($useaddr)) { - $server_host = "{$config['system']['hostname']}.{$config['system']['domain']}"; + $server_host = empty($config['system']['hostname']) ? "" : "{$config['system']['hostname']}."; + $server_host .= "{{$config['system']['domain']}"; } else $server_host = $useaddr; @@ -235,7 +236,7 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoke if (is_array($server_cert) && ($server_cert['crt'])) { $purpose = cert_get_purpose($server_cert['crt'], true); if ($purpose['server'] == 'Yes') - $conf .= "ns-cert-type server"; + $conf .= "ns-cert-type server{$nl}"; } } @@ -600,7 +601,8 @@ function openvpn_client_export_sharedkey_config($srvid, $useaddr, $proxy, $zipco $server_host = get_interface_ip($interface); } } else if ($useaddr == "serverhostname" || empty($useaddr)) { - $server_host = "{$config['system']['hostname']}.{$config['system']['domain']}"; + $server_host = empty($config['system']['hostname']) ? "" : "{$config['system']['hostname']}."; + $server_host .= "{{$config['system']['domain']}"; } else $server_host = $useaddr; diff --git a/config/pf-blocker/lists/Africa_cidr.txt b/config/pf-blocker/lists/Africa_cidr.txt index 3ef0ce10..a9afde11 100755..100644 --- a/config/pf-blocker/lists/Africa_cidr.txt +++ b/config/pf-blocker/lists/Africa_cidr.txt @@ -3,8 +3,8 @@ # Total Subnets: 24,124,672 # Country: ALGERIA # ISO Code: DZ -# Total Networks: 30 -# Total Subnets: 2,620,928 +# Total Networks: 29 +# Total Subnets: 2,616,832 41.77.176.0/21 41.96.0.0/12 41.191.252.0/22 @@ -19,7 +19,6 @@ 80.246.0.0/20 80.249.64.0/20 81.22.64.0/19 -81.26.64.0/20 82.101.128.0/18 192.52.232.0/24 192.245.148.0/24 @@ -37,8 +36,8 @@ 213.179.160.0/19 # Country: ANGOLA # ISO Code: AO -# Total Networks: 32 -# Total Subnets: 179,712 +# Total Networks: 35 +# Total Subnets: 311,808 41.63.160.0/19 41.70.128.0/17 41.72.0.0/18 @@ -71,11 +70,15 @@ 196.223.1.0/24 196.223.13.0/24 196.223.19.0/24 +197.157.196.0/22 +197.216.0.0/16 +197.217.0.0/16 # Country: BENIN # ISO Code: BJ -# Total Networks: 11 -# Total Subnets: 38,912 +# Total Networks: 12 +# Total Subnets: 39,936 41.74.0.0/20 +41.79.216.0/22 41.85.160.0/19 41.86.224.0/19 41.138.88.0/22 @@ -126,11 +129,13 @@ 212.52.128.0/19 # Country: BURUNDI # ISO Code: BI -# Total Networks: 3 -# Total Subnets: 3,328 +# Total Networks: 5 +# Total Subnets: 5,376 41.79.44.0/22 +41.79.224.0/22 196.2.8.0/21 196.223.3.0/24 +197.157.192.0/22 # Country: CAMEROON # ISO Code: CM # Total Networks: 22 @@ -195,8 +200,9 @@ 197.255.176.0/20 # Country: CONGO, THE DEMOCRATIC REPUBLIC OF THE # ISO Code: CD -# Total Networks: 12 -# Total Subnets: 18,944 +# Total Networks: 14 +# Total Subnets: 20,224 +41.77.220.0/22 41.78.104.0/22 41.78.196.0/22 41.79.232.0/22 @@ -209,6 +215,7 @@ 193.110.104.0/23 196.22.8.0/22 196.46.112.0/22 +196.223.28.0/24 # Country: COTE D'IVOIRE # ISO Code: CI # Total Networks: 18 @@ -394,7 +401,7 @@ 213.55.64.0/18 # Country: GABON # ISO Code: GA -# Total Networks: 13 +# Total Networks: 14 # Total Subnets: 169,472 41.72.224.0/19 41.76.120.0/21 @@ -406,16 +413,18 @@ 41.159.0.0/16 41.211.128.0/18 192.188.164.0/22 -192.189.139.0/23 +192.189.139.0/24 +192.189.140.0/24 196.46.156.0/22 217.77.64.0/20 # Country: GAMBIA # ISO Code: GM -# Total Networks: 5 -# Total Subnets: 17,408 +# Total Networks: 6 +# Total Subnets: 21,504 41.76.8.0/21 41.223.212.0/22 196.46.232.0/21 +197.242.128.0/20 197.255.192.0/20 212.60.64.0/19 # Country: GHANA @@ -481,8 +490,9 @@ 212.96.0.0/19 # Country: GUINEA # ISO Code: GN -# Total Networks: 2 -# Total Subnets: 2,048 +# Total Networks: 3 +# Total Subnets: 4,096 +41.77.184.0/21 41.79.200.0/22 41.79.236.0/22 # Country: GUINEA-BISSAU @@ -493,8 +503,9 @@ 197.159.80.0/20 # Country: KENYA # ISO Code: KE -# Total Networks: 108 -# Total Subnets: 1,650,944 +# Total Networks: 109 +# Total Subnets: 1,655,040 +41.57.96.0/20 41.72.160.0/19 41.72.192.0/19 41.75.32.0/20 @@ -605,8 +616,8 @@ 217.199.144.0/20 # Country: LESOTHO # ISO Code: LS -# Total Networks: 9 -# Total Subnets: 39,424 +# Total Networks: 10 +# Total Subnets: 40,448 41.76.16.0/21 41.191.200.0/21 41.203.176.0/20 @@ -614,6 +625,7 @@ 196.4.255.0/24 196.202.240.0/21 196.223.24.0/24 +197.157.200.0/22 197.220.128.0/19 197.254.128.0/18 # Country: LIBERIA @@ -695,8 +707,8 @@ 82.151.64.0/19 # Country: MAURITIUS # ISO Code: MU -# Total Networks: 35 -# Total Subnets: 491,520 +# Total Networks: 37 +# Total Subnets: 496,640 41.76.40.0/21 41.87.96.0/19 41.136.0.0/16 @@ -721,6 +733,7 @@ 196.192.64.0/21 196.192.80.0/22 196.192.96.0/20 +196.200.208.0/20 196.207.48.0/20 196.216.2.0/23 196.216.168.0/24 @@ -728,6 +741,7 @@ 196.216.171.0/24 196.216.254.0/24 196.223.0.0/24 +197.157.244.0/22 197.224.0.0/14 197.255.64.0/18 202.60.0.0/21 @@ -772,8 +786,8 @@ 212.217.0.0/17 # Country: MOZAMBIQUE # ISO Code: MZ -# Total Networks: 26 -# Total Subnets: 326,656 +# Total Networks: 27 +# Total Subnets: 343,040 41.76.0.0/21 41.76.144.0/21 41.77.32.0/21 @@ -797,6 +811,7 @@ 196.28.224.0/20 196.32.96.0/20 196.46.0.0/20 +197.158.0.0/18 197.218.0.0/16 197.219.0.0/16 197.249.0.0/16 @@ -836,8 +851,8 @@ 46.231.240.0/21 # Country: NIGERIA # ISO Code: NG -# Total Networks: 126 -# Total Subnets: 995,328 +# Total Networks: 130 +# Total Subnets: 1,005,056 41.58.0.0/16 41.67.128.0/18 41.71.128.0/17 @@ -855,6 +870,7 @@ 41.76.248.0/21 41.77.40.0/21 41.77.168.0/21 +41.77.216.0/22 41.78.8.0/22 41.78.12.0/22 41.78.80.0/22 @@ -932,6 +948,8 @@ 196.40.192.0/18 196.43.215.0/24 196.43.224.0/24 +196.43.232.0/24 +196.43.233.0/24 196.45.48.0/20 196.46.20.0/24 196.46.27.0/24 @@ -955,6 +973,7 @@ 197.156.192.0/18 197.159.64.0/20 197.240.0.0/16 +197.242.96.0/19 197.244.0.0/16 197.253.0.0/18 197.255.0.0/18 @@ -1021,8 +1040,8 @@ 213.154.64.0/19 # Country: SEYCHELLES # ISO Code: SC -# Total Networks: 14 -# Total Subnets: 28,160 +# Total Networks: 15 +# Total Subnets: 36,352 41.79.60.0/22 41.86.32.0/19 41.191.120.0/22 @@ -1037,6 +1056,7 @@ 196.1.120.0/21 196.32.216.0/21 196.46.148.0/22 +197.157.96.0/19 # Country: SIERRA LEONE # ISO Code: SL # Total Networks: 9 @@ -1059,12 +1079,13 @@ 197.220.64.0/19 # Country: SOUTH AFRICA # ISO Code: ZA -# Total Networks: 1,021 -# Total Subnets: 20,377,344 +# Total Networks: 1,669 +# Total Subnets: 20,386,560 41.0.0.0/11 41.48.0.0/13 41.56.0.0/16 41.57.0.0/18 +41.57.112.0/22 41.57.128.0/18 41.61.0.0/16 41.63.64.0/18 @@ -1131,6 +1152,8 @@ 41.79.172.0/22 41.79.180.0/22 41.79.192.0/22 +41.79.212.0/22 +41.79.220.0/22 41.79.240.0/22 41.79.248.0/22 41.84.0.0/17 @@ -1201,6 +1224,7 @@ 41.223.120.0/22 41.223.172.0/22 41.223.244.0/22 +41.223.252.0/22 41.240.0.0/13 66.8.0.0/17 66.18.64.0/19 @@ -1257,7 +1281,8 @@ 164.146.0.0/15 164.148.0.0/14 164.155.0.0/16 -165.3.0.0/15 +165.3.0.0/16 +165.4.0.0/16 165.5.0.0/16 165.8.0.0/14 165.25.0.0/16 @@ -1501,12 +1526,22 @@ 196.1.56.0/21 196.1.71.0/24 196.1.74.0/24 -196.1.75.0/22 -196.1.79.0/23 +196.1.75.0/24 +196.1.76.0/24 +196.1.77.0/24 +196.1.78.0/24 +196.1.79.0/24 +196.1.80.0/24 196.1.81.0/24 -196.1.82.0/22 +196.1.82.0/24 +196.1.83.0/24 +196.1.84.0/24 +196.1.85.0/24 196.1.86.0/24 -196.1.87.0/22 +196.1.87.0/24 +196.1.88.0/24 +196.1.89.0/24 +196.1.90.0/24 196.1.91.0/24 196.1.101.0/24 196.1.102.0/24 @@ -1542,7 +1577,22 @@ 196.3.161.0/24 196.3.162.0/24 196.3.163.0/24 -196.3.164.0/20 +196.3.164.0/24 +196.3.165.0/24 +196.3.166.0/24 +196.3.167.0/24 +196.3.168.0/24 +196.3.169.0/24 +196.3.170.0/24 +196.3.171.0/24 +196.3.172.0/24 +196.3.173.0/24 +196.3.174.0/24 +196.3.175.0/24 +196.3.176.0/24 +196.3.177.0/24 +196.3.178.0/24 +196.3.179.0/24 196.3.224.0/19 196.4.0.0/20 196.4.16.0/22 @@ -1556,11 +1606,26 @@ 196.4.27.0/24 196.4.28.0/24 196.4.29.0/24 -196.4.30.0/22 -196.4.34.0/23 -196.4.36.0/21 -196.4.44.0/23 -196.4.71.0/22 +196.4.30.0/24 +196.4.31.0/24 +196.4.32.0/24 +196.4.33.0/24 +196.4.34.0/24 +196.4.35.0/24 +196.4.36.0/24 +196.4.37.0/24 +196.4.38.0/24 +196.4.39.0/24 +196.4.40.0/24 +196.4.41.0/24 +196.4.42.0/24 +196.4.43.0/24 +196.4.44.0/24 +196.4.45.0/24 +196.4.71.0/24 +196.4.72.0/24 +196.4.73.0/24 +196.4.74.0/24 196.4.75.0/24 196.4.76.0/24 196.4.77.0/24 @@ -1572,8 +1637,12 @@ 196.4.84.0/24 196.4.85.0/24 196.4.86.0/24 -196.4.87.0/22 -196.4.91.0/23 +196.4.87.0/24 +196.4.88.0/24 +196.4.89.0/24 +196.4.90.0/24 +196.4.91.0/24 +196.4.92.0/24 196.4.93.0/24 196.4.94.0/24 196.4.95.0/24 @@ -1581,49 +1650,279 @@ 196.4.97.0/24 196.4.98.0/24 196.4.99.0/24 -196.4.100.0/19 -196.4.132.0/20 -196.4.148.0/23 -196.4.150.0/21 -196.4.158.0/23 +196.4.100.0/24 +196.4.101.0/24 +196.4.102.0/24 +196.4.103.0/24 +196.4.104.0/24 +196.4.105.0/24 +196.4.106.0/24 +196.4.107.0/24 +196.4.108.0/24 +196.4.109.0/24 +196.4.110.0/24 +196.4.111.0/24 +196.4.112.0/24 +196.4.113.0/24 +196.4.114.0/24 +196.4.115.0/24 +196.4.116.0/24 +196.4.117.0/24 +196.4.118.0/24 +196.4.119.0/24 +196.4.120.0/24 +196.4.121.0/24 +196.4.122.0/24 +196.4.123.0/24 +196.4.124.0/24 +196.4.125.0/24 +196.4.126.0/24 +196.4.127.0/24 +196.4.128.0/24 +196.4.129.0/24 +196.4.130.0/24 +196.4.131.0/24 +196.4.132.0/24 +196.4.133.0/24 +196.4.134.0/24 +196.4.135.0/24 +196.4.136.0/24 +196.4.137.0/24 +196.4.138.0/24 +196.4.139.0/24 +196.4.140.0/24 +196.4.141.0/24 +196.4.142.0/24 +196.4.143.0/24 +196.4.144.0/24 +196.4.145.0/24 +196.4.146.0/24 +196.4.147.0/24 +196.4.148.0/24 +196.4.149.0/24 +196.4.150.0/23 +196.4.152.0/22 +196.4.156.0/22 196.4.160.0/23 196.4.162.0/24 -196.4.163.0/23 -196.4.165.0/24 +196.4.163.0/24 +196.4.164.0/23 196.4.166.0/24 196.4.167.0/24 196.4.168.0/24 -196.4.169.0/23 +196.4.169.0/24 +196.4.170.0/24 196.4.171.0/24 196.4.172.0/24 -196.4.173.0/20 +196.4.173.0/24 +196.4.174.0/24 +196.4.175.0/24 +196.4.176.0/24 +196.4.177.0/24 +196.4.178.0/24 +196.4.179.0/24 +196.4.180.0/24 +196.4.181.0/24 +196.4.182.0/24 +196.4.183.0/24 +196.4.184.0/24 +196.4.185.0/24 +196.4.186.0/24 +196.4.187.0/24 +196.4.188.0/24 196.4.189.0/24 -196.4.190.0/21 -196.4.198.0/23 +196.4.190.0/23 +196.4.192.0/22 +196.4.196.0/22 196.4.200.0/21 196.4.208.0/22 -196.4.212.0/20 -196.4.228.0/22 +196.4.212.0/24 +196.4.213.0/24 +196.4.214.0/24 +196.4.215.0/24 +196.4.216.0/24 +196.4.217.0/24 +196.4.218.0/24 +196.4.219.0/24 +196.4.220.0/24 +196.4.221.0/24 +196.4.222.0/24 +196.4.223.0/24 +196.4.224.0/24 +196.4.225.0/24 +196.4.226.0/24 +196.4.227.0/24 +196.4.228.0/24 +196.4.229.0/24 +196.4.230.0/24 +196.4.231.0/24 196.4.232.0/22 196.4.236.0/23 196.4.238.0/24 -196.4.239.0/21 -196.4.247.0/23 +196.4.239.0/24 +196.4.240.0/24 +196.4.241.0/24 +196.4.242.0/24 +196.4.243.0/24 +196.4.244.0/24 +196.4.245.0/24 +196.4.246.0/24 +196.4.247.0/24 +196.4.248.0/24 196.4.249.0/24 196.4.250.0/23 196.4.252.0/23 196.4.254.0/24 196.5.0.0/16 -196.6.1.0/18 -196.6.65.0/19 -196.6.97.0/22 +196.6.1.0/24 +196.6.2.0/24 +196.6.3.0/24 +196.6.4.0/24 +196.6.5.0/24 +196.6.6.0/24 +196.6.7.0/24 +196.6.8.0/24 +196.6.9.0/24 +196.6.10.0/24 +196.6.11.0/24 +196.6.12.0/24 +196.6.13.0/24 +196.6.14.0/24 +196.6.15.0/24 +196.6.16.0/24 +196.6.17.0/24 +196.6.18.0/24 +196.6.19.0/24 +196.6.20.0/24 +196.6.21.0/24 +196.6.22.0/24 +196.6.23.0/24 +196.6.24.0/24 +196.6.25.0/24 +196.6.26.0/24 +196.6.27.0/24 +196.6.28.0/24 +196.6.29.0/24 +196.6.30.0/24 +196.6.31.0/24 +196.6.32.0/24 +196.6.33.0/24 +196.6.34.0/24 +196.6.35.0/24 +196.6.36.0/24 +196.6.37.0/24 +196.6.38.0/24 +196.6.39.0/24 +196.6.40.0/24 +196.6.41.0/24 +196.6.42.0/24 +196.6.43.0/24 +196.6.44.0/24 +196.6.45.0/24 +196.6.46.0/24 +196.6.47.0/24 +196.6.48.0/24 +196.6.49.0/24 +196.6.50.0/24 +196.6.51.0/24 +196.6.52.0/24 +196.6.53.0/24 +196.6.54.0/24 +196.6.55.0/24 +196.6.56.0/24 +196.6.57.0/24 +196.6.58.0/24 +196.6.59.0/24 +196.6.60.0/24 +196.6.61.0/24 +196.6.62.0/24 +196.6.63.0/24 +196.6.64.0/24 +196.6.65.0/24 +196.6.66.0/24 +196.6.67.0/24 +196.6.68.0/24 +196.6.69.0/24 +196.6.70.0/24 +196.6.71.0/24 +196.6.72.0/24 +196.6.73.0/24 +196.6.74.0/24 +196.6.75.0/24 +196.6.76.0/24 +196.6.77.0/24 +196.6.78.0/24 +196.6.79.0/24 +196.6.80.0/24 +196.6.81.0/24 +196.6.82.0/24 +196.6.83.0/24 +196.6.84.0/24 +196.6.85.0/24 +196.6.86.0/24 +196.6.87.0/24 +196.6.88.0/24 +196.6.89.0/24 +196.6.90.0/24 +196.6.91.0/24 +196.6.92.0/24 +196.6.93.0/24 +196.6.94.0/24 +196.6.95.0/24 +196.6.96.0/24 +196.6.97.0/24 +196.6.98.0/24 +196.6.99.0/24 +196.6.100.0/24 196.6.101.0/24 196.6.102.0/24 196.6.121.0/24 -196.6.123.0/21 -196.6.131.0/23 -196.6.133.0/19 -196.6.165.0/21 +196.6.123.0/24 +196.6.124.0/22 +196.6.128.0/23 +196.6.130.0/24 +196.6.131.0/24 +196.6.132.0/24 +196.6.133.0/24 +196.6.134.0/24 +196.6.135.0/24 +196.6.136.0/24 +196.6.137.0/24 +196.6.138.0/24 +196.6.139.0/24 +196.6.140.0/24 +196.6.141.0/24 +196.6.142.0/24 +196.6.143.0/24 +196.6.144.0/24 +196.6.145.0/24 +196.6.146.0/24 +196.6.147.0/24 +196.6.148.0/24 +196.6.149.0/24 +196.6.150.0/24 +196.6.151.0/24 +196.6.152.0/24 +196.6.153.0/24 +196.6.154.0/24 +196.6.155.0/24 +196.6.156.0/24 +196.6.157.0/24 +196.6.158.0/24 +196.6.159.0/24 +196.6.160.0/24 +196.6.161.0/24 +196.6.162.0/24 +196.6.163.0/24 +196.6.164.0/24 +196.6.165.0/24 +196.6.166.0/24 +196.6.167.0/24 +196.6.168.0/24 +196.6.169.0/24 +196.6.170.0/24 +196.6.171.0/24 +196.6.172.0/24 196.6.173.0/24 196.6.184.0/24 196.6.198.0/24 @@ -1634,10 +1933,14 @@ 196.6.222.0/23 196.6.237.0/24 196.6.240.0/23 -196.6.243.0/22 +196.6.243.0/24 +196.6.244.0/24 +196.6.245.0/24 +196.6.246.0/24 196.6.247.0/24 196.6.248.0/24 -196.6.249.0/23 +196.6.249.0/24 +196.6.250.0/24 196.6.251.0/24 196.6.252.0/24 196.6.253.0/24 @@ -1645,39 +1948,184 @@ 196.7.0.0/16 196.8.0.0/16 196.9.0.0/16 -196.10.1.0/19 -196.10.33.0/20 -196.10.49.0/23 -196.10.61.0/19 -196.10.93.0/23 +196.10.1.0/24 +196.10.2.0/24 +196.10.3.0/24 +196.10.4.0/24 +196.10.5.0/24 +196.10.6.0/24 +196.10.7.0/24 +196.10.8.0/24 +196.10.9.0/24 +196.10.10.0/24 +196.10.11.0/24 +196.10.12.0/24 +196.10.13.0/24 +196.10.14.0/24 +196.10.15.0/24 +196.10.16.0/24 +196.10.17.0/24 +196.10.18.0/24 +196.10.19.0/24 +196.10.20.0/24 +196.10.21.0/24 +196.10.22.0/24 +196.10.23.0/24 +196.10.24.0/24 +196.10.25.0/24 +196.10.26.0/24 +196.10.27.0/24 +196.10.28.0/24 +196.10.29.0/24 +196.10.30.0/24 +196.10.31.0/24 +196.10.32.0/24 +196.10.33.0/24 +196.10.34.0/24 +196.10.35.0/24 +196.10.36.0/24 +196.10.37.0/24 +196.10.38.0/24 +196.10.39.0/24 +196.10.40.0/24 +196.10.41.0/24 +196.10.42.0/24 +196.10.43.0/24 +196.10.44.0/24 +196.10.45.0/24 +196.10.46.0/24 +196.10.47.0/24 +196.10.48.0/24 +196.10.49.0/24 +196.10.50.0/24 +196.10.61.0/24 +196.10.62.0/24 +196.10.63.0/24 +196.10.64.0/24 +196.10.65.0/24 +196.10.66.0/24 +196.10.67.0/24 +196.10.68.0/24 +196.10.69.0/24 +196.10.70.0/24 +196.10.71.0/24 +196.10.72.0/24 +196.10.73.0/24 +196.10.74.0/24 +196.10.75.0/24 +196.10.76.0/24 +196.10.77.0/24 +196.10.78.0/24 +196.10.79.0/24 +196.10.80.0/24 +196.10.81.0/24 +196.10.82.0/24 +196.10.83.0/24 +196.10.84.0/24 +196.10.85.0/24 +196.10.86.0/24 +196.10.87.0/24 +196.10.88.0/24 +196.10.89.0/24 +196.10.90.0/24 +196.10.91.0/24 +196.10.92.0/24 +196.10.93.0/24 +196.10.94.0/24 196.10.95.0/24 196.10.96.0/24 196.10.101.0/24 196.10.102.0/23 196.10.104.0/24 196.10.105.0/24 -196.10.106.0/22 -196.10.110.0/23 +196.10.106.0/24 +196.10.107.0/24 +196.10.108.0/24 +196.10.109.0/24 +196.10.110.0/24 +196.10.111.0/24 196.10.112.0/22 196.10.116.0/23 196.10.118.0/24 196.10.121.0/24 196.10.124.0/22 196.10.128.0/23 -196.10.130.0/22 -196.10.134.0/23 +196.10.130.0/24 +196.10.131.0/24 +196.10.132.0/24 +196.10.133.0/24 +196.10.134.0/24 +196.10.135.0/24 196.10.136.0/24 -196.10.142.0/22 +196.10.142.0/24 +196.10.143.0/24 +196.10.144.0/24 +196.10.145.0/24 196.10.146.0/24 196.10.149.0/24 -196.10.150.0/19 -196.10.182.0/20 -196.10.198.0/23 +196.10.150.0/24 +196.10.151.0/24 +196.10.152.0/24 +196.10.153.0/24 +196.10.154.0/24 +196.10.155.0/24 +196.10.156.0/24 +196.10.157.0/24 +196.10.158.0/24 +196.10.159.0/24 +196.10.160.0/24 +196.10.161.0/24 +196.10.162.0/24 +196.10.163.0/24 +196.10.164.0/24 +196.10.165.0/24 +196.10.166.0/24 +196.10.167.0/24 +196.10.168.0/24 +196.10.169.0/24 +196.10.170.0/24 +196.10.171.0/24 +196.10.172.0/24 +196.10.173.0/24 +196.10.174.0/24 +196.10.175.0/24 +196.10.176.0/24 +196.10.177.0/24 +196.10.178.0/24 +196.10.179.0/24 +196.10.180.0/24 +196.10.181.0/24 +196.10.182.0/24 +196.10.183.0/24 +196.10.184.0/24 +196.10.185.0/24 +196.10.186.0/24 +196.10.187.0/24 +196.10.188.0/24 +196.10.189.0/24 +196.10.190.0/24 +196.10.191.0/24 +196.10.192.0/24 +196.10.193.0/24 +196.10.194.0/24 +196.10.195.0/24 +196.10.196.0/24 +196.10.197.0/24 +196.10.198.0/24 +196.10.199.0/24 196.10.200.0/24 196.10.201.0/24 196.10.203.0/24 -196.10.204.0/21 -196.10.212.0/23 +196.10.204.0/24 +196.10.205.0/24 +196.10.206.0/24 +196.10.207.0/24 +196.10.208.0/24 +196.10.209.0/24 +196.10.210.0/24 +196.10.211.0/24 +196.10.212.0/24 +196.10.213.0/24 196.10.224.0/24 196.10.225.0/24 196.10.226.0/24 @@ -1685,9 +2133,13 @@ 196.10.229.0/24 196.10.230.0/24 196.10.232.0/22 -196.10.236.0/21 +196.10.236.0/22 +196.10.240.0/22 196.10.244.0/23 -196.10.246.0/22 +196.10.246.0/24 +196.10.247.0/24 +196.10.248.0/24 +196.10.249.0/24 196.10.250.0/24 196.11.0.0/20 196.11.16.0/21 @@ -1706,25 +2158,47 @@ 196.11.92.0/22 196.11.96.0/23 196.11.98.0/24 -196.11.99.0/23 +196.11.99.0/24 +196.11.100.0/24 196.11.101.0/24 -196.11.105.0/22 -196.11.109.0/22 -196.11.113.0/23 +196.11.105.0/24 +196.11.106.0/23 +196.11.108.0/24 +196.11.109.0/24 +196.11.110.0/24 +196.11.111.0/24 +196.11.112.0/24 +196.11.113.0/24 +196.11.114.0/24 196.11.115.0/24 196.11.116.0/24 -196.11.117.0/22 +196.11.117.0/24 +196.11.118.0/24 +196.11.119.0/24 +196.11.120.0/24 196.11.121.0/24 196.11.122.0/24 196.11.123.0/24 -196.11.125.0/21 -196.11.133.0/23 +196.11.125.0/24 +196.11.126.0/24 +196.11.127.0/24 +196.11.128.0/24 +196.11.129.0/24 +196.11.130.0/24 +196.11.131.0/24 +196.11.132.0/24 +196.11.133.0/24 +196.11.134.0/24 196.11.136.0/21 196.11.144.0/23 -196.11.146.0/22 +196.11.146.0/23 +196.11.148.0/23 196.11.160.0/21 196.11.168.0/23 -196.11.170.0/22 +196.11.170.0/24 +196.11.171.0/24 +196.11.172.0/24 +196.11.173.0/24 196.11.174.0/24 196.11.188.0/24 196.11.192.0/22 @@ -1733,33 +2207,146 @@ 196.11.198.0/24 196.11.199.0/24 196.11.200.0/24 -196.11.201.0/22 +196.11.201.0/24 +196.11.202.0/23 +196.11.204.0/24 196.11.205.0/24 196.11.208.0/24 -196.11.209.0/22 -196.11.213.0/21 +196.11.209.0/24 +196.11.210.0/24 +196.11.211.0/24 +196.11.212.0/24 +196.11.213.0/24 +196.11.214.0/24 +196.11.215.0/24 +196.11.216.0/24 +196.11.217.0/24 +196.11.218.0/24 +196.11.219.0/24 +196.11.220.0/24 196.11.221.0/24 -196.11.222.0/21 +196.11.222.0/24 +196.11.223.0/24 +196.11.224.0/24 +196.11.225.0/24 +196.11.226.0/24 +196.11.227.0/24 +196.11.228.0/24 +196.11.229.0/24 196.11.230.0/24 196.11.232.0/23 196.11.235.0/24 196.11.236.0/23 196.11.238.0/24 -196.11.239.0/21 +196.11.239.0/24 +196.11.240.0/22 +196.11.244.0/23 +196.11.246.0/24 196.11.247.0/24 196.11.248.0/23 196.11.252.0/23 196.11.254.0/24 196.12.16.0/20 -196.13.1.0/20 -196.13.17.0/21 -196.13.25.0/22 -196.13.29.0/23 -196.13.31.0/19 -196.13.63.0/20 -196.13.79.0/23 -196.13.81.0/20 -196.13.97.0/22 +196.13.1.0/24 +196.13.2.0/24 +196.13.3.0/24 +196.13.4.0/24 +196.13.5.0/24 +196.13.6.0/24 +196.13.7.0/24 +196.13.8.0/24 +196.13.9.0/24 +196.13.10.0/24 +196.13.11.0/24 +196.13.12.0/24 +196.13.13.0/24 +196.13.14.0/24 +196.13.15.0/24 +196.13.16.0/24 +196.13.17.0/24 +196.13.18.0/24 +196.13.19.0/24 +196.13.20.0/24 +196.13.21.0/24 +196.13.22.0/24 +196.13.23.0/24 +196.13.24.0/24 +196.13.25.0/24 +196.13.26.0/24 +196.13.27.0/24 +196.13.28.0/24 +196.13.29.0/24 +196.13.30.0/24 +196.13.31.0/24 +196.13.32.0/24 +196.13.33.0/24 +196.13.34.0/24 +196.13.35.0/24 +196.13.36.0/24 +196.13.37.0/24 +196.13.38.0/24 +196.13.39.0/24 +196.13.40.0/24 +196.13.41.0/24 +196.13.42.0/24 +196.13.43.0/24 +196.13.44.0/24 +196.13.45.0/24 +196.13.46.0/24 +196.13.47.0/24 +196.13.48.0/24 +196.13.49.0/24 +196.13.50.0/24 +196.13.51.0/24 +196.13.52.0/24 +196.13.53.0/24 +196.13.54.0/24 +196.13.55.0/24 +196.13.56.0/24 +196.13.57.0/24 +196.13.58.0/24 +196.13.59.0/24 +196.13.60.0/24 +196.13.61.0/24 +196.13.62.0/24 +196.13.63.0/24 +196.13.64.0/24 +196.13.65.0/24 +196.13.66.0/24 +196.13.67.0/24 +196.13.68.0/24 +196.13.69.0/24 +196.13.70.0/24 +196.13.71.0/24 +196.13.72.0/24 +196.13.73.0/24 +196.13.74.0/24 +196.13.75.0/24 +196.13.76.0/24 +196.13.77.0/24 +196.13.78.0/24 +196.13.79.0/24 +196.13.80.0/24 +196.13.81.0/24 +196.13.82.0/24 +196.13.83.0/24 +196.13.84.0/24 +196.13.85.0/24 +196.13.86.0/24 +196.13.87.0/24 +196.13.88.0/24 +196.13.89.0/24 +196.13.90.0/24 +196.13.91.0/24 +196.13.92.0/24 +196.13.93.0/24 +196.13.94.0/24 +196.13.95.0/24 +196.13.96.0/24 +196.13.97.0/24 +196.13.98.0/24 +196.13.99.0/24 +196.13.100.0/24 196.13.113.0/24 196.13.114.0/24 196.13.115.0/24 @@ -1768,7 +2355,14 @@ 196.13.127.0/24 196.13.128.0/22 196.13.132.0/24 -196.13.138.0/21 +196.13.138.0/24 +196.13.139.0/24 +196.13.140.0/24 +196.13.141.0/24 +196.13.142.0/24 +196.13.143.0/24 +196.13.144.0/24 +196.13.145.0/24 196.13.146.0/24 196.13.147.0/24 196.13.148.0/24 @@ -1786,11 +2380,14 @@ 196.13.172.0/24 196.13.184.0/24 196.13.185.0/24 -196.13.187.0/22 +196.13.187.0/24 +196.13.188.0/23 +196.13.190.0/24 196.13.200.0/24 196.13.205.0/24 196.13.210.0/24 -196.13.211.0/23 +196.13.211.0/24 +196.13.212.0/24 196.13.213.0/24 196.13.214.0/23 196.13.216.0/23 @@ -1805,18 +2402,24 @@ 196.13.228.0/22 196.13.232.0/24 196.13.233.0/24 -196.13.234.0/22 +196.13.234.0/24 +196.13.235.0/24 +196.13.236.0/24 +196.13.237.0/24 196.13.238.0/24 196.13.239.0/24 196.13.240.0/23 196.13.246.0/24 -196.13.247.0/23 +196.13.247.0/24 +196.13.248.0/24 196.13.249.0/24 196.13.250.0/24 196.13.251.0/24 196.14.0.0/16 196.15.0.0/21 196.15.8.0/22 +196.15.12.0/23 +196.15.14.0/23 196.15.64.0/18 196.15.128.0/17 196.16.0.0/14 @@ -1828,8 +2431,18 @@ 196.22.64.0/18 196.22.128.0/24 196.22.129.0/24 -196.22.132.0/21 -196.22.140.0/22 +196.22.132.0/24 +196.22.133.0/24 +196.22.134.0/24 +196.22.135.0/24 +196.22.136.0/24 +196.22.137.0/24 +196.22.138.0/24 +196.22.139.0/24 +196.22.140.0/24 +196.22.141.0/24 +196.22.142.0/24 +196.22.143.0/24 196.22.160.0/19 196.22.192.0/19 196.22.224.0/20 @@ -1845,7 +2458,38 @@ 196.28.8.0/24 196.28.10.0/24 196.28.12.0/22 -196.28.16.0/19 +196.28.16.0/24 +196.28.17.0/24 +196.28.18.0/24 +196.28.19.0/24 +196.28.20.0/24 +196.28.21.0/24 +196.28.22.0/24 +196.28.23.0/24 +196.28.24.0/24 +196.28.25.0/24 +196.28.26.0/24 +196.28.27.0/24 +196.28.28.0/24 +196.28.29.0/24 +196.28.30.0/24 +196.28.31.0/24 +196.28.32.0/24 +196.28.33.0/24 +196.28.34.0/24 +196.28.35.0/24 +196.28.36.0/24 +196.28.37.0/24 +196.28.38.0/24 +196.28.39.0/24 +196.28.40.0/24 +196.28.41.0/24 +196.28.42.0/24 +196.28.43.0/24 +196.28.44.0/24 +196.28.45.0/24 +196.28.46.0/24 +196.28.47.0/24 196.28.64.0/18 196.28.128.0/18 196.28.192.0/19 @@ -1934,6 +2578,7 @@ 197.221.160.0/19 197.236.0.0/16 197.238.0.0/16 +197.242.144.0/20 197.245.0.0/16 197.255.144.0/20 198.54.1.0/24 @@ -1952,9 +2597,28 @@ 198.54.18.0/24 198.54.19.0/24 198.54.20.0/23 -198.54.22.0/20 -198.54.38.0/22 -198.54.42.0/23 +198.54.22.0/24 +198.54.23.0/24 +198.54.24.0/24 +198.54.25.0/24 +198.54.26.0/24 +198.54.27.0/24 +198.54.28.0/24 +198.54.29.0/24 +198.54.30.0/24 +198.54.31.0/24 +198.54.32.0/24 +198.54.33.0/24 +198.54.34.0/24 +198.54.35.0/24 +198.54.36.0/24 +198.54.37.0/24 +198.54.38.0/24 +198.54.39.0/24 +198.54.40.0/24 +198.54.41.0/24 +198.54.42.0/24 +198.54.43.0/24 198.54.44.0/24 198.54.45.0/24 198.54.46.0/24 @@ -2048,8 +2712,12 @@ 198.54.198.0/24 198.54.199.0/24 198.54.202.0/24 -198.54.203.0/22 -198.54.207.0/23 +198.54.203.0/24 +198.54.204.0/24 +198.54.205.0/24 +198.54.206.0/24 +198.54.207.0/24 +198.54.208.0/24 198.54.209.0/24 198.54.210.0/24 198.54.219.0/24 @@ -2120,8 +2788,8 @@ 196.28.7.0/24 # Country: TANZANIA, UNITED REPUBLIC OF # ISO Code: TZ -# Total Networks: 57 -# Total Subnets: 335,616 +# Total Networks: 58 +# Total Subnets: 339,712 41.59.0.0/16 41.73.64.0/19 41.73.160.0/19 @@ -2177,6 +2845,7 @@ 196.216.247.0/24 196.223.5.0/24 196.223.6.0/24 +197.159.112.0/20 197.221.192.0/19 197.250.0.0/16 # Country: TOGO diff --git a/config/pf-blocker/lists/Asia_cidr.txt b/config/pf-blocker/lists/Asia_cidr.txt index 79390744..52e16ec2 100755..100644 --- a/config/pf-blocker/lists/Asia_cidr.txt +++ b/config/pf-blocker/lists/Asia_cidr.txt @@ -3,13 +3,14 @@ # Total Subnets: 581,443,008 # Country: AFGHANISTAN # ISO Code: AF -# Total Networks: 29 -# Total Subnets: 102,720 +# Total Networks: 30 +# Total Subnets: 103,744 27.116.56.0/22 58.147.128.0/19 61.5.192.0/20 103.5.172.0/22 103.5.196.0/23 +103.7.104.0/22 103.23.36.0/22 103.23.247.0/24 103.28.132.0/22 @@ -36,12 +37,13 @@ 210.80.32.0/19 # Country: ARMENIA # ISO Code: AM -# Total Networks: 77 -# Total Subnets: 520,992 +# Total Networks: 78 +# Total Subnets: 525,088 31.7.160.0/21 31.47.192.0/21 31.132.72.0/21 37.26.168.0/21 +37.157.208.0/20 46.19.96.0/21 46.70.0.0/16 46.71.0.0/16 @@ -64,8 +66,8 @@ 91.199.38.0/24 91.199.226.0/24 91.204.188.0/22 -91.205.132.0/21 -91.205.140.0/22 +91.205.132.0/22 +91.205.136.0/21 91.208.76.0/24 91.208.149.0/24 91.209.38.0/24 @@ -117,8 +119,8 @@ 217.113.16.0/20 # Country: AZERBAIJAN # ISO Code: AZ -# Total Networks: 59 -# Total Subnets: 510,976 +# Total Networks: 61 +# Total Subnets: 517,120 31.170.224.0/19 31.171.0.0/17 37.26.0.0/18 @@ -126,6 +128,7 @@ 37.61.0.0/17 37.72.128.0/20 37.114.128.0/18 +37.128.200.0/21 46.18.64.0/21 46.22.224.0/20 46.23.96.0/20 @@ -159,6 +162,7 @@ 109.237.112.0/20 109.239.16.0/20 130.0.8.0/21 +131.117.128.0/20 134.19.208.0/20 149.126.112.0/20 149.255.144.0/20 @@ -180,8 +184,9 @@ 217.168.176.0/20 # Country: BAHRAIN # ISO Code: BH -# Total Networks: 45 -# Total Subnets: 433,152 +# Total Networks: 46 +# Total Subnets: 465,920 +37.131.0.0/17 46.23.16.0/20 46.42.64.0/18 46.184.128.0/17 @@ -229,8 +234,8 @@ 217.17.240.0/20 # Country: BANGLADESH # ISO Code: BD -# Total Networks: 162 -# Total Subnets: 923,136 +# Total Networks: 163 +# Total Subnets: 924,160 27.0.96.0/19 27.131.12.0/22 27.147.128.0/17 @@ -249,6 +254,7 @@ 103.4.116.0/22 103.4.144.0/22 103.5.232.0/22 +103.7.112.0/22 103.10.52.0/22 103.10.76.0/22 103.11.136.0/22 @@ -431,8 +437,8 @@ 202.160.32.0/20 # Country: CAMBODIA # ISO Code: KH -# Total Networks: 72 -# Total Subnets: 224,256 +# Total Networks: 74 +# Total Subnets: 225,536 27.109.112.0/22 27.109.116.0/22 27.111.8.0/22 @@ -441,6 +447,8 @@ 49.156.32.0/20 103.5.124.0/22 103.6.8.0/22 +103.7.24.0/22 +103.7.144.0/24 103.11.216.0/22 103.23.132.0/22 103.23.136.0/22 @@ -507,8 +515,8 @@ 223.223.168.0/21 # Country: CHINA # ISO Code: CN -# Total Networks: 3,798 -# Total Subnets: 330,317,312 +# Total Networks: 3,802 +# Total Subnets: 330,321,408 1.0.1.0/24 1.0.2.0/23 1.0.8.0/21 @@ -1155,6 +1163,10 @@ 103.5.52.0/22 103.5.56.0/22 103.5.252.0/22 +103.6.76.0/22 +103.6.220.0/22 +103.7.4.0/22 +103.7.28.0/22 103.10.0.0/22 103.10.16.0/22 103.10.84.0/22 @@ -2306,6 +2318,7 @@ 202.9.51.0/24 202.9.52.0/23 202.9.54.0/24 +202.9.57.0/24 202.9.58.0/23 202.10.64.0/20 202.12.1.0/24 @@ -2366,7 +2379,6 @@ 202.20.88.0/23 202.20.90.0/24 202.20.94.0/23 -202.20.108.0/24 202.20.114.0/24 202.20.117.0/24 202.20.120.0/24 @@ -4317,12 +4329,13 @@ # Total Subnets: 0 # Country: CYPRUS # ISO Code: CY -# Total Networks: 101 -# Total Subnets: 1,071,616 +# Total Networks: 102 +# Total Subnets: 1,137,152 31.22.88.0/21 31.153.0.0/16 31.216.64.0/18 37.9.176.0/21 +37.149.0.0/16 46.16.136.0/21 46.21.48.0/20 46.28.176.0/21 @@ -4422,13 +4435,15 @@ 217.175.208.0/20 # Country: GEORGIA # ISO Code: GE -# Total Networks: 85 -# Total Subnets: 1,010,432 +# Total Networks: 88 +# Total Subnets: 1,014,784 31.146.0.0/16 31.192.0.0/18 37.46.104.0/21 37.75.128.0/21 37.110.160.0/19 +37.131.224.0/21 +37.143.152.0/21 46.49.0.0/17 62.168.160.0/19 62.212.32.0/19 @@ -4464,6 +4479,7 @@ 91.227.255.0/24 91.232.26.0/24 91.233.15.0/24 +91.235.243.0/24 92.51.64.0/18 92.54.192.0/18 92.241.64.0/19 @@ -4511,8 +4527,8 @@ 217.147.224.0/20 # Country: HONG KONG # ISO Code: HK -# Total Networks: 835 -# Total Subnets: 11,767,296 +# Total Networks: 844 +# Total Subnets: 11,775,744 1.32.0.0/16 1.36.0.0/16 1.64.0.0/16 @@ -4596,6 +4612,18 @@ 103.5.220.0/22 103.6.4.0/22 103.6.48.0/22 +103.6.90.0/23 +103.6.120.0/22 +103.6.124.0/22 +103.6.128.0/22 +103.6.136.0/22 +103.6.140.0/22 +103.6.152.0/22 +103.6.160.0/23 +103.6.166.0/24 +103.6.176.0/22 +103.6.192.0/22 +103.7.54.0/23 103.10.12.0/22 103.10.108.0/24 103.10.124.0/23 @@ -4614,7 +4642,6 @@ 103.22.200.0/22 103.22.244.0/22 103.23.68.0/23 -103.23.96.0/22 103.23.192.0/22 103.28.44.0/22 103.28.76.0/22 @@ -4682,7 +4709,6 @@ 116.66.232.0/21 116.68.184.0/21 116.90.64.0/21 -116.193.156.0/24 116.193.158.0/23 116.197.176.0/20 116.212.112.0/20 @@ -5241,7 +5267,6 @@ 203.198.192.0/18 203.202.224.0/21 203.208.20.0/24 -203.208.22.0/24 203.209.128.0/20 203.210.0.0/20 203.215.240.0/20 @@ -5350,8 +5375,8 @@ 223.255.240.0/22 # Country: INDIA # ISO Code: IN -# Total Networks: 1,008 -# Total Subnets: 34,673,408 +# Total Networks: 1,024 +# Total Subnets: 34,683,904 1.6.0.0/16 1.7.0.0/16 1.22.0.0/16 @@ -5508,6 +5533,24 @@ 103.6.26.0/24 103.6.27.0/24 103.6.32.0/23 +103.6.84.0/22 +103.6.88.0/24 +103.6.104.0/24 +103.6.108.0/22 +103.6.119.0/24 +103.6.132.0/22 +103.6.156.0/22 +103.6.164.0/24 +103.6.167.0/24 +103.6.168.0/22 +103.6.184.0/22 +103.7.3.0/24 +103.7.64.0/22 +103.7.80.0/22 +103.7.108.0/22 +103.7.128.0/22 +103.7.145.0/24 +103.7.148.0/22 103.10.9.0/24 103.10.24.0/22 103.10.109.0/24 @@ -5673,7 +5716,6 @@ 116.203.0.0/16 116.212.176.0/21 116.214.24.0/21 -117.53.40.0/21 117.55.240.0/21 117.96.0.0/14 117.103.120.0/21 @@ -6041,7 +6083,6 @@ 202.94.74.0/24 202.95.251.0/24 202.122.16.0/21 -202.122.134.0/23 202.123.32.0/20 202.124.194.0/24 202.124.202.0/24 @@ -6362,8 +6403,8 @@ 223.255.244.0/22 # Country: INDONESIA # ISO Code: ID -# Total Networks: 847 -# Total Subnets: 17,352,192 +# Total Networks: 857 +# Total Subnets: 17,358,592 14.102.152.0/22 27.50.16.0/20 27.111.32.0/19 @@ -6432,6 +6473,16 @@ 103.6.36.0/22 103.6.40.0/22 103.6.52.0/22 +103.6.117.0/24 +103.6.118.0/24 +103.6.180.0/24 +103.6.200.0/22 +103.6.204.0/22 +103.6.214.0/24 +103.7.0.0/23 +103.7.12.0/22 +103.7.52.0/23 +103.7.84.0/22 103.10.56.0/24 103.10.58.0/23 103.10.60.0/22 @@ -6820,8 +6871,8 @@ 202.12.75.0/24 202.14.92.0/23 202.14.255.0/24 -202.20.106.0/24 -202.20.107.0/24 +202.20.106.0/23 +202.20.108.0/24 202.20.109.0/24 202.22.31.0/24 202.37.120.0/24 @@ -7213,8 +7264,8 @@ 223.255.224.0/21 # Country: IRAN, ISLAMIC REPUBLIC OF # ISO Code: IR -# Total Networks: 288 -# Total Subnets: 5,149,696 +# Total Networks: 298 +# Total Subnets: 5,260,800 2.144.0.0/14 2.176.0.0/12 31.7.64.0/18 @@ -7250,6 +7301,12 @@ 37.98.200.0/21 37.114.192.0/18 37.123.192.0/21 +37.128.240.0/20 +37.130.200.0/21 +37.137.0.0/16 +37.143.144.0/21 +37.152.160.0/19 +37.191.64.0/19 46.18.248.0/21 46.21.80.0/20 46.28.72.0/21 @@ -7360,12 +7417,14 @@ 91.232.68.0/23 91.232.72.0/22 91.233.56.0/22 +91.236.168.0/23 92.42.48.0/21 92.50.0.0/18 92.61.176.0/20 92.62.176.0/20 92.242.192.0/19 93.110.0.0/16 +93.126.0.0/18 93.190.24.0/21 94.74.128.0/18 94.101.128.0/20 @@ -7411,6 +7470,8 @@ 158.58.184.0/21 159.20.96.0/20 159.255.32.0/21 +164.138.16.0/21 +164.138.96.0/21 164.215.40.0/21 164.215.56.0/21 164.215.128.0/17 @@ -7505,8 +7566,8 @@ 217.219.0.0/16 # Country: IRAQ # ISO Code: IQ -# Total Networks: 36 -# Total Subnets: 231,424 +# Total Networks: 38 +# Total Subnets: 241,664 31.25.136.0/21 37.17.128.0/19 37.77.48.0/21 @@ -7533,8 +7594,10 @@ 109.224.0.0/18 130.193.128.0/17 130.255.88.0/21 +131.117.224.0/19 149.255.192.0/18 159.255.160.0/21 +164.138.232.0/21 176.28.72.0/21 176.241.80.0/20 178.17.48.0/20 @@ -7545,8 +7608,8 @@ 217.171.176.0/20 # Country: ISRAEL # ISO Code: IL -# Total Networks: 397 -# Total Subnets: 7,504,192 +# Total Networks: 490 +# Total Subnets: 7,573,824 2.52.0.0/14 31.25.112.0/21 31.44.128.0/20 @@ -7559,6 +7622,7 @@ 37.60.40.0/21 37.61.224.0/21 37.122.152.0/21 +37.142.0.0/16 46.19.80.0/21 46.31.96.0/21 46.116.0.0/16 @@ -7731,6 +7795,7 @@ 149.49.0.0/16 149.126.72.0/21 159.253.248.0/21 +164.138.112.0/20 176.12.128.0/17 176.13.0.0/16 176.106.224.0/21 @@ -7745,17 +7810,108 @@ 192.86.25.0/24 192.86.89.0/24 192.114.0.0/24 -192.114.1.0/23 -192.114.3.0/22 -192.114.7.0/21 -192.114.15.0/20 -192.114.31.0/19 -192.114.63.0/20 -192.114.79.0/22 +192.114.1.0/24 +192.114.2.0/24 +192.114.3.0/24 +192.114.4.0/24 +192.114.5.0/24 +192.114.6.0/24 +192.114.7.0/24 +192.114.8.0/24 +192.114.9.0/24 +192.114.10.0/24 +192.114.11.0/24 +192.114.12.0/24 +192.114.13.0/24 +192.114.14.0/24 +192.114.15.0/24 +192.114.16.0/24 +192.114.17.0/24 +192.114.18.0/24 +192.114.19.0/24 +192.114.20.0/24 +192.114.21.0/24 +192.114.22.0/24 +192.114.23.0/24 +192.114.24.0/24 +192.114.25.0/24 +192.114.26.0/24 +192.114.27.0/24 +192.114.28.0/24 +192.114.29.0/24 +192.114.30.0/24 +192.114.31.0/24 +192.114.32.0/24 +192.114.33.0/24 +192.114.34.0/24 +192.114.35.0/24 +192.114.36.0/24 +192.114.37.0/24 +192.114.38.0/24 +192.114.39.0/24 +192.114.40.0/24 +192.114.41.0/24 +192.114.42.0/24 +192.114.43.0/24 +192.114.44.0/24 +192.114.45.0/24 +192.114.46.0/24 +192.114.47.0/24 +192.114.48.0/24 +192.114.49.0/24 +192.114.50.0/24 +192.114.51.0/24 +192.114.52.0/24 +192.114.53.0/24 +192.114.54.0/24 +192.114.55.0/24 +192.114.56.0/24 +192.114.57.0/24 +192.114.58.0/24 +192.114.59.0/24 +192.114.60.0/24 +192.114.61.0/24 +192.114.62.0/24 +192.114.63.0/24 +192.114.64.0/24 +192.114.65.0/24 +192.114.66.0/24 +192.114.67.0/24 +192.114.68.0/24 +192.114.69.0/24 +192.114.70.0/24 +192.114.71.0/24 +192.114.72.0/24 +192.114.73.0/24 +192.114.74.0/24 +192.114.75.0/24 +192.114.76.0/24 +192.114.77.0/24 +192.114.78.0/24 +192.114.79.0/24 +192.114.80.0/24 +192.114.81.0/24 +192.114.82.0/24 192.114.83.0/24 192.114.84.0/22 -192.114.88.0/18 -192.114.152.0/21 +192.114.88.0/21 +192.114.96.0/20 +192.114.112.0/21 +192.114.120.0/22 +192.114.124.0/22 +192.114.128.0/20 +192.114.144.0/24 +192.114.145.0/24 +192.114.146.0/23 +192.114.148.0/22 +192.114.152.0/24 +192.114.153.0/24 +192.114.154.0/24 +192.114.155.0/24 +192.114.156.0/24 +192.114.157.0/24 +192.114.158.0/24 +192.114.159.0/24 192.114.160.0/19 192.114.192.0/18 192.115.0.0/16 @@ -7881,8 +8037,8 @@ 195.62.18.0/23 195.62.30.0/23 195.66.118.0/24 -195.72.116.0/21 -195.72.124.0/22 +195.72.116.0/22 +195.72.120.0/21 195.78.120.0/23 195.82.128.0/23 195.85.254.0/24 @@ -7946,8 +8102,8 @@ 217.194.192.0/20 # Country: JAPAN # ISO Code: JP -# Total Networks: 2,715 -# Total Subnets: 202,104,320 +# Total Networks: 2,732 +# Total Subnets: 202,183,168 1.0.16.0/20 1.0.64.0/18 1.1.64.0/18 @@ -8330,6 +8486,19 @@ 103.6.20.0/22 103.6.44.0/22 103.6.56.0/22 +103.6.60.0/22 +103.6.68.0/22 +103.6.92.0/22 +103.6.112.0/22 +103.6.224.0/22 +103.6.228.0/22 +103.6.240.0/22 +103.7.20.0/22 +103.7.92.0/22 +103.7.116.0/22 +103.7.120.0/22 +103.7.132.0/22 +103.7.152.0/22 103.10.36.0/22 103.10.68.0/22 103.10.112.0/22 @@ -9143,7 +9312,8 @@ 157.14.252.0/22 157.15.0.0/16 157.16.0.0/16 -157.17.0.0/16 +157.17.0.0/17 +157.17.128.0/17 157.19.0.0/16 157.20.0.0/16 157.63.0.0/16 @@ -9245,6 +9415,7 @@ 160.202.0.0/16 160.203.0.0/16 160.204.0.0/16 +160.215.0.0/16 160.233.0.0/16 160.235.0.0/16 160.237.0.0/16 @@ -10438,10 +10609,12 @@ 203.223.72.0/21 203.223.80.0/21 203.223.180.0/22 -204.79.157.0/23 +204.79.157.0/24 +204.79.158.0/24 204.79.218.0/24 204.231.230.0/24 -204.231.251.0/23 +204.231.251.0/24 +204.231.252.0/24 206.3.0.0/19 206.143.128.0/17 210.1.144.0/20 @@ -10665,12 +10838,15 @@ 223.223.224.0/19 # Country: JORDAN # ISO Code: JO -# Total Networks: 79 -# Total Subnets: 641,408 +# Total Networks: 82 +# Total Subnets: 663,936 31.222.224.0/19 37.17.192.0/20 37.44.32.0/21 37.123.64.0/19 +37.140.240.0/20 +37.152.0.0/21 +37.202.64.0/18 46.23.112.0/20 46.32.96.0/19 46.185.128.0/17 @@ -10748,8 +10924,8 @@ 217.144.0.0/20 # Country: KAZAKHSTAN # ISO Code: KZ -# Total Networks: 157 -# Total Subnets: 2,381,824 +# Total Networks: 158 +# Total Subnets: 2,512,896 2.72.0.0/13 2.132.0.0/14 31.31.216.0/21 @@ -10760,6 +10936,7 @@ 37.17.176.0/21 37.77.128.0/21 37.99.0.0/17 +37.150.0.0/15 46.16.144.0/21 46.19.40.0/21 46.36.128.0/19 @@ -10844,7 +11021,6 @@ 109.163.192.0/21 109.229.160.0/19 109.232.0.0/21 -109.233.240.0/21 109.238.160.0/20 109.239.32.0/20 128.127.176.0/21 @@ -10855,6 +11031,7 @@ 149.27.0.0/16 164.0.0.0/16 164.40.0.0/17 +164.138.40.0/21 176.98.192.0/18 176.108.64.0/19 176.222.128.0/18 @@ -10914,8 +11091,8 @@ 175.45.176.0/22 # Country: KOREA, REPUBLIC OF # ISO Code: KR -# Total Networks: 995 -# Total Subnets: 112,233,984 +# Total Networks: 1,001 +# Total Subnets: 112,239,104 1.11.0.0/16 1.16.0.0/14 1.96.0.0/12 @@ -11065,6 +11242,12 @@ 103.4.180.0/22 103.5.128.0/22 103.5.144.0/22 +103.6.72.0/22 +103.6.80.0/22 +103.6.100.0/22 +103.6.172.0/23 +103.6.174.0/23 +103.7.32.0/22 103.10.92.0/22 103.10.216.0/22 103.11.24.0/22 @@ -11913,7 +12096,7 @@ 223.255.192.0/19 # Country: KUWAIT # ISO Code: KW -# Total Networks: 97 +# Total Networks: 107 # Total Subnets: 1,885,184 31.203.0.0/16 31.214.0.0/17 @@ -11987,8 +12170,18 @@ 193.109.215.0/24 193.169.130.0/23 193.188.48.0/20 -193.188.142.0/21 -193.188.150.0/22 +193.188.142.0/24 +193.188.143.0/24 +193.188.144.0/24 +193.188.145.0/24 +193.188.146.0/24 +193.188.147.0/24 +193.188.148.0/24 +193.188.149.0/24 +193.188.150.0/24 +193.188.151.0/24 +193.188.152.0/24 +193.188.153.0/24 193.188.160.0/19 193.200.40.0/23 194.31.57.0/24 @@ -12014,12 +12207,13 @@ 217.69.176.0/20 # Country: KYRGYZSTAN # ISO Code: KG -# Total Networks: 46 -# Total Subnets: 229,120 +# Total Networks: 47 +# Total Subnets: 231,168 31.29.0.0/19 31.41.152.0/21 31.186.48.0/21 31.192.248.0/21 +37.143.128.0/21 46.226.208.0/21 46.235.72.0/21 46.251.192.0/19 @@ -12082,8 +12276,8 @@ 203.110.64.0/20 # Country: LEBANON # ISO Code: LB -# Total Networks: 66 -# Total Subnets: 457,472 +# Total Networks: 68 +# Total Subnets: 457,728 46.19.192.0/21 46.20.96.0/20 46.227.248.0/21 @@ -12115,6 +12309,7 @@ 91.217.177.0/24 91.223.215.0/24 91.232.100.0/23 +91.236.236.0/24 92.62.160.0/20 93.126.128.0/17 93.185.80.0/20 @@ -12134,7 +12329,8 @@ 193.104.40.0/24 193.105.8.0/24 193.188.128.0/22 -193.188.135.0/23 +193.188.135.0/24 +193.188.136.0/24 193.188.138.0/23 193.227.160.0/19 194.126.0.0/19 @@ -12180,8 +12376,8 @@ 202.175.160.0/19 # Country: MALAYSIA # ISO Code: MY -# Total Networks: 370 -# Total Subnets: 6,324,480 +# Total Networks: 380 +# Total Subnets: 6,322,688 1.9.0.0/16 14.1.128.0/17 14.102.144.0/21 @@ -12237,6 +12433,13 @@ 103.5.105.0/24 103.5.180.0/22 103.5.236.0/22 +103.6.163.0/24 +103.6.196.0/22 +103.6.236.0/22 +103.6.244.0/22 +103.7.68.0/22 +103.7.140.0/22 +103.7.156.0/22 103.10.40.0/22 103.10.156.0/22 103.10.160.0/22 @@ -12277,6 +12480,7 @@ 115.146.96.0/20 115.164.0.0/16 116.0.96.0/19 +116.193.156.0/24 116.193.157.0/24 116.197.0.0/17 117.53.152.0/22 @@ -12322,7 +12526,6 @@ 182.54.192.0/19 182.62.0.0/16 182.63.0.0/16 -182.161.32.0/19 182.173.72.0/22 182.239.40.0/22 182.255.20.0/22 @@ -12330,8 +12533,12 @@ 183.78.168.0/22 183.81.160.0/21 183.171.0.0/16 -192.100.135.0/22 -192.100.139.0/23 +192.100.135.0/24 +192.100.136.0/24 +192.100.137.0/24 +192.100.138.0/24 +192.100.139.0/24 +192.100.140.0/24 192.228.128.0/24 192.228.129.0/24 192.228.130.0/24 @@ -12512,7 +12719,6 @@ 203.176.144.0/21 203.188.232.0/21 203.189.16.0/21 -203.201.182.0/24 203.201.184.0/22 203.217.128.0/22 203.217.176.0/22 @@ -12685,11 +12891,12 @@ 203.119.90.0/23 # Country: OMAN # ISO Code: OM -# Total Networks: 20 -# Total Subnets: 586,752 +# Total Networks: 21 +# Total Subnets: 619,520 37.28.0.0/17 37.40.0.0/16 37.41.0.0/16 +37.200.128.0/17 46.40.192.0/18 46.255.56.0/21 62.61.160.0/19 @@ -12709,8 +12916,8 @@ 213.202.0.0/19 # Country: PAKISTAN # ISO Code: PK -# Total Networks: 156 -# Total Subnets: 5,177,600 +# Total Networks: 159 +# Total Subnets: 5,179,904 14.192.128.0/19 27.54.120.0/22 27.255.0.0/18 @@ -12725,9 +12932,12 @@ 58.181.112.0/20 59.103.0.0/16 61.5.128.0/19 +91.236.115.0/24 101.50.64.0/18 103.4.92.0/22 103.5.136.0/22 +103.7.60.0/22 +103.7.76.0/22 103.11.60.0/22 103.11.68.0/22 103.28.150.0/23 @@ -12869,8 +13079,8 @@ 223.29.224.0/20 # Country: PALESTINIAN TERRITORY # ISO Code: PS -# Total Networks: 53 -# Total Subnets: 510,464 +# Total Networks: 54 +# Total Subnets: 510,720 31.13.160.0/21 31.25.72.0/21 31.186.176.0/21 @@ -12895,6 +13105,7 @@ 85.114.96.0/19 91.209.248.0/24 91.212.102.0/24 +91.237.50.0/24 93.184.0.0/20 95.130.88.0/21 109.73.240.0/20 @@ -12926,8 +13137,8 @@ 217.78.48.0/20 # Country: PHILIPPINES # ISO Code: PH -# Total Networks: 336 -# Total Subnets: 5,400,832 +# Total Networks: 342 +# Total Subnets: 5,404,672 1.37.0.0/16 27.50.0.0/22 27.106.216.0/21 @@ -12951,6 +13162,10 @@ 103.5.0.0/22 103.5.4.0/22 103.5.60.0/22 +103.6.96.0/22 +103.6.181.0/24 +103.6.248.0/22 +103.7.146.0/24 103.10.152.0/22 103.10.176.0/22 103.10.200.0/22 @@ -12958,6 +13173,7 @@ 103.11.40.0/22 103.11.64.0/22 103.11.112.0/22 +103.23.96.0/22 103.23.174.0/24 103.28.16.0/22 103.28.68.0/22 @@ -13235,6 +13451,7 @@ 203.190.220.0/23 203.191.134.0/23 203.201.180.0/24 +203.208.22.0/24 203.208.24.0/21 203.213.192.0/19 203.215.64.0/19 @@ -13288,8 +13505,8 @@ 213.130.96.0/19 # Country: SAUDI ARABIA # ISO Code: SA -# Total Networks: 266 -# Total Subnets: 5,435,136 +# Total Networks: 271 +# Total Subnets: 5,504,256 2.88.0.0/14 31.24.224.0/21 31.166.0.0/16 @@ -13301,6 +13518,7 @@ 37.104.0.0/14 37.121.0.0/16 37.124.0.0/14 +37.141.0.0/16 46.18.160.0/21 46.29.80.0/21 46.38.64.0/19 @@ -13405,6 +13623,9 @@ 91.230.124.0/23 91.233.141.0/24 91.233.174.0/24 +91.237.21.0/24 +91.237.22.0/23 +91.237.28.0/22 92.43.168.0/21 92.48.0.0/18 93.98.0.0/16 @@ -13462,7 +13683,6 @@ 193.28.94.0/24 193.29.50.0/24 193.37.143.0/24 -193.42.215.0/24 193.42.220.0/24 193.47.102.0/24 193.104.204.0/24 @@ -13471,7 +13691,8 @@ 193.109.218.0/24 193.142.222.0/24 193.169.190.0/23 -193.188.1.0/23 +193.188.1.0/24 +193.188.2.0/24 193.188.3.0/24 193.188.14.0/24 193.188.15.0/24 @@ -13497,6 +13718,7 @@ 195.114.106.0/23 195.128.131.0/24 195.130.206.0/24 +195.134.184.0/21 195.149.65.0/24 195.149.91.0/24 195.170.180.0/24 @@ -13558,8 +13780,8 @@ 217.173.80.0/20 # Country: SINGAPORE # ISO Code: SG -# Total Networks: 543 -# Total Subnets: 5,714,944 +# Total Networks: 547 +# Total Subnets: 5,718,528 14.100.0.0/16 27.0.8.0/22 27.34.176.0/20 @@ -13617,6 +13839,11 @@ 103.5.151.0/24 103.5.199.0/24 103.5.240.0/22 +103.6.106.0/23 +103.6.148.0/22 +103.7.2.0/24 +103.7.8.0/22 +103.7.124.0/22 103.10.100.0/22 103.10.220.0/23 103.11.48.0/22 @@ -13817,7 +14044,6 @@ 202.0.126.0/24 202.0.127.0/24 202.0.149.0/24 -202.0.152.0/24 202.1.5.0/24 202.1.64.0/19 202.1.96.0/20 @@ -14155,7 +14381,7 @@ 222.165.128.0/18 # Country: SYRIAN ARAB REPUBLIC # ISO Code: SY -# Total Networks: 38 +# Total Networks: 40 # Total Subnets: 824,320 31.9.0.0/16 31.193.64.0/20 @@ -14761,8 +14987,8 @@ 217.11.176.0/20 # Country: THAILAND # ISO Code: TH -# Total Networks: 436 -# Total Subnets: 8,544,768 +# Total Networks: 441 +# Total Subnets: 8,547,840 1.0.128.0/17 1.1.128.0/17 1.2.128.0/17 @@ -14829,6 +15055,11 @@ 103.4.228.0/22 103.5.24.0/22 103.5.120.0/22 +103.6.162.0/24 +103.6.165.0/24 +103.6.182.0/23 +103.7.16.0/22 +103.7.56.0/22 103.10.228.0/22 103.11.12.0/22 103.22.180.0/22 @@ -15206,8 +15437,9 @@ 180.189.160.0/20 # Country: TURKEY # ISO Code: TR -# Total Networks: 458 -# Total Subnets: 15,167,424 +# Total Networks: 468 +# Total Subnets: 15,392,960 +24.133.0.0/16 31.3.0.0/21 31.6.80.0/20 31.7.32.0/21 @@ -15240,6 +15472,14 @@ 37.122.224.0/20 37.123.0.0/18 37.123.96.0/21 +37.130.64.0/18 +37.131.248.0/21 +37.140.208.0/21 +37.148.208.0/21 +37.152.72.0/21 +37.154.0.0/15 +37.202.48.0/21 +37.205.0.0/21 46.2.0.0/16 46.17.128.0/21 46.20.0.0/20 @@ -15383,6 +15623,7 @@ 91.233.80.0/24 91.235.64.0/24 91.235.104.0/23 +91.235.241.0/24 92.42.32.0/21 92.43.80.0/21 92.44.0.0/16 @@ -15675,8 +15916,8 @@ 217.174.224.0/20 # Country: UNITED ARAB EMIRATES # ISO Code: AE -# Total Networks: 57 -# Total Subnets: 2,838,144 +# Total Networks: 61 +# Total Subnets: 2,838,400 2.48.0.0/14 31.29.64.0/19 31.47.88.0/21 @@ -15704,6 +15945,7 @@ 91.230.41.0/24 91.231.11.0/24 91.235.159.0/24 +91.236.162.0/24 92.96.0.0/14 94.56.0.0/14 94.200.0.0/13 @@ -15728,7 +15970,10 @@ 194.153.153.128/25 194.170.0.0/16 195.229.0.0/16 -196.3.67.0/22 +196.3.67.0/24 +196.3.68.0/24 +196.3.69.0/24 +196.3.70.0/24 196.3.71.0/24 213.42.0.0/16 213.132.32.0/19 @@ -15790,8 +16035,8 @@ 217.30.160.0/20 # Country: VIET NAM # ISO Code: VN -# Total Networks: 213 -# Total Subnets: 15,527,168 +# Total Networks: 215 +# Total Subnets: 15,529,216 1.52.0.0/14 14.0.16.0/20 14.160.0.0/11 @@ -15830,6 +16075,8 @@ 103.5.30.0/23 103.5.204.0/22 103.5.208.0/22 +103.7.36.0/22 +103.7.40.0/22 103.10.88.0/22 103.10.212.0/22 103.11.172.0/22 @@ -16007,12 +16254,13 @@ 223.27.104.0/21 # Country: YEMEN # ISO Code: YE -# Total Networks: 7 -# Total Subnets: 49,152 +# Total Networks: 8 +# Total Subnets: 51,200 31.31.176.0/20 46.35.64.0/19 82.114.160.0/19 89.189.64.0/19 109.74.32.0/20 109.200.160.0/19 +131.117.160.0/21 195.94.0.0/19 diff --git a/config/pf-blocker/lists/Europe_cidr.txt b/config/pf-blocker/lists/Europe_cidr.txt index 85d2b546..3b77a9bb 100755..100644 --- a/config/pf-blocker/lists/Europe_cidr.txt +++ b/config/pf-blocker/lists/Europe_cidr.txt @@ -12,14 +12,15 @@ 217.29.224.0/20 # Country: ALBANIA # ISO Code: AL -# Total Networks: 49 -# Total Subnets: 321,792 +# Total Networks: 50 +# Total Subnets: 323,840 31.22.48.0/20 31.44.64.0/20 31.171.152.0/21 31.222.40.0/21 37.26.64.0/21 37.26.80.0/21 +37.139.112.0/21 46.19.224.0/21 46.99.0.0/16 46.183.120.0/21 @@ -73,8 +74,8 @@ 194.158.64.0/19 # Country: AUSTRIA # ISO Code: AT -# Total Networks: 1,151 -# Total Subnets: 11,170,272 +# Total Networks: 1,738 +# Total Subnets: 11,308,000 31.5.0.0/16 31.12.0.0/21 31.193.160.0/21 @@ -82,6 +83,8 @@ 37.61.184.0/21 37.75.136.0/21 37.98.192.0/21 +37.143.176.0/20 +37.186.0.0/15 46.17.224.0/21 46.20.16.0/20 46.29.32.0/21 @@ -349,6 +352,9 @@ 91.233.191.0/24 91.233.227.0/24 91.234.229.0/24 +91.236.160.0/24 +91.237.96.0/24 +91.237.143.0/24 92.39.160.0/20 92.42.136.0/21 92.43.96.0/21 @@ -390,8 +396,7 @@ 109.234.144.0/21 117.74.96.0/20 128.65.128.0/21 -128.130.0.0/16 -128.131.0.0/16 +128.130.0.0/15 128.204.128.0/19 129.27.0.0/16 130.0.64.0/21 @@ -573,7 +578,8 @@ 193.46.4.0/21 193.46.12.0/21 193.46.20.0/22 -193.46.24.0/20 +193.46.24.0/21 +193.46.32.0/21 193.46.40.0/22 193.46.44.0/24 193.46.45.0/24 @@ -582,9 +588,74 @@ 193.46.58.0/23 193.46.92.0/21 193.46.100.0/22 -193.46.104.0/19 -193.46.136.0/19 -193.46.168.0/22 +193.46.104.0/24 +193.46.105.0/24 +193.46.106.0/24 +193.46.107.0/24 +193.46.108.0/24 +193.46.109.0/24 +193.46.110.0/24 +193.46.111.0/24 +193.46.112.0/24 +193.46.113.0/24 +193.46.114.0/24 +193.46.115.0/24 +193.46.116.0/24 +193.46.117.0/24 +193.46.118.0/24 +193.46.119.0/24 +193.46.120.0/24 +193.46.121.0/24 +193.46.122.0/24 +193.46.123.0/24 +193.46.124.0/24 +193.46.125.0/24 +193.46.126.0/24 +193.46.127.0/24 +193.46.128.0/24 +193.46.129.0/24 +193.46.130.0/24 +193.46.131.0/24 +193.46.132.0/24 +193.46.133.0/24 +193.46.134.0/24 +193.46.135.0/24 +193.46.136.0/24 +193.46.137.0/24 +193.46.138.0/24 +193.46.139.0/24 +193.46.140.0/24 +193.46.141.0/24 +193.46.142.0/24 +193.46.143.0/24 +193.46.144.0/24 +193.46.145.0/24 +193.46.146.0/24 +193.46.147.0/24 +193.46.148.0/24 +193.46.149.0/24 +193.46.150.0/24 +193.46.151.0/24 +193.46.152.0/24 +193.46.153.0/24 +193.46.154.0/24 +193.46.155.0/24 +193.46.156.0/24 +193.46.157.0/24 +193.46.158.0/24 +193.46.159.0/24 +193.46.160.0/24 +193.46.161.0/24 +193.46.162.0/24 +193.46.163.0/24 +193.46.164.0/24 +193.46.165.0/24 +193.46.166.0/24 +193.46.167.0/24 +193.46.168.0/24 +193.46.169.0/24 +193.46.170.0/24 +193.46.171.0/24 193.46.172.0/21 193.46.188.0/23 193.46.190.0/24 @@ -611,8 +682,12 @@ 193.47.156.0/24 193.47.157.0/24 193.53.80.0/24 -193.58.210.0/22 -193.58.214.0/23 +193.58.210.0/24 +193.58.211.0/24 +193.58.212.0/24 +193.58.213.0/24 +193.58.214.0/24 +193.58.215.0/24 193.80.0.0/16 193.81.0.0/16 193.83.0.0/16 @@ -666,14 +741,20 @@ 193.138.0.0/24 193.138.105.0/24 193.138.123.0/24 -193.150.174.0/22 -193.150.178.0/23 +193.150.174.0/24 +193.150.175.0/24 +193.150.176.0/24 +193.150.177.0/24 +193.150.178.0/24 +193.150.179.0/24 193.151.60.0/22 193.154.0.0/16 193.160.98.0/23 193.164.15.0/24 193.164.224.0/23 -193.164.234.0/21 +193.164.234.0/23 +193.164.236.0/22 +193.164.240.0/23 193.169.168.0/23 193.170.0.0/16 193.171.0.0/16 @@ -682,14 +763,79 @@ 193.178.160.0/24 193.178.208.0/24 193.186.0.0/24 -193.186.5.0/23 +193.186.5.0/24 +193.186.6.0/24 193.186.16.0/20 -193.186.40.0/19 -193.186.72.0/20 -193.186.88.0/20 +193.186.40.0/21 +193.186.48.0/20 +193.186.64.0/21 +193.186.72.0/24 +193.186.73.0/24 +193.186.74.0/24 +193.186.75.0/24 +193.186.76.0/24 +193.186.77.0/24 +193.186.78.0/24 +193.186.79.0/24 +193.186.80.0/24 +193.186.81.0/24 +193.186.82.0/24 +193.186.83.0/24 +193.186.84.0/24 +193.186.85.0/24 +193.186.86.0/24 +193.186.87.0/24 +193.186.88.0/21 +193.186.96.0/21 193.186.104.0/21 -193.186.112.0/19 -193.186.144.0/20 +193.186.112.0/24 +193.186.113.0/24 +193.186.114.0/24 +193.186.115.0/24 +193.186.116.0/24 +193.186.117.0/24 +193.186.118.0/24 +193.186.119.0/24 +193.186.120.0/24 +193.186.121.0/24 +193.186.122.0/24 +193.186.123.0/24 +193.186.124.0/24 +193.186.125.0/24 +193.186.126.0/24 +193.186.127.0/24 +193.186.128.0/24 +193.186.129.0/24 +193.186.130.0/24 +193.186.131.0/24 +193.186.132.0/24 +193.186.133.0/24 +193.186.134.0/24 +193.186.135.0/24 +193.186.136.0/24 +193.186.137.0/24 +193.186.138.0/24 +193.186.139.0/24 +193.186.140.0/24 +193.186.141.0/24 +193.186.142.0/24 +193.186.143.0/24 +193.186.144.0/24 +193.186.145.0/24 +193.186.146.0/24 +193.186.147.0/24 +193.186.148.0/24 +193.186.149.0/24 +193.186.150.0/24 +193.186.151.0/24 +193.186.152.0/24 +193.186.153.0/24 +193.186.154.0/24 +193.186.155.0/24 +193.186.156.0/24 +193.186.157.0/24 +193.186.158.0/24 +193.186.159.0/24 193.186.160.0/24 193.186.161.0/24 193.186.164.0/21 @@ -703,22 +849,171 @@ 193.186.212.0/23 193.186.214.0/24 193.186.215.0/24 -193.186.216.0/19 +193.186.216.0/21 +193.186.224.0/20 +193.186.240.0/21 193.186.248.0/22 193.186.252.0/24 193.186.253.0/24 -193.186.254.0/24 193.187.1.0/24 193.187.2.0/23 193.187.4.0/21 -193.187.12.0/19 +193.187.12.0/22 +193.187.16.0/20 +193.187.32.0/21 +193.187.40.0/22 193.187.44.0/21 -193.187.52.0/19 -193.187.84.0/18 -193.187.148.0/19 -193.187.180.0/20 -193.187.196.0/20 -193.187.212.0/19 +193.187.52.0/24 +193.187.53.0/24 +193.187.54.0/24 +193.187.55.0/24 +193.187.56.0/24 +193.187.57.0/24 +193.187.58.0/24 +193.187.59.0/24 +193.187.60.0/24 +193.187.61.0/24 +193.187.62.0/24 +193.187.63.0/24 +193.187.64.0/24 +193.187.65.0/24 +193.187.66.0/24 +193.187.67.0/24 +193.187.68.0/24 +193.187.69.0/24 +193.187.70.0/24 +193.187.71.0/24 +193.187.72.0/24 +193.187.73.0/24 +193.187.74.0/24 +193.187.75.0/24 +193.187.76.0/24 +193.187.77.0/24 +193.187.78.0/24 +193.187.79.0/24 +193.187.80.0/24 +193.187.81.0/24 +193.187.82.0/24 +193.187.83.0/24 +193.187.84.0/24 +193.187.85.0/24 +193.187.86.0/24 +193.187.87.0/24 +193.187.88.0/24 +193.187.89.0/24 +193.187.90.0/24 +193.187.91.0/24 +193.187.92.0/24 +193.187.93.0/24 +193.187.94.0/24 +193.187.95.0/24 +193.187.96.0/24 +193.187.97.0/24 +193.187.98.0/24 +193.187.99.0/24 +193.187.100.0/24 +193.187.101.0/24 +193.187.102.0/24 +193.187.103.0/24 +193.187.104.0/24 +193.187.105.0/24 +193.187.106.0/24 +193.187.107.0/24 +193.187.108.0/24 +193.187.109.0/24 +193.187.110.0/24 +193.187.111.0/24 +193.187.112.0/24 +193.187.113.0/24 +193.187.114.0/24 +193.187.115.0/24 +193.187.116.0/24 +193.187.117.0/24 +193.187.118.0/24 +193.187.119.0/24 +193.187.120.0/24 +193.187.121.0/24 +193.187.122.0/24 +193.187.123.0/24 +193.187.124.0/24 +193.187.125.0/24 +193.187.126.0/24 +193.187.127.0/24 +193.187.128.0/24 +193.187.129.0/24 +193.187.130.0/24 +193.187.131.0/24 +193.187.132.0/24 +193.187.133.0/24 +193.187.134.0/24 +193.187.135.0/24 +193.187.136.0/24 +193.187.137.0/24 +193.187.138.0/24 +193.187.139.0/24 +193.187.140.0/24 +193.187.141.0/24 +193.187.142.0/24 +193.187.143.0/24 +193.187.144.0/24 +193.187.145.0/24 +193.187.146.0/24 +193.187.147.0/24 +193.187.148.0/24 +193.187.149.0/24 +193.187.150.0/24 +193.187.151.0/24 +193.187.152.0/24 +193.187.153.0/24 +193.187.154.0/24 +193.187.155.0/24 +193.187.156.0/24 +193.187.157.0/24 +193.187.158.0/24 +193.187.159.0/24 +193.187.160.0/24 +193.187.161.0/24 +193.187.162.0/24 +193.187.163.0/24 +193.187.164.0/24 +193.187.165.0/24 +193.187.166.0/24 +193.187.167.0/24 +193.187.168.0/24 +193.187.169.0/24 +193.187.170.0/24 +193.187.171.0/24 +193.187.172.0/24 +193.187.173.0/24 +193.187.174.0/24 +193.187.175.0/24 +193.187.176.0/24 +193.187.177.0/24 +193.187.178.0/24 +193.187.179.0/24 +193.187.180.0/24 +193.187.181.0/24 +193.187.182.0/24 +193.187.183.0/24 +193.187.184.0/24 +193.187.185.0/24 +193.187.186.0/24 +193.187.187.0/24 +193.187.188.0/24 +193.187.189.0/24 +193.187.190.0/24 +193.187.191.0/24 +193.187.192.0/24 +193.187.193.0/24 +193.187.194.0/24 +193.187.195.0/24 +193.187.196.0/22 +193.187.200.0/21 +193.187.208.0/22 +193.187.212.0/22 +193.187.216.0/21 +193.187.224.0/20 +193.187.240.0/22 193.187.244.0/24 193.187.245.0/24 193.187.246.0/24 @@ -760,10 +1055,19 @@ 193.228.16.0/20 193.228.32.0/20 193.228.48.0/23 -193.228.50.0/21 -193.228.58.0/23 +193.228.50.0/24 +193.228.51.0/24 +193.228.52.0/24 +193.228.53.0/24 +193.228.54.0/24 +193.228.55.0/24 +193.228.56.0/24 +193.228.57.0/24 +193.228.58.0/24 +193.228.59.0/24 193.228.60.0/24 -193.228.61.0/23 +193.228.61.0/24 +193.228.62.0/24 193.228.63.0/24 193.228.64.0/21 193.228.72.0/21 @@ -774,8 +1078,8 @@ 193.228.91.0/24 193.228.92.0/24 193.228.93.0/24 -193.228.94.0/22 -193.228.98.0/23 +193.228.94.0/23 +193.228.96.0/22 193.228.100.0/24 193.228.101.0/24 193.228.102.0/24 @@ -786,7 +1090,9 @@ 193.228.120.0/23 193.228.122.0/24 193.228.123.0/24 -193.228.124.0/20 +193.228.124.0/22 +193.228.128.0/21 +193.228.136.0/22 193.228.160.0/21 193.228.168.0/23 193.228.170.0/23 @@ -798,16 +1104,19 @@ 193.228.181.0/24 193.228.182.0/23 193.228.184.0/24 -193.228.185.0/23 +193.228.185.0/24 +193.228.186.0/24 193.228.187.0/24 193.228.188.0/24 -193.228.189.0/23 +193.228.189.0/24 +193.228.190.0/24 193.228.191.0/24 193.228.192.0/24 193.228.193.0/24 193.228.194.0/23 193.228.196.0/24 -193.228.197.0/23 +193.228.197.0/24 +193.228.198.0/24 193.228.199.0/24 193.228.200.0/23 193.228.202.0/24 @@ -823,7 +1132,10 @@ 193.228.230.0/24 193.228.231.0/24 193.228.232.0/23 -193.228.235.0/22 +193.228.235.0/24 +193.228.236.0/24 +193.228.237.0/24 +193.228.238.0/24 193.228.239.0/24 193.228.240.0/20 193.238.156.0/22 @@ -852,16 +1164,146 @@ 194.37.0.0/24 194.37.1.0/24 194.37.2.0/23 -194.37.4.0/19 -194.37.36.0/20 -194.37.52.0/22 +194.37.4.0/22 +194.37.8.0/21 +194.37.16.0/20 +194.37.32.0/20 +194.37.48.0/21 194.37.56.0/21 194.37.64.0/22 194.37.68.0/22 194.37.72.0/21 194.37.80.0/22 -194.37.88.0/20 -194.37.104.0/17 +194.37.88.0/21 +194.37.96.0/21 +194.37.104.0/24 +194.37.105.0/24 +194.37.106.0/24 +194.37.107.0/24 +194.37.108.0/24 +194.37.109.0/24 +194.37.110.0/24 +194.37.111.0/24 +194.37.112.0/24 +194.37.113.0/24 +194.37.114.0/24 +194.37.115.0/24 +194.37.116.0/24 +194.37.117.0/24 +194.37.118.0/24 +194.37.119.0/24 +194.37.120.0/24 +194.37.121.0/24 +194.37.122.0/24 +194.37.123.0/24 +194.37.124.0/24 +194.37.125.0/24 +194.37.126.0/24 +194.37.127.0/24 +194.37.128.0/24 +194.37.129.0/24 +194.37.130.0/24 +194.37.131.0/24 +194.37.132.0/24 +194.37.133.0/24 +194.37.134.0/24 +194.37.135.0/24 +194.37.136.0/24 +194.37.137.0/24 +194.37.138.0/24 +194.37.139.0/24 +194.37.140.0/24 +194.37.141.0/24 +194.37.142.0/24 +194.37.143.0/24 +194.37.144.0/24 +194.37.145.0/24 +194.37.146.0/24 +194.37.147.0/24 +194.37.148.0/24 +194.37.149.0/24 +194.37.150.0/24 +194.37.151.0/24 +194.37.152.0/24 +194.37.153.0/24 +194.37.154.0/24 +194.37.155.0/24 +194.37.156.0/24 +194.37.157.0/24 +194.37.158.0/24 +194.37.159.0/24 +194.37.160.0/24 +194.37.161.0/24 +194.37.162.0/24 +194.37.163.0/24 +194.37.164.0/24 +194.37.165.0/24 +194.37.166.0/24 +194.37.167.0/24 +194.37.168.0/24 +194.37.169.0/24 +194.37.170.0/24 +194.37.171.0/24 +194.37.172.0/24 +194.37.173.0/24 +194.37.174.0/24 +194.37.175.0/24 +194.37.176.0/24 +194.37.177.0/24 +194.37.178.0/24 +194.37.179.0/24 +194.37.180.0/24 +194.37.181.0/24 +194.37.182.0/24 +194.37.183.0/24 +194.37.184.0/24 +194.37.185.0/24 +194.37.186.0/24 +194.37.187.0/24 +194.37.188.0/24 +194.37.189.0/24 +194.37.190.0/24 +194.37.191.0/24 +194.37.192.0/24 +194.37.193.0/24 +194.37.194.0/24 +194.37.195.0/24 +194.37.196.0/24 +194.37.197.0/24 +194.37.198.0/24 +194.37.199.0/24 +194.37.200.0/24 +194.37.201.0/24 +194.37.202.0/24 +194.37.203.0/24 +194.37.204.0/24 +194.37.205.0/24 +194.37.206.0/24 +194.37.207.0/24 +194.37.208.0/24 +194.37.209.0/24 +194.37.210.0/24 +194.37.211.0/24 +194.37.212.0/24 +194.37.213.0/24 +194.37.214.0/24 +194.37.215.0/24 +194.37.216.0/24 +194.37.217.0/24 +194.37.218.0/24 +194.37.219.0/24 +194.37.220.0/24 +194.37.221.0/24 +194.37.222.0/24 +194.37.223.0/24 +194.37.224.0/24 +194.37.225.0/24 +194.37.226.0/24 +194.37.227.0/24 +194.37.228.0/24 +194.37.229.0/24 +194.37.230.0/24 +194.37.231.0/24 194.37.232.0/21 194.37.240.0/21 194.37.250.0/24 @@ -870,14 +1312,113 @@ 194.37.254.0/24 194.48.2.0/24 194.48.3.0/24 -194.48.4.0/18 -194.48.68.0/20 +194.48.4.0/24 +194.48.5.0/24 +194.48.6.0/24 +194.48.7.0/24 +194.48.8.0/24 +194.48.9.0/24 +194.48.10.0/24 +194.48.11.0/24 +194.48.12.0/24 +194.48.13.0/24 +194.48.14.0/24 +194.48.15.0/24 +194.48.16.0/24 +194.48.17.0/24 +194.48.18.0/24 +194.48.19.0/24 +194.48.20.0/24 +194.48.21.0/24 +194.48.22.0/24 +194.48.23.0/24 +194.48.24.0/24 +194.48.25.0/24 +194.48.26.0/24 +194.48.27.0/24 +194.48.28.0/24 +194.48.29.0/24 +194.48.30.0/24 +194.48.31.0/24 +194.48.32.0/24 +194.48.33.0/24 +194.48.34.0/24 +194.48.35.0/24 +194.48.36.0/24 +194.48.37.0/24 +194.48.38.0/24 +194.48.39.0/24 +194.48.40.0/24 +194.48.41.0/24 +194.48.42.0/24 +194.48.43.0/24 +194.48.44.0/24 +194.48.45.0/24 +194.48.46.0/24 +194.48.47.0/24 +194.48.48.0/24 +194.48.49.0/24 +194.48.50.0/24 +194.48.51.0/24 +194.48.52.0/24 +194.48.53.0/24 +194.48.54.0/24 +194.48.55.0/24 +194.48.56.0/24 +194.48.57.0/24 +194.48.58.0/24 +194.48.59.0/24 +194.48.60.0/24 +194.48.61.0/24 +194.48.62.0/24 +194.48.63.0/24 +194.48.64.0/24 +194.48.65.0/24 +194.48.66.0/24 +194.48.67.0/24 +194.48.68.0/22 +194.48.72.0/21 +194.48.80.0/22 194.48.84.0/22 194.48.88.0/22 -194.48.92.0/20 -194.48.108.0/20 -194.48.124.0/20 -194.48.140.0/20 +194.48.92.0/24 +194.48.93.0/24 +194.48.94.0/24 +194.48.95.0/24 +194.48.96.0/24 +194.48.97.0/24 +194.48.98.0/24 +194.48.99.0/24 +194.48.100.0/24 +194.48.101.0/24 +194.48.102.0/24 +194.48.103.0/24 +194.48.104.0/24 +194.48.105.0/24 +194.48.106.0/24 +194.48.107.0/24 +194.48.108.0/22 +194.48.112.0/21 +194.48.120.0/22 +194.48.124.0/22 +194.48.128.0/21 +194.48.136.0/22 +194.48.140.0/24 +194.48.141.0/24 +194.48.142.0/24 +194.48.143.0/24 +194.48.144.0/24 +194.48.145.0/24 +194.48.146.0/24 +194.48.147.0/24 +194.48.148.0/24 +194.48.149.0/24 +194.48.150.0/24 +194.48.151.0/24 +194.48.152.0/24 +194.48.153.0/24 +194.48.154.0/24 +194.48.155.0/24 194.48.156.0/21 194.48.164.0/21 194.48.172.0/24 @@ -896,7 +1437,19 @@ 194.48.198.0/24 194.48.199.0/24 194.48.200.0/22 -194.48.220.0/20 +194.48.220.0/24 +194.48.221.0/24 +194.48.222.0/24 +194.48.223.0/24 +194.48.224.0/24 +194.48.225.0/24 +194.48.226.0/24 +194.48.227.0/24 +194.48.228.0/22 +194.48.232.0/24 +194.48.233.0/24 +194.48.234.0/24 +194.48.235.0/24 194.48.236.0/22 194.48.240.0/24 194.48.242.0/24 @@ -908,6 +1461,7 @@ 194.48.255.0/24 194.50.109.0/24 194.50.115.0/24 +194.50.151.0/24 194.50.173.0/24 194.50.183.0/24 194.50.253.0/24 @@ -925,26 +1479,55 @@ 194.106.224.0/19 194.107.0.0/20 194.107.20.0/24 -194.107.24.0/20 +194.107.24.0/24 +194.107.25.0/24 +194.107.26.0/24 +194.107.27.0/24 +194.107.28.0/24 +194.107.29.0/24 +194.107.30.0/24 +194.107.31.0/24 +194.107.32.0/24 +194.107.33.0/24 +194.107.34.0/24 +194.107.35.0/24 +194.107.36.0/24 +194.107.37.0/24 +194.107.38.0/24 +194.107.39.0/24 194.107.40.0/21 194.107.48.0/22 194.107.52.0/22 194.107.56.0/22 -194.107.60.0/21 +194.107.60.0/22 +194.107.64.0/22 194.107.68.0/23 -194.107.70.0/21 -194.107.78.0/23 +194.107.70.0/24 +194.107.71.0/24 +194.107.72.0/24 +194.107.73.0/24 +194.107.74.0/24 +194.107.75.0/24 +194.107.76.0/24 +194.107.77.0/24 +194.107.78.0/24 +194.107.79.0/24 194.107.81.0/24 194.107.82.0/23 194.107.84.0/21 194.107.92.0/24 -194.107.93.0/23 +194.107.93.0/24 +194.107.94.0/24 194.107.95.0/24 194.107.113.0/24 194.107.128.0/24 194.107.129.0/24 -194.107.130.0/22 -194.107.134.0/23 +194.107.130.0/24 +194.107.131.0/24 +194.107.132.0/24 +194.107.133.0/24 +194.107.134.0/24 +194.107.135.0/24 194.107.136.0/22 194.107.140.0/22 194.107.144.0/24 @@ -970,10 +1553,15 @@ 194.107.207.0/24 194.107.208.0/20 194.107.224.0/24 -194.107.225.0/22 -194.107.229.0/23 +194.107.225.0/24 +194.107.226.0/24 +194.107.227.0/24 +194.107.228.0/24 +194.107.229.0/24 +194.107.230.0/24 194.107.231.0/24 -194.107.232.0/20 +194.107.232.0/21 +194.107.240.0/21 194.107.248.0/21 194.110.71.0/24 194.110.78.0/24 @@ -995,7 +1583,6 @@ 194.152.96.0/19 194.152.160.0/19 194.153.93.0/24 -194.153.98.0/24 194.153.111.0/24 194.153.217.0/24 194.153.220.0/22 @@ -1212,6 +1799,7 @@ 217.16.112.0/20 217.19.32.0/20 217.25.112.0/20 +217.26.128.0/21 217.29.144.0/20 217.68.192.0/20 217.75.176.0/20 @@ -1296,8 +1884,8 @@ 217.23.112.0/20 # Country: BELGIUM # ISO Code: BE -# Total Networks: 633 -# Total Subnets: 11,024,320 +# Total Networks: 686 +# Total Subnets: 11,144,896 31.12.64.0/21 31.22.16.0/21 31.24.112.0/21 @@ -1310,6 +1898,9 @@ 37.62.0.0/16 37.72.160.0/21 37.123.232.0/21 +37.143.0.0/21 +37.148.176.0/21 +37.184.0.0/15 46.18.32.0/21 46.19.0.0/21 46.19.240.0/21 @@ -1462,6 +2053,7 @@ 91.233.206.0/23 91.234.203.0/24 91.234.230.0/23 +91.236.244.0/23 92.48.128.0/18 93.92.16.0/21 93.93.240.0/21 @@ -1524,7 +2116,9 @@ 163.165.128.0/18 164.15.0.0/16 164.35.0.0/16 -170.205.64.0/17 +164.138.104.0/21 +170.205.64.0/18 +170.205.128.0/18 170.255.0.0/16 171.25.217.0/24 171.25.229.0/24 @@ -1627,7 +2221,9 @@ 193.53.38.0/24 193.53.39.0/24 193.53.40.0/24 -193.53.41.0/22 +193.53.41.0/24 +193.53.42.0/23 +193.53.44.0/24 193.53.45.0/24 193.53.46.0/24 193.53.47.0/24 @@ -1641,23 +2237,65 @@ 193.53.94.0/23 193.53.96.0/23 193.53.98.0/24 -193.53.101.0/23 -193.53.103.0/23 -193.53.107.0/23 -193.53.109.0/22 -193.53.113.0/21 -193.53.121.0/22 +193.53.101.0/24 +193.53.102.0/24 +193.53.103.0/24 +193.53.104.0/24 +193.53.107.0/24 +193.53.108.0/24 +193.53.109.0/24 +193.53.110.0/23 +193.53.112.0/24 +193.53.113.0/24 +193.53.114.0/24 +193.53.115.0/24 +193.53.116.0/24 +193.53.117.0/24 +193.53.118.0/24 +193.53.119.0/24 +193.53.120.0/24 +193.53.121.0/24 +193.53.122.0/24 +193.53.123.0/24 +193.53.124.0/24 193.53.126.0/24 193.53.127.0/24 193.53.128.0/19 193.53.160.0/21 193.53.168.0/23 -193.53.170.0/20 -193.53.186.0/21 -193.53.194.0/22 -193.53.198.0/23 -193.53.200.0/19 -193.53.232.0/21 +193.53.170.0/24 +193.53.171.0/24 +193.53.172.0/24 +193.53.173.0/24 +193.53.174.0/24 +193.53.175.0/24 +193.53.176.0/24 +193.53.177.0/24 +193.53.178.0/24 +193.53.179.0/24 +193.53.180.0/24 +193.53.181.0/24 +193.53.182.0/24 +193.53.183.0/24 +193.53.184.0/24 +193.53.185.0/24 +193.53.186.0/24 +193.53.187.0/24 +193.53.188.0/24 +193.53.189.0/24 +193.53.190.0/24 +193.53.191.0/24 +193.53.192.0/24 +193.53.193.0/24 +193.53.194.0/24 +193.53.195.0/24 +193.53.196.0/24 +193.53.197.0/24 +193.53.198.0/24 +193.53.199.0/24 +193.53.200.0/21 +193.53.208.0/20 +193.53.224.0/20 193.53.240.0/22 193.53.244.0/24 193.53.245.0/24 @@ -1692,8 +2330,12 @@ 193.58.96.0/20 193.58.112.0/21 193.58.120.0/24 -193.58.121.0/22 -193.58.125.0/23 +193.58.121.0/24 +193.58.122.0/24 +193.58.123.0/24 +193.58.124.0/24 +193.58.125.0/24 +193.58.126.0/24 193.58.127.0/24 193.58.128.0/23 193.58.130.0/23 @@ -1771,22 +2413,21 @@ 193.221.0.0/20 193.221.123.0/24 193.221.160.0/19 -193.221.219.0/23 -193.221.221.0/23 +193.221.219.0/24 +193.221.220.0/24 +193.221.221.0/24 +193.221.222.0/24 193.221.223.0/24 193.221.224.0/19 193.227.103.0/24 193.227.114.0/24 193.239.210.0/23 193.242.101.0/24 -193.242.128.0/18 193.243.136.0/23 193.244.0.0/16 193.245.0.0/16 194.0.6.0/24 194.0.7.0/24 -194.0.173.0/23 -194.0.175.0/24 194.0.205.0/24 194.0.234.0/24 194.0.249.0/24 @@ -1933,8 +2574,8 @@ 217.171.80.0/20 # Country: BOSNIA AND HERZEGOVINA # ISO Code: BA -# Total Networks: 86 -# Total Subnets: 708,352 +# Total Networks: 87 +# Total Subnets: 724,736 31.47.0.0/19 31.176.128.0/17 31.185.112.0/20 @@ -1942,6 +2583,7 @@ 31.223.128.0/19 31.223.208.0/20 37.8.128.0/20 +37.203.64.0/18 46.35.128.0/19 46.36.160.0/19 46.239.0.0/18 @@ -2023,13 +2665,16 @@ 217.199.128.0/20 # Country: BULGARIA # ISO Code: BG -# Total Networks: 489 -# Total Subnets: 4,130,560 +# Total Networks: 497 +# Total Subnets: 4,148,224 31.13.192.0/18 31.41.16.0/21 31.211.128.0/19 37.60.136.0/21 37.63.0.0/17 +37.130.240.0/21 +37.157.136.0/21 +37.157.160.0/19 46.10.0.0/16 46.16.192.0/21 46.35.160.0/19 @@ -2223,6 +2868,10 @@ 91.234.21.0/24 91.234.92.0/22 91.235.164.0/24 +91.235.248.0/22 +91.236.144.0/22 +91.237.56.0/22 +91.237.102.0/23 92.62.240.0/20 92.247.0.0/16 93.93.8.0/21 @@ -2263,6 +2912,7 @@ 145.255.192.0/19 149.62.192.0/18 158.58.192.0/18 +164.138.216.0/21 176.12.0.0/18 176.67.232.0/21 176.222.0.0/20 @@ -2302,7 +2952,6 @@ 193.41.64.0/22 193.41.182.0/23 193.41.188.0/22 -193.42.156.0/24 193.43.26.0/24 193.47.74.0/24 193.68.0.0/19 @@ -2347,7 +2996,8 @@ 193.193.182.0/24 193.194.140.0/23 193.194.156.0/24 -193.200.1.0/23 +193.200.1.0/24 +193.200.2.0/24 193.200.8.0/24 193.200.12.0/24 193.200.14.0/23 @@ -2516,8 +3166,8 @@ 217.174.144.0/20 # Country: CROATIA # ISO Code: HR -# Total Networks: 134 -# Total Subnets: 2,037,824 +# Total Networks: 136 +# Total Subnets: 2,038,336 31.45.128.0/17 31.147.0.0/16 31.216.192.0/19 @@ -2567,6 +3217,7 @@ 91.212.44.0/24 91.212.246.0/24 91.212.247.0/24 +91.213.84.0/24 91.214.104.0/22 91.220.77.0/24 91.223.24.0/24 @@ -2580,6 +3231,7 @@ 91.229.229.0/24 91.233.36.0/23 91.235.170.0/23 +91.236.37.0/24 92.242.224.0/19 93.136.0.0/13 93.159.64.0/19 @@ -2654,8 +3306,8 @@ 217.68.80.0/20 # Country: CZECH REPUBLIC # ISO Code: CZ -# Total Networks: 781 -# Total Subnets: 7,965,824 +# Total Networks: 870 +# Total Subnets: 8,043,136 31.7.240.0/21 31.10.56.0/21 31.15.8.0/21 @@ -2682,6 +3334,10 @@ 37.46.208.0/21 37.48.0.0/18 37.77.224.0/19 +37.143.112.0/21 +37.157.192.0/21 +37.188.128.0/17 +37.205.8.0/21 46.13.0.0/16 46.16.120.0/21 46.23.48.0/20 @@ -2751,6 +3407,7 @@ 77.95.40.0/21 77.95.192.0/21 77.104.192.0/18 +77.234.40.0/21 77.236.192.0/19 77.237.128.0/19 77.240.96.0/20 @@ -2853,6 +3510,7 @@ 85.92.32.0/19 85.93.96.0/19 85.93.160.0/19 +85.118.128.0/21 85.119.88.0/21 85.132.128.0/17 85.135.0.0/17 @@ -2978,6 +3636,9 @@ 91.234.248.0/22 91.235.183.0/24 91.235.200.0/23 +91.236.10.0/23 +91.236.40.0/22 +91.237.51.0/24 92.38.0.0/17 92.43.24.0/21 92.43.56.0/21 @@ -3071,6 +3732,8 @@ 130.185.176.0/21 130.193.8.0/21 130.193.16.0/21 +131.117.192.0/21 +131.117.208.0/21 141.170.128.0/18 146.102.0.0/16 146.255.24.0/21 @@ -3108,6 +3771,33 @@ 176.102.128.0/19 176.106.184.0/21 176.107.120.0/21 +176.109.56.0/21 +176.109.144.0/24 +176.109.145.0/24 +176.109.146.0/24 +176.109.147.0/24 +176.109.148.0/24 +176.109.149.0/24 +176.109.150.0/24 +176.109.151.0/24 +176.109.152.0/24 +176.109.153.0/24 +176.109.154.0/24 +176.109.155.0/24 +176.109.156.0/24 +176.109.157.0/24 +176.109.158.0/24 +176.109.159.0/24 +176.109.168.0/24 +176.109.169.0/24 +176.109.170.0/24 +176.109.171.0/24 +176.109.172.0/24 +176.109.173.0/24 +176.109.174.0/24 +176.109.175.0/24 +176.112.128.0/19 +176.112.224.0/19 176.222.224.0/21 176.227.248.0/21 178.17.0.0/20 @@ -3153,8 +3843,46 @@ 192.108.126.0/24 192.108.128.0/24 192.108.129.0/24 -192.108.134.0/19 -192.108.166.0/21 +192.108.134.0/24 +192.108.135.0/24 +192.108.136.0/24 +192.108.137.0/24 +192.108.138.0/24 +192.108.139.0/24 +192.108.140.0/24 +192.108.141.0/24 +192.108.142.0/24 +192.108.143.0/24 +192.108.144.0/24 +192.108.145.0/24 +192.108.146.0/24 +192.108.147.0/24 +192.108.148.0/24 +192.108.149.0/24 +192.108.150.0/24 +192.108.151.0/24 +192.108.152.0/24 +192.108.153.0/24 +192.108.154.0/24 +192.108.155.0/24 +192.108.156.0/24 +192.108.157.0/24 +192.108.158.0/24 +192.108.159.0/24 +192.108.160.0/24 +192.108.161.0/24 +192.108.162.0/24 +192.108.163.0/24 +192.108.164.0/24 +192.108.165.0/24 +192.108.166.0/24 +192.108.167.0/24 +192.108.168.0/24 +192.108.169.0/24 +192.108.170.0/24 +192.108.171.0/24 +192.108.172.0/24 +192.108.173.0/24 192.108.174.0/24 192.111.44.0/24 192.146.204.0/24 @@ -3188,7 +3916,14 @@ 193.84.48.0/24 193.84.49.0/24 193.84.53.0/24 -193.84.55.0/21 +193.84.55.0/24 +193.84.56.0/24 +193.84.57.0/24 +193.84.58.0/24 +193.84.59.0/24 +193.84.60.0/24 +193.84.61.0/24 +193.84.62.0/24 193.84.63.0/24 193.84.68.0/24 193.84.70.0/24 @@ -3205,8 +3940,12 @@ 193.84.118.0/23 193.84.120.0/21 193.84.128.0/23 -193.84.130.0/22 -193.84.134.0/23 +193.84.130.0/24 +193.84.131.0/24 +193.84.132.0/24 +193.84.133.0/24 +193.84.134.0/24 +193.84.135.0/24 193.84.136.0/22 193.84.140.0/23 193.84.144.0/20 @@ -3230,11 +3969,13 @@ 193.104.110.0/24 193.104.172.0/24 193.104.254.0/24 -193.105.157.0/23 +193.105.157.0/24 +193.105.158.0/24 193.105.159.0/24 193.107.160.0/22 193.107.252.0/22 -193.108.106.0/22 +193.108.106.0/23 +193.108.108.0/23 193.109.176.0/21 193.111.128.0/21 193.138.78.0/24 @@ -3264,7 +4005,6 @@ 194.50.4.0/23 194.50.12.0/22 194.50.16.0/21 -194.50.24.0/24 194.50.25.0/24 194.50.26.0/23 194.50.64.0/22 @@ -3384,6 +4124,7 @@ 212.80.64.0/19 212.90.224.0/19 212.96.160.0/19 +212.109.176.0/20 212.111.0.0/19 212.158.128.0/19 213.19.0.0/17 @@ -3439,8 +4180,8 @@ 217.198.112.0/20 # Country: DENMARK # ISO Code: DK -# Total Networks: 668 -# Total Subnets: 12,348,392 +# Total Networks: 675 +# Total Subnets: 12,278,256 2.104.0.0/13 2.128.0.0/14 31.3.72.0/21 @@ -3457,6 +4198,8 @@ 37.75.160.0/19 37.96.0.0/16 37.122.240.0/21 +37.128.208.0/20 +37.157.0.0/21 46.19.248.0/21 46.21.32.0/20 46.30.120.0/21 @@ -3493,7 +4236,6 @@ 77.234.160.0/19 77.243.48.0/20 77.243.128.0/20 -77.244.192.0/20 77.247.64.0/20 78.31.32.0/21 78.109.208.0/20 @@ -3579,7 +4321,6 @@ 87.238.248.0/21 87.239.64.0/21 88.83.64.0/19 -88.151.40.0/21 88.212.64.0/18 89.19.128.0/19 89.23.224.0/19 @@ -3679,6 +4420,10 @@ 91.235.100.0/24 91.235.139.0/24 91.235.232.0/24 +91.236.16.0/24 +91.236.28.0/24 +91.236.186.0/24 +91.236.210.0/23 92.43.72.0/21 92.43.88.0/21 92.43.120.0/21 @@ -3706,9 +4451,7 @@ 94.189.0.0/17 94.231.96.0/20 95.128.24.0/21 -95.129.40.0/21 95.130.208.0/21 -95.142.144.0/20 95.154.0.0/18 95.166.0.0/16 109.70.48.0/21 @@ -3731,7 +4474,7 @@ 131.166.0.0/16 145.255.56.0/21 147.29.0.0/16 -149.212.0.0/16 +151.216.0.0/29 152.73.0.0/16 152.95.0.0/16 152.115.0.0/16 @@ -3888,6 +4631,7 @@ 194.0.236.0/24 194.1.192.0/24 194.1.200.0/24 +194.1.219.0/24 194.8.242.0/23 194.8.244.0/23 194.19.128.0/18 @@ -3959,8 +4703,8 @@ 194.247.188.0/23 194.255.0.0/16 195.5.100.0/23 -195.7.20.0/21 -195.7.28.0/22 +195.7.20.0/22 +195.7.24.0/21 195.10.207.0/24 195.13.46.128/25 195.14.14.0/24 @@ -3997,8 +4741,12 @@ 195.93.192.0/23 195.95.172.0/24 195.95.181.0/24 -195.95.238.0/22 -195.95.242.0/23 +195.95.238.0/24 +195.95.239.0/24 +195.95.240.0/24 +195.95.241.0/24 +195.95.242.0/24 +195.95.243.0/24 195.95.250.0/23 195.97.128.0/18 195.110.16.0/23 @@ -4111,10 +4859,12 @@ 217.198.208.0/20 # Country: ESTONIA # ISO Code: EE -# Total Networks: 110 -# Total Subnets: 1,186,104 +# Total Networks: 115 +# Total Subnets: 1,205,560 31.24.56.0/21 37.0.24.0/21 +37.143.64.0/21 +37.157.64.0/18 46.16.112.0/21 46.22.208.0/20 46.39.128.0/19 @@ -4167,6 +4917,9 @@ 91.221.186.0/23 91.223.243.0/24 91.224.188.0/23 +91.236.38.0/23 +91.236.44.0/24 +91.236.222.0/24 92.62.96.0/20 93.185.240.0/20 94.246.192.0/18 @@ -4225,12 +4978,13 @@ 217.159.128.0/17 # Country: EUROPEAN UNION # ISO Code: EU -# Total Networks: 135 -# Total Subnets: 11,408,128 +# Total Networks: 1,654 +# Total Subnets: 8,574,464 2.16.0.0/13 -5.0.0.0/10 37.57.0.0/16 37.98.232.0/21 +37.130.224.0/21 +37.139.64.0/21 46.22.64.0/20 46.58.0.0/17 62.115.0.0/16 @@ -4252,7 +5006,6 @@ 80.239.224.0/20 80.239.240.0/20 83.143.240.0/21 -84.205.64.0/19 87.248.192.0/19 91.200.176.0/22 91.200.240.0/22 @@ -4261,14 +5014,15 @@ 91.212.132.0/24 91.213.217.0/24 91.216.56.0/24 -91.216.141.0/24 -91.216.153.0/23 +91.216.153.0/24 +91.216.154.0/24 91.216.190.0/24 91.229.90.0/23 +91.236.182.0/24 +91.236.248.0/22 92.61.144.0/20 92.122.0.0/16 92.123.0.0/16 -93.175.144.0/20 93.184.208.0/20 93.191.168.0/21 94.101.208.0/20 @@ -4280,19 +5034,1540 @@ 109.72.144.0/20 109.206.160.0/19 128.0.0.0/16 +128.201.0.0/16 131.176.0.0/16 +131.196.0.0/16 +137.59.0.0/16 138.199.0.0/16 +139.5.0.0/16 +139.26.0.0/16 +139.28.0.0/16 139.92.0.0/16 139.191.0.0/16 141.101.64.0/18 144.44.0.0/16 +144.168.0.0/16 146.106.0.0/16 +147.78.0.0/16 148.185.0.0/16 +149.248.0.0/16 +150.107.0.0/16 +150.129.0.0/16 +150.242.0.0/16 151.175.0.0/16 +152.89.0.0/16 +154.16.0.0/16 158.67.0.0/16 159.245.0.0/16 +161.123.0.0/16 185.0.0.0/10 188.66.48.0/20 +192.140.1.0/24 +192.140.2.0/24 +192.140.3.0/24 +192.140.4.0/24 +192.140.5.0/24 +192.140.6.0/24 +192.140.7.0/24 +192.140.8.0/24 +192.140.9.0/24 +192.140.10.0/24 +192.140.11.0/24 +192.140.12.0/24 +192.140.13.0/24 +192.140.14.0/24 +192.140.15.0/24 +192.140.16.0/24 +192.140.17.0/24 +192.140.18.0/24 +192.140.19.0/24 +192.140.20.0/24 +192.140.21.0/24 +192.140.22.0/24 +192.140.23.0/24 +192.140.24.0/24 +192.140.25.0/24 +192.140.26.0/24 +192.140.27.0/24 +192.140.28.0/24 +192.140.29.0/24 +192.140.30.0/24 +192.140.31.0/24 +192.140.32.0/24 +192.140.33.0/24 +192.140.34.0/24 +192.140.35.0/24 +192.140.36.0/24 +192.140.37.0/24 +192.140.38.0/24 +192.140.39.0/24 +192.140.40.0/24 +192.140.41.0/24 +192.140.42.0/24 +192.140.43.0/24 +192.140.44.0/24 +192.140.45.0/24 +192.140.46.0/24 +192.140.47.0/24 +192.140.48.0/24 +192.140.49.0/24 +192.140.50.0/24 +192.140.51.0/24 +192.140.52.0/24 +192.140.53.0/24 +192.140.54.0/24 +192.140.55.0/24 +192.140.56.0/24 +192.140.57.0/24 +192.140.58.0/24 +192.140.59.0/24 +192.140.60.0/24 +192.140.61.0/24 +192.140.62.0/24 +192.140.63.0/24 +192.140.64.0/24 +192.140.65.0/24 +192.140.66.0/24 +192.140.67.0/24 +192.140.68.0/24 +192.140.69.0/24 +192.140.70.0/24 +192.140.71.0/24 +192.140.72.0/24 +192.140.73.0/24 +192.140.74.0/24 +192.140.75.0/24 +192.140.76.0/24 +192.140.77.0/24 +192.140.78.0/24 +192.140.79.0/24 +192.140.80.0/24 +192.140.81.0/24 +192.140.82.0/24 +192.140.83.0/24 +192.140.84.0/24 +192.140.85.0/24 +192.140.86.0/24 +192.140.87.0/24 +192.140.88.0/24 +192.140.89.0/24 +192.140.90.0/24 +192.140.91.0/24 +192.140.92.0/24 +192.140.93.0/24 +192.140.94.0/24 +192.140.95.0/24 +192.140.96.0/24 +192.140.97.0/24 +192.140.98.0/24 +192.140.99.0/24 +192.140.100.0/24 +192.140.101.0/24 +192.140.102.0/24 +192.140.103.0/24 +192.140.104.0/24 +192.140.105.0/24 +192.140.106.0/24 +192.140.107.0/24 +192.140.108.0/24 +192.140.109.0/24 +192.140.110.0/24 +192.140.111.0/24 +192.140.112.0/24 +192.140.113.0/24 +192.140.114.0/24 +192.140.115.0/24 +192.140.116.0/24 +192.140.117.0/24 +192.140.118.0/24 +192.140.119.0/24 +192.140.120.0/24 +192.140.121.0/24 +192.140.122.0/24 +192.140.123.0/24 +192.140.124.0/24 +192.140.125.0/24 +192.140.126.0/24 +192.140.127.0/24 +192.140.128.0/24 +192.140.129.0/24 +192.140.130.0/24 +192.140.131.0/24 +192.140.132.0/24 +192.140.133.0/24 +192.140.134.0/24 +192.140.135.0/24 +192.140.136.0/24 +192.140.137.0/24 +192.140.138.0/24 +192.140.139.0/24 +192.140.140.0/24 +192.140.141.0/24 +192.140.142.0/24 +192.140.143.0/24 +192.140.144.0/24 +192.140.145.0/24 +192.140.146.0/24 +192.140.147.0/24 +192.140.148.0/24 +192.140.149.0/24 +192.140.150.0/24 +192.140.151.0/24 +192.140.152.0/24 +192.140.153.0/24 +192.140.154.0/24 +192.140.155.0/24 +192.140.156.0/24 +192.140.157.0/24 +192.140.158.0/24 +192.140.159.0/24 +192.140.160.0/24 +192.140.161.0/24 +192.140.162.0/24 +192.140.163.0/24 +192.140.164.0/24 +192.140.165.0/24 +192.140.166.0/24 +192.140.167.0/24 +192.140.168.0/24 +192.140.169.0/24 +192.140.170.0/24 +192.140.171.0/24 +192.140.172.0/24 +192.140.173.0/24 +192.140.174.0/24 +192.140.175.0/24 +192.140.176.0/24 +192.140.177.0/24 +192.140.178.0/24 +192.140.179.0/24 +192.140.180.0/24 +192.140.181.0/24 +192.140.182.0/24 +192.140.183.0/24 +192.140.184.0/24 +192.140.185.0/24 +192.140.186.0/24 +192.140.187.0/24 +192.140.188.0/24 +192.140.189.0/24 +192.140.190.0/24 +192.140.191.0/24 +192.140.192.0/24 +192.140.193.0/24 +192.140.194.0/24 +192.140.195.0/24 +192.140.196.0/24 +192.140.197.0/24 +192.140.198.0/24 +192.140.199.0/24 +192.140.200.0/24 +192.140.201.0/24 +192.140.202.0/24 +192.140.203.0/24 +192.140.204.0/24 +192.140.205.0/24 +192.140.206.0/24 +192.140.207.0/24 +192.140.208.0/24 +192.140.209.0/24 +192.140.210.0/24 +192.140.211.0/24 +192.140.212.0/24 +192.140.213.0/24 +192.140.214.0/24 +192.140.215.0/24 +192.140.216.0/24 +192.140.217.0/24 +192.140.218.0/24 +192.140.219.0/24 +192.140.220.0/24 +192.140.221.0/24 +192.140.222.0/24 +192.140.223.0/24 +192.140.224.0/24 +192.140.225.0/24 +192.140.226.0/24 +192.140.227.0/24 +192.140.228.0/24 +192.140.229.0/24 +192.140.230.0/24 +192.140.231.0/24 +192.140.232.0/24 +192.140.233.0/24 +192.140.234.0/24 +192.140.235.0/24 +192.140.236.0/24 +192.140.237.0/24 +192.140.238.0/24 +192.140.239.0/24 +192.140.240.0/24 +192.140.241.0/24 +192.140.242.0/24 +192.140.243.0/24 +192.140.244.0/24 +192.140.245.0/24 +192.140.246.0/24 +192.140.247.0/24 +192.140.248.0/24 +192.140.249.0/24 +192.140.250.0/24 +192.140.251.0/24 +192.140.252.0/24 +192.140.253.0/24 +192.140.254.0/24 +192.140.255.0/24 +192.141.0.0/24 +192.141.1.0/24 +192.141.2.0/24 +192.141.3.0/24 +192.141.4.0/24 +192.141.5.0/24 +192.141.6.0/24 +192.141.7.0/24 +192.141.8.0/24 +192.141.9.0/24 +192.141.10.0/24 +192.141.11.0/24 +192.141.12.0/24 +192.141.13.0/24 +192.141.14.0/24 +192.141.15.0/24 +192.141.16.0/24 +192.141.17.0/24 +192.141.18.0/24 +192.141.19.0/24 +192.141.20.0/24 +192.141.21.0/24 +192.141.22.0/24 +192.141.23.0/24 +192.141.24.0/24 +192.141.25.0/24 +192.141.26.0/24 +192.141.27.0/24 +192.141.28.0/24 +192.141.29.0/24 +192.141.30.0/24 +192.141.31.0/24 +192.141.32.0/24 +192.141.33.0/24 +192.141.34.0/24 +192.141.35.0/24 +192.141.36.0/24 +192.141.37.0/24 +192.141.38.0/24 +192.141.39.0/24 +192.141.40.0/24 +192.141.41.0/24 +192.141.42.0/24 +192.141.43.0/24 +192.141.44.0/24 +192.141.45.0/24 +192.141.46.0/24 +192.141.47.0/24 +192.141.48.0/24 +192.141.49.0/24 +192.141.50.0/24 +192.141.51.0/24 +192.141.52.0/24 +192.141.53.0/24 +192.141.54.0/24 +192.141.55.0/24 +192.141.56.0/24 +192.141.57.0/24 +192.141.58.0/24 +192.141.59.0/24 +192.141.60.0/24 +192.141.61.0/24 +192.141.62.0/24 +192.141.63.0/24 +192.141.64.0/24 +192.141.65.0/24 +192.141.66.0/24 +192.141.67.0/24 +192.141.68.0/24 +192.141.69.0/24 +192.141.70.0/24 +192.141.71.0/24 +192.141.72.0/24 +192.141.73.0/24 +192.141.74.0/24 +192.141.75.0/24 +192.141.76.0/24 +192.141.77.0/24 +192.141.78.0/24 +192.141.79.0/24 +192.141.80.0/24 +192.141.81.0/24 +192.141.82.0/24 +192.141.83.0/24 +192.141.84.0/24 +192.141.85.0/24 +192.141.86.0/24 +192.141.87.0/24 +192.141.88.0/24 +192.141.89.0/24 +192.141.90.0/24 +192.141.91.0/24 +192.141.92.0/24 +192.141.93.0/24 +192.141.94.0/24 +192.141.95.0/24 +192.141.96.0/24 +192.141.97.0/24 +192.141.98.0/24 +192.141.99.0/24 +192.141.100.0/24 +192.141.101.0/24 +192.141.102.0/24 +192.141.103.0/24 +192.141.104.0/24 +192.141.105.0/24 +192.141.106.0/24 +192.141.107.0/24 +192.141.108.0/24 +192.141.109.0/24 +192.141.110.0/24 +192.141.111.0/24 +192.141.112.0/24 +192.141.113.0/24 +192.141.114.0/24 +192.141.115.0/24 +192.141.116.0/24 +192.141.117.0/24 +192.141.118.0/24 +192.141.119.0/24 +192.141.120.0/24 +192.141.121.0/24 +192.141.122.0/24 +192.141.123.0/24 +192.141.124.0/24 +192.141.125.0/24 +192.141.126.0/24 +192.141.127.0/24 +192.141.128.0/24 +192.141.129.0/24 +192.141.130.0/24 +192.141.131.0/24 +192.141.132.0/24 +192.141.133.0/24 +192.141.134.0/24 +192.141.135.0/24 +192.141.136.0/24 +192.141.137.0/24 +192.141.138.0/24 +192.141.139.0/24 +192.141.140.0/24 +192.141.141.0/24 +192.141.142.0/24 +192.141.143.0/24 +192.141.144.0/24 +192.141.145.0/24 +192.141.146.0/24 +192.141.147.0/24 +192.141.148.0/24 +192.141.149.0/24 +192.141.150.0/24 +192.141.151.0/24 +192.141.152.0/24 +192.141.153.0/24 +192.141.154.0/24 +192.141.155.0/24 +192.141.156.0/24 +192.141.157.0/24 +192.141.158.0/24 +192.141.159.0/24 +192.141.160.0/24 +192.141.161.0/24 +192.141.162.0/24 +192.141.163.0/24 +192.141.164.0/24 +192.141.165.0/24 +192.141.166.0/24 +192.141.167.0/24 +192.141.168.0/24 +192.141.169.0/24 +192.141.170.0/24 +192.141.171.0/24 +192.141.172.0/24 +192.141.173.0/24 +192.141.174.0/24 +192.141.175.0/24 +192.141.176.0/24 +192.141.177.0/24 +192.141.178.0/24 +192.141.179.0/24 +192.141.180.0/24 +192.141.181.0/24 +192.141.182.0/24 +192.141.183.0/24 +192.141.184.0/24 +192.141.185.0/24 +192.141.186.0/24 +192.141.187.0/24 +192.141.188.0/24 +192.141.189.0/24 +192.141.190.0/24 +192.141.191.0/24 +192.141.192.0/24 +192.141.193.0/24 +192.141.194.0/24 +192.141.195.0/24 +192.141.196.0/24 +192.141.197.0/24 +192.141.198.0/24 +192.141.199.0/24 +192.141.200.0/24 +192.141.201.0/24 +192.141.202.0/24 +192.141.203.0/24 +192.141.204.0/24 +192.141.205.0/24 +192.141.206.0/24 +192.141.207.0/24 +192.141.208.0/24 +192.141.209.0/24 +192.141.210.0/24 +192.141.211.0/24 +192.141.212.0/24 +192.141.213.0/24 +192.141.214.0/24 +192.141.215.0/24 +192.141.216.0/24 +192.141.217.0/24 +192.141.218.0/24 +192.141.219.0/24 +192.141.220.0/24 +192.141.221.0/24 +192.141.222.0/24 +192.141.223.0/24 +192.141.224.0/24 +192.141.225.0/24 +192.141.226.0/24 +192.141.227.0/24 +192.141.228.0/24 +192.141.229.0/24 +192.141.230.0/24 +192.141.231.0/24 +192.141.232.0/24 +192.141.233.0/24 +192.141.234.0/24 +192.141.235.0/24 +192.141.236.0/24 +192.141.237.0/24 +192.141.238.0/24 +192.141.239.0/24 +192.141.240.0/24 +192.141.241.0/24 +192.141.242.0/24 +192.141.243.0/24 +192.141.244.0/24 +192.141.245.0/24 +192.141.246.0/24 +192.141.247.0/24 +192.141.248.0/24 +192.141.249.0/24 +192.141.250.0/24 +192.141.251.0/24 +192.141.252.0/24 +192.141.253.0/24 +192.141.254.0/24 +192.141.255.0/24 +192.142.0.0/24 +192.142.1.0/24 +192.142.2.0/24 +192.142.3.0/24 +192.142.4.0/24 +192.142.5.0/24 +192.142.6.0/24 +192.142.7.0/24 +192.142.8.0/24 +192.142.9.0/24 +192.142.10.0/24 +192.142.11.0/24 +192.142.12.0/24 +192.142.13.0/24 +192.142.14.0/24 +192.142.15.0/24 +192.142.16.0/24 +192.142.17.0/24 +192.142.18.0/24 +192.142.19.0/24 +192.142.20.0/24 +192.142.21.0/24 +192.142.22.0/24 +192.142.23.0/24 +192.142.24.0/24 +192.142.25.0/24 +192.142.26.0/24 +192.142.27.0/24 +192.142.28.0/24 +192.142.29.0/24 +192.142.30.0/24 +192.142.31.0/24 +192.142.32.0/24 +192.142.33.0/24 +192.142.34.0/24 +192.142.35.0/24 +192.142.36.0/24 +192.142.37.0/24 +192.142.38.0/24 +192.142.39.0/24 +192.142.40.0/24 +192.142.41.0/24 +192.142.42.0/24 +192.142.43.0/24 +192.142.44.0/24 +192.142.45.0/24 +192.142.46.0/24 +192.142.47.0/24 +192.142.48.0/24 +192.142.49.0/24 +192.142.50.0/24 +192.142.51.0/24 +192.142.52.0/24 +192.142.53.0/24 +192.142.54.0/24 +192.142.55.0/24 +192.142.56.0/24 +192.142.57.0/24 +192.142.58.0/24 +192.142.59.0/24 +192.142.60.0/24 +192.142.61.0/24 +192.142.62.0/24 +192.142.63.0/24 +192.142.64.0/24 +192.142.65.0/24 +192.142.66.0/24 +192.142.67.0/24 +192.142.68.0/24 +192.142.69.0/24 +192.142.70.0/24 +192.142.71.0/24 +192.142.72.0/24 +192.142.73.0/24 +192.142.74.0/24 +192.142.75.0/24 +192.142.76.0/24 +192.142.77.0/24 +192.142.78.0/24 +192.142.79.0/24 +192.142.80.0/24 +192.142.81.0/24 +192.142.82.0/24 +192.142.83.0/24 +192.142.84.0/24 +192.142.85.0/24 +192.142.86.0/24 +192.142.87.0/24 +192.142.88.0/24 +192.142.89.0/24 +192.142.90.0/24 +192.142.91.0/24 +192.142.92.0/24 +192.142.93.0/24 +192.142.94.0/24 +192.142.95.0/24 +192.142.96.0/24 +192.142.97.0/24 +192.142.98.0/24 +192.142.99.0/24 +192.142.100.0/24 +192.142.101.0/24 +192.142.102.0/24 +192.142.103.0/24 +192.142.104.0/24 +192.142.105.0/24 +192.142.106.0/24 +192.142.107.0/24 +192.142.108.0/24 +192.142.109.0/24 +192.142.110.0/24 +192.142.111.0/24 +192.142.112.0/24 +192.142.113.0/24 +192.142.114.0/24 +192.142.115.0/24 +192.142.116.0/24 +192.142.117.0/24 +192.142.118.0/24 +192.142.119.0/24 +192.142.120.0/24 +192.142.121.0/24 +192.142.122.0/24 +192.142.123.0/24 +192.142.124.0/24 +192.142.125.0/24 +192.142.126.0/24 +192.142.127.0/24 +192.142.128.0/24 +192.142.129.0/24 +192.142.130.0/24 +192.142.131.0/24 +192.142.132.0/24 +192.142.133.0/24 +192.142.134.0/24 +192.142.135.0/24 +192.142.136.0/24 +192.142.137.0/24 +192.142.138.0/24 +192.142.139.0/24 +192.142.140.0/24 +192.142.141.0/24 +192.142.142.0/24 +192.142.143.0/24 +192.142.144.0/24 +192.142.145.0/24 +192.142.146.0/24 +192.142.147.0/24 +192.142.148.0/24 +192.142.149.0/24 +192.142.150.0/24 +192.142.151.0/24 +192.142.152.0/24 +192.142.153.0/24 +192.142.154.0/24 +192.142.155.0/24 +192.142.156.0/24 +192.142.157.0/24 +192.142.158.0/24 +192.142.159.0/24 +192.142.160.0/24 +192.142.161.0/24 +192.142.162.0/24 +192.142.163.0/24 +192.142.164.0/24 +192.142.165.0/24 +192.142.166.0/24 +192.142.167.0/24 +192.142.168.0/24 +192.142.169.0/24 +192.142.170.0/24 +192.142.171.0/24 +192.142.172.0/24 +192.142.173.0/24 +192.142.174.0/24 +192.142.175.0/24 +192.142.176.0/24 +192.142.177.0/24 +192.142.178.0/24 +192.142.179.0/24 +192.142.180.0/24 +192.142.181.0/24 +192.142.182.0/24 +192.142.183.0/24 +192.142.184.0/24 +192.142.185.0/24 +192.142.186.0/24 +192.142.187.0/24 +192.142.188.0/24 +192.142.189.0/24 +192.142.190.0/24 +192.142.191.0/24 +192.142.192.0/24 +192.142.193.0/24 +192.142.194.0/24 +192.142.195.0/24 +192.142.196.0/24 +192.142.197.0/24 +192.142.198.0/24 +192.142.199.0/24 +192.142.200.0/24 +192.142.201.0/24 +192.142.202.0/24 +192.142.203.0/24 +192.142.204.0/24 +192.142.205.0/24 +192.142.206.0/24 +192.142.207.0/24 +192.142.208.0/24 +192.142.209.0/24 +192.142.210.0/24 +192.142.211.0/24 +192.142.212.0/24 +192.142.213.0/24 +192.142.214.0/24 +192.142.215.0/24 +192.142.216.0/24 +192.142.217.0/24 +192.142.218.0/24 +192.142.219.0/24 +192.142.220.0/24 +192.142.221.0/24 +192.142.222.0/24 +192.142.223.0/24 +192.142.224.0/24 +192.142.225.0/24 +192.142.226.0/24 +192.142.227.0/24 +192.142.228.0/24 +192.142.229.0/24 +192.142.230.0/24 +192.142.231.0/24 +192.142.232.0/24 +192.142.233.0/24 +192.142.234.0/24 +192.142.235.0/24 +192.142.236.0/24 +192.142.237.0/24 +192.142.238.0/24 +192.142.239.0/24 +192.142.240.0/24 +192.142.241.0/24 +192.142.242.0/24 +192.142.243.0/24 +192.142.244.0/24 +192.142.245.0/24 +192.142.246.0/24 +192.142.247.0/24 +192.142.248.0/24 +192.142.249.0/24 +192.142.250.0/24 +192.142.251.0/24 +192.142.252.0/24 +192.142.253.0/24 +192.142.254.0/24 +192.142.255.0/24 +192.143.0.0/24 +192.143.1.0/24 +192.143.2.0/24 +192.143.3.0/24 +192.143.4.0/24 +192.143.5.0/24 +192.143.6.0/24 +192.143.7.0/24 +192.143.8.0/24 +192.143.9.0/24 +192.143.10.0/24 +192.143.11.0/24 +192.143.12.0/24 +192.143.13.0/24 +192.143.14.0/24 +192.143.15.0/24 +192.143.16.0/24 +192.143.17.0/24 +192.143.18.0/24 +192.143.19.0/24 +192.143.20.0/24 +192.143.21.0/24 +192.143.22.0/24 +192.143.23.0/24 +192.143.24.0/24 +192.143.25.0/24 +192.143.26.0/24 +192.143.27.0/24 +192.143.28.0/24 +192.143.29.0/24 +192.143.30.0/24 +192.143.31.0/24 +192.143.32.0/24 +192.143.33.0/24 +192.143.34.0/24 +192.143.35.0/24 +192.143.36.0/24 +192.143.37.0/24 +192.143.38.0/24 +192.143.39.0/24 +192.143.40.0/24 +192.143.41.0/24 +192.143.42.0/24 +192.143.43.0/24 +192.143.44.0/24 +192.143.45.0/24 +192.143.46.0/24 +192.143.47.0/24 +192.143.48.0/24 +192.143.49.0/24 +192.143.50.0/24 +192.143.51.0/24 +192.143.52.0/24 +192.143.53.0/24 +192.143.54.0/24 +192.143.55.0/24 +192.143.56.0/24 +192.143.57.0/24 +192.143.58.0/24 +192.143.59.0/24 +192.143.60.0/24 +192.143.61.0/24 +192.143.62.0/24 +192.143.63.0/24 +192.143.64.0/24 +192.143.65.0/24 +192.143.66.0/24 +192.143.67.0/24 +192.143.68.0/24 +192.143.69.0/24 +192.143.70.0/24 +192.143.71.0/24 +192.143.72.0/24 +192.143.73.0/24 +192.143.74.0/24 +192.143.75.0/24 +192.143.76.0/24 +192.143.77.0/24 +192.143.78.0/24 +192.143.79.0/24 +192.143.80.0/24 +192.143.81.0/24 +192.143.82.0/24 +192.143.83.0/24 +192.143.84.0/24 +192.143.85.0/24 +192.143.86.0/24 +192.143.87.0/24 +192.143.88.0/24 +192.143.89.0/24 +192.143.90.0/24 +192.143.91.0/24 +192.143.92.0/24 +192.143.93.0/24 +192.143.94.0/24 +192.143.95.0/24 +192.143.96.0/24 +192.143.97.0/24 +192.143.98.0/24 +192.143.99.0/24 +192.143.100.0/24 +192.143.101.0/24 +192.143.102.0/24 +192.143.103.0/24 +192.143.104.0/24 +192.143.105.0/24 +192.143.106.0/24 +192.143.107.0/24 +192.143.108.0/24 +192.143.109.0/24 +192.143.110.0/24 +192.143.111.0/24 +192.143.112.0/24 +192.143.113.0/24 +192.143.114.0/24 +192.143.115.0/24 +192.143.116.0/24 +192.143.117.0/24 +192.143.118.0/24 +192.143.119.0/24 +192.143.120.0/24 +192.143.121.0/24 +192.143.122.0/24 +192.143.123.0/24 +192.143.124.0/24 +192.143.125.0/24 +192.143.126.0/24 +192.143.127.0/24 +192.143.128.0/24 +192.143.129.0/24 +192.143.130.0/24 +192.143.131.0/24 +192.143.132.0/24 +192.143.133.0/24 +192.143.134.0/24 +192.143.135.0/24 +192.143.136.0/24 +192.143.137.0/24 +192.143.138.0/24 +192.143.139.0/24 +192.143.140.0/24 +192.143.141.0/24 +192.143.142.0/24 +192.143.143.0/24 +192.143.144.0/24 +192.143.145.0/24 +192.143.146.0/24 +192.143.147.0/24 +192.143.148.0/24 +192.143.149.0/24 +192.143.150.0/24 +192.143.151.0/24 +192.143.152.0/24 +192.143.153.0/24 +192.143.154.0/24 +192.143.155.0/24 +192.143.156.0/24 +192.143.157.0/24 +192.143.158.0/24 +192.143.159.0/24 +192.143.160.0/24 +192.143.161.0/24 +192.143.162.0/24 +192.143.163.0/24 +192.143.164.0/24 +192.143.165.0/24 +192.143.166.0/24 +192.143.167.0/24 +192.143.168.0/24 +192.143.169.0/24 +192.143.170.0/24 +192.143.171.0/24 +192.143.172.0/24 +192.143.173.0/24 +192.143.174.0/24 +192.143.175.0/24 +192.143.176.0/24 +192.143.177.0/24 +192.143.178.0/24 +192.143.179.0/24 +192.143.180.0/24 +192.143.181.0/24 +192.143.182.0/24 +192.143.183.0/24 +192.143.184.0/24 +192.143.185.0/24 +192.143.186.0/24 +192.143.187.0/24 +192.143.188.0/24 +192.143.189.0/24 +192.143.190.0/24 +192.143.191.0/24 +192.143.192.0/24 +192.143.193.0/24 +192.143.194.0/24 +192.143.195.0/24 +192.143.196.0/24 +192.143.197.0/24 +192.143.198.0/24 +192.143.199.0/24 +192.143.200.0/24 +192.143.201.0/24 +192.143.202.0/24 +192.143.203.0/24 +192.143.204.0/24 +192.143.205.0/24 +192.143.206.0/24 +192.143.207.0/24 +192.143.208.0/24 +192.143.209.0/24 +192.143.210.0/24 +192.143.211.0/24 +192.143.212.0/24 +192.143.213.0/24 +192.143.214.0/24 +192.143.215.0/24 +192.143.216.0/24 +192.143.217.0/24 +192.143.218.0/24 +192.143.219.0/24 +192.143.220.0/24 +192.143.221.0/24 +192.143.222.0/24 +192.143.223.0/24 +192.143.224.0/24 +192.143.225.0/24 +192.143.226.0/24 +192.143.227.0/24 +192.143.228.0/24 +192.143.229.0/24 +192.143.230.0/24 +192.143.231.0/24 +192.143.232.0/24 +192.143.233.0/24 +192.143.234.0/24 +192.143.235.0/24 +192.143.236.0/24 +192.143.237.0/24 +192.143.238.0/24 +192.143.239.0/24 +192.143.240.0/24 +192.143.241.0/24 +192.143.242.0/24 +192.143.243.0/24 +192.143.244.0/24 +192.143.245.0/24 +192.143.246.0/24 +192.143.247.0/24 +192.143.248.0/24 +192.143.249.0/24 +192.143.250.0/24 +192.143.251.0/24 +192.143.252.0/24 +192.143.253.0/24 +192.143.254.0/24 +192.143.255.0/24 +192.144.0.0/24 +192.144.1.0/24 +192.144.2.0/24 +192.144.3.0/24 +192.144.4.0/24 +192.144.5.0/24 +192.144.6.0/24 +192.144.7.0/24 +192.144.8.0/24 +192.144.9.0/24 +192.144.10.0/24 +192.144.11.0/24 +192.144.12.0/24 +192.144.13.0/24 +192.144.14.0/24 +192.144.15.0/24 +192.144.16.0/24 +192.144.17.0/24 +192.144.18.0/24 +192.144.19.0/24 +192.144.20.0/24 +192.144.21.0/24 +192.144.22.0/24 +192.144.23.0/24 +192.144.24.0/24 +192.144.25.0/24 +192.144.26.0/24 +192.144.27.0/24 +192.144.28.0/24 +192.144.29.0/24 +192.144.30.0/24 +192.144.31.0/24 +192.144.32.0/24 +192.144.33.0/24 +192.144.34.0/24 +192.144.35.0/24 +192.144.36.0/24 +192.144.37.0/24 +192.144.38.0/24 +192.144.39.0/24 +192.144.40.0/24 +192.144.41.0/24 +192.144.42.0/24 +192.144.43.0/24 +192.144.44.0/24 +192.144.45.0/24 +192.144.46.0/24 +192.144.47.0/24 +192.144.48.0/24 +192.144.49.0/24 +192.144.50.0/24 +192.144.51.0/24 +192.144.52.0/24 +192.144.53.0/24 +192.144.54.0/24 +192.144.55.0/24 +192.144.56.0/24 +192.144.57.0/24 +192.144.58.0/24 +192.144.59.0/24 +192.144.60.0/24 +192.144.61.0/24 +192.144.62.0/24 +192.144.63.0/24 +192.144.64.0/24 +192.144.65.0/24 +192.144.66.0/24 +192.144.67.0/24 +192.144.68.0/24 +192.144.69.0/24 +192.144.70.0/24 +192.144.71.0/24 +192.144.72.0/24 +192.144.73.0/24 +192.144.78.0/24 +192.144.79.0/24 +192.144.80.0/24 +192.144.81.0/24 +192.144.82.0/24 +192.144.83.0/24 +192.144.84.0/24 +192.144.85.0/24 +192.144.86.0/24 +192.144.87.0/24 +192.144.88.0/24 +192.144.89.0/24 +192.144.90.0/24 +192.144.91.0/24 +192.144.92.0/24 +192.144.93.0/24 +192.144.94.0/24 +192.144.95.0/24 +192.144.96.0/24 +192.144.97.0/24 +192.144.98.0/24 +192.144.99.0/24 +192.144.100.0/24 +192.144.101.0/24 +192.144.102.0/24 +192.144.103.0/24 +192.144.104.0/24 +192.144.105.0/24 +192.144.106.0/24 +192.144.107.0/24 +192.144.108.0/24 +192.144.109.0/24 +192.144.110.0/24 +192.144.111.0/24 +192.144.112.0/24 +192.144.113.0/24 +192.144.114.0/24 +192.144.115.0/24 +192.144.116.0/24 +192.144.117.0/24 +192.144.118.0/24 +192.144.119.0/24 +192.144.120.0/24 +192.144.121.0/24 +192.144.122.0/24 +192.144.123.0/24 +192.144.124.0/24 +192.144.125.0/24 +192.144.126.0/24 +192.144.127.0/24 +192.144.128.0/24 +192.144.129.0/24 +192.144.130.0/24 +192.144.131.0/24 +192.144.132.0/24 +192.144.133.0/24 +192.144.134.0/24 +192.144.135.0/24 +192.144.136.0/24 +192.144.137.0/24 +192.144.138.0/24 +192.144.139.0/24 +192.144.140.0/24 +192.144.141.0/24 +192.144.142.0/24 +192.144.143.0/24 +192.144.144.0/24 +192.144.145.0/24 +192.144.146.0/24 +192.144.147.0/24 +192.144.148.0/24 +192.144.149.0/24 +192.144.150.0/24 +192.144.151.0/24 +192.144.152.0/24 +192.144.153.0/24 +192.144.154.0/24 +192.144.155.0/24 +192.144.156.0/24 +192.144.157.0/24 +192.144.158.0/24 +192.144.159.0/24 +192.144.160.0/24 +192.144.161.0/24 +192.144.162.0/24 +192.144.163.0/24 +192.144.164.0/24 +192.144.165.0/24 +192.144.166.0/24 +192.144.167.0/24 +192.144.168.0/24 +192.144.169.0/24 +192.144.170.0/24 +192.144.171.0/24 +192.144.172.0/24 +192.144.173.0/24 +192.144.174.0/24 +192.144.175.0/24 +192.144.176.0/24 +192.144.177.0/24 +192.144.178.0/24 +192.144.179.0/24 +192.144.180.0/24 +192.144.181.0/24 +192.144.182.0/24 +192.144.183.0/24 +192.144.184.0/24 +192.144.185.0/24 +192.144.186.0/24 +192.144.187.0/24 +192.144.188.0/24 +192.144.189.0/24 +192.144.190.0/24 +192.144.191.0/24 +192.144.192.0/24 +192.144.193.0/24 +192.144.194.0/24 +192.144.195.0/24 +192.144.196.0/24 +192.144.197.0/24 +192.144.198.0/24 +192.144.199.0/24 +192.144.200.0/24 +192.144.201.0/24 +192.144.202.0/24 +192.144.203.0/24 +192.144.204.0/24 +192.144.205.0/24 +192.144.206.0/24 +192.144.207.0/24 +192.144.208.0/24 +192.144.209.0/24 +192.144.210.0/24 +192.144.211.0/24 +192.144.212.0/24 +192.144.213.0/24 +192.144.214.0/24 +192.144.215.0/24 +192.144.216.0/24 +192.144.217.0/24 +192.144.218.0/24 +192.144.219.0/24 +192.144.220.0/24 +192.144.221.0/24 +192.144.222.0/24 +192.144.223.0/24 +192.144.224.0/24 +192.144.225.0/24 +192.144.226.0/24 +192.144.227.0/24 +192.144.228.0/24 +192.144.229.0/24 +192.144.230.0/24 +192.144.231.0/24 +192.144.232.0/24 +192.144.233.0/24 +192.144.234.0/24 +192.144.235.0/24 +192.144.236.0/24 +192.144.237.0/24 +192.144.238.0/24 +192.144.239.0/24 +192.144.240.0/24 +192.144.241.0/24 +192.144.242.0/24 +192.144.243.0/24 +192.144.244.0/24 +192.144.245.0/24 +192.144.246.0/24 +192.144.247.0/24 +192.144.248.0/24 +192.144.249.0/24 +192.144.250.0/24 +192.144.251.0/24 +192.144.252.0/24 +192.144.253.0/24 +192.144.254.0/24 +192.144.255.0/24 +192.145.0.0/24 +192.145.1.0/24 +192.145.2.0/24 +192.145.3.0/24 +192.145.4.0/24 +192.145.5.0/24 +192.145.6.0/24 +192.145.7.0/24 +192.145.8.0/24 +192.145.9.0/24 +192.145.10.0/24 +192.145.11.0/24 +192.145.12.0/24 +192.145.13.0/24 +192.145.14.0/24 +192.145.15.0/24 +192.145.16.0/24 +192.145.17.0/24 +192.145.18.0/24 +192.145.19.0/24 +192.145.20.0/24 +192.145.21.0/24 +192.145.22.0/24 +192.145.23.0/24 +192.145.24.0/24 +192.145.25.0/24 +192.145.26.0/24 +192.145.27.0/24 +192.145.28.0/24 +192.145.29.0/24 +192.145.30.0/24 +192.145.31.0/24 +192.145.32.0/24 +192.145.33.0/24 +192.145.34.0/24 +192.145.35.0/24 +192.145.36.0/24 +192.145.37.0/24 +192.145.38.0/24 +192.145.39.0/24 +192.145.40.0/24 +192.145.41.0/24 +192.145.42.0/24 +192.145.43.0/24 +192.145.44.0/24 +192.145.45.0/24 +192.145.46.0/24 +192.145.47.0/24 +192.145.48.0/24 +192.145.49.0/24 +192.145.50.0/24 +192.145.51.0/24 +192.145.52.0/24 +192.145.53.0/24 +192.145.54.0/24 +192.145.55.0/24 +192.145.56.0/24 +192.145.57.0/24 +192.145.58.0/24 +192.145.59.0/24 +192.145.60.0/24 +192.145.61.0/24 +192.145.62.0/24 +192.145.63.0/24 +192.145.64.0/24 +192.145.65.0/24 +192.145.66.0/24 +192.145.67.0/24 +192.145.68.0/24 +192.145.69.0/24 +192.145.70.0/24 +192.145.71.0/24 +192.145.72.0/24 +192.145.73.0/24 +192.145.74.0/24 +192.145.75.0/24 +192.145.76.0/24 +192.145.77.0/24 +192.145.78.0/24 +192.145.79.0/24 +192.145.80.0/24 +192.145.81.0/24 +192.145.82.0/24 +192.145.83.0/24 +192.145.84.0/24 +192.145.85.0/24 +192.145.86.0/24 +192.145.87.0/24 +192.145.88.0/24 +192.145.89.0/24 +192.145.90.0/24 +192.145.91.0/24 +192.145.92.0/24 +192.145.93.0/24 +192.145.94.0/24 +192.145.95.0/24 +192.145.96.0/24 +192.145.97.0/24 +192.145.98.0/24 +192.145.99.0/24 +192.145.100.0/24 +192.145.101.0/24 +192.145.102.0/24 +192.145.103.0/24 +192.145.104.0/24 +192.145.105.0/24 +192.145.106.0/24 +192.145.107.0/24 +192.145.108.0/24 +192.145.109.0/24 +192.145.110.0/24 +192.145.111.0/24 +192.145.112.0/24 +192.145.113.0/24 +192.145.114.0/24 +192.145.115.0/24 +192.145.116.0/24 +192.145.117.0/24 +192.145.118.0/24 +192.145.119.0/24 +192.145.120.0/24 +192.145.121.0/24 +192.145.122.0/24 +192.145.123.0/24 +192.145.124.0/24 +192.145.125.0/24 +192.145.126.0/24 +192.145.127.0/24 +192.145.128.0/24 +192.145.129.0/24 +192.145.130.0/24 +192.145.131.0/24 +192.145.132.0/24 +192.145.133.0/24 +192.145.134.0/24 +192.145.135.0/24 +192.145.136.0/24 +192.145.137.0/24 +192.145.138.0/24 +192.145.139.0/24 +192.145.140.0/24 +192.145.141.0/24 +192.145.142.0/24 +192.145.143.0/24 +192.145.144.0/24 +192.145.145.0/24 +192.145.146.0/24 +192.145.147.0/24 +192.145.148.0/24 +192.145.149.0/24 +192.145.150.0/24 +192.145.151.0/24 +192.145.152.0/24 +192.145.153.0/24 +192.145.154.0/24 +192.145.155.0/24 +192.145.156.0/24 +192.145.157.0/24 +192.145.158.0/24 +192.145.159.0/24 +192.145.160.0/24 +192.145.161.0/24 +192.145.162.0/24 +192.145.163.0/24 +192.145.164.0/24 +192.145.165.0/24 +192.145.166.0/24 +192.145.167.0/24 +192.145.168.0/24 +192.145.169.0/24 +192.145.170.0/24 +192.145.171.0/24 +192.145.172.0/24 +192.145.173.0/24 +192.145.174.0/24 +192.145.175.0/24 +192.145.176.0/24 +192.145.177.0/24 +192.145.178.0/24 +192.145.179.0/24 +192.145.180.0/24 +192.145.181.0/24 +192.145.182.0/24 +192.145.183.0/24 +192.145.184.0/24 +192.145.185.0/24 +192.145.186.0/24 +192.145.187.0/24 +192.145.188.0/24 +192.145.189.0/24 +192.145.190.0/24 +192.145.191.0/24 +192.145.192.0/24 +192.145.193.0/24 +192.145.194.0/24 +192.145.195.0/24 +192.145.196.0/24 +192.145.197.0/24 +192.145.198.0/24 +192.145.199.0/24 +192.145.200.0/24 +192.145.201.0/24 +192.145.202.0/24 +192.145.203.0/24 +192.145.204.0/24 +192.145.205.0/24 +192.145.206.0/24 +192.145.207.0/24 +192.145.208.0/24 +192.145.209.0/24 +192.145.210.0/24 +192.145.211.0/24 +192.145.212.0/24 +192.145.213.0/24 +192.145.214.0/24 +192.145.215.0/24 +192.145.216.0/24 +192.145.217.0/24 +192.145.218.0/24 +192.145.219.0/24 +192.145.220.0/24 +192.145.221.0/24 +192.145.222.0/24 +192.145.223.0/24 +192.145.224.0/24 +192.145.225.0/24 +192.145.226.0/24 +192.145.227.0/24 +192.145.228.0/24 +192.145.229.0/24 +192.145.230.0/24 192.171.5.0/24 193.27.64.0/23 193.37.134.0/24 @@ -4319,9 +6594,6 @@ 193.227.234.0/23 193.239.4.0/22 193.254.64.0/18 -194.1.159.0/24 -194.1.168.0/24 -194.1.170.0/24 194.41.8.0/24 194.41.36.0/24 194.41.60.0/23 @@ -4377,8 +6649,8 @@ 217.172.80.0/20 # Country: FINLAND # ISO Code: FI -# Total Networks: 902 -# Total Subnets: 13,467,584 +# Total Networks: 1,379 +# Total Subnets: 13,553,856 31.7.16.0/20 31.15.120.0/21 31.25.144.0/21 @@ -4394,6 +6666,8 @@ 37.44.48.0/21 37.98.128.0/20 37.114.80.0/21 +37.130.160.0/19 +37.136.0.0/16 46.17.192.0/21 46.23.160.0/20 46.30.128.0/21 @@ -4611,6 +6885,7 @@ 91.233.116.0/23 91.233.125.0/24 91.234.204.0/23 +91.237.151.0/24 92.242.160.0/19 93.90.48.0/20 93.91.176.0/20 @@ -4759,18 +7034,248 @@ 192.49.24.0/22 192.49.28.0/24 192.49.29.0/24 -192.49.30.0/19 -192.49.62.0/21 -192.49.70.0/22 +192.49.30.0/23 +192.49.32.0/24 +192.49.33.0/24 +192.49.34.0/23 +192.49.36.0/24 +192.49.37.0/24 +192.49.38.0/23 +192.49.40.0/21 +192.49.48.0/20 +192.49.64.0/21 +192.49.72.0/23 192.49.74.0/24 -192.49.75.0/17 -192.49.203.0/19 -192.49.235.0/20 -192.49.251.0/22 +192.49.75.0/24 +192.49.76.0/24 +192.49.77.0/24 +192.49.78.0/24 +192.49.79.0/24 +192.49.80.0/24 +192.49.81.0/24 +192.49.82.0/24 +192.49.83.0/24 +192.49.84.0/24 +192.49.85.0/24 +192.49.86.0/24 +192.49.87.0/24 +192.49.88.0/24 +192.49.89.0/24 +192.49.90.0/24 +192.49.91.0/24 +192.49.92.0/24 +192.49.93.0/24 +192.49.94.0/24 +192.49.95.0/24 +192.49.96.0/24 +192.49.97.0/24 +192.49.98.0/24 +192.49.99.0/24 +192.49.100.0/24 +192.49.101.0/24 +192.49.102.0/24 +192.49.103.0/24 +192.49.104.0/24 +192.49.105.0/24 +192.49.106.0/24 +192.49.107.0/24 +192.49.108.0/24 +192.49.109.0/24 +192.49.110.0/24 +192.49.111.0/24 +192.49.112.0/24 +192.49.113.0/24 +192.49.114.0/24 +192.49.115.0/24 +192.49.116.0/24 +192.49.117.0/24 +192.49.118.0/24 +192.49.119.0/24 +192.49.120.0/24 +192.49.121.0/24 +192.49.122.0/24 +192.49.123.0/24 +192.49.124.0/24 +192.49.125.0/24 +192.49.126.0/24 +192.49.127.0/24 +192.49.128.0/24 +192.49.129.0/24 +192.49.130.0/24 +192.49.131.0/24 +192.49.132.0/24 +192.49.133.0/24 +192.49.134.0/24 +192.49.135.0/24 +192.49.136.0/24 +192.49.137.0/24 +192.49.138.0/24 +192.49.139.0/24 +192.49.140.0/24 +192.49.141.0/24 +192.49.142.0/24 +192.49.143.0/24 +192.49.144.0/24 +192.49.145.0/24 +192.49.146.0/24 +192.49.147.0/24 +192.49.148.0/24 +192.49.149.0/24 +192.49.150.0/24 +192.49.151.0/24 +192.49.152.0/24 +192.49.153.0/24 +192.49.154.0/24 +192.49.155.0/24 +192.49.156.0/24 +192.49.157.0/24 +192.49.158.0/24 +192.49.159.0/24 +192.49.160.0/24 +192.49.161.0/24 +192.49.162.0/24 +192.49.163.0/24 +192.49.164.0/24 +192.49.165.0/24 +192.49.166.0/24 +192.49.167.0/24 +192.49.168.0/24 +192.49.169.0/24 +192.49.170.0/24 +192.49.171.0/24 +192.49.172.0/24 +192.49.173.0/24 +192.49.174.0/24 +192.49.175.0/24 +192.49.176.0/24 +192.49.177.0/24 +192.49.178.0/24 +192.49.179.0/24 +192.49.180.0/24 +192.49.181.0/24 +192.49.182.0/24 +192.49.183.0/24 +192.49.184.0/24 +192.49.185.0/24 +192.49.186.0/24 +192.49.187.0/24 +192.49.188.0/24 +192.49.189.0/24 +192.49.190.0/24 +192.49.191.0/24 +192.49.192.0/24 +192.49.193.0/24 +192.49.194.0/24 +192.49.195.0/24 +192.49.196.0/24 +192.49.197.0/24 +192.49.198.0/24 +192.49.199.0/24 +192.49.200.0/24 +192.49.201.0/24 +192.49.202.0/24 +192.49.203.0/24 +192.49.204.0/24 +192.49.205.0/24 +192.49.206.0/24 +192.49.207.0/24 +192.49.208.0/24 +192.49.209.0/24 +192.49.210.0/24 +192.49.211.0/24 +192.49.212.0/24 +192.49.213.0/24 +192.49.214.0/24 +192.49.215.0/24 +192.49.216.0/24 +192.49.217.0/24 +192.49.218.0/24 +192.49.219.0/24 +192.49.220.0/24 +192.49.221.0/24 +192.49.222.0/24 +192.49.223.0/24 +192.49.224.0/24 +192.49.225.0/24 +192.49.226.0/24 +192.49.227.0/24 +192.49.228.0/24 +192.49.229.0/24 +192.49.230.0/24 +192.49.231.0/24 +192.49.232.0/24 +192.49.233.0/24 +192.49.234.0/24 +192.49.235.0/24 +192.49.236.0/24 +192.49.237.0/24 +192.49.238.0/24 +192.49.239.0/24 +192.49.240.0/24 +192.49.241.0/24 +192.49.242.0/24 +192.49.243.0/24 +192.49.244.0/24 +192.49.245.0/24 +192.49.246.0/24 +192.49.247.0/24 +192.49.248.0/24 +192.49.249.0/24 +192.49.250.0/24 +192.49.251.0/24 +192.49.252.0/24 +192.49.253.0/24 +192.49.254.0/24 192.49.255.0/24 192.58.30.0/23 -192.58.41.0/19 -192.58.73.0/20 +192.58.41.0/24 +192.58.42.0/24 +192.58.43.0/24 +192.58.44.0/24 +192.58.45.0/24 +192.58.46.0/24 +192.58.47.0/24 +192.58.48.0/24 +192.58.49.0/24 +192.58.50.0/24 +192.58.51.0/24 +192.58.52.0/24 +192.58.53.0/24 +192.58.54.0/24 +192.58.55.0/24 +192.58.56.0/24 +192.58.57.0/24 +192.58.58.0/24 +192.58.59.0/24 +192.58.60.0/24 +192.58.61.0/24 +192.58.62.0/24 +192.58.63.0/24 +192.58.64.0/24 +192.58.65.0/24 +192.58.66.0/24 +192.58.67.0/24 +192.58.68.0/24 +192.58.69.0/24 +192.58.70.0/24 +192.58.71.0/24 +192.58.72.0/24 +192.58.73.0/24 +192.58.74.0/24 +192.58.75.0/24 +192.58.76.0/24 +192.58.77.0/24 +192.58.78.0/24 +192.58.79.0/24 +192.58.80.0/24 +192.58.81.0/24 +192.58.82.0/24 +192.58.83.0/24 +192.58.84.0/24 +192.58.85.0/24 +192.58.86.0/24 +192.58.87.0/24 +192.58.88.0/24 192.58.89.0/24 192.77.120.0/22 192.81.123.0/24 @@ -4814,23 +7319,202 @@ 192.89.0.0/16 192.92.116.0/24 192.98.0.0/16 -192.100.102.0/19 +192.100.102.0/23 +192.100.104.0/21 +192.100.112.0/21 +192.100.120.0/21 +192.100.128.0/22 +192.100.132.0/23 192.101.192.0/24 -192.102.18.0/22 -192.102.22.0/19 -192.102.54.0/23 -192.102.56.0/21 +192.102.18.0/24 +192.102.19.0/24 +192.102.20.0/24 +192.102.21.0/24 +192.102.22.0/24 +192.102.23.0/24 +192.102.24.0/24 +192.102.25.0/24 +192.102.26.0/24 +192.102.27.0/24 +192.102.28.0/24 +192.102.29.0/24 +192.102.30.0/24 +192.102.31.0/24 +192.102.32.0/24 +192.102.33.0/24 +192.102.34.0/24 +192.102.35.0/24 +192.102.36.0/24 +192.102.37.0/24 +192.102.38.0/24 +192.102.39.0/24 +192.102.40.0/24 +192.102.41.0/24 +192.102.42.0/24 +192.102.43.0/24 +192.102.44.0/24 +192.102.45.0/24 +192.102.46.0/24 +192.102.47.0/24 +192.102.48.0/24 +192.102.49.0/24 +192.102.50.0/24 +192.102.51.0/24 +192.102.52.0/24 +192.102.53.0/24 +192.102.54.0/24 +192.102.55.0/24 +192.102.56.0/24 +192.102.57.0/24 +192.102.58.0/24 +192.102.59.0/24 +192.102.60.0/24 +192.102.61.0/24 +192.102.62.0/24 +192.102.63.0/24 192.102.64.0/23 -192.102.66.0/20 -192.103.85.0/19 -192.107.200.0/19 +192.102.66.0/23 +192.102.68.0/22 +192.102.72.0/23 +192.102.74.0/23 +192.102.76.0/22 +192.102.80.0/23 +192.103.85.0/24 +192.103.86.0/24 +192.103.87.0/24 +192.103.88.0/24 +192.103.89.0/24 +192.103.90.0/24 +192.103.91.0/24 +192.103.92.0/24 +192.103.93.0/24 +192.103.94.0/24 +192.103.95.0/24 +192.103.96.0/24 +192.103.97.0/24 +192.103.98.0/24 +192.103.99.0/24 +192.103.100.0/24 +192.103.101.0/24 +192.103.102.0/24 +192.103.103.0/24 +192.103.104.0/24 +192.103.105.0/24 +192.103.106.0/24 +192.103.107.0/24 +192.103.108.0/24 +192.103.109.0/24 +192.103.110.0/24 +192.103.111.0/24 +192.103.112.0/24 +192.103.113.0/24 +192.103.114.0/24 +192.103.115.0/24 +192.103.116.0/24 +192.107.200.0/21 +192.107.208.0/20 +192.107.224.0/21 192.112.204.0/24 -192.126.1.0/18 +192.126.1.0/24 +192.126.2.0/24 +192.126.3.0/24 +192.126.4.0/24 +192.126.5.0/24 +192.126.6.0/24 +192.126.7.0/24 +192.126.8.0/24 +192.126.9.0/24 +192.126.10.0/24 +192.126.11.0/24 +192.126.12.0/24 +192.126.13.0/24 +192.126.14.0/24 +192.126.15.0/24 +192.126.16.0/24 +192.126.17.0/24 +192.126.18.0/24 +192.126.19.0/24 +192.126.20.0/24 +192.126.21.0/24 +192.126.22.0/24 +192.126.23.0/24 +192.126.24.0/24 +192.126.25.0/24 +192.126.26.0/24 +192.126.27.0/24 +192.126.28.0/24 +192.126.29.0/24 +192.126.30.0/24 +192.126.31.0/24 +192.126.32.0/24 +192.126.33.0/24 +192.126.34.0/24 +192.126.35.0/24 +192.126.36.0/24 +192.126.37.0/24 +192.126.38.0/24 +192.126.39.0/24 +192.126.40.0/24 +192.126.41.0/24 +192.126.42.0/24 +192.126.43.0/24 +192.126.44.0/24 +192.126.45.0/24 +192.126.46.0/24 +192.126.47.0/24 +192.126.48.0/24 +192.126.49.0/24 +192.126.50.0/24 +192.126.51.0/24 +192.126.52.0/24 +192.126.53.0/24 +192.126.54.0/24 +192.126.55.0/24 +192.126.56.0/24 +192.126.57.0/24 +192.126.58.0/24 +192.126.59.0/24 +192.126.60.0/24 +192.126.61.0/24 +192.126.62.0/24 +192.126.63.0/24 +192.126.64.0/24 192.130.0.0/16 192.131.96.0/24 192.133.110.0/23 192.136.9.0/24 -192.136.71.0/19 +192.136.71.0/24 +192.136.72.0/24 +192.136.73.0/24 +192.136.74.0/24 +192.136.75.0/24 +192.136.76.0/24 +192.136.77.0/24 +192.136.78.0/24 +192.136.79.0/24 +192.136.80.0/24 +192.136.81.0/24 +192.136.82.0/24 +192.136.83.0/24 +192.136.84.0/24 +192.136.85.0/24 +192.136.86.0/24 +192.136.87.0/24 +192.136.88.0/24 +192.136.89.0/24 +192.136.90.0/24 +192.136.91.0/24 +192.136.92.0/24 +192.136.93.0/24 +192.136.94.0/24 +192.136.95.0/24 +192.136.96.0/24 +192.136.97.0/24 +192.136.98.0/24 +192.136.99.0/24 +192.136.100.0/24 +192.136.101.0/24 +192.136.102.0/24 192.146.152.0/24 192.147.215.0/24 192.147.216.0/24 @@ -4838,7 +7522,9 @@ 192.152.68.0/24 192.159.70.0/24 192.159.122.0/24 -192.163.32.0/17 +192.163.32.0/19 +192.163.64.0/18 +192.163.128.0/19 192.175.33.0/24 192.175.34.0/24 192.175.35.0/24 @@ -4849,6 +7535,8 @@ 192.175.47.0/24 192.194.0.0/16 192.203.108.0/23 +193.9.64.0/19 +193.9.96.0/20 193.9.112.0/24 193.17.231.0/24 193.19.136.0/22 @@ -4891,7 +7579,8 @@ 193.142.16.0/23 193.142.18.0/24 193.142.20.0/24 -193.142.21.0/23 +193.142.21.0/24 +193.142.22.0/24 193.142.23.0/24 193.142.24.0/23 193.142.26.0/24 @@ -4902,7 +7591,8 @@ 193.142.40.0/22 193.142.44.0/23 193.142.46.0/24 -193.142.47.0/23 +193.142.47.0/24 +193.142.48.0/24 193.142.49.0/24 193.142.50.0/24 193.142.51.0/24 @@ -4945,8 +7635,12 @@ 193.142.195.0/24 193.142.196.0/24 193.142.197.0/24 -193.142.198.0/22 -193.142.202.0/23 +193.142.198.0/24 +193.142.199.0/24 +193.142.200.0/24 +193.142.201.0/24 +193.142.202.0/24 +193.142.203.0/24 193.142.204.0/24 193.142.205.0/24 193.142.206.0/24 @@ -4955,16 +7649,22 @@ 193.142.232.0/24 193.142.233.0/24 193.142.234.0/24 -193.142.235.0/22 +193.142.235.0/24 +193.142.236.0/24 +193.142.237.0/24 +193.142.238.0/24 193.142.239.0/24 193.142.240.0/24 193.142.241.0/24 193.142.242.0/24 193.142.247.0/24 -193.142.251.0/23 -193.142.253.0/23 +193.142.251.0/24 +193.142.252.0/24 +193.142.253.0/24 +193.142.254.0/24 193.142.255.0/24 -193.143.1.0/23 +193.143.1.0/24 +193.143.2.0/24 193.143.3.0/24 193.143.4.0/23 193.143.6.0/24 @@ -4994,9 +7694,10 @@ 193.143.78.0/24 193.143.79.0/24 193.143.80.0/24 -193.143.81.0/23 -193.143.83.0/23 -193.143.85.0/24 +193.143.81.0/24 +193.143.82.0/24 +193.143.83.0/24 +193.143.84.0/23 193.143.86.0/24 193.143.87.0/24 193.143.88.0/24 @@ -5008,8 +7709,12 @@ 193.143.95.0/24 193.143.96.0/24 193.143.97.0/24 -193.143.99.0/20 -193.143.115.0/22 +193.143.99.0/24 +193.143.100.0/22 +193.143.104.0/21 +193.143.112.0/22 +193.143.116.0/23 +193.143.118.0/24 193.143.123.0/24 193.143.124.0/24 193.143.125.0/24 @@ -5019,10 +7724,36 @@ 193.143.136.0/22 193.143.140.0/23 193.143.160.0/24 -193.143.161.0/20 -193.143.177.0/21 -193.143.185.0/22 -193.143.189.0/23 +193.143.161.0/24 +193.143.162.0/24 +193.143.163.0/24 +193.143.164.0/24 +193.143.165.0/24 +193.143.166.0/24 +193.143.167.0/24 +193.143.168.0/24 +193.143.169.0/24 +193.143.170.0/24 +193.143.171.0/24 +193.143.172.0/24 +193.143.173.0/24 +193.143.174.0/24 +193.143.175.0/24 +193.143.176.0/24 +193.143.177.0/24 +193.143.178.0/24 +193.143.179.0/24 +193.143.180.0/24 +193.143.181.0/24 +193.143.182.0/24 +193.143.183.0/24 +193.143.184.0/24 +193.143.185.0/24 +193.143.186.0/24 +193.143.187.0/24 +193.143.188.0/24 +193.143.189.0/24 +193.143.190.0/24 193.143.191.0/24 193.143.192.0/19 193.143.224.0/24 @@ -5158,8 +7889,26 @@ 194.136.0.0/16 194.137.0.0/16 194.142.0.0/16 -194.145.32.0/20 -194.145.48.0/22 +194.145.32.0/24 +194.145.33.0/24 +194.145.34.0/24 +194.145.35.0/24 +194.145.36.0/24 +194.145.37.0/24 +194.145.38.0/24 +194.145.39.0/24 +194.145.40.0/24 +194.145.41.0/24 +194.145.42.0/24 +194.145.43.0/24 +194.145.44.0/24 +194.145.45.0/24 +194.145.46.0/24 +194.145.47.0/24 +194.145.48.0/24 +194.145.49.0/24 +194.145.50.0/24 +194.145.51.0/24 194.145.52.0/24 194.152.58.0/23 194.153.159.64/26 @@ -5172,8 +7921,8 @@ 194.215.0.0/16 194.240.0.0/16 194.241.0.0/16 -194.247.43.0/23 -194.247.45.0/24 +194.247.43.0/24 +194.247.44.0/23 194.251.0.0/16 194.252.0.0/16 195.8.54.0/23 @@ -5283,8 +8032,8 @@ 217.169.64.0/20 # Country: FRANCE # ISO Code: FR -# Total Networks: 2,762 -# Total Subnets: 94,000,784 +# Total Networks: 3,243 +# Total Subnets: 95,081,104 2.0.0.0/12 31.3.136.0/21 31.7.248.0/21 @@ -5336,6 +8085,15 @@ 37.110.192.0/21 37.114.64.0/21 37.122.200.0/21 +37.140.200.0/21 +37.140.224.0/21 +37.157.8.0/21 +37.157.56.0/21 +37.157.128.0/21 +37.157.224.0/21 +37.160.0.0/12 +37.188.88.0/21 +37.200.104.0/21 46.16.40.0/21 46.17.64.0/21 46.17.80.0/21 @@ -5529,14 +8287,13 @@ 81.27.16.0/20 81.28.96.0/20 81.28.192.0/20 -81.48.0.0/14 -81.52.0.0/17 -81.52.128.0/20 -81.52.150.0/15 -81.54.150.0/16 -81.55.150.0/18 -81.55.214.0/19 -81.55.246.0/21 +81.48.0.0/16 +81.49.0.0/16 +81.50.0.0/16 +81.51.0.0/16 +81.52.0.0/16 +81.53.0.0/16 +81.54.0.0/15 81.56.0.0/16 81.57.0.0/16 81.64.0.0/14 @@ -5671,7 +8428,8 @@ 91.121.0.0/16 91.123.112.0/20 91.135.176.0/20 -91.142.129.0/23 +91.142.129.0/24 +91.142.130.0/24 91.151.48.0/20 91.151.64.0/20 91.151.112.0/20 @@ -5883,6 +8641,12 @@ 91.235.138.0/24 91.235.141.0/24 91.235.215.0/24 +91.236.25.0/24 +91.236.153.0/24 +91.236.161.0/24 +91.236.239.0/24 +91.236.254.0/23 +91.237.38.0/23 92.39.240.0/20 92.42.216.0/21 92.43.128.0/21 @@ -6040,6 +8804,7 @@ 130.190.0.0/16 130.193.0.0/21 130.193.24.0/21 +131.117.200.0/21 131.254.0.0/16 132.149.0.0/16 132.165.0.0/16 @@ -6169,10 +8934,10 @@ 162.38.0.0/16 163.5.0.0/16 163.9.0.0/16 -163.62.0.0/11 -163.94.0.0/12 -163.110.0.0/14 -163.114.0.0/15 +163.62.0.0/15 +163.64.0.0/11 +163.96.0.0/12 +163.112.0.0/14 163.116.0.0/16 163.173.0.0/16 164.1.0.0/16 @@ -6181,6 +8946,8 @@ 164.60.0.0/16 164.81.0.0/16 164.131.0.0/16 +164.138.56.0/21 +164.138.240.0/21 164.177.0.0/17 171.16.0.0/16 171.18.0.0/16 @@ -6423,12 +9190,26 @@ 192.70.80.0/21 192.70.88.0/22 192.70.92.0/24 -192.70.93.0/22 -192.70.97.0/21 +192.70.93.0/24 +192.70.94.0/24 +192.70.95.0/24 +192.70.96.0/24 +192.70.97.0/24 +192.70.98.0/24 +192.70.99.0/24 +192.70.100.0/24 +192.70.101.0/24 +192.70.102.0/24 +192.70.103.0/24 +192.70.104.0/24 192.70.105.0/24 192.70.106.0/24 -192.70.107.0/22 -192.70.111.0/23 +192.70.107.0/24 +192.70.108.0/24 +192.70.109.0/24 +192.70.110.0/24 +192.70.111.0/24 +192.70.112.0/24 192.70.113.0/24 192.70.114.0/24 192.70.115.0/24 @@ -6442,24 +9223,178 @@ 192.93.64.0/19 192.93.96.0/21 192.93.104.0/24 -192.93.105.0/22 +192.93.105.0/24 +192.93.106.0/24 +192.93.107.0/24 +192.93.108.0/24 192.93.109.0/24 -192.93.110.0/21 -192.93.118.0/23 +192.93.110.0/24 +192.93.111.0/24 +192.93.112.0/24 +192.93.113.0/24 +192.93.114.0/24 +192.93.115.0/24 +192.93.116.0/24 +192.93.117.0/24 +192.93.118.0/24 +192.93.119.0/24 192.93.120.0/24 192.93.121.0/24 -192.93.122.0/20 -192.93.138.0/21 -192.93.146.0/23 +192.93.122.0/24 +192.93.123.0/24 +192.93.124.0/24 +192.93.125.0/24 +192.93.126.0/24 +192.93.127.0/24 +192.93.128.0/24 +192.93.129.0/24 +192.93.130.0/24 +192.93.131.0/24 +192.93.132.0/24 +192.93.133.0/24 +192.93.134.0/24 +192.93.135.0/24 +192.93.136.0/24 +192.93.137.0/24 +192.93.138.0/24 +192.93.139.0/24 +192.93.140.0/24 +192.93.141.0/24 +192.93.142.0/24 +192.93.143.0/24 +192.93.144.0/24 +192.93.145.0/24 +192.93.146.0/24 +192.93.147.0/24 192.93.148.0/22 192.93.152.0/24 -192.93.153.0/18 -192.93.217.0/19 -192.93.249.0/22 -192.93.253.0/23 +192.93.153.0/24 +192.93.154.0/24 +192.93.155.0/24 +192.93.156.0/24 +192.93.157.0/24 +192.93.158.0/24 +192.93.159.0/24 +192.93.160.0/24 +192.93.161.0/24 +192.93.162.0/24 +192.93.163.0/24 +192.93.164.0/24 +192.93.165.0/24 +192.93.166.0/24 +192.93.167.0/24 +192.93.168.0/24 +192.93.169.0/24 +192.93.170.0/24 +192.93.171.0/24 +192.93.172.0/24 +192.93.173.0/24 +192.93.174.0/24 +192.93.175.0/24 +192.93.176.0/24 +192.93.177.0/24 +192.93.178.0/24 +192.93.179.0/24 +192.93.180.0/24 +192.93.181.0/24 +192.93.182.0/24 +192.93.183.0/24 +192.93.184.0/24 +192.93.185.0/24 +192.93.186.0/24 +192.93.187.0/24 +192.93.188.0/24 +192.93.189.0/24 +192.93.190.0/24 +192.93.191.0/24 +192.93.192.0/24 +192.93.193.0/24 +192.93.194.0/24 +192.93.195.0/24 +192.93.196.0/24 +192.93.197.0/24 +192.93.198.0/24 +192.93.199.0/24 +192.93.200.0/24 +192.93.201.0/24 +192.93.202.0/24 +192.93.203.0/24 +192.93.204.0/24 +192.93.205.0/24 +192.93.206.0/24 +192.93.207.0/24 +192.93.208.0/24 +192.93.209.0/24 +192.93.210.0/24 +192.93.211.0/24 +192.93.212.0/24 +192.93.213.0/24 +192.93.214.0/24 +192.93.215.0/24 +192.93.216.0/24 +192.93.217.0/24 +192.93.218.0/24 +192.93.219.0/24 +192.93.220.0/24 +192.93.221.0/24 +192.93.222.0/24 +192.93.223.0/24 +192.93.224.0/24 +192.93.225.0/24 +192.93.226.0/24 +192.93.227.0/24 +192.93.228.0/24 +192.93.229.0/24 +192.93.230.0/24 +192.93.231.0/24 +192.93.232.0/24 +192.93.233.0/24 +192.93.234.0/24 +192.93.235.0/24 +192.93.236.0/24 +192.93.237.0/24 +192.93.238.0/24 +192.93.239.0/24 +192.93.240.0/24 +192.93.241.0/24 +192.93.242.0/24 +192.93.243.0/24 +192.93.244.0/24 +192.93.245.0/24 +192.93.246.0/24 +192.93.247.0/24 +192.93.248.0/24 +192.93.249.0/24 +192.93.250.0/24 +192.93.251.0/24 +192.93.252.0/24 +192.93.253.0/24 +192.93.254.0/24 192.93.255.0/24 -192.94.175.0/20 -192.94.191.0/21 +192.94.175.0/24 +192.94.176.0/24 +192.94.177.0/24 +192.94.178.0/24 +192.94.179.0/24 +192.94.180.0/24 +192.94.181.0/24 +192.94.182.0/24 +192.94.183.0/24 +192.94.184.0/24 +192.94.185.0/24 +192.94.186.0/24 +192.94.187.0/24 +192.94.188.0/24 +192.94.189.0/24 +192.94.190.0/24 +192.94.191.0/24 +192.94.192.0/24 +192.94.193.0/24 +192.94.194.0/24 +192.94.195.0/24 +192.94.196.0/24 +192.94.197.0/24 +192.94.198.0/24 192.94.199.0/24 192.100.18.0/24 192.102.224.0/24 @@ -6481,7 +9416,134 @@ 192.109.147.0/24 192.109.148.0/24 192.122.1.0/24 -192.122.2.0/17 +192.122.2.0/24 +192.122.3.0/24 +192.122.4.0/24 +192.122.5.0/24 +192.122.6.0/24 +192.122.7.0/24 +192.122.8.0/24 +192.122.9.0/24 +192.122.10.0/24 +192.122.11.0/24 +192.122.12.0/24 +192.122.13.0/24 +192.122.14.0/24 +192.122.15.0/24 +192.122.16.0/24 +192.122.17.0/24 +192.122.18.0/24 +192.122.19.0/24 +192.122.20.0/24 +192.122.21.0/24 +192.122.22.0/24 +192.122.23.0/24 +192.122.24.0/24 +192.122.25.0/24 +192.122.26.0/24 +192.122.27.0/24 +192.122.28.0/24 +192.122.29.0/24 +192.122.30.0/24 +192.122.31.0/24 +192.122.32.0/24 +192.122.33.0/24 +192.122.34.0/24 +192.122.35.0/24 +192.122.36.0/24 +192.122.37.0/24 +192.122.38.0/24 +192.122.39.0/24 +192.122.40.0/24 +192.122.41.0/24 +192.122.42.0/24 +192.122.43.0/24 +192.122.44.0/24 +192.122.45.0/24 +192.122.46.0/24 +192.122.47.0/24 +192.122.48.0/24 +192.122.49.0/24 +192.122.50.0/24 +192.122.51.0/24 +192.122.52.0/24 +192.122.53.0/24 +192.122.54.0/24 +192.122.55.0/24 +192.122.56.0/24 +192.122.57.0/24 +192.122.58.0/24 +192.122.59.0/24 +192.122.60.0/24 +192.122.61.0/24 +192.122.62.0/24 +192.122.63.0/24 +192.122.64.0/24 +192.122.65.0/24 +192.122.66.0/24 +192.122.67.0/24 +192.122.68.0/24 +192.122.69.0/24 +192.122.70.0/24 +192.122.71.0/24 +192.122.72.0/24 +192.122.73.0/24 +192.122.74.0/24 +192.122.75.0/24 +192.122.76.0/24 +192.122.77.0/24 +192.122.78.0/24 +192.122.79.0/24 +192.122.80.0/24 +192.122.81.0/24 +192.122.82.0/24 +192.122.83.0/24 +192.122.84.0/24 +192.122.85.0/24 +192.122.86.0/24 +192.122.87.0/24 +192.122.88.0/24 +192.122.89.0/24 +192.122.90.0/24 +192.122.91.0/24 +192.122.92.0/24 +192.122.93.0/24 +192.122.94.0/24 +192.122.95.0/24 +192.122.96.0/24 +192.122.97.0/24 +192.122.98.0/24 +192.122.99.0/24 +192.122.100.0/24 +192.122.101.0/24 +192.122.102.0/24 +192.122.103.0/24 +192.122.104.0/24 +192.122.105.0/24 +192.122.106.0/24 +192.122.107.0/24 +192.122.108.0/24 +192.122.109.0/24 +192.122.110.0/24 +192.122.111.0/24 +192.122.112.0/24 +192.122.113.0/24 +192.122.114.0/24 +192.122.115.0/24 +192.122.116.0/24 +192.122.117.0/24 +192.122.118.0/24 +192.122.119.0/24 +192.122.120.0/24 +192.122.121.0/24 +192.122.122.0/24 +192.122.123.0/24 +192.122.124.0/24 +192.122.125.0/24 +192.122.126.0/24 +192.122.127.0/24 +192.122.128.0/24 +192.122.129.0/24 192.122.130.0/24 192.134.0.0/16 192.135.175.0/24 @@ -6559,7 +9621,6 @@ 193.25.195.0/24 193.25.197.0/24 193.25.198.0/24 -193.26.19.0/24 193.27.4.0/24 193.27.10.0/24 193.27.47.0/24 @@ -6573,12 +9634,15 @@ 193.28.235.0/24 193.29.52.0/24 193.29.129.0/24 +193.29.136.0/23 +193.29.138.0/24 193.29.222.0/24 193.30.141.0/24 193.30.224.0/22 193.33.12.0/23 193.33.36.0/23 193.33.46.0/23 +193.33.56.0/23 193.33.78.0/23 193.33.222.0/23 193.34.16.0/22 @@ -6606,7 +9670,6 @@ 193.47.0.0/24 193.47.80.0/24 193.47.184.0/24 -193.47.189.0/24 193.48.0.0/14 193.52.0.0/16 193.54.0.0/16 @@ -6654,7 +9717,10 @@ 193.56.46.0/24 193.56.47.0/24 193.56.48.0/24 -193.56.49.0/22 +193.56.49.0/24 +193.56.50.0/24 +193.56.51.0/24 +193.56.52.0/24 193.56.53.0/24 193.56.54.0/24 193.56.55.0/24 @@ -6842,7 +9908,10 @@ 193.56.239.0/24 193.56.240.0/24 193.56.241.0/24 -193.56.242.0/22 +193.56.242.0/24 +193.56.243.0/24 +193.56.244.0/24 +193.56.245.0/24 193.56.246.0/24 193.56.247.0/24 193.56.248.0/24 @@ -6903,7 +9972,10 @@ 193.57.54.0/24 193.57.55.0/24 193.57.57.0/24 -193.57.58.0/22 +193.57.58.0/24 +193.57.59.0/24 +193.57.60.0/24 +193.57.61.0/24 193.57.62.0/24 193.57.63.0/24 193.57.64.0/24 @@ -6919,7 +9991,8 @@ 193.57.74.0/24 193.57.75.0/24 193.57.76.0/24 -193.57.77.0/23 +193.57.77.0/24 +193.57.78.0/24 193.57.79.0/24 193.57.80.0/22 193.57.84.0/22 @@ -6940,10 +10013,12 @@ 193.57.102.0/24 193.57.103.0/24 193.57.104.0/24 -193.57.105.0/23 +193.57.105.0/24 +193.57.106.0/24 193.57.107.0/24 193.57.108.0/24 -193.57.109.0/23 +193.57.109.0/24 +193.57.110.0/24 193.57.111.0/24 193.57.112.0/21 193.57.120.0/22 @@ -7034,7 +10109,10 @@ 193.57.215.0/24 193.57.216.0/24 193.57.217.0/24 -193.57.218.0/22 +193.57.218.0/24 +193.57.219.0/24 +193.57.220.0/24 +193.57.221.0/24 193.57.222.0/24 193.57.223.0/24 193.57.224.0/24 @@ -7063,7 +10141,8 @@ 193.57.247.0/24 193.57.248.0/24 193.57.249.0/24 -193.57.250.0/22 +193.57.250.0/23 +193.57.252.0/23 193.57.254.0/24 193.57.255.0/24 193.58.233.0/24 @@ -7161,7 +10240,6 @@ 193.176.209.0/24 193.178.138.0/24 193.178.154.0/23 -193.178.186.0/24 193.188.134.64/27 193.188.134.144/28 193.188.251.0/24 @@ -7199,11 +10277,15 @@ 193.201.200.0/23 193.201.248.0/22 193.202.74.0/24 -193.202.75.0/23 +193.202.75.0/24 +193.202.76.0/24 193.202.77.0/24 193.202.78.0/24 193.202.79.0/24 -193.202.91.0/22 +193.202.91.0/24 +193.202.92.0/24 +193.202.93.0/24 +193.202.94.0/24 193.202.95.0/24 193.202.121.0/24 193.203.32.0/22 @@ -7234,10 +10316,84 @@ 193.239.192.0/23 193.239.198.0/23 193.239.240.0/23 -193.242.1.0/18 -193.242.65.0/21 -193.242.73.0/22 -193.242.77.0/23 +193.242.1.0/24 +193.242.2.0/24 +193.242.3.0/24 +193.242.4.0/24 +193.242.5.0/24 +193.242.6.0/24 +193.242.7.0/24 +193.242.8.0/24 +193.242.9.0/24 +193.242.10.0/24 +193.242.11.0/24 +193.242.12.0/24 +193.242.13.0/24 +193.242.14.0/24 +193.242.15.0/24 +193.242.16.0/24 +193.242.17.0/24 +193.242.18.0/24 +193.242.19.0/24 +193.242.20.0/24 +193.242.21.0/24 +193.242.22.0/24 +193.242.23.0/24 +193.242.24.0/24 +193.242.25.0/24 +193.242.26.0/24 +193.242.27.0/24 +193.242.28.0/24 +193.242.29.0/24 +193.242.30.0/24 +193.242.31.0/24 +193.242.32.0/24 +193.242.33.0/24 +193.242.34.0/24 +193.242.35.0/24 +193.242.36.0/24 +193.242.37.0/24 +193.242.38.0/24 +193.242.39.0/24 +193.242.40.0/24 +193.242.41.0/24 +193.242.42.0/24 +193.242.43.0/24 +193.242.44.0/24 +193.242.45.0/24 +193.242.46.0/24 +193.242.47.0/24 +193.242.48.0/24 +193.242.49.0/24 +193.242.50.0/24 +193.242.51.0/24 +193.242.52.0/24 +193.242.53.0/24 +193.242.54.0/24 +193.242.55.0/24 +193.242.56.0/24 +193.242.57.0/24 +193.242.58.0/24 +193.242.59.0/24 +193.242.60.0/24 +193.242.61.0/24 +193.242.62.0/24 +193.242.63.0/24 +193.242.64.0/24 +193.242.65.0/24 +193.242.66.0/24 +193.242.67.0/24 +193.242.68.0/24 +193.242.69.0/24 +193.242.70.0/24 +193.242.71.0/24 +193.242.72.0/24 +193.242.73.0/24 +193.242.74.0/24 +193.242.75.0/24 +193.242.76.0/24 +193.242.77.0/24 +193.242.78.0/24 193.242.79.0/24 193.242.192.0/19 193.248.0.0/14 @@ -7260,12 +10416,14 @@ 194.4.6.0/24 194.4.7.0/24 194.4.8.0/23 -194.4.10.0/22 +194.4.10.0/23 +194.4.12.0/23 194.4.14.0/24 194.4.15.0/24 194.4.16.0/20 194.4.32.0/21 -194.4.40.0/20 +194.4.40.0/21 +194.4.48.0/21 194.4.56.0/21 194.4.64.0/24 194.4.65.0/24 @@ -7275,8 +10433,8 @@ 194.4.69.0/24 194.4.70.0/24 194.4.71.0/24 -194.4.72.0/20 -194.4.88.0/21 +194.4.72.0/21 +194.4.80.0/20 194.4.96.0/22 194.4.100.0/24 194.4.101.0/24 @@ -7351,7 +10509,38 @@ 194.4.173.0/24 194.4.174.0/24 194.4.175.0/24 -194.4.176.0/19 +194.4.176.0/24 +194.4.177.0/24 +194.4.178.0/24 +194.4.179.0/24 +194.4.180.0/24 +194.4.181.0/24 +194.4.182.0/24 +194.4.183.0/24 +194.4.184.0/24 +194.4.185.0/24 +194.4.186.0/24 +194.4.187.0/24 +194.4.188.0/24 +194.4.189.0/24 +194.4.190.0/24 +194.4.191.0/24 +194.4.192.0/24 +194.4.193.0/24 +194.4.194.0/24 +194.4.195.0/24 +194.4.196.0/24 +194.4.197.0/24 +194.4.198.0/24 +194.4.199.0/24 +194.4.200.0/24 +194.4.201.0/24 +194.4.202.0/24 +194.4.203.0/24 +194.4.204.0/24 +194.4.205.0/24 +194.4.206.0/24 +194.4.207.0/24 194.4.208.0/24 194.4.209.0/24 194.4.210.0/24 @@ -7396,7 +10585,8 @@ 194.5.10.0/24 194.5.11.0/24 194.5.12.0/24 -194.5.13.0/23 +194.5.13.0/24 +194.5.14.0/24 194.5.15.0/24 194.5.16.0/24 194.5.17.0/24 @@ -7426,7 +10616,8 @@ 194.5.55.0/24 194.5.56.0/22 194.5.60.0/24 -194.5.61.0/23 +194.5.61.0/24 +194.5.62.0/24 194.5.63.0/24 194.5.64.0/22 194.5.68.0/23 @@ -7434,14 +10625,19 @@ 194.5.71.0/24 194.5.72.0/24 194.5.73.0/24 -194.5.74.0/22 +194.5.74.0/23 +194.5.76.0/23 194.5.78.0/24 194.5.79.0/24 194.5.80.0/23 -194.5.82.0/22 +194.5.82.0/24 +194.5.83.0/24 +194.5.84.0/24 +194.5.85.0/24 194.5.86.0/24 194.5.88.0/23 -194.5.90.0/22 +194.5.90.0/23 +194.5.92.0/23 194.5.94.0/24 194.5.95.0/24 194.5.96.0/23 @@ -7452,17 +10648,24 @@ 194.5.105.0/24 194.5.106.0/24 194.5.107.0/24 -194.5.108.0/20 +194.5.108.0/22 +194.5.112.0/22 +194.5.116.0/22 +194.5.120.0/22 194.5.124.0/23 194.5.126.0/24 194.5.127.0/24 194.5.128.0/22 194.5.132.0/24 -194.5.133.0/23 +194.5.133.0/24 +194.5.134.0/24 194.5.135.0/24 194.5.136.0/21 194.5.144.0/24 -194.5.145.0/22 +194.5.145.0/24 +194.5.146.0/24 +194.5.147.0/24 +194.5.148.0/24 194.5.149.0/24 194.5.150.0/23 194.5.152.0/21 @@ -7473,7 +10676,10 @@ 194.5.164.0/23 194.5.166.0/23 194.5.168.0/23 -194.5.170.0/22 +194.5.170.0/24 +194.5.171.0/24 +194.5.172.0/24 +194.5.173.0/24 194.5.174.0/24 194.5.175.0/24 194.5.176.0/23 @@ -7481,7 +10687,8 @@ 194.5.180.0/24 194.5.181.0/24 194.5.182.0/24 -194.5.183.0/23 +194.5.183.0/24 +194.5.184.0/24 194.5.185.0/24 194.5.186.0/23 194.5.188.0/24 @@ -7614,13 +10821,18 @@ 194.126.236.0/24 194.126.245.0/24 194.143.132.0/23 -194.145.53.0/22 -194.145.57.0/23 +194.145.53.0/24 +194.145.54.0/24 +194.145.55.0/24 +194.145.56.0/24 +194.145.57.0/24 +194.145.58.0/24 194.145.144.0/24 194.145.154.0/24 194.146.0.0/23 194.146.2.0/24 -194.146.3.0/23 +194.146.3.0/24 +194.146.4.0/24 194.146.5.0/24 194.146.6.0/24 194.146.7.0/24 @@ -7644,10 +10856,12 @@ 194.146.32.0/24 194.146.33.0/24 194.146.34.0/24 -194.146.35.0/23 +194.146.35.0/24 +194.146.36.0/24 194.146.37.0/24 194.146.38.0/24 -194.146.39.0/23 +194.146.39.0/24 +194.146.40.0/24 194.146.41.0/24 194.146.42.0/24 194.146.43.0/24 @@ -7673,13 +10887,18 @@ 194.146.71.0/24 194.146.72.0/21 194.146.80.0/23 -194.146.82.0/22 -194.146.86.0/23 +194.146.82.0/24 +194.146.83.0/24 +194.146.84.0/24 +194.146.85.0/24 +194.146.86.0/24 +194.146.87.0/24 194.146.88.0/22 194.146.92.0/23 194.146.94.0/23 194.146.96.0/24 -194.146.97.0/23 +194.146.97.0/24 +194.146.98.0/24 194.146.99.0/24 194.146.100.0/24 194.146.101.0/24 @@ -7738,14 +10957,16 @@ 195.8.111.0/24 195.8.124.0/24 195.8.214.0/23 -195.13.35.0/23 +195.13.32.0/23 +195.13.34.0/24 +195.13.35.0/24 +195.13.36.0/24 195.13.37.0/25 195.13.58.0/23 195.14.0.0/24 195.14.5.0/24 195.14.22.0/24 195.14.27.0/24 -195.14.30.0/24 195.20.104.0/23 195.20.198.0/23 195.24.246.0/23 @@ -7822,6 +11043,14 @@ 195.132.32.0/19 195.132.64.0/18 195.132.128.0/17 +195.134.160.0/24 +195.134.161.0/24 +195.134.162.0/24 +195.134.163.0/24 +195.134.164.0/24 +195.134.165.0/24 +195.134.166.0/24 +195.134.167.0/24 195.137.181.0/24 195.137.184.0/24 195.137.248.0/23 @@ -8009,6 +11238,7 @@ 217.19.192.0/20 217.24.80.0/20 217.25.176.0/20 +217.26.136.0/21 217.26.192.0/20 217.28.64.0/21 217.64.48.0/20 @@ -8049,8 +11279,8 @@ 217.195.16.0/20 # Country: GERMANY # ISO Code: DE -# Total Networks: 5,663 -# Total Subnets: 117,871,496 +# Total Networks: 6,005 +# Total Subnets: 118,097,800 2.160.0.0/12 2.200.0.0/13 2.208.0.0/13 @@ -8132,6 +11362,22 @@ 37.114.96.0/19 37.123.104.0/21 37.123.120.0/21 +37.130.128.0/20 +37.131.176.0/21 +37.131.232.0/21 +37.131.240.0/21 +37.138.0.0/16 +37.143.40.0/21 +37.143.48.0/20 +37.148.136.0/21 +37.148.152.0/21 +37.148.232.0/21 +37.157.40.0/21 +37.157.248.0/21 +37.200.96.0/21 +37.201.0.0/17 +37.201.128.0/17 +37.202.0.0/21 46.1.0.0/16 46.4.0.0/16 46.5.0.0/16 @@ -8352,6 +11598,7 @@ 77.176.0.0/12 77.220.224.0/19 77.232.224.0/19 +77.234.32.0/21 77.235.160.0/19 77.236.96.0/19 77.237.224.0/19 @@ -8884,7 +12131,6 @@ 91.198.82.0/24 91.198.113.0/24 91.198.114.0/24 -91.198.125.0/24 91.198.137.0/24 91.198.139.0/24 91.198.152.0/24 @@ -9000,7 +12246,6 @@ 91.212.181.0/24 91.212.204.0/24 91.212.206.0/24 -91.212.225.0/24 91.212.243.0/24 91.212.245.0/24 91.213.20.0/24 @@ -9028,7 +12273,6 @@ 91.216.33.0/24 91.216.35.0/24 91.216.45.0/24 -91.216.74.0/24 91.216.79.0/24 91.216.90.0/24 91.216.108.0/24 @@ -9140,6 +12384,12 @@ 91.235.45.0/24 91.235.47.0/24 91.235.236.0/24 +91.235.240.0/24 +91.236.106.0/23 +91.237.65.0/24 +91.237.88.0/23 +91.237.100.0/23 +91.237.117.0/24 92.39.16.0/20 92.42.192.0/21 92.42.224.0/21 @@ -9367,6 +12617,7 @@ 130.255.120.0/21 130.255.184.0/21 131.99.0.0/16 +131.117.144.0/20 131.159.0.0/16 131.169.0.0/16 131.173.0.0/16 @@ -9611,6 +12862,7 @@ 149.207.0.0/16 149.208.0.0/16 149.211.0.0/16 +149.212.0.0/16 149.213.0.0/16 149.214.0.0/16 149.215.0.0/16 @@ -9702,6 +12954,7 @@ 164.59.0.0/16 164.61.0.0/16 164.133.0.0/16 +164.138.192.0/21 164.139.0.0/16 164.177.160.0/21 164.177.168.0/21 @@ -9824,11 +13077,9 @@ 188.246.0.0/19 192.5.145.0/24 192.12.81.0/24 -192.26.174.0/24 -192.26.175.0/24 -192.26.176.0/24 -192.26.177.0/20 -192.26.193.0/24 +192.26.174.0/23 +192.26.176.0/20 +192.26.192.0/23 192.31.14.0/24 192.31.102.0/24 192.33.254.0/24 @@ -9848,16 +13099,17 @@ 192.35.13.0/24 192.35.14.0/24 192.35.15.0/24 -192.35.16.0/24 -192.35.17.0/24 -192.35.18.0/24 -192.35.19.0/24 +192.35.16.0/22 192.35.63.0/24 192.35.64.0/24 192.35.65.0/24 192.35.66.0/24 -192.35.67.0/22 -192.35.71.0/23 +192.35.67.0/24 +192.35.68.0/24 +192.35.69.0/24 +192.35.70.0/24 +192.35.71.0/24 +192.35.72.0/24 192.35.90.0/24 192.35.149.0/24 192.35.150.0/24 @@ -9912,8 +13164,11 @@ 192.44.38.0/24 192.44.39.0/24 192.44.40.0/24 -192.44.81.0/21 -192.44.89.0/23 +192.44.81.0/24 +192.44.82.0/23 +192.44.84.0/22 +192.44.88.0/23 +192.44.90.0/24 192.48.31.0/24 192.48.107.0/24 192.48.145.0/24 @@ -10008,7 +13263,10 @@ 192.54.64.0/24 192.54.65.0/24 192.54.66.0/24 -192.54.67.0/22 +192.54.67.0/24 +192.54.68.0/24 +192.54.69.0/24 +192.54.70.0/24 192.54.71.0/24 192.54.72.0/24 192.54.73.0/24 @@ -10022,7 +13280,9 @@ 192.54.104.0/24 192.54.113.0/24 192.54.115.0/24 -192.54.125.0/22 +192.54.125.0/24 +192.54.126.0/23 +192.54.128.0/24 192.54.139.0/24 192.54.221.0/24 192.54.254.0/24 @@ -10040,7 +13300,10 @@ 192.67.190.0/24 192.67.191.0/24 192.67.192.0/24 -192.67.193.0/22 +192.67.193.0/24 +192.67.194.0/24 +192.67.195.0/24 +192.67.196.0/24 192.67.197.0/24 192.67.198.0/24 192.67.199.0/24 @@ -10064,12 +13327,12 @@ 192.68.18.0/24 192.68.19.0/24 192.68.165.0/24 -192.68.166.0/22 +192.68.166.0/24 +192.68.167.0/24 +192.68.168.0/24 +192.68.169.0/24 192.68.211.0/24 -192.68.212.0/24 -192.68.213.0/24 -192.68.214.0/24 -192.68.215.0/24 +192.68.212.0/22 192.68.252.0/24 192.68.254.0/24 192.69.234.0/24 @@ -10122,8 +13385,26 @@ 192.76.150.0/24 192.76.151.0/24 192.76.152.0/24 -192.76.153.0/20 -192.76.169.0/22 +192.76.153.0/24 +192.76.154.0/24 +192.76.155.0/24 +192.76.156.0/24 +192.76.157.0/24 +192.76.158.0/24 +192.76.159.0/24 +192.76.160.0/24 +192.76.161.0/24 +192.76.162.0/24 +192.76.163.0/24 +192.76.164.0/24 +192.76.165.0/24 +192.76.166.0/24 +192.76.167.0/24 +192.76.168.0/24 +192.76.169.0/24 +192.76.170.0/24 +192.76.171.0/24 +192.76.172.0/24 192.76.176.0/24 192.76.241.0/24 192.76.245.0/24 @@ -10153,19 +13434,54 @@ 192.100.98.0/24 192.101.28.0/24 192.101.75.0/24 -192.101.179.0/23 +192.101.179.0/24 +192.101.180.0/24 192.101.197.0/24 192.101.198.0/24 192.102.89.0/24 -192.102.146.0/19 +192.102.146.0/24 +192.102.147.0/24 +192.102.148.0/24 +192.102.149.0/24 +192.102.150.0/24 +192.102.151.0/24 +192.102.152.0/24 +192.102.153.0/24 +192.102.154.0/24 +192.102.155.0/24 +192.102.156.0/24 +192.102.157.0/24 +192.102.158.0/24 +192.102.159.0/24 +192.102.160.0/24 +192.102.161.0/24 +192.102.162.0/24 +192.102.163.0/24 +192.102.164.0/24 +192.102.165.0/24 +192.102.166.0/24 +192.102.167.0/24 +192.102.168.0/24 +192.102.169.0/24 +192.102.170.0/24 +192.102.171.0/24 +192.102.172.0/24 +192.102.173.0/24 +192.102.174.0/24 +192.102.175.0/24 +192.102.176.0/24 +192.102.177.0/24 192.103.23.0/24 192.103.27.0/24 192.103.40.0/24 192.104.77.0/24 192.107.123.0/24 192.107.132.0/24 -192.107.235.0/23 -192.108.23.0/22 +192.107.235.0/24 +192.107.236.0/24 +192.108.23.0/24 +192.108.24.0/23 +192.108.26.0/24 192.108.27.0/24 192.108.28.0/24 192.108.29.0/24 @@ -10207,8 +13523,26 @@ 192.108.66.0/23 192.108.68.0/22 192.108.72.0/24 -192.108.73.0/20 -192.108.89.0/22 +192.108.73.0/24 +192.108.74.0/24 +192.108.75.0/24 +192.108.76.0/24 +192.108.77.0/24 +192.108.78.0/24 +192.108.79.0/24 +192.108.80.0/24 +192.108.81.0/24 +192.108.82.0/24 +192.108.83.0/24 +192.108.84.0/24 +192.108.85.0/24 +192.108.86.0/24 +192.108.87.0/24 +192.108.88.0/24 +192.108.89.0/24 +192.108.90.0/24 +192.108.91.0/24 +192.108.92.0/24 192.108.120.0/24 192.109.0.0/21 192.109.8.0/22 @@ -10228,10 +13562,15 @@ 192.109.26.0/24 192.109.27.0/24 192.109.28.0/24 -192.109.29.0/23 +192.109.29.0/24 +192.109.30.0/24 192.109.31.0/24 -192.109.32.0/23 -192.109.34.0/22 +192.109.32.0/24 +192.109.33.0/24 +192.109.34.0/24 +192.109.35.0/24 +192.109.36.0/24 +192.109.37.0/24 192.109.38.0/24 192.109.39.0/24 192.109.40.0/23 @@ -10354,15 +13693,90 @@ 192.109.175.0/24 192.109.176.0/24 192.109.177.0/24 -192.109.178.0/18 -192.109.243.0/21 -192.109.251.0/22 +192.109.178.0/24 +192.109.179.0/24 +192.109.180.0/24 +192.109.181.0/24 +192.109.182.0/24 +192.109.183.0/24 +192.109.184.0/24 +192.109.185.0/24 +192.109.186.0/24 +192.109.187.0/24 +192.109.188.0/24 +192.109.189.0/24 +192.109.190.0/24 +192.109.191.0/24 +192.109.192.0/24 +192.109.193.0/24 +192.109.194.0/24 +192.109.195.0/24 +192.109.196.0/24 +192.109.197.0/24 +192.109.198.0/24 +192.109.199.0/24 +192.109.200.0/24 +192.109.201.0/24 +192.109.202.0/24 +192.109.203.0/24 +192.109.204.0/24 +192.109.205.0/24 +192.109.206.0/24 +192.109.207.0/24 +192.109.208.0/24 +192.109.209.0/24 +192.109.210.0/24 +192.109.211.0/24 +192.109.212.0/24 +192.109.213.0/24 +192.109.214.0/24 +192.109.215.0/24 +192.109.216.0/24 +192.109.217.0/24 +192.109.218.0/24 +192.109.219.0/24 +192.109.220.0/24 +192.109.221.0/24 +192.109.222.0/24 +192.109.223.0/24 +192.109.224.0/24 +192.109.225.0/24 +192.109.226.0/24 +192.109.227.0/24 +192.109.228.0/24 +192.109.229.0/24 +192.109.230.0/24 +192.109.231.0/24 +192.109.232.0/24 +192.109.233.0/24 +192.109.234.0/24 +192.109.235.0/24 +192.109.236.0/24 +192.109.237.0/24 +192.109.238.0/24 +192.109.239.0/24 +192.109.240.0/24 +192.109.241.0/24 +192.109.243.0/24 +192.109.244.0/24 +192.109.245.0/24 +192.109.246.0/24 +192.109.247.0/24 +192.109.248.0/24 +192.109.249.0/24 +192.109.250.0/24 +192.109.251.0/24 +192.109.252.0/24 +192.109.253.0/24 +192.109.254.0/24 192.109.255.0/24 192.111.47.0/24 192.111.127.0/24 192.112.208.0/24 192.112.213.0/24 -192.124.25.0/22 +192.124.25.0/24 +192.124.26.0/23 +192.124.28.0/24 192.124.112.0/24 192.124.115.0/24 192.124.235.0/24 @@ -10384,10 +13798,36 @@ 192.124.254.0/24 192.125.0.0/17 192.125.128.0/17 -192.129.1.0/20 -192.129.17.0/21 -192.129.25.0/22 -192.129.29.0/23 +192.129.1.0/24 +192.129.2.0/24 +192.129.3.0/24 +192.129.4.0/24 +192.129.5.0/24 +192.129.6.0/24 +192.129.7.0/24 +192.129.8.0/24 +192.129.9.0/24 +192.129.10.0/24 +192.129.11.0/24 +192.129.12.0/24 +192.129.13.0/24 +192.129.14.0/24 +192.129.15.0/24 +192.129.16.0/24 +192.129.17.0/24 +192.129.18.0/24 +192.129.19.0/24 +192.129.20.0/24 +192.129.21.0/24 +192.129.22.0/24 +192.129.23.0/24 +192.129.24.0/24 +192.129.25.0/24 +192.129.26.0/24 +192.129.27.0/24 +192.129.28.0/24 +192.129.29.0/24 +192.129.30.0/24 192.129.31.0/24 192.129.98.0/24 192.131.20.0/24 @@ -10425,8 +13865,8 @@ 192.166.80.0/24 192.166.81.0/24 192.166.82.0/23 -192.166.84.0/21 -192.166.92.0/22 +192.166.84.0/22 +192.166.88.0/21 192.166.104.0/21 192.166.114.0/24 192.166.115.0/24 @@ -10511,7 +13951,8 @@ 193.16.112.0/20 193.16.128.0/20 193.16.160.0/21 -193.16.168.0/20 +193.16.168.0/21 +193.16.176.0/21 193.16.184.0/23 193.16.186.0/23 193.16.188.0/22 @@ -10572,7 +14013,9 @@ 193.17.221.0/24 193.17.224.0/24 193.17.230.0/24 -193.17.232.0/20 +193.17.232.0/22 +193.17.236.0/22 +193.17.240.0/21 193.17.254.0/24 193.17.255.0/24 193.18.0.0/16 @@ -10622,8 +14065,46 @@ 193.22.174.0/24 193.22.176.0/22 193.22.180.0/22 -193.22.184.0/19 -193.22.216.0/21 +193.22.184.0/24 +193.22.185.0/24 +193.22.186.0/24 +193.22.187.0/24 +193.22.188.0/24 +193.22.189.0/24 +193.22.190.0/24 +193.22.191.0/24 +193.22.192.0/24 +193.22.193.0/24 +193.22.194.0/24 +193.22.195.0/24 +193.22.196.0/24 +193.22.197.0/24 +193.22.198.0/24 +193.22.199.0/24 +193.22.200.0/24 +193.22.201.0/24 +193.22.202.0/24 +193.22.203.0/24 +193.22.204.0/24 +193.22.205.0/24 +193.22.206.0/24 +193.22.207.0/24 +193.22.208.0/24 +193.22.209.0/24 +193.22.210.0/24 +193.22.211.0/24 +193.22.212.0/24 +193.22.213.0/24 +193.22.214.0/24 +193.22.215.0/24 +193.22.216.0/24 +193.22.217.0/24 +193.22.218.0/24 +193.22.219.0/24 +193.22.220.0/24 +193.22.221.0/24 +193.22.222.0/24 +193.22.223.0/24 193.22.240.0/23 193.22.246.0/23 193.22.253.0/24 @@ -10667,8 +14148,8 @@ 193.23.184.0/21 193.23.192.0/19 193.23.226.0/24 -193.23.230.0/21 -193.23.238.0/23 +193.23.230.0/23 +193.23.232.0/21 193.23.240.0/23 193.23.242.0/24 193.23.243.0/24 @@ -10761,8 +14242,16 @@ 193.26.224.0/20 193.26.240.0/22 193.26.244.0/23 -193.26.246.0/21 -193.26.254.0/23 +193.26.246.0/24 +193.26.247.0/24 +193.26.248.0/24 +193.26.249.0/24 +193.26.250.0/24 +193.26.251.0/24 +193.26.252.0/24 +193.26.253.0/24 +193.26.254.0/24 +193.26.255.0/24 193.27.12.0/22 193.27.16.0/24 193.27.17.0/24 @@ -10820,8 +14309,26 @@ 193.28.96.0/21 193.28.104.0/23 193.28.106.0/24 -193.28.107.0/20 -193.28.123.0/22 +193.28.107.0/24 +193.28.108.0/24 +193.28.109.0/24 +193.28.110.0/24 +193.28.111.0/24 +193.28.112.0/24 +193.28.113.0/24 +193.28.114.0/24 +193.28.115.0/24 +193.28.116.0/24 +193.28.117.0/24 +193.28.118.0/24 +193.28.119.0/24 +193.28.120.0/24 +193.28.121.0/24 +193.28.122.0/24 +193.28.123.0/24 +193.28.124.0/24 +193.28.125.0/24 +193.28.126.0/24 193.28.127.0/24 193.28.128.0/20 193.28.145.0/24 @@ -10878,10 +14385,12 @@ 193.29.64.0/19 193.29.96.0/20 193.29.112.0/20 -193.29.130.0/22 -193.29.134.0/23 -193.29.136.0/23 -193.29.138.0/24 +193.29.130.0/24 +193.29.131.0/24 +193.29.132.0/24 +193.29.133.0/24 +193.29.134.0/24 +193.29.135.0/24 193.29.140.0/22 193.29.144.0/20 193.29.160.0/20 @@ -11046,7 +14555,6 @@ 193.41.52.0/22 193.41.82.0/24 193.41.87.0/24 -193.41.93.0/24 193.41.116.0/23 193.41.124.0/23 193.41.144.0/23 @@ -11186,7 +14694,10 @@ 193.111.216.0/22 193.111.233.0/24 193.111.238.0/24 -193.138.10.0/20 +193.138.10.0/23 +193.138.12.0/22 +193.138.16.0/21 +193.138.24.0/23 193.138.26.0/23 193.138.28.0/24 193.138.31.0/24 @@ -11223,8 +14734,8 @@ 193.159.0.0/16 193.160.39.0/24 193.164.8.0/24 -193.164.131.0/23 -193.164.133.0/24 +193.164.131.0/24 +193.164.132.0/23 193.164.134.0/24 193.164.135.0/24 193.164.154.0/24 @@ -11256,6 +14767,7 @@ 193.186.3.0/24 193.186.7.0/24 193.186.12.0/24 +193.186.254.0/24 193.188.154.0/23 193.188.158.0/23 193.188.196.0/24 @@ -11275,12 +14787,12 @@ 193.192.58.0/23 193.192.60.0/23 193.193.166.0/23 -193.193.174.0/22 -193.193.178.0/23 +193.193.174.0/23 +193.193.176.0/22 193.193.180.0/24 193.193.190.0/23 -193.194.6.0/21 -193.194.14.0/23 +193.194.6.0/23 +193.194.8.0/21 193.194.136.0/24 193.194.137.0/24 193.194.142.0/23 @@ -11417,7 +14929,6 @@ 194.1.155.0/24 194.1.176.0/24 194.1.181.0/24 -194.1.202.0/24 194.1.207.0/24 194.6.192.0/22 194.6.208.0/22 @@ -11442,7 +14953,8 @@ 194.9.126.0/25 194.9.126.128/26 194.9.126.192/28 -194.9.126.208/27 +194.9.126.208/28 +194.9.126.224/28 194.9.126.240/28 194.9.128.0/19 194.9.160.0/22 @@ -11484,7 +14996,8 @@ 194.15.156.0/22 194.15.160.0/20 194.15.176.0/23 -194.15.178.0/22 +194.15.178.0/23 +194.15.180.0/23 194.15.182.0/24 194.15.183.0/24 194.15.184.0/22 @@ -11494,10 +15007,19 @@ 194.15.191.0/24 194.15.192.0/23 194.15.194.0/24 -194.15.195.0/23 +194.15.195.0/24 +194.15.196.0/24 194.15.197.0/24 -194.15.198.0/21 -194.15.206.0/23 +194.15.198.0/24 +194.15.199.0/24 +194.15.200.0/24 +194.15.201.0/24 +194.15.202.0/24 +194.15.203.0/24 +194.15.204.0/24 +194.15.205.0/24 +194.15.206.0/24 +194.15.207.0/24 194.15.208.0/22 194.15.214.0/24 194.15.215.0/24 @@ -11533,7 +15055,6 @@ 194.29.224.0/19 194.30.162.0/24 194.30.167.0/24 -194.30.178.0/24 194.30.180.0/24 194.30.183.0/24 194.30.185.0/24 @@ -11609,9 +15130,8 @@ 194.31.245.0/24 194.31.246.0/24 194.31.247.0/24 -194.31.248.0/21 -194.33.17.0/23 -194.33.19.0/24 +194.33.17.0/24 +194.33.18.0/23 194.39.0.0/20 194.39.16.0/21 194.39.24.0/22 @@ -11773,11 +15293,12 @@ 194.49.114.0/24 194.49.115.0/24 194.49.116.0/24 -194.49.117.0/23 -194.49.119.0/24 +194.49.117.0/24 +194.49.118.0/23 194.49.120.0/22 194.49.124.0/24 -194.49.125.0/23 +194.49.125.0/24 +194.49.126.0/24 194.49.127.0/24 194.49.128.0/17 194.50.36.0/24 @@ -11901,8 +15422,12 @@ 194.59.13.0/24 194.59.14.0/23 194.59.16.0/23 -194.59.18.0/22 -194.59.22.0/23 +194.59.18.0/24 +194.59.19.0/24 +194.59.20.0/24 +194.59.21.0/24 +194.59.22.0/24 +194.59.23.0/24 194.59.24.0/22 194.59.28.0/23 194.59.30.0/24 @@ -11912,7 +15437,8 @@ 194.59.34.0/23 194.59.36.0/22 194.59.40.0/24 -194.59.41.0/23 +194.59.41.0/24 +194.59.42.0/24 194.59.43.0/24 194.59.44.0/23 194.59.46.0/24 @@ -12175,7 +15701,8 @@ 194.99.50.0/24 194.99.51.0/24 194.99.52.0/24 -194.99.53.0/23 +194.99.53.0/24 +194.99.54.0/24 194.99.55.0/24 194.99.56.0/24 194.99.57.0/24 @@ -12227,10 +15754,26 @@ 194.99.144.0/21 194.99.152.0/22 194.99.156.0/24 -194.99.157.0/23 +194.99.157.0/24 +194.99.158.0/24 194.99.159.0/24 -194.99.160.0/18 -194.99.224.0/19 +194.99.160.0/19 +194.99.192.0/22 +194.99.196.0/22 +194.99.200.0/22 +194.99.204.0/22 +194.99.208.0/22 +194.99.212.0/22 +194.99.216.0/22 +194.99.220.0/22 +194.99.224.0/22 +194.99.228.0/22 +194.99.232.0/22 +194.99.236.0/22 +194.99.240.0/22 +194.99.244.0/22 +194.99.248.0/22 +194.99.252.0/22 194.105.96.0/21 194.106.206.0/23 194.110.25.0/24 @@ -12249,13 +15792,18 @@ 194.113.28.0/22 194.113.32.0/24 194.113.33.0/24 -194.113.34.0/22 -194.113.38.0/23 +194.113.34.0/24 +194.113.35.0/24 +194.113.36.0/24 +194.113.37.0/24 +194.113.38.0/24 +194.113.39.0/24 194.113.40.0/23 194.113.42.0/24 194.113.43.0/24 194.113.44.0/24 -194.113.45.0/23 +194.113.45.0/24 +194.113.46.0/24 194.113.47.0/24 194.113.48.0/22 194.113.52.0/23 @@ -12355,8 +15903,8 @@ 194.113.224.0/23 194.113.226.0/24 194.113.227.0/24 -194.113.228.0/21 -194.113.236.0/22 +194.113.228.0/22 +194.113.232.0/21 194.113.240.0/23 194.113.242.0/24 194.113.243.0/24 @@ -12382,7 +15930,8 @@ 194.117.250.0/23 194.117.254.0/23 194.124.229.0/24 -194.126.131.0/23 +194.126.131.0/24 +194.126.132.0/24 194.126.158.0/23 194.126.194.0/24 194.126.195.0/24 @@ -12418,7 +15967,10 @@ 194.127.119.0/24 194.127.120.0/23 194.127.122.0/24 -194.127.123.0/22 +194.127.123.0/24 +194.127.124.0/24 +194.127.125.0/24 +194.127.126.0/24 194.127.127.0/24 194.127.128.0/24 194.127.129.0/24 @@ -12426,8 +15978,8 @@ 194.127.132.0/23 194.127.134.0/24 194.127.135.0/24 -194.127.140.0/21 -194.127.148.0/22 +194.127.140.0/22 +194.127.144.0/21 194.127.152.0/23 194.127.154.0/23 194.127.156.0/24 @@ -12523,8 +16075,16 @@ 194.146.208.0/22 194.147.133.0/24 194.149.241.0/24 -194.149.246.0/21 -194.149.254.0/23 +194.149.246.0/24 +194.149.247.0/24 +194.149.248.0/24 +194.149.249.0/24 +194.149.250.0/24 +194.149.251.0/24 +194.149.252.0/24 +194.149.253.0/24 +194.149.254.0/24 +194.149.255.0/24 194.150.80.0/22 194.150.168.0/23 194.150.172.0/23 @@ -12595,7 +16155,6 @@ 194.156.162.0/24 194.156.163.0/24 194.156.164.0/24 -194.156.165.0/24 194.156.166.0/24 194.156.167.0/24 194.156.168.0/22 @@ -12606,8 +16165,8 @@ 194.156.176.0/23 194.156.178.0/23 194.156.180.0/24 -194.156.181.0/23 -194.156.183.0/24 +194.156.181.0/24 +194.156.182.0/23 194.156.184.0/24 194.156.185.0/24 194.156.186.0/24 @@ -12724,10 +16283,12 @@ 194.180.106.0/23 194.180.108.0/23 194.180.110.0/24 -194.180.111.0/23 +194.180.111.0/24 +194.180.112.0/24 194.180.113.0/24 194.180.114.0/24 -194.180.115.0/23 +194.180.115.0/24 +194.180.116.0/24 194.180.117.0/24 194.180.118.0/23 194.180.120.0/21 @@ -12783,10 +16344,15 @@ 194.180.208.192/27 194.180.208.224/27 194.180.209.0/24 -194.180.210.0/22 -194.180.214.0/23 +194.180.210.0/24 +194.180.211.0/24 +194.180.212.0/24 +194.180.213.0/24 +194.180.214.0/24 +194.180.215.0/24 194.180.216.0/24 -194.180.217.0/23 +194.180.217.0/24 +194.180.218.0/24 194.180.219.0/24 194.180.220.0/22 194.180.224.0/24 @@ -12804,7 +16370,8 @@ 194.180.227.0/24 194.180.228.0/23 194.180.230.0/24 -194.180.231.0/23 +194.180.231.0/24 +194.180.232.0/24 194.180.233.0/24 194.180.234.0/23 194.180.236.0/26 @@ -12844,7 +16411,6 @@ 194.242.20.0/23 194.242.46.0/24 194.245.0.0/16 -194.246.0.0/19 194.246.32.0/22 194.246.36.0/23 194.246.38.0/24 @@ -12852,14 +16418,14 @@ 194.246.39.64/27 194.246.39.128/26 194.246.40.0/22 -194.246.44.0/20 -194.246.60.0/22 +194.246.44.0/22 +194.246.48.0/20 194.246.64.0/21 194.246.72.0/23 194.246.80.0/22 194.246.84.0/24 -194.246.85.0/23 -194.246.87.0/24 +194.246.85.0/24 +194.246.86.0/23 194.246.88.0/21 194.246.96.0/24 194.246.122.0/23 @@ -12876,8 +16442,8 @@ 195.5.187.0/24 195.5.191.0/24 195.8.104.0/24 -195.8.121.0/23 -195.8.123.0/24 +195.8.121.0/24 +195.8.122.0/23 195.8.224.0/19 195.10.195.0/24 195.10.203.0/24 @@ -12894,6 +16460,7 @@ 195.16.80.0/22 195.20.64.0/19 195.20.98.0/23 +195.20.112.0/23 195.20.114.0/23 195.20.120.0/23 195.20.122.0/24 @@ -12914,7 +16481,8 @@ 195.34.160.0/19 195.35.0.0/18 195.35.72.0/21 -195.35.87.0/23 +195.35.87.0/24 +195.35.88.0/24 195.35.89.0/24 195.35.98.0/24 195.35.103.0/24 @@ -13144,6 +16712,7 @@ 195.191.68.0/23 195.191.92.0/23 195.191.114.0/23 +195.191.128.0/23 195.191.196.0/23 195.191.216.0/23 195.191.224.0/23 @@ -13285,12 +16854,15 @@ 204.79.149.0/24 204.79.168.0/24 204.79.171.0/24 -204.79.177.0/23 +204.79.177.0/24 +204.79.178.0/24 204.79.187.0/24 204.79.199.0/24 204.79.200.0/24 -204.79.235.0/23 -204.79.241.0/23 +204.79.235.0/24 +204.79.236.0/24 +204.79.241.0/24 +204.79.242.0/24 204.154.64.0/21 204.231.228.0/24 212.0.0.0/18 @@ -13736,8 +17308,8 @@ 217.147.112.0/20 # Country: GREECE # ISO Code: GR -# Total Networks: 298 -# Total Subnets: 5,553,664 +# Total Networks: 322 +# Total Subnets: 5,549,568 2.84.0.0/14 31.22.112.0/21 31.152.0.0/16 @@ -13791,7 +17363,6 @@ 83.174.128.0/18 83.212.0.0/16 83.235.0.0/16 -84.38.0.0/20 84.205.192.0/19 84.205.224.0/19 84.254.0.0/18 @@ -13918,27 +17489,49 @@ 193.201.22.0/23 193.201.46.0/24 193.201.166.0/24 -193.218.1.0/22 -193.218.5.0/23 +193.218.1.0/24 +193.218.2.0/23 +193.218.4.0/24 +193.218.5.0/24 +193.218.6.0/24 193.218.33.0/24 193.218.34.0/23 193.218.36.0/24 -193.218.37.0/22 -193.218.41.0/23 +193.218.37.0/24 +193.218.38.0/23 +193.218.40.0/24 +193.218.41.0/24 +193.218.42.0/24 193.218.43.0/24 -193.218.44.0/20 -193.218.60.0/21 -193.218.68.0/22 +193.218.44.0/22 +193.218.48.0/20 +193.218.64.0/21 193.218.72.0/24 193.218.73.0/24 -193.218.74.0/22 -193.218.78.0/23 +193.218.74.0/24 +193.218.75.0/24 +193.218.76.0/24 +193.218.77.0/24 +193.218.78.0/24 +193.218.79.0/24 193.218.80.0/23 -193.218.84.0/21 -193.218.92.0/23 +193.218.84.0/24 +193.218.85.0/24 +193.218.86.0/24 +193.218.87.0/24 +193.218.88.0/24 +193.218.89.0/24 +193.218.90.0/24 +193.218.91.0/24 +193.218.92.0/24 +193.218.93.0/24 193.218.96.0/23 -193.218.106.0/22 -193.218.110.0/23 +193.218.106.0/24 +193.218.107.0/24 +193.218.108.0/24 +193.218.109.0/24 +193.218.110.0/24 +193.218.111.0/24 193.218.112.0/24 193.218.119.0/24 193.218.121.0/24 @@ -13947,8 +17540,8 @@ 193.218.124.0/23 193.218.203.0/24 193.218.204.0/24 -193.218.223.0/19 -193.218.255.0/24 +193.218.223.0/24 +193.218.224.0/19 193.238.112.0/22 193.239.184.0/23 193.239.214.0/23 @@ -13965,11 +17558,13 @@ 194.29.48.0/22 194.30.192.0/19 194.30.224.0/19 -194.42.50.0/22 +194.42.50.0/23 +194.42.52.0/23 194.42.54.0/24 194.50.42.0/24 194.50.43.0/24 -194.63.160.0/18 +194.63.160.0/19 +194.63.192.0/19 194.63.224.0/20 194.63.240.0/21 194.79.252.0/23 @@ -13982,7 +17577,8 @@ 194.145.127.0/24 194.149.236.0/23 194.150.68.0/22 -194.153.81.0/23 +194.153.81.0/24 +194.153.82.0/24 194.169.232.0/24 194.176.113.0/24 194.177.192.0/19 @@ -14051,8 +17647,8 @@ 212.77.0.0/19 # Country: HUNGARY # ISO Code: HU -# Total Networks: 363 -# Total Subnets: 5,466,880 +# Total Networks: 373 +# Total Subnets: 5,489,664 31.24.16.0/21 31.24.184.0/21 31.46.0.0/16 @@ -14064,6 +17660,9 @@ 37.46.64.0/21 37.76.0.0/17 37.111.0.0/16 +37.143.72.0/21 +37.188.80.0/21 +37.191.0.0/18 46.28.216.0/21 46.29.136.0/21 46.31.176.0/21 @@ -14148,6 +17747,7 @@ 87.242.0.0/18 88.87.224.0/19 88.132.0.0/16 +88.151.56.0/21 88.151.96.0/21 88.209.128.0/18 88.209.192.0/18 @@ -14287,15 +17887,21 @@ 192.153.19.0/24 192.153.116.0/24 192.160.172.0/24 -192.188.242.0/22 -192.188.246.0/23 +192.188.242.0/24 +192.188.243.0/24 +192.188.244.0/24 +192.188.245.0/24 +192.188.246.0/24 +192.188.247.0/24 192.190.173.0/24 193.0.226.0/24 193.6.0.0/16 193.9.26.0/23 -193.9.29.0/23 +193.9.29.0/24 +193.9.30.0/24 193.9.31.0/24 193.9.124.0/22 +193.16.46.0/24 193.17.175.0/24 193.23.138.0/23 193.26.31.0/24 @@ -14418,12 +18024,13 @@ 217.197.176.0/20 # Country: ICELAND # ISO Code: IS -# Total Networks: 68 -# Total Subnets: 810,496 +# Total Networks: 69 +# Total Subnets: 812,544 31.15.112.0/21 31.209.136.0/21 31.209.144.0/20 31.209.192.0/18 +37.152.64.0/21 46.22.96.0/20 46.28.152.0/21 46.149.16.0/20 @@ -14490,8 +18097,8 @@ 217.171.208.0/20 # Country: IRELAND # ISO Code: IE -# Total Networks: 318 -# Total Subnets: 5,954,576 +# Total Networks: 365 +# Total Subnets: 5,963,280 31.7.48.0/21 31.13.24.0/21 31.13.64.0/18 @@ -14506,6 +18113,10 @@ 37.19.96.0/21 37.46.16.0/21 37.110.216.0/21 +37.128.192.0/21 +37.148.248.0/21 +37.203.48.0/21 +37.203.192.0/21 46.7.0.0/16 46.17.32.0/21 46.19.208.0/21 @@ -14689,9 +18300,24 @@ 192.107.110.0/24 192.111.39.0/24 192.122.216.0/24 -192.122.217.0/21 -192.122.225.0/21 -192.122.233.0/23 +192.122.217.0/24 +192.122.218.0/24 +192.122.219.0/24 +192.122.220.0/24 +192.122.221.0/24 +192.122.222.0/24 +192.122.223.0/24 +192.122.224.0/24 +192.122.225.0/24 +192.122.226.0/24 +192.122.227.0/24 +192.122.228.0/24 +192.122.229.0/24 +192.122.230.0/24 +192.122.231.0/24 +192.122.232.0/24 +192.122.233.0/24 +192.122.234.0/24 192.135.225.0/24 192.159.109.0/24 192.159.118.0/24 @@ -14711,10 +18337,36 @@ 193.138.100.0/24 193.138.111.0/24 193.178.0.0/24 -193.178.1.0/20 -193.178.17.0/21 -193.178.25.0/22 -193.178.29.0/23 +193.178.1.0/24 +193.178.2.0/24 +193.178.3.0/24 +193.178.4.0/24 +193.178.5.0/24 +193.178.6.0/24 +193.178.7.0/24 +193.178.8.0/24 +193.178.9.0/24 +193.178.10.0/24 +193.178.11.0/24 +193.178.12.0/24 +193.178.13.0/24 +193.178.14.0/24 +193.178.15.0/24 +193.178.16.0/24 +193.178.17.0/24 +193.178.18.0/24 +193.178.19.0/24 +193.178.20.0/24 +193.178.21.0/24 +193.178.22.0/24 +193.178.23.0/24 +193.178.24.0/24 +193.178.25.0/24 +193.178.26.0/24 +193.178.27.0/24 +193.178.28.0/24 +193.178.29.0/24 +193.178.30.0/24 193.178.31.0/24 193.178.33.0/24 193.178.36.0/22 @@ -14727,7 +18379,8 @@ 193.178.51.0/24 193.178.52.0/24 193.178.53.0/24 -193.178.54.0/22 +193.178.54.0/23 +193.178.56.0/23 193.178.58.0/23 193.178.64.0/19 193.178.96.0/20 @@ -14748,6 +18401,7 @@ 194.0.196.0/24 194.0.226.0/24 194.0.241.0/24 +194.69.198.0/23 194.88.4.0/24 194.88.240.0/23 194.106.128.0/19 @@ -14820,8 +18474,8 @@ 193.105.74.0/24 # Country: ITALY # ISO Code: IT -# Total Networks: 1,601 -# Total Subnets: 50,214,560 +# Total Networks: 1,670 +# Total Subnets: 50,833,824 2.32.0.0/12 2.112.0.0/13 2.156.0.0/14 @@ -14887,6 +18541,16 @@ 37.116.0.0/14 37.123.240.0/21 37.128.136.0/21 +37.130.152.0/21 +37.130.216.0/21 +37.139.88.0/21 +37.148.224.0/21 +37.159.0.0/17 +37.159.128.0/17 +37.176.0.0/13 +37.200.80.0/21 +37.202.16.0/21 +37.203.224.0/20 46.16.88.0/21 46.16.168.0/21 46.17.152.0/21 @@ -15024,7 +18688,10 @@ 78.110.176.0/20 78.134.0.0/17 78.152.96.0/19 -78.159.192.0/19 +78.159.192.0/21 +78.159.200.0/21 +78.159.208.0/21 +78.159.216.0/21 79.0.0.0/10 79.98.0.0/21 79.98.40.0/21 @@ -15054,7 +18721,6 @@ 80.76.80.0/20 80.79.48.0/20 80.82.0.0/20 -80.82.192.0/20 80.83.160.0/20 80.84.96.0/20 80.86.16.0/20 @@ -15234,6 +18900,7 @@ 91.194.142.0/23 91.198.84.0/24 91.199.2.0/24 +91.199.170.0/24 91.199.173.0/24 91.200.128.0/22 91.200.208.0/22 @@ -15288,6 +18955,7 @@ 91.233.180.0/23 91.233.252.0/22 91.235.120.0/23 +91.237.16.0/23 92.39.144.0/20 92.42.80.0/21 92.42.96.0/21 @@ -15628,6 +19296,7 @@ 161.147.0.0/16 163.162.0.0/16 164.132.0.0/16 +164.138.48.0/21 164.142.0.0/16 171.25.191.0/24 176.10.0.0/19 @@ -15906,8 +19575,54 @@ 193.42.13.0/24 193.42.14.0/24 193.42.15.0/24 -193.42.16.0/19 -193.42.48.0/20 +193.42.16.0/24 +193.42.17.0/24 +193.42.18.0/24 +193.42.19.0/24 +193.42.20.0/24 +193.42.21.0/24 +193.42.22.0/24 +193.42.23.0/24 +193.42.24.0/24 +193.42.25.0/24 +193.42.26.0/24 +193.42.27.0/24 +193.42.28.0/24 +193.42.29.0/24 +193.42.30.0/24 +193.42.31.0/24 +193.42.32.0/24 +193.42.33.0/24 +193.42.34.0/24 +193.42.35.0/24 +193.42.36.0/24 +193.42.37.0/24 +193.42.38.0/24 +193.42.39.0/24 +193.42.40.0/24 +193.42.41.0/24 +193.42.42.0/24 +193.42.43.0/24 +193.42.44.0/24 +193.42.45.0/24 +193.42.46.0/24 +193.42.47.0/24 +193.42.48.0/24 +193.42.49.0/24 +193.42.50.0/24 +193.42.51.0/24 +193.42.52.0/24 +193.42.53.0/24 +193.42.54.0/24 +193.42.55.0/24 +193.42.56.0/24 +193.42.57.0/24 +193.42.58.0/24 +193.42.59.0/24 +193.42.60.0/24 +193.42.61.0/24 +193.42.62.0/24 +193.42.63.0/24 193.42.64.0/19 193.42.96.0/19 193.42.128.0/22 @@ -15967,7 +19682,10 @@ 193.43.108.0/24 193.43.109.0/24 193.43.110.0/24 -193.43.111.0/22 +193.43.111.0/24 +193.43.112.0/24 +193.43.113.0/24 +193.43.114.0/24 193.43.115.0/24 193.43.116.0/24 193.43.117.0/24 @@ -16088,7 +19806,8 @@ 194.37.252.0/24 194.41.4.0/22 194.41.9.0/24 -194.42.41.0/23 +194.42.41.0/24 +194.42.42.0/24 194.69.192.0/23 194.79.56.0/22 194.79.192.0/19 @@ -16145,6 +19864,7 @@ 194.242.224.0/19 194.243.0.0/16 194.244.0.0/16 +194.246.0.0/19 194.246.126.0/23 194.247.28.0/23 194.247.56.0/24 @@ -16157,7 +19877,8 @@ 195.31.0.0/16 195.32.0.0/17 195.35.99.0/24 -195.35.104.64/25 +195.35.104.64/26 +195.35.104.128/26 195.35.104.192/26 195.36.0.0/18 195.43.129.0/24 @@ -16169,7 +19890,7 @@ 195.47.251.0/24 195.54.60.0/23 195.60.80.0/26 -195.60.80.64/28 +195.60.80.64/27 195.60.89.128/25 195.60.128.0/19 195.60.190.0/23 @@ -16205,6 +19926,7 @@ 195.130.213.0/24 195.130.220.0/24 195.130.224.0/19 +195.134.176.0/21 195.135.0.0/17 195.135.200.0/22 195.137.128.0/19 @@ -16406,6 +20128,7 @@ 217.169.112.0/20 217.170.224.0/20 217.171.32.0/20 +217.171.64.0/20 217.171.160.0/20 217.172.0.0/20 217.172.192.0/19 @@ -16467,11 +20190,13 @@ 217.26.64.0/20 # Country: LATVIA # ISO Code: LV -# Total Networks: 296 -# Total Subnets: 1,652,672 +# Total Networks: 301 +# Total Subnets: 1,657,280 31.24.192.0/21 31.42.80.0/20 31.170.16.0/21 +37.148.168.0/21 +37.203.32.0/21 46.19.144.0/21 46.19.200.0/21 46.23.32.0/20 @@ -16575,7 +20300,6 @@ 91.216.73.0/24 91.217.153.0/24 91.218.52.0/22 -91.220.0.0/24 91.221.62.0/23 91.223.70.0/24 91.223.165.0/24 @@ -16595,6 +20319,9 @@ 91.231.68.0/24 91.231.76.0/22 91.233.214.0/23 +91.236.188.0/24 +91.237.42.0/24 +91.237.98.0/23 92.49.0.0/18 92.63.80.0/20 92.63.112.0/20 @@ -16676,14 +20403,16 @@ 193.200.224.0/24 193.201.66.0/23 193.201.149.128/26 -193.238.212.0/21 -193.238.220.0/22 +193.238.212.0/22 +193.238.216.0/21 194.0.8.0/24 194.0.207.0/24 194.0.242.0/24 -194.8.1.0/23 -194.8.3.0/24 -194.8.5.0/22 +194.8.1.0/24 +194.8.2.0/23 +194.8.5.0/24 +194.8.6.0/23 +194.8.8.0/24 194.8.9.0/24 194.8.10.0/23 194.8.12.0/23 @@ -16709,7 +20438,6 @@ 194.213.9.0/24 194.213.10.0/24 194.213.100.0/23 -194.247.48.0/24 195.2.96.0/19 195.3.144.0/22 195.5.102.0/23 @@ -16798,14 +20526,15 @@ 217.173.224.0/20 # Country: LITHUANIA # ISO Code: LT -# Total Networks: 172 -# Total Subnets: 2,238,208 +# Total Networks: 177 +# Total Subnets: 2,240,256 31.44.96.0/20 31.135.216.0/21 31.170.160.0/21 31.177.8.0/21 31.193.192.0/21 31.209.64.0/20 +37.157.144.0/21 46.36.64.0/19 46.249.160.0/19 46.251.32.0/19 @@ -16911,11 +20640,15 @@ 193.189.144.0/24 193.200.124.0/23 193.201.32.0/24 -193.219.1.0/22 -193.219.5.0/23 +193.219.1.0/24 +193.219.2.0/23 +193.219.4.0/24 +193.219.5.0/24 +193.219.6.0/24 193.219.7.0/24 193.219.8.0/23 -193.219.10.0/22 +193.219.10.0/23 +193.219.12.0/23 193.219.14.0/24 193.219.32.0/19 193.219.64.0/19 @@ -16974,12 +20707,13 @@ 217.147.32.0/20 # Country: LUXEMBOURG # ISO Code: LU -# Total Networks: 126 -# Total Subnets: 1,297,920 +# Total Networks: 127 +# Total Subnets: 1,299,456 31.22.120.0/21 31.172.144.0/21 31.204.88.0/21 31.216.144.0/21 +37.157.152.0/21 46.17.168.0/21 46.29.176.0/21 62.182.176.0/21 @@ -17046,7 +20780,6 @@ 193.19.112.0/23 193.41.212.0/23 193.91.32.0/20 -193.109.58.0/23 193.109.130.0/23 193.111.52.0/22 193.168.1.0/24 @@ -17062,7 +20795,8 @@ 193.168.46.0/24 193.168.47.0/24 193.168.48.0/23 -193.168.51.0/23 +193.168.51.0/24 +193.168.52.0/24 193.168.53.0/24 193.168.55.0/24 193.168.56.0/23 @@ -17104,8 +20838,8 @@ 217.197.96.0/20 # Country: MACEDONIA, THE FORMER YUGOSLAV REPUBLIC OF # ISO Code: MK -# Total Networks: 61 -# Total Subnets: 653,568 +# Total Networks: 62 +# Total Subnets: 657,664 31.3.88.0/21 31.7.168.0/21 31.11.64.0/18 @@ -17167,10 +20901,11 @@ 213.135.160.0/19 217.16.64.0/20 217.16.80.0/20 +217.196.192.0/20 # Country: MALTA # ISO Code: MT -# Total Networks: 60 -# Total Subnets: 556,288 +# Total Networks: 61 +# Total Subnets: 556,544 37.75.32.0/19 37.114.72.0/21 46.11.0.0/16 @@ -17212,6 +20947,7 @@ 193.110.155.0/24 193.150.126.0/24 193.188.32.0/20 +194.1.247.0/24 194.105.32.0/20 194.106.64.0/19 194.153.85.0/24 @@ -17233,8 +20969,8 @@ 217.168.160.0/20 # Country: MOLDOVA, REPUBLIC OF # ISO Code: MD -# Total Networks: 107 -# Total Subnets: 733,184 +# Total Networks: 108 +# Total Subnets: 733,440 31.31.0.0/19 31.131.0.0/21 37.26.128.0/20 @@ -17331,6 +21067,7 @@ 195.88.226.0/23 195.93.218.0/23 195.138.96.0/19 +195.178.106.0/24 195.206.246.0/23 195.206.252.0/23 195.226.210.0/24 @@ -17389,8 +21126,8 @@ 213.149.96.0/19 # Country: NETHERLANDS # ISO Code: NL -# Total Networks: 2,350 -# Total Subnets: 46,309,640 +# Total Networks: 2,734 +# Total Subnets: 46,375,432 24.132.0.0/17 24.132.128.0/17 31.3.8.0/21 @@ -17458,6 +21195,20 @@ 37.114.88.0/21 37.123.208.0/21 37.128.144.0/21 +37.139.136.0/21 +37.140.232.0/21 +37.143.32.0/21 +37.143.80.0/21 +37.148.128.0/21 +37.148.160.0/21 +37.148.184.0/21 +37.148.192.0/21 +37.148.200.0/21 +37.152.8.0/21 +37.153.192.0/18 +37.188.64.0/20 +37.203.56.0/21 +37.203.216.0/21 46.16.248.0/21 46.17.0.0/21 46.17.8.0/21 @@ -17750,6 +21501,7 @@ 84.53.64.0/18 84.80.0.0/13 84.104.0.0/14 +84.205.64.0/19 84.241.128.0/18 84.241.192.0/18 84.243.192.0/18 @@ -17864,6 +21616,8 @@ 91.195.160.0/23 91.195.200.0/23 91.195.234.0/23 +91.195.236.0/24 +91.195.237.0/24 91.196.104.0/22 91.196.168.0/22 91.197.72.0/22 @@ -17903,6 +21657,7 @@ 91.205.232.0/22 91.206.80.0/23 91.206.136.0/23 +91.206.232.0/23 91.206.246.0/23 91.207.232.0/23 91.208.34.0/24 @@ -18072,6 +21827,15 @@ 91.235.132.0/22 91.235.174.0/24 91.235.237.0/24 +91.236.19.0/24 +91.236.83.0/24 +91.236.189.0/24 +91.236.192.0/24 +91.236.193.0/24 +91.236.194.0/24 +91.236.202.0/23 +91.236.214.0/23 +91.237.43.0/24 92.42.232.0/21 92.48.192.0/18 92.53.248.0/21 @@ -18097,6 +21861,7 @@ 93.174.88.0/21 93.174.104.0/21 93.174.200.0/21 +93.175.144.0/20 93.175.176.0/20 93.180.64.0/21 93.184.96.0/20 @@ -18202,11 +21967,11 @@ 130.89.0.0/16 130.112.0.0/16 130.115.0.0/16 -130.138.0.0/14 -130.142.0.0/15 +130.138.0.0/15 +130.140.0.0/14 130.144.0.0/16 -130.145.0.0/15 -130.147.0.0/16 +130.145.0.0/16 +130.146.0.0/15 130.161.0.0/16 131.155.0.0/16 131.174.0.0/16 @@ -18223,8 +21988,78 @@ 134.98.144.0/20 134.98.160.0/20 134.98.176.0/21 -134.98.184.0/18 -134.98.248.0/21 +134.98.184.0/24 +134.98.185.0/24 +134.98.186.0/24 +134.98.187.0/24 +134.98.188.0/24 +134.98.189.0/24 +134.98.190.0/24 +134.98.191.0/24 +134.98.192.0/24 +134.98.193.0/24 +134.98.194.0/24 +134.98.195.0/24 +134.98.196.0/24 +134.98.197.0/24 +134.98.198.0/24 +134.98.199.0/24 +134.98.200.0/24 +134.98.201.0/24 +134.98.202.0/24 +134.98.203.0/24 +134.98.204.0/24 +134.98.205.0/24 +134.98.206.0/24 +134.98.207.0/24 +134.98.208.0/24 +134.98.209.0/24 +134.98.210.0/24 +134.98.211.0/24 +134.98.212.0/24 +134.98.213.0/24 +134.98.214.0/24 +134.98.215.0/24 +134.98.216.0/24 +134.98.217.0/24 +134.98.218.0/24 +134.98.219.0/24 +134.98.220.0/24 +134.98.221.0/24 +134.98.222.0/24 +134.98.223.0/24 +134.98.224.0/24 +134.98.225.0/24 +134.98.226.0/24 +134.98.227.0/24 +134.98.228.0/24 +134.98.229.0/24 +134.98.230.0/24 +134.98.231.0/24 +134.98.232.0/24 +134.98.233.0/24 +134.98.234.0/24 +134.98.235.0/24 +134.98.236.0/24 +134.98.237.0/24 +134.98.238.0/24 +134.98.239.0/24 +134.98.240.0/24 +134.98.241.0/24 +134.98.242.0/24 +134.98.243.0/24 +134.98.244.0/24 +134.98.245.0/24 +134.98.246.0/24 +134.98.247.0/24 +134.98.248.0/24 +134.98.249.0/24 +134.98.250.0/24 +134.98.251.0/24 +134.98.252.0/24 +134.98.253.0/24 +134.98.254.0/24 +134.98.255.0/24 134.143.0.0/16 134.145.0.0/16 134.146.0.0/16 @@ -18281,11 +22116,87 @@ 145.40.0.0/14 145.44.0.0/16 145.45.0.0/16 -145.46.0.0/14 +145.46.0.0/16 +145.47.0.0/16 +145.48.0.0/16 +145.49.0.0/16 145.50.0.0/16 -145.51.0.0/10 -145.115.0.0/13 -145.123.0.0/14 +145.51.0.0/16 +145.52.0.0/16 +145.53.0.0/16 +145.54.0.0/16 +145.55.0.0/16 +145.56.0.0/16 +145.57.0.0/16 +145.58.0.0/16 +145.59.0.0/16 +145.60.0.0/16 +145.61.0.0/16 +145.62.0.0/16 +145.63.0.0/16 +145.64.0.0/16 +145.65.0.0/16 +145.66.0.0/16 +145.67.0.0/16 +145.68.0.0/16 +145.69.0.0/16 +145.70.0.0/16 +145.71.0.0/16 +145.72.0.0/16 +145.73.0.0/16 +145.74.0.0/16 +145.75.0.0/16 +145.76.0.0/16 +145.77.0.0/16 +145.78.0.0/16 +145.79.0.0/16 +145.80.0.0/16 +145.81.0.0/16 +145.82.0.0/16 +145.83.0.0/16 +145.84.0.0/16 +145.85.0.0/16 +145.86.0.0/16 +145.87.0.0/16 +145.88.0.0/16 +145.89.0.0/16 +145.90.0.0/16 +145.91.0.0/16 +145.92.0.0/16 +145.93.0.0/16 +145.94.0.0/16 +145.95.0.0/16 +145.96.0.0/16 +145.97.0.0/16 +145.98.0.0/16 +145.99.0.0/16 +145.100.0.0/16 +145.101.0.0/16 +145.102.0.0/16 +145.103.0.0/16 +145.104.0.0/16 +145.105.0.0/16 +145.106.0.0/16 +145.107.0.0/16 +145.108.0.0/16 +145.109.0.0/16 +145.110.0.0/16 +145.111.0.0/16 +145.112.0.0/16 +145.113.0.0/16 +145.114.0.0/16 +145.115.0.0/16 +145.116.0.0/16 +145.117.0.0/16 +145.118.0.0/16 +145.119.0.0/16 +145.120.0.0/16 +145.121.0.0/16 +145.122.0.0/16 +145.123.0.0/16 +145.124.0.0/16 +145.125.0.0/16 +145.126.0.0/16 145.127.0.0/16 145.128.0.0/16 145.129.0.0/16 @@ -18409,8 +22320,9 @@ 159.253.0.0/21 159.253.128.0/19 159.255.216.0/21 -161.83.0.0/14 -161.87.0.0/15 +161.83.0.0/16 +161.84.0.0/14 +161.88.0.0/16 161.89.0.0/16 161.90.0.0/16 161.91.0.0/16 @@ -18419,6 +22331,8 @@ 163.165.192.0/18 163.175.0.0/16 164.40.128.0/19 +164.138.24.0/21 +164.138.248.0/21 164.140.0.0/16 165.114.0.0/16 167.81.0.0/16 @@ -18510,8 +22424,11 @@ 192.16.200.0/24 192.16.201.0/24 192.16.202.0/24 -192.26.154.0/20 -192.26.170.0/22 +192.26.154.0/23 +192.26.156.0/22 +192.26.160.0/21 +192.26.168.0/22 +192.26.172.0/23 192.26.237.0/24 192.31.166.0/24 192.31.167.0/24 @@ -18545,8 +22462,12 @@ 192.42.114.0/24 192.42.115.0/24 192.42.116.0/24 -192.42.117.0/22 -192.42.121.0/23 +192.42.117.0/24 +192.42.118.0/24 +192.42.119.0/24 +192.42.120.0/24 +192.42.121.0/24 +192.42.122.0/24 192.42.123.0/24 192.42.124.0/24 192.42.125.0/24 @@ -18563,7 +22484,8 @@ 192.55.105.0/24 192.55.115.0/24 192.55.129.0/24 -192.58.226.0/22 +192.58.226.0/23 +192.58.228.0/23 192.65.51.0/24 192.65.52.0/24 192.65.53.0/24 @@ -18588,8 +22510,26 @@ 192.65.94.0/24 192.67.220.0/24 192.67.221.0/24 -192.68.31.0/20 -192.68.47.0/22 +192.68.31.0/24 +192.68.32.0/24 +192.68.33.0/24 +192.68.34.0/24 +192.68.35.0/24 +192.68.36.0/24 +192.68.37.0/24 +192.68.38.0/24 +192.68.39.0/24 +192.68.40.0/24 +192.68.41.0/24 +192.68.42.0/24 +192.68.43.0/24 +192.68.44.0/24 +192.68.45.0/24 +192.68.46.0/24 +192.68.47.0/24 +192.68.48.0/24 +192.68.49.0/24 +192.68.50.0/24 192.68.182.0/24 192.68.230.0/24 192.68.250.0/24 @@ -18615,17 +22555,45 @@ 192.101.88.0/24 192.101.89.0/24 192.101.90.0/24 -192.101.111.0/22 +192.101.111.0/24 +192.101.112.0/23 +192.101.114.0/24 192.104.55.0/24 192.104.56.0/24 192.104.140.0/24 192.104.142.0/24 192.104.154.0/24 192.113.0.0/16 -192.129.32.0/22 -192.129.36.0/20 -192.129.52.0/21 -192.129.60.0/23 +192.129.32.0/24 +192.129.33.0/24 +192.129.34.0/24 +192.129.35.0/24 +192.129.36.0/24 +192.129.37.0/24 +192.129.38.0/24 +192.129.39.0/24 +192.129.40.0/24 +192.129.41.0/24 +192.129.42.0/24 +192.129.43.0/24 +192.129.44.0/24 +192.129.45.0/24 +192.129.46.0/24 +192.129.47.0/24 +192.129.48.0/24 +192.129.49.0/24 +192.129.50.0/24 +192.129.51.0/24 +192.129.52.0/24 +192.129.53.0/24 +192.129.54.0/24 +192.129.55.0/24 +192.129.56.0/24 +192.129.57.0/24 +192.129.58.0/24 +192.129.59.0/24 +192.129.60.0/24 +192.129.61.0/24 192.133.53.0/24 192.136.23.0/24 192.136.51.0/24 @@ -18643,11 +22611,22 @@ 192.189.73.0/24 192.195.183.0/24 192.207.31.0/24 -193.0.0.0/19 +193.0.0.0/21 +193.0.8.0/21 +193.0.16.0/24 +193.0.17.0/24 +193.0.18.0/24 +193.0.19.0/24 +193.0.20.0/24 +193.0.21.0/24 +193.0.22.0/24 +193.0.23.0/24 +193.0.24.0/21 193.9.23.0/24 193.9.48.0/22 193.9.52.0/23 -193.9.55.0/23 +193.9.55.0/24 +193.9.56.0/24 193.9.57.0/24 193.9.60.0/22 193.9.115.0/24 @@ -18702,7 +22681,8 @@ 193.47.79.0/24 193.47.188.0/24 193.53.23.0/24 -193.53.99.0/23 +193.53.99.0/24 +193.53.100.0/24 193.53.125.0/24 193.58.0.48/29 193.58.204.0/22 @@ -18762,10 +22742,9 @@ 193.111.81.0/24 193.111.172.0/24 193.138.121.0/24 -193.138.156.0/22 193.138.204.0/22 -193.138.220.0/21 -193.138.228.0/22 +193.138.220.0/22 +193.138.224.0/21 193.138.248.0/22 193.141.0.0/16 193.142.215.0/24 @@ -18787,8 +22766,16 @@ 193.176.2.0/24 193.176.4.0/24 193.176.5.0/24 -193.176.6.0/21 -193.176.14.0/23 +193.176.6.0/24 +193.176.7.0/24 +193.176.8.0/24 +193.176.9.0/24 +193.176.10.0/24 +193.176.11.0/24 +193.176.12.0/24 +193.176.13.0/24 +193.176.14.0/24 +193.176.15.0/24 193.176.16.0/20 193.176.32.0/21 193.176.40.0/24 @@ -18823,15 +22810,39 @@ 193.176.144.0/24 193.176.148.0/22 193.176.152.0/24 -193.176.153.0/22 -193.176.157.0/23 -193.176.159.0/20 -193.176.175.0/22 +193.176.153.0/24 +193.176.154.0/24 +193.176.155.0/24 +193.176.156.0/24 +193.176.157.0/24 +193.176.158.0/24 +193.176.159.0/24 +193.176.160.0/24 +193.176.161.0/24 +193.176.162.0/24 +193.176.163.0/24 +193.176.164.0/24 +193.176.165.0/24 +193.176.166.0/24 +193.176.167.0/24 +193.176.168.0/24 +193.176.169.0/24 +193.176.170.0/24 +193.176.171.0/24 +193.176.172.0/24 +193.176.173.0/24 +193.176.174.0/24 +193.176.175.0/24 +193.176.176.0/24 +193.176.177.0/24 +193.176.178.0/24 193.176.179.0/24 193.176.180.0/23 193.176.182.0/24 -193.176.183.0/23 -193.176.185.0/23 +193.176.183.0/24 +193.176.184.0/24 +193.176.185.0/24 +193.176.186.0/24 193.176.187.0/24 193.176.188.0/23 193.176.190.0/24 @@ -18839,8 +22850,8 @@ 193.176.192.0/21 193.176.200.0/22 193.176.204.0/24 -193.176.205.0/23 -193.176.207.0/24 +193.176.205.0/24 +193.176.206.0/23 193.176.208.0/24 193.176.210.0/23 193.176.212.0/24 @@ -18876,11 +22887,68 @@ 193.176.254.0/24 193.176.255.0/24 193.177.0.0/24 -193.177.1.0/19 -193.177.33.0/20 -193.177.49.0/21 -193.177.57.0/22 -193.177.61.0/23 +193.177.1.0/24 +193.177.2.0/24 +193.177.3.0/24 +193.177.4.0/24 +193.177.5.0/24 +193.177.6.0/24 +193.177.7.0/24 +193.177.8.0/24 +193.177.9.0/24 +193.177.10.0/24 +193.177.11.0/24 +193.177.12.0/24 +193.177.13.0/24 +193.177.14.0/24 +193.177.15.0/24 +193.177.16.0/24 +193.177.17.0/24 +193.177.18.0/24 +193.177.19.0/24 +193.177.20.0/24 +193.177.21.0/24 +193.177.22.0/24 +193.177.23.0/24 +193.177.24.0/24 +193.177.25.0/24 +193.177.26.0/24 +193.177.27.0/24 +193.177.28.0/24 +193.177.29.0/24 +193.177.30.0/24 +193.177.31.0/24 +193.177.32.0/24 +193.177.33.0/24 +193.177.34.0/24 +193.177.35.0/24 +193.177.36.0/24 +193.177.37.0/24 +193.177.38.0/24 +193.177.39.0/24 +193.177.40.0/24 +193.177.41.0/24 +193.177.42.0/24 +193.177.43.0/24 +193.177.44.0/24 +193.177.45.0/24 +193.177.46.0/24 +193.177.47.0/24 +193.177.48.0/24 +193.177.49.0/24 +193.177.50.0/24 +193.177.51.0/24 +193.177.52.0/24 +193.177.53.0/24 +193.177.54.0/24 +193.177.55.0/24 +193.177.56.0/24 +193.177.57.0/24 +193.177.58.0/24 +193.177.59.0/24 +193.177.60.0/24 +193.177.61.0/24 +193.177.62.0/24 193.177.63.0/24 193.177.64.0/18 193.177.128.0/21 @@ -18944,7 +23012,8 @@ 193.202.112.0/24 193.202.122.0/24 193.203.220.0/23 -193.203.225.0/23 +193.203.225.0/24 +193.203.226.0/24 193.210.0.0/16 193.219.116.0/24 193.221.114.0/24 @@ -19015,7 +23084,22 @@ 194.13.68.0/22 194.13.72.0/21 194.13.80.0/21 -194.13.88.0/20 +194.13.88.0/24 +194.13.89.0/24 +194.13.90.0/24 +194.13.91.0/24 +194.13.92.0/24 +194.13.93.0/24 +194.13.94.0/24 +194.13.95.0/24 +194.13.96.0/24 +194.13.97.0/24 +194.13.98.0/24 +194.13.99.0/24 +194.13.100.0/24 +194.13.101.0/24 +194.13.102.0/24 +194.13.103.0/24 194.13.104.0/22 194.13.108.0/24 194.13.109.0/24 @@ -19044,12 +23128,18 @@ 194.13.238.0/23 194.13.240.0/20 194.26.0.0/24 -194.26.1.0/22 +194.26.1.0/24 +194.26.2.0/24 +194.26.3.0/24 +194.26.4.0/24 194.26.5.0/24 194.26.6.0/23 194.26.8.0/21 194.26.16.0/24 -194.26.17.0/22 +194.26.17.0/24 +194.26.18.0/24 +194.26.19.0/24 +194.26.20.0/24 194.26.21.0/24 194.26.26.0/24 194.26.27.0/24 @@ -19064,17 +23154,20 @@ 194.26.71.0/24 194.26.72.0/22 194.26.76.0/24 -194.26.77.0/23 +194.26.77.0/24 +194.26.78.0/24 194.26.79.0/24 194.26.80.0/20 194.26.96.0/22 194.26.100.0/24 -194.26.101.0/23 +194.26.101.0/24 +194.26.102.0/24 194.26.103.0/24 194.26.104.0/22 194.26.108.0/24 194.26.109.0/24 -194.26.110.0/22 +194.26.110.0/23 +194.26.112.0/23 194.26.115.0/24 194.26.116.0/24 194.26.118.0/23 @@ -19105,10 +23198,15 @@ 194.30.182.0/24 194.30.188.0/24 194.41.40.0/24 -194.41.53.0/23 +194.41.53.0/24 +194.41.54.0/24 194.41.62.0/24 -194.41.121.0/22 -194.41.125.0/23 +194.41.121.0/24 +194.41.122.0/24 +194.41.123.0/24 +194.41.124.0/24 +194.41.125.0/24 +194.41.126.0/24 194.41.127.0/24 194.42.122.0/23 194.42.208.0/24 @@ -19171,7 +23269,9 @@ 194.53.118.0/23 194.53.120.0/24 194.53.121.0/24 -194.53.122.0/21 +194.53.122.0/23 +194.53.124.0/22 +194.53.128.0/23 194.53.130.0/23 194.53.132.0/23 194.53.134.0/24 @@ -19200,11 +23300,23 @@ 194.79.254.0/23 194.88.2.0/24 194.88.236.0/23 -194.93.101.0/23 +194.93.101.0/24 +194.93.102.0/24 194.104.0.0/24 -194.104.1.0/21 -194.104.9.0/22 -194.104.13.0/23 +194.104.1.0/24 +194.104.2.0/24 +194.104.3.0/24 +194.104.4.0/24 +194.104.5.0/24 +194.104.6.0/24 +194.104.7.0/24 +194.104.8.0/24 +194.104.9.0/24 +194.104.10.0/24 +194.104.11.0/24 +194.104.12.0/24 +194.104.13.0/24 +194.104.14.0/24 194.104.15.0/24 194.104.16.0/22 194.104.20.0/22 @@ -19214,7 +23326,8 @@ 194.104.64.0/20 194.104.80.0/22 194.104.84.0/24 -194.104.85.0/23 +194.104.85.0/24 +194.104.86.0/24 194.104.87.0/24 194.104.88.0/23 194.104.90.0/24 @@ -19427,6 +23540,14 @@ 195.128.186.0/23 195.130.199.0/24 195.130.223.0/24 +195.134.168.0/24 +195.134.169.0/24 +195.134.170.0/24 +195.134.171.0/24 +195.134.172.0/24 +195.134.173.0/24 +195.134.174.0/24 +195.134.175.0/24 195.137.165.0/24 195.137.169.0/24 195.137.214.0/23 @@ -19457,7 +23578,6 @@ 195.190.224.0/19 195.191.0.0/23 195.191.16.0/23 -195.191.102.0/23 195.191.112.0/23 195.191.120.0/23 195.191.150.0/23 @@ -19520,7 +23640,8 @@ 204.79.248.0/22 204.79.253.0/24 204.79.254.0/23 -204.231.225.0/23 +204.231.225.0/24 +204.231.226.0/24 212.0.224.0/19 212.1.0.0/19 212.1.160.0/19 @@ -19743,8 +23864,8 @@ 217.198.16.0/20 # Country: NORWAY # ISO Code: NO -# Total Networks: 857 -# Total Subnets: 15,164,336 +# Total Networks: 877 +# Total Subnets: 15,259,312 2.148.0.0/14 31.24.128.0/21 31.25.216.0/21 @@ -19758,6 +23879,11 @@ 37.28.128.0/21 37.32.48.0/21 37.44.128.0/18 +37.148.144.0/21 +37.191.128.0/17 +37.200.0.0/18 +37.202.24.0/21 +37.202.56.0/21 46.9.0.0/16 46.15.0.0/16 46.16.48.0/21 @@ -19812,6 +23938,7 @@ 77.222.160.0/19 77.222.192.0/19 77.223.160.0/19 +77.234.48.0/21 77.241.96.0/20 77.247.144.0/20 78.24.88.0/21 @@ -19992,6 +24119,8 @@ 91.232.83.0/24 91.233.14.0/24 91.235.60.0/22 +91.237.34.0/23 +91.237.78.0/24 92.42.64.0/21 92.43.8.0/21 92.62.32.0/20 @@ -20063,7 +24192,11 @@ 138.62.0.0/16 138.124.0.0/16 139.98.0.0/16 -139.105.0.0/12 +139.105.0.0/16 +139.106.0.0/15 +139.108.0.0/14 +139.112.0.0/13 +139.120.0.0/16 139.145.0.0/16 139.164.0.0/16 141.0.8.0/21 @@ -20142,6 +24275,8 @@ 176.11.0.0/16 176.74.208.0/21 176.75.0.0/16 +176.110.0.0/17 +176.111.192.0/20 176.221.88.0/21 176.241.232.0/21 178.16.64.0/20 @@ -20171,7 +24306,10 @@ 188.151.0.0/16 192.42.65.0/24 192.51.0.0/20 -192.68.76.0/19 +192.68.76.0/22 +192.68.80.0/20 +192.68.96.0/21 +192.68.104.0/22 192.81.109.0/24 192.84.32.0/24 192.84.33.0/24 @@ -20193,7 +24331,9 @@ 192.135.46.0/24 192.135.143.0/24 192.135.253.0/24 -192.138.105.0/22 +192.138.105.0/24 +192.138.106.0/23 +192.138.108.0/24 192.138.155.0/24 192.146.163.0/24 192.146.164.0/24 @@ -20284,8 +24424,8 @@ 193.150.121.0/24 193.156.0.0/16 193.157.0.0/16 -193.160.1.0/23 -193.160.3.0/24 +193.160.1.0/24 +193.160.2.0/23 193.160.4.0/22 193.160.8.0/24 193.160.9.0/24 @@ -20301,7 +24441,8 @@ 193.160.29.0/24 193.160.30.0/23 193.160.32.0/24 -193.160.34.0/22 +193.160.34.0/23 +193.160.36.0/23 193.160.38.0/24 193.160.40.0/21 193.160.48.0/21 @@ -20604,8 +24745,8 @@ 217.199.48.0/20 # Country: POLAND # ISO Code: PL -# Total Networks: 2,686 -# Total Subnets: 19,277,544 +# Total Networks: 2,763 +# Total Subnets: 19,421,672 31.0.0.0/16 31.1.0.0/16 31.2.0.0/17 @@ -20672,6 +24813,15 @@ 37.128.0.0/17 37.128.152.0/21 37.128.160.0/21 +37.130.0.0/18 +37.131.128.0/19 +37.131.160.0/20 +37.139.72.0/21 +37.139.144.0/21 +37.152.16.0/20 +37.157.200.0/21 +37.190.128.0/17 +37.202.32.0/20 46.17.112.0/21 46.20.48.0/20 46.21.144.0/20 @@ -20925,6 +25075,7 @@ 83.230.0.0/17 83.238.0.0/16 83.242.64.0/19 +83.242.112.0/20 83.243.32.0/21 83.243.104.0/21 84.10.0.0/16 @@ -21482,6 +25633,7 @@ 91.223.78.0/24 91.223.81.0/24 91.223.83.0/24 +91.223.119.0/24 91.223.130.0/24 91.223.134.0/24 91.223.135.0/24 @@ -21749,6 +25901,48 @@ 91.235.222.0/23 91.235.228.0/23 91.235.230.0/24 +91.235.231.0/24 +91.235.238.0/23 +91.235.252.0/22 +91.236.0.0/24 +91.236.4.0/22 +91.236.8.0/23 +91.236.13.0/24 +91.236.20.0/23 +91.236.32.0/22 +91.236.52.0/22 +91.236.57.0/24 +91.236.72.0/23 +91.236.74.0/23 +91.236.84.0/22 +91.236.105.0/24 +91.236.125.0/24 +91.236.128.0/22 +91.236.132.0/23 +91.236.163.0/24 +91.236.172.0/22 +91.236.229.0/24 +91.236.232.0/24 +91.236.233.0/24 +91.237.18.0/23 +91.237.36.0/24 +91.237.52.0/24 +91.237.60.0/22 +91.237.68.0/22 +91.237.72.0/23 +91.237.77.0/24 +91.237.79.0/24 +91.237.80.0/23 +91.237.84.0/23 +91.237.86.0/24 +91.237.112.0/23 +91.237.118.0/24 +91.237.136.0/23 +91.237.138.0/23 +91.237.149.0/24 +91.237.154.0/23 +91.237.156.0/22 +91.237.160.0/23 92.42.112.0/21 92.43.112.0/21 92.43.144.0/21 @@ -21826,8 +26020,8 @@ 95.174.32.0/19 95.175.0.0/19 95.178.0.0/17 -95.215.20.0/21 -95.215.28.0/22 +95.215.20.0/22 +95.215.24.0/21 95.215.52.0/22 95.215.192.0/21 95.215.232.0/22 @@ -21948,6 +26142,18 @@ 176.107.112.0/21 176.107.168.0/21 176.108.128.0/21 +176.109.48.0/21 +176.109.128.0/21 +176.109.160.0/22 +176.109.164.0/22 +176.110.144.0/20 +176.111.16.0/20 +176.111.112.0/21 +176.111.120.0/21 +176.111.128.0/19 +176.111.224.0/20 +176.112.72.0/21 +176.112.112.0/21 176.221.96.0/19 176.227.160.0/21 176.241.72.0/21 @@ -22396,7 +26602,8 @@ 193.151.96.0/22 193.151.100.0/22 193.151.112.0/22 -193.164.1.0/23 +193.164.1.0/24 +193.164.2.0/24 193.164.3.0/24 193.164.4.0/23 193.164.6.0/24 @@ -22549,13 +26756,18 @@ 194.1.196.0/24 194.1.199.0/24 194.1.201.0/24 +194.1.217.0/24 194.1.246.0/24 +194.1.252.0/24 +194.1.253.0/24 +194.1.254.0/24 194.6.204.0/22 194.6.241.0/24 194.6.245.0/24 194.6.246.0/24 194.8.14.0/24 -194.8.45.0/23 +194.8.45.0/24 +194.8.46.0/24 194.8.66.0/23 194.8.68.0/23 194.9.16.0/23 @@ -22605,6 +26817,7 @@ 194.34.198.0/24 194.36.165.0/24 194.36.168.0/24 +194.41.12.0/22 194.42.40.0/24 194.42.110.0/23 194.42.116.0/23 @@ -22622,6 +26835,9 @@ 194.50.110.0/24 194.50.117.0/24 194.50.123.0/24 +194.50.132.0/22 +194.50.155.0/24 +194.50.156.0/22 194.50.180.0/24 194.50.186.0/24 194.50.214.0/24 @@ -22710,6 +26926,7 @@ 194.146.216.0/22 194.146.248.0/22 194.146.252.0/22 +194.147.108.0/24 194.149.88.0/24 194.149.228.0/22 194.149.240.0/24 @@ -22857,6 +27074,7 @@ 195.43.142.0/24 195.43.143.0/24 195.43.156.0/24 +195.46.36.0/23 195.46.40.0/22 195.47.201.0/24 195.47.203.0/24 @@ -23035,7 +27253,6 @@ 195.182.9.0/24 195.182.14.0/24 195.182.19.0/24 -195.182.20.0/24 195.182.23.0/24 195.182.34.0/24 195.182.35.0/24 @@ -23194,6 +27411,7 @@ 212.106.0.0/19 212.106.128.0/18 212.109.128.0/19 +212.109.160.0/21 212.122.192.0/19 212.126.0.0/19 212.127.64.0/19 @@ -23294,11 +27512,12 @@ 217.197.160.0/20 # Country: PORTUGAL # ISO Code: PT -# Total Networks: 283 -# Total Subnets: 5,765,472 +# Total Networks: 290 +# Total Subnets: 5,833,504 2.80.0.0/14 31.22.128.0/17 37.28.192.0/18 +37.189.0.0/16 46.50.0.0/17 46.182.32.0/21 46.189.128.0/17 @@ -23356,6 +27575,7 @@ 91.216.117.0/24 91.227.100.0/24 91.230.40.0/24 +91.231.216.0/23 92.250.0.0/17 93.94.56.0/21 93.102.0.0/16 @@ -23383,6 +27603,7 @@ 176.61.144.0/21 176.78.0.0/16 176.79.0.0/16 +176.111.104.0/21 176.221.32.0/21 178.20.208.0/21 178.132.248.0/21 @@ -23452,7 +27673,10 @@ 192.112.31.0/24 192.112.32.0/24 192.112.45.0/24 -192.122.238.0/22 +192.122.238.0/24 +192.122.239.0/24 +192.122.240.0/24 +192.122.241.0/24 192.122.242.0/24 192.132.53.0/24 192.132.55.0/24 @@ -23497,7 +27721,6 @@ 193.37.153.0/24 193.41.114.0/23 193.53.22.0/24 -193.58.0.64/26 193.104.52.0/24 193.109.93.0/24 193.111.42.0/24 @@ -23530,7 +27753,9 @@ 194.117.0.0/19 194.117.32.0/20 194.117.48.0/23 -194.145.59.0/22 +194.145.59.0/24 +194.145.60.0/23 +194.145.62.0/24 194.145.121.0/24 194.153.132.0/24 194.169.125.0/24 @@ -23581,8 +27806,8 @@ 217.168.112.0/20 # Country: ROMANIA # ISO Code: RO -# Total Networks: 1,192 -# Total Subnets: 12,299,008 +# Total Networks: 1,225 +# Total Subnets: 12,582,656 31.2.128.0/17 31.11.40.0/21 31.14.0.0/16 @@ -23616,6 +27841,14 @@ 37.60.224.0/19 37.97.0.0/16 37.120.0.0/16 +37.128.224.0/20 +37.129.0.0/16 +37.143.160.0/20 +37.143.192.0/18 +37.148.0.0/17 +37.153.128.0/18 +37.156.0.0/16 +37.202.128.0/17 46.19.104.0/21 46.20.128.0/20 46.34.192.0/19 @@ -23848,7 +28081,6 @@ 91.212.191.0/24 91.212.192.0/24 91.212.227.0/24 -91.212.229.0/24 91.212.254.0/24 91.213.11.0/24 91.213.16.0/24 @@ -24025,6 +28257,24 @@ 91.235.130.0/23 91.235.165.0/24 91.235.166.0/23 +91.236.46.0/23 +91.236.58.0/24 +91.236.76.0/23 +91.236.79.0/24 +91.236.88.0/22 +91.236.148.0/22 +91.236.170.0/24 +91.236.216.0/22 +91.236.223.0/24 +91.236.228.0/24 +91.236.230.0/23 +91.236.237.0/24 +91.236.240.0/22 +91.237.44.0/22 +91.237.48.0/23 +91.237.91.0/24 +91.237.92.0/23 +91.237.130.0/23 92.55.128.0/18 92.80.0.0/13 92.114.0.0/16 @@ -24088,6 +28338,7 @@ 146.158.128.0/17 149.210.128.0/17 151.0.128.0/17 +164.138.128.0/18 171.25.223.0/24 176.96.48.0/20 176.96.88.0/21 @@ -24108,6 +28359,13 @@ 176.107.8.0/21 176.107.64.0/21 176.107.72.0/21 +176.110.216.0/21 +176.111.0.0/21 +176.111.160.0/21 +176.111.168.0/21 +176.112.80.0/21 +176.113.40.0/21 +176.113.64.0/19 176.222.64.0/18 176.223.0.0/16 178.21.120.0/21 @@ -24298,7 +28556,6 @@ 193.169.6.0/23 193.169.8.0/23 193.169.20.0/23 -193.169.50.0/23 193.169.136.0/23 193.169.142.0/23 193.169.144.0/23 @@ -24466,6 +28723,7 @@ 194.106.204.0/23 194.106.212.0/23 194.107.112.0/24 +194.107.122.0/24 194.110.68.0/24 194.110.74.0/24 194.110.212.0/24 @@ -24621,7 +28879,6 @@ 195.93.136.0/23 195.93.140.0/23 195.93.176.0/23 -195.93.198.0/23 195.95.128.0/24 195.95.145.0/24 195.95.152.0/24 @@ -24661,6 +28918,7 @@ 195.170.190.0/24 195.177.224.0/23 195.178.102.0/23 +195.178.107.0/24 195.178.110.0/23 195.178.120.0/23 195.178.124.0/23 @@ -24777,8 +29035,8 @@ 217.156.0.0/17 # Country: RUSSIAN FEDERATION # ISO Code: RU -# Total Networks: 5,781 -# Total Subnets: 41,796,904 +# Total Networks: 5,898 +# Total Subnets: 42,728,480 2.57.0.0/16 2.60.0.0/14 2.92.0.0/14 @@ -24988,6 +29246,35 @@ 37.114.16.0/20 37.122.0.0/17 37.123.216.0/21 +37.130.192.0/21 +37.131.192.0/19 +37.139.0.0/19 +37.139.32.0/19 +37.139.80.0/21 +37.139.192.0/18 +37.140.0.0/17 +37.140.128.0/18 +37.140.192.0/21 +37.143.8.0/21 +37.143.16.0/20 +37.143.96.0/20 +37.144.0.0/14 +37.153.0.0/18 +37.153.64.0/21 +37.157.16.0/21 +37.157.24.0/21 +37.157.232.0/21 +37.188.0.0/18 +37.190.0.0/17 +37.192.0.0/14 +37.200.64.0/21 +37.200.72.0/21 +37.200.88.0/21 +37.200.120.0/21 +37.202.8.0/21 +37.203.200.0/21 +37.203.240.0/21 +37.204.0.0/16 46.0.0.0/16 46.3.0.0/16 46.8.0.0/16 @@ -26307,6 +30594,7 @@ 91.189.240.0/21 91.190.64.0/19 91.190.112.0/20 +91.190.176.0/21 91.190.232.0/21 91.191.176.0/20 91.191.224.0/19 @@ -26324,7 +30612,6 @@ 91.192.244.0/22 91.193.36.0/22 91.193.58.0/23 -91.193.72.0/22 91.193.88.0/23 91.193.110.0/23 91.193.140.0/22 @@ -26488,7 +30775,6 @@ 91.199.223.0/24 91.199.224.0/24 91.199.229.0/24 -91.199.230.0/24 91.199.232.0/24 91.199.244.0/24 91.199.248.0/24 @@ -26879,7 +31165,6 @@ 91.213.196.0/24 91.213.220.0/24 91.213.223.0/24 -91.213.225.0/24 91.213.240.0/24 91.213.243.0/24 91.213.247.0/24 @@ -27058,7 +31343,6 @@ 91.220.31.0/24 91.220.33.0/24 91.220.38.0/24 -91.220.43.0/24 91.220.46.0/24 91.220.57.0/24 91.220.62.0/24 @@ -27507,6 +31791,7 @@ 91.233.61.0/24 91.233.63.0/24 91.233.64.0/24 +91.233.65.0/24 91.233.66.0/23 91.233.82.0/24 91.233.88.0/24 @@ -27589,6 +31874,53 @@ 91.235.213.0/24 91.235.221.0/24 91.235.233.0/24 +91.235.244.0/22 +91.236.2.0/23 +91.236.12.0/24 +91.236.14.0/23 +91.236.22.0/23 +91.236.24.0/24 +91.236.30.0/23 +91.236.48.0/22 +91.236.60.0/22 +91.236.80.0/23 +91.236.92.0/22 +91.236.100.0/22 +91.236.104.0/24 +91.236.108.0/22 +91.236.112.0/23 +91.236.124.0/24 +91.236.140.0/22 +91.236.154.0/23 +91.236.164.0/22 +91.236.176.0/22 +91.236.180.0/23 +91.236.183.0/24 +91.236.184.0/23 +91.236.195.0/24 +91.236.196.0/22 +91.236.200.0/24 +91.236.201.0/24 +91.236.204.0/23 +91.236.220.0/24 +91.236.234.0/23 +91.236.246.0/23 +91.236.252.0/23 +91.237.20.0/24 +91.237.32.0/24 +91.237.37.0/24 +91.237.53.0/24 +91.237.54.0/23 +91.237.76.0/24 +91.237.82.0/23 +91.237.94.0/24 +91.237.97.0/24 +91.237.104.0/23 +91.237.144.0/22 +91.237.148.0/24 +91.237.150.0/24 +91.237.153.0/24 +91.237.162.0/23 92.36.0.0/17 92.37.128.0/17 92.38.128.0/17 @@ -28315,6 +32647,7 @@ 130.255.8.0/21 130.255.32.0/19 130.255.80.0/21 +131.117.216.0/21 134.0.96.0/20 134.0.112.0/21 134.19.128.0/21 @@ -28380,6 +32713,9 @@ 159.255.0.0/19 159.255.64.0/18 161.8.0.0/16 +164.138.0.0/20 +164.138.32.0/21 +164.138.88.0/21 164.177.176.0/21 164.215.48.0/21 164.215.64.0/20 @@ -28484,6 +32820,28 @@ 176.108.192.0/19 176.108.240.0/20 176.109.0.0/21 +176.109.16.0/20 +176.109.32.0/20 +176.109.64.0/18 +176.110.128.0/20 +176.110.160.0/19 +176.110.192.0/20 +176.110.208.0/21 +176.110.224.0/19 +176.111.8.0/21 +176.111.64.0/21 +176.111.72.0/21 +176.111.96.0/21 +176.111.208.0/21 +176.111.248.0/21 +176.112.32.0/19 +176.112.64.0/21 +176.112.88.0/21 +176.112.96.0/20 +176.112.160.0/20 +176.112.192.0/19 +176.113.0.0/19 +176.113.32.0/21 176.192.0.0/14 176.196.0.0/16 176.197.0.0/16 @@ -28972,7 +33330,6 @@ 193.47.146.0/24 193.47.148.0/24 193.47.154.0/24 -193.58.0.40/29 193.58.237.0/24 193.58.251.0/24 193.84.8.0/24 @@ -29224,7 +33581,8 @@ 193.193.186.0/23 193.194.96.0/22 193.194.100.0/23 -193.194.153.0/23 +193.194.153.0/24 +193.194.154.0/24 193.200.10.0/24 193.200.18.0/24 193.200.21.0/24 @@ -29263,7 +33621,6 @@ 193.203.202.0/23 193.218.136.0/22 193.218.140.0/22 -193.218.176.0/22 193.218.180.0/22 193.219.101.0/24 193.219.104.0/24 @@ -29281,6 +33638,7 @@ 193.227.240.0/23 193.227.252.0/23 193.228.142.0/24 +193.228.158.0/24 193.228.159.0/24 193.232.0.0/16 193.233.0.0/17 @@ -29317,9 +33675,18 @@ 194.0.231.0/24 194.0.245.0/24 194.1.152.0/24 +194.1.156.0/24 194.1.161.0/24 +194.1.168.0/24 +194.1.170.0/23 194.1.184.0/24 194.1.198.0/24 +194.1.213.0/24 +194.1.214.0/24 +194.1.232.0/22 +194.1.236.0/22 +194.1.240.0/22 +194.1.248.0/22 194.6.196.0/22 194.6.216.0/22 194.6.220.0/22 @@ -29386,6 +33753,13 @@ 194.50.103.0/24 194.50.104.0/24 194.50.120.0/24 +194.50.128.0/22 +194.50.139.0/24 +194.50.141.0/24 +194.50.142.0/23 +194.50.148.0/23 +194.50.150.0/24 +194.50.152.0/24 194.50.255.0/24 194.54.12.0/22 194.54.64.0/22 @@ -29403,7 +33777,6 @@ 194.60.247.0/24 194.60.248.0/23 194.62.0.0/24 -194.62.233.0/24 194.63.140.0/22 194.63.144.0/22 194.63.156.0/22 @@ -29672,6 +34045,7 @@ 195.43.135.0/24 195.43.144.0/24 195.43.147.0/24 +195.46.39.0/24 195.46.96.0/19 195.46.160.0/19 195.47.192.0/24 @@ -30000,7 +34374,6 @@ 195.200.248.0/23 195.201.0.0/16 195.206.32.0/19 -195.206.120.0/22 195.206.224.0/23 195.206.226.0/23 195.206.230.0/23 @@ -30102,6 +34475,7 @@ 195.245.205.0/24 195.245.206.0/24 195.245.211.0/24 +195.245.214.0/24 195.245.232.0/24 195.245.246.0/24 195.245.249.0/24 @@ -30214,6 +34588,7 @@ 212.107.224.0/19 212.108.96.0/19 212.109.0.0/19 +212.109.168.0/21 212.109.192.0/19 212.111.64.0/19 212.113.96.0/19 @@ -30573,8 +34948,8 @@ 194.183.64.0/19 # Country: SERBIA # ISO Code: RS -# Total Networks: 183 -# Total Subnets: 2,016,000 +# Total Networks: 185 +# Total Subnets: 2,022,144 37.18.184.0/21 37.19.104.0/21 37.35.8.0/21 @@ -30611,6 +34986,7 @@ 82.117.192.0/19 82.208.192.0/18 83.136.176.0/21 +85.202.112.0/20 85.222.128.0/17 87.116.128.0/18 87.237.200.0/21 @@ -30695,6 +35071,7 @@ 176.104.104.0/21 176.106.120.0/21 176.108.32.0/20 +176.109.136.0/21 176.221.72.0/21 178.17.16.0/20 178.20.160.0/21 @@ -30760,8 +35137,8 @@ 217.169.208.0/20 # Country: SLOVAKIA # ISO Code: SK -# Total Networks: 264 -# Total Subnets: 2,545,152 +# Total Networks: 253 +# Total Subnets: 2,554,624 31.3.32.0/19 31.24.176.0/21 31.130.160.0/21 @@ -30771,6 +35148,7 @@ 37.9.168.0/21 37.58.0.0/20 37.61.160.0/20 +37.152.96.0/19 46.18.144.0/21 46.29.0.0/21 46.34.224.0/19 @@ -30855,6 +35233,9 @@ 91.233.248.0/24 91.234.179.0/24 91.235.52.0/22 +91.236.64.0/22 +91.236.68.0/22 +91.236.82.0/24 92.52.0.0/18 92.60.48.0/20 92.240.224.0/19 @@ -30894,6 +35275,7 @@ 176.102.96.0/20 176.102.112.0/21 176.107.16.0/20 +176.112.176.0/20 178.18.64.0/20 178.23.88.0/21 178.40.0.0/16 @@ -30927,15 +35309,13 @@ 193.218.7.0/24 194.1.0.0/17 194.1.128.0/20 -194.1.156.0/24 194.1.157.0/24 -194.1.171.0/24 194.1.172.0/22 194.1.185.0/24 194.1.186.0/23 194.1.191.0/24 -194.1.214.0/24 -194.1.215.0/23 +194.1.215.0/24 +194.1.216.0/24 194.1.218.0/24 194.1.222.0/23 194.1.224.0/24 @@ -30946,21 +35326,7 @@ 194.1.229.0/24 194.1.230.0/24 194.1.231.0/24 -194.1.234.0/23 -194.1.236.0/24 -194.1.237.0/24 -194.1.238.0/23 -194.1.240.0/24 -194.1.241.0/24 -194.1.242.0/23 194.1.244.0/24 -194.1.248.0/24 -194.1.249.0/24 -194.1.250.0/24 -194.1.251.0/24 -194.1.252.0/24 -194.1.253.0/24 -194.1.254.0/24 194.8.238.0/23 194.30.187.0/24 194.88.194.0/23 @@ -31028,8 +35394,8 @@ 217.172.144.0/20 # Country: SLOVENIA # ISO Code: SI -# Total Networks: 357 -# Total Subnets: 2,522,240 +# Total Networks: 364 +# Total Subnets: 2,525,056 31.7.192.0/19 31.15.128.0/17 37.18.224.0/20 @@ -31170,6 +35536,10 @@ 91.232.239.0/24 91.233.163.0/24 91.235.82.0/24 +91.235.242.0/24 +91.236.1.0/24 +91.237.33.0/24 +91.237.132.0/22 92.37.0.0/17 92.53.128.0/18 92.63.16.0/20 @@ -31303,6 +35673,8 @@ 194.8.94.0/23 194.28.108.0/22 194.39.85.0/24 +194.50.136.0/23 +194.50.138.0/24 194.50.166.0/24 194.59.182.0/24 194.59.185.0/24 @@ -31352,6 +35724,7 @@ 195.182.61.0/24 195.190.129.0/24 195.190.158.0/24 +195.200.200.0/24 195.210.192.0/18 195.216.253.0/24 195.225.50.0/24 @@ -31389,8 +35762,8 @@ 217.72.80.0/20 # Country: SPAIN # ISO Code: ES -# Total Networks: 893 -# Total Subnets: 28,030,080 +# Total Networks: 911 +# Total Subnets: 28,388,992 2.136.0.0/13 2.152.0.0/14 31.3.112.0/21 @@ -31438,6 +35811,17 @@ 37.61.248.0/21 37.72.0.0/19 37.128.168.0/21 +37.130.144.0/21 +37.130.208.0/21 +37.132.0.0/14 +37.139.120.0/21 +37.139.128.0/21 +37.143.120.0/21 +37.152.80.0/21 +37.152.88.0/21 +37.152.128.0/19 +37.153.88.0/21 +37.158.0.0/16 46.6.0.0/16 46.16.56.0/21 46.17.136.0/21 @@ -31528,6 +35912,7 @@ 78.136.64.0/18 78.141.192.0/18 79.98.64.0/21 +79.98.216.0/21 79.99.208.0/21 79.108.0.0/16 79.109.0.0/16 @@ -31740,6 +36125,7 @@ 91.235.40.0/23 91.235.48.0/22 91.235.108.0/22 +91.236.59.0/24 92.43.16.0/21 92.43.224.0/21 92.53.192.0/19 @@ -31871,6 +36257,8 @@ 161.111.0.0/16 161.116.0.0/16 163.117.0.0/16 +164.138.200.0/21 +164.138.208.0/21 176.10.64.0/20 176.12.80.0/21 176.28.88.0/21 @@ -31954,10 +36342,10 @@ 192.146.172.0/24 192.146.187.0/24 192.148.167.0/24 -192.148.201.0/21 -192.148.209.0/22 -192.148.213.0/23 -192.148.215.0/24 +192.148.201.0/24 +192.148.202.0/23 +192.148.204.0/22 +192.148.208.0/21 192.157.8.0/24 192.159.84.0/24 192.159.85.0/24 @@ -31966,7 +36354,9 @@ 192.162.24.0/22 192.187.16.0/24 192.187.17.0/24 -192.187.18.0/21 +192.187.18.0/23 +192.187.20.0/22 +192.187.24.0/23 193.0.241.0/24 193.17.66.0/24 193.22.119.0/24 @@ -32044,6 +36434,7 @@ 193.150.16.0/22 193.152.0.0/16 193.153.0.0/16 +193.200.7.0/24 193.200.194.0/24 193.203.118.0/23 193.203.200.0/23 @@ -32290,8 +36681,8 @@ # Total Subnets: 0 # Country: SWEDEN # ISO Code: SE -# Total Networks: 1,389 -# Total Subnets: 30,099,368 +# Total Networks: 1,658 +# Total Subnets: 30,365,096 2.64.0.0/13 2.248.0.0/13 31.3.152.0/21 @@ -32332,6 +36723,11 @@ 37.122.144.0/21 37.123.128.0/18 37.123.224.0/21 +37.139.152.0/21 +37.140.216.0/21 +37.152.56.0/21 +37.196.0.0/14 +37.203.208.0/21 46.16.232.0/21 46.17.184.0/21 46.21.96.0/20 @@ -32568,6 +36964,7 @@ 87.96.128.0/17 87.99.128.0/17 87.227.0.0/17 +87.236.88.0/21 87.237.152.0/21 87.237.208.0/21 87.241.64.0/18 @@ -32725,6 +37122,16 @@ 91.234.192.0/24 91.234.240.0/24 91.235.168.0/24 +91.236.29.0/24 +91.236.116.0/24 +91.236.207.0/24 +91.236.208.0/23 +91.236.212.0/24 +91.237.66.0/23 +91.237.90.0/24 +91.237.95.0/24 +91.237.106.0/24 +91.237.140.0/23 92.32.0.0/14 92.39.0.0/20 92.39.32.0/20 @@ -32810,6 +37217,7 @@ 131.97.0.0/16 131.115.0.0/16 131.116.0.0/16 +131.117.176.0/21 131.205.0.0/16 132.196.0.0/16 134.25.0.0/16 @@ -32826,7 +37234,10 @@ 138.103.0.0/16 138.106.0.0/16 138.215.0.0/16 -138.221.0.0/13 +138.221.0.0/16 +138.222.0.0/15 +138.224.0.0/14 +138.228.0.0/16 138.233.0.0/16 139.58.0.0/16 139.96.0.0/16 @@ -32836,8 +37247,9 @@ 140.166.0.0/16 141.81.0.0/16 141.137.0.0/16 -141.143.0.0/14 -141.147.0.0/15 +141.143.0.0/16 +141.144.0.0/14 +141.148.0.0/16 141.255.184.0/21 143.47.0.0/16 143.118.0.0/16 @@ -32988,8 +37400,9 @@ 192.34.107.0/24 192.35.247.0/24 192.36.0.0/16 -192.43.162.0/21 -192.43.170.0/23 +192.43.162.0/23 +192.43.164.0/22 +192.43.168.0/22 192.44.240.0/24 192.44.241.0/24 192.44.242.0/24 @@ -33029,21 +37442,102 @@ 192.91.232.0/24 192.91.233.0/24 192.107.187.0/24 -192.108.107.0/23 -192.108.195.0/20 -192.108.211.0/22 +192.108.107.0/24 +192.108.108.0/24 +192.108.195.0/24 +192.108.196.0/24 +192.108.197.0/24 +192.108.198.0/24 +192.108.199.0/24 +192.108.200.0/24 +192.108.201.0/24 +192.108.202.0/24 +192.108.203.0/24 +192.108.204.0/24 +192.108.205.0/24 +192.108.206.0/24 +192.108.207.0/24 +192.108.208.0/24 +192.108.209.0/24 +192.108.210.0/24 +192.108.211.0/24 +192.108.212.0/24 +192.108.213.0/24 +192.108.214.0/24 192.112.206.0/24 192.121.0.0/16 -192.131.25.0/23 +192.131.25.0/24 +192.131.26.0/24 192.133.121.0/24 192.135.82.0/24 -192.138.109.0/21 -192.138.117.0/24 -192.148.33.0/19 -192.148.65.0/20 -192.148.81.0/21 -192.148.89.0/22 -192.149.29.0/22 +192.138.109.0/24 +192.138.110.0/23 +192.138.112.0/22 +192.138.116.0/23 +192.148.33.0/24 +192.148.34.0/24 +192.148.35.0/24 +192.148.36.0/24 +192.148.37.0/24 +192.148.38.0/24 +192.148.39.0/24 +192.148.40.0/24 +192.148.41.0/24 +192.148.42.0/24 +192.148.43.0/24 +192.148.44.0/24 +192.148.45.0/24 +192.148.46.0/24 +192.148.47.0/24 +192.148.48.0/24 +192.148.49.0/24 +192.148.50.0/24 +192.148.51.0/24 +192.148.52.0/24 +192.148.53.0/24 +192.148.54.0/24 +192.148.55.0/24 +192.148.56.0/24 +192.148.57.0/24 +192.148.58.0/24 +192.148.59.0/24 +192.148.60.0/24 +192.148.61.0/24 +192.148.62.0/24 +192.148.63.0/24 +192.148.64.0/24 +192.148.65.0/24 +192.148.66.0/24 +192.148.67.0/24 +192.148.68.0/24 +192.148.69.0/24 +192.148.70.0/24 +192.148.71.0/24 +192.148.72.0/24 +192.148.73.0/24 +192.148.74.0/24 +192.148.75.0/24 +192.148.76.0/24 +192.148.77.0/24 +192.148.78.0/24 +192.148.79.0/24 +192.148.80.0/24 +192.148.81.0/24 +192.148.82.0/24 +192.148.83.0/24 +192.148.84.0/24 +192.148.85.0/24 +192.148.86.0/24 +192.148.87.0/24 +192.148.88.0/24 +192.148.89.0/24 +192.148.90.0/24 +192.148.91.0/24 +192.148.92.0/24 +192.149.29.0/24 +192.149.30.0/24 +192.149.31.0/24 +192.149.32.0/24 192.149.33.0/24 192.149.35.0/24 192.150.58.0/24 @@ -33083,9 +37577,9 @@ 192.165.0.0/16 192.176.0.0/16 192.188.122.0/24 -192.195.134.0/21 -192.195.142.0/22 -192.195.146.0/23 +192.195.134.0/23 +192.195.136.0/21 +192.195.144.0/22 192.195.148.0/24 193.0.235.0/24 193.0.253.0/24 @@ -33095,8 +37589,6 @@ 193.9.14.0/24 193.9.54.0/24 193.9.58.0/23 -193.9.64.0/19 -193.9.96.0/20 193.9.117.0/24 193.9.148.0/22 193.10.0.0/16 @@ -33221,7 +37713,8 @@ 193.188.6.0/24 193.188.134.120/29 193.188.156.0/23 -193.188.201.0/23 +193.188.201.0/24 +193.188.202.0/24 193.188.203.0/24 193.188.248.0/24 193.192.54.0/23 @@ -33244,8 +37737,72 @@ 193.217.0.0/16 193.218.206.0/24 193.219.112.0/24 -193.221.16.0/18 -193.221.80.0/23 +193.221.16.0/24 +193.221.17.0/24 +193.221.18.0/24 +193.221.19.0/24 +193.221.20.0/24 +193.221.21.0/24 +193.221.22.0/24 +193.221.23.0/24 +193.221.24.0/24 +193.221.25.0/24 +193.221.26.0/24 +193.221.27.0/24 +193.221.28.0/24 +193.221.29.0/24 +193.221.30.0/24 +193.221.31.0/24 +193.221.32.0/24 +193.221.33.0/24 +193.221.34.0/24 +193.221.35.0/24 +193.221.36.0/24 +193.221.37.0/24 +193.221.38.0/24 +193.221.39.0/24 +193.221.40.0/24 +193.221.41.0/24 +193.221.42.0/24 +193.221.43.0/24 +193.221.44.0/24 +193.221.45.0/24 +193.221.46.0/24 +193.221.47.0/24 +193.221.48.0/24 +193.221.49.0/24 +193.221.50.0/24 +193.221.51.0/24 +193.221.52.0/24 +193.221.53.0/24 +193.221.54.0/24 +193.221.55.0/24 +193.221.56.0/24 +193.221.57.0/24 +193.221.58.0/24 +193.221.59.0/24 +193.221.60.0/24 +193.221.61.0/24 +193.221.62.0/24 +193.221.63.0/24 +193.221.64.0/24 +193.221.65.0/24 +193.221.66.0/24 +193.221.67.0/24 +193.221.68.0/24 +193.221.69.0/24 +193.221.70.0/24 +193.221.71.0/24 +193.221.72.0/24 +193.221.73.0/24 +193.221.74.0/24 +193.221.75.0/24 +193.221.76.0/24 +193.221.77.0/24 +193.221.78.0/24 +193.221.79.0/24 +193.221.80.0/24 +193.221.81.0/24 193.221.119.0/24 193.222.110.0/24 193.222.141.0/24 @@ -33313,6 +37870,7 @@ 194.48.213.0/24 194.50.106.0/24 194.50.107.0/24 +194.50.140.0/24 194.50.181.0/24 194.50.184.0/24 194.52.0.0/18 @@ -33323,14 +37881,15 @@ 194.60.80.0/24 194.61.158.0/24 194.68.0.0/16 -194.69.6.0/21 -194.69.14.0/23 +194.69.6.0/23 +194.69.8.0/21 194.71.0.0/16 194.88.28.0/22 194.88.232.0/23 194.88.234.0/23 194.88.254.0/23 -194.93.73.0/23 +194.93.73.0/24 +194.93.74.0/24 194.93.75.0/24 194.93.80.0/21 194.93.88.0/22 @@ -33345,9 +37904,110 @@ 194.110.70.0/24 194.110.96.0/20 194.114.140.0/22 -194.114.152.0/18 -194.114.216.0/19 -194.114.248.0/21 +194.114.152.0/24 +194.114.153.0/24 +194.114.154.0/24 +194.114.155.0/24 +194.114.156.0/24 +194.114.157.0/24 +194.114.158.0/24 +194.114.159.0/24 +194.114.160.0/24 +194.114.161.0/24 +194.114.162.0/24 +194.114.163.0/24 +194.114.164.0/24 +194.114.165.0/24 +194.114.166.0/24 +194.114.167.0/24 +194.114.168.0/24 +194.114.169.0/24 +194.114.170.0/24 +194.114.171.0/24 +194.114.172.0/24 +194.114.173.0/24 +194.114.174.0/24 +194.114.175.0/24 +194.114.176.0/24 +194.114.177.0/24 +194.114.178.0/24 +194.114.179.0/24 +194.114.180.0/24 +194.114.181.0/24 +194.114.182.0/24 +194.114.183.0/24 +194.114.184.0/24 +194.114.185.0/24 +194.114.186.0/24 +194.114.187.0/24 +194.114.188.0/24 +194.114.189.0/24 +194.114.190.0/24 +194.114.191.0/24 +194.114.192.0/24 +194.114.193.0/24 +194.114.194.0/24 +194.114.195.0/24 +194.114.196.0/24 +194.114.197.0/24 +194.114.198.0/24 +194.114.199.0/24 +194.114.200.0/24 +194.114.201.0/24 +194.114.202.0/24 +194.114.203.0/24 +194.114.204.0/24 +194.114.205.0/24 +194.114.206.0/24 +194.114.207.0/24 +194.114.208.0/24 +194.114.209.0/24 +194.114.210.0/24 +194.114.211.0/24 +194.114.212.0/24 +194.114.213.0/24 +194.114.214.0/24 +194.114.215.0/24 +194.114.216.0/24 +194.114.217.0/24 +194.114.218.0/24 +194.114.219.0/24 +194.114.220.0/24 +194.114.221.0/24 +194.114.222.0/24 +194.114.223.0/24 +194.114.224.0/24 +194.114.225.0/24 +194.114.226.0/24 +194.114.227.0/24 +194.114.228.0/24 +194.114.229.0/24 +194.114.230.0/24 +194.114.231.0/24 +194.114.232.0/24 +194.114.233.0/24 +194.114.234.0/24 +194.114.235.0/24 +194.114.236.0/24 +194.114.237.0/24 +194.114.238.0/24 +194.114.239.0/24 +194.114.240.0/24 +194.114.241.0/24 +194.114.242.0/24 +194.114.243.0/24 +194.114.244.0/24 +194.114.245.0/24 +194.114.246.0/24 +194.114.247.0/24 +194.114.248.0/24 +194.114.249.0/24 +194.114.250.0/24 +194.114.251.0/24 +194.114.252.0/24 +194.114.253.0/24 +194.114.254.0/24 +194.114.255.0/24 194.116.156.0/23 194.116.212.0/23 194.117.52.128/25 @@ -33683,8 +38343,8 @@ 217.208.0.0/13 # Country: SWITZERLAND # ISO Code: CH -# Total Networks: 1,863 -# Total Subnets: 20,846,840 +# Total Networks: 2,330 +# Total Subnets: 20,868,600 31.3.128.0/21 31.7.56.0/21 31.10.128.0/17 @@ -33707,6 +38367,11 @@ 37.35.120.0/21 37.110.200.0/21 37.122.128.0/21 +37.128.176.0/21 +37.131.184.0/21 +37.153.80.0/21 +37.153.96.0/19 +37.203.248.0/21 46.14.0.0/16 46.16.152.0/21 46.16.200.0/21 @@ -33958,7 +38623,8 @@ 91.213.227.0/24 91.214.168.0/22 91.216.36.0/24 -91.216.83.0/23 +91.216.83.0/24 +91.216.84.0/24 91.216.85.0/24 91.216.229.0/24 91.217.139.0/24 @@ -33997,6 +38663,8 @@ 91.234.160.0/24 91.234.189.0/24 91.235.212.0/24 +91.236.45.0/24 +91.236.78.0/24 92.42.104.0/21 92.42.184.0/21 92.42.240.0/21 @@ -34191,6 +38859,7 @@ 163.168.0.0/16 164.14.0.0/16 164.128.0.0/16 +164.138.64.0/20 165.222.0.0/16 166.8.0.0/13 167.149.0.0/16 @@ -34209,6 +38878,7 @@ 176.56.128.0/20 176.57.224.0/20 176.74.40.0/21 +176.111.216.0/21 178.21.224.0/21 178.22.24.0/21 178.22.64.0/21 @@ -34238,11 +38908,33 @@ 192.12.218.0/24 192.12.247.0/24 192.16.155.0/24 -192.16.156.0/23 -192.16.158.0/22 -192.16.162.0/22 +192.16.156.0/24 +192.16.157.0/24 +192.16.158.0/24 +192.16.159.0/24 +192.16.160.0/24 +192.16.161.0/24 +192.16.162.0/24 +192.16.163.0/24 +192.16.164.0/24 +192.16.165.0/24 192.16.166.0/24 -192.26.28.0/20 +192.26.28.0/24 +192.26.29.0/24 +192.26.30.0/24 +192.26.31.0/24 +192.26.32.0/24 +192.26.33.0/24 +192.26.34.0/24 +192.26.35.0/24 +192.26.36.0/24 +192.26.37.0/24 +192.26.38.0/24 +192.26.39.0/24 +192.26.40.0/24 +192.26.41.0/24 +192.26.42.0/24 +192.26.43.0/24 192.26.44.0/24 192.26.46.0/24 192.26.47.0/24 @@ -34303,16 +38995,26 @@ 192.33.219.0/24 192.33.220.0/24 192.33.221.0/24 -192.33.222.0/21 -192.33.230.0/23 +192.33.222.0/23 +192.33.224.0/21 192.37.0.0/16 192.41.132.0/22 192.41.136.0/24 192.41.141.0/24 192.41.142.0/23 192.41.144.0/23 -192.41.149.0/21 -192.41.157.0/22 +192.41.149.0/24 +192.41.150.0/24 +192.41.151.0/24 +192.41.152.0/24 +192.41.153.0/24 +192.41.154.0/24 +192.41.155.0/24 +192.41.156.0/24 +192.41.157.0/24 +192.41.158.0/24 +192.41.159.0/24 +192.41.160.0/24 192.42.42.0/23 192.42.44.0/22 192.42.180.0/24 @@ -34382,10 +39084,10 @@ 192.84.166.0/24 192.86.166.0/24 192.88.1.0/24 -192.91.236.0/24 -192.91.237.0/22 -192.91.241.0/22 -192.91.245.0/23 +192.91.236.0/22 +192.91.240.0/22 +192.91.244.0/23 +192.91.246.0/24 192.91.247.0/24 192.92.128.0/24 192.92.139.0/24 @@ -34431,15 +39133,22 @@ 192.160.96.0/24 192.166.159.0/24 192.175.38.0/23 -192.238.1.0/21 -192.238.9.0/23 +192.238.1.0/24 +192.238.2.0/23 +192.238.4.0/22 +192.238.8.0/23 +192.238.10.0/24 193.0.32.0/20 193.0.48.0/21 193.0.224.0/24 193.0.237.0/24 193.5.0.0/16 -193.8.1.0/21 -193.8.9.0/23 +193.8.1.0/24 +193.8.2.0/23 +193.8.4.0/22 +193.8.8.0/24 +193.8.9.0/24 +193.8.10.0/24 193.8.11.0/24 193.8.12.0/23 193.8.14.0/24 @@ -34463,10 +39172,14 @@ 193.8.84.0/23 193.8.88.0/22 193.8.92.0/24 -193.8.93.0/23 +193.8.93.0/24 +193.8.94.0/24 193.8.95.0/24 193.8.112.0/24 -193.8.113.0/22 +193.8.113.0/24 +193.8.114.0/24 +193.8.115.0/24 +193.8.116.0/24 193.8.117.0/24 193.8.118.0/24 193.8.119.0/24 @@ -34483,7 +39196,22 @@ 193.8.142.0/24 193.8.143.0/24 193.8.144.0/22 -193.8.148.0/20 +193.8.148.0/24 +193.8.149.0/24 +193.8.150.0/24 +193.8.151.0/24 +193.8.152.0/24 +193.8.153.0/24 +193.8.154.0/24 +193.8.155.0/24 +193.8.156.0/24 +193.8.157.0/24 +193.8.158.0/24 +193.8.159.0/24 +193.8.160.0/24 +193.8.161.0/24 +193.8.162.0/24 +193.8.163.0/24 193.8.164.0/24 193.8.165.0/24 193.8.166.0/24 @@ -34498,7 +39226,8 @@ 193.8.176.0/24 193.8.177.0/24 193.8.178.0/24 -193.8.179.0/23 +193.8.179.0/24 +193.8.180.0/24 193.8.181.0/24 193.8.184.0/23 193.8.186.0/23 @@ -34611,37 +39340,121 @@ 193.43.183.0/24 193.46.73.0/24 193.46.88.0/24 -193.47.1.0/20 -193.47.17.0/21 -193.47.25.0/22 -193.47.29.0/23 +193.47.1.0/24 +193.47.2.0/24 +193.47.3.0/24 +193.47.4.0/24 +193.47.5.0/24 +193.47.6.0/24 +193.47.7.0/24 +193.47.8.0/24 +193.47.9.0/24 +193.47.10.0/24 +193.47.11.0/24 +193.47.12.0/24 +193.47.13.0/24 +193.47.14.0/24 +193.47.15.0/24 +193.47.16.0/24 +193.47.17.0/24 +193.47.18.0/24 +193.47.19.0/24 +193.47.20.0/24 +193.47.21.0/24 +193.47.22.0/24 +193.47.23.0/24 +193.47.24.0/24 +193.47.25.0/24 +193.47.26.0/24 +193.47.27.0/24 +193.47.28.0/24 +193.47.29.0/24 +193.47.30.0/24 193.47.31.0/24 193.47.32.0/19 193.47.64.0/23 193.47.66.0/24 -193.47.67.0/23 +193.47.67.0/24 +193.47.68.0/24 193.47.69.0/24 193.47.88.0/21 193.47.96.0/23 193.47.98.0/24 193.47.103.0/24 -193.47.104.0/19 +193.47.104.0/21 +193.47.112.0/20 +193.47.128.0/21 193.47.149.0/24 193.47.153.0/24 -193.47.168.0/20 +193.47.168.0/21 +193.47.176.0/21 193.47.190.0/24 193.47.192.0/24 193.47.193.0/24 -193.47.194.0/19 -193.47.226.0/21 -193.47.234.0/21 -193.47.242.0/22 -193.47.250.0/22 +193.47.194.0/24 +193.47.195.0/24 +193.47.196.0/24 +193.47.197.0/24 +193.47.198.0/24 +193.47.199.0/24 +193.47.200.0/24 +193.47.201.0/24 +193.47.202.0/24 +193.47.203.0/24 +193.47.204.0/24 +193.47.205.0/24 +193.47.206.0/24 +193.47.207.0/24 +193.47.208.0/24 +193.47.209.0/24 +193.47.210.0/24 +193.47.211.0/24 +193.47.212.0/24 +193.47.213.0/24 +193.47.214.0/24 +193.47.215.0/24 +193.47.216.0/24 +193.47.217.0/24 +193.47.218.0/24 +193.47.219.0/24 +193.47.220.0/24 +193.47.221.0/24 +193.47.222.0/24 +193.47.223.0/24 +193.47.224.0/24 +193.47.225.0/24 +193.47.226.0/23 +193.47.228.0/22 +193.47.232.0/23 +193.47.234.0/24 +193.47.235.0/24 +193.47.236.0/24 +193.47.237.0/24 +193.47.238.0/24 +193.47.239.0/24 +193.47.240.0/24 +193.47.241.0/24 +193.47.242.0/24 +193.47.243.0/24 +193.47.244.0/24 +193.47.245.0/24 +193.47.250.0/23 +193.47.252.0/23 193.47.254.0/24 193.47.255.0/24 193.53.0.0/24 -193.58.173.0/21 -193.58.181.0/22 +193.58.173.0/24 +193.58.174.0/24 +193.58.175.0/24 +193.58.176.0/24 +193.58.177.0/24 +193.58.178.0/24 +193.58.179.0/24 +193.58.180.0/24 +193.58.181.0/24 +193.58.182.0/24 +193.58.183.0/24 +193.58.184.0/24 193.58.185.0/24 193.58.209.0/24 193.58.216.0/21 @@ -34649,7 +39462,6 @@ 193.72.0.0/16 193.73.0.0/16 193.84.113.0/24 -193.84.143.0/24 193.93.20.0/22 193.93.64.0/22 193.93.208.0/22 @@ -34720,7 +39532,22 @@ 193.201.33.0/24 193.201.84.0/22 193.201.122.0/23 -193.202.46.0/20 +193.202.46.0/24 +193.202.47.0/24 +193.202.48.0/24 +193.202.49.0/24 +193.202.50.0/24 +193.202.51.0/24 +193.202.52.0/24 +193.202.53.0/24 +193.202.54.0/24 +193.202.55.0/24 +193.202.56.0/24 +193.202.57.0/24 +193.202.58.0/24 +193.202.59.0/24 +193.202.60.0/24 +193.202.61.0/24 193.202.80.0/21 193.202.88.0/23 193.202.90.0/24 @@ -34732,7 +39559,8 @@ 193.218.104.0/24 193.218.205.0/26 193.218.205.224/27 -193.218.207.16/27 +193.218.207.16/28 +193.218.207.32/28 193.218.207.48/28 193.221.93.0/24 193.221.94.0/24 @@ -34751,22 +39579,121 @@ 193.222.142.0/23 193.222.144.0/23 193.222.146.0/24 -193.222.148.0/19 -193.222.180.0/21 +193.222.148.0/24 +193.222.149.0/24 +193.222.150.0/24 +193.222.151.0/24 +193.222.152.0/24 +193.222.153.0/24 +193.222.154.0/24 +193.222.155.0/24 +193.222.156.0/24 +193.222.157.0/24 +193.222.158.0/24 +193.222.159.0/24 +193.222.160.0/24 +193.222.161.0/24 +193.222.162.0/24 +193.222.163.0/24 +193.222.164.0/24 +193.222.165.0/24 +193.222.166.0/24 +193.222.167.0/24 +193.222.168.0/24 +193.222.169.0/24 +193.222.170.0/24 +193.222.171.0/24 +193.222.172.0/24 +193.222.173.0/24 +193.222.174.0/24 +193.222.175.0/24 +193.222.176.0/24 +193.222.177.0/24 +193.222.178.0/24 +193.222.179.0/24 +193.222.180.0/24 +193.222.181.0/24 +193.222.182.0/24 +193.222.183.0/24 +193.222.184.0/24 +193.222.185.0/24 +193.222.186.0/24 +193.222.187.0/24 193.222.188.0/23 193.222.192.0/19 193.222.224.0/20 193.222.240.0/24 -193.222.241.0/21 -193.222.249.0/23 -193.222.251.0/23 +193.222.241.0/24 +193.222.242.0/23 +193.222.244.0/22 +193.222.248.0/23 +193.222.250.0/24 +193.222.251.0/24 +193.222.252.0/24 193.222.253.0/24 193.222.255.0/24 -193.223.1.0/19 -193.223.33.0/20 -193.223.49.0/21 -193.223.57.0/22 -193.223.61.0/23 +193.223.1.0/24 +193.223.2.0/24 +193.223.3.0/24 +193.223.4.0/24 +193.223.5.0/24 +193.223.6.0/24 +193.223.7.0/24 +193.223.8.0/24 +193.223.9.0/24 +193.223.10.0/24 +193.223.11.0/24 +193.223.12.0/24 +193.223.13.0/24 +193.223.14.0/24 +193.223.15.0/24 +193.223.16.0/24 +193.223.17.0/24 +193.223.18.0/24 +193.223.19.0/24 +193.223.20.0/24 +193.223.21.0/24 +193.223.22.0/24 +193.223.23.0/24 +193.223.24.0/24 +193.223.25.0/24 +193.223.26.0/24 +193.223.27.0/24 +193.223.28.0/24 +193.223.29.0/24 +193.223.30.0/24 +193.223.31.0/24 +193.223.32.0/24 +193.223.33.0/24 +193.223.34.0/24 +193.223.35.0/24 +193.223.36.0/24 +193.223.37.0/24 +193.223.38.0/24 +193.223.39.0/24 +193.223.40.0/24 +193.223.41.0/24 +193.223.42.0/24 +193.223.43.0/24 +193.223.44.0/24 +193.223.45.0/24 +193.223.46.0/24 +193.223.47.0/24 +193.223.48.0/24 +193.223.49.0/24 +193.223.50.0/24 +193.223.51.0/24 +193.223.52.0/24 +193.223.53.0/24 +193.223.54.0/24 +193.223.55.0/24 +193.223.56.0/24 +193.223.57.0/24 +193.223.58.0/24 +193.223.59.0/24 +193.223.60.0/24 +193.223.61.0/24 +193.223.62.0/24 193.223.63.0/24 193.223.64.0/24 193.223.65.0/24 @@ -34787,12 +39714,54 @@ 193.223.109.0/24 193.223.110.0/24 193.223.111.0/24 -193.223.112.0/19 -193.223.144.0/20 -193.223.160.0/21 -193.223.168.0/23 +193.223.112.0/20 +193.223.128.0/24 +193.223.129.0/24 +193.223.130.0/24 +193.223.131.0/24 +193.223.132.0/24 +193.223.133.0/24 +193.223.134.0/24 +193.223.135.0/24 +193.223.136.0/24 +193.223.137.0/24 +193.223.138.0/24 +193.223.139.0/24 +193.223.140.0/24 +193.223.141.0/24 +193.223.142.0/24 +193.223.143.0/24 +193.223.144.0/24 +193.223.145.0/24 +193.223.146.0/24 +193.223.147.0/24 +193.223.148.0/24 +193.223.149.0/24 +193.223.150.0/24 +193.223.151.0/24 +193.223.152.0/24 +193.223.153.0/24 +193.223.154.0/24 +193.223.155.0/24 +193.223.156.0/24 +193.223.157.0/24 +193.223.158.0/24 +193.223.159.0/24 +193.223.160.0/24 +193.223.161.0/24 +193.223.162.0/24 +193.223.163.0/24 +193.223.164.0/24 +193.223.165.0/24 +193.223.166.0/24 +193.223.167.0/24 +193.223.168.0/24 +193.223.169.0/24 193.223.170.0/24 -193.223.171.0/22 +193.223.171.0/24 +193.223.172.0/24 +193.223.173.0/24 +193.223.174.0/24 193.223.175.0/24 193.223.176.0/20 193.223.192.0/19 @@ -34810,6 +39779,7 @@ 193.238.140.0/22 193.239.20.0/22 193.239.200.0/23 +193.239.220.0/23 193.242.105.0/24 193.246.0.0/16 193.247.0.0/16 @@ -34824,12 +39794,7 @@ 194.0.229.0/24 194.1.162.0/24 194.1.190.0/24 -194.1.213.0/24 -194.1.217.0/24 -194.1.219.0/24 -194.1.232.0/23 194.1.245.0/24 -194.1.247.0/24 194.6.160.0/19 194.8.15.0/24 194.8.78.0/23 @@ -34844,7 +39809,10 @@ 194.11.64.0/20 194.11.80.0/23 194.11.82.0/24 -194.11.83.0/22 +194.11.83.0/24 +194.11.84.0/24 +194.11.85.0/24 +194.11.86.0/24 194.11.87.0/24 194.11.88.0/21 194.11.96.0/20 @@ -34862,9 +39830,12 @@ 194.11.160.0/22 194.11.164.0/22 194.11.168.0/23 -194.11.172.0/20 +194.11.172.0/22 +194.11.176.0/21 +194.11.184.0/22 194.11.188.0/24 -194.11.189.0/23 +194.11.189.0/24 +194.11.190.0/24 194.11.191.0/24 194.11.192.0/23 194.11.194.0/24 @@ -34875,7 +39846,9 @@ 194.11.202.0/24 194.11.203.0/24 194.11.204.0/23 -194.11.206.0/21 +194.11.206.0/23 +194.11.208.0/22 +194.11.212.0/23 194.11.214.0/24 194.11.215.0/24 194.11.216.0/24 @@ -34927,11 +39900,34 @@ 194.40.128.0/18 194.40.192.0/21 194.40.200.0/22 -194.40.212.0/20 -194.40.228.0/21 +194.40.212.0/24 +194.40.213.0/24 +194.40.214.0/24 +194.40.215.0/24 +194.40.216.0/24 +194.40.217.0/24 +194.40.218.0/24 +194.40.219.0/24 +194.40.220.0/24 +194.40.221.0/24 +194.40.222.0/24 +194.40.223.0/24 +194.40.224.0/24 +194.40.225.0/24 +194.40.226.0/24 +194.40.227.0/24 +194.40.228.0/24 +194.40.229.0/24 +194.40.230.0/24 +194.40.231.0/24 +194.40.232.0/24 +194.40.233.0/24 +194.40.234.0/24 +194.40.235.0/24 194.40.236.0/24 194.40.237.0/24 -194.40.238.0/22 +194.40.238.0/23 +194.40.240.0/23 194.40.242.0/24 194.40.243.0/24 194.40.244.0/24 @@ -34950,8 +39946,8 @@ 194.41.120.0/24 194.41.128.0/17 194.42.48.0/24 -194.42.55.32/26 -194.42.55.96/28 +194.42.55.32/27 +194.42.55.64/26 194.42.160.0/19 194.50.34.0/24 194.50.45.0/24 @@ -34960,8 +39956,30 @@ 194.50.178.0/24 194.56.0.0/18 194.56.64.0/21 -194.56.72.0/20 -194.56.88.0/21 +194.56.72.0/24 +194.56.73.0/24 +194.56.74.0/24 +194.56.75.0/24 +194.56.76.0/24 +194.56.77.0/24 +194.56.78.0/24 +194.56.79.0/24 +194.56.80.0/24 +194.56.81.0/24 +194.56.82.0/24 +194.56.83.0/24 +194.56.84.0/24 +194.56.85.0/24 +194.56.86.0/24 +194.56.87.0/24 +194.56.88.0/24 +194.56.89.0/24 +194.56.90.0/24 +194.56.91.0/24 +194.56.92.0/24 +194.56.93.0/24 +194.56.94.0/24 +194.56.95.0/24 194.56.96.0/20 194.56.112.0/21 194.56.120.0/22 @@ -34972,19 +39990,37 @@ 194.56.144.0/22 194.56.148.0/22 194.56.152.0/23 -194.56.154.0/21 -194.56.162.0/22 -194.56.166.0/23 +194.56.154.0/24 +194.56.155.0/24 +194.56.156.0/24 +194.56.157.0/24 +194.56.158.0/24 +194.56.159.0/24 +194.56.160.0/24 +194.56.161.0/24 +194.56.162.0/24 +194.56.163.0/24 +194.56.164.0/24 +194.56.165.0/24 +194.56.166.0/24 +194.56.167.0/24 194.56.168.0/22 194.56.172.0/23 -194.56.174.0/22 -194.56.178.0/23 +194.56.174.0/24 +194.56.175.0/24 +194.56.176.0/24 +194.56.177.0/24 +194.56.178.0/24 +194.56.179.0/24 194.56.180.0/22 194.56.184.0/21 194.56.192.0/21 194.56.200.0/22 194.56.204.0/23 -194.56.206.0/22 +194.56.206.0/24 +194.56.207.0/24 +194.56.208.0/24 +194.56.209.0/24 194.56.210.0/24 194.56.212.0/23 194.56.216.0/23 @@ -35024,7 +40060,8 @@ 194.60.70.0/24 194.60.81.0/24 194.60.217.0/24 -194.69.2.0/22 +194.69.2.0/23 +194.69.4.0/23 194.69.160.0/19 194.69.196.0/23 194.88.7.0/24 @@ -35041,11 +40078,58 @@ 194.116.196.0/23 194.116.210.0/23 194.124.0.0/19 -194.124.32.0/22 -194.124.36.0/19 -194.124.68.0/23 -194.124.70.0/21 -194.124.78.0/18 +194.124.32.0/24 +194.124.33.0/24 +194.124.34.0/24 +194.124.35.0/24 +194.124.36.0/24 +194.124.37.0/24 +194.124.38.0/24 +194.124.39.0/24 +194.124.40.0/24 +194.124.41.0/24 +194.124.42.0/24 +194.124.43.0/24 +194.124.44.0/24 +194.124.45.0/24 +194.124.46.0/24 +194.124.47.0/24 +194.124.48.0/24 +194.124.49.0/24 +194.124.50.0/24 +194.124.51.0/24 +194.124.52.0/24 +194.124.53.0/24 +194.124.54.0/24 +194.124.55.0/24 +194.124.56.0/24 +194.124.57.0/24 +194.124.58.0/24 +194.124.59.0/24 +194.124.60.0/24 +194.124.61.0/24 +194.124.62.0/24 +194.124.63.0/24 +194.124.64.0/24 +194.124.65.0/24 +194.124.66.0/24 +194.124.67.0/24 +194.124.68.0/24 +194.124.69.0/24 +194.124.70.0/24 +194.124.71.0/24 +194.124.72.0/24 +194.124.73.0/24 +194.124.74.0/24 +194.124.75.0/24 +194.124.76.0/24 +194.124.77.0/24 +194.124.78.0/23 +194.124.80.0/20 +194.124.96.0/19 +194.124.128.0/21 +194.124.136.0/22 +194.124.140.0/23 194.124.142.0/23 194.124.144.0/24 194.124.145.0/24 @@ -35080,7 +40164,8 @@ 194.124.219.0/24 194.124.220.0/23 194.124.222.0/24 -194.124.223.0/23 +194.124.223.0/24 +194.124.224.0/24 194.124.225.0/24 194.124.226.0/24 194.124.227.0/24 @@ -35093,8 +40178,10 @@ 194.124.236.0/24 194.124.237.0/24 194.124.238.0/24 -194.124.239.0/23 -194.124.241.0/23 +194.124.239.0/24 +194.124.240.0/24 +194.124.241.0/24 +194.124.242.0/24 194.124.243.0/24 194.124.244.0/24 194.124.245.0/24 @@ -35126,13 +40213,30 @@ 194.147.14.0/24 194.147.15.0/24 194.147.16.0/23 -194.147.18.0/22 -194.147.22.0/22 -194.147.26.0/23 -194.147.28.0/21 -194.147.36.0/23 -194.147.38.0/22 -194.147.42.0/23 +194.147.18.0/23 +194.147.20.0/23 +194.147.22.0/24 +194.147.23.0/24 +194.147.24.0/24 +194.147.25.0/24 +194.147.26.0/24 +194.147.27.0/24 +194.147.28.0/24 +194.147.29.0/24 +194.147.30.0/24 +194.147.31.0/24 +194.147.32.0/24 +194.147.33.0/24 +194.147.34.0/24 +194.147.35.0/24 +194.147.36.0/24 +194.147.37.0/24 +194.147.38.0/24 +194.147.39.0/24 +194.147.40.0/24 +194.147.41.0/24 +194.147.42.0/24 +194.147.43.0/24 194.147.44.0/24 194.147.45.0/24 194.147.46.0/24 @@ -35153,11 +40257,22 @@ 194.147.75.0/24 194.147.76.0/23 194.147.78.0/24 -194.147.79.0/23 +194.147.79.0/24 +194.147.80.0/24 194.147.81.0/24 194.147.82.0/24 -194.147.83.0/21 -194.147.91.0/22 +194.147.83.0/24 +194.147.84.0/24 +194.147.85.0/24 +194.147.86.0/24 +194.147.87.0/24 +194.147.88.0/24 +194.147.89.0/24 +194.147.90.0/24 +194.147.91.0/24 +194.147.92.0/24 +194.147.93.0/24 +194.147.94.0/24 194.147.95.0/24 194.147.96.0/24 194.147.97.0/24 @@ -35179,12 +40294,14 @@ 194.147.116.0/24 194.147.117.0/24 194.147.118.0/24 -194.147.119.0/23 +194.147.119.0/24 +194.147.120.0/24 194.147.121.0/24 194.147.122.0/24 194.147.123.0/24 194.147.124.0/24 -194.147.125.0/23 +194.147.125.0/24 +194.147.126.0/24 194.147.127.0/24 194.147.128.0/22 194.147.132.0/24 @@ -35196,8 +40313,10 @@ 194.147.142.0/24 194.147.143.0/24 194.147.144.0/24 -194.147.145.0/23 -194.147.147.0/23 +194.147.145.0/24 +194.147.146.0/24 +194.147.147.0/24 +194.147.148.0/24 194.147.149.0/24 194.147.150.0/24 194.147.151.0/24 @@ -35215,11 +40334,15 @@ 194.147.175.0/24 194.147.176.0/20 194.147.192.0/22 -194.147.196.0/21 -194.147.204.0/22 +194.147.196.0/22 +194.147.200.0/21 194.147.208.0/23 194.147.210.0/24 -194.147.211.0/20 +194.147.211.0/24 +194.147.212.0/22 +194.147.216.0/21 +194.147.224.0/23 +194.147.226.0/24 194.147.227.0/24 194.147.228.0/24 194.147.229.0/24 @@ -35227,11 +40350,14 @@ 194.147.231.0/24 194.147.232.0/24 194.147.233.0/24 -194.147.234.0/22 +194.147.234.0/23 +194.147.236.0/23 194.147.238.0/24 194.147.239.0/24 194.147.240.0/24 -194.147.241.0/22 +194.147.241.0/24 +194.147.242.0/23 +194.147.244.0/24 194.147.245.0/24 194.147.250.0/24 194.147.251.0/24 @@ -35401,13 +40527,13 @@ 195.234.64.0/22 195.234.163.0/24 195.234.176.0/24 -195.234.187.0/24 +195.234.180.0/24 195.234.224.0/22 195.238.253.0/24 195.242.84.0/23 195.242.140.0/23 -195.242.163.0/23 -195.242.165.0/24 +195.242.163.0/24 +195.242.164.0/23 195.245.228.0/24 195.245.237.0/24 195.246.64.0/19 @@ -35437,7 +40563,8 @@ 199.53.0.0/16 199.91.16.0/20 199.103.106.0/24 -199.103.111.0/23 +199.103.111.0/24 +199.103.112.0/24 204.79.161.0/24 204.79.162.0/23 204.79.166.0/23 @@ -35550,8 +40677,8 @@ 217.197.208.0/20 # Country: UKRAINE # ISO Code: UA -# Total Networks: 2,700 -# Total Subnets: 11,062,080 +# Total Networks: 2,751 +# Total Subnets: 11,172,416 2.56.0.0/16 2.58.0.0/16 2.59.0.0/16 @@ -35630,6 +40757,10 @@ 37.73.0.0/16 37.75.216.0/21 37.115.0.0/16 +37.139.96.0/20 +37.139.160.0/19 +37.143.88.0/21 +37.203.0.0/19 46.16.240.0/21 46.17.240.0/21 46.18.0.0/21 @@ -35833,6 +40964,7 @@ 83.143.232.0/21 83.170.192.0/18 83.218.224.0/19 +83.242.96.0/20 84.234.96.0/20 85.90.192.0/19 85.114.192.0/19 @@ -35972,7 +41104,6 @@ 91.197.4.0/22 91.197.16.0/22 91.197.24.0/22 -91.197.44.0/22 91.197.48.0/22 91.197.56.0/22 91.197.80.0/22 @@ -36203,7 +41334,8 @@ 91.209.157.0/24 91.209.176.0/24 91.209.193.0/24 -91.209.201.0/23 +91.209.201.0/24 +91.209.202.0/24 91.209.203.0/24 91.209.206.0/24 91.209.210.0/24 @@ -36331,7 +41463,6 @@ 91.217.8.0/23 91.217.10.0/23 91.217.12.0/23 -91.217.22.0/23 91.217.58.0/23 91.217.60.0/23 91.217.66.0/23 @@ -36643,6 +41774,38 @@ 91.235.182.0/24 91.235.196.0/22 91.235.224.0/22 +91.236.36.0/24 +91.236.96.0/22 +91.236.114.0/24 +91.236.118.0/23 +91.236.126.0/23 +91.236.134.0/23 +91.236.138.0/23 +91.236.156.0/22 +91.236.171.0/24 +91.236.213.0/24 +91.236.221.0/24 +91.236.224.0/22 +91.237.0.0/22 +91.237.4.0/24 +91.237.5.0/24 +91.237.6.0/23 +91.237.8.0/22 +91.237.12.0/22 +91.237.24.0/22 +91.237.40.0/23 +91.237.64.0/24 +91.237.107.0/24 +91.237.108.0/22 +91.237.114.0/23 +91.237.116.0/24 +91.237.119.0/24 +91.237.120.0/22 +91.237.124.0/22 +91.237.128.0/24 +91.237.129.0/24 +91.237.142.0/24 +91.237.152.0/24 92.49.192.0/18 92.52.128.0/18 92.60.176.0/20 @@ -36813,6 +41976,8 @@ 176.101.96.0/19 176.101.184.0/21 176.101.192.0/19 +176.102.0.0/19 +176.102.32.0/19 176.102.192.0/19 176.103.0.0/19 176.103.48.0/20 @@ -36841,6 +42006,17 @@ 176.108.96.0/19 176.108.184.0/21 176.108.232.0/21 +176.109.8.0/21 +176.109.176.0/20 +176.109.192.0/19 +176.109.224.0/19 +176.111.32.0/20 +176.111.48.0/20 +176.111.80.0/20 +176.111.176.0/20 +176.111.240.0/21 +176.112.0.0/19 +176.112.120.0/21 176.221.48.0/21 176.241.104.0/21 176.241.128.0/19 @@ -36963,6 +42139,7 @@ 193.0.240.0/24 193.0.247.0/24 193.8.78.0/23 +193.8.201.0/24 193.9.28.0/24 193.9.158.0/24 193.9.250.0/23 @@ -36991,7 +42168,6 @@ 193.19.108.0/23 193.19.110.0/23 193.19.132.0/22 -193.19.144.0/22 193.19.152.0/22 193.19.184.0/22 193.19.200.0/22 @@ -37080,7 +42256,8 @@ 193.37.156.0/24 193.39.69.0/24 193.39.72.0/24 -193.39.75.0/23 +193.39.75.0/24 +193.39.76.0/24 193.39.77.0/24 193.39.114.0/24 193.39.118.0/24 @@ -37170,7 +42347,6 @@ 193.105.92.0/24 193.105.121.0/24 193.105.124.0/24 -193.105.132.0/24 193.105.135.0/24 193.105.152.0/24 193.105.164.0/24 @@ -37220,7 +42396,8 @@ 193.108.46.0/23 193.108.48.0/22 193.108.56.0/22 -193.108.102.0/22 +193.108.102.0/23 +193.108.104.0/23 193.108.112.0/22 193.108.116.0/22 193.108.120.0/22 @@ -37477,12 +42654,13 @@ 194.0.206.0/24 194.0.218.0/24 194.0.237.0/24 +194.1.159.0/24 194.1.177.0/24 194.1.193.0/24 194.1.195.0/24 194.1.220.0/23 -194.6.231.0/23 -194.6.233.0/24 +194.6.231.0/24 +194.6.232.0/23 194.8.51.0/24 194.8.56.0/24 194.8.59.0/24 @@ -37553,9 +42731,9 @@ 194.50.85.0/24 194.50.98.0/24 194.50.114.0/24 -194.50.116.0/24 194.50.119.0/24 194.50.125.0/24 +194.50.144.0/22 194.50.161.0/24 194.50.167.0/24 194.50.169.0/24 @@ -38254,8 +43432,8 @@ 217.199.224.0/20 # Country: UNITED KINGDOM # ISO Code: GB -# Total Networks: 5,571 -# Total Subnets: 123,825,888 +# Total Networks: 5,826 +# Total Subnets: 123,476,848 2.24.0.0/13 2.96.0.0/13 2.120.0.0/13 @@ -38367,6 +43545,24 @@ 37.123.112.0/21 37.123.248.0/21 37.128.128.0/21 +37.128.184.0/21 +37.130.232.0/21 +37.130.248.0/21 +37.143.136.0/21 +37.148.216.0/21 +37.148.240.0/21 +37.152.32.0/20 +37.152.48.0/21 +37.152.192.0/18 +37.153.72.0/21 +37.157.32.0/21 +37.157.48.0/21 +37.157.240.0/21 +37.188.96.0/19 +37.191.96.0/19 +37.200.112.0/21 +37.203.40.0/21 +37.203.128.0/18 46.16.0.0/21 46.16.32.0/21 46.16.80.0/21 @@ -38595,6 +43791,7 @@ 77.75.120.0/21 77.75.136.0/21 77.75.184.0/21 +77.75.192.0/21 77.75.232.0/21 77.76.64.0/18 77.86.0.0/17 @@ -38839,10 +44036,6 @@ 81.31.64.0/20 81.31.96.0/20 81.31.112.0/20 -81.52.144.0/23 -81.52.146.0/23 -81.52.148.0/23 -81.55.254.0/23 81.76.0.0/14 81.86.0.0/16 81.87.0.0/16 @@ -39233,7 +44426,7 @@ 91.103.176.0/21 91.103.184.0/21 91.103.216.0/21 -91.104.0.0/13 +91.110.0.0/15 91.125.0.0/16 91.135.0.0/20 91.135.224.0/20 @@ -39276,7 +44469,6 @@ 91.194.158.0/23 91.194.170.0/23 91.194.220.0/23 -91.195.46.0/23 91.195.64.0/23 91.195.82.0/23 91.195.112.0/23 @@ -39288,7 +44480,6 @@ 91.195.192.0/23 91.195.212.0/23 91.195.228.0/23 -91.195.236.0/23 91.196.20.0/22 91.196.68.0/22 91.196.184.0/22 @@ -39378,7 +44569,6 @@ 91.206.176.0/23 91.206.182.0/23 91.206.184.0/23 -91.206.232.0/23 91.206.234.0/23 91.207.36.0/23 91.207.38.0/23 @@ -39435,6 +44625,7 @@ 91.209.40.0/24 91.209.43.0/24 91.209.50.0/24 +91.209.60.0/24 91.209.71.0/24 91.209.73.0/24 91.209.79.0/24 @@ -39691,7 +44882,6 @@ 91.231.145.0/24 91.231.154.0/23 91.231.204.0/24 -91.231.216.0/23 91.232.35.0/24 91.232.36.0/24 91.232.71.0/24 @@ -39717,7 +44907,6 @@ 91.234.184.0/23 91.234.201.0/24 91.234.214.0/24 -91.234.254.0/24 91.235.44.0/24 91.235.56.0/22 91.235.65.0/24 @@ -39727,6 +44916,17 @@ 91.235.214.0/24 91.235.220.0/24 91.235.234.0/23 +91.236.17.0/24 +91.236.18.0/24 +91.236.26.0/23 +91.236.56.0/24 +91.236.117.0/24 +91.236.152.0/24 +91.236.187.0/24 +91.236.190.0/23 +91.236.206.0/24 +91.237.74.0/23 +91.237.87.0/24 92.0.0.0/11 92.39.192.0/20 92.40.0.0/16 @@ -39772,7 +44972,6 @@ 93.95.120.0/21 93.96.0.0/16 93.97.0.0/16 -93.126.0.0/18 93.152.0.0/17 93.157.216.0/21 93.159.200.0/21 @@ -40027,6 +45226,8 @@ 130.246.0.0/16 130.255.16.0/20 131.111.0.0/16 +131.117.168.0/21 +131.117.184.0/21 131.227.0.0/16 131.231.0.0/16 131.251.0.0/16 @@ -40159,8 +45360,9 @@ 147.114.0.0/16 147.119.0.0/16 147.143.0.0/16 -147.147.0.0/14 -147.151.0.0/15 +147.147.0.0/16 +147.148.0.0/14 +147.152.0.0/16 147.184.0.0/16 147.188.0.0/16 147.189.0.0/16 @@ -40178,10 +45380,10 @@ 149.155.0.0/16 149.170.0.0/16 149.177.0.0/16 -149.178.0.0/14 -149.182.0.0/13 -149.190.0.0/14 -149.194.0.0/15 +149.178.0.0/15 +149.180.0.0/14 +149.184.0.0/13 +149.192.0.0/14 149.196.0.0/16 149.223.0.0/16 149.241.0.0/16 @@ -40332,6 +45534,8 @@ 164.134.0.0/16 164.136.0.0/16 164.137.0.0/16 +164.138.80.0/21 +164.138.224.0/21 164.143.0.0/16 164.177.128.0/19 164.177.184.0/21 @@ -40534,7 +45738,10 @@ 192.65.153.0/24 192.65.219.0/24 192.65.220.0/24 -192.65.221.0/21 +192.65.221.0/24 +192.65.222.0/23 +192.65.224.0/22 +192.65.228.0/24 192.67.4.0/24 192.67.39.0/24 192.67.43.0/24 @@ -40560,7 +45767,10 @@ 192.73.19.0/24 192.73.20.0/24 192.73.229.0/24 -192.76.6.0/20 +192.76.6.0/23 +192.76.8.0/21 +192.76.16.0/22 +192.76.20.0/23 192.76.22.0/24 192.76.23.0/24 192.76.24.0/21 @@ -40569,7 +45779,8 @@ 192.77.136.0/23 192.77.138.0/24 192.80.46.0/24 -192.81.61.0/23 +192.81.61.0/24 +192.81.62.0/24 192.81.234.0/24 192.82.121.0/24 192.82.153.0/24 @@ -40577,8 +45788,16 @@ 192.83.160.0/24 192.83.200.0/24 192.83.202.0/24 -192.83.207.0/21 -192.83.215.0/23 +192.83.207.0/24 +192.83.208.0/24 +192.83.209.0/24 +192.83.210.0/24 +192.83.211.0/24 +192.83.212.0/24 +192.83.213.0/24 +192.83.214.0/24 +192.83.215.0/24 +192.83.216.0/24 192.84.5.0/24 192.84.75.0/24 192.84.76.0/24 @@ -40632,8 +45851,18 @@ 192.102.214.0/24 192.102.227.0/24 192.102.228.0/24 -192.103.28.0/21 -192.103.36.0/22 +192.103.28.0/24 +192.103.29.0/24 +192.103.30.0/24 +192.103.31.0/24 +192.103.32.0/24 +192.103.33.0/24 +192.103.34.0/24 +192.103.35.0/24 +192.103.36.0/24 +192.103.37.0/24 +192.103.38.0/24 +192.103.39.0/24 192.103.137.0/24 192.103.138.0/24 192.103.139.0/24 @@ -40647,7 +45876,8 @@ 192.107.5.0/24 192.107.11.0/24 192.107.12.0/23 -192.107.126.0/22 +192.107.126.0/23 +192.107.128.0/23 192.107.168.0/24 192.107.174.0/24 192.107.178.0/24 @@ -40655,10 +45885,32 @@ 192.112.49.0/24 192.112.98.0/24 192.112.100.0/24 -192.122.141.0/22 -192.122.145.0/23 -192.122.151.0/20 -192.122.167.0/22 +192.122.141.0/24 +192.122.142.0/24 +192.122.143.0/24 +192.122.144.0/24 +192.122.145.0/24 +192.122.146.0/24 +192.122.151.0/24 +192.122.152.0/24 +192.122.153.0/24 +192.122.154.0/24 +192.122.155.0/24 +192.122.156.0/24 +192.122.157.0/24 +192.122.158.0/24 +192.122.159.0/24 +192.122.160.0/24 +192.122.161.0/24 +192.122.162.0/24 +192.122.163.0/24 +192.122.164.0/24 +192.122.165.0/24 +192.122.166.0/24 +192.122.167.0/24 +192.122.168.0/24 +192.122.169.0/24 +192.122.170.0/24 192.122.214.0/24 192.124.46.0/24 192.129.94.0/24 @@ -40684,7 +45936,10 @@ 192.136.40.0/24 192.136.154.0/24 192.136.155.0/24 -192.138.1.0/21 +192.138.1.0/24 +192.138.2.0/23 +192.138.4.0/22 +192.138.8.0/24 192.138.156.0/23 192.138.158.0/24 192.138.183.0/24 @@ -40990,12 +46245,46 @@ 193.17.65.0/24 193.17.73.0/24 193.17.128.0/24 -193.17.129.0/23 -193.17.131.0/22 -193.17.135.0/21 -193.17.143.0/20 -193.17.159.0/21 -193.17.167.0/23 +193.17.129.0/24 +193.17.130.0/24 +193.17.131.0/24 +193.17.132.0/24 +193.17.133.0/24 +193.17.134.0/24 +193.17.135.0/24 +193.17.136.0/24 +193.17.137.0/24 +193.17.138.0/24 +193.17.139.0/24 +193.17.140.0/24 +193.17.141.0/24 +193.17.142.0/24 +193.17.143.0/24 +193.17.144.0/24 +193.17.145.0/24 +193.17.146.0/24 +193.17.147.0/24 +193.17.148.0/24 +193.17.149.0/24 +193.17.150.0/24 +193.17.151.0/24 +193.17.152.0/24 +193.17.153.0/24 +193.17.154.0/24 +193.17.155.0/24 +193.17.156.0/24 +193.17.157.0/24 +193.17.158.0/24 +193.17.159.0/24 +193.17.160.0/24 +193.17.161.0/24 +193.17.162.0/24 +193.17.163.0/24 +193.17.164.0/24 +193.17.165.0/24 +193.17.166.0/24 +193.17.167.0/24 +193.17.168.0/24 193.17.169.0/24 193.17.171.0/24 193.17.187.0/24 @@ -41105,8 +46394,40 @@ 193.32.43.0/24 193.32.44.0/24 193.32.45.0/24 -193.32.46.0/22 -193.32.50.0/19 +193.32.46.0/23 +193.32.48.0/23 +193.32.50.0/24 +193.32.51.0/24 +193.32.52.0/24 +193.32.53.0/24 +193.32.54.0/24 +193.32.55.0/24 +193.32.56.0/24 +193.32.57.0/24 +193.32.58.0/24 +193.32.59.0/24 +193.32.60.0/24 +193.32.61.0/24 +193.32.62.0/24 +193.32.63.0/24 +193.32.64.0/24 +193.32.65.0/24 +193.32.66.0/24 +193.32.67.0/24 +193.32.68.0/24 +193.32.69.0/24 +193.32.70.0/24 +193.32.71.0/24 +193.32.72.0/24 +193.32.73.0/24 +193.32.74.0/24 +193.32.75.0/24 +193.32.76.0/24 +193.32.77.0/24 +193.32.78.0/24 +193.32.79.0/24 +193.32.80.0/24 +193.32.81.0/24 193.32.82.0/24 193.32.83.0/24 193.32.84.0/22 @@ -41119,25 +46440,32 @@ 193.32.103.0/24 193.32.104.0/24 193.32.105.0/24 -193.32.106.0/22 +193.32.106.0/23 +193.32.108.0/23 193.32.110.0/24 193.32.111.0/24 193.32.112.0/23 -193.32.114.0/22 -193.32.118.0/21 +193.32.114.0/23 +193.32.116.0/23 +193.32.118.0/23 +193.32.120.0/22 +193.32.124.0/23 193.32.126.0/23 193.32.128.0/19 193.32.160.0/24 193.32.161.0/24 -193.32.162.0/22 +193.32.162.0/23 +193.32.164.0/23 193.32.166.0/23 193.32.168.0/21 -193.32.176.0/19 +193.32.176.0/20 +193.32.192.0/20 193.32.208.0/23 193.32.210.0/24 193.32.211.0/24 193.32.212.0/22 -193.32.216.0/20 +193.32.216.0/21 +193.32.224.0/21 193.32.232.0/23 193.32.234.0/24 193.32.235.0/24 @@ -41153,10 +46481,10 @@ 193.32.247.0/24 193.32.248.0/24 193.32.249.0/24 -193.32.250.0/22 +193.32.250.0/23 +193.32.252.0/23 193.32.254.0/24 193.32.255.0/24 -193.33.0.0/23 193.33.72.0/23 193.33.76.0/23 193.33.108.0/23 @@ -41207,7 +46535,6 @@ 193.35.26.0/24 193.35.27.0/24 193.35.28.0/22 -193.35.32.0/19 193.35.64.0/20 193.35.80.0/20 193.35.112.0/20 @@ -41218,16 +46545,26 @@ 193.35.148.0/21 193.35.156.0/24 193.35.157.0/24 -193.35.158.0/22 -193.35.162.0/20 -193.35.178.0/22 -193.35.182.0/20 -193.35.198.0/21 +193.35.158.0/23 +193.35.160.0/23 +193.35.162.0/23 +193.35.164.0/22 +193.35.168.0/21 +193.35.176.0/22 +193.35.180.0/23 +193.35.182.0/23 +193.35.184.0/21 +193.35.192.0/22 +193.35.196.0/23 +193.35.198.0/23 +193.35.200.0/22 +193.35.204.0/23 193.35.206.0/24 193.35.207.0/24 193.35.208.0/24 193.35.209.0/24 -193.35.210.0/22 +193.35.210.0/23 +193.35.212.0/23 193.35.214.0/24 193.35.215.0/24 193.35.216.0/24 @@ -41259,8 +46596,8 @@ 193.36.75.0/24 193.36.76.0/24 193.36.77.0/24 -193.36.78.0/22 -193.36.82.0/23 +193.36.78.0/23 +193.36.80.0/22 193.36.84.0/23 193.36.86.0/24 193.36.87.0/24 @@ -41311,8 +46648,10 @@ 193.37.47.0/24 193.37.48.0/20 193.37.64.0/21 -193.37.72.0/20 -193.37.88.0/20 +193.37.72.0/21 +193.37.80.0/21 +193.37.88.0/21 +193.37.96.0/21 193.37.104.0/22 193.37.108.0/23 193.37.110.0/24 @@ -41396,7 +46735,8 @@ 193.39.94.0/24 193.39.95.0/24 193.39.96.0/20 -193.39.120.0/20 +193.39.120.0/21 +193.39.128.0/21 193.39.136.0/24 193.39.137.0/24 193.39.138.0/24 @@ -41428,10 +46768,23 @@ 193.39.215.0/24 193.39.216.0/21 193.39.224.0/22 -193.39.228.0/21 -193.39.236.0/22 +193.39.228.0/24 +193.39.229.0/24 +193.39.230.0/24 +193.39.231.0/24 +193.39.232.0/24 +193.39.233.0/24 +193.39.234.0/24 +193.39.235.0/24 +193.39.236.0/24 +193.39.237.0/24 +193.39.238.0/24 +193.39.239.0/24 193.39.240.0/23 -193.39.242.0/22 +193.39.242.0/24 +193.39.243.0/24 +193.39.244.0/24 +193.39.245.0/24 193.39.246.0/24 193.39.247.0/24 193.39.250.0/24 @@ -41463,6 +46816,7 @@ 193.42.152.0/24 193.42.210.0/24 193.42.217.0/24 +193.43.0.64/27 193.43.64.0/24 193.43.79.0/24 193.43.93.0/24 @@ -41491,7 +46845,6 @@ 193.47.164.0/24 193.47.185.0/24 193.57.56.0/24 -193.58.0.24/28 193.58.0.56/29 193.58.64.0/22 193.58.68.0/23 @@ -41791,10 +47144,13 @@ 193.189.80.0/23 193.189.108.0/23 193.189.129.0/24 -193.189.130.0/22 +193.189.130.0/24 +193.189.131.0/24 +193.189.132.0/24 +193.189.133.0/24 193.189.140.0/24 -193.189.150.0/21 -193.189.158.0/23 +193.189.150.0/23 +193.189.152.0/21 193.189.192.0/19 193.192.13.0/24 193.192.32.0/23 @@ -41806,14 +47162,13 @@ 193.193.161.0/24 193.193.169.0/24 193.193.188.0/23 -193.194.22.0/21 -193.194.30.0/23 +193.194.22.0/23 +193.194.24.0/21 193.194.105.0/24 193.194.147.0/24 193.194.150.0/23 193.194.157.0/24 193.195.0.0/16 -193.200.7.0/24 193.200.23.0/24 193.200.25.0/24 193.200.27.0/24 @@ -41833,7 +47188,6 @@ 193.200.218.0/24 193.200.243.0/24 193.200.245.0/24 -193.200.254.0/24 193.201.38.0/24 193.201.41.0/24 193.201.42.0/24 @@ -41860,8 +47214,12 @@ 193.201.184.0/21 193.201.196.0/23 193.201.204.0/23 -193.202.1.0/22 -193.202.5.0/23 +193.202.1.0/24 +193.202.2.0/24 +193.202.3.0/24 +193.202.4.0/24 +193.202.5.0/24 +193.202.6.0/24 193.202.7.0/24 193.202.23.0/24 193.202.31.0/24 @@ -41897,7 +47255,14 @@ 193.219.118.0/24 193.219.120.0/24 193.219.122.0/24 -193.221.84.0/21 +193.221.84.0/24 +193.221.85.0/24 +193.221.86.0/24 +193.221.87.0/24 +193.221.88.0/24 +193.221.89.0/24 +193.221.90.0/24 +193.221.91.0/24 193.221.92.0/24 193.221.113.0/24 193.221.118.0/24 @@ -41929,7 +47294,6 @@ 193.239.112.0/22 193.239.160.0/23 193.239.174.0/23 -193.239.220.0/23 193.240.0.0/16 193.242.0.0/24 193.242.96.0/24 @@ -41938,7 +47302,8 @@ 193.242.110.0/24 193.242.113.0/24 193.242.114.0/24 -193.242.115.0/23 +193.242.115.0/24 +193.242.116.0/24 193.242.124.0/24 193.242.224.0/20 193.243.0.0/17 @@ -42070,7 +47435,10 @@ 194.32.112.0/20 194.32.128.0/20 194.32.144.0/24 -194.32.145.0/22 +194.32.145.0/24 +194.32.146.0/24 +194.32.147.0/24 +194.32.148.0/24 194.32.149.0/24 194.32.152.0/24 194.32.153.0/24 @@ -42095,7 +47463,8 @@ 194.32.176.0/20 194.32.192.0/22 194.32.196.0/24 -194.32.197.0/23 +194.32.197.0/24 +194.32.198.0/24 194.32.199.0/24 194.32.200.0/24 194.32.201.0/24 @@ -42132,10 +47501,14 @@ 194.33.34.0/23 194.33.36.0/22 194.33.40.0/24 -194.33.41.0/22 -194.33.45.0/23 -194.33.47.0/23 -194.33.49.0/24 +194.33.41.0/24 +194.33.42.0/24 +194.33.43.0/24 +194.33.44.0/24 +194.33.45.0/24 +194.33.46.0/24 +194.33.47.0/24 +194.33.48.0/23 194.33.50.0/23 194.33.52.0/22 194.33.56.0/23 @@ -42145,7 +47518,6 @@ 194.33.61.0/24 194.33.62.0/24 194.33.63.0/24 -194.33.64.0/18 194.33.128.0/20 194.33.144.0/22 194.33.148.0/24 @@ -42165,8 +47537,26 @@ 194.34.14.0/23 194.34.16.0/20 194.34.32.0/22 -194.34.36.0/20 -194.34.52.0/22 +194.34.36.0/24 +194.34.37.0/24 +194.34.38.0/24 +194.34.39.0/24 +194.34.40.0/24 +194.34.41.0/24 +194.34.42.0/24 +194.34.43.0/24 +194.34.44.0/24 +194.34.45.0/24 +194.34.46.0/24 +194.34.47.0/24 +194.34.48.0/24 +194.34.49.0/24 +194.34.50.0/24 +194.34.51.0/24 +194.34.52.0/24 +194.34.53.0/24 +194.34.54.0/24 +194.34.55.0/24 194.34.56.0/24 194.34.57.0/24 194.34.58.0/24 @@ -42205,15 +47595,32 @@ 194.34.196.0/23 194.34.199.0/24 194.34.200.0/22 -194.34.204.0/20 -194.34.220.0/23 +194.34.204.0/24 +194.34.205.0/24 +194.34.206.0/24 +194.34.207.0/24 +194.34.208.0/24 +194.34.209.0/24 +194.34.210.0/24 +194.34.211.0/24 +194.34.212.0/24 +194.34.213.0/24 +194.34.214.0/24 +194.34.215.0/24 +194.34.216.0/24 +194.34.217.0/24 +194.34.218.0/24 +194.34.219.0/24 +194.34.220.0/24 +194.34.221.0/24 194.34.222.0/24 194.34.223.0/24 194.34.224.0/19 194.35.0.0/21 194.35.8.0/23 194.35.10.0/24 -194.35.11.0/23 +194.35.11.0/24 +194.35.12.0/24 194.35.13.0/24 194.35.14.0/24 194.35.15.0/24 @@ -42277,8 +47684,12 @@ 194.35.128.0/19 194.35.160.0/20 194.35.176.0/24 -194.35.177.0/22 -194.35.181.0/23 +194.35.177.0/24 +194.35.178.0/24 +194.35.179.0/24 +194.35.180.0/24 +194.35.181.0/24 +194.35.182.0/24 194.35.183.0/24 194.35.184.0/23 194.35.186.0/24 @@ -42413,7 +47824,8 @@ 194.50.46.0/24 194.50.52.0/24 194.50.54.0/24 -194.50.55.0/23 +194.50.55.0/24 +194.50.56.0/24 194.50.59.0/24 194.50.62.0/24 194.50.80.0/24 @@ -42425,6 +47837,8 @@ 194.50.108.0/24 194.50.118.0/24 194.50.121.0/24 +194.50.153.0/24 +194.50.154.0/24 194.50.162.0/24 194.50.165.0/24 194.50.185.0/24 @@ -42461,8 +47875,12 @@ 194.60.205.0/24 194.60.208.0/21 194.60.216.0/24 -194.60.218.0/22 -194.60.222.0/23 +194.60.218.0/24 +194.60.219.0/24 +194.60.220.0/24 +194.60.221.0/24 +194.60.222.0/24 +194.60.223.0/24 194.60.224.0/23 194.61.0.0/20 194.61.16.0/21 @@ -42514,7 +47932,10 @@ 194.61.240.0/22 194.61.244.0/23 194.61.246.0/24 -194.61.247.0/22 +194.61.247.0/24 +194.61.248.0/24 +194.61.249.0/24 +194.61.250.0/24 194.61.251.0/24 194.61.252.0/22 194.62.1.0/24 @@ -42592,11 +48013,30 @@ 194.62.191.0/24 194.62.192.0/21 194.62.200.0/22 -194.62.204.0/21 -194.62.212.0/23 -194.62.214.0/21 -194.62.222.0/22 -194.62.226.0/23 +194.62.204.0/24 +194.62.205.0/24 +194.62.206.0/24 +194.62.207.0/24 +194.62.208.0/24 +194.62.209.0/24 +194.62.210.0/24 +194.62.211.0/24 +194.62.212.0/24 +194.62.213.0/24 +194.62.214.0/24 +194.62.215.0/24 +194.62.216.0/24 +194.62.217.0/24 +194.62.218.0/24 +194.62.219.0/24 +194.62.220.0/24 +194.62.221.0/24 +194.62.222.0/24 +194.62.223.0/24 +194.62.224.0/24 +194.62.225.0/24 +194.62.226.0/24 +194.62.227.0/24 194.62.228.0/22 194.62.232.0/24 194.62.235.0/24 @@ -42608,7 +48048,6 @@ 194.69.64.0/19 194.69.96.0/19 194.69.144.0/20 -194.69.198.0/23 194.69.203.0/24 194.70.0.0/16 194.72.0.0/16 @@ -42717,7 +48156,6 @@ 194.145.152.0/24 194.145.188.0/22 194.145.196.0/23 -194.145.208.0/23 194.145.210.0/23 194.145.214.0/23 194.145.220.0/23 @@ -42759,6 +48197,7 @@ 194.153.154.0/25 194.153.157.32/27 194.153.168.0/23 +194.153.184.0/24 194.153.218.0/24 194.154.0.0/19 194.154.32.0/19 @@ -42897,7 +48336,6 @@ 195.3.184.0/22 195.3.208.0/22 195.5.122.0/23 -195.5.167.0/24 195.5.169.0/24 195.5.175.0/24 195.5.189.0/24 @@ -42932,10 +48370,7 @@ 195.11.0.0/16 195.12.0.0/19 195.12.48.0/22 -195.13.32.0/23 -195.13.34.0/24 195.13.44.0/24 -195.13.50.0/23 195.13.64.0/18 195.14.10.0/24 195.14.16.0/24 @@ -42946,7 +48381,6 @@ 195.20.8.0/22 195.20.12.0/22 195.20.108.0/23 -195.20.112.0/23 195.20.141.0/24 195.20.155.0/24 195.20.200.0/23 @@ -43037,7 +48471,6 @@ 195.60.84.128/25 195.60.85.0/25 195.60.86.0/24 -195.60.87.128/25 195.60.95.128/25 195.60.164.0/23 195.60.170.0/23 @@ -43070,8 +48503,8 @@ 195.70.64.0/19 195.72.32.0/19 195.72.64.0/19 -195.72.113.0/23 -195.72.115.0/24 +195.72.113.0/24 +195.72.114.0/23 195.72.128.0/22 195.72.160.0/19 195.74.52.0/22 @@ -43156,7 +48589,6 @@ 195.135.208.0/22 195.137.0.0/17 195.137.176.0/24 -195.137.220.0/23 195.138.194.0/24 195.138.195.0/24 195.138.204.0/24 @@ -43174,7 +48606,8 @@ 195.144.0.0/24 195.144.5.0/24 195.144.8.0/24 -195.144.17.0/23 +195.144.17.0/24 +195.144.18.0/24 195.144.19.0/24 195.144.22.0/24 195.144.23.0/24 @@ -43233,7 +48666,6 @@ 195.182.13.0/24 195.182.30.0/24 195.182.37.0/24 -195.182.49.0/24 195.182.59.0/24 195.182.62.0/24 195.182.160.0/19 @@ -43256,6 +48688,7 @@ 195.191.66.0/23 195.191.70.0/23 195.191.86.0/23 +195.191.102.0/23 195.191.106.0/23 195.191.156.0/23 195.191.172.0/23 @@ -43322,7 +48755,6 @@ 195.234.167.0/24 195.234.174.0/24 195.234.175.0/24 -195.234.180.0/24 195.234.192.0/22 195.234.240.0/22 195.234.244.0/22 @@ -43388,7 +48820,8 @@ 199.103.64.0/22 199.103.82.0/23 199.103.86.0/24 -199.103.114.0/22 +199.103.114.0/23 +199.103.116.0/23 199.185.139.0/24 203.31.234.0/24 204.79.134.0/24 diff --git a/config/pf-blocker/lists/North_America_cidr.txt b/config/pf-blocker/lists/North_America_cidr.txt index d32f4a01..edfecfa5 100755..100644 --- a/config/pf-blocker/lists/North_America_cidr.txt +++ b/config/pf-blocker/lists/North_America_cidr.txt @@ -47,7 +47,7 @@ 216.137.0.0/20 # Country: BARBADOS # ISO Code: BB -# Total Networks: 17 +# Total Networks: 18 # Total Subnets: 140,032 64.119.192.0/20 65.48.128.0/17 @@ -58,7 +58,8 @@ 196.1.160.0/20 196.3.192.0/19 198.245.160.0/24 -198.246.229.0/23 +198.246.229.0/24 +198.246.230.0/24 199.7.112.0/21 199.47.52.0/22 199.58.152.0/22 @@ -118,8 +119,8 @@ # Total Subnets: 0 # Country: CANADA # ISO Code: CA -# Total Networks: 6,260 -# Total Subnets: 80,515,840 +# Total Networks: 6,365 +# Total Subnets: 79,978,496 23.16.0.0/16 23.17.0.0/16 24.36.0.0/16 @@ -132,6 +133,7 @@ 24.52.192.0/18 24.53.0.0/18 24.53.224.0/20 +24.53.240.0/20 24.54.0.0/18 24.57.0.0/16 24.64.0.0/13 @@ -169,6 +171,7 @@ 24.157.128.0/17 24.200.0.0/14 24.204.144.0/20 +24.204.192.0/18 24.207.0.0/17 24.212.0.0/17 24.212.128.0/17 @@ -195,7 +198,11 @@ 24.245.224.0/20 24.246.0.0/18 24.246.64.0/19 -47.0.0.0/8 +47.0.0.0/12 +47.24.0.0/13 +47.32.0.0/11 +47.64.0.0/10 +47.128.0.0/9 50.21.128.0/20 50.21.160.0/20 50.21.224.0/20 @@ -377,7 +384,8 @@ 66.241.128.0/20 66.242.96.0/20 66.244.128.0/23 -66.244.133.0/23 +66.244.133.0/24 +66.244.134.0/24 66.244.140.0/22 66.244.192.0/18 66.252.144.0/20 @@ -499,8 +507,8 @@ 69.171.128.0/19 69.171.208.0/20 69.172.64.0/18 -69.172.144.0/19 -69.172.176.0/20 +69.172.144.0/20 +69.172.160.0/19 69.173.32.0/19 69.176.160.0/19 69.196.0.0/19 @@ -623,6 +631,7 @@ 74.216.0.0/16 74.220.160.0/19 74.221.16.0/20 +74.221.128.0/20 75.98.192.0/20 75.119.224.0/19 75.152.0.0/13 @@ -709,6 +718,8 @@ 108.174.16.0/20 108.174.128.0/20 108.174.160.0/20 +108.175.80.0/20 +108.175.224.0/20 128.43.0.0/16 128.100.0.0/16 128.144.0.0/16 @@ -728,7 +739,9 @@ 131.129.0.0/16 131.132.0.0/16 131.133.0.0/16 -131.134.0.0/13 +131.134.0.0/15 +131.136.0.0/14 +131.140.0.0/15 131.147.0.0/16 131.148.0.0/16 131.149.0.0/16 @@ -741,25 +754,27 @@ 131.150.24.0/22 131.150.28.0/23 131.150.30.0/24 -131.150.32.0/22 -131.150.36.0/20 +131.150.32.0/20 +131.150.48.0/22 131.150.52.0/23 131.150.54.0/24 131.150.56.0/22 131.150.60.0/23 -131.150.63.0/20 -131.150.79.0/24 +131.150.63.0/24 +131.150.64.0/20 131.150.84.0/22 -131.150.88.0/19 -131.150.120.0/23 -131.150.122.0/21 -131.150.132.0/23 -131.150.134.0/22 -131.150.138.0/19 -131.150.170.0/20 -131.150.186.0/22 -131.150.191.0/18 -131.150.255.0/24 +131.150.88.0/21 +131.150.96.0/19 +131.150.128.0/23 +131.150.132.0/22 +131.150.136.0/21 +131.150.144.0/20 +131.150.160.0/20 +131.150.176.0/21 +131.150.184.0/22 +131.150.188.0/23 +131.150.191.0/24 +131.150.192.0/18 131.162.0.0/16 131.163.0.0/16 131.195.0.0/16 @@ -798,10 +813,9 @@ 134.153.0.0/16 134.190.0.0/16 134.199.0.0/16 +135.0.0.0/16 135.12.0.0/16 135.181.0.0/16 -136.146.0.0/16 -136.147.0.0/16 136.159.0.0/16 137.15.0.0/16 137.74.0.0/16 @@ -886,6 +900,7 @@ 142.51.0.0/16 142.52.0.0/16 142.53.0.0/16 +142.54.48.0/20 142.55.0.0/16 142.56.0.0/16 142.57.0.0/16 @@ -1325,7 +1340,9 @@ 192.58.245.0/24 192.64.38.0/24 192.64.159.0/24 -192.64.161.0/22 +192.64.161.0/24 +192.64.162.0/23 +192.64.164.0/24 192.67.9.0/24 192.67.45.0/24 192.67.105.0/24 @@ -1335,7 +1352,10 @@ 192.68.56.0/21 192.68.64.0/23 192.68.66.0/24 -192.68.67.0/21 +192.68.67.0/24 +192.68.68.0/22 +192.68.72.0/23 +192.68.74.0/24 192.68.131.0/24 192.68.137.0/24 192.68.184.0/24 @@ -1537,7 +1557,10 @@ 192.75.210.0/24 192.75.212.0/24 192.75.213.0/24 -192.75.214.0/20 +192.75.214.0/23 +192.75.216.0/21 +192.75.224.0/22 +192.75.228.0/23 192.75.230.0/24 192.75.231.0/24 192.75.232.0/24 @@ -1659,7 +1682,8 @@ 192.139.35.0/24 192.139.36.0/24 192.139.37.0/24 -192.139.38.0/22 +192.139.38.0/23 +192.139.40.0/23 192.139.42.0/24 192.139.43.0/24 192.139.44.0/24 @@ -1730,7 +1754,8 @@ 192.139.122.0/24 192.139.123.0/24 192.139.124.0/24 -192.139.125.0/23 +192.139.125.0/24 +192.139.126.0/24 192.139.127.0/24 192.139.129.0/24 192.139.130.0/24 @@ -2006,7 +2031,8 @@ 192.197.249.0/24 192.197.250.0/23 192.197.252.0/24 -192.197.253.0/23 +192.197.253.0/24 +192.197.254.0/24 192.203.106.0/24 192.203.107.0/24 192.203.197.0/24 @@ -2032,7 +2058,11 @@ 192.210.8.0/23 192.210.10.0/24 192.210.64.0/18 -192.219.1.0/20 +192.219.1.0/24 +192.219.2.0/23 +192.219.4.0/22 +192.219.8.0/21 +192.219.16.0/24 192.219.17.0/24 192.219.18.0/23 192.219.20.0/22 @@ -2044,8 +2074,8 @@ 192.219.32.0/19 192.219.64.0/21 192.219.72.0/22 -192.219.76.0/21 -192.219.84.0/22 +192.219.76.0/22 +192.219.80.0/21 192.219.88.0/24 192.219.89.0/24 192.219.90.0/24 @@ -2120,7 +2150,10 @@ 192.219.252.0/24 192.219.253.0/24 192.219.254.0/24 -192.222.1.0/21 +192.222.1.0/24 +192.222.2.0/23 +192.222.4.0/22 +192.222.8.0/24 192.226.32.0/19 192.228.1.0/24 192.228.2.0/23 @@ -2237,7 +2270,9 @@ 198.73.92.0/24 198.73.93.0/24 198.73.94.0/24 -198.73.105.0/22 +198.73.105.0/24 +198.73.106.0/23 +198.73.108.0/24 198.73.109.0/24 198.73.110.0/23 198.73.112.0/22 @@ -2351,9 +2386,9 @@ 198.96.39.0/24 198.96.40.0/22 198.96.44.0/23 -198.96.46.0/21 -198.96.54.0/22 -198.96.58.0/23 +198.96.46.0/23 +198.96.48.0/21 +198.96.56.0/22 198.96.60.0/24 198.96.61.0/24 198.96.62.0/24 @@ -2365,8 +2400,8 @@ 198.96.96.0/20 198.96.112.0/24 198.96.113.0/24 -198.96.114.0/24 -198.96.115.0/23 +198.96.114.0/23 +198.96.116.0/24 198.96.117.0/24 198.96.118.0/23 198.96.120.0/24 @@ -2392,7 +2427,8 @@ 198.96.155.0/24 198.96.156.0/22 198.96.160.0/21 -198.96.168.0/20 +198.96.168.0/21 +198.96.176.0/21 198.96.184.0/24 198.96.185.0/24 198.96.186.0/24 @@ -2504,7 +2540,9 @@ 198.161.126.0/24 198.161.127.0/24 198.161.128.0/22 -198.161.148.0/20 +198.161.148.0/22 +198.161.152.0/21 +198.161.160.0/22 198.161.164.0/24 198.161.172.0/21 198.161.180.0/24 @@ -2520,7 +2558,8 @@ 198.161.191.0/24 198.161.192.0/24 198.161.193.0/24 -198.161.194.0/22 +198.161.194.0/23 +198.161.196.0/23 198.161.198.0/23 198.161.203.0/24 198.161.204.0/24 @@ -2613,7 +2652,8 @@ 198.162.159.0/24 198.162.160.0/19 198.162.208.0/20 -198.162.226.0/22 +198.162.226.0/23 +198.162.228.0/23 198.162.231.0/24 198.162.232.0/22 198.162.236.0/24 @@ -2650,12 +2690,11 @@ 198.163.31.0/24 198.163.40.0/21 198.163.48.0/23 -198.163.50.0/24 -198.163.51.0/23 -198.163.53.0/22 -198.163.57.0/21 -198.163.65.0/22 -198.163.69.0/24 +198.163.50.0/23 +198.163.52.0/22 +198.163.56.0/21 +198.163.64.0/22 +198.163.68.0/23 198.163.70.0/24 198.163.71.0/24 198.163.72.0/23 @@ -2826,8 +2865,8 @@ 198.169.56.0/22 198.169.60.0/24 198.169.64.0/19 -198.169.100.0/21 -198.169.108.0/22 +198.169.100.0/22 +198.169.104.0/21 198.169.112.0/21 198.169.120.0/22 198.169.124.0/24 @@ -2858,7 +2897,9 @@ 198.169.178.0/24 198.169.179.0/24 198.169.180.0/24 -198.169.181.0/22 +198.169.181.0/24 +198.169.182.0/23 +198.169.184.0/24 198.169.185.0/24 198.169.186.0/23 198.169.190.0/23 @@ -2925,8 +2966,10 @@ 198.235.140.0/22 198.235.144.0/24 198.235.145.0/24 -198.235.146.0/22 -198.235.150.0/22 +198.235.146.0/23 +198.235.148.0/23 +198.235.150.0/23 +198.235.152.0/23 198.235.154.0/24 198.235.155.0/24 198.235.156.0/22 @@ -2939,11 +2982,14 @@ 198.235.183.0/24 198.235.184.0/24 198.235.185.0/24 -198.235.186.0/21 +198.235.186.0/23 +198.235.188.0/22 +198.235.192.0/23 198.235.194.0/23 198.235.196.0/24 198.235.197.0/24 -198.235.198.0/22 +198.235.198.0/23 +198.235.200.0/23 198.235.202.0/24 198.235.203.0/24 198.235.206.0/23 @@ -2951,10 +2997,15 @@ 198.235.210.0/23 198.235.212.0/22 198.235.216.0/22 -198.235.220.0/20 +198.235.220.0/22 +198.235.224.0/21 +198.235.232.0/22 198.235.236.0/24 198.235.237.0/24 -198.235.238.0/20 +198.235.238.0/23 +198.235.240.0/21 +198.235.248.0/22 +198.235.252.0/23 198.235.254.0/24 199.7.87.0/24 199.7.88.0/23 @@ -2982,7 +3033,8 @@ 199.21.148.0/22 199.21.180.0/22 199.21.216.0/22 -199.22.0.0/14 +199.22.0.0/15 +199.24.0.0/15 199.26.68.0/22 199.26.80.0/22 199.27.180.0/22 @@ -3019,8 +3071,8 @@ 199.43.160.0/21 199.43.168.0/23 199.43.170.0/23 -199.43.172.0/21 -199.43.180.0/22 +199.43.172.0/22 +199.43.176.0/21 199.43.199.0/24 199.43.200.0/22 199.43.204.0/23 @@ -3075,7 +3127,8 @@ 199.60.112.0/22 199.60.117.0/24 199.60.118.0/24 -199.60.119.0/23 +199.60.119.0/24 +199.60.120.0/24 199.60.121.0/24 199.60.122.0/24 199.60.123.0/24 @@ -3091,17 +3144,22 @@ 199.60.208.0/23 199.60.210.0/23 199.60.212.0/24 -199.60.213.0/23 +199.60.213.0/24 +199.60.214.0/24 199.60.215.0/24 199.60.216.0/23 -199.60.218.0/22 +199.60.218.0/23 +199.60.220.0/23 199.60.222.0/24 -199.60.223.0/23 +199.60.223.0/24 +199.60.224.0/24 199.60.225.0/24 199.60.226.0/23 199.60.228.0/23 199.60.230.0/23 -199.60.233.0/22 +199.60.233.0/24 +199.60.234.0/23 +199.60.236.0/24 199.60.237.0/24 199.60.238.0/24 199.60.239.0/24 @@ -3124,9 +3182,9 @@ 199.71.9.0/24 199.71.10.0/23 199.71.12.0/24 -199.71.13.0/20 -199.71.29.0/23 -199.71.31.0/24 +199.71.13.0/24 +199.71.14.0/23 +199.71.16.0/20 199.71.32.0/20 199.71.48.0/22 199.71.52.0/22 @@ -3198,7 +3256,8 @@ 199.71.240.0/22 199.71.244.0/21 199.71.252.0/24 -199.71.253.0/23 +199.71.253.0/24 +199.71.254.0/24 199.83.84.0/22 199.83.136.0/22 199.83.152.0/21 @@ -3215,7 +3274,8 @@ 199.84.38.0/23 199.84.40.0/24 199.84.41.0/24 -199.84.42.0/22 +199.84.42.0/23 +199.84.44.0/23 199.84.46.0/23 199.84.48.0/22 199.84.52.0/23 @@ -3268,7 +3328,8 @@ 199.84.192.0/20 199.84.208.0/22 199.84.212.0/22 -199.84.216.0/20 +199.84.216.0/21 +199.84.224.0/21 199.84.232.0/21 199.84.240.0/23 199.84.242.0/24 @@ -3345,10 +3406,16 @@ 199.101.56.0/21 199.101.164.0/22 199.101.212.0/22 +199.102.96.0/21 199.102.128.0/22 199.102.156.0/22 199.102.200.0/21 199.103.56.0/21 +199.114.232.0/22 +199.114.252.0/22 +199.115.64.0/21 +199.115.88.0/21 +199.115.124.0/22 199.115.152.0/22 199.115.156.0/23 199.115.158.0/24 @@ -3358,7 +3425,9 @@ 199.119.216.0/22 199.119.232.0/22 199.119.252.0/22 +199.122.116.0/22 199.126.0.0/16 +199.127.108.0/22 199.127.128.0/22 199.127.172.0/22 199.164.129.0/24 @@ -3374,7 +3443,8 @@ 199.166.21.0/24 199.166.22.0/24 199.166.23.0/24 -199.166.34.0/22 +199.166.34.0/23 +199.166.36.0/23 199.166.38.0/24 199.166.39.0/24 199.166.40.0/21 @@ -3385,7 +3455,8 @@ 199.166.176.0/21 199.166.184.0/22 199.166.188.0/23 -199.166.190.0/22 +199.166.190.0/23 +199.166.192.0/23 199.166.194.0/24 199.166.195.0/24 199.166.196.0/23 @@ -3408,9 +3479,11 @@ 199.166.220.0/22 199.166.224.0/23 199.166.226.0/24 -199.166.227.0/23 +199.166.227.0/24 +199.166.228.0/24 199.166.229.0/24 -199.166.230.0/22 +199.166.230.0/23 +199.166.232.0/23 199.166.234.0/23 199.166.236.0/24 199.166.237.0/24 @@ -3423,6 +3496,8 @@ 199.166.252.0/24 199.166.253.0/24 199.166.254.0/24 +199.167.16.0/21 +199.167.24.0/22 199.167.128.0/22 199.167.136.0/22 199.167.140.0/22 @@ -3494,7 +3569,8 @@ 199.175.228.0/24 199.175.229.0/24 199.175.230.0/24 -199.175.231.0/23 +199.175.231.0/24 +199.175.232.0/24 199.175.233.0/24 199.175.234.0/23 199.175.236.0/23 @@ -3553,11 +3629,12 @@ 199.185.136.0/23 199.185.138.0/24 199.185.140.0/22 -199.185.144.0/21 -199.185.152.0/20 +199.185.144.0/20 +199.185.160.0/21 199.185.168.0/24 199.185.169.0/24 -199.185.170.0/22 +199.185.170.0/23 +199.185.172.0/23 199.185.176.0/23 199.185.178.0/24 199.185.179.0/24 @@ -3616,16 +3693,16 @@ 199.198.0.0/17 199.198.128.0/21 199.198.136.0/22 -199.198.140.0/20 -199.198.156.0/21 -199.198.164.0/20 -199.198.180.0/22 +199.198.140.0/22 +199.198.144.0/20 +199.198.160.0/20 +199.198.176.0/21 199.198.184.0/23 199.198.186.0/24 -199.198.187.0/22 -199.198.191.0/20 -199.198.207.0/23 -199.198.209.0/24 +199.198.187.0/24 +199.198.188.0/22 +199.198.192.0/20 +199.198.208.0/23 199.198.212.0/24 199.198.216.0/23 199.198.218.0/24 @@ -3633,8 +3710,8 @@ 199.202.32.0/19 199.202.64.0/24 199.202.65.0/24 -199.202.66.0/22 -199.202.70.0/23 +199.202.66.0/23 +199.202.68.0/22 199.202.72.0/24 199.202.73.0/24 199.202.74.0/23 @@ -3647,7 +3724,8 @@ 199.202.90.0/24 199.202.91.0/24 199.202.92.0/24 -199.202.93.0/23 +199.202.93.0/24 +199.202.94.0/24 199.202.95.0/24 199.202.96.0/22 199.202.100.0/23 @@ -3665,11 +3743,14 @@ 199.202.140.0/22 199.202.144.0/23 199.202.146.0/24 -199.202.147.0/23 -199.202.149.0/23 +199.202.147.0/24 +199.202.148.0/24 +199.202.149.0/24 +199.202.150.0/24 199.202.151.0/24 199.202.152.0/24 -199.202.153.0/23 +199.202.153.0/24 +199.202.154.0/24 199.202.155.0/24 199.202.156.0/22 199.202.160.0/21 @@ -3736,7 +3817,6 @@ 199.212.52.0/24 199.212.53.0/24 199.212.54.0/23 -199.212.57.0/24 199.212.58.0/23 199.212.60.0/23 199.212.62.0/24 @@ -3753,12 +3833,15 @@ 199.212.94.0/24 199.212.96.0/20 199.212.112.0/23 -199.212.114.0/22 +199.212.114.0/23 +199.212.116.0/23 199.212.118.0/24 199.212.119.0/24 199.212.120.0/22 199.212.125.0/24 -199.212.126.0/21 +199.212.126.0/23 +199.212.128.0/22 +199.212.132.0/23 199.212.134.0/23 199.212.136.0/23 199.212.138.0/24 @@ -3767,7 +3850,8 @@ 199.212.142.0/24 199.212.143.0/24 199.212.144.0/24 -199.212.145.0/23 +199.212.145.0/24 +199.212.146.0/24 199.212.147.0/24 199.212.148.0/22 199.212.152.0/21 @@ -3788,7 +3872,9 @@ 199.212.250.0/23 199.212.252.0/23 199.212.254.0/24 -199.213.0.0/14 +199.213.0.0/16 +199.214.0.0/15 +199.216.0.0/16 199.233.171.0/24 199.233.183.0/24 199.233.184.0/24 @@ -3814,7 +3900,8 @@ 199.246.36.0/23 199.246.38.0/23 199.246.40.0/24 -199.246.41.0/23 +199.246.41.0/24 +199.246.42.0/24 199.246.43.0/24 199.246.44.0/23 199.246.46.0/24 @@ -3880,7 +3967,8 @@ 199.246.214.0/24 199.246.215.0/24 199.246.216.0/23 -199.246.218.0/22 +199.246.218.0/23 +199.246.220.0/23 199.246.222.0/23 199.246.224.0/23 199.246.226.0/24 @@ -3894,6 +3982,7 @@ 199.246.254.0/24 199.247.0.0/17 199.247.128.0/17 +199.248.208.0/24 199.249.112.0/20 199.250.8.0/22 199.250.12.0/23 @@ -3911,6 +4000,7 @@ 204.9.80.0/22 204.9.160.0/21 204.10.56.0/22 +204.10.72.0/22 204.10.200.0/21 204.10.240.0/22 204.11.48.0/21 @@ -4025,11 +4115,13 @@ 204.19.188.0/22 204.19.192.0/21 204.19.206.0/23 -204.19.209.0/23 +204.19.209.0/24 +204.19.210.0/24 204.19.211.0/24 204.19.212.0/22 204.19.216.0/24 -204.19.217.0/23 +204.19.217.0/24 +204.19.218.0/24 204.19.219.0/24 204.19.220.0/24 204.19.221.0/24 @@ -4087,9 +4179,12 @@ 204.126.156.0/23 204.130.167.0/24 204.136.12.0/22 -204.138.1.0/20 -204.138.17.0/21 -204.138.25.0/24 +204.138.1.0/24 +204.138.2.0/23 +204.138.4.0/22 +204.138.8.0/21 +204.138.16.0/21 +204.138.24.0/23 204.138.27.0/24 204.138.28.0/24 204.138.29.0/24 @@ -4128,7 +4223,8 @@ 204.138.93.0/24 204.138.95.0/24 204.138.96.0/24 -204.138.97.0/23 +204.138.97.0/24 +204.138.98.0/24 204.138.103.0/24 204.138.105.0/24 204.138.106.0/23 @@ -4341,8 +4437,8 @@ 204.187.105.0/24 204.187.106.0/23 204.187.108.0/22 -204.187.112.0/23 -204.187.114.0/22 +204.187.112.0/22 +204.187.116.0/23 204.187.118.0/23 204.187.120.0/22 204.187.124.0/23 @@ -4494,9 +4590,9 @@ 204.209.216.0/22 204.209.220.0/23 204.209.222.0/24 -204.209.223.0/20 -204.209.239.0/21 -204.209.247.0/24 +204.209.223.0/24 +204.209.224.0/20 +204.209.240.0/21 204.209.248.0/23 204.209.250.0/24 204.209.251.0/24 @@ -4513,7 +4609,6 @@ 204.225.36.0/24 204.225.37.0/24 204.225.40.0/23 -204.225.42.0/23 204.225.44.0/23 204.225.46.0/23 204.225.48.0/24 @@ -4681,14 +4776,16 @@ 204.239.76.0/22 204.239.80.0/23 204.239.82.0/24 -204.239.83.0/22 +204.239.83.0/24 +204.239.84.0/23 +204.239.86.0/24 204.239.87.0/24 204.239.88.0/23 204.239.90.0/24 204.239.91.0/24 204.239.92.0/22 -204.239.96.0/21 -204.239.104.0/20 +204.239.96.0/20 +204.239.112.0/21 204.239.120.0/24 204.239.121.0/24 204.239.122.0/23 @@ -4849,7 +4946,8 @@ 205.151.214.0/24 205.151.215.0/24 205.151.216.0/24 -205.151.217.0/23 +205.151.217.0/24 +205.151.218.0/24 205.151.219.0/24 205.151.220.0/23 205.151.222.0/23 @@ -4867,6 +4965,8 @@ 205.151.250.0/23 205.151.252.0/23 205.151.254.0/24 +205.166.22.0/24 +205.166.179.0/24 205.172.43.0/24 205.173.71.0/24 205.173.125.0/24 @@ -4936,7 +5036,8 @@ 205.189.110.0/24 205.189.111.0/24 205.189.117.0/24 -205.189.118.0/22 +205.189.118.0/23 +205.189.120.0/23 205.189.122.0/24 205.189.123.0/24 205.189.124.0/24 @@ -5105,8 +5206,8 @@ 205.207.188.0/24 205.207.189.0/24 205.207.190.0/23 -205.207.192.0/22 -205.207.196.0/21 +205.207.192.0/21 +205.207.200.0/22 205.207.204.0/24 205.207.205.0/24 205.207.206.0/24 @@ -5130,7 +5231,8 @@ 205.207.234.0/24 205.207.235.0/24 205.207.236.0/24 -205.207.237.0/23 +205.207.237.0/24 +205.207.238.0/24 205.207.239.0/24 205.207.240.0/24 205.207.241.0/24 @@ -5145,9 +5247,12 @@ 205.209.1.0/24 205.209.2.0/23 205.209.4.0/24 -205.209.5.0/23 +205.209.5.0/24 +205.209.6.0/24 205.209.8.0/24 -205.210.1.0/23 +205.209.10.0/23 +205.210.1.0/24 +205.210.2.0/24 205.210.3.0/24 205.210.4.0/24 205.210.5.0/24 @@ -5212,7 +5317,9 @@ 205.210.105.0/24 205.210.106.0/24 205.210.107.0/24 -205.210.108.0/20 +205.210.108.0/22 +205.210.112.0/21 +205.210.120.0/22 205.210.124.0/24 205.210.126.0/24 205.210.127.0/24 @@ -5290,7 +5397,6 @@ 205.211.80.0/24 205.211.81.0/24 205.211.82.0/24 -205.211.83.0/24 205.211.84.0/22 205.211.88.0/23 205.211.90.0/24 @@ -5983,8 +6089,8 @@ 207.34.2.0/24 207.34.3.0/24 207.34.4.0/24 -207.34.12.0/21 -207.34.20.0/22 +207.34.12.0/22 +207.34.16.0/21 207.34.24.0/21 207.34.48.0/20 207.34.64.0/18 @@ -6397,8 +6503,8 @@ 216.144.80.0/20 # Country: COSTA RICA # ISO Code: CR -# Total Networks: 70 -# Total Subnets: 1,922,304 +# Total Networks: 75 +# Total Subnets: 1,944,832 144.22.0.0/16 144.23.0.0/16 163.178.0.0/16 @@ -6411,12 +6517,14 @@ 186.32.160.0/19 186.32.192.0/19 186.64.128.0/17 +186.96.80.0/20 186.148.212.0/22 186.159.128.0/17 186.176.0.0/17 186.176.128.0/17 186.177.0.0/17 190.0.224.0/21 +190.2.216.0/21 190.4.88.0/21 190.7.160.0/20 190.7.192.0/20 @@ -6426,6 +6534,8 @@ 190.10.64.0/18 190.14.152.0/22 190.93.160.0/20 +190.93.240.0/20 +190.102.32.0/20 190.103.188.0/22 190.106.64.0/20 190.108.72.0/22 @@ -6468,6 +6578,7 @@ 200.122.160.0/19 201.191.0.0/16 201.192.0.0/12 +201.218.160.0/19 201.237.0.0/16 # Country: CUBA # ISO Code: CU @@ -6502,8 +6613,8 @@ 199.127.196.0/22 # Country: DOMINICAN REPUBLIC # ISO Code: DO -# Total Networks: 58 -# Total Subnets: 839,168 +# Total Networks: 59 +# Total Subnets: 841,216 64.32.64.0/18 66.98.0.0/18 66.98.64.0/19 @@ -6527,6 +6638,7 @@ 190.94.32.0/19 190.94.64.0/18 190.103.180.0/22 +190.106.112.0/21 190.110.0.0/19 190.110.32.0/19 190.122.96.0/20 @@ -6564,10 +6676,11 @@ 204.126.128.0/23 # Country: EL SALVADOR # ISO Code: SV -# Total Networks: 33 -# Total Subnets: 573,696 +# Total Networks: 34 +# Total Subnets: 575,744 168.243.0.0/16 186.32.64.0/18 +186.32.248.0/21 190.5.128.0/19 190.53.0.0/17 190.53.128.0/17 @@ -6625,11 +6738,12 @@ 208.94.168.0/22 # Country: GUATEMALA # ISO Code: GT -# Total Networks: 48 -# Total Subnets: 529,664 +# Total Networks: 51 +# Total Subnets: 552,192 168.234.0.0/16 186.32.128.0/19 -186.32.224.0/19 +186.32.224.0/20 +186.32.240.0/21 186.151.0.0/16 190.0.192.0/19 190.4.0.0/19 @@ -6640,10 +6754,12 @@ 190.99.0.0/20 190.99.16.0/21 190.104.112.0/20 +190.106.192.0/19 190.111.0.0/19 190.115.0.0/20 190.121.192.0/20 190.143.128.0/18 +190.143.192.0/18 190.148.0.0/16 190.149.0.0/16 190.151.128.0/22 @@ -6699,8 +6815,8 @@ 200.113.224.0/19 # Country: HONDURAS # ISO Code: HN -# Total Networks: 31 -# Total Subnets: 143,360 +# Total Networks: 32 +# Total Subnets: 143,616 186.2.128.0/19 186.96.252.0/22 190.5.64.0/19 @@ -6730,11 +6846,12 @@ 200.107.120.0/21 200.107.208.0/21 200.107.232.0/21 +200.115.176.0/24 201.190.0.0/18 201.220.128.0/20 # Country: JAMAICA # ISO Code: JM -# Total Networks: 35 +# Total Networks: 36 # Total Subnets: 202,752 63.143.64.0/18 65.183.0.0/20 @@ -6767,7 +6884,8 @@ 207.204.64.0/18 207.254.128.0/20 208.131.160.0/19 -208.138.16.0/19 +208.138.16.0/20 +208.138.32.0/20 208.163.32.0/19 209.236.0.0/18 216.10.208.0/20 @@ -6777,8 +6895,8 @@ # Total Subnets: 0 # Country: MEXICO # ISO Code: MX -# Total Networks: 953 -# Total Subnets: 25,326,336 +# Total Networks: 958 +# Total Subnets: 25,862,912 131.178.0.0/16 132.247.0.0/16 132.248.0.0/16 @@ -6856,8 +6974,10 @@ 187.189.0.0/16 187.190.0.0/16 187.191.0.0/18 +187.191.64.0/19 187.192.0.0/11 187.224.0.0/12 +187.240.0.0/13 189.128.0.0/11 189.160.0.0/11 189.192.0.0/13 @@ -7570,6 +7690,7 @@ 201.131.116.0/24 201.131.117.0/24 201.131.120.0/24 +201.131.128.0/21 201.131.192.0/21 201.131.232.0/22 201.131.248.0/24 @@ -7649,6 +7770,7 @@ 201.158.80.0/21 201.158.88.0/21 201.158.96.0/21 +201.158.104.0/22 201.158.128.0/19 201.158.160.0/19 201.158.192.0/18 @@ -7660,6 +7782,7 @@ 201.159.64.0/21 201.159.80.0/22 201.159.96.0/21 +201.159.104.0/22 201.159.128.0/20 201.159.160.0/21 201.159.176.0/22 @@ -7796,13 +7919,14 @@ 216.152.160.0/20 # Country: NICARAGUA # ISO Code: NI -# Total Networks: 28 -# Total Subnets: 365,312 +# Total Networks: 29 +# Total Subnets: 369,408 165.98.0.0/16 186.1.0.0/18 186.76.0.0/16 186.77.0.0/16 190.106.0.0/19 +190.106.48.0/20 190.124.32.0/21 190.181.128.0/18 190.184.0.0/18 @@ -7828,8 +7952,8 @@ 200.125.168.0/21 # Country: PANAMA # ISO Code: PA -# Total Networks: 105 -# Total Subnets: 1,572,864 +# Total Networks: 107 +# Total Subnets: 1,573,376 91.213.209.0/24 168.77.0.0/16 186.1.128.0/19 @@ -7920,8 +8044,10 @@ 200.115.128.0/20 200.115.144.0/20 200.115.160.0/20 +200.115.177.0/24 200.124.0.0/20 200.124.16.0/20 +200.124.127.0/24 201.182.0.0/16 201.190.128.0/17 201.218.64.0/19 @@ -7937,8 +8063,8 @@ 206.224.32.0/19 # Country: PUERTO RICO # ISO Code: PR -# Total Networks: 100 -# Total Subnets: 992,256 +# Total Networks: 103 +# Total Subnets: 1,000,704 24.41.128.0/17 24.42.0.0/18 24.48.192.0/18 @@ -7946,6 +8072,7 @@ 24.54.192.0/18 24.55.64.0/18 24.55.160.0/19 +24.137.224.0/19 24.138.192.0/18 24.139.64.0/18 24.139.128.0/17 @@ -8010,7 +8137,8 @@ 196.42.0.0/18 198.55.16.0/21 198.55.24.0/23 -198.204.71.0/23 +198.204.71.0/24 +198.204.72.0/24 198.245.139.0/24 199.7.168.0/22 199.7.208.0/22 @@ -8033,6 +8161,7 @@ 206.248.64.0/18 207.150.240.0/20 207.166.112.0/20 +207.174.136.0/24 207.204.128.0/18 208.54.176.0/20 208.80.236.0/22 @@ -8045,35 +8174,202 @@ # Total Subnets: 0 # Country: SAINT KITTS AND NEVIS # ISO Code: KN -# Total Networks: 33 +# Total Networks: 200 # Total Subnets: 62,464 83.143.168.0/21 93.95.16.0/21 -198.32.0.0/23 -198.32.2.0/19 -198.32.34.0/18 +198.32.0.0/24 +198.32.1.0/24 +198.32.2.0/24 +198.32.3.0/24 +198.32.4.0/24 +198.32.5.0/24 +198.32.6.0/24 +198.32.7.0/24 +198.32.8.0/24 +198.32.9.0/24 +198.32.10.0/24 +198.32.11.0/24 +198.32.12.0/24 +198.32.13.0/24 +198.32.14.0/24 +198.32.15.0/24 +198.32.16.0/24 +198.32.17.0/24 +198.32.18.0/24 +198.32.19.0/24 +198.32.20.0/24 +198.32.21.0/24 +198.32.22.0/24 +198.32.23.0/24 +198.32.24.0/24 +198.32.25.0/24 +198.32.26.0/24 +198.32.27.0/24 +198.32.28.0/24 +198.32.29.0/24 +198.32.30.0/24 +198.32.31.0/24 +198.32.32.0/24 +198.32.33.0/24 +198.32.34.0/24 +198.32.35.0/24 +198.32.36.0/24 +198.32.37.0/24 +198.32.38.0/24 +198.32.39.0/24 +198.32.40.0/24 +198.32.41.0/24 +198.32.42.0/24 +198.32.43.0/24 +198.32.44.0/24 +198.32.45.0/24 +198.32.46.0/24 +198.32.47.0/24 +198.32.48.0/24 +198.32.49.0/24 +198.32.50.0/24 +198.32.51.0/24 +198.32.52.0/24 +198.32.53.0/24 +198.32.54.0/24 +198.32.55.0/24 +198.32.56.0/24 +198.32.57.0/24 +198.32.58.0/24 +198.32.59.0/24 +198.32.60.0/24 +198.32.61.0/24 +198.32.62.0/24 +198.32.63.0/24 +198.32.64.0/24 +198.32.65.0/24 +198.32.66.0/24 +198.32.67.0/24 +198.32.68.0/24 +198.32.69.0/24 +198.32.70.0/24 +198.32.71.0/24 +198.32.72.0/24 +198.32.73.0/24 +198.32.74.0/24 +198.32.75.0/24 +198.32.76.0/24 +198.32.77.0/24 +198.32.78.0/24 +198.32.79.0/24 +198.32.80.0/24 +198.32.81.0/24 +198.32.82.0/24 +198.32.83.0/24 +198.32.84.0/24 +198.32.85.0/24 +198.32.86.0/24 +198.32.87.0/24 +198.32.88.0/24 +198.32.89.0/24 +198.32.90.0/24 +198.32.91.0/24 +198.32.92.0/24 +198.32.93.0/24 +198.32.94.0/24 +198.32.95.0/24 +198.32.96.0/24 +198.32.97.0/24 198.32.98.0/24 198.32.126.0/23 198.32.130.0/23 198.32.136.0/21 198.32.145.0/24 -198.32.147.0/21 -198.32.155.0/22 +198.32.147.0/24 +198.32.148.0/24 +198.32.149.0/24 +198.32.150.0/24 +198.32.151.0/24 +198.32.152.0/24 +198.32.153.0/24 +198.32.154.0/24 +198.32.155.0/24 +198.32.156.0/24 +198.32.157.0/24 +198.32.158.0/24 198.32.159.0/24 -198.32.162.0/21 -198.32.170.0/22 +198.32.162.0/24 +198.32.163.0/24 +198.32.164.0/24 +198.32.165.0/24 +198.32.166.0/24 +198.32.167.0/24 +198.32.168.0/24 +198.32.169.0/24 +198.32.170.0/24 +198.32.171.0/24 +198.32.172.0/24 +198.32.173.0/24 198.32.174.0/24 198.32.178.0/23 198.32.180.0/24 198.32.184.0/23 -198.32.187.0/23 -198.32.189.0/24 -198.32.193.0/23 -198.32.197.0/19 -198.32.229.0/21 -198.32.237.0/22 -198.32.244.0/21 -198.32.252.0/22 +198.32.187.0/24 +198.32.188.0/23 +198.32.193.0/24 +198.32.194.0/24 +198.32.197.0/24 +198.32.198.0/24 +198.32.199.0/24 +198.32.200.0/24 +198.32.201.0/24 +198.32.202.0/24 +198.32.203.0/24 +198.32.204.0/24 +198.32.205.0/24 +198.32.206.0/24 +198.32.207.0/24 +198.32.208.0/24 +198.32.209.0/24 +198.32.210.0/24 +198.32.211.0/24 +198.32.212.0/24 +198.32.213.0/24 +198.32.214.0/24 +198.32.215.0/24 +198.32.216.0/24 +198.32.217.0/24 +198.32.218.0/24 +198.32.219.0/24 +198.32.220.0/24 +198.32.221.0/24 +198.32.222.0/24 +198.32.223.0/24 +198.32.224.0/24 +198.32.225.0/24 +198.32.226.0/24 +198.32.227.0/24 +198.32.228.0/24 +198.32.229.0/24 +198.32.230.0/24 +198.32.231.0/24 +198.32.232.0/24 +198.32.233.0/24 +198.32.234.0/24 +198.32.235.0/24 +198.32.236.0/24 +198.32.237.0/24 +198.32.238.0/24 +198.32.239.0/24 +198.32.240.0/24 +198.32.244.0/24 +198.32.245.0/24 +198.32.246.0/24 +198.32.247.0/24 +198.32.248.0/24 +198.32.249.0/24 +198.32.250.0/24 +198.32.251.0/24 +198.32.252.0/24 +198.32.253.0/24 +198.32.254.0/24 +198.32.255.0/24 199.21.164.0/22 204.16.8.0/22 204.19.200.0/22 @@ -8160,8 +8456,8 @@ 204.110.56.0/21 # Country: UNITED STATES # ISO Code: US -# Total Networks: 41,279 -# Total Subnets: 1,539,504,512 +# Total Networks: 42,486 +# Total Subnets: 1,541,025,152 3.0.0.0/8 4.0.0.0/8 6.0.0.0/8 @@ -8187,6 +8483,17 @@ 23.25.0.0/16 23.26.0.0/16 23.27.0.0/16 +23.28.0.0/16 +23.29.0.0/20 +23.29.16.0/20 +23.29.32.0/20 +23.29.48.0/20 +23.29.64.0/20 +23.29.80.0/20 +23.29.96.0/20 +23.29.112.0/20 +23.29.128.0/19 +23.29.160.0/19 23.32.0.0/11 23.64.0.0/14 24.0.0.0/12 @@ -8235,7 +8542,8 @@ 24.49.128.0/20 24.49.144.0/20 24.49.160.0/20 -24.49.176.0/19 +24.49.176.0/20 +24.49.192.0/20 24.49.208.0/20 24.50.0.0/19 24.50.128.0/20 @@ -8247,14 +8555,16 @@ 24.52.8.0/22 24.52.12.0/22 24.52.16.0/23 -24.52.18.0/22 -24.52.22.0/23 +24.52.18.0/23 +24.52.20.0/22 24.52.24.0/21 24.52.32.0/22 -24.52.36.0/21 -24.52.44.0/21 -24.52.52.0/21 -24.52.60.0/22 +24.52.36.0/22 +24.52.40.0/22 +24.52.44.0/22 +24.52.48.0/22 +24.52.52.0/22 +24.52.56.0/21 24.52.64.0/18 24.52.128.0/19 24.52.160.0/20 @@ -8265,23 +8575,27 @@ 24.54.128.0/20 24.54.144.0/22 24.54.148.0/23 -24.54.150.0/22 -24.54.154.0/23 -24.54.156.0/21 +24.54.150.0/23 +24.54.152.0/22 +24.54.156.0/22 +24.54.160.0/22 24.54.164.0/23 24.54.166.0/23 -24.54.168.0/20 -24.54.184.0/21 +24.54.168.0/21 +24.54.176.0/20 24.56.0.0/18 24.56.64.0/19 24.56.96.0/20 24.56.112.0/20 24.56.128.0/20 24.56.144.0/21 -24.56.152.0/20 +24.56.152.0/21 +24.56.160.0/21 24.56.168.0/23 -24.56.170.0/21 -24.56.178.0/22 +24.56.170.0/23 +24.56.172.0/22 +24.56.176.0/22 +24.56.180.0/23 24.56.182.0/23 24.56.184.0/22 24.56.188.0/23 @@ -8461,7 +8775,9 @@ 24.224.32.0/19 24.224.64.0/18 24.225.0.0/19 -24.225.32.0/18 +24.225.32.0/20 +24.225.48.0/20 +24.225.64.0/19 24.225.96.0/20 24.225.112.0/20 24.227.32.0/19 @@ -8497,7 +8813,8 @@ 24.236.128.0/17 24.237.0.0/16 24.238.0.0/19 -24.238.32.0/18 +24.238.32.0/19 +24.238.64.0/19 24.238.96.0/19 24.238.128.0/17 24.239.16.0/20 @@ -8538,6 +8855,8 @@ 45.0.0.0/16 45.1.0.0/16 46.229.160.0/20 +47.16.0.0/14 +47.20.0.0/14 48.0.0.0/8 50.0.0.0/16 50.1.0.0/16 @@ -8840,8 +9159,8 @@ 64.17.68.0/22 64.17.72.0/23 64.17.74.0/23 -64.17.76.0/20 -64.17.92.0/22 +64.17.76.0/22 +64.17.80.0/20 64.17.96.0/19 64.17.128.0/18 64.17.192.0/20 @@ -8876,6 +9195,7 @@ 64.20.224.0/19 64.21.0.0/17 64.21.128.0/18 +64.21.192.0/19 64.21.224.0/19 64.22.0.0/19 64.22.32.0/19 @@ -9179,7 +9499,8 @@ 64.78.144.0/20 64.78.160.0/20 64.78.176.0/21 -64.78.184.0/20 +64.78.184.0/21 +64.78.192.0/21 64.78.200.0/21 64.78.208.0/20 64.78.224.0/20 @@ -9279,9 +9600,9 @@ 64.108.0.0/16 64.109.0.0/16 64.110.0.0/20 -64.110.28.0/23 -64.110.30.0/22 -64.110.34.0/20 +64.110.28.0/22 +64.110.32.0/20 +64.110.48.0/23 64.110.50.0/24 64.110.51.0/24 64.110.52.0/22 @@ -9435,8 +9756,8 @@ 64.150.160.0/23 64.150.162.0/24 64.150.163.0/24 -64.150.164.0/21 -64.150.172.0/22 +64.150.164.0/22 +64.150.168.0/21 64.150.176.0/20 64.151.0.0/18 64.151.64.0/18 @@ -9711,8 +10032,8 @@ 65.34.0.0/20 65.34.16.0/20 65.34.32.0/20 -65.34.48.0/18 -65.34.112.0/20 +65.34.48.0/20 +65.34.64.0/18 65.34.128.0/17 65.35.0.0/16 65.36.0.0/17 @@ -9871,7 +10192,8 @@ 65.182.128.0/20 65.182.144.0/20 65.182.160.0/21 -65.182.168.0/20 +65.182.168.0/21 +65.182.176.0/21 65.182.184.0/21 65.182.192.0/19 65.182.224.0/19 @@ -10026,15 +10348,18 @@ 66.43.80.0/21 66.43.88.0/22 66.43.92.0/24 -66.43.93.0/23 +66.43.93.0/24 +66.43.94.0/24 66.43.95.0/24 66.43.96.0/23 66.43.98.0/24 -66.43.99.0/23 +66.43.99.0/24 +66.43.100.0/24 66.43.101.0/24 66.43.102.0/23 66.43.104.0/24 -66.43.105.0/23 +66.43.105.0/24 +66.43.106.0/24 66.43.107.0/24 66.43.108.0/24 66.43.109.0/24 @@ -10141,11 +10466,14 @@ 66.80.0.0/16 66.81.0.0/23 66.81.2.0/24 -66.81.3.0/23 -66.81.5.0/23 -66.81.7.0/23 -66.81.9.0/23 -66.81.11.0/24 +66.81.3.0/24 +66.81.4.0/24 +66.81.5.0/24 +66.81.6.0/24 +66.81.7.0/24 +66.81.8.0/24 +66.81.9.0/24 +66.81.10.0/23 66.81.12.0/23 66.81.14.0/24 66.81.15.0/24 @@ -10179,7 +10507,8 @@ 66.81.108.0/22 66.81.112.0/21 66.81.120.0/22 -66.81.124.0/21 +66.81.124.0/22 +66.81.128.0/22 66.81.132.0/24 66.81.133.0/24 66.81.134.0/23 @@ -10217,11 +10546,13 @@ 66.85.20.0/24 66.85.24.0/24 66.85.32.0/23 -66.85.35.0/22 -66.85.39.0/23 +66.85.35.0/24 +66.85.36.0/22 +66.85.40.0/24 66.85.42.0/24 66.85.58.0/24 -66.85.61.0/23 +66.85.61.0/24 +66.85.62.0/24 66.85.66.0/24 66.85.68.0/23 66.85.81.0/24 @@ -10390,6 +10721,7 @@ 66.128.208.0/20 66.128.224.0/20 66.128.240.0/20 +66.129.0.0/19 66.129.32.0/20 66.129.48.0/20 66.129.64.0/18 @@ -10402,7 +10734,9 @@ 66.133.6.0/24 66.133.7.0/24 66.133.8.0/24 -66.133.9.0/22 +66.133.9.0/24 +66.133.10.0/23 +66.133.12.0/24 66.133.13.0/24 66.133.14.0/23 66.133.16.0/20 @@ -10826,18 +11160,21 @@ 66.235.160.0/19 66.235.192.0/23 66.235.194.0/24 -66.235.195.0/22 -66.235.199.0/23 +66.235.195.0/24 +66.235.196.0/22 +66.235.200.0/24 66.235.201.0/24 -66.235.202.0/22 +66.235.202.0/23 +66.235.204.0/23 66.235.206.0/24 66.235.207.0/24 66.235.208.0/24 66.235.209.0/24 -66.235.210.0/22 +66.235.210.0/23 +66.235.212.0/23 66.235.214.0/24 -66.235.215.0/21 -66.235.223.0/24 +66.235.215.0/24 +66.235.216.0/21 66.235.224.0/19 66.236.0.0/14 66.240.0.0/18 @@ -11108,11 +11445,14 @@ 67.203.80.0/21 67.203.88.0/22 67.203.92.0/24 -67.203.93.0/22 +67.203.93.0/24 +67.203.94.0/23 +67.203.96.0/24 67.203.97.0/24 67.203.98.0/23 67.203.100.0/24 -67.203.101.0/23 +67.203.101.0/24 +67.203.102.0/24 67.203.103.0/24 67.203.104.0/22 67.203.108.0/24 @@ -11124,7 +11464,8 @@ 67.203.122.0/24 67.203.123.0/24 67.203.124.0/24 -67.203.125.0/23 +67.203.125.0/24 +67.203.126.0/24 67.203.127.0/24 67.203.128.0/18 67.204.64.0/18 @@ -11245,8 +11586,8 @@ 67.217.4.0/22 67.217.8.0/21 67.217.16.0/23 -67.217.18.0/22 -67.217.22.0/23 +67.217.18.0/23 +67.217.20.0/22 67.217.24.0/22 67.217.28.0/22 67.217.32.0/20 @@ -11689,7 +12030,8 @@ 69.19.168.0/21 69.19.176.0/21 69.19.184.0/23 -69.19.186.0/22 +69.19.186.0/23 +69.19.188.0/23 69.19.190.0/24 69.19.191.0/24 69.19.192.0/20 @@ -11701,9 +12043,11 @@ 69.19.224.0/22 69.19.228.0/24 69.19.229.0/24 -69.19.230.0/23 +69.19.230.0/24 +69.19.231.0/24 69.19.232.0/24 -69.19.233.0/23 +69.19.233.0/24 +69.19.234.0/24 69.19.235.0/24 69.19.236.0/23 69.19.238.0/23 @@ -11712,7 +12056,8 @@ 69.19.242.0/23 69.19.244.0/23 69.19.246.0/24 -69.19.247.0/23 +69.19.247.0/24 +69.19.248.0/24 69.19.249.0/24 69.19.250.0/23 69.19.252.0/24 @@ -12031,18 +12376,21 @@ 69.85.143.0/24 69.85.144.0/21 69.85.152.0/23 -69.85.154.0/22 +69.85.154.0/23 +69.85.156.0/23 69.85.158.0/23 69.85.160.0/19 69.85.192.0/18 69.86.0.0/16 69.87.0.0/21 69.87.8.0/21 -69.87.16.0/19 -69.87.48.0/22 -69.87.52.0/19 -69.87.84.0/19 -69.87.116.0/21 +69.87.16.0/20 +69.87.32.0/20 +69.87.48.0/20 +69.87.64.0/19 +69.87.96.0/20 +69.87.112.0/21 +69.87.120.0/22 69.87.124.0/22 69.87.128.0/19 69.87.160.0/19 @@ -12385,8 +12733,8 @@ 71.80.0.0/12 71.96.0.0/11 71.128.0.0/11 -71.160.0.0/18 -71.160.64.0/16 +71.160.0.0/16 +71.161.0.0/18 71.161.64.0/18 71.161.128.0/18 71.161.192.0/19 @@ -12395,7 +12743,8 @@ 71.164.0.0/14 71.168.0.0/18 71.168.64.0/18 -71.168.128.0/16 +71.168.128.0/17 +71.169.0.0/17 71.169.128.0/18 71.169.192.0/18 71.170.0.0/15 @@ -12430,7 +12779,11 @@ 71.254.32.0/19 71.254.64.0/19 71.254.96.0/20 -71.254.112.0/16 +71.254.112.0/20 +71.254.128.0/17 +71.255.0.0/18 +71.255.64.0/19 +71.255.96.0/20 71.255.112.0/20 71.255.128.0/19 71.255.160.0/19 @@ -12568,15 +12921,19 @@ 72.22.64.0/23 72.22.66.0/23 72.22.68.0/24 -72.22.69.0/22 -72.22.73.0/24 +72.22.69.0/24 +72.22.70.0/23 +72.22.72.0/23 72.22.74.0/24 -72.22.75.0/23 +72.22.75.0/24 +72.22.76.0/24 72.22.77.0/24 -72.22.78.0/21 +72.22.78.0/23 +72.22.80.0/22 +72.22.84.0/23 72.22.86.0/24 -72.22.87.0/21 -72.22.95.0/24 +72.22.87.0/24 +72.22.88.0/21 72.22.96.0/21 72.22.104.0/21 72.22.112.0/20 @@ -12697,8 +13054,8 @@ 72.71.0.0/17 72.71.128.0/18 72.71.192.0/18 -72.72.0.0/18 -72.72.64.0/16 +72.72.0.0/16 +72.73.0.0/18 72.73.64.0/18 72.73.128.0/17 72.74.0.0/15 @@ -12720,7 +13077,8 @@ 72.94.0.0/16 72.95.0.0/18 72.95.64.0/20 -72.95.80.0/19 +72.95.80.0/20 +72.95.96.0/20 72.95.112.0/20 72.95.128.0/17 72.96.0.0/11 @@ -12871,7 +13229,6 @@ 74.91.0.0/20 74.91.16.0/20 74.91.32.0/20 -74.91.48.0/20 74.91.64.0/20 74.91.80.0/20 74.91.96.0/20 @@ -13500,7 +13857,6 @@ 74.221.64.0/20 74.221.80.0/20 74.221.96.0/19 -74.221.128.0/20 74.221.144.0/20 74.221.160.0/20 74.221.176.0/20 @@ -13964,8 +14320,8 @@ 99.198.96.0/19 99.198.128.0/17 99.200.0.0/13 -100.0.0.0/13 -100.8.0.0/11 +100.0.0.0/11 +100.32.0.0/13 100.40.0.0/15 100.42.0.0/20 100.42.16.0/20 @@ -13989,6 +14345,7 @@ 100.43.192.0/18 100.44.0.0/14 100.48.0.0/12 +100.128.0.0/14 103.246.248.0/23 107.0.0.0/14 107.4.0.0/15 @@ -14005,8 +14362,8 @@ 107.64.0.0/10 107.224.0.0/11 108.0.0.0/11 -108.32.0.0/13 -108.40.0.0/12 +108.32.0.0/12 +108.48.0.0/13 108.56.0.0/15 108.58.0.0/16 108.59.0.0/20 @@ -14098,6 +14455,12 @@ 108.170.192.0/18 108.171.0.0/19 108.171.32.0/19 +108.171.96.0/19 +108.171.128.0/19 +108.171.160.0/19 +108.171.192.0/19 +108.171.224.0/20 +108.171.240.0/20 108.174.0.0/20 108.174.32.0/20 108.174.48.0/20 @@ -14114,7 +14477,28 @@ 108.175.0.0/20 108.175.16.0/20 108.175.32.0/20 +108.175.48.0/20 +108.175.64.0/20 +108.175.96.0/20 108.175.112.0/20 +108.175.128.0/20 +108.175.144.0/20 +108.175.160.0/20 +108.175.176.0/20 +108.175.192.0/20 +108.175.208.0/20 +108.175.240.0/20 +108.176.0.0/17 +108.176.128.0/17 +108.177.0.0/17 +108.177.128.0/17 +108.178.0.0/18 +108.178.64.0/18 +108.178.128.0/18 +108.178.192.0/18 +108.179.0.0/18 +108.179.64.0/18 +108.179.128.0/18 108.192.0.0/10 109.236.144.0/20 128.1.0.0/16 @@ -14600,7 +14984,8 @@ 130.171.0.0/16 130.172.0.0/16 130.173.0.0/16 -130.174.0.0/14 +130.174.0.0/15 +130.176.0.0/15 130.178.0.0/16 130.181.0.0/16 130.182.0.0/16 @@ -14754,8 +15139,8 @@ 131.145.0.0/16 131.146.0.0/16 131.150.7.0/24 -131.150.11.0/22 -131.150.15.0/24 +131.150.11.0/24 +131.150.12.0/22 131.150.31.0/24 131.150.55.0/24 131.150.62.0/24 @@ -14818,26 +15203,28 @@ 131.253.2.0/24 131.253.3.0/24 131.253.4.0/24 -131.253.5.0/23 +131.253.5.0/24 +131.253.6.0/24 131.253.7.0/24 131.253.8.0/24 -131.253.9.0/23 -131.253.11.0/24 -131.253.12.0/23 -131.253.14.0/22 +131.253.9.0/24 +131.253.10.0/23 +131.253.12.0/22 +131.253.16.0/23 131.253.18.0/24 -131.253.19.0/23 -131.253.21.0/23 -131.253.23.0/21 -131.253.31.0/20 -131.253.47.0/24 +131.253.19.0/24 +131.253.20.0/24 +131.253.21.0/24 +131.253.22.0/23 +131.253.24.0/21 +131.253.32.0/20 131.253.48.0/21 131.253.56.0/22 131.253.60.0/24 -131.253.61.0/17 -131.253.189.0/18 -131.253.253.0/23 -131.253.255.0/24 +131.253.61.0/24 +131.253.62.0/23 +131.253.64.0/18 +131.253.128.0/17 132.0.0.0/16 132.1.0.0/16 132.2.0.0/16 @@ -14984,7 +15371,9 @@ 134.10.0.0/16 134.11.0.0/16 134.12.0.0/16 -134.13.0.0/14 +134.13.0.0/16 +134.14.0.0/15 +134.16.0.0/16 134.20.0.0/16 134.23.0.0/16 134.24.0.0/16 @@ -15142,7 +15531,9 @@ 135.28.0.0/16 135.29.0.0/16 135.30.0.0/16 -135.31.0.0/14 +135.31.0.0/16 +135.32.0.0/15 +135.34.0.0/16 135.35.0.0/16 135.36.0.0/16 135.37.0.0/16 @@ -15172,7 +15563,9 @@ 135.76.0.0/14 135.80.0.0/14 135.84.0.0/16 -135.85.0.0/14 +135.85.0.0/16 +135.86.0.0/15 +135.88.0.0/16 135.89.0.0/16 135.90.0.0/16 135.91.0.0/16 @@ -15193,8 +15586,11 @@ 135.111.0.0/16 135.112.0.0/16 135.113.0.0/16 -135.114.0.0/13 -135.122.0.0/14 +135.114.0.0/15 +135.116.0.0/14 +135.120.0.0/15 +135.122.0.0/15 +135.124.0.0/15 135.126.0.0/15 135.128.0.0/13 135.136.0.0/15 @@ -15207,7 +15603,8 @@ 135.144.0.0/14 135.148.0.0/16 135.149.0.0/16 -135.150.0.0/14 +135.150.0.0/15 +135.152.0.0/15 135.154.0.0/16 135.155.0.0/16 135.156.0.0/16 @@ -15219,7 +15616,8 @@ 135.169.0.0/16 135.170.0.0/16 135.171.0.0/16 -135.172.0.0/13 +135.172.0.0/14 +135.176.0.0/14 135.180.0.0/16 135.182.0.0/16 135.183.0.0/16 @@ -15259,6 +15657,8 @@ 136.142.0.0/16 136.143.0.0/16 136.144.0.0/16 +136.146.0.0/16 +136.147.0.0/16 136.149.0.0/16 136.150.0.0/16 136.151.0.0/16 @@ -15353,8 +15753,8 @@ 137.22.0.0/16 137.23.0.0/16 137.24.0.0/16 -137.25.0.0/15 -137.27.0.0/16 +137.25.0.0/16 +137.26.0.0/15 137.28.0.0/16 137.29.0.0/16 137.30.0.0/16 @@ -15925,7 +16325,8 @@ 141.122.0.0/15 141.124.0.0/16 141.125.0.0/16 -141.126.0.0/14 +141.126.0.0/15 +141.128.0.0/15 141.131.0.0/16 141.133.0.0/16 141.139.0.0/16 @@ -15948,7 +16349,9 @@ 141.173.0.0/16 141.174.0.0/16 141.177.0.0/16 -141.179.0.0/14 +141.179.0.0/16 +141.180.0.0/15 +141.182.0.0/16 141.183.0.0/16 141.184.0.0/16 141.185.0.0/16 @@ -16003,6 +16406,8 @@ 142.54.32.0/21 142.54.40.0/23 142.54.200.0/23 +142.54.208.0/20 +142.54.224.0/20 142.54.240.0/20 142.65.0.0/16 142.77.0.0/16 @@ -16606,11 +17011,11 @@ 148.7.0.0/16 148.8.0.0/16 148.9.0.0/16 -148.10.0.0/12 -148.26.0.0/15 -148.28.0.0/12 -148.44.0.0/15 -148.46.0.0/14 +148.10.0.0/15 +148.12.0.0/14 +148.16.0.0/12 +148.32.0.0/12 +148.48.0.0/15 148.50.0.0/16 148.51.0.0/16 148.52.0.0/16 @@ -17788,8 +18193,8 @@ 158.189.0.0/16 158.219.0.0/16 158.221.0.0/16 -158.222.42.0/22 -158.222.46.0/23 +158.222.42.0/23 +158.222.44.0/22 158.222.100.0/23 158.224.0.0/16 158.228.0.0/16 @@ -18258,10 +18663,10 @@ 162.89.0.0/20 162.89.16.0/22 162.89.20.0/22 -162.89.24.0/17 -162.89.152.0/18 -162.89.216.0/19 -162.89.248.0/21 +162.89.24.0/21 +162.89.32.0/19 +162.89.64.0/18 +162.89.128.0/17 162.90.0.0/16 162.91.0.0/16 162.92.0.0/16 @@ -18428,7 +18833,10 @@ 164.165.0.0/16 164.167.0.0/16 164.168.0.0/16 -164.169.0.0/13 +164.169.0.0/16 +164.170.0.0/15 +164.172.0.0/14 +164.176.0.0/16 164.179.0.0/16 164.180.0.0/14 164.184.0.0/14 @@ -18635,7 +19043,8 @@ 166.46.0.0/16 166.47.0.0/16 166.49.0.0/17 -166.50.0.0/14 +166.50.0.0/15 +166.52.0.0/15 166.54.0.0/16 166.55.0.0/16 166.56.0.0/16 @@ -18888,8 +19297,8 @@ 167.251.0.0/16 167.253.0.0/17 167.253.128.0/19 -167.253.160.0/18 -167.253.224.0/19 +167.253.160.0/19 +167.253.192.0/18 167.254.0.0/16 167.255.0.0/16 168.2.0.0/15 @@ -18976,7 +19385,9 @@ 168.173.0.0/16 168.174.0.0/16 168.175.0.0/16 -168.177.0.0/14 +168.177.0.0/16 +168.178.0.0/15 +168.180.0.0/16 168.182.0.0/16 168.183.0.0/16 168.184.0.0/16 @@ -19134,7 +19545,8 @@ 170.37.0.0/16 170.40.0.0/16 170.41.0.0/16 -170.42.0.0/14 +170.42.0.0/15 +170.44.0.0/15 170.46.0.0/16 170.47.0.0/16 170.48.0.0/16 @@ -19738,8 +20150,8 @@ 184.51.0.0/16 184.52.0.0/16 184.53.0.0/16 -184.54.0.0/14 -184.58.0.0/15 +184.54.0.0/15 +184.56.0.0/14 184.60.0.0/16 184.61.0.0/16 184.62.0.0/16 @@ -19881,7 +20293,9 @@ 192.5.70.0/24 192.5.72.0/24 192.5.73.0/24 -192.5.74.0/21 +192.5.74.0/23 +192.5.76.0/22 +192.5.80.0/23 192.5.82.0/24 192.5.83.0/24 192.5.84.0/22 @@ -19938,7 +20352,11 @@ 192.5.167.0/24 192.5.168.0/24 192.5.169.0/24 -192.5.170.0/19 +192.5.170.0/23 +192.5.172.0/22 +192.5.176.0/20 +192.5.192.0/21 +192.5.200.0/23 192.5.202.0/24 192.5.206.0/24 192.5.207.0/24 @@ -19990,10 +20408,10 @@ 192.6.192.0/20 192.6.208.0/23 192.6.210.0/24 -192.6.211.0/19 -192.6.243.0/21 -192.6.251.0/22 -192.6.255.0/24 +192.6.211.0/24 +192.6.212.0/22 +192.6.216.0/21 +192.6.224.0/19 192.7.0.0/16 192.8.0.0/16 192.9.0.0/21 @@ -20123,7 +20541,11 @@ 192.12.151.0/24 192.12.152.0/24 192.12.153.0/24 -192.12.155.0/20 +192.12.155.0/24 +192.12.156.0/22 +192.12.160.0/21 +192.12.168.0/23 +192.12.170.0/24 192.12.171.0/24 192.12.173.0/24 192.12.184.0/24 @@ -20158,7 +20580,9 @@ 192.12.220.0/24 192.12.223.0/24 192.12.224.0/24 -192.12.225.0/22 +192.12.225.0/24 +192.12.226.0/23 +192.12.228.0/24 192.12.229.0/24 192.12.230.0/24 192.12.233.0/24 @@ -20244,11 +20668,15 @@ 192.25.8.0/23 192.25.10.0/23 192.25.12.0/24 -192.25.13.0/23 -192.25.15.0/22 +192.25.13.0/24 +192.25.14.0/24 +192.25.15.0/24 +192.25.16.0/23 +192.25.18.0/24 192.25.19.0/24 192.25.20.0/24 -192.25.21.0/23 +192.25.21.0/24 +192.25.22.0/24 192.25.23.0/24 192.25.24.0/24 192.25.25.0/24 @@ -20271,19 +20699,21 @@ 192.25.50.0/24 192.25.51.0/24 192.25.52.0/24 -192.25.53.0/23 +192.25.53.0/24 +192.25.54.0/24 192.25.55.0/24 192.25.56.0/21 192.25.64.0/22 192.25.68.0/23 192.25.70.0/24 -192.25.71.0/23 -192.25.73.0/24 +192.25.71.0/24 +192.25.72.0/23 192.25.74.0/24 192.25.75.0/24 192.25.76.0/23 192.25.78.0/24 -192.25.79.0/23 +192.25.79.0/24 +192.25.80.0/24 192.25.81.0/24 192.25.82.0/23 192.25.84.0/22 @@ -20294,12 +20724,15 @@ 192.25.102.0/23 192.25.104.0/23 192.25.106.0/24 -192.25.107.0/23 +192.25.107.0/24 +192.25.108.0/24 192.25.109.0/24 -192.25.110.0/22 +192.25.110.0/23 +192.25.112.0/23 192.25.114.0/24 192.25.117.0/24 -192.25.118.0/22 +192.25.118.0/23 +192.25.120.0/23 192.25.122.0/23 192.25.124.0/23 192.25.126.0/24 @@ -20319,7 +20752,8 @@ 192.25.150.0/24 192.25.151.0/24 192.25.152.0/24 -192.25.153.0/23 +192.25.153.0/24 +192.25.154.0/24 192.25.155.0/24 192.25.156.0/22 192.25.160.0/21 @@ -20449,7 +20883,8 @@ 192.30.61.0/24 192.30.91.0/24 192.30.92.0/24 -192.30.93.0/23 +192.30.93.0/24 +192.30.94.0/24 192.30.96.0/24 192.30.100.0/24 192.30.108.0/24 @@ -20636,8 +21071,8 @@ 192.33.48.0/20 192.33.64.0/20 192.33.80.0/22 -192.33.84.0/24 -192.33.85.0/23 +192.33.84.0/23 +192.33.86.0/24 192.33.112.0/24 192.33.115.0/24 192.33.116.0/24 @@ -20681,7 +21116,9 @@ 192.34.244.0/24 192.34.247.0/24 192.35.20.0/24 -192.35.21.0/22 +192.35.21.0/24 +192.35.22.0/23 +192.35.24.0/24 192.35.25.0/24 192.35.26.0/23 192.35.28.0/24 @@ -20690,7 +21127,8 @@ 192.35.32.0/22 192.35.36.0/24 192.35.37.0/24 -192.35.38.0/22 +192.35.38.0/23 +192.35.40.0/23 192.35.42.0/24 192.35.43.0/24 192.35.44.0/24 @@ -20830,7 +21268,11 @@ 192.39.32.0/19 192.39.64.0/18 192.39.128.0/17 -192.40.7.0/20 +192.40.7.0/24 +192.40.8.0/21 +192.40.16.0/22 +192.40.20.0/23 +192.40.22.0/24 192.40.25.0/24 192.40.29.0/24 192.40.43.0/24 @@ -20906,7 +21348,12 @@ 192.42.4.0/24 192.42.7.0/24 192.42.8.0/24 -192.42.9.0/19 +192.42.9.0/24 +192.42.10.0/23 +192.42.12.0/22 +192.42.16.0/20 +192.42.32.0/21 +192.42.40.0/24 192.42.41.0/24 192.42.48.0/24 192.42.49.0/24 @@ -20943,7 +21390,9 @@ 192.42.108.0/24 192.42.109.0/24 192.42.111.0/24 -192.42.133.0/22 +192.42.133.0/24 +192.42.134.0/23 +192.42.136.0/24 192.42.137.0/24 192.42.138.0/24 192.42.139.0/24 @@ -20998,7 +21447,10 @@ 192.43.150.0/24 192.43.151.0/24 192.43.152.0/24 -192.43.153.0/21 +192.43.153.0/24 +192.43.154.0/23 +192.43.156.0/22 +192.43.160.0/24 192.43.161.0/24 192.43.172.0/24 192.43.173.0/24 @@ -21074,7 +21526,8 @@ 192.48.32.0/24 192.48.33.0/24 192.48.34.0/24 -192.48.35.0/23 +192.48.35.0/24 +192.48.36.0/24 192.48.37.0/24 192.48.38.0/23 192.48.40.0/21 @@ -21315,7 +21768,9 @@ 192.54.224.0/24 192.54.226.0/24 192.54.228.0/24 -192.54.230.0/21 +192.54.230.0/23 +192.54.232.0/22 +192.54.236.0/23 192.54.238.0/24 192.54.239.0/24 192.54.240.0/24 @@ -21362,7 +21817,8 @@ 192.55.121.0/24 192.55.122.0/23 192.55.124.0/24 -192.55.125.0/23 +192.55.125.0/24 +192.55.126.0/24 192.55.127.0/24 192.55.131.0/24 192.55.133.0/24 @@ -21375,8 +21831,8 @@ 192.55.144.0/20 192.55.160.0/20 192.55.176.0/21 -192.55.184.0/24 -192.55.185.0/23 +192.55.184.0/23 +192.55.186.0/24 192.55.187.0/24 192.55.189.0/24 192.55.195.0/24 @@ -21435,7 +21891,9 @@ 192.58.20.0/22 192.58.24.0/22 192.58.36.0/24 -192.58.37.0/22 +192.58.37.0/24 +192.58.38.0/23 +192.58.40.0/24 192.58.102.0/24 192.58.103.0/24 192.58.104.0/24 @@ -21461,7 +21919,8 @@ 192.58.126.0/24 192.58.127.0/24 192.58.128.0/24 -192.58.129.0/23 +192.58.129.0/24 +192.58.130.0/24 192.58.149.0/24 192.58.150.0/24 192.58.151.0/24 @@ -21530,13 +21989,19 @@ 192.64.157.0/24 192.64.158.0/24 192.64.198.0/24 -192.64.203.0/23 +192.64.203.0/24 +192.64.204.0/24 192.64.205.0/24 192.64.226.0/23 192.64.228.0/22 192.64.232.0/22 -192.65.1.0/20 -192.65.17.0/23 +192.65.1.0/24 +192.65.2.0/23 +192.65.4.0/22 +192.65.8.0/21 +192.65.16.0/24 +192.65.17.0/24 +192.65.18.0/24 192.65.19.0/24 192.65.20.0/22 192.65.24.0/21 @@ -21702,7 +22167,8 @@ 192.67.227.0/24 192.67.228.0/24 192.67.229.0/24 -192.67.230.0/22 +192.67.230.0/23 +192.67.232.0/23 192.67.234.0/24 192.67.235.0/24 192.67.236.0/22 @@ -21726,7 +22192,9 @@ 192.68.113.0/24 192.68.114.0/24 192.68.115.0/24 -192.68.118.0/21 +192.68.118.0/23 +192.68.120.0/22 +192.68.124.0/23 192.68.133.0/24 192.68.134.0/24 192.68.135.0/24 @@ -21898,7 +22366,8 @@ 192.73.10.0/24 192.73.13.0/24 192.73.14.0/24 -192.73.15.0/23 +192.73.15.0/24 +192.73.16.0/24 192.73.17.0/24 192.73.26.0/24 192.73.27.0/24 @@ -21992,8 +22461,12 @@ 192.75.66.0/24 192.75.198.0/24 192.75.239.0/24 -192.76.36.0/18 -192.76.100.0/20 +192.76.36.0/22 +192.76.40.0/21 +192.76.48.0/20 +192.76.64.0/19 +192.76.96.0/20 +192.76.112.0/22 192.76.116.0/24 192.76.121.0/24 192.76.173.0/24 @@ -22107,7 +22580,8 @@ 192.77.80.0/20 192.77.96.0/24 192.77.97.0/24 -192.77.98.0/22 +192.77.98.0/23 +192.77.100.0/23 192.77.102.0/24 192.77.103.0/24 192.77.104.0/24 @@ -22229,8 +22703,8 @@ 192.80.216.0/21 192.80.224.0/20 192.80.240.0/21 -192.80.248.0/23 -192.80.250.0/22 +192.80.248.0/22 +192.80.252.0/23 192.80.254.0/24 192.81.8.0/24 192.81.48.0/24 @@ -22280,8 +22754,8 @@ 192.82.159.0/24 192.82.160.0/24 192.82.162.0/23 -192.82.164.0/21 -192.82.172.0/22 +192.82.164.0/22 +192.82.168.0/21 192.82.176.0/20 192.82.192.0/20 192.82.208.0/24 @@ -22871,7 +23345,8 @@ 192.92.91.0/24 192.92.92.0/24 192.92.93.0/24 -192.92.95.0/23 +192.92.95.0/24 +192.92.96.0/24 192.92.98.0/24 192.92.99.0/24 192.92.100.0/24 @@ -22908,7 +23383,8 @@ 192.92.173.0/24 192.92.174.0/23 192.92.177.0/24 -192.92.178.0/22 +192.92.178.0/23 +192.92.180.0/23 192.92.183.0/24 192.92.184.0/24 192.92.185.0/24 @@ -22926,7 +23402,11 @@ 192.92.215.0/24 192.92.217.0/24 192.92.218.0/24 -192.92.219.0/20 +192.92.219.0/24 +192.92.220.0/22 +192.92.224.0/21 +192.92.232.0/23 +192.92.234.0/24 192.94.1.0/24 192.94.2.0/24 192.94.3.0/24 @@ -22968,7 +23448,8 @@ 192.94.42.0/24 192.94.43.0/24 192.94.44.0/24 -192.94.45.0/23 +192.94.45.0/24 +192.94.46.0/24 192.94.47.0/24 192.94.48.0/24 192.94.50.0/24 @@ -23042,7 +23523,8 @@ 192.94.218.0/24 192.94.219.0/24 192.94.222.0/24 -192.94.223.0/23 +192.94.223.0/24 +192.94.224.0/24 192.94.225.0/24 192.94.228.0/24 192.94.229.0/24 @@ -23105,7 +23587,9 @@ 192.100.76.0/24 192.100.79.0/24 192.100.81.0/24 -192.100.83.0/22 +192.100.83.0/24 +192.100.84.0/23 +192.100.86.0/24 192.100.88.0/24 192.100.89.0/24 192.100.90.0/24 @@ -23455,7 +23939,9 @@ 192.104.96.0/21 192.104.104.0/23 192.104.106.0/24 -192.104.107.0/22 +192.104.107.0/24 +192.104.108.0/23 +192.104.110.0/24 192.104.137.0/24 192.104.138.0/24 192.104.139.0/24 @@ -23530,14 +24016,17 @@ 192.107.7.0/24 192.107.8.0/24 192.107.14.0/24 -192.107.15.0/23 -192.107.17.0/24 +192.107.15.0/24 +192.107.16.0/23 192.107.18.0/24 -192.107.19.0/22 -192.107.23.0/23 -192.107.25.0/24 +192.107.19.0/24 +192.107.20.0/22 +192.107.24.0/23 192.107.26.0/24 -192.107.27.0/21 +192.107.27.0/24 +192.107.28.0/22 +192.107.32.0/23 +192.107.34.0/24 192.107.35.0/24 192.107.36.0/24 192.107.37.0/24 @@ -23626,7 +24115,8 @@ 192.107.246.0/23 192.107.248.0/22 192.107.252.0/24 -192.107.253.0/23 +192.107.253.0/24 +192.107.254.0/24 192.108.0.0/24 192.108.1.0/24 192.108.2.0/24 @@ -23646,7 +24136,8 @@ 192.108.16.0/24 192.108.17.0/24 192.108.18.0/24 -192.108.19.0/23 +192.108.19.0/24 +192.108.20.0/24 192.108.21.0/24 192.108.22.0/24 192.108.93.0/24 @@ -23961,7 +24452,8 @@ 192.120.200.0/21 192.120.208.0/20 192.120.224.0/19 -192.122.147.0/23 +192.122.147.0/24 +192.122.148.0/24 192.122.172.0/24 192.122.173.0/24 192.122.174.0/24 @@ -24059,7 +24551,8 @@ 192.124.128.0/24 192.124.130.0/24 192.124.131.0/24 -192.124.133.0/23 +192.124.133.0/24 +192.124.134.0/24 192.124.135.0/24 192.124.136.0/24 192.124.137.0/24 @@ -24113,7 +24606,9 @@ 192.129.67.0/24 192.129.68.0/24 192.129.69.0/24 -192.129.71.0/22 +192.129.71.0/24 +192.129.72.0/23 +192.129.74.0/24 192.129.75.0/24 192.129.77.0/24 192.129.79.0/24 @@ -24125,7 +24620,8 @@ 192.129.86.0/24 192.129.88.0/24 192.129.89.0/24 -192.129.90.0/22 +192.129.90.0/23 +192.129.92.0/23 192.129.95.0/24 192.129.96.0/24 192.129.97.0/24 @@ -24160,9 +24656,9 @@ 192.131.23.0/24 192.131.24.0/24 192.131.31.0/24 -192.131.45.0/21 -192.131.53.0/23 -192.131.55.0/24 +192.131.45.0/24 +192.131.46.0/23 +192.131.48.0/21 192.131.64.0/21 192.131.72.0/22 192.131.76.0/24 @@ -24856,7 +25352,6 @@ 192.147.8.0/24 192.147.9.0/24 192.147.10.0/24 -192.147.11.0/24 192.147.12.0/24 192.147.13.0/24 192.147.14.0/24 @@ -24883,7 +25378,9 @@ 192.147.44.0/24 192.147.45.0/24 192.147.46.0/24 -192.147.47.0/22 +192.147.47.0/24 +192.147.48.0/23 +192.147.50.0/24 192.147.51.0/24 192.147.52.0/23 192.147.54.0/23 @@ -24958,8 +25455,12 @@ 192.147.171.0/24 192.147.172.0/24 192.147.173.0/24 -192.147.174.0/22 -192.147.178.0/23 +192.147.174.0/24 +192.147.175.0/24 +192.147.176.0/24 +192.147.177.0/24 +192.147.178.0/24 +192.147.179.0/24 192.147.180.0/24 192.147.181.0/24 192.147.182.0/24 @@ -25130,7 +25631,10 @@ 192.149.128.0/21 192.149.136.0/23 192.149.138.0/24 -192.149.139.0/21 +192.149.139.0/24 +192.149.140.0/22 +192.149.144.0/23 +192.149.146.0/24 192.149.147.0/24 192.149.148.0/24 192.149.150.0/24 @@ -25309,7 +25813,10 @@ 192.151.92.0/22 192.151.96.0/22 192.151.100.0/24 -192.151.101.0/21 +192.151.101.0/24 +192.151.102.0/23 +192.151.104.0/22 +192.151.108.0/24 192.151.110.0/24 192.151.111.0/24 192.151.112.0/20 @@ -25494,7 +26001,10 @@ 192.153.22.0/24 192.153.23.0/24 192.153.24.0/24 -192.153.26.0/20 +192.153.26.0/23 +192.153.28.0/22 +192.153.32.0/21 +192.153.40.0/23 192.153.42.0/24 192.153.43.0/24 192.153.44.0/24 @@ -25885,9 +26395,15 @@ 192.157.64.0/21 192.157.72.0/23 192.157.128.0/24 -192.157.130.0/19 +192.157.130.0/23 +192.157.132.0/22 +192.157.136.0/21 +192.157.144.0/20 +192.157.160.0/23 192.157.163.0/24 -192.157.165.0/22 +192.157.165.0/24 +192.157.166.0/23 +192.157.168.0/24 192.157.175.0/24 192.157.177.0/24 192.157.178.0/23 @@ -26895,7 +27411,10 @@ 192.195.7.0/24 192.195.9.0/24 192.195.11.0/24 -192.195.15.0/21 +192.195.15.0/24 +192.195.16.0/22 +192.195.20.0/23 +192.195.22.0/24 192.195.23.0/24 192.195.28.0/24 192.195.29.0/24 @@ -26960,7 +27479,8 @@ 192.195.175.0/24 192.195.176.0/24 192.195.177.0/24 -192.195.178.0/22 +192.195.178.0/23 +192.195.180.0/23 192.195.182.0/24 192.195.185.0/24 192.195.187.0/24 @@ -27097,15 +27617,21 @@ 192.203.4.0/23 192.203.6.0/23 192.203.8.0/22 -192.203.12.0/20 -192.203.28.0/21 +192.203.12.0/22 +192.203.16.0/20 +192.203.32.0/22 192.203.36.0/24 192.203.40.0/24 192.203.41.0/24 192.203.42.0/24 192.203.43.0/24 192.203.44.0/24 -192.203.45.0/19 +192.203.45.0/24 +192.203.46.0/23 +192.203.48.0/20 +192.203.64.0/21 +192.203.72.0/22 +192.203.76.0/24 192.203.77.0/24 192.203.78.0/24 192.203.79.0/24 @@ -27115,7 +27641,8 @@ 192.203.110.0/23 192.203.112.0/23 192.203.114.0/24 -192.203.115.0/23 +192.203.115.0/24 +192.203.116.0/24 192.203.117.0/24 192.203.118.0/23 192.203.120.0/22 @@ -27390,9 +27917,11 @@ 192.206.252.0/24 192.206.253.0/24 192.206.254.0/24 -192.207.1.0/23 +192.207.1.0/24 +192.207.2.0/24 192.207.3.0/24 -192.207.4.0/21 +192.207.4.0/22 +192.207.8.0/22 192.207.13.0/24 192.207.15.0/24 192.207.17.0/24 @@ -27415,15 +27944,21 @@ 192.207.45.0/24 192.207.46.0/23 192.207.50.0/24 -192.207.51.0/22 +192.207.51.0/24 +192.207.52.0/23 +192.207.54.0/24 192.207.56.0/23 192.207.58.0/24 192.207.63.0/24 -192.207.69.0/22 +192.207.69.0/24 +192.207.70.0/23 +192.207.72.0/24 192.207.73.0/24 192.207.74.0/24 192.207.75.0/24 -192.207.77.0/22 +192.207.77.0/24 +192.207.78.0/23 +192.207.80.0/24 192.207.81.0/24 192.207.82.0/24 192.207.83.0/24 @@ -27437,7 +27972,9 @@ 192.207.92.0/23 192.207.94.0/24 192.207.95.0/24 -192.207.99.0/22 +192.207.99.0/24 +192.207.100.0/23 +192.207.102.0/24 192.207.103.0/24 192.207.104.0/24 192.207.105.0/24 @@ -27456,7 +27993,9 @@ 192.207.126.0/24 192.207.127.0/24 192.207.128.0/24 -192.207.129.0/22 +192.207.129.0/24 +192.207.130.0/23 +192.207.132.0/24 192.207.133.0/24 192.207.134.0/24 192.207.135.0/24 @@ -27466,7 +28005,9 @@ 192.207.140.0/24 192.207.144.0/24 192.207.145.0/24 -192.207.147.0/22 +192.207.147.0/24 +192.207.148.0/23 +192.207.150.0/24 192.207.159.0/24 192.207.160.0/24 192.207.162.0/24 @@ -27550,7 +28091,11 @@ 192.208.144.0/21 192.208.152.0/22 192.208.156.0/23 -192.209.1.0/20 +192.209.1.0/24 +192.209.2.0/23 +192.209.4.0/22 +192.209.8.0/21 +192.209.16.0/24 192.209.32.0/20 192.209.48.0/21 192.209.56.0/22 @@ -27619,7 +28164,10 @@ 192.222.98.0/24 192.222.99.0/24 192.222.100.0/24 -192.223.1.0/21 +192.223.1.0/24 +192.223.2.0/23 +192.223.4.0/22 +192.223.8.0/24 192.223.16.0/21 192.223.32.0/19 192.223.128.0/17 @@ -27703,7 +28251,9 @@ 192.231.46.0/24 192.231.47.0/24 192.231.48.0/24 -192.231.49.0/22 +192.231.49.0/24 +192.231.50.0/23 +192.231.52.0/24 192.231.53.0/24 192.231.54.0/24 192.231.55.0/24 @@ -27748,7 +28298,8 @@ 192.231.111.0/24 192.231.112.0/24 192.231.113.0/24 -192.231.122.0/22 +192.231.122.0/23 +192.231.124.0/23 192.231.126.0/24 192.231.128.0/24 192.231.129.0/24 @@ -27883,7 +28434,8 @@ 192.234.48.0/24 192.234.49.0/24 192.234.50.0/24 -192.234.51.0/23 +192.234.51.0/24 +192.234.52.0/24 192.234.53.0/24 192.234.54.0/24 192.234.55.0/24 @@ -27930,7 +28482,8 @@ 192.234.110.0/24 192.234.111.0/24 192.234.112.0/24 -192.234.114.0/22 +192.234.114.0/23 +192.234.116.0/23 192.234.122.0/24 192.234.123.0/24 192.234.124.0/24 @@ -28044,7 +28597,10 @@ 192.234.253.0/24 192.235.0.0/20 192.235.16.0/20 -192.236.1.0/21 +192.236.1.0/24 +192.236.2.0/23 +192.236.4.0/22 +192.236.8.0/24 192.236.16.0/21 192.236.24.0/23 192.236.32.0/19 @@ -28104,10 +28660,13 @@ 192.245.43.0/24 192.245.44.0/24 192.245.45.0/24 -192.245.46.0/22 +192.245.46.0/23 +192.245.48.0/23 192.245.50.0/24 192.245.52.0/24 -192.245.53.0/22 +192.245.53.0/24 +192.245.54.0/23 +192.245.56.0/24 192.245.57.0/24 192.245.61.0/24 192.245.62.0/24 @@ -28117,9 +28676,11 @@ 192.245.66.0/23 192.245.68.0/23 192.245.70.0/24 -192.245.71.0/23 +192.245.71.0/24 +192.245.72.0/24 192.245.81.0/24 -192.245.82.0/22 +192.245.82.0/23 +192.245.84.0/23 192.245.86.0/24 192.245.87.0/24 192.245.88.0/24 @@ -28143,7 +28704,8 @@ 192.245.117.0/24 192.245.119.0/24 192.245.120.0/24 -192.245.122.0/22 +192.245.122.0/23 +192.245.124.0/23 192.245.126.0/23 192.245.128.0/22 192.245.132.0/24 @@ -28188,7 +28750,8 @@ 192.245.186.0/24 192.245.187.0/24 192.245.188.0/24 -192.245.189.0/23 +192.245.189.0/24 +192.245.190.0/24 192.245.191.0/24 192.245.194.0/24 192.245.195.0/24 @@ -28200,7 +28763,9 @@ 192.245.207.0/24 192.245.209.0/24 192.245.218.0/24 -192.245.221.0/22 +192.245.221.0/24 +192.245.222.0/23 +192.245.224.0/24 192.245.226.0/24 192.245.227.0/24 192.245.229.0/24 @@ -28233,7 +28798,134 @@ 192.250.22.0/23 192.250.30.0/23 192.250.32.0/19 -192.250.64.0/17 +192.250.64.0/24 +192.250.65.0/24 +192.250.66.0/24 +192.250.67.0/24 +192.250.68.0/24 +192.250.69.0/24 +192.250.70.0/24 +192.250.71.0/24 +192.250.72.0/24 +192.250.73.0/24 +192.250.74.0/24 +192.250.75.0/24 +192.250.76.0/24 +192.250.77.0/24 +192.250.78.0/24 +192.250.79.0/24 +192.250.80.0/24 +192.250.81.0/24 +192.250.82.0/24 +192.250.83.0/24 +192.250.84.0/24 +192.250.85.0/24 +192.250.86.0/24 +192.250.87.0/24 +192.250.88.0/24 +192.250.89.0/24 +192.250.90.0/24 +192.250.91.0/24 +192.250.92.0/24 +192.250.93.0/24 +192.250.94.0/24 +192.250.95.0/24 +192.250.96.0/24 +192.250.97.0/24 +192.250.98.0/24 +192.250.99.0/24 +192.250.100.0/24 +192.250.101.0/24 +192.250.102.0/24 +192.250.103.0/24 +192.250.104.0/24 +192.250.105.0/24 +192.250.106.0/24 +192.250.107.0/24 +192.250.108.0/24 +192.250.109.0/24 +192.250.110.0/24 +192.250.111.0/24 +192.250.112.0/24 +192.250.113.0/24 +192.250.114.0/24 +192.250.115.0/24 +192.250.116.0/24 +192.250.117.0/24 +192.250.118.0/24 +192.250.119.0/24 +192.250.120.0/24 +192.250.121.0/24 +192.250.122.0/24 +192.250.123.0/24 +192.250.124.0/24 +192.250.125.0/24 +192.250.126.0/24 +192.250.127.0/24 +192.250.128.0/24 +192.250.129.0/24 +192.250.130.0/24 +192.250.131.0/24 +192.250.132.0/24 +192.250.133.0/24 +192.250.134.0/24 +192.250.135.0/24 +192.250.136.0/24 +192.250.137.0/24 +192.250.138.0/24 +192.250.139.0/24 +192.250.140.0/24 +192.250.141.0/24 +192.250.142.0/24 +192.250.143.0/24 +192.250.144.0/24 +192.250.145.0/24 +192.250.146.0/24 +192.250.147.0/24 +192.250.148.0/24 +192.250.149.0/24 +192.250.150.0/24 +192.250.151.0/24 +192.250.152.0/24 +192.250.153.0/24 +192.250.154.0/24 +192.250.155.0/24 +192.250.156.0/24 +192.250.157.0/24 +192.250.158.0/24 +192.250.159.0/24 +192.250.160.0/24 +192.250.161.0/24 +192.250.162.0/24 +192.250.163.0/24 +192.250.164.0/24 +192.250.165.0/24 +192.250.166.0/24 +192.250.167.0/24 +192.250.168.0/24 +192.250.169.0/24 +192.250.170.0/24 +192.250.171.0/24 +192.250.172.0/24 +192.250.173.0/24 +192.250.174.0/24 +192.250.175.0/24 +192.250.176.0/24 +192.250.177.0/24 +192.250.178.0/24 +192.250.179.0/24 +192.250.180.0/24 +192.250.181.0/24 +192.250.182.0/24 +192.250.183.0/24 +192.250.184.0/24 +192.250.185.0/24 +192.250.186.0/24 +192.250.187.0/24 +192.250.188.0/24 +192.250.189.0/24 +192.250.190.0/24 +192.250.191.0/24 192.251.1.0/24 192.251.2.0/24 192.251.3.0/24 @@ -28462,8 +29154,10 @@ 196.3.32.0/20 196.3.48.0/21 196.3.56.0/24 -196.4.46.0/20 -196.4.62.0/21 +196.4.46.0/23 +196.4.48.0/20 +196.4.64.0/22 +196.4.68.0/23 196.4.70.0/24 196.27.0.0/18 196.216.1.0/24 @@ -28528,7 +29222,8 @@ 198.17.5.0/24 198.17.6.0/24 198.17.8.0/24 -198.17.9.0/23 +198.17.9.0/24 +198.17.10.0/24 198.17.11.0/24 198.17.12.0/24 198.17.13.0/24 @@ -28701,7 +29396,8 @@ 198.17.238.0/24 198.17.239.0/24 198.17.242.0/24 -198.17.243.0/23 +198.17.243.0/24 +198.17.244.0/24 198.17.245.0/24 198.17.246.0/24 198.17.247.0/24 @@ -28736,7 +29432,8 @@ 198.22.27.0/24 198.22.28.0/24 198.22.29.0/24 -198.22.30.0/22 +198.22.30.0/23 +198.22.32.0/23 198.22.38.0/24 198.22.39.0/24 198.22.41.0/24 @@ -28745,7 +29442,9 @@ 198.22.44.0/24 198.22.45.0/24 198.22.52.0/24 -198.22.53.0/22 +198.22.53.0/24 +198.22.54.0/23 +198.22.56.0/24 198.22.57.0/24 198.22.58.0/24 198.22.59.0/24 @@ -28882,7 +29581,14 @@ 198.22.238.0/24 198.22.239.0/24 198.22.240.0/24 -198.22.241.0/21 +198.22.241.0/24 +198.22.242.0/24 +198.22.243.0/24 +198.22.244.0/24 +198.22.245.0/24 +198.22.246.0/24 +198.22.247.0/24 +198.22.248.0/24 198.22.249.0/24 198.22.252.0/24 198.22.254.0/24 @@ -28911,15 +29617,15 @@ 198.28.64.0/18 198.28.128.0/17 198.29.0.0/22 -198.29.4.0/24 -198.29.5.0/23 +198.29.4.0/23 +198.29.6.0/24 198.29.8.0/21 198.29.16.0/20 -198.29.66.0/19 -198.29.98.0/20 -198.29.114.0/21 -198.29.122.0/22 -198.29.126.0/23 +198.29.66.0/23 +198.29.68.0/22 +198.29.72.0/21 +198.29.80.0/20 +198.29.96.0/19 198.29.128.0/18 198.29.192.0/19 198.29.224.0/20 @@ -28928,27 +29634,50 @@ 198.29.252.0/23 198.30.0.0/16 198.31.0.0/16 -198.32.99.0/20 -198.32.115.0/22 +198.32.99.0/24 +198.32.100.0/24 +198.32.101.0/24 +198.32.102.0/24 +198.32.103.0/24 +198.32.104.0/24 +198.32.105.0/24 +198.32.106.0/24 +198.32.107.0/24 +198.32.108.0/24 +198.32.109.0/24 +198.32.110.0/24 +198.32.111.0/24 +198.32.112.0/24 +198.32.113.0/24 +198.32.114.0/24 +198.32.115.0/24 +198.32.116.0/24 +198.32.117.0/24 +198.32.118.0/24 198.32.119.0/24 198.32.120.0/22 198.32.124.0/23 198.32.128.0/23 198.32.132.0/24 -198.32.133.0/23 +198.32.133.0/24 +198.32.134.0/24 198.32.135.0/24 198.32.144.0/24 198.32.146.0/24 198.32.160.0/23 -198.32.175.0/23 +198.32.175.0/24 +198.32.176.0/24 198.32.177.0/24 -198.32.181.0/23 +198.32.181.0/24 +198.32.182.0/24 198.32.183.0/24 198.32.186.0/24 198.32.190.0/23 198.32.192.0/24 -198.32.195.0/23 -198.32.241.0/23 +198.32.195.0/24 +198.32.196.0/24 +198.32.241.0/24 +198.32.242.0/24 198.32.243.0/24 198.35.0.0/20 198.35.16.0/21 @@ -28969,7 +29698,8 @@ 198.36.128.0/17 198.37.0.0/22 198.37.4.0/24 -198.37.5.0/23 +198.37.5.0/24 +198.37.6.0/24 198.37.8.0/21 198.37.16.0/21 198.37.24.0/22 @@ -28984,7 +29714,8 @@ 198.37.128.0/22 198.37.132.0/24 198.38.4.0/24 -198.38.5.0/23 +198.38.5.0/24 +198.38.6.0/24 198.38.8.0/22 198.38.12.0/24 198.38.16.0/20 @@ -29068,8 +29799,10 @@ 198.49.43.0/24 198.49.44.0/24 198.49.45.0/24 -198.49.81.0/23 -198.49.83.0/23 +198.49.81.0/24 +198.49.82.0/24 +198.49.83.0/24 +198.49.84.0/24 198.49.85.0/24 198.49.91.0/24 198.49.92.0/23 @@ -29090,7 +29823,8 @@ 198.49.114.0/24 198.49.115.0/24 198.49.116.0/24 -198.49.117.0/23 +198.49.117.0/24 +198.49.118.0/24 198.49.119.0/24 198.49.120.0/24 198.49.121.0/24 @@ -29111,7 +29845,8 @@ 198.49.151.0/24 198.49.152.0/23 198.49.154.0/24 -198.49.155.0/23 +198.49.155.0/24 +198.49.156.0/24 198.49.157.0/24 198.49.158.0/24 198.49.159.0/24 @@ -29218,7 +29953,9 @@ 198.51.26.0/23 198.51.28.0/23 198.51.30.0/24 -198.51.31.0/22 +198.51.31.0/24 +198.51.32.0/23 +198.51.34.0/24 198.51.35.0/24 198.51.36.0/24 198.51.37.0/24 @@ -29277,7 +30014,9 @@ 198.51.122.0/24 198.51.123.0/24 198.51.124.0/24 -198.51.125.0/22 +198.51.125.0/24 +198.51.126.0/23 +198.51.128.0/24 198.51.129.0/24 198.51.130.0/24 198.51.141.0/24 @@ -29298,11 +30037,13 @@ 198.51.165.0/24 198.51.166.0/24 198.51.167.0/24 -198.51.170.0/22 +198.51.170.0/23 +198.51.172.0/23 198.51.174.0/24 198.51.175.0/24 198.51.176.0/24 -198.51.177.0/23 +198.51.177.0/24 +198.51.178.0/24 198.51.179.0/24 198.51.180.0/22 198.51.184.0/24 @@ -29347,7 +30088,8 @@ 198.51.231.0/24 198.51.232.0/24 198.51.233.0/24 -198.51.234.0/22 +198.51.234.0/23 +198.51.236.0/23 198.51.238.0/24 198.51.239.0/24 198.51.241.0/24 @@ -29403,16 +30145,16 @@ 198.58.64.0/21 198.59.0.0/16 198.60.0.0/16 -198.61.4.0/24 -198.61.5.0/23 +198.61.4.0/23 +198.61.6.0/24 198.61.16.0/20 198.61.32.0/20 198.61.48.0/21 198.61.56.0/24 198.61.64.0/19 198.62.0.0/21 -198.62.8.0/24 -198.62.9.0/23 +198.62.8.0/23 +198.62.10.0/24 198.62.11.0/24 198.62.12.0/22 198.62.32.0/20 @@ -29485,12 +30227,15 @@ 198.62.133.0/24 198.62.134.0/24 198.62.135.0/24 -198.62.137.0/23 +198.62.137.0/24 +198.62.138.0/24 198.62.139.0/24 198.62.140.0/24 198.62.141.0/24 198.62.142.0/24 -198.62.143.0/22 +198.62.143.0/24 +198.62.144.0/23 +198.62.146.0/24 198.62.147.0/24 198.62.148.0/22 198.62.152.0/24 @@ -29528,7 +30273,8 @@ 198.62.190.0/24 198.62.191.0/24 198.62.192.0/24 -198.62.193.0/23 +198.62.193.0/24 +198.62.194.0/24 198.62.195.0/24 198.62.196.0/24 198.62.197.0/24 @@ -29578,9 +30324,15 @@ 198.62.246.0/23 198.62.248.0/23 198.62.250.0/24 -198.62.251.0/22 -198.63.0.0/14 -198.67.0.0/14 +198.62.251.0/24 +198.62.252.0/23 +198.62.254.0/24 +198.63.0.0/16 +198.64.0.0/15 +198.66.0.0/16 +198.67.0.0/16 +198.68.0.0/15 +198.70.0.0/16 198.71.0.0/22 198.71.4.0/23 198.71.8.0/21 @@ -29609,7 +30361,8 @@ 198.73.174.0/24 198.73.175.0/24 198.73.222.0/24 -198.73.223.0/23 +198.73.223.0/24 +198.73.224.0/24 198.73.228.0/24 198.73.229.0/24 198.73.230.0/24 @@ -29654,7 +30407,8 @@ 198.88.0.0/16 198.89.0.0/22 198.89.4.0/24 -198.89.5.0/23 +198.89.5.0/24 +198.89.6.0/24 198.89.16.0/21 198.89.24.0/23 198.89.32.0/21 @@ -29712,7 +30466,8 @@ 198.97.36.0/24 198.97.37.0/24 198.97.38.0/24 -198.97.39.0/23 +198.97.39.0/24 +198.97.40.0/24 198.97.41.0/24 198.97.42.0/24 198.97.43.0/24 @@ -29750,7 +30505,10 @@ 198.97.78.0/24 198.97.79.0/24 198.97.80.0/24 -198.97.81.0/21 +198.97.81.0/24 +198.97.82.0/23 +198.97.84.0/22 +198.97.88.0/24 198.97.89.0/24 198.97.90.0/24 198.97.91.0/24 @@ -29834,8 +30592,8 @@ 198.97.209.0/24 198.97.210.0/24 198.97.227.0/24 -198.97.234.0/24 -198.97.235.0/23 +198.97.234.0/23 +198.97.236.0/24 198.97.240.0/24 198.97.243.0/24 198.97.244.0/24 @@ -29849,8 +30607,8 @@ 198.97.253.0/24 198.97.254.0/24 198.98.0.0/22 -198.98.4.0/24 -198.98.5.0/23 +198.98.4.0/23 +198.98.6.0/24 198.98.8.0/22 198.98.12.0/24 198.98.16.0/22 @@ -29878,7 +30636,9 @@ 198.99.66.0/24 198.99.67.0/24 198.99.68.0/24 -198.99.69.0/22 +198.99.69.0/24 +198.99.70.0/23 +198.99.72.0/24 198.99.73.0/24 198.99.74.0/24 198.99.75.0/24 @@ -29986,12 +30746,15 @@ 198.99.193.0/24 198.99.194.0/24 198.99.195.0/24 -198.99.197.0/22 +198.99.197.0/24 +198.99.198.0/23 +198.99.200.0/24 198.99.201.0/24 198.99.202.0/24 198.99.203.0/24 198.99.204.0/24 -198.99.205.0/23 +198.99.205.0/24 +198.99.206.0/24 198.99.207.0/24 198.99.208.0/24 198.99.209.0/24 @@ -30007,7 +30770,8 @@ 198.99.224.0/22 198.99.228.0/24 198.99.229.0/24 -198.99.230.0/22 +198.99.230.0/23 +198.99.232.0/23 198.99.234.0/24 198.99.235.0/24 198.99.236.0/24 @@ -30019,7 +30783,8 @@ 198.99.243.0/24 198.99.244.0/24 198.99.245.0/24 -198.99.246.0/22 +198.99.246.0/23 +198.99.248.0/23 198.99.250.0/23 198.99.252.0/23 198.99.254.0/24 @@ -30036,12 +30801,14 @@ 198.100.92.0/23 198.101.0.0/22 198.101.4.0/24 -198.101.5.0/23 +198.101.5.0/24 +198.101.6.0/24 198.101.16.0/21 198.101.24.0/23 198.101.32.0/20 198.102.0.0/24 -198.102.1.0/23 +198.102.1.0/24 +198.102.2.0/24 198.102.3.0/24 198.102.5.0/24 198.102.6.0/24 @@ -30088,12 +30855,12 @@ 198.102.109.0/24 198.102.110.0/24 198.102.111.0/24 -198.102.112.0/24 -198.102.113.0/23 -198.102.115.0/23 -198.102.117.0/24 -198.102.118.0/24 -198.102.119.0/23 +198.102.112.0/23 +198.102.114.0/24 +198.102.115.0/24 +198.102.116.0/23 +198.102.118.0/23 +198.102.120.0/24 198.102.121.0/24 198.102.122.0/23 198.102.124.0/23 @@ -30118,20 +30885,32 @@ 198.102.160.0/24 198.102.161.0/24 198.102.162.0/24 -198.102.163.0/21 +198.102.163.0/24 +198.102.164.0/22 +198.102.168.0/23 +198.102.170.0/24 198.102.171.0/24 198.102.172.0/24 198.102.173.0/24 198.102.175.0/24 198.102.176.0/21 198.102.184.0/23 -198.102.186.0/23 -198.102.188.0/22 -198.102.192.0/23 -198.102.194.0/22 +198.102.186.0/24 +198.102.187.0/24 +198.102.188.0/24 +198.102.189.0/24 +198.102.190.0/24 +198.102.191.0/24 +198.102.192.0/24 +198.102.193.0/24 +198.102.194.0/24 +198.102.195.0/24 +198.102.196.0/24 +198.102.197.0/24 198.102.198.0/23 198.102.200.0/24 -198.102.201.0/23 +198.102.201.0/24 +198.102.202.0/24 198.102.203.0/24 198.102.204.0/24 198.102.205.0/24 @@ -30189,7 +30968,8 @@ 198.107.0.0/16 198.108.0.0/14 198.112.0.0/14 -198.116.0.0/13 +198.116.0.0/14 +198.120.0.0/14 198.124.0.0/14 198.128.0.0/14 198.132.0.0/16 @@ -30216,7 +30996,9 @@ 198.133.108.0/24 198.133.109.0/24 198.133.110.0/24 -198.133.111.0/22 +198.133.111.0/24 +198.133.112.0/23 +198.133.114.0/24 198.133.115.0/24 198.133.116.0/24 198.133.117.0/24 @@ -30304,7 +31086,9 @@ 198.133.223.0/24 198.133.224.0/24 198.133.225.0/24 -198.133.227.0/22 +198.133.227.0/24 +198.133.228.0/23 +198.133.230.0/24 198.133.232.0/24 198.133.233.0/24 198.133.234.0/23 @@ -30580,7 +31364,10 @@ 198.135.204.0/24 198.135.205.0/24 198.135.206.0/24 -198.135.207.0/21 +198.135.207.0/24 +198.135.208.0/22 +198.135.212.0/23 +198.135.214.0/24 198.135.215.0/24 198.135.217.0/24 198.135.218.0/24 @@ -30802,10 +31589,12 @@ 198.137.192.0/24 198.137.193.0/24 198.137.194.0/24 -198.137.195.0/23 +198.137.195.0/24 +198.137.196.0/24 198.137.197.0/24 198.137.198.0/24 -198.137.199.0/23 +198.137.199.0/24 +198.137.200.0/24 198.137.202.0/24 198.137.203.0/24 198.137.204.0/24 @@ -30856,9 +31645,28 @@ 198.140.8.0/21 198.140.16.0/21 198.140.24.0/23 -198.140.32.0/22 -198.140.36.0/20 -198.140.52.0/23 +198.140.32.0/24 +198.140.33.0/24 +198.140.34.0/24 +198.140.35.0/24 +198.140.36.0/24 +198.140.37.0/24 +198.140.38.0/24 +198.140.39.0/24 +198.140.40.0/24 +198.140.41.0/24 +198.140.42.0/24 +198.140.43.0/24 +198.140.44.0/24 +198.140.45.0/24 +198.140.46.0/24 +198.140.47.0/24 +198.140.48.0/24 +198.140.49.0/24 +198.140.50.0/24 +198.140.51.0/24 +198.140.52.0/24 +198.140.53.0/24 198.140.54.0/24 198.140.55.0/24 198.140.56.0/24 @@ -30923,7 +31731,8 @@ 198.140.187.0/24 198.140.188.0/24 198.140.189.0/24 -198.140.190.0/22 +198.140.190.0/23 +198.140.192.0/23 198.140.194.0/24 198.140.195.0/24 198.140.196.0/24 @@ -30932,8 +31741,8 @@ 198.140.199.0/24 198.140.200.0/24 198.140.201.0/24 -198.140.202.0/24 -198.140.203.0/23 +198.140.202.0/23 +198.140.204.0/24 198.140.205.0/24 198.140.206.0/24 198.140.207.0/24 @@ -30968,7 +31777,8 @@ 198.140.243.0/24 198.140.244.0/24 198.140.245.0/24 -198.140.246.0/22 +198.140.246.0/23 +198.140.248.0/23 198.140.250.0/23 198.140.252.0/23 198.140.254.0/24 @@ -31025,7 +31835,8 @@ 198.147.172.0/23 198.147.174.0/24 198.147.175.0/24 -198.147.177.0/23 +198.147.177.0/24 +198.147.178.0/24 198.147.179.0/24 198.147.180.0/24 198.147.181.0/24 @@ -31061,22 +31872,27 @@ 198.147.224.0/24 198.147.225.0/24 198.147.226.0/24 -198.147.227.0/23 +198.147.227.0/24 +198.147.228.0/24 198.147.229.0/24 198.147.230.0/23 198.147.232.0/23 198.147.234.0/24 198.147.235.0/24 198.147.236.0/24 -198.147.237.0/23 -198.147.239.0/22 +198.147.237.0/24 +198.147.238.0/24 +198.147.239.0/24 +198.147.240.0/23 +198.147.242.0/24 198.147.243.0/24 198.147.244.0/24 198.147.245.0/24 198.147.246.0/24 198.147.248.0/24 198.147.249.0/24 -198.147.250.0/22 +198.147.250.0/23 +198.147.252.0/23 198.147.254.0/24 198.148.0.0/22 198.148.4.0/23 @@ -31130,8 +31946,16 @@ 198.148.184.0/23 198.148.186.0/24 198.148.187.0/24 -198.148.188.0/21 -198.148.196.0/23 +198.148.188.0/24 +198.148.189.0/24 +198.148.190.0/24 +198.148.191.0/24 +198.148.192.0/24 +198.148.193.0/24 +198.148.194.0/24 +198.148.195.0/24 +198.148.196.0/24 +198.148.197.0/24 198.148.198.0/24 198.148.199.0/24 198.148.200.0/23 @@ -31152,7 +31976,9 @@ 198.148.218.0/23 198.148.220.0/23 198.148.222.0/24 -198.148.223.0/22 +198.148.223.0/24 +198.148.224.0/23 +198.148.226.0/24 198.148.227.0/24 198.148.228.0/24 198.148.229.0/24 @@ -31175,7 +32001,9 @@ 198.148.248.0/24 198.148.249.0/24 198.148.250.0/24 -198.148.251.0/22 +198.148.251.0/24 +198.148.252.0/23 +198.148.254.0/24 198.149.0.0/16 198.150.0.0/16 198.151.0.0/21 @@ -31210,7 +32038,9 @@ 198.151.135.0/24 198.151.136.0/24 198.151.138.0/24 -198.151.139.0/22 +198.151.139.0/24 +198.151.140.0/23 +198.151.142.0/24 198.151.143.0/24 198.151.145.0/24 198.151.146.0/24 @@ -31245,7 +32075,8 @@ 198.151.179.0/24 198.151.180.0/22 198.151.184.0/24 -198.151.185.0/23 +198.151.185.0/24 +198.151.186.0/24 198.151.187.0/24 198.151.188.0/24 198.151.189.0/24 @@ -31270,7 +32101,8 @@ 198.151.213.0/24 198.151.214.0/24 198.151.215.0/24 -198.151.217.0/23 +198.151.217.0/24 +198.151.218.0/24 198.151.219.0/24 198.151.220.0/24 198.151.221.0/24 @@ -31285,7 +32117,9 @@ 198.151.232.0/24 198.151.233.0/24 198.151.234.0/24 -198.151.235.0/22 +198.151.235.0/24 +198.151.236.0/23 +198.151.238.0/24 198.151.239.0/24 198.151.240.0/22 198.151.244.0/24 @@ -31340,7 +32174,9 @@ 198.153.162.0/24 198.153.163.0/24 198.153.164.0/24 -198.153.165.0/22 +198.153.165.0/24 +198.153.166.0/23 +198.153.168.0/24 198.153.169.0/24 198.153.170.0/24 198.153.171.0/24 @@ -31382,7 +32218,8 @@ 198.153.237.0/24 198.153.238.0/23 198.153.240.0/23 -198.153.242.0/22 +198.153.242.0/23 +198.153.244.0/23 198.153.246.0/24 198.153.247.0/24 198.153.248.0/24 @@ -31421,7 +32258,14 @@ 198.160.24.0/23 198.160.32.0/20 198.160.48.0/23 -198.160.50.0/21 +198.160.50.0/24 +198.160.51.0/24 +198.160.52.0/24 +198.160.53.0/24 +198.160.54.0/24 +198.160.55.0/24 +198.160.56.0/24 +198.160.57.0/24 198.160.64.0/19 198.160.96.0/19 198.160.128.0/22 @@ -31438,7 +32282,9 @@ 198.160.144.0/24 198.160.145.0/24 198.160.146.0/24 -198.160.147.0/22 +198.160.147.0/24 +198.160.148.0/23 +198.160.150.0/24 198.160.151.0/24 198.160.152.0/24 198.160.153.0/24 @@ -31504,7 +32350,8 @@ 198.160.231.0/24 198.160.232.0/22 198.160.236.0/24 -198.160.238.0/22 +198.160.238.0/23 +198.160.240.0/23 198.160.242.0/23 198.160.244.0/24 198.160.245.0/24 @@ -31518,6 +32365,7 @@ 198.160.254.0/24 198.161.80.0/24 198.161.246.0/23 +198.162.192.0/20 198.162.224.0/24 198.163.74.0/23 198.163.176.0/23 @@ -31530,7 +32378,8 @@ 198.168.192.0/24 198.169.7.0/24 198.169.188.0/23 -198.170.0.0/14 +198.170.0.0/15 +198.172.0.0/15 198.174.0.0/16 198.175.0.0/22 198.175.4.0/22 @@ -31547,7 +32396,9 @@ 198.175.52.0/24 198.175.53.0/24 198.175.54.0/24 -198.175.55.0/22 +198.175.55.0/24 +198.175.56.0/23 +198.175.58.0/24 198.175.59.0/24 198.175.60.0/24 198.175.61.0/24 @@ -31585,7 +32436,9 @@ 198.175.164.0/24 198.175.165.0/24 198.175.166.0/24 -198.175.167.0/22 +198.175.167.0/24 +198.175.168.0/23 +198.175.170.0/24 198.175.171.0/24 198.175.172.0/24 198.175.173.0/24 @@ -31616,7 +32469,8 @@ 198.175.206.0/24 198.175.207.0/24 198.175.208.0/24 -198.175.209.0/23 +198.175.209.0/24 +198.175.210.0/24 198.175.211.0/24 198.175.212.0/22 198.175.216.0/23 @@ -31646,7 +32500,8 @@ 198.175.248.0/24 198.175.249.0/24 198.175.250.0/24 -198.175.251.0/23 +198.175.251.0/24 +198.175.252.0/24 198.175.253.0/24 198.175.254.0/24 198.176.0.0/21 @@ -31656,6 +32511,7 @@ 198.176.32.0/21 198.176.40.0/23 198.176.42.0/24 +198.176.48.0/20 198.176.64.0/19 198.176.96.0/20 198.176.112.0/22 @@ -31681,7 +32537,8 @@ 198.176.145.0/24 198.176.146.0/23 198.176.148.0/24 -198.176.150.0/22 +198.176.150.0/23 +198.176.152.0/23 198.176.155.0/24 198.176.156.0/24 198.176.157.0/24 @@ -31710,7 +32567,8 @@ 198.176.188.0/22 198.176.192.0/24 198.176.193.0/24 -198.176.194.0/22 +198.176.194.0/23 +198.176.196.0/23 198.176.198.0/24 198.176.199.0/24 198.176.200.0/24 @@ -31782,10 +32640,13 @@ 198.177.138.0/24 198.177.139.0/24 198.177.140.0/24 -198.177.141.0/22 +198.177.141.0/24 +198.177.142.0/23 +198.177.144.0/24 198.177.145.0/24 198.177.146.0/24 -198.177.147.0/23 +198.177.147.0/24 +198.177.148.0/24 198.177.149.0/24 198.177.150.0/24 198.177.151.0/24 @@ -31795,7 +32656,8 @@ 198.177.155.0/24 198.177.156.0/24 198.177.157.0/24 -198.177.158.0/22 +198.177.158.0/23 +198.177.160.0/23 198.177.162.0/24 198.177.163.0/24 198.177.164.0/22 @@ -31861,7 +32723,9 @@ 198.177.244.0/22 198.177.248.0/23 198.177.250.0/24 -198.177.251.0/22 +198.177.251.0/24 +198.177.252.0/23 +198.177.254.0/24 198.178.0.0/21 198.178.8.0/21 198.178.16.0/21 @@ -31915,7 +32779,8 @@ 198.178.175.0/24 198.178.176.0/22 198.178.180.0/23 -198.178.182.0/22 +198.178.182.0/23 +198.178.184.0/23 198.178.186.0/24 198.178.187.0/24 198.178.188.0/24 @@ -31932,16 +32797,21 @@ 198.178.200.0/24 198.178.201.0/24 198.178.202.0/24 -198.178.203.0/22 +198.178.203.0/24 +198.178.204.0/23 +198.178.206.0/24 198.178.207.0/24 198.178.208.0/23 198.178.210.0/24 -198.178.211.0/23 +198.178.211.0/24 +198.178.212.0/24 198.178.213.0/24 198.178.214.0/24 198.178.215.0/24 198.178.216.0/24 -198.178.217.0/22 +198.178.217.0/24 +198.178.218.0/23 +198.178.220.0/24 198.178.221.0/24 198.178.222.0/24 198.178.223.0/24 @@ -32027,7 +32897,8 @@ 198.179.179.0/24 198.179.180.0/24 198.179.181.0/24 -198.179.182.0/22 +198.179.182.0/23 +198.179.184.0/23 198.179.186.0/24 198.179.187.0/24 198.179.188.0/24 @@ -32055,11 +32926,15 @@ 198.179.212.0/24 198.179.213.0/24 198.179.214.0/24 -198.179.215.0/22 +198.179.215.0/24 +198.179.216.0/23 +198.179.218.0/24 198.179.221.0/24 198.179.222.0/23 198.179.224.0/24 -198.179.225.0/22 +198.179.225.0/24 +198.179.226.0/23 +198.179.228.0/24 198.179.229.0/24 198.179.230.0/24 198.179.231.0/24 @@ -32098,22 +32973,28 @@ 198.180.131.0/24 198.180.132.0/22 198.180.136.0/24 -198.180.137.0/23 +198.180.137.0/24 +198.180.138.0/24 198.180.139.0/24 198.180.140.0/24 198.180.141.0/24 198.180.142.0/24 -198.180.143.0/22 +198.180.143.0/24 +198.180.144.0/23 +198.180.146.0/24 198.180.147.0/24 198.180.148.0/24 198.180.149.0/24 -198.180.150.0/22 +198.180.150.0/23 +198.180.152.0/23 198.180.154.0/24 198.180.155.0/24 198.180.156.0/23 198.180.158.0/24 198.180.160.0/24 -198.180.161.0/22 +198.180.161.0/24 +198.180.162.0/23 +198.180.164.0/24 198.180.165.0/24 198.180.166.0/24 198.180.167.0/24 @@ -32132,7 +33013,8 @@ 198.180.189.0/24 198.180.190.0/24 198.180.192.0/24 -198.180.193.0/23 +198.180.193.0/24 +198.180.194.0/24 198.180.195.0/24 198.180.196.0/24 198.180.197.0/24 @@ -32210,7 +33092,8 @@ 198.181.150.0/24 198.181.151.0/24 198.181.152.0/24 -198.181.153.0/23 +198.181.153.0/24 +198.181.154.0/24 198.181.155.0/24 198.181.156.0/24 198.181.157.0/24 @@ -32221,7 +33104,9 @@ 198.181.163.0/24 198.181.164.0/24 198.181.165.0/24 -198.181.169.0/22 +198.181.169.0/24 +198.181.170.0/23 +198.181.172.0/24 198.181.173.0/24 198.181.174.0/24 198.181.175.0/24 @@ -32247,20 +33132,24 @@ 198.181.196.0/24 198.181.197.0/24 198.181.198.0/24 -198.181.202.0/22 +198.181.202.0/23 +198.181.204.0/23 198.181.206.0/24 198.181.207.0/24 198.181.208.0/22 198.181.212.0/23 198.181.214.0/24 -198.181.215.0/23 +198.181.215.0/24 +198.181.216.0/24 198.181.217.0/24 198.181.218.0/24 198.181.219.0/24 198.181.220.0/24 198.181.221.0/24 198.181.222.0/24 -198.181.223.0/22 +198.181.223.0/24 +198.181.224.0/23 +198.181.226.0/24 198.181.227.0/24 198.181.228.0/24 198.181.229.0/24 @@ -32295,7 +33184,8 @@ 198.182.130.0/23 198.182.132.0/23 198.182.134.0/24 -198.182.135.0/23 +198.182.135.0/24 +198.182.136.0/24 198.182.137.0/24 198.182.138.0/24 198.182.139.0/24 @@ -32336,7 +33226,9 @@ 198.182.186.0/23 198.182.188.0/23 198.182.190.0/24 -198.182.191.0/22 +198.182.191.0/24 +198.182.192.0/23 +198.182.194.0/24 198.182.195.0/24 198.182.196.0/24 198.182.197.0/24 @@ -32348,7 +33240,8 @@ 198.182.204.0/24 198.182.205.0/24 198.182.206.0/24 -198.182.207.0/23 +198.182.207.0/24 +198.182.208.0/24 198.182.209.0/24 198.182.210.0/23 198.182.212.0/24 @@ -32357,7 +33250,8 @@ 198.182.220.0/24 198.182.221.0/24 198.182.222.0/24 -198.182.223.0/23 +198.182.223.0/24 +198.182.224.0/24 198.182.225.0/24 198.182.226.0/24 198.182.227.0/24 @@ -32380,7 +33274,8 @@ 198.182.248.0/24 198.182.249.0/24 198.182.250.0/24 -198.182.251.0/23 +198.182.251.0/24 +198.182.252.0/24 198.182.253.0/24 198.183.0.0/23 198.183.2.0/24 @@ -32394,7 +33289,8 @@ 198.183.132.0/24 198.183.133.0/24 198.183.134.0/24 -198.183.135.0/23 +198.183.135.0/24 +198.183.136.0/24 198.183.137.0/24 198.183.138.0/24 198.183.139.0/24 @@ -32403,14 +33299,16 @@ 198.183.145.0/24 198.183.146.0/23 198.183.148.0/24 -198.183.149.0/23 +198.183.149.0/24 +198.183.150.0/24 198.183.151.0/24 198.183.152.0/24 198.183.153.0/24 198.183.154.0/24 198.183.155.0/24 198.183.156.0/24 -198.183.157.0/23 +198.183.157.0/24 +198.183.158.0/24 198.183.159.0/24 198.183.160.0/22 198.183.164.0/22 @@ -32433,17 +33331,20 @@ 198.183.194.0/24 198.183.195.0/24 198.183.196.0/24 -198.183.197.0/23 +198.183.197.0/24 +198.183.198.0/24 198.183.199.0/24 198.183.200.0/23 198.183.202.0/24 198.183.204.0/24 198.183.205.0/24 -198.183.206.0/22 +198.183.206.0/23 +198.183.208.0/23 198.183.210.0/23 198.183.212.0/22 198.183.216.0/24 -198.183.217.0/23 +198.183.217.0/24 +198.183.218.0/24 198.183.224.0/24 198.183.227.0/24 198.183.228.0/22 @@ -32453,7 +33354,8 @@ 198.183.239.0/24 198.183.240.0/24 198.183.241.0/24 -198.183.242.0/22 +198.183.242.0/23 +198.183.244.0/23 198.183.246.0/24 198.183.247.0/24 198.183.248.0/23 @@ -32472,7 +33374,8 @@ 198.184.60.0/23 198.184.64.0/18 198.184.128.0/24 -198.184.129.0/23 +198.184.129.0/24 +198.184.130.0/24 198.184.131.0/24 198.184.132.0/24 198.184.133.0/24 @@ -32493,18 +33396,24 @@ 198.184.148.0/24 198.184.149.0/24 198.184.150.0/24 -198.184.155.0/22 +198.184.155.0/24 +198.184.156.0/23 +198.184.158.0/24 198.184.159.0/24 198.184.160.0/24 198.184.162.0/24 198.184.163.0/24 198.184.164.0/24 -198.184.165.0/22 +198.184.165.0/24 +198.184.166.0/23 +198.184.168.0/24 198.184.169.0/24 198.184.170.0/24 198.184.171.0/24 198.184.172.0/24 -198.184.173.0/22 +198.184.173.0/24 +198.184.174.0/23 +198.184.176.0/24 198.184.177.0/24 198.184.178.0/24 198.184.179.0/24 @@ -32523,7 +33432,8 @@ 198.184.199.0/24 198.184.200.0/24 198.184.201.0/24 -198.184.202.0/22 +198.184.202.0/23 +198.184.204.0/23 198.184.206.0/24 198.184.207.0/24 198.184.208.0/24 @@ -32533,7 +33443,8 @@ 198.184.212.0/24 198.184.213.0/24 198.184.214.0/24 -198.184.215.0/23 +198.184.215.0/24 +198.184.216.0/24 198.184.217.0/24 198.184.218.0/24 198.184.219.0/24 @@ -32551,12 +33462,16 @@ 198.184.232.0/22 198.184.236.0/22 198.184.240.0/24 -198.184.241.0/22 +198.184.241.0/24 +198.184.242.0/23 +198.184.244.0/24 198.184.245.0/24 198.184.246.0/23 198.184.248.0/23 198.184.250.0/24 -198.184.251.0/22 +198.184.251.0/24 +198.184.252.0/23 +198.184.254.0/24 198.185.0.0/22 198.185.4.0/22 198.185.8.0/21 @@ -32582,9 +33497,9 @@ 198.185.142.0/24 198.185.143.0/24 198.185.144.0/24 -198.185.145.0/23 -198.185.147.0/22 -198.185.151.0/24 +198.185.145.0/24 +198.185.146.0/23 +198.185.148.0/22 198.185.152.0/24 198.185.153.0/24 198.185.154.0/24 @@ -32599,7 +33514,8 @@ 198.185.173.0/24 198.185.174.0/23 198.185.176.0/23 -198.185.178.0/22 +198.185.178.0/23 +198.185.180.0/23 198.185.182.0/24 198.185.183.0/24 198.185.184.0/24 @@ -32626,14 +33542,22 @@ 198.185.210.0/24 198.185.211.0/24 198.185.212.0/24 -198.185.213.0/22 -198.185.217.0/22 -198.185.221.0/22 -198.185.225.0/23 +198.185.213.0/24 +198.185.214.0/23 +198.185.216.0/24 +198.185.217.0/24 +198.185.218.0/23 +198.185.220.0/24 +198.185.221.0/24 +198.185.222.0/23 +198.185.224.0/24 +198.185.225.0/24 +198.185.226.0/24 198.185.227.0/24 198.185.228.0/24 198.185.229.0/24 -198.185.230.0/22 +198.185.230.0/23 +198.185.232.0/23 198.185.234.0/24 198.185.235.0/24 198.185.236.0/24 @@ -32661,13 +33585,16 @@ 198.186.132.0/24 198.186.133.0/24 198.186.134.0/24 -198.186.135.0/23 -198.186.137.0/23 +198.186.135.0/24 +198.186.136.0/24 +198.186.137.0/24 +198.186.138.0/24 198.186.139.0/24 198.186.140.0/24 198.186.141.0/24 198.186.142.0/24 -198.186.143.0/23 +198.186.143.0/24 +198.186.144.0/24 198.186.145.0/24 198.186.146.0/24 198.186.147.0/24 @@ -32681,7 +33608,8 @@ 198.186.160.0/24 198.186.161.0/24 198.186.164.0/24 -198.186.165.0/23 +198.186.165.0/24 +198.186.166.0/24 198.186.168.0/23 198.186.170.0/24 198.186.171.0/24 @@ -32703,7 +33631,9 @@ 198.186.190.0/23 198.186.192.0/23 198.186.194.0/24 -198.186.195.0/22 +198.186.195.0/24 +198.186.196.0/23 +198.186.198.0/24 198.186.199.0/24 198.186.200.0/22 198.186.204.0/24 @@ -32760,13 +33690,15 @@ 198.187.134.0/24 198.187.135.0/24 198.187.136.0/24 -198.187.141.0/23 +198.187.141.0/24 +198.187.142.0/24 198.187.143.0/24 198.187.144.0/24 198.187.145.0/24 198.187.146.0/24 198.187.150.0/24 -198.187.151.0/23 +198.187.151.0/24 +198.187.152.0/24 198.187.153.0/24 198.187.154.0/24 198.187.155.0/24 @@ -32795,7 +33727,8 @@ 198.187.193.0/24 198.187.194.0/23 198.187.196.0/24 -198.187.197.0/23 +198.187.197.0/24 +198.187.198.0/24 198.187.199.0/24 198.187.200.0/24 198.187.201.0/24 @@ -32803,9 +33736,14 @@ 198.187.203.0/24 198.187.204.0/24 198.187.205.0/24 -198.187.207.0/22 -198.187.211.0/22 -198.187.215.0/23 +198.187.207.0/24 +198.187.208.0/23 +198.187.210.0/24 +198.187.211.0/24 +198.187.212.0/23 +198.187.214.0/24 +198.187.215.0/24 +198.187.216.0/24 198.187.217.0/24 198.187.218.0/24 198.187.219.0/24 @@ -32826,7 +33764,8 @@ 198.187.238.0/24 198.187.240.0/24 198.187.241.0/24 -198.187.242.0/22 +198.187.242.0/23 +198.187.244.0/23 198.187.246.0/24 198.187.247.0/24 198.187.248.0/23 @@ -32858,7 +33797,8 @@ 198.190.144.0/24 198.190.145.0/24 198.190.146.0/24 -198.190.147.0/23 +198.190.147.0/24 +198.190.148.0/24 198.190.149.0/24 198.190.150.0/23 198.190.152.0/22 @@ -32907,12 +33847,15 @@ 198.190.202.0/24 198.190.203.0/24 198.190.204.0/24 -198.190.205.0/22 +198.190.205.0/24 +198.190.206.0/23 +198.190.208.0/24 198.190.209.0/24 198.190.210.0/24 198.190.211.0/24 198.190.212.0/24 -198.190.213.0/23 +198.190.213.0/24 +198.190.214.0/24 198.190.215.0/24 198.190.216.0/24 198.190.217.0/24 @@ -32964,7 +33907,8 @@ 198.199.128.0/24 198.199.129.0/24 198.199.130.0/24 -198.199.131.0/23 +198.199.131.0/24 +198.199.132.0/24 198.199.133.0/24 198.199.134.0/24 198.199.135.0/24 @@ -33003,7 +33947,8 @@ 198.199.172.0/24 198.199.173.0/24 198.199.174.0/24 -198.199.175.0/23 +198.199.175.0/24 +198.199.176.0/24 198.199.177.0/24 198.199.178.0/24 198.199.179.0/24 @@ -33049,17 +33994,23 @@ 198.199.228.0/24 198.199.229.0/24 198.199.230.0/24 -198.199.231.0/23 -198.199.233.0/22 +198.199.231.0/24 +198.199.232.0/24 +198.199.233.0/24 +198.199.234.0/23 +198.199.236.0/24 198.199.237.0/24 -198.199.238.0/22 +198.199.238.0/23 +198.199.240.0/23 198.199.242.0/23 198.199.244.0/23 198.199.246.0/24 198.199.248.0/24 198.199.249.0/24 198.199.250.0/24 -198.199.251.0/22 +198.199.251.0/24 +198.199.252.0/23 +198.199.254.0/24 198.200.16.0/21 198.200.24.0/22 198.200.128.0/24 @@ -33069,13 +34020,15 @@ 198.200.132.0/24 198.200.133.0/24 198.200.134.0/24 -198.200.135.0/23 +198.200.135.0/24 +198.200.136.0/24 198.200.137.0/24 198.200.138.0/24 198.200.139.0/24 198.200.140.0/24 198.200.142.0/24 -198.200.143.0/23 +198.200.143.0/24 +198.200.144.0/24 198.200.145.0/24 198.200.147.0/24 198.200.149.0/24 @@ -33105,7 +34058,9 @@ 198.200.174.0/24 198.200.175.0/24 198.200.176.0/24 -198.200.177.0/22 +198.200.177.0/24 +198.200.178.0/23 +198.200.180.0/24 198.200.181.0/24 198.200.182.0/24 198.200.183.0/24 @@ -33114,7 +34069,8 @@ 198.200.187.0/24 198.200.188.0/23 198.200.190.0/24 -198.200.191.0/23 +198.200.191.0/24 +198.200.192.0/24 198.200.193.0/24 198.200.194.0/24 198.200.195.0/24 @@ -33126,9 +34082,14 @@ 198.200.201.0/24 198.200.202.0/24 198.200.203.0/24 -198.200.205.0/22 -198.200.209.0/23 -198.200.211.0/22 +198.200.205.0/24 +198.200.206.0/23 +198.200.208.0/24 +198.200.209.0/24 +198.200.210.0/24 +198.200.211.0/24 +198.200.212.0/23 +198.200.214.0/24 198.200.215.0/24 198.200.216.0/23 198.200.218.0/24 @@ -33172,7 +34133,8 @@ 198.202.40.0/22 198.202.44.0/24 198.202.45.0/24 -198.202.46.0/22 +198.202.46.0/23 +198.202.48.0/23 198.202.50.0/23 198.202.52.0/22 198.202.56.0/21 @@ -33180,7 +34142,8 @@ 198.202.131.0/24 198.202.132.0/22 198.202.136.0/24 -198.202.137.0/23 +198.202.137.0/24 +198.202.138.0/24 198.202.139.0/24 198.202.140.0/24 198.202.144.0/24 @@ -33217,7 +34180,8 @@ 198.202.175.0/24 198.202.176.0/24 198.202.177.0/24 -198.202.178.0/22 +198.202.178.0/23 +198.202.180.0/23 198.202.182.0/24 198.202.183.0/24 198.202.184.0/24 @@ -33225,10 +34189,13 @@ 198.202.186.0/24 198.202.187.0/24 198.202.188.0/23 -198.202.190.0/22 +198.202.190.0/23 +198.202.192.0/23 198.202.194.0/24 -198.202.195.0/23 -198.202.197.0/23 +198.202.195.0/24 +198.202.196.0/24 +198.202.197.0/24 +198.202.198.0/24 198.202.199.0/24 198.202.200.0/22 198.202.204.0/24 @@ -33240,7 +34207,8 @@ 198.202.211.0/24 198.202.212.0/24 198.202.214.0/24 -198.202.215.0/23 +198.202.215.0/24 +198.202.216.0/24 198.202.217.0/24 198.202.218.0/24 198.202.219.0/24 @@ -33299,11 +34267,14 @@ 198.203.139.0/24 198.203.140.0/23 198.203.142.0/24 -198.203.143.0/23 +198.203.143.0/24 +198.203.144.0/24 198.203.145.0/24 198.203.146.0/24 -198.203.147.0/23 -198.203.149.0/23 +198.203.147.0/24 +198.203.148.0/24 +198.203.149.0/24 +198.203.150.0/24 198.203.151.0/24 198.203.152.0/24 198.203.153.0/24 @@ -33320,7 +34291,9 @@ 198.203.171.0/24 198.203.172.0/24 198.203.173.0/24 -198.203.174.0/21 +198.203.174.0/23 +198.203.176.0/22 +198.203.180.0/23 198.203.182.0/24 198.203.183.0/24 198.203.184.0/24 @@ -33329,7 +34302,8 @@ 198.203.188.0/24 198.203.189.0/24 198.203.190.0/24 -198.203.191.0/23 +198.203.191.0/24 +198.203.192.0/24 198.203.193.0/24 198.203.194.0/23 198.203.196.0/24 @@ -33364,8 +34338,10 @@ 198.203.237.0/24 198.203.238.0/23 198.203.240.0/23 -198.203.242.0/22 -198.203.246.0/22 +198.203.242.0/23 +198.203.244.0/23 +198.203.246.0/23 +198.203.248.0/23 198.203.250.0/23 198.203.252.0/23 198.203.254.0/24 @@ -33383,7 +34359,8 @@ 198.204.66.0/24 198.204.67.0/24 198.204.68.0/24 -198.204.69.0/23 +198.204.69.0/24 +198.204.70.0/24 198.204.73.0/24 198.204.74.0/24 198.204.75.0/24 @@ -33430,6 +34407,7 @@ 198.204.192.0/21 198.204.200.0/23 198.204.202.0/24 +198.204.208.0/20 198.205.0.0/22 198.205.4.0/24 198.205.8.0/22 @@ -33439,6 +34417,7 @@ 198.205.32.0/19 198.205.64.0/19 198.205.96.0/22 +198.205.112.0/20 198.205.128.0/17 198.206.0.0/21 198.206.8.0/21 @@ -33461,12 +34440,15 @@ 198.206.151.0/24 198.206.152.0/22 198.206.156.0/24 -198.206.157.0/22 +198.206.157.0/24 +198.206.158.0/23 +198.206.160.0/24 198.206.161.0/24 198.206.162.0/24 198.206.163.0/24 198.206.164.0/24 -198.206.165.0/23 +198.206.165.0/24 +198.206.166.0/24 198.206.167.0/24 198.206.168.0/24 198.206.169.0/24 @@ -33496,9 +34478,12 @@ 198.206.198.0/23 198.206.203.0/24 198.206.204.0/24 -198.206.205.0/22 +198.206.205.0/24 +198.206.206.0/23 +198.206.208.0/24 198.206.209.0/24 -198.206.210.0/22 +198.206.210.0/23 +198.206.212.0/23 198.206.214.0/24 198.206.215.0/24 198.206.216.0/24 @@ -33512,12 +34497,15 @@ 198.206.225.0/24 198.206.227.0/24 198.206.228.0/23 -198.206.230.0/22 +198.206.230.0/23 +198.206.232.0/23 198.206.234.0/23 198.206.236.0/24 198.206.237.0/24 198.206.238.0/24 -198.206.239.0/22 +198.206.239.0/24 +198.206.240.0/23 +198.206.242.0/24 198.206.243.0/24 198.206.244.0/24 198.206.246.0/24 @@ -33536,8 +34524,12 @@ 198.207.137.0/24 198.207.138.0/23 198.207.140.0/24 -198.207.141.0/22 -198.207.153.0/22 +198.207.141.0/24 +198.207.142.0/23 +198.207.144.0/24 +198.207.153.0/24 +198.207.154.0/23 +198.207.156.0/24 198.207.157.0/24 198.207.158.0/24 198.207.159.0/24 @@ -33551,7 +34543,9 @@ 198.207.168.0/24 198.207.169.0/24 198.207.170.0/24 -198.207.171.0/22 +198.207.171.0/24 +198.207.172.0/23 +198.207.174.0/24 198.207.175.0/24 198.207.176.0/24 198.207.177.0/24 @@ -33582,7 +34576,9 @@ 198.207.210.0/24 198.207.211.0/24 198.207.212.0/24 -198.207.213.0/22 +198.207.213.0/24 +198.207.214.0/23 +198.207.216.0/24 198.207.219.0/24 198.207.220.0/24 198.207.222.0/24 @@ -33592,12 +34588,16 @@ 198.207.226.0/24 198.207.227.0/24 198.207.228.0/24 -198.207.229.0/22 +198.207.229.0/24 +198.207.230.0/23 +198.207.232.0/24 198.207.233.0/24 198.207.234.0/24 198.207.235.0/24 198.207.236.0/24 -198.207.237.0/22 +198.207.237.0/24 +198.207.238.0/23 +198.207.240.0/24 198.207.241.0/24 198.207.242.0/24 198.207.243.0/24 @@ -33635,7 +34635,8 @@ 198.212.135.0/24 198.212.136.0/22 198.212.140.0/24 -198.212.141.0/23 +198.212.141.0/24 +198.212.142.0/24 198.212.143.0/24 198.212.144.0/22 198.212.148.0/23 @@ -33645,7 +34646,8 @@ 198.212.154.0/24 198.212.155.0/24 198.212.156.0/24 -198.212.157.0/23 +198.212.157.0/24 +198.212.158.0/24 198.212.159.0/24 198.212.160.0/23 198.212.162.0/23 @@ -33666,10 +34668,12 @@ 198.212.183.0/24 198.212.184.0/22 198.212.188.0/24 -198.212.189.0/23 +198.212.189.0/24 +198.212.190.0/24 198.212.191.0/24 198.212.192.0/23 -198.212.194.0/22 +198.212.194.0/23 +198.212.196.0/23 198.212.198.0/24 198.212.199.0/24 198.212.200.0/24 @@ -33686,7 +34690,8 @@ 198.212.216.0/24 198.212.217.0/24 198.212.218.0/24 -198.212.219.0/23 +198.212.219.0/24 +198.212.220.0/24 198.212.221.0/24 198.212.222.0/24 198.212.223.0/24 @@ -33762,7 +34767,8 @@ 198.232.134.0/24 198.232.135.0/24 198.232.136.0/24 -198.232.137.0/23 +198.232.137.0/24 +198.232.138.0/24 198.232.139.0/24 198.232.140.0/24 198.232.141.0/24 @@ -33805,11 +34811,13 @@ 198.232.200.0/22 198.232.204.0/24 198.232.205.0/24 -198.232.206.0/22 +198.232.206.0/23 +198.232.208.0/23 198.232.210.0/24 198.232.211.0/24 198.232.212.0/23 -198.232.214.0/22 +198.232.214.0/23 +198.232.216.0/23 198.232.221.0/24 198.232.224.0/24 198.232.225.0/24 @@ -33830,7 +34838,9 @@ 198.232.246.0/24 198.232.247.0/24 198.232.248.0/24 -198.232.249.0/22 +198.232.249.0/24 +198.232.250.0/23 +198.232.252.0/24 198.233.0.0/16 198.234.0.0/16 198.235.32.0/20 @@ -33887,18 +34897,24 @@ 198.245.151.0/24 198.245.152.0/22 198.245.156.0/24 -198.245.157.0/23 +198.245.157.0/24 +198.245.158.0/24 198.245.159.0/24 198.245.161.0/24 198.245.162.0/24 198.245.163.0/24 198.245.164.0/24 -198.245.165.0/23 +198.245.165.0/24 +198.245.166.0/24 198.245.167.0/24 198.245.168.0/24 -198.245.169.0/22 -198.245.179.0/23 -198.245.181.0/23 +198.245.169.0/24 +198.245.170.0/23 +198.245.172.0/24 +198.245.179.0/24 +198.245.180.0/24 +198.245.181.0/24 +198.245.182.0/24 198.245.183.0/24 198.245.184.0/23 198.245.186.0/24 @@ -33939,10 +34955,12 @@ 198.245.237.0/24 198.245.238.0/23 198.245.240.0/24 -198.245.241.0/23 +198.245.241.0/24 +198.245.242.0/24 198.245.243.0/24 198.245.244.0/24 -198.245.245.0/23 +198.245.245.0/24 +198.245.246.0/24 198.245.247.0/24 198.245.248.0/23 198.245.250.0/23 @@ -34007,7 +35025,8 @@ 198.246.198.0/24 198.246.199.0/24 198.246.200.0/24 -198.246.201.0/23 +198.246.201.0/24 +198.246.202.0/24 198.246.203.0/24 198.246.204.0/22 198.246.209.0/24 @@ -34017,15 +35036,19 @@ 198.246.214.0/24 198.246.215.0/24 198.246.216.0/24 -198.246.217.0/23 +198.246.217.0/24 +198.246.218.0/24 198.246.219.0/24 198.246.220.0/24 198.246.221.0/24 198.246.222.0/24 198.246.223.0/24 198.246.224.0/24 -198.246.225.0/22 -198.246.231.0/23 +198.246.225.0/24 +198.246.226.0/23 +198.246.228.0/24 +198.246.231.0/24 +198.246.232.0/24 198.246.233.0/24 198.246.234.0/24 198.246.235.0/24 @@ -34033,7 +35056,8 @@ 198.246.237.0/24 198.246.238.0/23 198.246.240.0/24 -198.246.241.0/23 +198.246.241.0/24 +198.246.242.0/24 198.246.243.0/24 198.246.244.0/23 198.246.246.0/24 @@ -34122,10 +35146,14 @@ 198.252.212.0/22 198.252.216.0/23 198.252.218.0/24 -198.252.219.0/23 +198.252.219.0/24 +198.252.220.0/24 198.252.221.0/24 -198.252.223.0/22 -198.252.227.0/23 +198.252.223.0/24 +198.252.224.0/23 +198.252.226.0/24 +198.252.227.0/24 +198.252.228.0/24 198.252.229.0/24 198.252.231.0/24 198.252.232.0/24 @@ -34160,7 +35188,8 @@ 199.4.129.0/24 199.4.130.0/23 199.4.132.0/24 -199.4.133.0/23 +199.4.133.0/24 +199.4.134.0/24 199.4.135.0/24 199.4.136.0/24 199.4.137.0/24 @@ -34179,7 +35208,8 @@ 199.4.156.0/24 199.4.157.0/24 199.4.158.0/24 -199.4.159.0/23 +199.4.159.0/24 +199.4.160.0/24 199.4.162.0/23 199.4.164.0/22 199.4.168.0/21 @@ -34221,7 +35251,8 @@ 199.4.223.0/24 199.4.224.0/24 199.4.225.0/24 -199.4.226.0/22 +199.4.226.0/23 +199.4.228.0/23 199.4.230.0/23 199.4.232.0/23 199.4.234.0/24 @@ -34248,7 +35279,8 @@ 199.5.32.0/19 199.5.64.0/18 199.5.128.0/24 -199.5.129.0/23 +199.5.129.0/24 +199.5.130.0/24 199.5.131.0/24 199.5.132.0/24 199.5.133.0/24 @@ -34258,7 +35290,8 @@ 199.5.138.0/23 199.5.140.0/24 199.5.141.0/24 -199.5.142.0/22 +199.5.142.0/23 +199.5.144.0/23 199.5.146.0/24 199.5.148.0/22 199.5.152.0/23 @@ -34274,13 +35307,16 @@ 199.5.168.0/24 199.5.169.0/24 199.5.170.0/24 -199.5.171.0/23 +199.5.171.0/24 +199.5.172.0/24 199.5.173.0/24 199.5.174.0/24 199.5.175.0/24 199.5.176.0/23 199.5.178.0/24 -199.5.179.0/22 +199.5.179.0/24 +199.5.180.0/23 +199.5.182.0/24 199.5.183.0/24 199.5.184.0/24 199.5.185.0/24 @@ -34293,7 +35329,9 @@ 199.5.193.0/24 199.5.195.0/24 199.5.196.0/24 -199.5.197.0/22 +199.5.197.0/24 +199.5.198.0/23 +199.5.200.0/24 199.5.202.0/24 199.5.203.0/24 199.5.204.0/23 @@ -34325,7 +35363,9 @@ 199.5.240.0/24 199.5.241.0/24 199.5.242.0/24 -199.5.243.0/22 +199.5.243.0/24 +199.5.244.0/23 +199.5.246.0/24 199.5.247.0/24 199.5.248.0/24 199.5.249.0/24 @@ -34446,8 +35486,10 @@ 199.10.70.0/24 199.10.71.0/24 199.10.72.0/24 -199.10.73.0/23 -199.10.75.0/23 +199.10.73.0/24 +199.10.74.0/24 +199.10.75.0/24 +199.10.76.0/24 199.10.77.0/24 199.10.78.0/24 199.10.79.0/24 @@ -34467,10 +35509,14 @@ 199.10.98.0/24 199.10.99.0/24 199.10.100.0/24 -199.10.101.0/23 -199.10.103.0/23 +199.10.101.0/24 +199.10.102.0/24 +199.10.103.0/24 +199.10.104.0/24 199.10.106.0/24 -199.10.107.0/22 +199.10.107.0/24 +199.10.108.0/23 +199.10.110.0/24 199.10.111.0/24 199.10.112.0/24 199.10.113.0/24 @@ -34558,7 +35604,8 @@ 199.10.201.0/24 199.10.204.0/24 199.10.205.0/24 -199.10.206.0/22 +199.10.206.0/23 +199.10.208.0/23 199.10.210.0/24 199.10.211.0/24 199.10.212.0/24 @@ -34568,10 +35615,14 @@ 199.10.216.0/24 199.10.217.0/24 199.10.218.0/24 -199.10.219.0/23 -199.10.221.0/23 -199.10.223.0/23 -199.10.225.0/23 +199.10.219.0/24 +199.10.220.0/24 +199.10.221.0/24 +199.10.222.0/24 +199.10.223.0/24 +199.10.224.0/24 +199.10.225.0/24 +199.10.226.0/24 199.10.227.0/24 199.10.228.0/24 199.10.229.0/24 @@ -34598,7 +35649,9 @@ 199.10.250.0/24 199.10.251.0/24 199.10.252.0/24 -199.11.0.0/14 +199.11.0.0/16 +199.12.0.0/15 +199.14.0.0/16 199.15.0.0/21 199.15.8.0/21 199.15.16.0/21 @@ -34792,11 +35845,14 @@ 199.26.156.0/24 199.26.157.0/24 199.26.158.0/24 -199.26.159.0/23 +199.26.159.0/24 +199.26.160.0/24 199.26.161.0/24 199.26.162.0/23 -199.26.165.0/23 -199.26.167.0/23 +199.26.165.0/24 +199.26.166.0/24 +199.26.167.0/24 +199.26.168.0/24 199.26.169.0/24 199.26.170.0/24 199.26.171.0/24 @@ -34815,13 +35871,17 @@ 199.26.187.0/24 199.26.188.0/23 199.26.190.0/23 -199.26.193.0/23 -199.26.195.0/22 +199.26.193.0/24 +199.26.194.0/24 +199.26.195.0/24 +199.26.196.0/23 +199.26.198.0/24 199.26.199.0/24 199.26.200.0/24 199.26.201.0/24 199.26.202.0/24 -199.26.203.0/23 +199.26.203.0/24 +199.26.204.0/24 199.26.205.0/24 199.26.206.0/24 199.26.207.0/24 @@ -34830,7 +35890,9 @@ 199.26.210.0/24 199.26.211.0/24 199.26.212.0/24 -199.26.213.0/22 +199.26.213.0/24 +199.26.214.0/23 +199.26.216.0/24 199.26.217.0/24 199.26.218.0/24 199.26.222.0/24 @@ -34842,7 +35904,8 @@ 199.26.232.0/23 199.26.235.0/24 199.26.236.0/24 -199.26.237.0/23 +199.26.237.0/24 +199.26.238.0/24 199.26.239.0/24 199.26.240.0/24 199.26.241.0/24 @@ -35022,7 +36085,8 @@ 199.33.209.0/24 199.33.211.0/24 199.33.212.0/24 -199.33.213.0/23 +199.33.213.0/24 +199.33.214.0/24 199.33.215.0/24 199.33.216.0/24 199.33.217.0/24 @@ -35039,7 +36103,8 @@ 199.33.238.0/24 199.33.239.0/24 199.33.240.0/24 -199.33.241.0/23 +199.33.241.0/24 +199.33.242.0/24 199.33.243.0/24 199.33.244.0/24 199.33.245.0/24 @@ -35314,8 +36379,11 @@ 199.48.240.0/21 199.48.248.0/22 199.48.252.0/22 -199.49.0.0/14 -199.54.0.0/14 +199.49.0.0/16 +199.50.0.0/15 +199.52.0.0/16 +199.54.0.0/15 +199.56.0.0/15 199.58.0.0/21 199.58.8.0/22 199.58.12.0/24 @@ -35402,7 +36470,9 @@ 199.60.20.0/22 199.60.24.0/23 199.60.28.0/24 -199.61.0.0/14 +199.61.0.0/16 +199.62.0.0/15 +199.64.0.0/16 199.65.0.0/16 199.66.0.0/21 199.66.8.0/21 @@ -35411,8 +36481,8 @@ 199.66.28.0/23 199.66.32.0/20 199.66.48.0/22 -199.66.52.0/21 -199.66.60.0/22 +199.66.52.0/22 +199.66.56.0/21 199.66.64.0/21 199.66.72.0/22 199.66.76.0/22 @@ -35543,7 +36613,8 @@ 199.74.136.0/24 199.74.137.0/24 199.74.138.0/24 -199.74.139.0/23 +199.74.139.0/24 +199.74.140.0/24 199.74.141.0/24 199.74.142.0/24 199.74.143.0/24 @@ -35552,13 +36623,16 @@ 199.74.148.0/24 199.74.149.0/24 199.74.150.0/24 -199.74.151.0/23 +199.74.151.0/24 +199.74.152.0/24 199.74.153.0/24 199.74.154.0/23 199.74.156.0/23 199.74.158.0/24 199.74.159.0/24 -199.74.163.0/22 +199.74.163.0/24 +199.74.164.0/23 +199.74.166.0/24 199.74.167.0/24 199.74.168.0/24 199.74.169.0/24 @@ -35567,8 +36641,10 @@ 199.74.172.0/22 199.74.176.0/24 199.74.177.0/24 -199.74.178.0/22 -199.74.182.0/22 +199.74.178.0/23 +199.74.180.0/23 +199.74.182.0/23 +199.74.184.0/23 199.74.186.0/24 199.74.187.0/24 199.74.188.0/22 @@ -35605,21 +36681,27 @@ 199.74.230.0/24 199.74.231.0/24 199.74.232.0/24 -199.74.233.0/23 +199.74.233.0/24 +199.74.234.0/24 199.74.236.0/23 -199.74.238.0/22 +199.74.238.0/23 +199.74.240.0/23 199.74.242.0/24 199.74.243.0/24 199.74.244.0/24 -199.74.245.0/23 -199.74.247.0/23 +199.74.245.0/24 +199.74.246.0/24 +199.74.247.0/24 +199.74.248.0/24 199.74.249.0/24 199.74.250.0/24 199.74.251.0/24 199.74.252.0/24 199.74.253.0/24 199.74.254.0/24 -199.75.0.0/14 +199.75.0.0/16 +199.76.0.0/15 +199.78.0.0/16 199.79.0.0/20 199.79.16.0/21 199.79.24.0/22 @@ -35632,7 +36714,8 @@ 199.79.128.0/24 199.79.129.0/24 199.79.130.0/24 -199.79.131.0/23 +199.79.131.0/24 +199.79.132.0/24 199.79.133.0/24 199.79.134.0/24 199.79.135.0/24 @@ -35641,9 +36724,12 @@ 199.79.138.0/24 199.79.139.0/24 199.79.140.0/24 -199.79.141.0/22 +199.79.141.0/24 +199.79.142.0/23 +199.79.144.0/24 199.79.145.0/24 -199.79.146.0/22 +199.79.146.0/23 +199.79.148.0/23 199.79.150.0/24 199.79.151.0/24 199.79.152.0/24 @@ -35658,7 +36744,8 @@ 199.79.162.0/24 199.79.163.0/24 199.79.164.0/24 -199.79.165.0/23 +199.79.165.0/24 +199.79.166.0/24 199.79.167.0/24 199.79.168.0/22 199.79.173.0/24 @@ -35699,14 +36786,16 @@ 199.79.215.0/24 199.79.216.0/24 199.79.217.0/24 -199.79.218.0/22 +199.79.218.0/23 +199.79.220.0/23 199.79.222.0/24 199.79.223.0/24 199.79.224.0/23 199.79.226.0/24 199.79.227.0/24 199.79.228.0/24 -199.79.229.0/23 +199.79.229.0/24 +199.79.230.0/24 199.79.232.0/22 199.79.236.0/24 199.79.237.0/24 @@ -35714,7 +36803,8 @@ 199.79.239.0/24 199.79.240.0/24 199.79.242.0/24 -199.79.243.0/23 +199.79.243.0/24 +199.79.244.0/24 199.79.245.0/24 199.79.246.0/24 199.79.247.0/24 @@ -35855,10 +36945,12 @@ 199.88.156.0/24 199.88.157.0/24 199.88.158.0/24 -199.88.159.0/23 +199.88.159.0/24 +199.88.160.0/24 199.88.161.0/24 199.88.162.0/24 -199.88.163.0/23 +199.88.163.0/24 +199.88.164.0/24 199.88.165.0/24 199.88.166.0/23 199.88.168.0/24 @@ -35875,7 +36967,8 @@ 199.88.182.0/24 199.88.183.0/24 199.88.184.0/24 -199.88.185.0/23 +199.88.185.0/24 +199.88.186.0/24 199.88.187.0/24 199.88.188.0/24 199.88.189.0/24 @@ -35896,11 +36989,13 @@ 199.88.205.0/24 199.88.206.0/24 199.88.207.0/24 -199.88.216.0/20 +199.88.216.0/21 +199.88.224.0/21 199.88.232.0/22 199.88.236.0/22 199.88.240.0/24 -199.88.241.0/23 +199.88.241.0/24 +199.88.242.0/24 199.88.243.0/24 199.88.244.0/24 199.88.248.0/24 @@ -35937,7 +37032,9 @@ 199.89.150.0/24 199.89.151.0/24 199.89.152.0/24 -199.89.153.0/22 +199.89.153.0/24 +199.89.154.0/23 +199.89.156.0/24 199.89.157.0/24 199.89.158.0/23 199.89.160.0/24 @@ -35946,7 +37043,8 @@ 199.89.163.0/24 199.89.164.0/22 199.89.168.0/24 -199.89.169.0/23 +199.89.169.0/24 +199.89.170.0/24 199.89.171.0/24 199.89.172.0/23 199.89.174.0/23 @@ -35983,7 +37081,8 @@ 199.89.212.0/24 199.89.213.0/24 199.89.214.0/24 -199.89.215.0/23 +199.89.215.0/24 +199.89.216.0/24 199.89.217.0/24 199.89.218.0/24 199.89.219.0/24 @@ -35998,12 +37097,15 @@ 199.89.230.0/24 199.89.231.0/24 199.89.232.0/24 -199.89.233.0/23 +199.89.233.0/24 +199.89.234.0/24 199.89.235.0/24 199.89.236.0/22 199.89.240.0/23 199.89.242.0/24 -199.89.243.0/22 +199.89.243.0/24 +199.89.244.0/23 +199.89.246.0/24 199.89.247.0/24 199.89.248.0/24 199.89.249.0/24 @@ -36092,7 +37194,9 @@ 199.96.240.0/22 199.96.244.0/22 199.96.248.0/21 -199.97.0.0/14 +199.97.0.0/16 +199.98.0.0/15 +199.100.0.0/16 199.101.0.0/21 199.101.8.0/21 199.101.16.0/21 @@ -36151,6 +37255,15 @@ 199.102.60.0/22 199.102.64.0/22 199.102.68.0/22 +199.102.72.0/22 +199.102.76.0/22 +199.102.80.0/21 +199.102.88.0/22 +199.102.92.0/22 +199.102.104.0/22 +199.102.108.0/22 +199.102.112.0/21 +199.102.120.0/21 199.102.132.0/22 199.102.136.0/21 199.102.144.0/21 @@ -36171,24 +37284,29 @@ 199.102.248.0/22 199.102.252.0/22 199.103.0.0/21 -199.103.13.0/23 -199.103.15.0/24 +199.103.13.0/24 +199.103.14.0/23 199.103.16.0/21 199.103.24.0/23 199.103.32.0/20 199.103.48.0/22 199.103.52.0/22 -199.103.69.0/22 +199.103.69.0/24 +199.103.70.0/23 +199.103.72.0/24 199.103.80.0/24 199.103.90.0/23 199.103.94.0/23 -199.103.109.0/23 +199.103.109.0/24 +199.103.110.0/24 199.103.113.0/24 199.103.120.0/23 199.103.122.0/24 199.103.128.0/17 199.104.0.0/16 -199.105.0.0/14 +199.105.0.0/16 +199.106.0.0/15 +199.108.0.0/16 199.109.0.0/16 199.110.0.0/16 199.111.0.0/16 @@ -36207,6 +37325,14 @@ 199.114.192.0/21 199.114.200.0/24 199.114.204.0/22 +199.114.208.0/22 +199.114.212.0/22 +199.114.216.0/21 +199.114.224.0/22 +199.114.228.0/22 +199.114.236.0/22 +199.114.240.0/21 +199.114.248.0/22 199.115.0.0/21 199.115.8.0/21 199.115.16.0/21 @@ -36216,6 +37342,13 @@ 199.115.48.0/22 199.115.52.0/23 199.115.56.0/21 +199.115.72.0/21 +199.115.80.0/22 +199.115.84.0/22 +199.115.96.0/21 +199.115.104.0/21 +199.115.112.0/21 +199.115.120.0/22 199.115.128.0/21 199.115.136.0/21 199.115.144.0/22 @@ -36247,6 +37380,19 @@ 199.116.32.0/20 199.116.48.0/22 199.116.52.0/22 +199.116.64.0/21 +199.116.72.0/22 +199.116.76.0/22 +199.116.80.0/22 +199.116.84.0/22 +199.116.88.0/21 +199.116.96.0/22 +199.116.100.0/22 +199.116.104.0/22 +199.116.108.0/22 +199.116.112.0/21 +199.116.120.0/22 +199.116.124.0/22 199.116.128.0/22 199.116.132.0/22 199.116.136.0/21 @@ -36274,6 +37420,18 @@ 199.119.24.0/23 199.119.28.0/22 199.119.32.0/19 +199.119.64.0/22 +199.119.68.0/22 +199.119.72.0/22 +199.119.76.0/22 +199.119.80.0/22 +199.119.84.0/22 +199.119.88.0/21 +199.119.96.0/22 +199.119.100.0/22 +199.119.104.0/21 +199.119.112.0/21 +199.119.120.0/21 199.119.132.0/22 199.119.136.0/21 199.119.144.0/21 @@ -36311,7 +37469,9 @@ 199.120.138.0/24 199.120.139.0/24 199.120.140.0/24 -199.120.141.0/22 +199.120.141.0/24 +199.120.142.0/23 +199.120.144.0/24 199.120.145.0/24 199.120.146.0/23 199.120.148.0/23 @@ -36327,7 +37487,8 @@ 199.120.160.0/24 199.120.161.0/24 199.120.162.0/24 -199.120.163.0/23 +199.120.163.0/24 +199.120.164.0/24 199.120.165.0/24 199.120.166.0/23 199.120.168.0/24 @@ -36424,13 +37585,15 @@ 199.122.64.0/19 199.122.96.0/21 199.122.104.0/21 +199.122.112.0/22 +199.122.120.0/21 199.122.128.0/17 199.123.0.0/22 199.123.4.0/22 199.123.8.0/22 199.123.12.0/24 -199.123.16.0/22 -199.123.20.0/21 +199.123.16.0/21 +199.123.24.0/22 199.123.28.0/23 199.123.32.0/19 199.123.64.0/22 @@ -36455,8 +37618,8 @@ 199.123.90.0/24 199.123.91.0/24 199.123.92.0/24 -199.123.93.0/23 -199.123.95.0/24 +199.123.93.0/24 +199.123.94.0/23 199.123.96.0/20 199.123.112.0/22 199.123.116.0/22 @@ -36492,6 +37655,19 @@ 199.127.32.0/21 199.127.40.0/23 199.127.44.0/22 +199.127.48.0/21 +199.127.56.0/21 +199.127.64.0/22 +199.127.68.0/22 +199.127.72.0/21 +199.127.80.0/21 +199.127.88.0/22 +199.127.92.0/22 +199.127.96.0/21 +199.127.104.0/22 +199.127.112.0/22 +199.127.116.0/22 +199.127.120.0/21 199.127.132.0/22 199.127.136.0/21 199.127.144.0/21 @@ -36531,7 +37707,8 @@ 199.164.138.0/24 199.164.139.0/24 199.164.140.0/24 -199.164.141.0/23 +199.164.141.0/24 +199.164.142.0/24 199.164.144.0/24 199.164.145.0/24 199.164.146.0/24 @@ -36544,7 +37721,8 @@ 199.164.154.0/24 199.164.155.0/24 199.164.156.0/24 -199.164.157.0/23 +199.164.157.0/24 +199.164.158.0/24 199.164.159.0/24 199.164.160.0/23 199.164.162.0/24 @@ -36560,7 +37738,9 @@ 199.164.175.0/24 199.164.176.0/23 199.164.178.0/24 -199.164.179.0/22 +199.164.179.0/24 +199.164.180.0/23 +199.164.182.0/24 199.164.183.0/24 199.164.184.0/24 199.164.185.0/24 @@ -36570,12 +37750,15 @@ 199.164.190.0/24 199.164.193.0/24 199.164.194.0/24 -199.164.195.0/22 +199.164.195.0/24 +199.164.196.0/23 +199.164.198.0/24 199.164.199.0/24 199.164.200.0/24 199.164.201.0/24 199.164.202.0/24 -199.164.203.0/23 +199.164.203.0/24 +199.164.204.0/24 199.164.205.0/24 199.164.206.0/23 199.164.208.0/23 @@ -36590,7 +37773,8 @@ 199.164.218.0/24 199.164.219.0/24 199.164.220.0/24 -199.164.221.0/23 +199.164.221.0/24 +199.164.222.0/24 199.164.223.0/24 199.164.224.0/24 199.164.225.0/24 @@ -36598,7 +37782,8 @@ 199.164.227.0/24 199.164.228.0/24 199.164.229.0/24 -199.164.230.0/22 +199.164.230.0/23 +199.164.232.0/23 199.164.234.0/24 199.164.235.0/24 199.164.236.0/24 @@ -36655,7 +37840,8 @@ 199.165.159.0/24 199.165.160.0/24 199.165.161.0/24 -199.165.162.0/22 +199.165.162.0/23 +199.165.164.0/23 199.165.166.0/23 199.165.168.0/22 199.165.172.0/24 @@ -36670,7 +37856,8 @@ 199.165.181.0/24 199.165.182.0/23 199.165.184.0/24 -199.165.185.0/23 +199.165.185.0/24 +199.165.186.0/24 199.165.187.0/24 199.165.188.0/24 199.165.189.0/24 @@ -36679,7 +37866,8 @@ 199.165.192.0/24 199.165.193.0/24 199.165.194.0/24 -199.165.195.0/23 +199.165.195.0/24 +199.165.196.0/24 199.165.197.0/24 199.165.198.0/23 199.165.200.0/23 @@ -36703,7 +37891,8 @@ 199.165.223.0/24 199.165.224.0/24 199.165.225.0/24 -199.165.226.0/22 +199.165.226.0/23 +199.165.228.0/23 199.165.230.0/24 199.165.231.0/24 199.165.232.0/24 @@ -36711,8 +37900,10 @@ 199.165.234.0/24 199.165.235.0/24 199.165.236.0/24 -199.165.237.0/23 -199.165.239.0/23 +199.165.237.0/24 +199.165.238.0/24 +199.165.239.0/24 +199.165.240.0/24 199.165.241.0/24 199.165.242.0/24 199.165.243.0/24 @@ -36721,7 +37912,8 @@ 199.165.246.0/24 199.165.247.0/24 199.165.248.0/24 -199.165.249.0/23 +199.165.249.0/24 +199.165.250.0/24 199.165.251.0/24 199.165.252.0/24 199.165.253.0/24 @@ -36732,6 +37924,19 @@ 199.166.250.0/24 199.167.0.0/21 199.167.8.0/21 +199.167.28.0/22 +199.167.32.0/21 +199.167.40.0/21 +199.167.48.0/22 +199.167.52.0/22 +199.167.56.0/22 +199.167.60.0/22 +199.167.64.0/22 +199.167.68.0/22 +199.167.72.0/21 +199.167.80.0/21 +199.167.88.0/22 +199.167.92.0/22 199.167.132.0/22 199.167.144.0/21 199.167.168.0/22 @@ -36781,7 +37986,8 @@ 199.168.240.0/21 199.168.252.0/22 199.169.0.0/16 -199.170.0.0/14 +199.170.0.0/15 +199.172.0.0/15 199.174.0.0/16 199.175.44.0/22 199.175.184.0/22 @@ -36835,7 +38041,8 @@ 199.181.74.0/24 199.181.75.0/24 199.181.76.0/24 -199.181.77.0/23 +199.181.77.0/24 +199.181.78.0/24 199.181.79.0/24 199.181.80.0/24 199.181.83.0/24 @@ -36867,7 +38074,8 @@ 199.181.121.0/24 199.181.122.0/23 199.181.124.0/24 -199.181.125.0/23 +199.181.125.0/24 +199.181.126.0/24 199.181.127.0/24 199.181.128.0/24 199.181.129.0/24 @@ -36920,7 +38128,8 @@ 199.181.198.0/24 199.181.199.0/24 199.181.200.0/24 -199.181.201.0/23 +199.181.201.0/24 +199.181.202.0/24 199.181.203.0/24 199.181.204.0/24 199.181.205.0/24 @@ -36937,7 +38146,9 @@ 199.181.218.0/24 199.181.219.0/24 199.181.220.0/24 -199.181.221.0/22 +199.181.221.0/24 +199.181.222.0/23 +199.181.224.0/24 199.181.225.0/24 199.181.226.0/24 199.181.227.0/24 @@ -36965,7 +38176,10 @@ 199.182.144.0/20 199.182.240.0/20 199.183.0.0/20 -199.183.16.0/17 +199.183.16.0/20 +199.183.32.0/19 +199.183.64.0/18 +199.183.128.0/20 199.183.144.0/20 199.183.160.0/19 199.183.192.0/18 @@ -36983,14 +38197,18 @@ 199.184.75.0/24 199.184.76.0/24 199.184.77.0/24 -199.184.78.0/22 +199.184.78.0/23 +199.184.80.0/23 199.184.82.0/24 -199.184.83.0/23 +199.184.83.0/24 +199.184.84.0/24 199.184.86.0/24 199.184.87.0/24 199.184.88.0/23 199.184.90.0/24 -199.184.91.0/22 +199.184.91.0/24 +199.184.92.0/23 +199.184.94.0/24 199.184.95.0/24 199.184.96.0/22 199.184.100.0/23 @@ -37010,7 +38228,8 @@ 199.184.128.0/21 199.184.136.0/24 199.184.137.0/24 -199.184.138.0/22 +199.184.138.0/23 +199.184.140.0/23 199.184.162.0/24 199.184.163.0/24 199.184.164.0/24 @@ -37020,15 +38239,19 @@ 199.184.168.0/24 199.184.169.0/24 199.184.170.0/24 -199.184.171.0/23 +199.184.171.0/24 +199.184.172.0/24 199.184.173.0/24 199.184.174.0/24 199.184.175.0/24 199.184.176.0/24 -199.184.177.0/23 +199.184.177.0/24 +199.184.178.0/24 199.184.179.0/24 199.184.180.0/24 -199.184.181.0/22 +199.184.181.0/24 +199.184.182.0/23 +199.184.184.0/24 199.184.186.0/24 199.184.187.0/24 199.184.188.0/24 @@ -37037,7 +38260,8 @@ 199.184.191.0/24 199.184.192.0/24 199.184.193.0/24 -199.184.195.0/23 +199.184.195.0/24 +199.184.196.0/24 199.184.197.0/24 199.184.198.0/24 199.184.199.0/24 @@ -37063,7 +38287,8 @@ 199.184.224.0/24 199.184.225.0/24 199.184.226.0/24 -199.184.227.0/23 +199.184.227.0/24 +199.184.228.0/24 199.184.229.0/24 199.184.230.0/24 199.184.231.0/24 @@ -37074,7 +38299,8 @@ 199.184.240.0/24 199.184.241.0/24 199.184.242.0/24 -199.184.243.0/23 +199.184.243.0/24 +199.184.244.0/24 199.184.245.0/24 199.184.246.0/24 199.184.247.0/24 @@ -37209,13 +38435,16 @@ 199.190.146.0/23 199.190.148.0/23 199.190.150.0/24 -199.190.151.0/22 +199.190.151.0/24 +199.190.152.0/23 +199.190.154.0/24 199.190.155.0/24 199.190.156.0/24 199.190.157.0/24 199.190.158.0/24 199.190.160.0/23 -199.190.163.0/23 +199.190.163.0/24 +199.190.164.0/24 199.190.166.0/24 199.190.169.0/24 199.190.170.0/23 @@ -37226,7 +38455,8 @@ 199.190.176.0/23 199.190.178.0/23 199.190.180.0/24 -199.190.181.0/23 +199.190.181.0/24 +199.190.182.0/24 199.190.183.0/24 199.190.184.0/23 199.190.186.0/24 @@ -37249,7 +38479,8 @@ 199.190.208.0/24 199.190.209.0/24 199.190.210.0/24 -199.190.211.0/23 +199.190.211.0/24 +199.190.212.0/24 199.190.213.0/24 199.190.214.0/24 199.190.215.0/24 @@ -37259,15 +38490,18 @@ 199.190.219.0/24 199.190.220.0/24 199.190.221.0/24 -199.190.222.0/22 +199.190.222.0/23 +199.190.224.0/23 199.190.226.0/24 199.190.227.0/24 199.190.228.0/23 199.190.230.0/24 -199.190.231.0/23 +199.190.231.0/24 +199.190.232.0/24 199.190.233.0/24 199.190.234.0/24 -199.190.235.0/23 +199.190.235.0/24 +199.190.236.0/24 199.190.237.0/24 199.190.238.0/23 199.190.240.0/23 @@ -37275,7 +38509,9 @@ 199.190.243.0/24 199.190.244.0/22 199.190.248.0/24 -199.190.249.0/22 +199.190.249.0/24 +199.190.250.0/23 +199.190.252.0/24 199.190.253.0/24 199.190.254.0/24 199.191.0.0/20 @@ -37294,8 +38530,8 @@ 199.191.72.0/23 199.191.74.0/23 199.191.76.0/22 -199.191.80.0/21 -199.191.88.0/20 +199.191.80.0/20 +199.191.96.0/21 199.191.104.0/21 199.191.128.0/17 199.192.0.0/21 @@ -37424,7 +38660,8 @@ 199.201.132.0/24 199.201.133.0/24 199.201.134.0/24 -199.201.135.0/23 +199.201.135.0/24 +199.201.136.0/24 199.201.137.0/24 199.201.138.0/24 199.201.139.0/24 @@ -37439,7 +38676,8 @@ 199.201.148.0/24 199.201.149.0/24 199.201.150.0/24 -199.201.151.0/23 +199.201.151.0/24 +199.201.152.0/24 199.201.153.0/24 199.201.154.0/23 199.201.156.0/23 @@ -37451,7 +38689,8 @@ 199.201.164.0/22 199.201.168.0/24 199.201.169.0/24 -199.201.170.0/22 +199.201.170.0/23 +199.201.172.0/23 199.201.174.0/24 199.201.175.0/24 199.201.176.0/23 @@ -37487,12 +38726,14 @@ 199.201.213.0/24 199.201.214.0/24 199.201.215.0/24 -199.201.217.0/23 +199.201.217.0/24 +199.201.218.0/24 199.201.219.0/24 199.201.220.0/24 199.201.223.0/24 199.201.224.0/24 -199.201.226.0/22 +199.201.226.0/23 +199.201.228.0/23 199.201.230.0/24 199.201.231.0/24 199.201.232.0/22 @@ -37508,7 +38749,8 @@ 199.201.247.0/24 199.201.248.0/23 199.201.250.0/24 -199.201.251.0/23 +199.201.251.0/24 +199.201.252.0/24 199.201.253.0/24 199.201.254.0/24 199.203.0.0/16 @@ -37564,7 +38806,9 @@ 199.217.64.0/19 199.217.128.0/17 199.218.0.0/16 -199.219.0.0/14 +199.219.0.0/16 +199.220.0.0/15 +199.222.0.0/16 199.223.0.0/20 199.223.16.0/20 199.223.32.0/19 @@ -37609,8 +38853,8 @@ 199.231.48.0/22 199.231.52.0/22 199.231.56.0/21 -199.231.128.0/22 -199.231.132.0/20 +199.231.128.0/20 +199.231.144.0/22 199.231.148.0/23 199.231.150.0/24 199.231.152.0/21 @@ -37633,7 +38877,8 @@ 199.233.72.0/24 199.233.73.0/24 199.233.74.0/24 -199.233.75.0/23 +199.233.75.0/24 +199.233.76.0/24 199.233.77.0/24 199.233.78.0/24 199.233.79.0/24 @@ -37669,7 +38914,8 @@ 199.233.110.0/24 199.233.111.0/24 199.233.112.0/24 -199.233.113.0/23 +199.233.113.0/24 +199.233.114.0/24 199.233.115.0/24 199.233.116.0/24 199.233.117.0/24 @@ -37745,7 +38991,8 @@ 199.233.200.0/24 199.233.201.0/24 199.233.205.0/24 -199.233.206.0/22 +199.233.206.0/23 +199.233.208.0/23 199.233.210.0/24 199.233.211.0/24 199.233.212.0/24 @@ -37800,7 +39047,8 @@ 199.242.160.0/24 199.242.161.0/24 199.242.162.0/24 -199.242.163.0/23 +199.242.163.0/24 +199.242.164.0/24 199.242.165.0/24 199.242.166.0/24 199.242.167.0/24 @@ -37857,7 +39105,8 @@ 199.242.243.0/24 199.242.244.0/24 199.242.246.0/24 -199.242.247.0/23 +199.242.247.0/24 +199.242.248.0/24 199.242.249.0/24 199.242.250.0/24 199.242.251.0/24 @@ -37877,7 +39126,8 @@ 199.244.130.0/24 199.244.131.0/24 199.244.132.0/24 -199.244.133.0/23 +199.244.133.0/24 +199.244.134.0/24 199.244.135.0/24 199.244.136.0/24 199.244.137.0/24 @@ -37905,8 +39155,10 @@ 199.244.167.0/24 199.244.168.0/23 199.244.170.0/24 -199.244.171.0/23 -199.244.173.0/23 +199.244.171.0/24 +199.244.172.0/24 +199.244.173.0/24 +199.244.174.0/24 199.244.175.0/24 199.244.176.0/22 199.244.180.0/22 @@ -37919,7 +39171,9 @@ 199.244.191.0/24 199.244.192.0/22 199.244.196.0/23 -199.244.205.0/22 +199.244.205.0/24 +199.244.206.0/23 +199.244.208.0/24 199.244.209.0/24 199.244.210.0/23 199.244.212.0/24 @@ -37945,8 +39199,10 @@ 199.244.240.0/24 199.244.241.0/24 199.244.242.0/24 -199.244.243.0/23 -199.244.245.0/23 +199.244.243.0/24 +199.244.244.0/24 +199.244.245.0/24 +199.244.246.0/24 199.244.247.0/24 199.244.248.0/24 199.244.252.0/22 @@ -37966,7 +39222,8 @@ 199.245.74.0/23 199.245.76.0/22 199.245.80.0/24 -199.245.81.0/23 +199.245.81.0/24 +199.245.82.0/24 199.245.83.0/24 199.245.84.0/24 199.245.85.0/24 @@ -37975,19 +39232,22 @@ 199.245.92.0/24 199.245.93.0/24 199.245.94.0/24 -199.245.95.0/23 +199.245.95.0/24 +199.245.96.0/24 199.245.97.0/24 199.245.102.0/24 199.245.103.0/24 199.245.104.0/24 199.245.105.0/24 -199.245.106.0/22 +199.245.106.0/23 +199.245.108.0/23 199.245.110.0/24 199.245.111.0/24 199.245.112.0/23 199.245.114.0/23 199.245.117.0/24 -199.245.118.0/22 +199.245.118.0/23 +199.245.120.0/23 199.245.122.0/24 199.245.123.0/24 199.245.124.0/24 @@ -38008,9 +39268,12 @@ 199.245.140.0/24 199.245.145.0/24 199.245.146.0/24 -199.245.147.0/23 -199.245.149.0/23 -199.245.151.0/23 +199.245.147.0/24 +199.245.148.0/24 +199.245.149.0/24 +199.245.150.0/24 +199.245.151.0/24 +199.245.152.0/24 199.245.153.0/24 199.245.154.0/24 199.245.155.0/24 @@ -38020,10 +39283,13 @@ 199.245.159.0/24 199.245.160.0/23 199.245.162.0/24 -199.245.163.0/22 +199.245.163.0/24 +199.245.164.0/23 +199.245.166.0/24 199.245.167.0/24 199.245.168.0/24 -199.245.169.0/23 +199.245.169.0/24 +199.245.170.0/24 199.245.171.0/24 199.245.172.0/24 199.245.173.0/24 @@ -38049,7 +39315,8 @@ 199.245.196.0/24 199.245.197.0/24 199.245.198.0/24 -199.245.199.0/23 +199.245.199.0/24 +199.245.200.0/24 199.245.201.0/24 199.245.202.0/24 199.245.203.0/24 @@ -38070,10 +39337,13 @@ 199.245.224.0/24 199.245.225.0/24 199.245.226.0/24 -199.245.227.0/22 +199.245.227.0/24 +199.245.228.0/23 +199.245.230.0/24 199.245.231.0/24 199.245.232.0/24 -199.245.233.0/23 +199.245.233.0/24 +199.245.234.0/24 199.245.235.0/24 199.245.237.0/24 199.245.238.0/24 @@ -38091,10 +39361,14 @@ 199.245.251.0/24 199.245.252.0/24 199.245.254.0/24 +199.245.255.0/24 +199.246.0.0/24 199.246.77.0/24 199.246.78.0/23 199.246.80.0/21 199.246.106.0/24 +199.246.139.0/24 +199.246.255.0/24 199.248.0.0/22 199.248.4.0/23 199.248.8.0/21 @@ -38102,6 +39376,7 @@ 199.248.24.0/22 199.248.28.0/23 199.248.30.0/24 +199.248.31.0/24 199.248.32.0/20 199.248.48.0/21 199.248.56.0/22 @@ -38124,8 +39399,11 @@ 199.248.154.0/24 199.248.155.0/24 199.248.156.0/24 -199.248.157.0/23 -199.248.159.0/22 +199.248.157.0/24 +199.248.158.0/24 +199.248.159.0/24 +199.248.160.0/23 +199.248.162.0/24 199.248.163.0/24 199.248.164.0/22 199.248.168.0/24 @@ -38147,6 +39425,7 @@ 199.248.186.0/24 199.248.187.0/24 199.248.188.0/24 +199.248.189.0/24 199.248.190.0/24 199.248.191.0/24 199.248.192.0/24 @@ -38156,6 +39435,7 @@ 199.248.196.0/24 199.248.197.0/24 199.248.198.0/24 +199.248.199.0/24 199.248.200.0/24 199.248.201.0/24 199.248.202.0/24 @@ -38187,6 +39467,7 @@ 199.248.229.0/24 199.248.230.0/24 199.248.231.0/24 +199.248.232.0/24 199.248.233.0/24 199.248.234.0/24 199.248.235.0/24 @@ -38219,6 +39500,7 @@ 199.249.96.0/21 199.249.104.0/22 199.249.108.0/24 +199.249.109.0/24 199.249.128.0/22 199.249.132.0/23 199.249.134.0/24 @@ -38235,7 +39517,8 @@ 199.249.148.0/24 199.249.149.0/24 199.249.150.0/24 -199.249.151.0/23 +199.249.151.0/24 +199.249.152.0/24 199.249.153.0/24 199.249.154.0/24 199.249.155.0/24 @@ -38244,6 +39527,7 @@ 199.249.159.0/24 199.249.160.0/24 199.249.161.0/24 +199.249.162.0/24 199.249.163.0/24 199.249.164.0/24 199.249.165.0/24 @@ -38253,10 +39537,16 @@ 199.249.172.0/24 199.249.173.0/24 199.249.174.0/24 -199.249.175.0/22 -199.249.179.0/22 -199.249.183.0/23 +199.249.175.0/24 +199.249.176.0/23 +199.249.178.0/24 +199.249.179.0/24 +199.249.180.0/23 +199.249.182.0/24 +199.249.183.0/24 +199.249.184.0/24 199.249.185.0/24 +199.249.186.0/24 199.249.187.0/24 199.249.188.0/24 199.249.189.0/24 @@ -38294,7 +39584,9 @@ 199.249.228.0/24 199.249.229.0/24 199.249.230.0/24 -199.249.237.0/22 +199.249.237.0/24 +199.249.238.0/23 +199.249.240.0/24 199.249.241.0/24 199.249.242.0/24 199.249.243.0/24 @@ -38302,7 +39594,9 @@ 199.249.246.0/24 199.249.247.0/24 199.249.248.0/24 -199.249.249.0/22 +199.249.249.0/24 +199.249.250.0/23 +199.249.252.0/24 199.249.253.0/24 199.249.254.0/24 199.249.255.0/24 @@ -38345,7 +39639,10 @@ 199.253.216.0/21 199.253.224.0/20 199.253.240.0/24 -199.253.241.0/21 +199.253.241.0/24 +199.253.242.0/23 +199.253.244.0/22 +199.253.248.0/24 199.253.249.0/24 199.253.252.0/22 199.254.0.0/21 @@ -38495,8 +39792,8 @@ 199.255.56.0/22 199.255.64.0/21 199.255.72.0/23 -199.255.74.0/22 -199.255.78.0/23 +199.255.74.0/23 +199.255.76.0/22 199.255.80.0/22 199.255.84.0/22 199.255.88.0/21 @@ -38650,7 +39947,6 @@ 204.10.48.0/21 204.10.60.0/22 204.10.64.0/21 -204.10.72.0/22 204.10.76.0/22 204.10.80.0/22 204.10.84.0/22 @@ -38775,6 +40071,7 @@ 204.14.48.0/21 204.14.56.0/21 204.14.64.0/21 +204.14.72.0/21 204.14.80.0/22 204.14.84.0/22 204.14.88.0/21 @@ -38896,9 +40193,11 @@ 204.17.130.0/23 204.17.132.0/24 204.17.133.0/24 -204.17.134.0/22 +204.17.134.0/23 +204.17.136.0/23 204.17.138.0/24 -204.17.139.0/23 +204.17.139.0/24 +204.17.140.0/24 204.17.141.0/24 204.17.142.0/23 204.17.144.0/24 @@ -38932,7 +40231,8 @@ 204.17.180.0/24 204.17.181.0/24 204.17.182.0/24 -204.17.183.0/23 +204.17.183.0/24 +204.17.184.0/24 204.17.185.0/24 204.17.186.0/24 204.17.187.0/24 @@ -38983,7 +40283,8 @@ 204.17.237.0/24 204.17.238.0/23 204.17.240.0/24 -204.17.241.0/23 +204.17.241.0/24 +204.17.242.0/24 204.17.243.0/24 204.17.244.0/22 204.17.248.0/24 @@ -39008,7 +40309,8 @@ 204.19.255.0/24 204.20.0.0/16 204.21.0.0/16 -204.22.0.0/14 +204.22.0.0/15 +204.24.0.0/15 204.26.0.0/21 204.26.8.0/21 204.26.16.0/20 @@ -39102,6 +40404,7 @@ 204.27.194.0/24 204.27.195.0/24 204.27.196.0/24 +204.27.197.0/24 204.27.198.0/24 204.27.199.0/24 204.27.200.0/24 @@ -39209,7 +40512,8 @@ 204.29.144.0/24 204.29.145.0/24 204.29.146.0/24 -204.29.147.0/23 +204.29.147.0/24 +204.29.148.0/24 204.29.149.0/24 204.29.150.0/23 204.29.152.0/23 @@ -39298,7 +40602,9 @@ 204.30.64.0/18 204.30.128.0/17 204.31.0.0/20 -204.31.16.0/18 +204.31.16.0/20 +204.31.32.0/19 +204.31.64.0/20 204.31.80.0/20 204.31.96.0/19 204.31.128.0/19 @@ -39307,16 +40613,19 @@ 204.31.224.0/19 204.32.0.0/17 204.32.128.0/20 -204.32.144.0/18 -204.32.208.0/20 +204.32.144.0/20 +204.32.160.0/19 +204.32.192.0/19 204.32.224.0/19 204.33.0.0/18 204.33.64.0/19 -204.33.96.0/18 +204.33.96.0/19 +204.33.128.0/19 204.33.160.0/20 204.33.176.0/20 204.33.192.0/18 -204.34.0.0/14 +204.34.0.0/15 +204.36.0.0/15 204.38.0.0/16 204.39.0.0/16 204.42.0.0/16 @@ -39351,7 +40660,6 @@ 204.47.0.0/16 204.48.8.0/21 204.48.16.0/20 -204.48.32.0/23 204.48.34.0/24 204.48.35.0/24 204.48.36.0/22 @@ -39395,7 +40703,8 @@ 204.52.140.0/24 204.52.141.0/24 204.52.142.0/24 -204.52.143.0/23 +204.52.143.0/24 +204.52.144.0/24 204.52.145.0/24 204.52.146.0/24 204.52.147.0/24 @@ -39415,14 +40724,18 @@ 204.52.172.0/24 204.52.173.0/24 204.52.174.0/24 -204.52.175.0/22 +204.52.175.0/24 +204.52.176.0/23 +204.52.178.0/24 204.52.179.0/24 204.52.180.0/22 204.52.184.0/24 204.52.185.0/24 204.52.186.0/24 -204.52.187.0/23 -204.52.189.0/23 +204.52.187.0/24 +204.52.188.0/24 +204.52.189.0/24 +204.52.190.0/24 204.52.192.0/24 204.52.193.0/24 204.52.194.0/24 @@ -39497,7 +40810,9 @@ 204.58.0.0/21 204.58.8.0/23 204.58.10.0/24 -204.58.11.0/22 +204.58.11.0/24 +204.58.12.0/23 +204.58.14.0/24 204.58.15.0/24 204.58.16.0/21 204.58.24.0/22 @@ -39541,9 +40856,12 @@ 204.58.236.0/22 204.58.240.0/22 204.58.244.0/24 -204.58.245.0/22 +204.58.245.0/24 +204.58.246.0/23 +204.58.248.0/24 204.58.249.0/24 -204.58.250.0/22 +204.58.250.0/23 +204.58.252.0/23 204.58.254.0/23 204.59.0.0/16 204.60.0.0/16 @@ -39557,7 +40875,8 @@ 204.61.30.0/23 204.61.32.0/19 204.61.64.0/19 -204.61.96.0/18 +204.61.96.0/19 +204.61.128.0/19 204.61.160.0/19 204.61.192.0/21 204.61.200.0/22 @@ -39600,7 +40919,8 @@ 204.62.148.0/23 204.62.150.0/23 204.62.152.0/24 -204.62.153.0/23 +204.62.153.0/24 +204.62.154.0/24 204.62.155.0/24 204.62.156.0/24 204.62.157.0/24 @@ -39621,7 +40941,8 @@ 204.62.180.0/24 204.62.181.0/24 204.62.182.0/24 -204.62.183.0/23 +204.62.183.0/24 +204.62.184.0/24 204.62.185.0/24 204.62.186.0/23 204.62.188.0/24 @@ -39638,14 +40959,19 @@ 204.62.201.0/24 204.62.202.0/23 204.62.204.0/23 -204.62.206.0/22 +204.62.206.0/23 +204.62.208.0/23 204.62.210.0/24 204.62.211.0/24 204.62.212.0/24 204.62.213.0/24 204.62.214.0/24 -204.62.215.0/22 -204.62.219.0/22 +204.62.215.0/24 +204.62.216.0/23 +204.62.218.0/24 +204.62.219.0/24 +204.62.220.0/23 +204.62.222.0/24 204.62.223.0/24 204.62.224.0/22 204.62.228.0/23 @@ -39660,7 +40986,8 @@ 204.62.243.0/24 204.62.244.0/24 204.62.245.0/24 -204.62.246.0/22 +204.62.246.0/23 +204.62.248.0/23 204.62.250.0/24 204.62.251.0/24 204.62.252.0/24 @@ -39771,13 +41098,20 @@ 204.68.218.0/23 204.68.220.0/23 204.68.222.0/24 -204.68.223.0/23 +204.68.223.0/24 +204.68.224.0/24 204.68.225.0/24 204.68.226.0/24 -204.68.227.0/23 -204.68.229.0/23 -204.68.231.0/22 -204.68.235.0/22 +204.68.227.0/24 +204.68.228.0/24 +204.68.229.0/24 +204.68.230.0/24 +204.68.231.0/24 +204.68.232.0/23 +204.68.234.0/24 +204.68.235.0/24 +204.68.236.0/23 +204.68.238.0/24 204.68.239.0/24 204.68.240.0/24 204.68.241.0/24 @@ -39822,8 +41156,9 @@ 204.69.153.0/24 204.69.154.0/23 204.69.156.0/24 -204.69.157.0/22 -204.69.161.0/24 +204.69.157.0/24 +204.69.158.0/23 +204.69.160.0/23 204.69.162.0/24 204.69.163.0/24 204.69.164.0/23 @@ -39833,13 +41168,17 @@ 204.69.171.0/24 204.69.172.0/22 204.69.176.0/24 -204.69.177.0/23 +204.69.177.0/24 +204.69.178.0/24 204.69.179.0/24 204.69.180.0/24 -204.69.181.0/23 +204.69.181.0/24 +204.69.182.0/24 204.69.183.0/24 204.69.184.0/24 -204.69.185.0/22 +204.69.185.0/24 +204.69.186.0/23 +204.69.188.0/24 204.69.189.0/24 204.69.190.0/24 204.69.191.0/24 @@ -39848,7 +41187,8 @@ 204.69.195.0/24 204.69.196.0/24 204.69.197.0/24 -204.69.198.0/22 +204.69.198.0/23 +204.69.200.0/23 204.69.202.0/24 204.69.203.0/24 204.69.204.0/23 @@ -39866,25 +41206,35 @@ 204.69.220.0/24 204.69.221.0/24 204.69.222.0/24 -204.69.223.0/23 -204.69.225.0/22 -204.69.229.0/23 +204.69.223.0/24 +204.69.224.0/24 +204.69.225.0/24 +204.69.226.0/23 +204.69.228.0/24 +204.69.229.0/24 +204.69.230.0/24 204.69.231.0/24 204.69.232.0/24 204.69.233.0/24 204.69.234.0/24 204.69.235.0/24 204.69.236.0/24 -204.69.237.0/23 -204.69.239.0/23 -204.69.241.0/23 +204.69.237.0/24 +204.69.238.0/24 +204.69.239.0/24 +204.69.240.0/24 +204.69.241.0/24 +204.69.242.0/24 204.69.243.0/24 204.69.244.0/23 204.69.246.0/24 204.69.247.0/24 204.69.248.0/24 -204.69.249.0/22 -204.69.253.0/23 +204.69.249.0/24 +204.69.250.0/23 +204.69.252.0/24 +204.69.253.0/24 +204.69.254.0/24 204.69.255.0/24 204.70.0.0/16 204.71.0.0/16 @@ -39917,7 +41267,8 @@ 204.75.129.0/24 204.75.130.0/23 204.75.132.0/24 -204.75.133.0/23 +204.75.133.0/24 +204.75.134.0/24 204.75.135.0/24 204.75.136.0/24 204.75.137.0/24 @@ -39949,7 +41300,8 @@ 204.75.166.0/24 204.75.167.0/24 204.75.168.0/24 -204.75.169.0/23 +204.75.169.0/24 +204.75.170.0/24 204.75.171.0/24 204.75.172.0/23 204.75.174.0/24 @@ -39961,10 +41313,13 @@ 204.75.180.0/22 204.75.184.0/24 204.75.185.0/24 -204.75.186.0/22 +204.75.186.0/23 +204.75.188.0/23 204.75.190.0/23 204.75.192.0/24 -204.75.193.0/22 +204.75.193.0/24 +204.75.194.0/23 +204.75.196.0/24 204.75.197.0/24 204.75.198.0/23 204.75.200.0/24 @@ -40028,14 +41383,21 @@ 204.76.134.0/23 204.76.136.0/21 204.76.144.0/21 -204.76.152.0/24 -204.76.153.0/23 -204.76.155.0/23 +204.76.152.0/22 +204.76.156.0/24 204.76.157.0/24 -204.76.158.0/21 -204.76.166.0/21 -204.76.174.0/21 -204.76.182.0/21 +204.76.158.0/23 +204.76.160.0/22 +204.76.164.0/23 +204.76.166.0/23 +204.76.168.0/22 +204.76.172.0/23 +204.76.174.0/23 +204.76.176.0/22 +204.76.180.0/23 +204.76.182.0/23 +204.76.184.0/22 +204.76.188.0/23 204.76.190.0/23 204.76.192.0/22 204.76.196.0/23 @@ -40052,10 +41414,18 @@ 204.76.214.0/23 204.76.216.0/22 204.76.220.0/23 -204.76.222.0/21 -204.76.230.0/21 -204.76.238.0/21 -204.76.246.0/21 +204.76.222.0/23 +204.76.224.0/22 +204.76.228.0/23 +204.76.230.0/23 +204.76.232.0/22 +204.76.236.0/23 +204.76.238.0/23 +204.76.240.0/22 +204.76.244.0/23 +204.76.246.0/23 +204.76.248.0/22 +204.76.252.0/23 204.76.254.0/23 204.77.0.0/20 204.77.16.0/21 @@ -40070,8 +41440,10 @@ 204.77.134.0/23 204.77.136.0/22 204.77.140.0/24 -204.77.141.0/23 -204.77.143.0/23 +204.77.141.0/24 +204.77.142.0/24 +204.77.143.0/24 +204.77.144.0/24 204.77.145.0/24 204.77.146.0/24 204.77.147.0/24 @@ -40083,7 +41455,8 @@ 204.77.154.0/24 204.77.155.0/24 204.77.156.0/24 -204.77.157.0/23 +204.77.157.0/24 +204.77.158.0/24 204.77.159.0/24 204.77.160.0/24 204.77.161.0/24 @@ -40122,14 +41495,16 @@ 204.77.199.0/24 204.77.200.0/24 204.77.201.0/24 -204.77.202.0/22 +204.77.202.0/23 +204.77.204.0/23 204.77.207.0/24 204.77.208.0/22 204.77.212.0/23 204.77.214.0/24 204.77.215.0/24 204.77.216.0/23 -204.77.218.0/22 +204.77.218.0/23 +204.77.220.0/23 204.77.222.0/23 204.77.224.0/19 204.78.0.0/20 @@ -40162,7 +41537,8 @@ 204.79.196.0/23 204.79.201.0/24 204.79.202.0/24 -204.79.205.0/23 +204.79.205.0/24 +204.79.206.0/24 204.79.212.0/24 204.79.216.0/23 204.79.220.0/22 @@ -40323,17 +41699,37 @@ 204.86.128.0/23 204.86.130.0/23 204.86.132.0/22 -204.86.136.0/20 -204.86.152.0/20 -204.86.168.0/20 +204.86.136.0/21 +204.86.144.0/21 +204.86.152.0/21 +204.86.160.0/21 +204.86.168.0/21 +204.86.176.0/21 204.86.184.0/21 204.86.192.0/23 204.86.194.0/24 204.86.195.0/24 204.86.196.0/22 -204.86.200.0/20 -204.86.216.0/20 -204.86.232.0/20 +204.86.200.0/21 +204.86.208.0/21 +204.86.216.0/21 +204.86.224.0/21 +204.86.232.0/24 +204.86.233.0/24 +204.86.234.0/24 +204.86.235.0/24 +204.86.236.0/24 +204.86.237.0/24 +204.86.238.0/24 +204.86.239.0/24 +204.86.240.0/24 +204.86.241.0/24 +204.86.242.0/24 +204.86.243.0/24 +204.86.244.0/24 +204.86.245.0/24 +204.86.246.0/24 +204.86.247.0/24 204.86.248.0/24 204.86.249.0/24 204.86.250.0/23 @@ -40508,10 +41904,12 @@ 204.89.147.0/24 204.89.148.0/22 204.89.152.0/24 -204.89.153.0/23 +204.89.153.0/24 +204.89.154.0/24 204.89.155.0/24 204.89.156.0/23 -204.89.158.0/22 +204.89.158.0/23 +204.89.160.0/23 204.89.162.0/24 204.89.163.0/24 204.89.164.0/22 @@ -40660,7 +42058,9 @@ 204.90.116.0/24 204.90.117.0/24 204.90.118.0/24 -204.90.119.0/22 +204.90.119.0/24 +204.90.120.0/23 +204.90.122.0/24 204.90.123.0/24 204.90.124.0/24 204.90.125.0/24 @@ -40673,7 +42073,8 @@ 204.93.32.0/19 204.93.64.0/19 204.93.128.0/17 -204.94.0.0/14 +204.94.0.0/15 +204.96.0.0/15 204.98.0.0/16 204.99.0.0/16 204.100.0.0/16 @@ -40793,6 +42194,7 @@ 204.107.151.0/24 204.107.152.0/24 204.107.153.0/24 +204.107.154.0/24 204.107.155.0/24 204.107.156.0/24 204.107.157.0/24 @@ -41017,7 +42419,9 @@ 204.115.252.0/23 204.115.254.0/23 204.116.0.0/16 -204.117.0.0/14 +204.117.0.0/16 +204.118.0.0/15 +204.120.0.0/16 204.121.0.0/16 204.122.0.0/21 204.122.8.0/21 @@ -41496,7 +42900,9 @@ 204.130.253.0/24 204.130.254.0/24 204.130.255.0/24 -204.131.0.0/14 +204.131.0.0/16 +204.132.0.0/15 +204.134.0.0/16 204.135.0.0/16 204.136.0.0/21 204.136.8.0/23 @@ -41680,9 +43086,12 @@ 204.145.186.0/24 204.145.187.0/24 204.145.188.0/24 -204.145.189.0/23 -204.145.191.0/23 -204.145.193.0/23 +204.145.189.0/24 +204.145.190.0/24 +204.145.191.0/24 +204.145.192.0/24 +204.145.193.0/24 +204.145.194.0/24 204.145.195.0/24 204.145.196.0/24 204.145.197.0/24 @@ -41732,7 +43141,8 @@ 204.145.243.0/24 204.145.244.0/24 204.145.245.0/24 -204.145.246.0/22 +204.145.246.0/23 +204.145.248.0/23 204.145.250.0/24 204.145.251.0/24 204.145.252.0/23 @@ -42218,7 +43628,8 @@ 204.235.136.0/22 204.235.140.0/23 204.235.142.0/23 -204.235.144.0/19 +204.235.144.0/20 +204.235.160.0/20 204.235.176.0/20 204.235.192.0/20 204.235.224.0/20 @@ -42507,14 +43918,14 @@ 204.247.0.0/16 204.248.0.0/14 204.252.0.0/14 -205.0.0.0/12 -205.16.0.0/13 -205.24.0.0/11 -205.56.0.0/14 -205.60.0.0/15 -205.62.0.0/12 -205.78.0.0/13 -205.86.0.0/11 +205.0.0.0/11 +205.32.0.0/12 +205.48.0.0/13 +205.56.0.0/13 +205.64.0.0/11 +205.96.0.0/12 +205.112.0.0/14 +205.116.0.0/15 205.118.0.0/15 205.120.0.0/13 205.128.0.0/14 @@ -42525,6 +43936,7 @@ 205.132.32.0/21 205.132.40.0/22 205.132.44.0/24 +205.132.45.0/24 205.132.46.0/23 205.132.48.0/21 205.132.56.0/21 @@ -42597,6 +44009,7 @@ 205.142.0.0/22 205.142.4.0/23 205.142.6.0/24 +205.142.7.0/24 205.142.8.0/22 205.142.12.0/23 205.142.16.0/22 @@ -42609,6 +44022,7 @@ 205.142.40.0/22 205.142.44.0/23 205.142.46.0/24 +205.142.47.0/24 205.142.48.0/22 205.142.52.0/22 205.142.56.0/22 @@ -42712,6 +44126,7 @@ 205.145.144.0/21 205.145.152.0/22 205.145.158.0/24 +205.145.159.0/24 205.145.160.0/19 205.145.192.0/19 205.145.224.0/19 @@ -42738,6 +44153,8 @@ 205.149.160.0/19 205.149.192.0/18 205.150.0.0/16 +205.151.0.0/24 +205.151.113.0/24 205.152.0.0/16 205.153.0.0/22 205.153.4.0/22 @@ -42805,7 +44222,8 @@ 205.154.0.0/16 205.155.0.0/16 205.156.0.0/18 -205.156.64.0/17 +205.156.64.0/18 +205.156.128.0/18 205.156.192.0/18 205.157.0.0/18 205.157.64.0/18 @@ -42837,6 +44255,7 @@ 205.159.20.0/24 205.159.21.0/24 205.159.22.0/24 +205.159.23.0/24 205.159.24.0/24 205.159.25.0/24 205.159.26.0/24 @@ -42847,6 +44266,7 @@ 205.159.31.0/24 205.159.32.0/24 205.159.33.0/24 +205.159.34.0/24 205.159.35.0/24 205.159.36.0/24 205.159.37.0/24 @@ -42856,6 +44276,7 @@ 205.159.41.0/24 205.159.42.0/24 205.159.43.0/24 +205.159.44.0/24 205.159.45.0/24 205.159.46.0/24 205.159.47.0/24 @@ -42883,6 +44304,7 @@ 205.159.69.0/24 205.159.70.0/24 205.159.71.0/24 +205.159.72.0/24 205.159.73.0/24 205.159.74.0/24 205.159.75.0/24 @@ -42897,6 +44319,7 @@ 205.159.85.0/24 205.159.86.0/24 205.159.87.0/24 +205.159.88.0/24 205.159.89.0/24 205.159.90.0/24 205.159.91.0/24 @@ -43063,6 +44486,7 @@ 205.159.252.0/24 205.159.253.0/24 205.159.254.0/24 +205.159.255.0/24 205.160.0.0/14 205.164.0.0/18 205.164.64.0/18 @@ -43146,6 +44570,7 @@ 205.166.77.0/24 205.166.78.0/24 205.166.79.0/24 +205.166.80.0/24 205.166.81.0/24 205.166.82.0/24 205.166.83.0/24 @@ -43173,6 +44598,7 @@ 205.166.105.0/24 205.166.106.0/24 205.166.107.0/24 +205.166.108.0/24 205.166.109.0/24 205.166.110.0/24 205.166.111.0/24 @@ -43187,6 +44613,7 @@ 205.166.120.0/24 205.166.121.0/24 205.166.122.0/24 +205.166.123.0/24 205.166.124.0/24 205.166.125.0/24 205.166.126.0/24 @@ -43208,6 +44635,7 @@ 205.166.142.0/24 205.166.143.0/24 205.166.144.0/24 +205.166.145.0/24 205.166.146.0/24 205.166.147.0/24 205.166.148.0/24 @@ -43220,6 +44648,7 @@ 205.166.155.0/24 205.166.156.0/24 205.166.157.0/24 +205.166.158.0/24 205.166.159.0/24 205.166.160.0/24 205.166.161.0/24 @@ -43232,6 +44661,7 @@ 205.166.168.0/24 205.166.169.0/24 205.166.170.0/24 +205.166.171.0/24 205.166.172.0/24 205.166.173.0/24 205.166.174.0/24 @@ -43240,6 +44670,7 @@ 205.166.177.0/24 205.166.178.0/24 205.166.180.0/24 +205.166.181.0/24 205.166.182.0/24 205.166.183.0/24 205.166.184.0/24 @@ -43305,6 +44736,7 @@ 205.166.244.0/24 205.166.245.0/24 205.166.246.0/24 +205.166.247.0/24 205.166.248.0/24 205.166.249.0/24 205.166.250.0/24 @@ -43570,7 +45002,9 @@ 205.175.225.0/24 205.175.226.0/23 205.175.228.0/23 -205.175.230.0/21 +205.175.230.0/23 +205.175.232.0/22 +205.175.236.0/23 205.175.238.0/23 205.175.240.0/22 205.175.244.0/23 @@ -43594,7 +45028,8 @@ 205.184.96.0/19 205.184.128.0/18 205.184.192.0/20 -205.184.208.0/19 +205.184.208.0/20 +205.184.224.0/20 205.184.240.0/20 205.185.0.0/20 205.185.16.0/20 @@ -43615,7 +45050,8 @@ 205.186.224.0/19 205.187.0.0/19 205.187.32.0/20 -205.187.48.0/19 +205.187.48.0/20 +205.187.64.0/20 205.187.80.0/20 205.187.96.0/19 205.187.128.0/19 @@ -43697,6 +45133,7 @@ 205.196.75.0/24 205.196.76.0/24 205.196.77.0/24 +205.196.78.0/23 205.196.80.0/20 205.196.96.0/24 205.196.97.0/24 @@ -43720,6 +45157,7 @@ 205.196.115.0/24 205.196.116.0/24 205.196.117.0/24 +205.196.118.0/23 205.196.120.0/22 205.196.124.0/22 205.196.128.0/19 @@ -43729,6 +45167,7 @@ 205.196.163.0/24 205.196.164.0/24 205.196.165.0/24 +205.196.166.0/23 205.196.168.0/21 205.196.176.0/20 205.196.192.0/24 @@ -43741,6 +45180,7 @@ 205.196.199.0/24 205.196.200.0/24 205.196.201.0/24 +205.196.202.0/23 205.196.204.0/22 205.196.208.0/20 205.196.224.0/19 @@ -43759,7 +45199,8 @@ 205.203.0.0/19 205.203.32.0/19 205.203.64.0/19 -205.203.96.0/18 +205.203.96.0/19 +205.203.128.0/19 205.203.160.0/19 205.203.192.0/19 205.203.224.0/19 @@ -43775,6 +45216,7 @@ 205.207.95.0/24 205.207.100.0/22 205.207.104.0/22 +205.207.108.0/23 205.207.141.0/24 205.207.155.0/24 205.207.156.0/22 @@ -43799,12 +45241,14 @@ 205.210.125.0/24 205.210.145.0/24 205.210.149.0/24 +205.210.186.0/23 205.210.188.0/22 205.210.224.0/24 205.210.234.0/24 205.210.248.0/24 205.210.255.0/24 205.211.0.0/24 +205.211.24.0/23 205.211.91.0/24 205.211.148.0/24 205.211.192.0/18 @@ -43813,7 +45257,8 @@ 205.214.0.0/19 205.214.32.0/19 205.214.64.0/19 -205.214.96.0/18 +205.214.96.0/19 +205.214.128.0/19 205.214.160.0/20 205.214.176.0/20 205.214.224.0/20 @@ -43843,8 +45288,9 @@ 205.223.96.0/20 205.223.112.0/20 205.223.128.0/20 -205.223.144.0/18 -205.223.208.0/20 +205.223.144.0/20 +205.223.160.0/19 +205.223.192.0/19 205.223.224.0/20 205.223.240.0/20 205.224.0.0/14 @@ -43969,8 +45415,8 @@ 206.29.128.0/20 206.29.144.0/20 206.29.160.0/19 -206.29.192.0/15 -206.31.192.0/18 +206.29.192.0/18 +206.30.0.0/15 206.32.0.0/14 206.36.0.0/14 206.40.0.0/19 @@ -44224,20 +45670,22 @@ 206.126.110.0/23 206.126.113.0/24 206.126.114.0/23 -206.126.117.0/23 +206.126.117.0/24 +206.126.118.0/24 206.126.119.0/24 206.126.128.0/19 206.126.160.0/19 206.126.192.0/21 206.126.208.0/20 206.126.224.0/24 -206.126.229.0/23 -206.126.231.0/24 +206.126.229.0/24 +206.126.230.0/23 206.126.234.0/24 206.126.241.0/24 206.126.245.0/24 206.126.250.0/24 -206.126.253.0/23 +206.126.253.0/24 +206.126.254.0/24 206.127.0.0/19 206.127.32.0/19 206.127.64.0/18 @@ -44779,7 +46227,8 @@ 206.214.112.0/20 206.214.128.0/19 206.214.160.0/20 -206.214.176.0/19 +206.214.176.0/20 +206.214.192.0/20 206.214.208.0/20 206.214.224.0/20 206.215.0.0/20 @@ -44788,8 +46237,9 @@ 206.215.64.0/18 206.215.128.0/17 206.216.0.0/20 -206.216.16.0/18 -206.216.80.0/20 +206.216.16.0/20 +206.216.32.0/19 +206.216.64.0/19 206.216.96.0/20 206.216.112.0/20 206.216.128.0/20 @@ -44978,7 +46428,8 @@ 206.223.80.0/24 206.223.81.0/24 206.223.82.0/24 -206.223.83.0/23 +206.223.83.0/24 +206.223.84.0/24 206.223.85.0/24 206.223.86.0/24 206.223.87.0/24 @@ -45280,7 +46731,9 @@ 207.92.48.0/20 207.92.64.0/18 207.92.128.0/20 -207.92.144.0/18 +207.92.144.0/20 +207.92.160.0/19 +207.92.192.0/20 207.92.208.0/20 207.92.224.0/20 207.92.240.0/20 @@ -45291,7 +46744,8 @@ 207.93.112.0/20 207.93.128.0/19 207.93.160.0/20 -207.93.176.0/19 +207.93.176.0/20 +207.93.192.0/20 207.93.208.0/20 207.93.224.0/19 207.94.0.0/20 @@ -45304,12 +46758,14 @@ 207.94.128.0/20 207.94.144.0/20 207.94.160.0/20 -207.94.176.0/19 +207.94.176.0/20 +207.94.192.0/20 207.94.208.0/20 207.94.224.0/19 207.95.0.0/19 207.95.32.0/20 -207.95.48.0/19 +207.95.48.0/20 +207.95.64.0/20 207.95.80.0/20 207.95.96.0/20 207.95.112.0/20 @@ -45468,15 +46924,23 @@ 207.173.0.0/16 207.174.0.0/17 207.174.130.0/24 -207.174.137.0/23 +207.174.137.0/26 +207.174.137.64/26 +207.174.137.128/26 +207.174.137.192/26 +207.174.138.0/24 207.174.139.0/24 207.174.140.0/22 +207.174.156.0/24 207.174.157.0/24 +207.174.172.0/24 207.174.173.0/24 +207.174.174.0/24 207.174.175.0/24 207.174.176.0/20 207.174.201.0/24 207.174.202.0/24 +207.174.203.0/24 207.174.210.0/23 207.174.224.0/20 207.175.0.0/16 @@ -45605,7 +47069,38 @@ 207.220.0.0/19 207.220.32.0/19 207.220.64.0/20 -207.220.80.0/19 +207.220.80.0/24 +207.220.81.0/24 +207.220.82.0/24 +207.220.83.0/24 +207.220.84.0/24 +207.220.85.0/24 +207.220.86.0/24 +207.220.87.0/24 +207.220.88.0/24 +207.220.89.0/24 +207.220.90.0/24 +207.220.91.0/24 +207.220.92.0/24 +207.220.93.0/24 +207.220.94.0/24 +207.220.95.0/24 +207.220.96.0/24 +207.220.97.0/24 +207.220.98.0/24 +207.220.99.0/24 +207.220.100.0/24 +207.220.101.0/24 +207.220.102.0/24 +207.220.103.0/24 +207.220.104.0/24 +207.220.105.0/24 +207.220.106.0/24 +207.220.107.0/24 +207.220.108.0/24 +207.220.109.0/24 +207.220.110.0/24 +207.220.111.0/24 207.220.112.0/20 207.220.128.0/18 207.220.192.0/20 @@ -45752,11 +47247,11 @@ 208.48.192.0/20 208.48.208.0/20 208.48.224.0/19 -208.49.0.0/17 -208.49.128.0/16 +208.49.0.0/16 +208.50.0.0/17 208.50.128.0/18 -208.50.192.0/16 -208.51.192.0/18 +208.50.192.0/18 +208.51.0.0/16 208.52.0.0/17 208.52.128.0/18 208.52.192.0/18 @@ -47288,8 +48783,10 @@ 208.166.0.0/19 208.166.32.0/20 208.166.48.0/20 -208.166.64.0/16 -208.167.64.0/17 +208.166.64.0/18 +208.166.128.0/17 +208.167.0.0/17 +208.167.128.0/18 208.167.192.0/20 208.167.208.0/20 208.167.224.0/19 @@ -47309,7 +48806,8 @@ 208.175.0.0/17 208.175.128.0/20 208.175.144.0/20 -208.175.160.0/18 +208.175.160.0/19 +208.175.192.0/19 208.175.224.0/19 208.176.0.0/16 208.177.0.0/16 @@ -47615,15 +49113,16 @@ 209.108.112.0/20 209.108.128.0/19 209.108.160.0/20 -209.108.176.0/19 -209.108.208.0/20 +209.108.176.0/20 +209.108.192.0/19 209.108.224.0/20 209.108.240.0/20 209.109.0.0/19 209.109.32.0/20 209.109.48.0/20 209.109.64.0/19 -209.109.96.0/18 +209.109.96.0/19 +209.109.128.0/19 209.109.160.0/20 209.109.176.0/20 209.109.192.0/19 @@ -47641,8 +49140,9 @@ 209.110.224.0/19 209.111.0.0/17 209.111.128.0/20 -209.111.144.0/18 -209.111.208.0/20 +209.111.144.0/20 +209.111.160.0/19 +209.111.192.0/19 209.111.224.0/19 209.112.64.0/19 209.112.96.0/20 @@ -47704,6 +49204,7 @@ 209.133.0.0/17 209.133.128.0/18 209.133.192.0/19 +209.133.224.0/19 209.134.0.0/19 209.134.32.0/20 209.134.48.0/20 @@ -47847,9 +49348,10 @@ 209.169.64.0/18 209.169.192.0/22 209.169.196.0/23 -209.169.198.0/22 -209.169.202.0/22 -209.169.206.0/23 +209.169.198.0/23 +209.169.200.0/23 +209.169.202.0/23 +209.169.204.0/22 209.169.208.0/21 209.169.216.0/23 209.169.218.0/23 @@ -47958,8 +49460,8 @@ 209.198.160.0/20 209.198.176.0/20 209.198.192.0/20 -209.198.216.0/20 -209.198.232.0/21 +209.198.216.0/21 +209.198.224.0/20 209.198.240.0/21 209.198.248.0/21 209.199.0.0/16 @@ -48067,7 +49569,8 @@ 209.234.240.0/20 209.235.0.0/20 209.235.16.0/20 -209.235.32.0/18 +209.235.32.0/19 +209.235.64.0/19 209.235.96.0/20 209.235.112.0/20 209.235.128.0/19 @@ -48258,8 +49761,8 @@ 216.21.208.0/20 216.21.224.0/20 216.21.240.0/24 -216.21.241.0/23 -216.21.243.0/24 +216.21.241.0/24 +216.21.242.0/23 216.21.244.0/22 216.21.248.0/21 216.22.0.0/18 @@ -48713,7 +50216,8 @@ 216.125.0.0/16 216.126.0.0/19 216.126.32.0/20 -216.126.48.0/20 +216.126.48.0/21 +216.126.56.0/21 216.126.128.0/18 216.126.192.0/19 216.126.224.0/20 @@ -48848,7 +50352,8 @@ 216.151.36.0/24 216.151.37.0/24 216.151.38.0/24 -216.151.39.0/23 +216.151.39.0/24 +216.151.40.0/24 216.151.41.0/24 216.151.43.0/24 216.151.44.0/23 @@ -49220,11 +50725,9 @@ 216.226.128.0/19 216.226.160.0/20 216.226.176.0/20 -216.226.200.0/23 -216.226.202.0/22 -216.226.206.0/19 -216.226.238.0/20 -216.226.254.0/23 +216.226.200.0/21 +216.226.208.0/20 +216.226.224.0/19 216.227.0.0/17 216.227.128.0/18 216.227.192.0/20 diff --git a/config/pf-blocker/lists/Oceania_cidr.txt b/config/pf-blocker/lists/Oceania_cidr.txt index 6fd18ce8..64e822c4 100755..100644 --- a/config/pf-blocker/lists/Oceania_cidr.txt +++ b/config/pf-blocker/lists/Oceania_cidr.txt @@ -12,8 +12,8 @@ # Total Subnets: 0 # Country: AUSTRALIA # ISO Code: AU -# Total Networks: 5,945 -# Total Subnets: 47,559,680 +# Total Networks: 5,961 +# Total Subnets: 47,569,152 1.0.0.0/24 1.0.4.0/22 1.1.1.0/24 @@ -149,7 +149,8 @@ 61.28.192.0/19 61.29.0.0/17 61.45.248.0/23 -61.45.250.0/23 +61.45.250.0/24 +61.45.251.0/24 61.45.252.0/22 61.68.0.0/16 61.69.0.0/16 @@ -226,6 +227,22 @@ 103.5.230.0/23 103.6.12.0/22 103.6.24.0/23 +103.6.35.0/24 +103.6.105.0/24 +103.6.116.0/24 +103.6.188.0/22 +103.6.208.0/22 +103.6.215.0/24 +103.6.216.0/22 +103.6.252.0/22 +103.7.44.0/22 +103.7.48.0/22 +103.7.72.0/22 +103.7.88.0/22 +103.7.98.0/24 +103.7.99.0/24 +103.7.136.0/22 +103.7.147.0/24 103.10.8.0/24 103.10.11.0/24 103.10.32.0/22 @@ -949,7 +966,6 @@ 175.45.128.0/21 175.45.144.0/20 175.103.16.0/20 -175.106.4.0/22 175.106.24.0/22 175.106.28.0/22 175.107.128.0/18 @@ -1663,7 +1679,6 @@ 202.27.12.0/24 202.27.13.0/24 202.27.15.0/24 -202.36.226.0/24 202.38.139.0/24 202.38.144.0/23 202.38.148.0/24 @@ -2412,7 +2427,6 @@ 203.6.242.0/23 203.6.244.0/24 203.6.245.0/24 -203.6.246.0/24 203.6.247.0/24 203.6.250.0/24 203.6.251.0/24 @@ -3948,7 +3962,8 @@ 203.25.134.0/24 203.25.137.0/24 203.25.139.0/24 -203.25.140.0/22 +203.25.140.0/23 +203.25.142.0/23 203.25.144.0/24 203.25.145.0/24 203.25.146.0/24 @@ -4488,7 +4503,8 @@ 203.30.28.0/24 203.30.30.0/24 203.30.31.0/24 -203.30.32.0/23 +203.30.32.0/24 +203.30.33.0/24 203.30.34.0/24 203.30.35.0/24 203.30.36.0/24 @@ -6005,11 +6021,12 @@ 218.100.77.0/24 # Country: GUAM # ISO Code: GU -# Total Networks: 22 -# Total Subnets: 212,480 +# Total Networks: 23 +# Total Subnets: 213,504 49.128.104.0/22 101.99.128.0/17 103.3.240.0/22 +103.7.100.0/22 114.142.192.0/19 114.142.224.0/19 116.68.0.0/20 @@ -6037,10 +6054,9 @@ 203.196.24.0/21 # Country: MARSHALL ISLANDS # ISO Code: MH -# Total Networks: 2 -# Total Subnets: 2,304 +# Total Networks: 1 +# Total Subnets: 2,048 117.103.88.0/21 -202.94.81.0/24 # Country: MICRONESIA, FEDERATED STATES OF # ISO Code: FM # Total Networks: 2 @@ -6089,8 +6105,8 @@ 223.29.160.0/20 # Country: NEW ZEALAND # ISO Code: NZ -# Total Networks: 1,238 -# Total Subnets: 6,950,400 +# Total Networks: 1,244 +# Total Subnets: 6,954,496 14.1.32.0/19 14.1.64.0/19 14.128.4.0/22 @@ -6128,6 +6144,12 @@ 103.5.156.0/22 103.5.224.0/22 103.6.28.0/22 +103.6.64.0/22 +103.6.89.0/24 +103.6.144.0/22 +103.6.212.0/23 +103.6.232.0/22 +103.7.96.0/23 103.10.44.0/22 103.10.233.0/24 103.11.21.0/24 @@ -6766,7 +6788,6 @@ 202.37.45.0/24 202.37.46.0/23 202.37.48.0/22 -202.37.52.0/23 202.37.54.0/24 202.37.55.0/24 202.37.56.0/24 @@ -7217,6 +7238,7 @@ 202.189.160.0/20 202.191.32.0/20 203.5.28.0/24 +203.6.246.0/24 203.20.241.0/24 203.27.67.0/24 203.30.174.0/24 diff --git a/config/pf-blocker/lists/South_America_cidr.txt b/config/pf-blocker/lists/South_America_cidr.txt index b9c34558..c4679add 100755..100644 --- a/config/pf-blocker/lists/South_America_cidr.txt +++ b/config/pf-blocker/lists/South_America_cidr.txt @@ -3,8 +3,8 @@ # Total Subnets: 60,140,544 # Country: ARGENTINA # ISO Code: AR -# Total Networks: 691 -# Total Subnets: 14,425,856 +# Total Networks: 701 +# Total Subnets: 14,546,944 24.232.0.0/16 66.60.0.0/18 140.191.0.0/16 @@ -72,6 +72,7 @@ 186.96.248.0/22 186.100.0.0/16 186.108.0.0/14 +186.121.128.0/18 186.122.0.0/16 186.123.0.0/16 186.124.0.0/16 @@ -94,6 +95,8 @@ 186.152.0.0/16 186.153.0.0/16 186.157.0.0/16 +186.158.0.0/16 +186.159.120.0/21 186.182.0.0/16 186.189.0.0/17 186.189.128.0/18 @@ -219,7 +222,10 @@ 190.103.208.0/20 190.103.224.0/20 190.103.240.0/20 +190.104.32.0/20 +190.104.48.0/20 190.104.64.0/20 +190.104.192.0/18 190.105.0.0/18 190.105.64.0/18 190.105.144.0/21 @@ -229,12 +235,15 @@ 190.105.196.0/22 190.105.200.0/21 190.105.224.0/20 +190.106.32.0/21 +190.106.80.0/21 190.106.96.0/20 190.106.128.0/19 190.106.160.0/19 190.107.96.0/20 190.107.112.0/20 190.107.240.0/21 +190.108.32.0/19 190.108.76.0/22 190.108.192.0/22 190.108.224.0/20 @@ -656,6 +665,7 @@ 200.124.112.0/21 200.124.122.0/24 200.124.123.0/24 +200.124.126.0/24 200.125.64.0/19 200.125.96.0/19 200.126.128.0/19 @@ -1039,8 +1049,8 @@ 213.144.160.0/19 # Country: CHILE # ISO Code: CL -# Total Networks: 484 -# Total Subnets: 7,354,624 +# Total Networks: 487 +# Total Subnets: 7,390,464 146.83.0.0/16 146.155.0.0/16 152.74.0.0/16 @@ -1153,6 +1163,7 @@ 190.110.160.0/20 190.112.48.0/22 190.113.0.0/19 +190.114.252.0/22 190.120.160.0/20 190.121.0.0/19 190.121.32.0/19 @@ -1176,6 +1187,7 @@ 190.211.160.0/20 190.211.248.0/22 190.215.0.0/17 +190.215.128.0/17 190.217.128.0/17 192.80.24.0/24 192.153.119.0/24 @@ -1497,6 +1509,7 @@ 201.214.0.0/17 201.214.128.0/17 201.215.0.0/16 +201.217.248.0/21 201.218.128.0/19 201.219.128.0/19 201.220.96.0/20 @@ -1527,8 +1540,8 @@ 216.155.64.0/19 # Country: COLOMBIA # ISO Code: CO -# Total Networks: 294 -# Total Subnets: 8,814,336 +# Total Networks: 296 +# Total Subnets: 8,834,816 66.231.64.0/20 157.253.0.0/16 168.176.0.0/16 @@ -1641,6 +1654,7 @@ 190.102.208.0/20 190.103.96.0/20 190.103.112.0/20 +190.107.16.0/20 190.109.128.0/19 190.109.160.0/19 190.110.64.0/19 @@ -1671,6 +1685,7 @@ 190.165.128.0/17 190.182.0.0/18 190.182.64.0/18 +190.184.128.0/18 190.184.200.0/21 190.211.140.0/22 190.240.0.0/18 @@ -1825,8 +1840,8 @@ 216.241.0.0/19 # Country: ECUADOR # ISO Code: EC -# Total Networks: 221 -# Total Subnets: 1,791,744 +# Total Networks: 222 +# Total Subnets: 1,857,280 157.100.0.0/16 186.0.144.0/21 186.3.0.0/18 @@ -1863,6 +1878,7 @@ 190.52.64.0/20 190.52.192.0/20 190.57.128.0/18 +190.63.0.0/16 190.94.128.0/19 190.95.128.0/19 190.95.160.0/19 @@ -2106,8 +2122,8 @@ 201.217.32.0/19 # Country: PERU # ISO Code: PE -# Total Networks: 100 -# Total Subnets: 2,435,072 +# Total Networks: 102 +# Total Subnets: 2,437,120 161.132.0.0/16 181.64.0.0/16 181.65.0.0/16 @@ -2132,6 +2148,7 @@ 190.108.80.0/21 190.108.88.0/21 190.113.192.0/19 +190.114.248.0/22 190.116.0.0/16 190.117.0.0/16 190.118.0.0/16 @@ -2201,6 +2218,7 @@ 200.121.0.0/17 200.121.128.0/17 200.123.0.0/19 +201.217.240.0/22 201.230.0.0/17 201.230.128.0/17 201.240.0.0/17 @@ -2287,8 +2305,8 @@ 201.221.48.0/20 # Country: VENEZUELA # ISO Code: VE -# Total Networks: 146 -# Total Subnets: 5,037,056 +# Total Networks: 147 +# Total Subnets: 5,045,248 129.90.0.0/16 150.185.0.0/16 150.186.0.0/16 @@ -2334,6 +2352,7 @@ 190.93.44.0/22 190.94.192.0/19 190.94.224.0/19 +190.97.224.0/19 190.103.28.0/22 190.103.32.0/20 190.103.48.0/20 diff --git a/config/pf-blocker/pfblocker.inc b/config/pf-blocker/pfblocker.inc index 57d73b57..bb8268a1 100755 --- a/config/pf-blocker/pfblocker.inc +++ b/config/pf-blocker/pfblocker.inc @@ -73,7 +73,7 @@ function pfblocker_Range2CIDR($ip_min, $ip_max) { $network=long2ip(bindec(substr(decbin($ip_min_long),0,$bits).preg_replace("/\d/","0",substr(decbin($ip_min_long),0,(32-$bits))))); #print decbin($ip_min_long)."\n".$network."\n"; return $network . "/". (32 -strlen(decbin($ip_max_long - $ip_min_long))); - } +} function sync_package_pfblocker() { global $g,$config; @@ -81,457 +81,506 @@ function sync_package_pfblocker() { print "no action during boot process...\n"; } else{ - conf_mount_rw(); - #apply fetch timeout to pfsense-utils.inc - $pfsense_utils=file_get_contents('/etc/inc/pfsense-utils.inc'); - $new_pfsense_utils=preg_replace("/\/usr\/bin\/fetch -q/","/usr/bin/fetch -T 5 -q",$pfsense_utils); - if ($new_pfsense_utils != $pfsense_utils) + conf_mount_rw(); + #apply fetch timeout to pfsense-utils.inc + $pfsense_utils=file_get_contents('/etc/inc/pfsense-utils.inc'); + $new_pfsense_utils=preg_replace("/\/usr\/bin\/fetch -q/","/usr/bin/fetch -T 5 -q",$pfsense_utils); + if ($new_pfsense_utils != $pfsense_utils){ file_put_contents('/etc/inc/pfsense-utils.inc',$new_pfsense_utils, LOCK_EX); - - $pfblocker_enable=$config['installedpackages']['pfblocker']['config'][0]['enable_cb']; - $pfblocker_config=$config['installedpackages']['pfblocker']['config'][0]; - $table_limit =($config['system']['maximumtableentries']!= ""?$config['system']['maximumtableentries']:"100000"); - #get local web gui configuration - $web_local=($config['system']['webgui']['protocol'] != ""?$config['system']['webgui']['protocol']:"http"); - $port = $config['system']['webgui']['port']; - if($port == "") { - if($config['system']['webgui']['protocol'] == "http") - $port = "80"; - else - $port = "443"; - } - $web_local .= "://127.0.0.1:".$port.'/pfblocker.php'; - - #check folders - $pfbdir='/usr/local/pkg/pfblocker'; - $pfb_alias_dir='/usr/local/pkg/pfblocker_aliases'; - $pfsense_alias_dir='/var/db/aliastables/'; - if (!is_dir($pfbdir)) - mkdir ($pfbdir,0755); - if (!is_dir($pfb_alias_dir)) - mkdir ($pfb_alias_dir,0755); - if (! is_dir($pfsense_alias_dir)) - mkdir ($pfsense_alias_dir,0755); - - $continents= array( "Africa" => "pfBlockerAfrica", - "Antartica" => "pfBlockerAntartica", - "Asia" => "pfBlockerAsia", - "Europe" => "pfBlockerEurope", - "North America" => "pfBlockerNorthAmerica", - "Oceania" => "pfBlockerOceania", - "South America" => "pfBlockerSouthAmerica", - "Top Spammers" => "pfBlockerTopSpammers"); + } + $pfblocker_enable=$config['installedpackages']['pfblocker']['config'][0]['enable_cb']; + $pfblocker_config=$config['installedpackages']['pfblocker']['config'][0]; + $table_limit =($config['system']['maximumtableentries']!= ""?$config['system']['maximumtableentries']:"100000"); + #get local web gui configuration + $web_local=($config['system']['webgui']['protocol'] != ""?$config['system']['webgui']['protocol']:"http"); + $port = $config['system']['webgui']['port']; + if($port == "") { + if($config['system']['webgui']['protocol'] == "http"){ + $port = "80"; + } + else{ + $port = "443"; + } + } + $web_local .= "://127.0.0.1:".$port.'/pfblocker.php'; - #create rules vars and arrays - $new_aliases=array(); - $new_aliases_list=array(); - $permit_inbound=array(); - $permit_outbound=array(); - $deny_inbound=array(); - $deny_outbound=array(); - $aliases_list=array(); - #check if pfblocker is enabled or not. - $deny_action_inbound=($pfblocker_config['inbound_deny_action']!= ""?$pfblocker_config['inbound_deny_action']:"block"); - $deny_action_outbound=($pfblocker_config['outbound_deny_action']!= ""?$pfblocker_config['outbound_deny_action']:"reject"); - $base_rule= array( "id" => "", - "tag"=> "", - "tagged"=> "", - "max"=> "", - "max-src-nodes"=>"", - "max-src-conn"=> "", - "max-src-states"=>"", - "statetimeout"=>"", - "statetype"=>"keep state", - "os"=> ""); -############################################# -# Assign Countries # -############################################# - foreach ($continents as $continent => $pfb_alias){ - ${$continent}=""; - if (is_array($config['installedpackages']['pfblocker'.strtolower(preg_replace('/ /','',$continent))]['config'])){ - $continent_config=$config['installedpackages']['pfblocker'.strtolower(preg_replace('/ /','',$continent))]['config'][0]; - if ($continent_config['action'] != 'Disabled' && $continent_config['action'] != '' && $pfblocker_enable == "on"){ - foreach (explode(",", $continent_config['countries']) as $iso){ - #var_dump ($iso); - if ($iso <> "" && file_exists($pfbdir.'/'.$iso.'.txt')) - ${$continent} .= file_get_contents($pfbdir.'/'.$iso.'.txt'); - } - if($continent_config['countries'] != "" && $pfblocker_enable == "on"){ - #write alias files - file_put_contents($pfb_alias_dir.'/'.$pfb_alias.'.txt',${$continent},LOCK_EX); - file_put_contents($pfsense_alias_dir.'/'.$pfb_alias.'.txt',${$continent}, LOCK_EX); - #Create alias config - $new_aliases_list[]=$pfb_alias; - $new_aliases[]=array("name"=> $pfb_alias, - "url"=> $web_local.'?pfb='.$pfb_alias, - "updatefreq"=> "32", - "address"=>"", - "descr"=> "pfBlocker country list", - "type"=> "urltable", - "detail"=> "DO NOT EDIT THIS ALIAS"); - #Create rule if action permits - switch($continent_config['action']){ - case "Deny_Both": - $rule = $base_rule; - $rule["type"] = $deny_action_inbound; - $rule["descr"]= "$pfb_alias auto rule"; - $rule["source"]= array("address"=> $pfb_alias); - $rule["destination"]=array("any"=>""); - if ($pfblocker_config['enable_log']) - $rule["log"]=""; - $deny_inbound[]=$rule; - case "Deny_Outbound": - $rule = $base_rule; - $rule["type"] = $deny_action_outbound; - $rule["descr"]= "$pfb_alias auto rule"; - $rule["source"]=array("any"=>""); - $rule["destination"]= array("address"=> $pfb_alias); - if ($pfblocker_config['enable_log']) - $rule["log"]=""; - $deny_outbound[]=$rule; - break; - case "Deny_Inbound": - $rule = $base_rule; - $rule["type"] = $deny_action_inbound; - $rule["descr"]= "$pfb_alias auto rule"; - $rule["source"]= array("address"=> $pfb_alias); - $rule["destination"]=array("any"=>""); - if ($pfblocker_config['enable_log']) - $rule["log"]=""; - $deny_inbound[]=$rule; - break; - case "Permit_Outbound": - $rule = $base_rule; - $rule["type"] = "pass"; - $rule["descr"]= "$pfb_alias auto rule"; - $rule["source"]=array("any"=>""); - $rule["destination"]= array("address"=> $pfb_alias); - if ($pfblocker_config['enable_log']) - $rule["log"]=""; - $permit_outbound[]=$rule; - break; - case "Permit_Inbound": - $rule = $base_rule; - $rule["type"] = "pass"; - $rule["descr"]= "$pfb_alias auto rule"; - $rule["source"]= array("address"=> $pfb_alias); - $rule["destination"]=array("any"=>""); - if ($pfblocker_config['enable_log']) - $rule["log"]=""; - $permit_inbound[]=$rule; - break; - } - + #check folders + $pfbdir='/usr/local/pkg/pfblocker'; + $pfb_alias_dir='/usr/local/pkg/pfblocker_aliases'; + $pfsense_alias_dir='/var/db/aliastables/'; + if (!is_dir($pfbdir)){ + mkdir ($pfbdir,0755); } - } - else{ - #unlink continent list if any - unlink_if_exists($pfb_alias_dir.'/'.$pfb_alias.'.txt'); - } + if (!is_dir($pfb_alias_dir)){ + mkdir ($pfb_alias_dir,0755); + } + if (! is_dir($pfsense_alias_dir)){ + mkdir ($pfsense_alias_dir,0755); + } + + $continents= array( "Africa" => "pfBlockerAfrica", + "Antartica" => "pfBlockerAntartica", + "Asia" => "pfBlockerAsia", + "Europe" => "pfBlockerEurope", + "North America" => "pfBlockerNorthAmerica", + "Oceania" => "pfBlockerOceania", + "South America" => "pfBlockerSouthAmerica", + "Top Spammers" => "pfBlockerTopSpammers"); + + #create rules vars and arrays + $new_aliases=array(); + $new_aliases_list=array(); + $permit_inbound=array(); + $permit_outbound=array(); + $deny_inbound=array(); + $deny_outbound=array(); + $aliases_list=array(); + #check if pfblocker is enabled or not. + $deny_action_inbound=($pfblocker_config['inbound_deny_action']!= ""?$pfblocker_config['inbound_deny_action']:"block"); + $deny_action_outbound=($pfblocker_config['outbound_deny_action']!= ""?$pfblocker_config['outbound_deny_action']:"reject"); + $base_rule= array( "id" => "", + "tag"=> "", + "tagged"=> "", + "max"=> "", + "max-src-nodes"=>"", + "max-src-conn"=> "", + "max-src-states"=>"", + "statetimeout"=>"", + "statetype"=>"keep state", + "os"=> ""); + ############################################# + # Assign Countries # + ############################################# + foreach ($continents as $continent => $pfb_alias){ + ${$continent}=""; + if (is_array($config['installedpackages']['pfblocker'.strtolower(preg_replace('/ /','',$continent))]['config'])){ + $continent_config=$config['installedpackages']['pfblocker'.strtolower(preg_replace('/ /','',$continent))]['config'][0]; + if ($continent_config['action'] != 'Disabled' && $continent_config['action'] != '' && $pfblocker_enable == "on"){ + foreach (explode(",", $continent_config['countries']) as $iso){ + #var_dump ($iso); + if ($iso <> "" && file_exists($pfbdir.'/'.$iso.'.txt')){ + ${$continent} .= file_get_contents($pfbdir.'/'.$iso.'.txt'); + } + } + if($continent_config['countries'] != "" && $pfblocker_enable == "on"){ + #write alias files + file_put_contents($pfb_alias_dir.'/'.$pfb_alias.'.txt',${$continent},LOCK_EX); + file_put_contents($pfsense_alias_dir.'/'.$pfb_alias.'.txt',${$continent}, LOCK_EX); + #Create alias config + $new_aliases_list[]=$pfb_alias; + $new_aliases[]=array( "name"=> $pfb_alias, + "url"=> $web_local.'?pfb='.$pfb_alias, + "updatefreq"=> "32", + "address"=>"", + "descr"=> "pfBlocker country list", + "type"=> "urltable", + "detail"=> "DO NOT EDIT THIS ALIAS"); + #Create rule if action permits + switch($continent_config['action']){ + case "Deny_Both": + $rule = $base_rule; + $rule["type"] = $deny_action_inbound; + $rule["descr"]= "$pfb_alias auto rule"; + $rule["source"]= array("address"=> $pfb_alias); + $rule["destination"]=array("any"=>""); + if ($pfblocker_config['enable_log']){ + $rule["log"]=""; + } + $deny_inbound[]=$rule; + case "Deny_Outbound": + $rule = $base_rule; + $rule["type"] = $deny_action_outbound; + $rule["descr"]= "$pfb_alias auto rule"; + $rule["source"]=array("any"=>""); + $rule["destination"]= array("address"=> $pfb_alias); + if ($pfblocker_config['enable_log']){ + $rule["log"]=""; + } + $deny_outbound[]=$rule; + break; + case "Deny_Inbound": + $rule = $base_rule; + $rule["type"] = $deny_action_inbound; + $rule["descr"]= "$pfb_alias auto rule"; + $rule["source"]= array("address"=> $pfb_alias); + $rule["destination"]=array("any"=>""); + if ($pfblocker_config['enable_log']){ + $rule["log"]=""; + } + $deny_inbound[]=$rule; + break; + case "Permit_Outbound": + $rule = $base_rule; + $rule["type"] = "pass"; + $rule["descr"]= "$pfb_alias auto rule"; + $rule["source"]=array("any"=>""); + $rule["destination"]= array("address"=> $pfb_alias); + if ($pfblocker_config['enable_log']){ + $rule["log"]=""; + } + $permit_outbound[]=$rule; + break; + case "Permit_Inbound": + $rule = $base_rule; + $rule["type"] = "pass"; + $rule["descr"]= "$pfb_alias auto rule"; + $rule["source"]= array("address"=> $pfb_alias); + $rule["destination"]=array("any"=>""); + if ($pfblocker_config['enable_log']){ + $rule["log"]=""; + } + $permit_inbound[]=$rule; + break; + } + + } + } + else{ + #unlink continent list if any + unlink_if_exists($pfb_alias_dir.'/'.$pfb_alias.'.txt'); + } - } - #mark pfctl aliastable for cleanup - if (!in_array($pfb_alias, $aliases_list)) + } + #mark pfctl aliastable for cleanup + if (!in_array($pfb_alias, $aliases_list)){ $aliases_list[]=$pfb_alias; - } + } + } - ############################################# - # Assign lists # - ############################################# - #print "<pre>"; - if($config['installedpackages']['pfblockerlists']['config'] != "") - foreach($config['installedpackages']['pfblockerlists']['config'] as $list){ - $alias="pfBlocker".preg_replace("/\W/","",$list['aliasname']); - #print $list['aliasname'].$list['action']." ".$alias." ".$row['url']."<br>"; - if ($alias != "pfBlocker" && $list['action'] != "" && $list['action'] != 'Disabled' && $pfblocker_enable == "on"){ - #remove empty lists files if any - if (is_array($list['row'])) - foreach ($list['row'] as $row){ - #print $list['aliasname'].$list['action'].$list['cron']." ".$alias." ".$row['url']."$update_local<br>"; - if ($row['url'] != ""){ - $md5_url = md5($row['url']); - if (file_exists($pfbdir."/".$md5_url.".txt")){ - ${$alias}.= file_get_contents($pfbdir.'/'.$md5_url.'.txt'); - } - else{ - if ($row['format'] == "gz") - $url_list= gzfile($row['url']); - else - $url_list= file($row['url']); - #extract range lists - $new_file=""; - if (is_array($url_list)) - foreach ($url_list as $line){ - # CIDR format 192.168.0.0/16 - if (preg_match("/(\d+\.\d+\.\d+\.\d+\/\d+)/",$line,$matches)){ - ${$alias}.= $matches[1]."\n"; - $new_file.= $matches[1]."\n"; - } - # Single ip addresses - if (preg_match("/(\d+\.\d+\.\d+\.\d+)\s+/",$line,$matches)){ - ${$alias}.= $matches[1]."/32\n"; - $new_file.= $matches[1]."/32\n"; - } - # Network range 192.168.0.0-192.168.0.254 - if (preg_match("/(\d+\.\d+\.\d+\.\d+)-(\d+\.\d+\.\d+\.\d+)/",$line,$matches)){ - $cidr= pfblocker_Range2CIDR($matches[1],$matches[2]); - if ($cidr != ""){ - ${$alias}.= $cidr."\n"; - $new_file.= $cidr."\n"; + ############################################# + # Assign lists # + ############################################# + #print "<pre>"; + if($config['installedpackages']['pfblockerlists']['config'] != ""){ + foreach($config['installedpackages']['pfblockerlists']['config'] as $list){ + $alias="pfBlocker".preg_replace("/\W/","",$list['aliasname']); + #print $list['aliasname'].$list['action']." ".$alias." ".$row['url']."<br>"; + if ($alias != "pfBlocker" && $list['action'] != "" && $list['action'] != 'Disabled' && $pfblocker_enable == "on"){ + #remove empty lists files if any + if (is_array($list['row'])){ + foreach ($list['row'] as $row){ + #print $list['aliasname'].$list['action'].$list['cron']." ".$alias." ".$row['url']."$update_local<br>"; + if ($row['url'] != ""){ + $md5_url = md5($row['url']); + if (file_exists($pfbdir."/".$md5_url.".txt")){ + ${$alias}.= file_get_contents($pfbdir.'/'.$md5_url.'.txt'); + } + else{ + if ($row['format'] == "gz"){ + $url_list= gzfile($row['url']); + } + else{ + $url_list= file($row['url']); + } + #extract range lists + $new_file=""; + if (is_array($url_list)){ + foreach ($url_list as $line){ + # CIDR format 192.168.0.0/16 + if (preg_match("/(\d+\.\d+\.\d+\.\d+\/\d+)/",$line,$matches)){ + ${$alias}.= $matches[1]."\n"; + $new_file.= $matches[1]."\n"; + } + # Single ip addresses + if (preg_match("/(\d+\.\d+\.\d+\.\d+)\s+/",$line,$matches)){ + ${$alias}.= $matches[1]."/32\n"; + $new_file.= $matches[1]."/32\n"; + } + # Network range 192.168.0.0-192.168.0.254 + if (preg_match("/(\d+\.\d+\.\d+\.\d+)-(\d+\.\d+\.\d+\.\d+)/",$line,$matches)){ + $cidr= pfblocker_Range2CIDR($matches[1],$matches[2]); + if ($cidr != ""){ + ${$alias}.= $cidr."\n"; + $new_file.= $cidr."\n"; + } + } + } + } + if ($new_file != ""){ + file_put_contents($pfbdir.'/'.$md5_url.'.txt',$new_file, LOCK_EX); + } } } } - if ($new_file != "") - file_put_contents($pfbdir.'/'.$md5_url.'.txt',$new_file, LOCK_EX); - } } - } - #check custom network list - if (pfb_text_area_decode($list['custom']) != "") - ${$alias}.=pfb_text_area_decode($list['custom'])."\n"; - #save alias file if not empty - if (${$alias} == ""){ - unlink_if_exists($pfb_alias_dir.'/'.$alias.'.txt'); + #check custom network list + if (pfb_text_area_decode($list['custom']) != ""){ + ${$alias}.=pfb_text_area_decode($list['custom'])."\n"; } - else{ - file_put_contents($pfb_alias_dir.'/'.$alias.'.txt',${$alias}, LOCK_EX); - file_put_contents($pfsense_alias_dir.'/'.$alias.'.txt',${$alias}, LOCK_EX); - #create alias - $new_aliases_list[]=$alias; - $new_aliases[]=array("name"=> $alias, - "url"=> $web_local.'?pfb='.$alias, - "updatefreq"=> "32", - "address"=>"", - "descr"=> "pfBlocker user list", - "type"=> "urltable", - "detail"=> "DO NOT EDIT THIS ALIAS"); - #Create rule if action permits - switch($list['action']){ - case "Deny_Both": - $rule = $base_rule; - $rule["type"] = $deny_action_inbound; - $rule["descr"]= "$alias auto rule"; - $rule["source"]= array("address"=> $alias); - $rule["destination"]=array("any"=>""); - if ($pfblocker_config['enable_log']) - $rule["log"]=""; - $deny_inbound[]=$rule; - case "Deny_Outbound": - $rule = $base_rule; - $rule["type"] = $deny_action_outbound; - $rule["descr"]= "$alias auto rule"; - $rule["source"]=array("any"=>""); - $rule["destination"]= array("address"=> $alias); - if ($pfblocker_config['enable_log']) - $rule["log"]=""; - $deny_outbound[]=$rule; - break; - case "Deny_Inbound": - $rule = $base_rule; - $rule["type"] = $deny_action_inbound; - $rule["descr"]= "$alias auto rule"; - $rule["source"]= array("address"=> $alias); - $rule["destination"]=array("any"=>""); - if ($pfblocker_config['enable_log']) - $rule["log"]=""; - $deny_inbound[]=$rule; - break; - case "Permit_Outbound": - $rule = $base_rule; - $rule["type"] = "pass"; - $rule["descr"]= "$alias auto rule"; - $rule["source"]=array("any"=>""); - $rule["destination"]= array("address"=> $alias); - if ($pfblocker_config['enable_log']) - $rule["log"]=""; - $permit_outbound[]=$rule; - break; - case "Permit_Inbound": - $rule = $base_rule; - $rule["type"] = "pass"; - $rule["descr"]= "$alias auto rule"; - $rule["source"]= array("address"=> $alias); - $rule["destination"]=array("any"=>""); - if ($pfblocker_config['enable_log']) + #save alias file if not empty + if (${$alias} == ""){ + unlink_if_exists($pfb_alias_dir.'/'.$alias.'.txt'); + } + else{ + file_put_contents($pfb_alias_dir.'/'.$alias.'.txt',${$alias}, LOCK_EX); + file_put_contents($pfsense_alias_dir.'/'.$alias.'.txt',${$alias}, LOCK_EX); + #create alias + $new_aliases_list[]=$alias; + $new_aliases[]=array( "name"=> $alias, + "url"=> $web_local.'?pfb='.$alias, + "updatefreq"=> "32", + "address"=>"", + "descr"=> "pfBlocker user list", + "type"=> "urltable", + "detail"=> "DO NOT EDIT THIS ALIAS"); + #Create rule if action permits + switch($list['action']){ + case "Deny_Both": + $rule = $base_rule; + $rule["type"] = $deny_action_inbound; + $rule["descr"]= "$alias auto rule"; + $rule["source"]= array("address"=> $alias); + $rule["destination"]=array("any"=>""); + if ($pfblocker_config['enable_log']){ + $rule["log"]=""; + } + $deny_inbound[]=$rule; + case "Deny_Outbound": + $rule = $base_rule; + $rule["type"] = $deny_action_outbound; + $rule["descr"]= "$alias auto rule"; + $rule["source"]=array("any"=>""); + $rule["destination"]= array("address"=> $alias); + if ($pfblocker_config['enable_log']){ + $rule["log"]=""; + } + $deny_outbound[]=$rule; + break; + case "Deny_Inbound": + $rule = $base_rule; + $rule["type"] = $deny_action_inbound; + $rule["descr"]= "$alias auto rule"; + $rule["source"]= array("address"=> $alias); + $rule["destination"]=array("any"=>""); + if ($pfblocker_config['enable_log']){ + $rule["log"]=""; + } + $deny_inbound[]=$rule; + break; + case "Permit_Outbound": + $rule = $base_rule; + $rule["type"] = "pass"; + $rule["descr"]= "$alias auto rule"; + $rule["source"]=array("any"=>""); + $rule["destination"]= array("address"=> $alias); + if ($pfblocker_config['enable_log']){ + $rule["log"]=""; + } + $permit_outbound[]=$rule; + break; + case "Permit_Inbound": + $rule = $base_rule; + $rule["type"] = "pass"; + $rule["descr"]= "$alias auto rule"; + $rule["source"]= array("address"=> $alias); + $rule["destination"]=array("any"=>""); + if ($pfblocker_config['enable_log']){ $rule["log"]=""; - $permit_inbound[]=$rule; - break; + } + $permit_inbound[]=$rule; + break; } + } + #mark pfctl aliastable for cleanup + if (!in_array($alias, $aliases_list)){ + $aliases_list[]=$alias; + } + } + else{ + #unlink previous pfblocker alias list if any + unlink_if_exists($pfb_alias_dir.'/'.$alias.'.txt'); } - #mark pfctl aliastable for cleanup - if (!in_array($alias, $aliases_list)) - $aliases_list[]=$alias; - } - else{ - #unlink previous pfblocker alias list if any - unlink_if_exists($pfb_alias_dir.'/'.$alias.'.txt'); } } #update pfsense alias table - if (is_array($config['aliases']['alias'])) + if (is_array($config['aliases']['alias'])){ $aliases=$config['aliases']['alias']; - foreach($aliases as $cbalias){ - if (preg_match("/pfBlocker/",$cbalias['name'])){ - #mark pfctl aliastable for cleaning - if (!in_array($cbalias['name'], $aliases_list)) + foreach($aliases as $cbalias){ + if (preg_match("/pfBlocker/",$cbalias['name'])){ + #mark pfctl aliastable for cleaning + if (!in_array($cbalias['name'], $aliases_list)){ $aliases_list[]=$cbalias['name']; #mark aliastable for cleaning - #remove previous aliastable file if alias is not defined any more - if (!in_array($cbalias['name'], $new_aliases_list)) - unlink_if_exists("/var/db/aliastables/".$cbalias['name'].".txt"); - } - else{ - $new_aliases[]= $cbalias; - if (file_exists($pfb_alias_dir.'/'.$alias.'.txt') && $message ==""){ - preg_match("/(\d+)/",exec("/usr/bin/wc -l ".$pfb_alias_dir.'/'.$alias.'.txt'),$matches); + } + #remove previous aliastable file if alias is not defined any more + if (!in_array($cbalias['name'], $new_aliases_list)){ + unlink_if_exists("/var/db/aliastables/".$cbalias['name'].".txt"); + } + } + else{ + $new_aliases[]= $cbalias; + if (file_exists($pfb_alias_dir.'/'.$alias.'.txt') && $message ==""){ + preg_match("/(\d+)/",exec("/usr/bin/wc -l ".$pfb_alias_dir.'/'.$alias.'.txt'),$matches); + } + if (($matches[1] * 2.1)>= $table_limit ){ + #alias table too large + $message= $alias .' alias table is too large. Reduce networks in list or increase "Firewall Maximum Table Entries" value to at least '. (int)($matches[1] * 2.1) .' in "system - advanced - Firewall/NAT".'; + } } - if (($matches[1] * 2.1)>= $table_limit ) - #alias table too large - $message= $alias .' alias table is too large. Reduce networks in list or increase "Firewall Maximum Table Entries" value to at least '. (int)($matches[1] * 2.1) .' in "system - advanced - Firewall/NAT".'; } } #apply new alias table to xml - if ($message == "") + if ($message == ""){ $config['aliases']['alias']=$new_aliases; + } #exit; - ############################################# - # Assign rules # - ############################################# - #print "<pre>"; - #var_dump($permit_inbound); - #var_dump($permit_outbound); - #var_dump($deny_inbound); - #var_dump($deny_outbound); - #var_dump($pfblocker_config['inbound_interface']); - #print count($deny_inbound) .count($deny_inbound); - # Inbound filter options - $inbound_interfaces = explode(",",$pfblocker_config['inbound_interface']); - if (count($deny_inbound) > 0 || count($permit_inbound) > 0){ - if($pfblocker_config['inbound_interface'] == "") - $message="Unable to apply rules.Inbound Interface option not configured."; - if (in_array("lo0",$inbound_interfaces)) - $message="Floating rules are not implemented in pfBlocker yet, choose Inbound Interface other than loopback or change action to Alias only."; + ############################################# + # Assign rules # + ############################################# + #print "<pre>"; + #var_dump($permit_inbound); + #var_dump($permit_outbound); + #var_dump($deny_inbound); + #var_dump($deny_outbound); + #var_dump($pfblocker_config['inbound_interface']); + #print count($deny_inbound) .count($deny_inbound); + # Inbound filter options + $inbound_interfaces = explode(",",$pfblocker_config['inbound_interface']); + if (count($deny_inbound) > 0 || count($permit_inbound) > 0){ + if($pfblocker_config['inbound_interface'] == ""){ + $message="Unable to apply rules.Inbound Interface option not configured."; + } + if (in_array("lo0",$inbound_interfaces)){ + $message="Floating rules are not implemented in pfBlocker yet, choose Inbound Interface other than loopback or change action to Alias only."; + } } - # Outbound filter options - $outbound_interfaces = explode(",",$pfblocker_config['outbound_interface']); - if (count($deny_outbound) > 0 || count($permit_outbound) > 0){ - if($pfblocker_config['outbound_interface'] == "") - $message="Unable to apply rules.Outbound Interface option not configured."; - if (in_array("lo0",$outbound_interfaces)) - $message="Floating rules are not implemented in pfBlocker yet, choose Outbound Interface other than loopback or change action to Alias only."; + # Outbound filter options + $outbound_interfaces = explode(",",$pfblocker_config['outbound_interface']); + if (count($deny_outbound) > 0 || count($permit_outbound) > 0){ + if($pfblocker_config['outbound_interface'] == ""){ + $message="Unable to apply rules.Outbound Interface option not configured."; + } + if (in_array("lo0",$outbound_interfaces)){ + $message="Floating rules are not implemented in pfBlocker yet, choose Outbound Interface other than loopback or change action to Alias only."; + } } - if ($message == "") - { - $last_iface=""; - $rules=$config['filter']['rule']; - $new_rules=array(); - foreach ($rules as $rule){ - if ($rule['interface'] <> $last_iface){ - $last_iface = $rule['interface']; - #apply pfblocker rules if enabled + if ($message == ""){ + $last_iface=""; + $rules=$config['filter']['rule']; + $new_rules=array(); + # The assumption is that the rules in the config come in groups by interface then priority. + # e.g. all rules for WAN (highest priority first), then for LAN then for OPT1 etc. + # Note that floating rules (interface is "") can appear mixed in the list. + foreach ($rules as $rule){ + # If this next rule is for a non-blank interface, different to the previous interface, + # then add any needed pfblocker rules to the interface. This puts pfblocker rules at the + # top of the list for each interface, after any built-in rules (e.g. anti-lockout) + if (($rule['interface'] != "") && ($rule['interface'] <> $last_iface)){ + $last_iface = $rule['interface']; + #apply pfblocker rules if enabled - #Inbound - foreach ($inbound_interfaces as $inbound_interface) - if ($inbound_interface==$last_iface){ - #permit rules - if (is_array($permit_inbound)) - foreach ($permit_inbound as $cb_rules){ - $cb_rules['interface']=$rule['interface']; - $new_rules[]=$cb_rules; + #Inbound + foreach ($inbound_interfaces as $inbound_interface){ + if ($inbound_interface==$last_iface){ + #permit rules + if (is_array($permit_inbound)){ + foreach ($permit_inbound as $cb_rules){ + $cb_rules['interface']=$rule['interface']; + $new_rules[]=$cb_rules; + } } - #deny rules - if (is_array($deny_inbound)) - foreach ($deny_inbound as $cb_rules){ - $cb_rules['interface']=$rule['interface']; - $new_rules[]=$cb_rules; + #deny rules + if (is_array($deny_inbound)){ + foreach ($deny_inbound as $cb_rules){ + $cb_rules['interface']=$rule['interface']; + $new_rules[]=$cb_rules; + } } + } } - #Outbound - foreach ($outbound_interfaces as $outbound_interface) - if ($outbound_interface==$last_iface){ - #permit rules - if (is_array($permit_outbound)) - foreach ($permit_outbound as $cb_rules){ - $cb_rules['interface']=$rule['interface']; - $new_rules[]=$cb_rules; + #Outbound + foreach ($outbound_interfaces as $outbound_interface){ + if ($outbound_interface==$last_iface){ + #permit rules + if (is_array($permit_outbound)){ + foreach ($permit_outbound as $cb_rules){ + $cb_rules['interface']=$rule['interface']; + $new_rules[]=$cb_rules; + } } - #deny rules - if (is_array($deny_outbound)) - foreach ($deny_outbound as $cb_rules){ - $cb_rules['interface']=$rule['interface']; - $new_rules[]=$cb_rules; + #deny rules + if (is_array($deny_outbound)){ + foreach ($deny_outbound as $cb_rules){ + $cb_rules['interface']=$rule['interface']; + $new_rules[]=$cb_rules; + } } + } } - } - #include all rules that is not from pfBlocker - if (!preg_match("/pfBlocker.*rule/",$rule['descr']) && ($rule['interface'] != "" || $rule['floating']=="yes")) + } + #include all rules that are not from pfBlocker + if (!preg_match("/pfBlocker.*rule/",$rule['descr']) && ($rule['interface'] != "" || $rule['floating']=="yes")){ $new_rules[]=$rule; - } - $config['filter']['rule']=$new_rules; + } + } + $config['filter']['rule']=$new_rules; } - if ($message == ""){ - #check cron - $cron_found=0; - $cron_cmd="/usr/local/bin/php -q /usr/local/www/pfblocker.php cron"; - if (is_array($config['cron']['item'])){ - $new_cron=array(); - foreach($config['cron']['item'] as $cron){ + if ($message == ""){ + #check cron + $cron_found=0; + $cron_cmd="/usr/local/bin/php -q /usr/local/www/pfblocker.php cron"; + if (is_array($config['cron']['item'])){ + $new_cron=array(); + foreach($config['cron']['item'] as $cron){ if (preg_match("/usr.local.www.pfblocker.php cron/",$cron["command"])){ #fix 0.1.4.6 missing php path if($cron["command"]==$cron_cmd && $pfblocker_enable == "on"){ $new_cron['item'][]=$cron; $cron_found=1; - } } + } else{ $new_cron['item'][]=$cron; - } + } } if ($cron_found == 0){ - if($pfblocker_enable == "on") + if($pfblocker_enable == "on"){ $new_cron['item'][]=array( "minute" => "0", - "hour" => "*", - "mday" => "*", - "month" => "*", - "wday" => "*", - "who" => "root", - "command"=> $cron_cmd); - $config['cron']=$new_cron; + "hour" => "*", + "mday" => "*", + "month" => "*", + "wday" => "*", + "who" => "root", + "command"=> $cron_cmd); + } + $config['cron']=$new_cron; } - } + } - # to be removed in final version - $aliases_list[]="pfBlockerInbound"; #remove previous version lists - $aliases_list[]="pfBlockerOutbound";#remove previous version lists - $aliases_list[]="pfBlockerWL"; #remove previous version lists - #exit; - #update pfctrl tables - foreach ($aliases_list as $table) - exec("/sbin/pfctl -t " . escapeshellarg($table) . " -T kill 2>&1", $result_pfb); + # to be removed in final version + $aliases_list[]="pfBlockerInbound"; #remove previous version lists + $aliases_list[]="pfBlockerOutbound"; #remove previous version lists + $aliases_list[]="pfBlockerWL"; #remove previous version lists + #exit; + #update pfctrl tables + foreach ($aliases_list as $table){ + exec("/sbin/pfctl -t " . escapeshellarg($table) . " -T kill 2>&1", $result_pfb); + } - #uncheck donation and credits check box - $config['installedpackages']['pfblocker']['config'][0]['donation']=""; - $config['installedpackages']['pfblocker']['config'][0]['credits']=""; - #write config - write_config(); + #uncheck donation and credits check box + $config['installedpackages']['pfblocker']['config'][0]['donation']=""; + $config['installedpackages']['pfblocker']['config'][0]['credits']=""; + #write config + write_config(); - #update cron - if ($cron_found == 0) - configure_cron(); + #update cron + if ($cron_found == 0){ + configure_cron(); + } - #load filter file after editing - filter_configure(); + #load filter file after editing + filter_configure(); - #sync config - pfblocker_sync_on_changes(); + #sync config + pfblocker_sync_on_changes(); } - else{ - log_error("[pfBlocker] ".$message); - file_notice("pfBlocker", $message, "pfblocker rule apply", ""); - } - conf_mount_ro(); + else{ + log_error("[pfBlocker] ".$message); + file_notice("pfBlocker", $message, "pfblocker rule apply", ""); + } + conf_mount_ro(); } } @@ -541,13 +590,13 @@ function pfblocker_validate_input($post, &$input_errors) { if (empty($value)) continue; if($key == "message_size_limit" && !is_numeric($value)) - $input_errors[] = "Message size limit must be numeric."; + $input_errors[] = "Message size limit must be numeric."; if($key == "process_limit" && !is_numeric($value)) - $input_errors[] = "Process limit must be numeric."; + $input_errors[] = "Process limit must be numeric."; if($key == "freq" && (!preg_match("/^\d+(h|m|d)$/",$value) || $value == 0)) - $input_errors[] = "A valid number with a time reference is required for the field 'Frequency'"; + $input_errors[] = "A valid number with a time reference is required for the field 'Frequency'"; if (substr($key, 0, 2) == "dc" && !is_hostname($value)) - $input_errors[] = "{$value} is not a valid host name."; + $input_errors[] = "{$value} is not a valid host name."; if (substr($key, 0, 6) == "domain" && is_numeric(substr($key, 6))) { if (!is_domain($value)) $input_errors[] = "{$value} is not a valid domain name."; @@ -582,10 +631,11 @@ function pfblocker_sync_on_changes() { return; foreach ($config['installedpackages']['pfblockersync']['config'] as $rs ){ foreach($rs['row'] as $sh){ - $sync_to_ip = $sh['ipaddress']; - $password = $sh['password']; - if($password && $sync_to_ip) - pfblocker_do_xmlrpc_sync($sync_to_ip, $password); + $sync_to_ip = $sh['ipaddress']; + $password = $sh['password']; + if($password && $sync_to_ip){ + pfblocker_do_xmlrpc_sync($sync_to_ip, $password); + } } } log_error("[pfblocker] pfblocker_xmlrpc_sync.php is ending."); @@ -602,18 +652,20 @@ function pfblocker_do_xmlrpc_sync($sync_to_ip, $password) { return; $xmlrpc_sync_neighbor = $sync_to_ip; - if($config['system']['webgui']['protocol'] != "") { + if($config['system']['webgui']['protocol'] != "") { $synchronizetoip = $config['system']['webgui']['protocol']; $synchronizetoip .= "://"; - } - $port = $config['system']['webgui']['port']; - /* if port is empty lets rely on the protocol selection */ - if($port == "") { - if($config['system']['webgui']['protocol'] == "http") + } + $port = $config['system']['webgui']['port']; + /* if port is empty lets rely on the protocol selection */ + if($port == "") { + if($config['system']['webgui']['protocol'] == "http"){ $port = "80"; - else + } + else{ $port = "443"; - } + } + } $synchronizetoip .= $sync_to_ip; /* xml will hold the sections to sync */ @@ -641,8 +693,9 @@ function pfblocker_do_xmlrpc_sync($sync_to_ip, $password) { $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials('admin', $password); - if($g['debug']) + if($g['debug']){ $cli->setDebug(1); + } /* send our XMLRPC message and timeout after 250 seconds */ $resp = $cli->send($msg, "250"); if(!$resp) { @@ -676,7 +729,7 @@ function pfblocker_do_xmlrpc_sync($sync_to_ip, $password) { $cli->setCredentials('admin', $password); $resp = $cli->send($msg, "250"); if(!$resp) { - $error = "A communications error occurred while attempting pfblocker XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; + $error = "A communications error occurred while attempting pfblocker XMLRPC sync with {$url}:{$port} (exec_php)."; log_error($error); file_notice("sync_settings", $error, "pfblocker Settings Sync", ""); } elseif($resp->faultCode()) { @@ -686,7 +739,7 @@ function pfblocker_do_xmlrpc_sync($sync_to_ip, $password) { log_error($error); file_notice("sync_settings", $error, "pfblocker Settings Sync", ""); } else { - log_error("pfblocker XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); + log_error("pfblocker XMLRPC reload data success with {$url}:{$port} (exec_php)."); } } diff --git a/config/pf-blocker/pfblocker.php b/config/pf-blocker/pfblocker.php index cf0df89f..af489b81 100644 --- a/config/pf-blocker/pfblocker.php +++ b/config/pf-blocker/pfblocker.php @@ -23,6 +23,7 @@ if ($argv[1]=='cron'){ require_once("/etc/inc/pkg-utils.inc"); require_once("/etc/inc/globals.inc"); require_once("/etc/inc/filter.inc"); + require_once("/etc/inc/config.inc"); $hour=date('H'); $pfbdir='/usr/local/pkg/pfblocker'; $updates=0; diff --git a/config/pf-blocker/pfblocker_lists.xml b/config/pf-blocker/pfblocker_lists.xml index 42f1c0ae..b9f92b9c 100755 --- a/config/pf-blocker/pfblocker_lists.xml +++ b/config/pf-blocker/pfblocker_lists.xml @@ -129,7 +129,7 @@ <description><![CDATA[Enter lists Alias Names.<br> Example: Badguys<br> Do not include pfBlocker name, it's done by package.<br> - <strong>International, special or space caracters will be ignored in pfsense alias name.</strong><br>]]></description> + <strong>International, special or space caracters will be ignored in firewall alias names.</strong><br>]]></description> <type>input</type> <size>20</size> </field> @@ -201,7 +201,7 @@ <fielddescr>Update frequency</fielddescr> <fieldname>cron</fieldname> <description><![CDATA[Default:<strong>Never</strong><br> - Select how often pfsense will download List files]]></description> + Select how often List files will be downloaded]]></description> <type>select</type> <options> <option><name>Never</name><value>Never</value></option> diff --git a/config/pf-blocker/pfblocker_sync.xml b/config/pf-blocker/pfblocker_sync.xml index 41e5403c..e2e19567 100644 --- a/config/pf-blocker/pfblocker_sync.xml +++ b/config/pf-blocker/pfblocker_sync.xml @@ -106,7 +106,7 @@ <field> <fielddescr>Automatically sync pfBlocker configuration changes</fielddescr> <fieldname>synconchanges</fieldname> - <description>pfSense will automatically sync changes to the hosts defined below.</description> + <description>Automatically sync changes to the hosts defined below.</description> <type>checkbox</type> </field> <field> diff --git a/config/postfix/postfix.inc b/config/postfix/postfix.inc index 5fde243e..93fae05a 100644 --- a/config/postfix/postfix.inc +++ b/config/postfix/postfix.inc @@ -3,7 +3,7 @@ postfix.inc part of the Postfix package for pfSense Copyright (C) 2010 Erik Fonnesbeck - Copyright (C) 2011 Marcello Coutinho + Copyright (C) 2012 Marcello Coutinho All rights reserved. @@ -34,6 +34,10 @@ require_once("functions.inc"); require_once("pkg-utils.inc"); require_once("globals.inc"); +$uname=posix_uname(); +if ($uname['machine']=='amd64') + ini_set('memory_limit', '250M'); + function px_text_area_decode($text){ return preg_replace('/\r\n/', "\n",base64_decode($text)); } @@ -108,15 +112,18 @@ function sync_relay_recipients($via_cron="cron"){ $ldap_unique=array_unique($ldap_all); print "Total ldap recipients:".count($ldap_all)."\tunique:".count($ldap_unique)."\n"; foreach($ldap_unique as $recipient) - $relay_ldap_recipients.=($recipient != ""?$recipient." OK\n":""); + $relay_ldap_recipients.=($recipient != ""?preg_replace("/\s+/","",$recipient)." OK\n":""); #save ldap relay recipients file_put_contents("/usr/local/etc/postfix/relay_ldap_recipients.txt",$relay_ldap_recipients, LOCK_EX); } } } - #save all relay recipients and reload postfix - file_put_contents("/usr/local/etc/postfix/relay_recipients",$relay_ldap_recipients."\n".$relay_recipients, LOCK_EX); + #save all relay recipients, remove duplicates and reload postfix + $recipients_file="/usr/local/etc/postfix/relay_recipients"; + file_put_contents($recipients_file.".unsort",$relay_ldap_recipients."\n".$relay_recipients, LOCK_EX); + exec('/usr/bin/sort -u '.$recipients_file.'.unsort > '.$recipients_file); + unlink_if_exists($recipients_file.'.unsort'); exec("/usr/local/sbin/postmap /usr/local/etc/postfix/relay_recipients"); mwexec("/usr/local/sbin/postfix reload"); } @@ -265,6 +272,17 @@ function check_cron(){ function sync_package_postfix() { global $config; + # detect boot process + if (is_array($_POST)){ + if (preg_match("/\w+/",$_POST['__csrf_magic'])) + unset($boot_process); + else + $boot_process="on"; + } + + if(is_process_running("master") && isset($boot_process)) + return; + #check patch in /etc/inc/config. $relay_domains = ""; $transport = ""; @@ -453,16 +471,16 @@ smtpd_client_restrictions = check_client_access pcre:/usr/local/etc/postfix/cal_ permit smtpd_recipient_restrictions = permit_mynetworks, + reject_unauth_destination, + reject_unauth_pipelining, check_client_access pcre:/usr/local/etc/postfix/cal_pcre, check_client_access cidr:/usr/local/etc/postfix/cal_cidr, + check_sender_access hash:/usr/local/etc/postfix/sender_access, reject_invalid_helo_hostname, - reject_unknown_recipient_domain, reject_non_fqdn_helo_hostname, + reject_unknown_recipient_domain, reject_non_fqdn_recipient, - reject_unauth_destination, - reject_unauth_pipelining, reject_multi_recipient_bounce, - check_sender_access hash:/usr/local/etc/postfix/sender_access, SPFSPFSPFRBLRBLRBL EOF; @@ -482,14 +500,19 @@ smtpd_sender_restrictions = reject_unknown_sender_domain, RBLRBLRBL # Allow connections from specified local clients and rbl check everybody else if rbl check are set. -smtpd_client_restrictions = check_client_access pcre:/usr/local/etc/postfix/cal_pcre, - check_client_access cidr:/usr/local/etc/postfix/cal_cidr, +smtpd_client_restrictions = reject_unauth_destination, + check_sender_access hash:/usr/local/etc/postfix/sender_access, + check_client_access pcre:/usr/local/etc/postfix/cal_pcre, + check_client_access cidr:/usr/local/etc/postfix/cal_cidr RBLRBLRBL # Whitelisting: local clients may specify any destination domain. #, smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, + check_sender_access hash:/usr/local/etc/postfix/sender_access, + check_client_access pcre:/usr/local/etc/postfix/cal_pcre, + check_client_access cidr:/usr/local/etc/postfix/cal_cidr, SPFSPFSPFRBLRBLRBL EOF; @@ -658,14 +681,28 @@ MASTEREOF2; { mwexec("/usr/local/sbin/postmap /usr/local/etc/postfix/".$file); } - - if (!is_dir("/etc/mail")) - mkdir("/etc/mail", 0755); + + #check postix dirs + $dirs=array("/var/spool/postfix","/etc/mail","/var/db/postfix","/var/mail/postfix"); + foreach ($dirs as $dir) + if (!is_dir($dir) && !file_exists($dir)) + mkdir($dir, 0755,TRUE); + + #check postfix owners + $dirs=array("/var/db/postfix","/var/mail/postfix"); + foreach ($dirs as $dir){ + chown($dir, 'postfix'); + chgrp($dir, 'postfix'); + } if (!file_exists("/etc/mail/aliases")) touch("/etc/mail/aliases"); exec("/usr/local/bin/newaliases"); postfix_start(); - postfix_sync_on_changes(); + + #Do not sync during boot + if(!isset($boot_process)) + postfix_sync_on_changes(); + } function postfix_start(){ global $config; diff --git a/config/postfix/postfix_acl.xml b/config/postfix/postfix_acl.xml index 2a2b4633..efc72721 100644 --- a/config/postfix/postfix_acl.xml +++ b/config/postfix/postfix_acl.xml @@ -118,13 +118,14 @@ <fielddescr>Sender</fielddescr> <fieldname>sender_access</fieldname> <description><![CDATA[<strong>HASH filters</strong> that implements whitelisting and blacklisting of full or partial email addresses and domains as specified in the MAIL FROM field :<br> - myfriend@example.com OK<br> + myfriend@example.com DUNNO<br> junk@spam.com REJECT<br> marketing@ REJECT<br> - theboss@ OK<br> + theboss@ DUNNO<br> deals.marketing.com REJECT<br> - somedomain.com OK<br> - See http://www.postfix.org/postconf.5.html#smtpd_sender_restrictions for more help]]> + somedomain.com DUNNO<br><br> + See http://www.postfix.org/postconf.5.html#smtpd_sender_restrictions for more help<br> + <strong>Note: a result of "OK" in this field is not allowed/wanted for safety reasons(it may accept forged senders as it will not do other spam checks). Instead, use DUNNO in order to exclude specific hosts from blacklists.</strong>]]> </description> <type>textarea</type> <cols>83</cols> diff --git a/config/quagga_ospfd/quagga_ospfd.inc b/config/quagga_ospfd/quagga_ospfd.inc new file mode 100644 index 00000000..075820e4 --- /dev/null +++ b/config/quagga_ospfd/quagga_ospfd.inc @@ -0,0 +1,276 @@ +<?php +/* + quagga_ospfd.inc + Copyright (C) 2010 Ermal Luçi + Copyright (C) 2012 Jim Pingle + part of pfSense + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +function quagga_ospfd_get_interfaces() { + global $config; + $interfaces = get_configured_interface_with_descr(); + $ospf_ifs = array(); + foreach ($interfaces as $iface => $ifacename) { + $tmp["name"] = $ifacename; + $tmp["value"] = $iface; + $ospf_ifs[] = $tmp; + } + + foreach (array('server', 'client') as $mode) { + if (is_array($config['openvpn']["openvpn-{$mode}"])) { + foreach ($config['openvpn']["openvpn-{$mode}"] as $id => $setting) { + if (!isset($setting['disable'])) { + $tmp["name"] = gettext("OpenVPN") . " ".$mode.": ".htmlspecialchars($setting['description']); + $tmp["value"] = 'ovpn' . substr($mode, 0, 1) . $setting['vpnid']; + $ospf_ifs[] = $tmp; + } + } + } + } + + return $ospf_ifs; +} + +function quagga_ospfd_install_conf() { + global $config, $g, $input_errors; + + conf_mount_rw(); + + if ($config['installedpackages']['quaggaospfd']['rawconfig'] && $config['installedpackages']['quaggaospfd']['rawconfig']['item']) { + // if there is a raw config specifyed in tthe config.xml use that instead of the assisted config + $conffile = implode("\n",$config['installedpackages']['quaggaospfd']['rawconfig']['item']); + //$conffile = $config['installedpackages']['quaggaospfd']['rawconfig']; + } else { + // generate ospfd.conf based on the assistant + if($config['installedpackages']['quaggaospfd']['config']) + $ospfd_conf = &$config['installedpackages']['quaggaospfd']['config'][0]; + else { + log_error("Quagga OSPFd: No config data found."); + return; + } + + $conffile = "# This file was created by the pfSense package manager. Do not edit!\n\n"; + + if($ospfd_conf['password']) + $conffile .= "password {$ospfd_conf['password']}\n"; + + if ($ospfd_conf['logging']) + $conffile .= "log syslog\n"; + + /* Interface Settings */ + $passive_interfaces = array(); + $interface_networks = array(); + if ($config['installedpackages']['quaggaospfdinterfaces']['config']) { + foreach ($config['installedpackages']['quaggaospfdinterfaces']['config'] as $conf) { + $realif = get_real_interface($conf['interface']); + $conffile .= "interface {$realif}\n" ; + if (!empty($conf['metric'])) { + $conffile .= " ip ospf cost {$conf['metric']}\n"; + } + if (!empty($conf['hellointervalinseconds'])) { + $conffile .= " ip ospf hello-interval {$conf['hellointervalinseconds']}\n"; + } + if ($conf['md5password'] && !empty($conf['password'])) { + $conffile .= " ip ospf authentication message-digest\n"; + $conffile .= " ip ospf message-digest-key 1 md5 \"" . substr($conf['password'], 0, 15) . "\"\n"; + } else if (!empty($conf['password'])) { + $conffile .= " ip ospf authentication-key \"" . substr($conf['password'], 0, 8) . "\"\n"; + } + if (!empty($conf['routerpriorityelections'])) { + $conffile .= " ip ospf priority {$conf['routerpriorityelections']}\n"; + } + if (!empty($conf['retransmitinterval'])) { + $conffile .= " ip ospf retransmit-interval {$conf['retransmitinterval']}\n"; + } + if (!empty($conf['deadtimer'])) { + $conffile .= " ip ospf dead-interval {$conf['deadtimer']}\n"; + } + if (!empty($conf['passive'])) { + $passive_interfaces[] = $realif; + } + $interface_ip = find_interface_ip($realif); + $interface_subnet = find_interface_subnet($realif); + /* Cheap hack since point-to-points won't attach if /32 is used. */ + if ($interface_subnet == 32) + $interface_subnet = 30; + $subnet = gen_subnet($interface_ip, $interface_subnet); + $interface_networks[] = "{$subnet}/{$interface_subnet}"; + } + } + + /* OSPF Settings */ + + $conffile .= "\n\nrouter ospf\n"; + + // Specify router id + if($ospfd_conf['routerid']) + $conffile .= " ospf router-id {$ospfd_conf['routerid']}\n"; + + if ($ospfd_conf['updatefib']) + $conffile .= " area {$ospfd_conf['area']} stub\n"; + + if ($ospfd_conf['logging'] && $ospfd_conf['adjacencylog']) + $conffile .= " log-adjacency-changes detail\n"; + + if ($ospfd_conf['redistributeconnectedsubnets']) + $conffile .= " redistribute connected\n"; + + if ($ospfd_conf['redistributestatic']) + $conffile .= " redistribute static\n"; + + if ($ospfd_conf['redistributedefaultroute']) + $conffile .= " default-information originate\n"; + + if ($ospfd_conf['spfholdtime'] || $ospfd_conf['spfdelay']) { + $spf_minhold = ($ospfd_conf['spfholdtime']) ? $ospfd_conf['spfholdtime'] : 1000; + $spf_maxhold = $spf_minhold * 10; + $spf_delay = ($ospfd_conf['spfdelay']) ? $ospfd_conf['spfdelay'] : 200; + $conffile .= " timers throttle spf {$spf_delay} {$spf_minhold} {$spf_maxhold}\n"; + } + + if ($ospfd_conf['rfc1583']) + $conffile .= " ospf rfc1583compatibility\n"; + + if (is_array($passive_interfaces)) + foreach ($passive_interfaces as $pint) + $conffile .= " passive-interface {$pint}\n"; + + if (is_array($interface_networks)) + foreach ($interface_networks as $ifn) + if (is_subnet($ifn)) + $conffile .= " network {$ifn} area {$ospfd_conf['area']}\n"; + + if (is_array($ospfd_conf['row'])) { + foreach ($ospfd_conf['row'] as $redistr) { + if (isset($redistr['redistribute'])) + $conffile .= " no "; + $conffile .= " network {$redistr['routevalue']} area {$ospfd_conf['area']}\n"; + } + } + } + + $fd = fopen("/usr/local/etc/quagga/ospfd.conf", "w"); + + // Write out the configuration file + fwrite($fd, $conffile); + + // Close file handle + fclose($fd); + + /* Make zebra config */ + $zebraconffile = "# This file was created by the pfSense package manager. Do not edit!\n\n"; + if($ospfd_conf['password']) + $zebraconffile .= "password {$ospfd_conf['password']}\n"; + if ($ospfd_conf['logging']) + $zebraconffile .= "log syslog\n"; + $fd = fopen("/usr/local/etc/quagga/zebra.conf", "w"); + fwrite($fd, $zebraconffile); + fclose($fd); + + // Create rc.d file + $rc_file_stop = <<<EOF +kill -9 `cat /var/run/quagga/zebra.pid` +kill -9 `cat /var/run/quagga/ospfd.pid` +rm -f /var/run/quagga/zebra.pid +rm -f /var/run/quagga/ospfd.pid +EOF; + $rc_file_start = <<<EOF +/bin/mkdir -p /var/run/quagga +/bin/mkdir -p /var/log/quagga +rm -f /var/run/quagga/zebra.pid +rm -f /var/run/quagga/ospfd.pid +/usr/sbin/chown -R quagga:quagga /usr/local/etc/quagga/ +/usr/sbin/chown -R quagga:quagga /var/run/quagga +/usr/sbin/chown -R quagga:quagga /var/log/quagga +/usr/local/sbin/zebra -d +/usr/local/sbin/ospfd -d +EOF; + write_rcfile(array( + "file" => "quagga.sh", + "start" => $rc_file_start, + "stop" => $rc_file_stop + ) + ); + + // Ensure files have correct permissions + exec("chmod a+rx /usr/local/etc/rc.d/quagga.sh"); + exec("chmod u+rw,go-rw /usr/local/etc/quagga/ospfd.conf"); + exec("chmod u+rw,go-rw /usr/local/etc/quagga/zebra.conf"); + + // Kick off newly created rc.d script + exec("/usr/local/etc/rc.d/quagga.sh restart"); + + // Back to RO mount for NanoBSD and friends + conf_mount_ro(); +} + +function quagga_ospfd_validate_interface() { + global $config, $g, $id, $input_errors; + + if ($config['installedpackages']['quaggaospfdinterfaces']['config']) { + foreach ($config['installedpackages']['quaggaospfdinterfaces']['config'] as $index => $conf) { + if ($index == 0) + continue; + if ($id != $index && $conf['interface'] == $_POST['interface']) + $input_errors[] = "Interface {$_POST['interface']} is already configured."; + } + } + if ($_POST['md5password'] && empty($_POST['password'])) + $input_errors[] = "Please input a password."; +} + +function quagga_ospfd_validate_input() { + global $config, $g, $input_errors; + + if (!empty($_POST['routerid']) && !is_ipaddr($_POST['routerid'])) + $input_errors[] = "Router ID must be an address."; + if (!is_ipaddr($_POST['area'])) + $input_errors[] = "Area needs to be a valid ip_address."; + if ($_POST['spfholdtime'] <> "" && ($_POST['spfholdtime'] < 1 || $_POST['spfholdtime'] > 5)) + $input_errors[] = "SPF holdtime needs to be between 1 and 5."; + if ($_POST['spfdelay'] <> "" && ($_POST['spfdelay'] < 1 || $_POST['spfdelay'] > 10)) + $input_errors[] = "SPF delay needs to be between 1 and 10."; + if (!$config['installedpackages']['quaggaospfdinterfaces']['config']) + $input_errors[] = "Please select an interface to use for Quagga OSPFd."; +} + +// get the raw ospfd confi file for manual inspection/editing +function quagga_ospfd_get_raw_config() { + return file_get_contents("/usr/local/etc/quagga/ospfd.conf"); +} + +// serialize the raw ospfd confi file to config.xml +function quagga_ospfd_put_raw_config($conffile) { + global $config; + if ($conffile == "") + unset($config['installedpackages']['quaggaospfd']['rawconfig']); + else { + $config['installedpackages']['quaggaospfd']['rawconfig'] = array(); + $config['installedpackages']['quaggaospfd']['rawconfig']['item'] = explode("\n",$_POST['quagga_ospfd_raw']); + $config['installedpackages']['quaggaospfd']['rawconfig'] = $conffile; + } +} + +?> diff --git a/config/quagga_ospfd/quagga_ospfd.xml b/config/quagga_ospfd/quagga_ospfd.xml new file mode 100644 index 00000000..3e76c4e4 --- /dev/null +++ b/config/quagga_ospfd/quagga_ospfd.xml @@ -0,0 +1,173 @@ +<packagegui> + <name>quagga_ospfd</name> + <version>0.1</version> + <title>Services: Quagga OSPFd</title> + <include_file>/usr/local/pkg/quagga_ospfd.inc</include_file> + <aftersaveredirect>pkg_edit.php?xml=quagga_ospfd.xml&id=0</aftersaveredirect> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>644</chmod> + <item>http://www.pfsense.com/packages/config/quagga_ospfd/quagga_ospfd.inc</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>644</chmod> + <item>http://www.pfsense.com/packages/config/quagga_ospfd/quagga_ospfd_interfaces.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>644</chmod> + <item>http://www.pfsense.com/packages/config/quagga_ospfd/status_ospfd.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/bin/</prefix> + <chmod>777</chmod> + <item>http://www.pfsense.com/packages/config/quagga_ospfd/quaggactl</item> + </additional_files_needed> + <menu> + <name>Quagga OSPFd</name> + <tooltiptext>Modify Quagga ospfd settings.</tooltiptext> + <section>Services</section> + <configfile>quagga_ospfd.xml</configfile> + <url>/pkg_edit.php?xml=quagga_ospfd.xml&id=0</url> + </menu> + <tabs> + <tab> + <text>Global Settings</text> + <url>pkg_edit.php?xml=quagga_ospfd.xml&id=0</url> + <active/> + </tab> + <tab> + <text>Interface Settings</text> + <url>pkg.php?xml=quagga_ospfd_interfaces.xml</url> + </tab> + <tab> + <text>Status</text> + <url>/status_ospfd.php</url> + </tab> + </tabs> + <service> + <name>Quagga OSPFd</name> + <rcfile>quagga.sh</rcfile> + <executable>ospfd</executable> + </service> + <service> + <name>Quagga Zebra</name> + <rcfile>quagga.sh</rcfile> + <executable>zebra</executable> + </service> + <fields> + <field> + <fielddescr>Master Password</fielddescr> + <fieldname>password</fieldname> + <description> + <![CDATA[ + Password to access the Zebra and OSPF management daemons. Required. + ]]> + </description> + <type>input</type> + <required/> + </field> + <field> + <fielddescr>Logging</fielddescr> + <fieldname>logging</fieldname> + <description>If set to yes, Logs will be written via syslog.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Log Adjacency Changes</fielddescr> + <fieldname>adjacencylog</fieldname> + <description>If set to yes, adjacency changes will be written via syslog.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Router ID</fielddescr> + <fieldname>routerid</fieldname> + <description> + <![CDATA[ + Specify the Router ID. RID is the highest logical (loopback) IP address configured on a router. For more information on router identifiers see <a target='_new' href='http://en.wikipedia.org/wiki/Open_Shortest_Path_First'>wikipedia</a>. + ]]> + </description> + <type>input</type> + </field> + <field> + <fielddescr>Area</fielddescr> + <fieldname>area</fieldname> + <description> + <![CDATA[ + OSPFd area for this instance of OSPF. For more information on Areas see <a target='_new' href='http://en.wikipedia.org/wiki/Open_Shortest_Path_First#Area_types'>wikipedia</a>. + ]]> + </description> + <type>input</type> + <required/> + </field> + <field> + <fielddescr>Disable FIB updates (Routing table)</fielddescr> + <fieldname>updatefib</fieldname> + <description>Disables the updating of the host routing table(turns into stub router).</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Redistribute connected subnets</fielddescr> + <fieldname>redistributeconnectedsubnets</fieldname> + <description>Enables the redistribution of connected networks (Default no)</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Redistribute default route</fielddescr> + <fieldname>redistributedefaultroute</fieldname> + <description>Enables the redistribution of a default route to this device (Default no)</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Redistribute static</fielddescr> + <fieldname>redistributestatic</fieldname> + <description>Enables the redistribution of static routes</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>SPF Hold Time</fielddescr> + <fieldname>spfholdtime</fieldname> + <description>Set the SPF holdtime in MILLIseconds. The minimum time between two consecutive shortest path first calculations. The default value is 5 seconds; the valid range is 1-5 seconds.</description> + <type>input</type> + </field> + <field> + <fielddescr>SPF Delay</fielddescr> + <fieldname>spfdelay</fieldname> + <description>Set SPF delay in MILLIseconds. The delay between receiving an update to the link state database and starting the shortest path first calculation. The default value is 1; valid range is 1-10 seconds.</description> + <type>input</type> + </field> + <field> + <fielddescr>RFC 1583 compatible</fielddescr> + <fieldname>rfc1583</fieldname> + <description>If set to yes, decisions regarding AS-external routes are evaluated according to RFC 1583. The default is no.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>These rules take precedence over any redistribute options specified above.</fielddescr> + <fieldname>none</fieldname> + <type>rowhelper</type> + <rowhelper> + <rowhelperfield> + <fielddescr>Disable <br/>Redistribution</fielddescr> + <fieldname>redistribute</fieldname> + <description>Redistribute rules.</description> + <type>checkbox</type> + <size>20</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Subnet to Route</fielddescr> + <fieldname>routevalue</fieldname> + <type>input</type> + <size>25</size> + </rowhelperfield> + </rowhelper> + </field> + </fields> + <custom_php_resync_config_command> + quagga_ospfd_install_conf(); + </custom_php_resync_config_command> + <custom_php_validation_command> + quagga_ospfd_validate_input(); + </custom_php_validation_command> +</packagegui>
\ No newline at end of file diff --git a/config/quagga_ospfd/quagga_ospfd_interfaces.xml b/config/quagga_ospfd/quagga_ospfd_interfaces.xml new file mode 100644 index 00000000..e0f55a58 --- /dev/null +++ b/config/quagga_ospfd/quagga_ospfd_interfaces.xml @@ -0,0 +1,128 @@ +<packagegui> + <name>quagga_ospfd_interfaces</name> + <version>0.1</version> + <title>Services: Quagga OSPFd</title> + <include_file>/usr/local/pkg/quagga_ospfd.inc</include_file> + <aftersaveredirect>pkg.php?xml=quagga_ospfd_interfaces.xml</aftersaveredirect> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/quagga_ospfd/quagga_ospfd.inc</item> + </additional_files_needed> + <menu> + <name>OSPF</name> + <tooltiptext>Modify Quagga ospfd Interface settings.</tooltiptext> + <section>Services</section> + <configfile>quagga_ospfd.xml</configfile> + <url>/pkg_edit.php?xml=quagga_ospfd.xml&id=0</url> + </menu> + <tabs> + <tab> + <text>Global Settings</text> + <url>pkg_edit.php?xml=quagga_ospfd.xml&id=0</url> + </tab> + <tab> + <text>Interface Settings</text> + <url>pkg.php?xml=quagga_ospfd_interfaces.xml</url> + <active/> + </tab> + <tab> + <text>Status</text> + <url>/status_ospfd.php</url> + </tab> + </tabs> + <adddeleteeditpagefields> + <columnitem> + <fielddescr>Interface</fielddescr> + <fieldname>interface</fieldname> + </columnitem> + <columnitem> + <fielddescr>Description</fielddescr> + <fieldname>descr</fieldname> + </columnitem> + </adddeleteeditpagefields> + <service> + <name>Quagga OSPFd</name> + <rcfile>quagga.sh</rcfile> + <executable>ospfd</executable> + </service> + <service> + <name>Quagga Zebra</name> + <rcfile>quagga.sh</rcfile> + <executable>zebra</executable> + </service> + <fields> + <field> + <fielddescr>Interface</fielddescr> + <fieldname>interface</fieldname> + <description>Enter the desired participating interface here.</description> + <type>select_source</type> + <source><![CDATA[quagga_ospfd_get_interfaces()]]></source> + <source_name>name</source_name> + <source_value>value</source_value> + <required/> + </field> + <field> + <fielddescr>Metric</fielddescr> + <fieldname>metric</fieldname> + <description>Metric (cost) for this OSPF interface (leave blank for default).</description> + <type>input</type> + </field> + <field> + <fielddescr>Description</fielddescr> + <fieldname>descr</fieldname> + <size>30</size> + <type>input</type> + </field> + <field> + <fielddescr>Interface is Passive</fielddescr> + <fieldname>passive</fieldname> + <description>Prevent transmission and reception of OSPF packets on this interface. The specified interface will be announced as a stub network.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Enable MD5 password for this Quagga OSPFd interface (default no)</fielddescr> + <fieldname>md5password</fieldname> + <description>Enables the use of an MD5 password to on this instance</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Password</fielddescr> + <fieldname>password</fieldname> + <description>Password for this OSPF interface.</description> + <type>input</type> + </field> + <field> + <fielddescr>Router Priority</fielddescr> + <fieldname>routerpriorityelections</fieldname> + <description> + Router priority when participating in elections for DR (Default 1) Valid range is 0-255. 0 will cause the router to not participate in election. + </description> + <type>input</type> + </field> + <field> + <fielddescr>Hello Interval</fielddescr> + <fieldname>hellointervalinseconds</fieldname> + <description>Hello Interval this OSPF interface in seconds (Default 10).</description> + <type>input</type> + </field> + <field> + <fielddescr>Retransmit Interval</fielddescr> + <fieldname>retransmitinterval</fieldname> + <description>Retransmit Interval this OSPF interface in seconds (Default 5).</description> + <type>input</type> + </field> + <field> + <fielddescr>Dead Timer</fielddescr> + <fieldname>deadtimer</fieldname> + <description>Dead Timer for this OSPF interface in seconds (Default 40).</description> + <type>input</type> + </field> + </fields> + <custom_php_resync_config_command> + quagga_ospfd_install_conf(); + </custom_php_resync_config_command> + <custom_php_validation_command> + quagga_ospfd_validate_interface(); + </custom_php_validation_command> +</packagegui> diff --git a/config/quagga_ospfd/quaggactl b/config/quagga_ospfd/quaggactl new file mode 100644 index 00000000..198a8411 --- /dev/null +++ b/config/quagga_ospfd/quaggactl @@ -0,0 +1,75 @@ +#!/bin/sh +RC_SCRIPT=/usr/local/etc/rc.d/quagga.sh + +ZEBRA_CONFIG=/usr/local/etc/quagga/zebra.conf +ZEBRA_PORT=2601 +ZEBRA_PASSWORD=`/usr/bin/grep '^password ' ${ZEBRA_CONFIG} | /usr/bin/awk '{print $2};'` + +OSPF_CONFIG=/usr/local/etc/quagga/ospfd.conf +OSPF_PORT=2604 +OSPF_PASSWORD=`/usr/bin/grep '^password ' ${OSPF_CONFIG} | /usr/bin/awk '{print $2};'` + +daemon_command() { + COMMANDS=${2} + COMMANDS=${COMMANDS}`echo -e "\n${3}\n"` + COMMANDS=${COMMANDS}`echo -e "\nexit\n"` + echo "$COMMANDS" | /usr/bin/nc localhost ${1} | /usr/bin/tail -n +10 | sed '$d' +} + +case $1 in +stop) + $RC_SCRIPT stop + ;; +start) + $RC_SCRIPT start + ;; +restart) + $RC_SCRIPT restart + ;; +zebra) + case $2 in + cpu*) + daemon_command ${ZEBRA_PORT} ${ZEBRA_PASSWORD} "show thread cpu" + ;; + mem*) + shift; shift; + daemon_command ${ZEBRA_PORT} ${ZEBRA_PASSWORD} "show memory $*" + ;; + int*) + daemon_command ${ZEBRA_PORT} ${ZEBRA_PASSWORD} "show interface $3" + ;; + rou*) + daemon_command ${ZEBRA_PORT} ${ZEBRA_PASSWORD} "show ip route" + ;; + esac ;; +ospf) + case $2 in + cpu*) + daemon_command ${OSPF_PORT} ${OSPF_PASSWORD} "show thread cpu" + ;; + mem*) + shift; shift; + daemon_command ${OSPF_PORT} ${OSPF_PASSWORD} "show memory $*" + ;; + gen*) + daemon_command ${OSPF_PORT} ${OSPF_PASSWORD} "show ip ospf" + ;; + nei*) + shift; shift; + daemon_command ${OSPF_PORT} ${OSPF_PASSWORD} "show ip ospf neighbor $*" + ;; + dat*) + shift; shift; + daemon_command ${OSPF_PORT} ${OSPF_PASSWORD} "show ip ospf database $*" + ;; + int*) + daemon_command ${OSPF_PORT} ${OSPF_PASSWORD} "show ip ospf interface $3" + ;; + bor*) + daemon_command ${OSPF_PORT} ${OSPF_PASSWORD} "show ip ospf border-routers" + ;; + rou*) + daemon_command ${OSPF_PORT} ${OSPF_PASSWORD} "show ip ospf route" + ;; + esac ;; +esac diff --git a/config/quagga_ospfd/status_ospfd.php b/config/quagga_ospfd/status_ospfd.php new file mode 100644 index 00000000..438347ff --- /dev/null +++ b/config/quagga_ospfd/status_ospfd.php @@ -0,0 +1,129 @@ +<?php +/* + status_ospfd.php + Copyright (C) 2010 Nick Buraglio; nick@buraglio.com + Copyright (C) 2010 Scott Ullrich <sullrich@pfsense.org> + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INClUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); + +$pgtitle = "Quagga OSPF: Status"; +include("head.inc"); + +$control_script = "/usr/local/bin/quaggactl"; + +/* List all of the commands as an index. */ +function listCmds() { + global $commands; + echo "<br/>This status page includes the following information:\n"; + echo "<ul width=\"100%\">\n"; + for ($i = 0; isset($commands[$i]); $i++ ) { + echo "<li><strong><a href=\"#" . $commands[$i][0] . "\">" . $commands[$i][0] . "</a></strong></li>\n"; + } + echo "</ul>\n"; +} + +function execCmds() { + global $commands; + for ($i = 0; isset($commands[$i]); $i++ ) { + doCmdT($commands[$i][0], $commands[$i][1]); + } +} + +/* Define a command, with a title, to be executed later. */ +function defCmdT($title, $command) { + global $commands; + $title = htmlspecialchars($title,ENT_NOQUOTES); + $commands[] = array($title, $command); +} + +function doCmdT($title, $command) { + echo "<p>\n"; + echo "<a name=\"" . $title . "\">\n"; + echo "<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\n"; + echo "<tr><td class=\"listtopic\">" . $title . "</td></tr>\n"; + echo "<tr><td class=\"listlr\"><pre>"; /* no newline after pre */ + + $execOutput = ""; + $execStatus = ""; + exec ($command . " 2>&1", $execOutput, $execStatus); + for ($i = 0; isset($execOutput[$i]); $i++) { + if ($i > 0) { + echo "\n"; + } + echo htmlspecialchars($execOutput[$i],ENT_NOQUOTES); + } + echo "</pre></tr>\n"; + echo "</table>\n"; +} + +?> + +<html> + <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> + <?php include("fbegin.inc"); ?> + <?php if ($savemsg) print_info_box($savemsg); ?> + + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr><td class="tabnavtbl"> +<?php + $tab_array = array(); + $tab_array[] = array(gettext("Settings"), false, "/pkg_edit.php?xml=quagga_ospfd.xml&id=0"); + $tab_array[] = array(gettext("Interface Settings"), false, "/pkg.php?xml=quagga_ospfd_interfaces.xml"); + $tab_array[] = array(gettext("Status"), true, "/status_ospfd.php"); + display_top_tabs($tab_array); + ?> + </td></tr> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td> +<?php + defCmdT("Quagga OSPF General", "{$control_script} ospf general"); + defCmdT("Quagga OSPF Neighbors", "{$control_script} ospf neighbor"); + defCmdT("Quagga OSPF Database", "{$control_script} ospf database"); + defCmdT("Quagga OSPF Router Database", "{$control_script} ospf database router"); + defCmdT("Quagga OSPF Routes", "{$control_script} ospf route"); + defCmdT("Quagga Zebra Routes", "{$control_script} zebra route"); + defCmdT("Quagga OSPF Interfaces", "{$control_script} ospf interfaces"); + defCmdT("Quagga OSPF CPU Usage", "{$control_script} ospf cpu"); + defCmdT("Quagga OSPF Memory", "{$control_script} ospf mem"); +?> + <div id="cmdspace" style="width:100%"> + <?php listCmds(); ?> + <?php execCmds(); ?> + </div> + </td> + </tr> + </table> + </div> + </td> + </tr> + </table> + <?php include("fend.inc"); ?> + </body> +</html> diff --git a/config/sarg/sarg.inc b/config/sarg/sarg.inc new file mode 100644 index 00000000..2bcd4115 --- /dev/null +++ b/config/sarg/sarg.inc @@ -0,0 +1,496 @@ +<?php +/* ========================================================================== */ +/* + sarg.inc + part of pfSense (http://www.pfSense.com) + Copyright (C) 2007 Joao Henrique F. Freitas + Copyright (C) 2012 Marcello Coutinho + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + +$uname=posix_uname(); +if ($uname['machine']=='amd64') + ini_set('memory_limit', '250M'); + +// STATIC VARS +$sarg_proxy=array( 'squid_rc'=>'/usr/local/etc/rc.d/squid.sh', + 'squid_config'=>'/var/squid/logs/access.log', + 'squidguard_config'=>'/usr/local/etc/squidGuard/squidGuard.conf', + 'squidguard_block_log'=>'/var/squidGuard/log/block.log', + 'dansguardian_config'=>'/usr/local/etc/dansguardian/dansguardian.conf', + 'dansguardian_log'=>'/var/log/dansguardian/access.log'); + +// END STATIC VARS + +function sarg_start() { + global $g, $config; + + // reserved +} + +function sarg_text_area_decode($text){ + return preg_replace('/\r\n/', "\n",base64_decode($text)); +} + +function sarg_resync() { + global $config; + if (($_POST['Submit'] == 'Save') || !isset($_POST['Submit'])) + sync_package_sarg(); + if ($_POST['Submit'] == 'Force udpate now') + run_sarg(); + +} +function log_rotate($log_file){ + global $config, $g; + + #remove .10 rotate log file + unlink_if_exists("$log_file".".10"); + #rotate logs from 9 to 0 + $i=9; + while ($i>=0){ + if (file_exists($log_file.".".$i)) + rename ($log_file.".".$i,$log_file.".".($i+1)); + $i=$i-1; + } + #rotate current log + if (file_exists("$log_file")) + rename ($log_file,$log_file.".0"); +} +function run_sarg($id=-1) { + global $config, $g,$sarg_proxy; + #mount filesystem writeable + conf_mount_rw(); + $cmd = "/usr/local/bin/sarg"; + if ($id >= 0 && is_array($config['installedpackages']['sargschedule']['config'])){ + $args=$config['installedpackages']['sargschedule']['config'][$id]['args']; + $action=$config['installedpackages']['sargschedule']['config'][$id]['action']; + } + else{ + $args=$_POST['args']; + $action=$_POST['action']; + } + log_error("Sarg: force refresh now with '".$args."' args and ".$action." action after sarg finish."); + + mwexec($cmd. " ".$args); + #check if there is a script to run after file save + if (is_array($config['installedpackages']['sarg'])) + switch ($config['installedpackages']['sarg']['config'][0]['proxy_server']){ + case "squidguard": + if ($action =="both" || $action=="rotate"){ + log_error('executing squidguard log rotate after sarg.'); + log_rotate($sarg_proxy['squidguard_block_log']); + file_put_contents($sarg_proxy['squidguard_block_log'],"",LOCK_EX); + chown($sarg_proxy['squidguard_block_log'],'proxy'); + chgrp($sarg_proxy['squidguard_block_log'],'proxy'); + mwexec('/usr/local/sbin/squid -k reconfigure'); + } + #leave this case without break to run squid rotate too. + case "squid": + if ($action =="both" || $action=="rotate"){ + log_error('executing squid log rotate after sarg.'); + mwexec('/usr/local/sbin/squid -k rotate'); + } + if ($action =="both" || $action=="restart"){ + if (file_exists($sarg_proxy['squid_rc'])) + mwexec_bg($sarg_proxy['squid_rc'].' restart'); + } + break; + case "dansguardian": + if (preg_match('/\w+/',$action) && $action !="none"){ + log_rotate($sarg_proxy['dansguardian_log']); + log_error('restarting dansguardian after sarg and log rotate.'); + mwexec('/usr/bin/killall -HUP dansguardian'); + } + break; + } + #mount filesystem readonly + conf_mount_ro(); +} + +function sync_package_sarg() { + global $config, $g,$sarg_proxy; + + # detect boot process + if (is_array($_POST)){ + if (!preg_match("/\w+/",$_POST['__csrf_magic'])) + return; + } + $update_conf=0; + #mount filesystem writeable + conf_mount_rw(); + if (!is_array($config['installedpackages']['sarg']['config'])) + $config['installedpackages']['sarg']['config'][0]=array('report_options'=>'use_graphs,remove_temp_files,main_index,use_comma,date_time_by_bytes', + 'report_type'=>'topusers,topsites,sites_users,users_sites,date_time,denied,auth_failures,site_user_time_date,downloads', + 'report_type'=>'u', + 'report_charset'=>'UTF-8', + 'topuser_num'=>'0', + 'authfail_report_limit'=>'0', + 'denied_report_limit'=>'0', + 'user_report_limit' =>'0', + 'lastlog'=> '0', + 'max_elapsed'=> '0'); + $sarg=$config['installedpackages']['sarg']['config'][0]; + if (!is_array($config['installedpackages']['sarguser']['config'])) + $config['installedpackages']['sarguser']['config'][0]=array('user_sort_field'=>'BYTES', + 'exclude_userlist'=> $sarg['exclude_userlist'], + 'include_userlist'=> $sarg['include_userlist'], + 'usertab'=>$sarg['usertab'], + 'ldap_filter_search'=> '(uid=%s)', + 'ldap_target_attr'=> 'cn', + 'ldap_port'=> '389', + 'ntlm_user_format'=>'domainname+username'); + $sarguser=$config['installedpackages']['sarguser']['config'][0]; + $access_log=$sarg['proxy_server']; + switch ($sarg['proxy_server']){ + case 'dansguardian': + $access_log= $sarg_proxy['dansguardian_log']; + $dansguardian_conf=$sarg_proxy['dansguardian_config']; + $dansguardian_filter_out_date="dansguardian_filter_out_date on"; + $squidguard_conf='squidguard_conf none'; + break; + case 'squidguard': + $squidguard_conf='squidguard_conf '.$sarg_proxy['squidguard_config']; + $redirector_log_format='redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end#'; + #Leve this case without break to include squid log file on squidguard option + case 'squid': + $access_log= $sarg_proxy['squid_config']; + if (is_array($config['installedpackages']['squid']['config'])) + if (file_exists($config['installedpackages']['squid']['config'][0]['log_dir']. '/access.log')) + $access_log = $config['installedpackages']['squid']['config'][0]['log_dir']. '/access.log'; + break; + } + if (!file_exists($access_log) && $access_log !=""){ + $error="Sarg config error: ".$sarg['proxy_server']." log file ($access_log) does not exists"; + log_error($error); + file_notice("Sarg", $error, "Sarg Settings", ""); + } + + #general tab + $graphs=(preg_match('/use_graphs/',$sarg['report_options'])?"yes":"no"); + $anonymous_output_files=(preg_match('/anonymous_output_files/',$sarg['report_options'])?"yes":"no"); + $resolve_ip=(preg_match('/resolve_ip/',$sarg['report_options'])?"yes":"no"); + $user_ip=(preg_match('/user_ip/',$sarg['report_options'])?"yes":"no"); + $sort_order=(preg_match('/user_sort_field_order/',$sarg['report_options'])?"REVERSE":"NORMAL"); + $remove_temp_files=(preg_match('/remove_temp_files/',$sarg['report_options'])?"yes":"no"); + $main_index=(preg_match('/main_index/',$sarg['report_options'])?"yes":"no"); + $index_tree=(preg_match('/index_tree/',$sarg['report_options'])?"file":"date"); + $overwrite_report=(preg_match('/overwrite_report/',$sarg['report_options'])?"yes":"no"); + $use_comma=(preg_match('/use_comma/',$sarg['report_options'])?"yes":"no"); + $long_url=(preg_match('/long_url/',$sarg['report_options'])?"yes":"no"); + $privacy=(preg_match('/privacy/',$sarg['report_options'])?"yes":"no"); + $displayed_values=(preg_match('/displayed_values/',$sarg['report_options'])?"abbreviation":"bytes"); + $bytes_in_sites_users_report=(preg_match('/bytes_in_sites_users_report/',$sarg['report_options'])?"yes":"no"); + $date_time_by=(preg_match('/date_time_by_bytes/',$sarg['report_options'])?"bytes":""); + $date_time_by.=(preg_match('/date_time_by_elap/',$sarg['report_options'])?" elap":""); + $date_format=(empty($sarg['report_date_format'])?"u":$sarg['report_date_format']); + $report_type=preg_replace('/,/',' ',$sarg['report_type']); + $report_charset=(empty($sarg['report_charset'])?"UTF-8":$sarg['report_charset']); + $exclude_string=(empty($sarg['exclude_string'])?"":'exclude_string "'.$sarg['exclude_string'].'"'); + + #limits + $max_elapsed=(empty($sarg['max_elapsed'])?"0":$sarg['max_elapsed']); + $lastlog=(empty($sarg['lastlog'])?"0":$sarg['lastlog']); + $topuser_num=(empty($sarg['topuser_num'])?"0":$sarg['topuser_num']); + $authfail_report_limit=(empty($sarg['authfail_report_limit'])?"0":$sarg['authfail_report_limit']); + $denied_report_limit=(empty($sarg['denied_report_limit'])?"0":$sarg['denied_report_limit']); + $report_limit=(empty($sarg['user_report_limit'])?"0":$sarg['user_report_limit']); + $user_report_limit = "siteusers_report_limit ".$report_limit."\n"; + $user_report_limit .= "user_report_limit ".$report_limit."\n"; + if(preg_match("/(squidguard|dansguardian)/",$sarg['proxy_server'])){ + $user_report_limit .= $sarg['proxy_server']."_report_limit ".$report_limit."\n"; + } + + #user tab + $ntlm_user_format=(empty($sarguser['ntlm_user_format'])?'domainname+username':$sarguser['ntlm_user_format']); + if(!empty($sarguser['include_userlist'])) + $include_users="$include_users ".$sarguser['include_userlist']; + + if(empty($sarguser['usertab'])){ + $usertab="none"; + } + else{ + $usertab="/usr/local/etc/sarg/usertab.conf"; + file_put_contents('/usr/local/etc/sarg/usertab.conf', sarg_text_area_decode($sarguser['usertab']),LOCK_EX); + } + if($sarguser['ldap_enable']){ + $LDAPHost=(empty($sarguser['ldap_host'])?"":"LDAPHost ".$sarguser['ldap_host']); + $LDAPort=(empty($sarguser['ldap_port'])?"":"LDAPPort ".$sarguser['ldap_port']); + $LDAPBindDN=(empty($sarguser['ldap_bind_dn'])?"":"LDAPBindDN ".$sarguser['ldap_bind_dn']); + $LDAPBindPW=(empty($sarguser['ldap_bind_pw'])?"":"LDAPBindPW ".$sarguser['ldap_bind_pw']); + $LDAPBaseSearch=(empty($sarguser['ldap_base_search'])?"":"LDAPBaseSearch ".$sarguser['ldap_base_search']); + $LDAPTargetAttr=(empty($sarguser['ldap_target_Attr'])?"":"LDAPTargetAttr ".$sarguser['ldap_target_Attr']); + $LDAPFilterSearch=(empty($sarguser['ldap_filter_search'])?"":"LDAPFilterSearch ".$sarguser['ldap_filter_search']); + } + + #dirs + $dirs=array("/usr/local/www/sarg-reports"); + foreach ($dirs as $dir) + if (!is_dir($dir)) + mkdir ($dir,0755,true); + + //log_error($_POST['__csrf_magic']." sarg log:". $access_log); + #create sarg config files + include("/usr/local/pkg/sarg.template"); + file_put_contents("/usr/local/etc/sarg/sarg.conf", $sg, LOCK_EX); + file_put_contents('/usr/local/etc/sarg/exclude_hosts.conf', sarg_text_area_decode($sarg['exclude_hostlist']),LOCK_EX); + file_put_contents('/usr/local/etc/sarg/exclude_codes', sarg_text_area_decode($sarg['exclude_codelist']),LOCK_EX); + file_put_contents('/usr/local/etc/sarg/hostalias',sarg_text_area_decode($sarg['hostalias']),LOCK_EX); + file_put_contents('/usr/local/etc/sarg/exclude_users.conf', sarg_text_area_decode($sarguser['exclude_userlist']),LOCK_EX); + + #check cron_tab + $new_cron=array(); + $cron_found=0; + if (is_array($config['cron']['item'])) + foreach($config['cron']['item'] as $cron){ + if (preg_match("/usr.local.www.sarg.php/",$cron["command"])) + $cron_found++; + else + $new_cron['item'][]=$cron; + } + $cron_cmd="/usr/local/bin/php /usr/local/www/sarg.php"; + $sarg_schedule_id=0; + if (is_array($config['installedpackages']['sargschedule']['config'])) + foreach ($config['installedpackages']['sargschedule']['config'] as $sarg_schedule){ + if(preg_match('/(\d+)m/',$sarg_schedule['frequency'],$matches) && $sarg_schedule['enable']){ + $new_cron['item'][]=array( "minute" => "*/".$matches[1], + "hour" => "*", + "mday" => "*", + "month" => "*", + "wday" => "*", + "who" => "root", + "command"=> $cron_cmd." ".$sarg_schedule_id); + $config['cron']=$new_cron; + $cron_found++; + } + if(preg_match('/(\d+)h/',$sarg_schedule['frequency'],$matches) && $sarg_schedule['enable']){ + $new_cron['item'][]=array( "minute" => "0", + "hour" => "*/".$matches[1], + "mday" => "*", + "month" => "*", + "wday" => "*", + "who" => "root", + "command"=> $cron_cmd." ".$sarg_schedule_id); + $config['cron']=$new_cron; + $cron_found++; + } + if(preg_match('/(\d+)d/',$sarg_schedule['frequency'],$matches) && $sarg_schedule['enable']){ + $new_cron['item'][]=array( "minute" => "0", + "hour" => "0", + "mday" => "*/".$matches[1], + "month" => "*", + "wday" => "*", + "who" => "root", + "command"=> $cron_cmd." ".$sarg_schedule_id); + $config['cron']=$new_cron; + $cron_found++; + } + $sarg_schedule_id++; + } + + #update cron + if ($cron_found > 0){ + $config['cron']=$new_cron; + write_config(); + configure_cron(); + } + #Write config if any file from filesystem was loaded + if ($update_conf > 0) + write_config(); + + #mount filesystem readonly + conf_mount_ro(); + + sarg_sync_on_changes(); +} + +function sarg_validate_input($post, &$input_errors) { + global $config,$g; + foreach ($post as $key => $value) { + if (empty($value)) + continue; + # check dansguardian + if (substr($key, 0, 12) == "proxy_server" && $value == "dansguardian"){ + if (is_array($config['installedpackages']['dansguardianlog'])){ + if ($config['installedpackages']['dansguardianlog']['config'][0]['logfileformat']!=3){ + $input_errors[]='Sarg is only compatible with dansguardian log squid mode'; + $input_errors[]='Please change it on service -> dansguarian -> report and log -> log file format'; + } + } + else + $input_errors[]='dansguardian package not detected'; + } + + # check squidguard + if (substr($key, 0, 10) == "proxy_server" && $value == "squidguard") + if (!is_array($config['installedpackages']['squidguardgeneral'])) + $input_errors[]='squidguard package not detected'; + + # check squid + if (substr($key, 0, 5) == "proxy_server" && $value == "squid"){ + if (is_array($config['installedpackages']['squid'])) + if (!$config['installedpackages']['squid']['log_enabled']) + $input_errors[]='squidlogs not enabled'; + else + $input_errors[]='squid package not installed'; + } + + if (substr($key, 0, 11) == "description" && !preg_match("@^[a-zA-Z0-9 _/.-]+$@", $value)) + $input_errors[] = "Do not use special characters on description"; + if (substr($key, 0, 8) == "fullfile" && !preg_match("@^[a-zA-Z0-9_/.-]+$@", $value)) + $input_errors[] = "Do not use special characters on filename"; + #check cron option + if($key == "frequency" && (!preg_match("/^\d+(h|m|d)$/",$value) || $value == 0)) + $input_errors[] = "A valid number with a time reference is required for the field 'Update Frequency'"; + } +} + + +/* Uses XMLRPC to synchronize the changes to a remote node */ +function sarg_sync_on_changes() { + global $config, $g; + + log_error("[sarg] sarg_xmlrpc_sync.php is starting."); + $synconchanges = $config['installedpackages']['sargsync']['config'][0]['synconchanges']; + if(!$synconchanges) + return; + foreach ($config['installedpackages']['sargsync']['config'] as $rs ){ + foreach($rs['row'] as $sh){ + $sync_to_ip = $sh['ipaddress']; + $password = $sh['password']; + if($sh['username']) + $username = $sh['username']; + else + $username = 'admin'; + if($password && $sync_to_ip) + sarg_do_xmlrpc_sync($sync_to_ip, $username, $password); + } + } + log_error("[sarg] sarg_xmlrpc_sync.php is ending."); +} +/* Do the actual XMLRPC sync */ +function sarg_do_xmlrpc_sync($sync_to_ip, $username, $password) { + global $config, $g; + + if(!$username) + return; + + if(!$password) + return; + + if(!$sync_to_ip) + return; + + $xmlrpc_sync_neighbor = $sync_to_ip; + if($config['system']['webgui']['protocol'] != "") { + $synchronizetoip = $config['system']['webgui']['protocol']; + $synchronizetoip .= "://"; + } + $port = $config['system']['webgui']['port']; + /* if port is empty lets rely on the protocol selection */ + if($port == "") { + if($config['system']['webgui']['protocol'] == "http") + $port = "80"; + else + $port = "443"; + } + $synchronizetoip .= $sync_to_ip; + + /* xml will hold the sections to sync */ + $xml = array(); + $xml['sarg'] = $config['installedpackages']['sarg']; + $xml['sarguser'] = $config['installedpackages']['sarguser']; + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($xml) + ); + + /* set a few variables needed for sync code borrowed from filter.inc */ + $url = $synchronizetoip; + log_error("Beginning sarg XMLRPC sync to {$url}:{$port}."); + $method = 'pfsense.merge_installedpackages_section_xmlrpc'; + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials($username, $password); + if($g['debug']) + $cli->setDebug(1); + /* send our XMLRPC message and timeout after 250 seconds */ + $resp = $cli->send($msg, "250"); + if(!$resp) { + $error = "A communications error occurred while attempting sarg XMLRPC sync with {$url}:{$port}."; + log_error($error); + file_notice("sync_settings", $error, "sarg Settings Sync", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, "250"); + $error = "An error code was received while attempting sarg XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "sarg Settings Sync", ""); + } else { + log_error("sarg XMLRPC sync successfully completed with {$url}:{$port}."); + } + + /* tell sarg to reload our settings on the destionation sync host. */ + $method = 'pfsense.exec_php'; + $execcmd = "require_once('/usr/local/pkg/sarg.inc');\n"; + $execcmd .= "sync_package_sarg();"; + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($execcmd) + ); + + log_error("sarg XMLRPC reload data {$url}:{$port}."); + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials($username, $password); + $resp = $cli->send($msg, "250"); + if(!$resp) { + $error = "A communications error occurred while attempting sarg XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; + log_error($error); + file_notice("sync_settings", $error, "sarg Settings Sync", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, "250"); + $error = "An error code was received while attempting sarg XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "sarg Settings Sync", ""); + } else { + log_error("sarg XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); + } + +} + +function sarg_php_install_command() { + sync_package_sarg(); +} + +function sarg_php_deinstall_command() { + // reserved +} + +?> diff --git a/config/sarg/sarg.php b/config/sarg/sarg.php new file mode 100644 index 00000000..98e6c426 --- /dev/null +++ b/config/sarg/sarg.php @@ -0,0 +1,50 @@ +<?php +/* $Id$ */ +/* ========================================================================== */ +/* + sarg.php + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 Marcello Coutinho + + All rights reserved. +*/ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + +require_once("/etc/inc/util.inc"); +require_once("/etc/inc/functions.inc"); +require_once("/etc/inc/pkg-utils.inc"); +require_once("/etc/inc/globals.inc"); +require_once("/usr/local/pkg/sarg.inc"); + +$uname=posix_uname(); +if ($uname['machine']=='amd64') + ini_set('memory_limit', '250M'); + +if (preg_match ("/(\d+)/",$argv[1],$matches)) + run_sarg($matches[1]); + + +?>
\ No newline at end of file diff --git a/config/sarg/sarg.template b/config/sarg/sarg.template new file mode 100644 index 00000000..affcdfc2 --- /dev/null +++ b/config/sarg/sarg.template @@ -0,0 +1,811 @@ +<?php +/* + sag.template + part of the Dansguardian package for pfSense + Copyright (C) 2012 Marcello Coutinho + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + +*/ + +#create sarg.conf + $sg=<<<EOF +# sarg.conf +# +# TAG: access_log file +# Where is the access.lo +# sarg -l file +# +access_log {$access_log} + +# TAG: graphs yes|no +# Use graphics where is possible. +# graph_days_bytes_bar_color blue|green|yellow|orange|brown|red +# +graphs {$graphs} +#graph_days_bytes_bar_color orange + +# TAG: graph_font +# The full path to the TTF font file to use to create the graphs. It is required +# if graphs is set to yes. +# +#graph_font /usr/share/fonts/truetype/ttf-dejavu/DejaVuSans.ttf + +# TAG: title +# Especify the title for html page. +# +#title "Squid User Access Reports" + +# TAG: font_face +# Especify the font for html page. +# +#font_face Tahoma,Verdana,Arial + +# TAG: header_color +# Especify the header color +# +#header_color darkblue + +# TAG: header_bgcolor +# Especify the header bgcolor +# +#header_bgcolor blanchedalmond + +# TAG: font_size +# Especify the text font size +# +#font_size 9px + +# TAG: header_font_size +# Especify the header font size +# +#header_font_size 9px + +# TAG: title_font_size +# Especify the title font size +# +#title_font_size 11px + +# TAG: background_color +# TAG: background_color +# Html page background color +# +# background_color white + +# TAG: text_color +# Html page text color +# +#text_color #000000 + +# TAG: text_bgcolor +# Html page text background color +# +#text_bgcolor lavender + +# TAG: title_color +# Html page title color +# +#title_color green + +# TAG: logo_image +# Html page logo. +# +#logo_image none + +# TAG: logo_text +# Html page logo text. +# +#logo_text "" + +# TAG: logo_text_color +# Html page logo texti color. +# +#logo_text_color #000000 + +# TAG: logo_image_size +# Html page logo image size. +# width height +# +#image_size 80 45 + +# TAG: background_image +# Html page background image +# +#background_image none + +# TAG: password +# User password file used by Squid authentication scheme +# If used, generate reports just for that users. +# +#password none + +# TAG: temporary_dir +# Temporary directory name for work files +# sarg -w dir +# +#temporary_dir /tmp + +# TAG: output_dir +# The reports will be saved in that directory +# sarg -o dir +# +output_dir /usr/local/www/sarg-reports + +# TAG: anonymous_output_files yes/no +# Use anonymous file and directory names in the report. If it is set to +# no (the default), the user id/ip/name is slightly mangled to create a +# suitable file name to store the report of the user but the user's +# identity can easily be guessed from the mangled name. If this option is +# set, any file or directory belonging to the user is replaced by a short +# number. The purpose is to hide the identity of the user when looking +# at the report file names but it may serve to shorten the path too. +# +anonymous_output_files {$anonymous_output_files} + +# TAG: output_email +# Email address to send the reports. If you use this tag, no html reports will be generated. +# sarg -e email +# +#output_email none + +# TAG: resolve_ip yes/no +# Convert ip address to dns name +# sarg -n +resolve_ip {$resolve_ip} + +# TAG: user_ip yes/no +# Use Ip Address instead userid in reports. +# sarg -p +user_ip {$user_ip} + +# TAG: topuser_sort_field field normal/reverse +# Sort field for the Topuser Report. +# Allowed fields: USER CONNECT BYTES TIME +# +topuser_sort_field {$sarguser['user_sort_field']} {$sort_order} + +# TAG: user_sort_field field normal/reverse +# Sort field for the User Report. +# Allowed fields: SITE CONNECT BYTES TIME +# +user_sort_field {$sarguser['user_sort_field']} {$sort_order} + +# TAG: exclude_users file +# users within the file will be excluded from reports. +# you can use indexonly to have only index.html file. +# +exclude_users /usr/local/etc/sarg/exclude_users.conf + +# TAG: exclude_hosts file +# Hosts, domains or subnets will be excluded from reports. +# +# Eg.: 192.168.10.10 - exclude ip address only +# 192.168.10.0/24 - exclude full C class +# s1.acme.foo - exclude hostname only +# *.acme.foo - exclude full domain name +# +exclude_hosts /usr/local/etc/sarg/exclude_hosts.conf + +# TAG: useragent_log file +# useragent.log file patch to generate useragent report. +# +#useragent_log none + +# TAG: date_format +# Date format in reports: e (European=dd/mm/yy), u (American=mm/dd/yy), w (Weekly=yy.ww) +# +#date_format u +date_format {$date_format} + +# TAG: per_user_limit file MB +# Saves userid on file if download exceed n MB. +# This option allow you to disable user access if user exceed a download limit. +# +#per_user_limit none + +# TAG: lastlog n +# How many reports files must be keept in reports directory. +# The oldest report file will be automatically removed. +# 0 - no limit. +# +#lastlog 0 +lastlog {$lastlog} + +# TAG: remove_temp_files yes +# Remove temporary files: geral, usuarios, top, periodo from root report directory. +# +remove_temp_files {$remove_temp_files} + +# TAG: index yes|no|only +# Generate the main index.html. +# only - generate only the main index.html +# +index {$main_index} + +# TAG: index_tree date|file +# How to generate the index. +# +index_tree {$index_tree} + +# TAG: index_fields +# The columns to show in the index of the reports +# Columns are: dirsize +# +#index_fields dirsize + +# TAG: overwrite_report yes|no +# yes - if report date already exist then will be overwrited. +# no - if report date already exist then will be renamed to filename.n, filename.n+1 +# +overwrite_report {$overwrite_report} + +# TAG: records_without_userid ignore|ip|everybody +# What can I do with records without user id (no authentication) in access.log file ? +# +# ignore - This record will be ignored. +# ip - Use ip address instead. (default) +# everybody - Use "everybody" instead. +# +#records_without_userid ip + +# TAG: use_comma no|yes +# Use comma instead point in reports. +# Eg.: use_comma yes => 23,450,110 +# use_comma no => 23.450.110 +# +use_comma {$use_comma} + +# TAG: mail_utility +# Mail command to use to send reports via SMTP. Sarg calls it like this: +# mail_utility -s "SARG report, date" "output_email" <"mail_content" +# +# Therefore, it is possible to add more arguments to the command by specifying them +# here. +# +# If you need too, you can use a shell script to process the content of /dev/stdin +# (/dev/stdin is the mail_content passed by sarg to the script) and call whatever +# command you like. It is not limited to mailing the report via SMTP. +# +# Don't forget to quote the command if necessary (i.e. if the path contains +# characters that must be quoted). +# +#mail_utility mailx + +# TAG: topsites_num n +# How many sites in topsites report. +# +#topsites_num 100 + +# TAG: topsites_sort_order CONNECT|BYTES|TIME A|D +# Sort for topsites report, where A=Ascendent, D=Descendent +# +#topsites_sort_order CONNECT D + +# TAG: index_sort_order A/D +# Sort for index.html, where A=Ascendent, D=Descendent +# +#index_sort_order D + +# TAG: exclude_codes file +# Ignore records with these codes. Eg.: NONE/400 +# Write one code per line. Lines starting with a # are ignored. +# Only codes matching exactly one of the line is rejected. The +# comparison is not case sensitive. +# +exclude_codes /usr/local/etc/sarg/exclude_codes + +# TAG: replace_index string +# Replace "index.html" in the main index file with this string +# If null "index.html" is used +# +#replace_index <?php echo str_replace(".", "_", $REMOTE_ADDR); echo ".html"; ?> + +# TAG: max_elapsed milliseconds +# If elapsed time is recorded in log is greater than max_elapsed use 0 for elapsed time. +# Use 0 for no checking +# +#max_elapsed 28800000 +# 8 Hours +max_elapsed {$max_elapsed} + +# TAG: report_type type +# What kind of reports to generate. +# topusers - users, sites, times, bytes, connects, links to accessed sites, etc +# topsites - site, connect and bytes report +# sites_users - users and sites report +# users_sites - accessed sites by the user report +# date_time - bytes used per day and hour report +# denied - denied sites with full URL report +# auth_failures - autentication failures report +# site_user_time_date - sites, dates, times and bytes report +# downloads - downloads per user report +# +# Eg.: report_type topsites denied +# +#report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads +report_type {$report_type} + +# TAG: usertab filename +# You can change the "userid" or the "ip address" to be a real user name on the reports. +# If resolve_ip is active, the ip address is resolved before being looked up into this +# file. That is, if you want to map the ip address, be sure to set resolv_ip to no or +# the resolved name will be looked into the file instead of the ip address. Note that +# it can be used to resolve any ip address known to the dns and then map the unresolved +# ip addresses to a name found in the usertab file. +# Table syntax: +# userid name or ip address name +# Eg: +# SirIsaac Isaac Newton +# vinci Leonardo da Vinci +# 192.168.10.1 Karol Wojtyla +# +# Each line must be terminated with '\ n' +# If usertab have value "ldap" (case ignoring), user names +# will be taken from LDAP server. This method as approaches for reception +# of usernames from Active Didectory +# +#usertab none +usertab {$usertab} + +# TAG: LDAPHost hostname +# FQDN or IP address of host with LDAP service or AD DC +# default is '127.0.0.1' +#LDAPHost 127.0.0.1 +{$LDAPHost} + +# TAG: LDAPPort port +# LDAP service port number +# default is '389' +#LDAPPort 389 +{$LDAPPort} + +# TAG: LDAPBindDN CN=username,OU=group,DC=mydomain,DC=com +# DN of LDAP user, who is authorized to read user's names from LDAP base +# default is empty line +#LDAPBindDN cn=proxy,dc=mydomain,dc=local +{$LDAPBindDN} + +# TAG: LDAPBindPW secret +# Password of DN, who is authorized to read user's names from LDAP base +# default is empty line +#LDAPBindPW secret +{$LDAPBindPW} + +# TAG: LDAPBaseSearch OU=users,DC=mydomain,DC=com +# LDAP search base +# default is empty line +#LDAPBaseSearch ou=users,dc=mydomain,dc=local +{$LDAPBaseSearch} + +# TAG: LDAPFilterSearch (uid=%s) +# User search filter by user's logins in LDAP +# First founded record will be used +# %s - will be changed to userlogins from access.log file +# filter string can have up to 5 '%s' tags +# default value is '(uid=%s)' +#LDAPFilterSearch (uid=%s) +{$LDAPFilterSearch} + +# TAG: LDAPTargetAttr attributename +# Name of the attribute containing a name of the user +# default value is 'cn' +#LDAPTargetAttr cn +{$LDAPTargetAttr} + +# TAG: long_url yes|no +# If yes, the full url is showed in report. +# If no, only the site will be showed +# +# YES option generate very big sort files and reports. +# +long_url {$long_url} + +# TAG: date_time_by bytes|elap +# Date/Time reports show the downloaded volume or the elapsed time or both. +# +#date_time_by bytes +date_time_by {$date_time_by} + +# TAG: charset name +# ISO 8859 is a full series of 10 standardized multilingual single-byte coded (8bit) +# graphic character sets for writing in alphabetic languages +# You can use the following charsets: +# Latin1 - West European +# Latin2 - East European +# Latin3 - South European +# Latin4 - North European +# Cyrillic +# Arabic +# Greek +# Hebrew +# Latin5 - Turkish +# Latin6 +# Windows-1251 +# Japan +# Koi8-r +# UTF-8 +# +#charset Latin1 +charset {$report_charset} + +# TAG: user_invalid_char "&/" +# Records that contain invalid characters in userid will be ignored by Sarg. +# +#user_invalid_char "&/" + +# TAG: privacy yes|no +# privacy_string "***.***.***.***" +# privacy_string_color blue +# In some countries the sysadm cannot see the visited sites by a restrictive law. +# Using privacy yes the visited url will be changes by privacy_string and the link +# will be removed from reports. +# +privacy {$privacy} +#privacy_string "***.***.***.***" +#privacy_string_color blue + +# TAG: include_users "user1:user2:...:usern" +# Reports will be generated only for listed users. +# +#include_users none +{$include_users} + +# TAG: exclude_string "string1:string2:...:stringn" +# Records from access.log file that contain one of listed strings will be ignored. +# +#exclude_string none +{$exclude_string} +# TAG: show_successful_message yes|no +# Shows "Successful report generated on dir" at end of process. +# +#show_successful_message yes + +# TAG: show_read_statistics yes|no +# Shows some reading statistics. +# +#show_read_statistics yes + +# TAG: topuser_fields +# Which fields must be in Topuser report. +# +#topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE + +# TAG: user_report_fields +# Which fields must be in User report. +# +#user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE + +# TAG: bytes_in_sites_users_report yes|no +# Bytes field must be in Site & Users Report ? +# +#bytes_in_sites_users_report no +bytes_in_sites_users_report {$bytes_in_sites_users_report} + +# TAG: topuser_num n +# How many users in topsites report. 0 = no limit +# +#topuser_num 0 +topuser_num {$topuser_num} + +# TAG: datafile file +# Save the report results in a file to populate some database +# +#datafile none + +# TAG: datafile_delimiter " " +# ascii character to use as a field separator in datafile +# +#datafile_delimiter "" +{$datafile_delimiter} +# TAG: datafile_fields all +# Which data fields must be in datafile +# user;date;time;url;connect;bytes;in_cache;out_cache;elapsed +# +#datafile_fields user;date;time;url;connect;bytes;in_cache;out_cache;elapsed +{$datafile_fields} + +# TAG: datafile_url ip|name +# Saves the URL as ip or name in datafile +# +#datafile_url ip + +# TAG: weekdays +# The weekdays to take into account ( Sunday->0, Saturday->6 ) +# Example: +#weekdays 1-3,5 +# Default: +#weekdays 0-6 + +# TAG: hours +# The hours to take into account +# Example: +#hours 7-12,14,16,18-20 +# Default: +#hours 0-23 + +# TAG: dansguardian_conf file +# DansGuardian.conf file path +# Generate reports from DansGuardian logs. +# Use 'none' to disable it. +# dansguardian_conf /usr/dansguardian/dansguardian.conf +# +dansguardian_conf {$dansguardian_conf} + +# TAG: dansguardian_filter_out_date on|off +# This option replaces dansguardian_ignore_date whose name was not appropriate with respect to its action. +# Note the change of parameter value compared with the old option. +# 'off' use the record even if its date is outside of the range found in the input log file. +# 'on' use the record only if its date is in the range found in the input log file. +# +{$dansguardian_filter_out_date} + +# TAG: squidguard_conf file +# path to squidGuard.conf file +# Generate reports from SquidGuard logs. +# Use 'none' to disable. +# You can use sarg -L filename to use an alternate squidGuard log. +# squidguard_conf /usr/local/squidGuard/squidGuard.conf +# +{$squidguard_conf} + +# TAG: redirector_log file +# the location of the web proxy redirector log such as one created by squidGuard or Rejik. The option +# may be repeated up to 64 times to read multiple files. +# If this option is specified, it takes precedence over squidguard_conf. +# The command line option -L override this option. +# +#redirector_log /usr/local/squidGuard/var/logs/urls.log + +# TAG: redirector_filter_out_date on|off +# This option replaces squidguard_ignore_date and redirector_ignore_date whose names were not +# appropriate with respect to their action. +# Note the change of parameter value compared with the old options. +# 'off' use the record even if its date is outside of the range found in the input log file. +# 'on' use the record only if its date is in the range found in the input log file. +# +#redirector_filter_out_date on + +# TAG: redirector_log_format +# Format string for web proxy redirector logs. +# This option was named squidguard_log_format before sarg 2.3. +# REJIK #year#-#mon#-#day# #hour# #list#:#tmp# #ip# #user# #tmp#/#tmp#/#url#/#end# +# SQUIDGUARD #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end# +#redirector_log_format #year#-#mon#-#day# #hour# #tmp#/#list#/#tmp#/#tmp#/#url#/#tmp# #ip#/#tmp# #user# #end# +{$redirector_log_format} +# TAG: show_sarg_info yes|no +# shows sarg information and site path on each report bottom +# +show_sarg_info no + +# TAG: show_sarg_logo yes|no +# shows sarg logo +# +show_sarg_logo no + +# TAG: parsed_output_log directory +# Saves the processed log in a sarg format after parsing the squid log file. +# This is a way to dump all of the data structures out, after parsing from +# the logs (presumably this data will be much smaller than the log files themselves), +# and pull them back in for later processing and merging with data from previous logs. +# +#parsed_output_log none + +# TAG: parsed_output_log_compress /bin/gzip|/usr/bin/bzip2|nocompress +# Command to run to compress sarg parsed output log. It may contain +# options (such as -f to overwrite existing target file). The name of +# the file to compresse is provided at the end of this +# command line. Don't forget to quote things appropriately. +# +#parsed_output_log_compress /bin/gzip + +# TAG: displayed_values bytes|abbreviation +# how the values will be displayed in reports. +# eg. bytes - 209.526 +# abbreviation - 210K +# +#displayed_values bytes +displayed_values {$displayed_values} + +# Report limits +# TAG: authfail_report_limit n +# TAG: denied_report_limit n +# TAG: siteusers_report_limit n +# TAG: squidguard_report_limit n +# TAG: user_report_limit n +# TAG: dansguardian_report_limit n +# TAG: download_report_limit n +# report limits (lines). +# '0' no limit +# +#authfail_report_limit 10 +authfail_report_limit {$authfail_report_limit} +#denied_report_limit 10 +denied_report_limit {$denied_report_limit} +#siteusers_report_limit 0 +#squidguard_report_limit 10 +#dansguardian_report_limit 10 +#user_report_limit 10 +#user_report_limit 50 +{$user_report_limit} + +# TAG: www_document_root dir +# Where is your Web DocumentRoot +# Sarg will create sarg-php directory with some PHP modules: +# - sarg-squidguard-block.php - add urls from user reports to squidGuard DB +# +#www_document_root /var/www/html +www_document_root /usr/local/www + +# TAG: block_it module_url +# This tag allow you to pass urls from user reports to a cgi or php module, +# to be blocked by some Squid acl +# +# Eg.: block_it /sarg-php/sarg-block-it.php +# sarg-block-it is a php that will append a url to a flat file. +# You must change /var/www/html/sarg-php/sarg-block-it to point to your file +# in $filename variable, and chown to a httpd owner. +# +# sarg will pass http://module_url?url=url +# +#block_it none + +# TAG: external_css_file path +# Provide the path to an external css file to link into the HTML reports instead of +# the inline css written by sarg when this option is not set. +# +# In versions prior to 2.3, this used to be an absolute file name to +# a file to include verbatim in each HTML page but, as it takes a lot of +# space, version 2.3 switched to a link to an external css file. +# Therefore, this option must contain the HTTP server path on which a client +# browser may find the css file. +# +# Sarg use theses style classes: +# .logo logo class +# .info sarg information class, align=center +# .title_c title class, align=center +# .header_c header class, align:center +# .header_l header class, align:left +# .header_r header class, align:right +# .text text class, align:right +# .data table text class, align:right +# .data2 table text class, align:left +# .data3 table text class, align:center +# .link link class +# +# Sarg can be instructed to output the internal css it inline +# into the reports with this command: +# +# sarg --css +# +# You can redirect the output to a file of your choice and edit +# it to your liking. +# +#external_css_file none +# TAG: user_authentication yes|no +# Allow user authentication in User Reports using .htaccess +# Parameters: +# AuthUserTemplateFile - The template to use to create the +# .htaccess file. In the template, %u is replaced by the +# user's ID for which the report is generated. The path of the +# template is relative to the directory containing sarg +# configuration file. +# +# user_authentication no +# AuthUserTemplateFile sarg_htaccess + +# TAG: download_suffix "suffix,suffix,...,suffix" +# file suffix to be considered as "download" in Download report. +# Use 'none' to disable. +# +#download_suffix "zip,arj,bzip,gz,ace,doc,iso,adt,bin,cab,com,dot,drv$,lha,lzh,mdb,mso,ppt,rtf,src,shs,sys,exe,dll,mp3,avi,mpg,mpeg" + +# TAG: ulimit n +# The maximum number of open file descriptors to avoid "Too many open files" error message. +# You need to run sarg as root to use ulimit tag. +# If you run sarg with a low privilege user, set to 'none' to disable ulimit +# +#ulimit 20000 + +# TAG: ntlm_user_format username|domainname+username +# NTLM users format. +# +#ntlm_user_format domainname+username +ntlm_user_format {$ntlm_user_format} + +# TAG: realtime_refresh_time num sec +# How many time to auto refresh the realtime report +# 0 = disable +# +realtime_refresh_time 0 + +# TAG: realtime_access_log_lines num +# How many last lines to get from access.log file +# +# realtime_access_log_lines 1000 + +# TAG: realtime_types: GET,PUT,CONNECT,ICP_QUERY,POST +# Which records must be in realtime report. +# +realtime_types GET,PUT,CONNECT + +# TAG: realtime_unauthenticated_records: ignore|show +# What to do with unauthenticated records in realtime report. +# +# +realtime_unauthenticated_records show + +# TAG: byte_cost value no_cost_limit +# Cost per byte. +# Eg. byte_cost 0.01 100000000 +# per byte cost = 0.01 +# bytes with no cost = 100 Mb +# 0 = disable +# +# byte_cost 0.01 50000000 + +# TAG: squid24 on|off +# Compatilibity with squid version <= 2.4 when using emulate_http_log on +# +# squid24 off + +# TAG: sorttable path +# The path to a javascript script to dynamically sort the tables. +# The path is the link a browser must follow to find the script. For instance, +# it may be http://www.myproxy.org/sorttable.js or just /sorttable.js if the script +# is at the root of your web site. +# +# If the path starts with "../" then it is assumed to be a relative +# path and sarg adds as many "../" as necessary to locate the js script from +# the output directory. Therefore, ../../sorttable.js links to the javascript +# one level above output_dir. +# +# If this entry is set, each sortable table will have the "sortable" class set. +# You may have a look at http://www.kryogenix.org/code/browser/sorttable/ +# for the implementation on which sarg is based. +# +sorttable /sarg_sorttable.js + +# TAG: hostalias +# The name of a text file containing the host names one per line and the +# optional alias to use in the report instead of that host name. +# Host names may contain up to one wildcard denoted by a *. The wildcard +# must not end the host name. +# The host name may be followed by an optional alias but if no alias is +# provided, the host name, including the wildcard, replaces any matching +# host name found in the log. +# Host names replaced by identical aliases are grouped together in the +# reports. +# IP addresses are supported and accept the CIDR notation both for IPv4 and +# IPv6 addresses. +# +# Example: +# *.gstatic.com +# mt*.google.com +# *.myphone.microsoft.com +# *.myphone.microsoft.com:443 *.myphone.microsoft.com:secure +# *.freeav.net antivirus:freeav +# *.mail.live.com +# 65.52.00.00/14 *.mail.live.com +hostalias /usr/local/etc/sarg/hostalias +EOF; +?> diff --git a/config/sarg/sarg.xml b/config/sarg/sarg.xml new file mode 100644 index 00000000..f1ce5d93 --- /dev/null +++ b/config/sarg/sarg.xml @@ -0,0 +1,362 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + sarg.xml + part of the sarg for pfSense + Copyright (C) 2012 Marcello Coutinho + + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>sarg</name> + <version>1.0</version> + <title>Status: Sarg Settings</title> + <include_file>/usr/local/pkg/sarg.inc</include_file> + <menu> + <name>Sarg Reports</name> + <tooltiptext>Configure sarg</tooltiptext> + <section>Status</section> + <url>/pkg_edit.php?xml=sarg.xml</url> + </menu> + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/sarg/sarg.inc</item> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/sarg/sarg_schedule.xml</item> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/sarg/sarg_sync.xml</item> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/sarg/sarg_users.xml</item> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/sarg/sarg_realtime.php</item> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/sarg/sarg_about.php</item> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/sarg/sarg.php</item> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/sarg/sarg_queue.php</item> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/sarg/sarg_reports.php</item> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/sarg/sarg_frame.php</item> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/sarg/sarg_sorttable.js</item> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/sarg/sarg.template</item> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <tabs> + <tab> + <text>General</text> + <url>/pkg_edit.php?xml=sarg.xml&id=0</url> + <active/> + </tab> + <tab> + <text>Users</text> + <url>/pkg_edit.php?xml=sarg_users.xml&id=0</url> + </tab> + <tab> + <text>Schedule</text> + <url>/pkg.php?xml=sarg_schedule.xml&id=0</url> + </tab> + <tab> + <text>View Report</text> + <url>/sarg_reports.php</url> + </tab> + <tab> + <text>Realtime</text> + <url>/sarg_realtime.php</url> + </tab> + <tab> + <text>XMLRPC Sync</text> + <url>/pkg_edit.php?xml=sarg_sync.xml&id=0</url> + </tab> + <tab> + <text>Help</text> + <url>/sarg_about.php</url> + </tab> +</tabs> + <fields> + <field> + <name>Report Settings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Proxy server</fielddescr> + <fieldname>proxy_server</fieldname> + <description><![CDATA[Select proxy server to read logs from]]></description> + <type>select</type> + <options> + <option><name>Dansguardian</name><value>dansguardian</value></option> + <option><name>Squidguard</name><value>squidguard</value></option> + <option><name>Squid</name><value>squid</value></option> + </options> + </field> + <field> + <fielddescr>Report Options</fielddescr> + <fieldname>report_options</fieldname> + <description><![CDATA[Sarg report options. Default values are in ( )<br> + If you select any option, it will be enabled on conf file.<br> + Use CTRL + click on this field]]></description> + <type>select</type> + <options> + <option><name>Use graphics where is possible. (yes)</name><value>use_graphs</value></option> + <option><name>Use anonymous file and directory names in the report. (no)</name><value>anonymous_output_files </value></option> + <option><name>Convert ip address to dns name (no)</name><value>resolve_ip</value></option> + <option><name>Use Ip Address instead userid in reports. (no)</name><value>user_ip</value></option> + <option><name>Sort Fields in Reverse order (no)</name><value>user_sort_field_order</value></option> + <option><name>Remove temporary files from root report directory (yes)</name><value>remove_temp_files</value></option> + <option><name>Generate the main index.html (yes)</name><value>main_index</value></option> + <option><name>Generate the index tree by file (yes)</name><value>index_tree</value></option> + <option><name>Overwrite report (no)</name><value>overwrite_report</value></option> + <option><name>Use comma instead point in reports (yes)</name><value>use_comma</value></option> + <option><name>Show full url in report (no)</name><value>long_url</value></option> + <option><name>Privacy (no)</name><value>privacy</value></option> + <option><name>Show Bytes in sites users reports(no)</name><value>bytes_in_sites_users_report</value></option> + <option><name>Show values in reports using abbreviation (no)</name><value>displayed_values</value></option> + <option><name>Show the downloaded volume on Date/Time reports (yes)</name><value>date_time_by_bytes</value></option> + <option><name>Show the downloaded elapsed time on Date/Time reports (no)</name><value>date_time_by_elap</value></option> + </options> + <multiple/> + <size>17</size> + </field> + <field> + <fielddescr>Report to generate</fielddescr> + <fieldname>report_type</fieldname> + <description><![CDATA[Sarg report type. All are enabled by default<br> + Use CTRL + click on this field]]></description> + <type>select</type> + <options> + <option><name>topusers - users, sites, times, bytes, connects, links to accessed sites, etc</name><value>topusers</value></option> + <option><name>topsites - site, connect and bytes report</name><value>topsites</value></option> + <option><name>sites_users - users and sites report</name><value>sites_users</value></option> + <option><name>users_sites - accessed sites by the user report</name><value>users_sites</value></option> + <option><name>date_time - bytes used per day and hour report</name><value>date_time</value></option> + <option><name>denied - denied sites with full URL report</name><value>denied</value></option> + <option><name>auth_failures - autentication failures report</name><value>auth_failures</value></option> + <option><name>site_user_time_date - sites, dates, times and bytes report</name><value>site_user_time_date</value></option> + <option><name>downloads - downloads per user report</name><value>downloads</value></option> + </options> + <multiple/> + <size>10</size> + </field> + <field> + <fielddescr>Date Format</fielddescr> + <fieldname>report_date_format</fieldname> + <description><![CDATA[Date format to use in reports.]]></description> + <type>select</type> + <options> + <option><name>American mm/dd/yy (default)</name><value>u</value></option> + <option><name>European dd/mm/yy</name><value>e</value></option> + <option><name>Weekly yy.ww</name><value>w</value></option> + </options> + </field> + <field> + <fielddescr>Report charset</fielddescr> + <fieldname>report_charset</fieldname> + <description><![CDATA[ISO 8859 is a full series of 10 standardized multilingual single-byte coded (8bit) graphic character sets for writing in alphabetic languages]]></description> + <type>select</type> + <options> + <option><name>UTF-8 (Default)</name><value>UTF-8</value></option> + <option><name>Latin1 - West European</name><value>Latin1</value></option> + <option><name>Latin2 - East European</name><value>Latin2</value></option> + <option><name>Latin3 - South European</name><value>Latin3</value></option> + <option><name>Latin4 - North European</name><value>Latin4</value></option> + <option><name>Latin5 - Turkish</name><value>Latin5</value></option> + <option><name>Latin6</name><value>Latin6</value></option> + <option><name>Cyrillic</name><value>Cyrillic</value></option> + <option><name>Arabic</name><value>Arabic</value></option> + <option><name>Greek</name><value>Greek</value></option> + <option><name>Hebrew</name><value>Hebrew</value></option> + <option><name>Windows-1251</name><value>Windows-1251</value></option> + <option><name>Japan</name><value>Japan</value></option> + <option><name>Koi8-r</name><value>Koi8-r</value></option> + </options> + </field> + <field> + <fielddescr>Host Aliases</fielddescr> + <fieldname>hostalias</fieldname> + <description><![CDATA[The name of a text file containing the host names one per line and the optional alias to use in the report instead of that host name.<br> + Host names may contain up to one wildcard denoted by a *. The wildcard must not end the host name.<br> + The host name may be followed by an optional alias but if no alias is provided, the host name, including the wildcard, replaces any matching host name found in the log.<br> + Host names replaced by identical aliases are grouped together in the reports.<br> + IP addresses are supported and accept the CIDR notation both for IPv4 and IPv6 addresses.<br> + Sample:<br> + *.gstatic.com<br> + mt*.google.com<br> + *.myphone.microsoft.com<br> + *.myphone.microsoft.com:443 *.myphone.microsoft.com:secure<br> + *.freeav.net antivirus:freeav<br> + *.mail.live.com<br> + 65.52.00.00/14 *.mail.live.com]]></description> + <type>textarea</type> + <cols>70</cols> + <rows>10</rows> + <encoding>base64</encoding> + </field> + <field> + <name>Limit Settings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Max Elapsed</fielddescr> + <fieldname>max_elapsed</fieldname> + <description><![CDATA[If elapsed time is recorded in log is greater than max_elapsed use 0 for elapsed time.<br> + Samples: 0 means no checking<br> + 28800000 means 08 hours ]]></description> + <type>input</type> + <size>10</size> + </field> + <field> + <fielddescr>Reports limits</fielddescr> + <fieldname>lastlog</fieldname> + <description><![CDATA[How many reports files must be keept in reports directory.<br> + The oldest report file will be automatically removed.0 means no limit.]]></description> + <type>input</type> + <size>10</size> + </field> + <field> + <fielddescr>Top Users Limit</fielddescr> + <fieldname>topuser_num</fieldname> + <description><![CDATA[How many users in topsites report. 0 = no limit]]></description> + <type>input</type> + <size>10</size> + </field> + <field> + <fielddescr>Denied Limit</fielddescr> + <fieldname>denied_report_limit</fieldname> + <description><![CDATA[0 means no limit.]]></description> + <type>input</type> + <size>10</size> + </field> + <field> + <fielddescr>AuthFail Limit</fielddescr> + <fieldname>authfail_report_limit</fieldname> + <description><![CDATA[0 means no limit.]]></description> + <type>input</type> + <size>10</size> + </field> + <field> + <fielddescr>User_report_limit</fielddescr> + <fieldname>user_report_limit</fieldname> + <description><![CDATA[0 means no limit.]]></description> + <type>input</type> + <size>10</size> + </field> + <field> + <name>Exclude Settings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Exclude string</fielddescr> + <fieldname>exclude_string</fieldname> + <description><![CDATA[Records from access.log file that contain one of listed strings will be ignored.<br> + <strong>Format: string1:string2:...:stringn</strong>]]></description> + <type>input</type> + <size>70</size> + </field> + <field> + <fielddescr>Exclude hosts</fielddescr> + <fieldname>exclude_hostlist</fieldname> + <description><![CDATA[Hosts, domains or subnets will be excluded from reports.<br> + Eg.: 192.168.10.10 - exclude ip address only<br> + 192.168.10.0/24 - exclude full C class<br> + s1.acme.foo - exclude hostname only<br> + *.acme.foo - exclude full domain name]]></description> + <type>textarea</type> + <cols>70</cols> + <rows>10</rows> + <encoding>base64</encoding> + </field> + <field> + <fielddescr>Exclude codes</fielddescr> + <fieldname>exclude_codelist</fieldname> + <description><![CDATA[Ignore records with these codes. Eg.: NONE/400<br> + Write one code per line. Lines starting with a # are ignored.<br> + Only codes matching exactly one of the line is rejected. The comparison is not case sensitive.]]></description> + <type>textarea</type> + <cols>70</cols> + <rows>10</rows> + <encoding>base64</encoding> + </field> + </fields> + <custom_php_install_command> + sarg_php_install_command(); + </custom_php_install_command> + <custom_php_deinstall_command> + sarg_php_deinstall_command(); + </custom_php_deinstall_command> + <custom_php_validation_command> + sarg_validate_input($_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> + sync_package_sarg(); + </custom_php_resync_config_command> +</packagegui> diff --git a/config/sarg/sarg_about.php b/config/sarg/sarg_about.php new file mode 100755 index 00000000..1321adf6 --- /dev/null +++ b/config/sarg/sarg_about.php @@ -0,0 +1,103 @@ +<?php +/* + sarg_about.php + part of pfSense (http://www.pfsense.com/) + Copyright (C) 2012 Marcello Coutinho <marcellocoutinho@gmail.com> + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); + +$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); +if(strstr($pfSversion, "1.2")) + $one_two = true; + +$pgtitle = "About: Sarg Package"; +include("head.inc"); + +?> +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> + +<?php if($one_two): ?> +<p class="pgtitle"><?=$pgtitle?></font></p> +<?php endif; ?> +<?php if ($input_errors) print_input_errors($input_errors); ?> +<?php if ($savemsg) print_info_box($savemsg); ?> + + +<div id="mainlevel"> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr><td> + <?php + $tab_array = array(); + $tab_array[] = array(gettext("General"), false, "/pkg_edit.php?xml=sarg.xml&id=0"); + $tab_array[] = array(gettext("Users"), false, "/pkg_edit.php?xml=sarg_users.xml&id=0"); + $tab_array[] = array(gettext("Schedule"), false, "/pkg.php?xml=sarg_schedule.xml"); + $tab_array[] = array(gettext("View Report"), false, "/sarg_reports.php"); + $tab_array[] = array(gettext("Realtime"), false, "/sarg_realtime.php"); + $tab_array[] = array(gettext("XMLRPC Sync"), false, "/pkg_edit.php?xml=sarg_sync.xml&id=0"); + $tab_array[] = array(gettext("Help"), true, "/sarg_about.php"); + display_top_tabs($tab_array); +?> + </td></tr> + <tr> + + <td> + <div id="mainarea"> + <table class="tabcont" width="100%" border="0" cellpadding="8" cellspacing="0"> + <tr><td></td></tr> + <tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Help docs"); ?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Sarg Site");?></td> + <td width="78%" class="vtable"><?=gettext("<a target=_new href='http://sarg.sourceforge.net/welcome.php'>Squid Analysis Report Generator</a><br><br>");?> + </tr> + <tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("About sarg package"); ?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Credits ");?></td> + <td width="78%" class="vtable"><?=gettext("Package Created by <a target=_new href='http://forum.pfsense.org/index.php?action=profile;u=4710'>Marcello Coutinho</a><br><br>");?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Donatios ");?></td> + <td width="78%" class="vtable"><?=gettext("If you like this package, please <a target=_new href='http://www.pfsense.org/index.php?option=com_content&task=view&id=47&Itemid=77'>donate to pfSense project</a>.<br><br> + If you want that your donation goes to this package developer, make a note on donation forwarding it to me.<br><br>");?></td> + </tr> + </table> + + </div> + </td> + </tr> + + + </table> + <br> + <div id="search_results"></div> +</div> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/config/sarg/sarg_frame.php b/config/sarg/sarg_frame.php new file mode 100755 index 00000000..73e3a469 --- /dev/null +++ b/config/sarg/sarg_frame.php @@ -0,0 +1,58 @@ +<?php +/* + sarg_frame.php + part of pfSense (http://www.pfsense.com/) + Copyright (C) 2012 Marcello Coutinho <marcellocoutinho@gmail.com> + based on varnish_view_config. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +if(preg_match("/(\S+)\W(\w+.html)/",$_REQUEST['file'],$matches)){ + #https://192.168.1.1/sarg_reports.php?file=2012Mar30-2012Mar30/index.html + $url=$matches[2]; + $prefix=$matches[1]; + } +else{ + $url="index.html"; + $prefix=""; + } +$url=($_REQUEST['file'] == ""?"index.html":$_REQUEST['file']); +if (file_exists("/usr/local/www/sarg-reports/".$url)) + { + $report=file_get_contents("/usr/local/www/sarg-reports/".$url); + $pattern[0]="/href=\W(\S+html)\W/"; + $replace[0]="href=/sarg_frame.php?prevent=".rand(100000000000,999999999999)."&file=$prefix/$1"; + $pattern[1]='/img src="(\w+\.\w+)/'; + $replace[1]='img src="/sarg-reports'.$prefix.'/$1'; + $pattern[2]='@img src="([.a-z/]+)/(\w+\.\w+)@'; + $replace[2]='img src="/sarg-reports'.$prefix.'/$1/$2'; + $pattern[3]='/<head>/'; + $replace[3]='<head><META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE"><META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">'; + print preg_replace($pattern,$replace,$report); + } +else{ + print "<pre>Error: Could not find report index file.<br>Check sarg settings and try to force sarg schedule."; + } + +?>
\ No newline at end of file diff --git a/config/sarg/sarg_queue.php b/config/sarg/sarg_queue.php new file mode 100755 index 00000000..8b8329a5 --- /dev/null +++ b/config/sarg/sarg_queue.php @@ -0,0 +1,241 @@ +<?php +/* + sarg_queue.php + part of pfSense (http://www.pfsense.com/) + Copyright (C) 2012 Marcello Coutinho <marcellocoutinho@gmail.com> + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); +function get_cmd(){ + global $config,$g; + if ($_REQUEST['cmd'] =='sarg'){ + + #Check report xml info + if (!is_array($config['installedpackages']['sargrealtime'])){ + $config['installedpackages']['sargrealtime']['config'][0]['realtime_types']= ""; + $config['installedpackages']['sargrealtime']['config'][0]['realtime_users']= ""; + } + #Check report http actions to show + if ($config['installedpackages']['sargrealtime']['config'][0]['realtime_types'] != $_REQUEST['qshape']){ + $config['installedpackages']['sargrealtime']['config'][0]['realtime_types']= $_REQUEST['qshape']; + $update_config++; + } + + #Check report users show + if ($config['installedpackages']['sargrealtime']['config'][0]['realtime_users'] != $_REQUEST['qtype']){ + $config['installedpackages']['sargrealtime']['config'][0]['realtime_users']= $_REQUEST['qtype']; + $update_config++; + } + + if($update_config > 0){ + write_config; + #write changes to sarg_file + $sarg_config=file_get_contents('/usr/local/etc/sarg/sarg.conf'); + $pattern[0]='/realtime_types\s+[A-Z,,]+/'; + $pattern[1]='/realtime_unauthenticated_records\s+\w+/'; + $replace[0]="realtime_types ".$_REQUEST['qshape']; + $replace[1]="realtime_unauthenticated_records ".$_REQUEST['qtype']; + file_put_contents('/usr/local/etc/sarg/sarg.conf', preg_replace($pattern,$replace,$sarg_config),LOCK_EX); + } + exec("/usr/local/bin/sarg -r", $sarg); + $patern[0]="/<?(html|head|style)>/"; + $replace[0]=""; + $patern[1]="/header_\w/"; + $replace[1]="listtopic"; + $patern[2]="/class=.data./"; + $replace[2]='class="listlr"'; + $patern[3]="/cellpadding=.\d./"; + $replace[3]='cellpadding="0"'; + $patern[4]="/cellspacing=.\d./"; + $replace[4]='cellspacing="0"'; + $patern[5]="/sarg/"; + $replace[5]='cellspacing="0"'; + + foreach ($sarg as $line){ + if (preg_match("/<.head>/",$line)) + $print ="ok"; + if ($print =="ok" && !preg_match("/(sarg realtime|Auto Refresh)/i",$line)) + print preg_replace($patern,$replace,$line); + } + } +} + +if ($_REQUEST['cmd']!=""){ + get_cmd(); + } +else{ + $pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); + if(strstr($pfSversion, "1.2")) + $one_two = true; + + $pgtitle = "Status: Postfix Mail Queue"; + include("head.inc"); + + ?> + <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> + <?php include("fbegin.inc"); ?> + + <?php if($one_two): ?> + <p class="pgtitle"><?=$pgtitle?></font></p> + <?php endif; ?> + + <?php if ($savemsg) print_info_box($savemsg); ?> + + <form action="sarg_realtimex.php" method="post"> + + <div id="mainlevel"> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr><td> + <?php + $tab_array = array(); + $tab_array[] = array(gettext("Settings"), false, "/pkg_edit.php?xml=sarg.xml&id=0"); + $tab_array[] = array(gettext("View Report"), false, "/sarg-reports/"); + $tab_array[] = array(gettext("Realtime"), true, "/sarg_real_time.php"); + $tab_array[] = array(gettext("XMLRPC Sync"), false, "/pkg_edit.php?xml=sarg_sync.xml&id=0"); + $tab_array[] = array(gettext("Help"), false, "/pkg_edit.php?xml=sarg_about.php"); + display_top_tabs($tab_array); + ?> + </td></tr> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont" width="100%" border="0" cellpadding="8" cellspacing="0"> + <tr><td></td></tr> + <tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Sarg Realtime"); ?></td></tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Log command: ");?></td> + <td width="78%" class="vtable"> + <select name="drop3" id="cmd"> + <option value="sarg" selected="selected">Sarg Realtime</option> + </select><br><?=gettext("Select queue command to run.");?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("update frequency: ");?></td> + <td width="78%" class="vtable"> + <select name="drop3" id="updatef"> + <option value="1">01 second</option> + <option value="3" selected="selected">03 seconds</option> + <option value="5">05 seconds</option> + <option value="15">15 Seconds</option> + <option value="30">30 Seconds</option> + <option value="60">One minute</option> + <option value="1">Never</option> + </select><br><?=gettext("Select how often queue cmd will run.");?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Report Types: ");?></td> + <td width="78%" class="vtable"> + <select name="drop3" id="qshape" multiple="multiple" size="5"> + <option value="GET" selected="selected">GET</option> + <option value="PUT" selected="selected">PUT</option> + <option value="CONNECT" selected="selected">CONNECT</option> + <option value="ICP_QUERY">ICP_QUERY</option> + <option value="POST">POST</option> + </select><br><?=gettext("Which records must be in realtime report.");?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("unauthenticated_records: ");?></td> + <td width="78%" class="vtable"> + <select name="drop3" id="qtype"> + <option value="show" selected>show</option> + <option value="hide">hide</option> + </select><br><?=gettext("What to do with unauthenticated records in realtime report.");?></td> + </tr> + + <tr> + <td width="22%" valign="top"></td> + <td width="78%"><input name="Submit" type="button" class="formbtn" id="run" value="<?=gettext("show log");?>" onclick="get_queue('mailq')"><div id="search_help"></div></td> + </table> + </div> + </td> + </tr> + </table> + <br> + <div> + <table class="tabcont" width="100%" border="0" cellpadding="8" cellspacing="0"> + <tr> + <td class="tabcont" > + <div id="file_div"></div> + + </td> + </tr> + </table> + </div> + </div> + </form> + <script type="text/javascript"> + function loopSelected(id) + { + var selectedArray = new Array(); + var selObj = document.getElementById(id); + var i; + var count = 0; + for (i=0; i<selObj.options.length; i++) { + if (selObj.options[i].selected) { + selectedArray[count] = selObj.options[i].value; + count++; + } + } + return(selectedArray); + } + + function get_queue(loop) { + //prevent multiple instances + if ($('run').value=="show log" || loop== 'running'){ + $('run').value="running..."; + $('search_help').innerHTML ="<br><strong>You can change options while running.<br>To Stop seach, change update frequency to Never.</strong>"; + var q_args=loopSelected('qshape'); + var pars = 'cmd='+$('cmd').options[$('cmd').selectedIndex].value; + var pars = pars + '&qshape='+q_args; + var pars = pars + '&type='+$('qtype').options[$('qtype').selectedIndex].value; + var url = "/sarg_queue.php"; + var myAjax = new Ajax.Request( + url, + { + method: 'post', + parameters: pars, + onComplete: activitycallback_queue_file + }); + } + } + function activitycallback_queue_file(transport) { + $('file_div').innerHTML = transport.responseText; + var update=$('updatef').options[$('updatef').selectedIndex].value * 1000; + if (update > 1000){ + setTimeout('get_queue("running")', update); + } + else{ + $('run').value="show log"; + $('search_help').innerHTML =""; + } + } + </script> + <?php + include("fend.inc"); + } + ?> + </body> + </html> diff --git a/config/sarg/sarg_realtime.php b/config/sarg/sarg_realtime.php new file mode 100755 index 00000000..0b8b2cc5 --- /dev/null +++ b/config/sarg/sarg_realtime.php @@ -0,0 +1,244 @@ +<?php +/* + sarg_realtime.php + part of pfSense (http://www.pfsense.com/) + Copyright (C) 2012 Marcello Coutinho <marcellocoutinho@gmail.com> + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); +function get_cmd(){ + global $config,$g; + #print $_REQUEST['type']; + if ($_REQUEST['cmd'] =='sarg'){ + $update_config=0; + #Check report xml info + if (!is_array($config['installedpackages']['sargrealtime'])){ + $config['installedpackages']['sargrealtime']['config'][0]['realtime_types']= ""; + $config['installedpackages']['sargrealtime']['config'][0]['realtime_users']= ""; + } + #Check report http actions to show + if ($config['installedpackages']['sargrealtime']['config'][0]['realtime_types'] != $_REQUEST['qshape']){ + $config['installedpackages']['sargrealtime']['config'][0]['realtime_types']= $_REQUEST['qshape']; + $update_config++; + } + + #Check report users show + if ($config['installedpackages']['sargrealtime']['config'][0]['realtime_users'] != $_REQUEST['type']){ + $config['installedpackages']['sargrealtime']['config'][0]['realtime_users']= $_REQUEST['type']; + $update_config++; + } + + if($update_config > 0){ + write_config(); + #write changes to sarg_file + $sarg_config=file_get_contents('/usr/local/etc/sarg/sarg.conf'); + $pattern[0]='/realtime_types\s+[A-Z,,]+/'; + $replace[0]="realtime_types ".$_REQUEST['qshape']; + $pattern[1]='/realtime_unauthenticated_records\s+\w+/'; + $replace[1]="realtime_unauthenticated_records ".$_REQUEST['type']; + file_put_contents('/usr/local/etc/sarg/sarg.conf', preg_replace($pattern,$replace,$sarg_config),LOCK_EX); + } + exec("/usr/local/bin/sarg -r", $sarg); + $pattern[0]="/<?(html|head|style)>/"; + $replace[0]=""; + $pattern[1]="/header_\w/"; + $replace[1]="listtopic"; + $pattern[2]="/class=.data./"; + $replace[2]='class="listlr"'; + $pattern[3]="/cellpadding=.\d./"; + $replace[3]='cellpadding="0"'; + $pattern[4]="/cellspacing=.\d./"; + $replace[4]='cellspacing="0"'; + $pattern[5]="/sarg/"; + $replace[5]='cellspacing="0"'; + + foreach ($sarg as $line){ + if (preg_match("/<.head>/",$line)) + $print ="ok"; + if ($print =="ok" && !preg_match("/(sarg realtime|Auto Refresh)/i",$line)) + print preg_replace($pattern,$replace,$line); + } + } +} + +if ($_REQUEST['cmd']!=""){ + get_cmd(); + } +else{ + $pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); + if(strstr($pfSversion, "1.2")) + $one_two = true; + + $pgtitle = "Status: Sarg Realtime"; + include("head.inc"); + + ?> + <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> + <?php include("fbegin.inc"); ?> + + <?php if($one_two): ?> + <p class="pgtitle"><?=$pgtitle?></font></p> + <?php endif; ?> + + <?php if ($savemsg) print_info_box($savemsg); ?> + + <form action="postfix_view_config.php" method="post"> + + <div id="mainlevel"> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr><td> + <?php + $tab_array = array(); + $tab_array[] = array(gettext("General"), false, "/pkg_edit.php?xml=sarg.xml&id=0"); + $tab_array[] = array(gettext("Users"), false, "/pkg_edit.php?xml=sarg_users.xml&id=0"); + $tab_array[] = array(gettext("Schedule"), false, "/pkg.php?xml=sarg_schedule.xml"); + $tab_array[] = array(gettext("View Report"), false, "/sarg_reports.php"); + $tab_array[] = array(gettext("Realtime"), true, "/sarg_realtime.php"); + $tab_array[] = array(gettext("XMLRPC Sync"), false, "/pkg_edit.php?xml=sarg_sync.xml&id=0"); + $tab_array[] = array(gettext("Help"), false, "/sarg_about.php"); + display_top_tabs($tab_array); + ?> + </td></tr> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont" width="100%" border="0" cellpadding="8" cellspacing="0"> + <tr><td></td></tr> + <tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Sarg Realtime"); ?></td></tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Log command: ");?></td> + <td width="78%" class="vtable"> + <select name="drop3" id="cmd"> + <option value="sarg" selected="selected">Sarg Realtime</option> + </select><br><?=gettext("Select report command to run.");?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("update frequency: ");?></td> + <td width="78%" class="vtable"> + <select name="drop3" id="updatef"> + <option value="1">01 second</option> + <option value="3" selected="selected">03 seconds</option> + <option value="5">05 seconds</option> + <option value="15">15 Seconds</option> + <option value="30">30 Seconds</option> + <option value="60">One minute</option> + <option value="1">Never</option> + </select><br><?=gettext("Select how often report will run.");?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Report Types: ");?></td> + <td width="78%" class="vtable"> + <select name="drop3" id="qshape" multiple="multiple" size="5"> + <option value="GET" selected="selected">GET</option> + <option value="PUT" selected="selected">PUT</option> + <option value="CONNECT" selected="selected">CONNECT</option> + <option value="ICP_QUERY">ICP_QUERY</option> + <option value="POST">POST</option> + </select><br><?=gettext("Which records must be in realtime report.");?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("unauthenticated_records: ");?></td> + <td width="78%" class="vtable"> + <select name="drop3" id="qtype"> + <option value="show" selected>show</option> + <option value="hide">hide</option> + </select><br><?=gettext("What to do with unauthenticated records in realtime report.");?></td> + </tr> + + <tr> + <td width="22%" valign="top"></td> + <td width="78%"><input name="Submit" type="button" class="formbtn" id="run" value="<?=gettext("show log");?>" onclick="get_queue('mailq')"><div id="search_help"></div></td> + </table> + </div> + </td> + </tr> + </table> + <br> + <div> + <table class="tabcont" width="100%" border="0" cellpadding="8" cellspacing="0"> + <tr> + <td class="tabcont" > + <div id="file_div"></div> + + </td> + </tr> + </table> + </div> + </div> + </form> + <script type="text/javascript"> + function loopSelected(id) + { + var selectedArray = new Array(); + var selObj = document.getElementById(id); + var i; + var count = 0; + for (i=0; i<selObj.options.length; i++) { + if (selObj.options[i].selected) { + selectedArray[count] = selObj.options[i].value; + count++; + } + } + return(selectedArray); + } + + function get_queue(loop) { + //prevent multiple instances + if ($('run').value=="show log" || loop== 'running'){ + $('run').value="running..."; + $('search_help').innerHTML ="<br><strong>You can change options while running.<br>To Stop seach, change update frequency to Never.</strong>"; + var q_args=loopSelected('qshape'); + var pars = 'cmd='+$('cmd').options[$('cmd').selectedIndex].value; + var pars = pars + '&qshape='+q_args; + var pars = pars + '&type='+$('qtype').options[$('qtype').selectedIndex].value; + var url = "/sarg_queue.php"; + var myAjax = new Ajax.Request( + url, + { + method: 'post', + parameters: pars, + onComplete: activitycallback_queue_file + }); + } + } + function activitycallback_queue_file(transport) { + $('file_div').innerHTML = transport.responseText; + var update=$('updatef').options[$('updatef').selectedIndex].value * 1000; + if (update > 999){ + setTimeout('get_queue("running")', update); + } + else{ + $('run').value="show log"; + $('search_help').innerHTML =""; + } + } + </script> + <?php + include("fend.inc"); + } + ?> + </body> + </html> diff --git a/config/sarg/sarg_reports.php b/config/sarg/sarg_reports.php new file mode 100755 index 00000000..b64e9966 --- /dev/null +++ b/config/sarg/sarg_reports.php @@ -0,0 +1,92 @@ +<?php +/* + sarg_reports.php + part of pfSense (http://www.pfsense.com/) + Copyright (C) 2012 Marcello Coutinho <marcellocoutinho@gmail.com> + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); + + $pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); + if(strstr($pfSversion, "1.2")) + $one_two = true; + + $pgtitle = "Status: Sarg Reports"; + include("head.inc"); + + ?> + <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> + <?php include("fbegin.inc"); ?> + + <?php if($one_two): ?> + <p class="pgtitle"><?=$pgtitle?></font></p> + <?php endif; ?> + + <?php if ($savemsg) print_info_box($savemsg); ?> + + <form> + + <div id="mainlevel"> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr><td> + <?php + $tab_array = array(); + $tab_array[] = array(gettext("General"), false, "/pkg_edit.php?xml=sarg.xml&id=0"); + $tab_array[] = array(gettext("Users"), false, "/pkg_edit.php?xml=sarg_users.xml&id=0"); + $tab_array[] = array(gettext("Schedule"), false, "/pkg.php?xml=sarg_schedule.xml"); + $tab_array[] = array(gettext("View Report"), true, "/sarg_reports.php"); + $tab_array[] = array(gettext("Realtime"), false, "/sarg_realtime.php"); + $tab_array[] = array(gettext("XMLRPC Sync"), false, "/pkg_edit.php?xml=sarg_sync.xml&id=0"); + $tab_array[] = array(gettext("Help"), false, "/pkg_edit.php?xml=sarg_about.php"); + display_top_tabs($tab_array); + ?> + </td></tr> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont" width="100%" border="0" cellpadding="8" cellspacing="0"> + <tr><td></td></tr> + <tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Sarg Reports"); ?></td></tr> + </table> + </div> + <br> + <script language="JavaScript"> + var axel = Math.random() + ""; + var num = axel * 1000000000000000000; + document.writeln('<IFRAME SRC="/sarg_frame.php?prevent='+ num +'?" frameborder=0 width="100%" height="600"></IFRAME>'); + </script> + <div id="file_div"></div> + + </td> + </tr> + </table> + </div> + </form> + <?php + include("fend.inc"); + ?> + </body> + </html> diff --git a/config/sarg/sarg_schedule.xml b/config/sarg/sarg_schedule.xml new file mode 100644 index 00000000..3d065a7a --- /dev/null +++ b/config/sarg/sarg_schedule.xml @@ -0,0 +1,181 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* ========================================================================== */ +/* + sarg_schedule.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 Marcello Coutinho + All rights reserved. +*/ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>sargschedule</name> + <version>0.5</version> + <title>Status: Sarg Schedules</title> + <include_file>/usr/local/pkg/sarg.inc</include_file> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/sarg/sarg.inc</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/sarg/sarg_sync.xml</item> + </additional_files_needed> + <menu> + <name>sarg</name> + <tooltiptext>sarg</tooltiptext> + <section>Diagnostics</section> + <configfile>sarg.xml</configfile> + </menu> + <tabs> + <tab> + <text>General</text> + <url>/pkg_edit.php?xml=sarg.xml&id=0</url> + </tab> + <tab> + <text>Users</text> + <url>/pkg_edit.php?xml=sarg_users.xml&id=0</url> + </tab> + <tab> + <text>Schedule</text> + <url>/pkg.php?xml=sarg_schedule.xml&id=0</url> + <active/> + </tab> + <tab> + <text>View Report</text> + <url>/sarg_reports.php</url> + </tab> + <tab> + <text>Realtime</text> + <url>/sarg_realtime.php</url> + </tab> + <tab> + <text>XMLRPC Sync</text> + <url>/pkg_edit.php?xml=sarg_sync.xml&id=0</url> + </tab> + <tab> + <text>Help</text> + <url>/sarg_about.php</url> + </tab> + </tabs> + <adddeleteeditpagefields> + <columnitem> + <fielddescr>Status</fielddescr> + <fieldname>enable</fieldname> + </columnitem> + <columnitem> + <fielddescr>Update Frequency</fielddescr> + <fieldname>frequency</fieldname> + </columnitem> + <columnitem> + <fielddescr>Aditional Args</fielddescr> + <fieldname>args</fieldname> + </columnitem> + <columnitem> + <fielddescr>Post Action</fielddescr> + <fieldname>action</fieldname> + </columnitem> + <columnitem> + <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> + </columnitem> + </adddeleteeditpagefields> + <fields> + <field> + <type>listtopic</type> + <fieldname>temp</fieldname> + <name>Schedule Options</name> + </field> + <field> + <fielddescr>Enable</fielddescr> + <fieldname>enable</fieldname> + <type>checkbox</type> + <description>Enable this schedule</description> + </field> + <field> + <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> + <description>Enter a description for this file.</description> + <type>input</type> + <size>50</size> + </field> + <field> + <fielddescr>Sarg args</fielddescr> + <fieldname>args</fieldname> + <description><![CDATA[Enter sarg extra args to run on this schedule.<br> + To force sarg to create a report only from current day, use:<br> + <strong>-d `date +%d/%m/%Y`-`date +%d/%m/%Y`</strong>]]></description> + <type>input</type> + <size>50</size> + </field> + <field> + <fielddescr>frequency</fielddescr> + <fieldname>frequency</fieldname> + <type>input</type> + <size>5</size> + <description><![CDATA[How often extract users from active directory and verify changes<br> + Valid options are minutes(m), hours(h), days(d)<br> + Sample: To update every hour, use 1h<br><br>]]><input type="submit" name="Submit" value="Force udpate now"><br></description> + <required/> + </field> + <field> + <fielddescr>Action after sarg</fielddescr> + <fieldname>action</fieldname> + <type>select</type> + <options> + <option><name>None(default)</name><value>none</value></option> + <option><name>rotate logs</name><value>rotate</value></option> + <option><name>Restart proxy daemon</name><value>restart</value></option> + <option><name>Rotate log and restart proxy daemon</name><value>both</value></option> + </options> + <description>Choose an action after sarg finishes</description> + </field> + </fields> + <custom_php_install_command> + sarg_php_install_command(); + </custom_php_install_command> + <custom_php_command_before_form> + </custom_php_command_before_form> + <custom_php_validation_command> + sarg_validate_input($_POST, &$input_errors); + </custom_php_validation_command> + <custom_delete_php_command> + sync_package_sarg(); + </custom_delete_php_command> + <custom_php_resync_config_command> + sarg_resync(); + </custom_php_resync_config_command> +</packagegui>
\ No newline at end of file diff --git a/config/sarg/sarg_sorttable.js b/config/sarg/sarg_sorttable.js new file mode 100644 index 00000000..25bccb2b --- /dev/null +++ b/config/sarg/sarg_sorttable.js @@ -0,0 +1,493 @@ +/* + SortTable + version 2 + 7th April 2007 + Stuart Langridge, http://www.kryogenix.org/code/browser/sorttable/ + + Instructions: + Download this file + Add <script src="sorttable.js"></script> to your HTML + Add class="sortable" to any table you'd like to make sortable + Click on the headers to sort + + Thanks to many, many people for contributions and suggestions. + Licenced as X11: http://www.kryogenix.org/code/browser/licence.html + This basically means: do what you want with it. +*/ + + +var stIsIE = /*@cc_on!@*/false; + +sorttable = { + init: function() { + // quit if this function has already been called + if (arguments.callee.done) return; + // flag this function so we don't do the same thing twice + arguments.callee.done = true; + // kill the timer + if (_timer) clearInterval(_timer); + + if (!document.createElement || !document.getElementsByTagName) return; + + sorttable.DATE_RE = /^(\d\d?)[\/\.-](\d\d?)[\/\.-]((\d\d)?\d\d)$/; + + forEach(document.getElementsByTagName('table'), function(table) { + if (table.className.search(/\bsortable\b/) != -1) { + sorttable.makeSortable(table); + } + }); + + }, + + makeSortable: function(table) { + if (table.getElementsByTagName('thead').length == 0) { + // table doesn't have a tHead. Since it should have, create one and + // put the first table row in it. + the = document.createElement('thead'); + the.appendChild(table.rows[0]); + table.insertBefore(the,table.firstChild); + } + // Safari doesn't support table.tHead, sigh + if (table.tHead == null) table.tHead = table.getElementsByTagName('thead')[0]; + + if (table.tHead.rows.length != 1) return; // can't cope with two header rows + + // Sorttable v1 put rows with a class of "sortbottom" at the bottom (as + // "total" rows, for example). This is B&R, since what you're supposed + // to do is put them in a tfoot. So, if there are sortbottom rows, + // for backwards compatibility, move them to tfoot (creating it if needed). + sortbottomrows = []; + for (var i=0; i<table.rows.length; i++) { + if (table.rows[i].className.search(/\bsortbottom\b/) != -1) { + sortbottomrows[sortbottomrows.length] = table.rows[i]; + } + } + if (sortbottomrows) { + if (table.tFoot == null) { + // table doesn't have a tfoot. Create one. + tfo = document.createElement('tfoot'); + table.appendChild(tfo); + } + for (var i=0; i<sortbottomrows.length; i++) { + tfo.appendChild(sortbottomrows[i]); + } + delete sortbottomrows; + } + + // work through each column and calculate its type + headrow = table.tHead.rows[0].cells; + for (var i=0; i<headrow.length; i++) { + // manually override the type with a sorttable_type attribute + if (!headrow[i].className.match(/\bsorttable_nosort\b/)) { // skip this col + mtch = headrow[i].className.match(/\bsorttable_([a-z0-9]+)\b/); + if (mtch) { override = mtch[1]; } + if (mtch && typeof sorttable["sort_"+override] == 'function') { + headrow[i].sorttable_sortfunction = sorttable["sort_"+override]; + } else { + headrow[i].sorttable_sortfunction = sorttable.guessType(table,i); + } + // make it clickable to sort + headrow[i].sorttable_columnindex = i; + headrow[i].sorttable_tbody = table.tBodies[0]; + dean_addEvent(headrow[i],"click", function(e) { + + if (this.className.search(/\bsorttable_sorted\b/) != -1) { + // if we're already sorted by this column, just + // reverse the table, which is quicker + sorttable.reverse(this.sorttable_tbody); + this.className = this.className.replace('sorttable_sorted', + 'sorttable_sorted_reverse'); + this.removeChild(document.getElementById('sorttable_sortfwdind')); + sortrevind = document.createElement('span'); + sortrevind.id = "sorttable_sortrevind"; + sortrevind.innerHTML = stIsIE ? ' <font face="webdings">5</font>' : ' ▴'; + this.appendChild(sortrevind); + return; + } + if (this.className.search(/\bsorttable_sorted_reverse\b/) != -1) { + // if we're already sorted by this column in reverse, just + // re-reverse the table, which is quicker + sorttable.reverse(this.sorttable_tbody); + this.className = this.className.replace('sorttable_sorted_reverse', + 'sorttable_sorted'); + this.removeChild(document.getElementById('sorttable_sortrevind')); + sortfwdind = document.createElement('span'); + sortfwdind.id = "sorttable_sortfwdind"; + sortfwdind.innerHTML = stIsIE ? ' <font face="webdings">6</font>' : ' ▾'; + this.appendChild(sortfwdind); + return; + } + + // remove sorttable_sorted classes + theadrow = this.parentNode; + forEach(theadrow.childNodes, function(cell) { + if (cell.nodeType == 1) { // an element + cell.className = cell.className.replace('sorttable_sorted_reverse',''); + cell.className = cell.className.replace('sorttable_sorted',''); + } + }); + sortfwdind = document.getElementById('sorttable_sortfwdind'); + if (sortfwdind) { sortfwdind.parentNode.removeChild(sortfwdind); } + sortrevind = document.getElementById('sorttable_sortrevind'); + if (sortrevind) { sortrevind.parentNode.removeChild(sortrevind); } + + this.className += ' sorttable_sorted'; + sortfwdind = document.createElement('span'); + sortfwdind.id = "sorttable_sortfwdind"; + sortfwdind.innerHTML = stIsIE ? ' <font face="webdings">6</font>' : ' ▾'; + this.appendChild(sortfwdind); + + // build an array to sort. This is a Schwartzian transform thing, + // i.e., we "decorate" each row with the actual sort key, + // sort based on the sort keys, and then put the rows back in order + // which is a lot faster because you only do getInnerText once per row + row_array = []; + col = this.sorttable_columnindex; + rows = this.sorttable_tbody.rows; + for (var j=0; j<rows.length; j++) { + row_array[row_array.length] = [sorttable.getInnerText(rows[j].cells[col]), rows[j]]; + } + /* If you want a stable sort, uncomment the following line */ + //sorttable.shaker_sort(row_array, this.sorttable_sortfunction); + /* and comment out this one */ + row_array.sort(this.sorttable_sortfunction); + + tb = this.sorttable_tbody; + for (var j=0; j<row_array.length; j++) { + tb.appendChild(row_array[j][1]); + } + + delete row_array; + }); + } + } + }, + + guessType: function(table, column) { + // guess the type of a column based on its first non-blank row + sortfn = sorttable.sort_alpha; + for (var i=0; i<table.tBodies[0].rows.length; i++) { + text = sorttable.getInnerText(table.tBodies[0].rows[i].cells[column]); + if (text != '') { + if (text.match(/^-?[£$¤]?[\d,.]+%?$/)) { + return sorttable.sort_numeric; + } + // check for a date: dd/mm/yyyy or dd/mm/yy + // can have / or . or - as separator + // can be mm/dd as well + possdate = text.match(sorttable.DATE_RE) + if (possdate) { + // looks like a date + first = parseInt(possdate[1]); + second = parseInt(possdate[2]); + if (first > 12) { + // definitely dd/mm + return sorttable.sort_ddmm; + } else if (second > 12) { + return sorttable.sort_mmdd; + } else { + // looks like a date, but we can't tell which, so assume + // that it's dd/mm (English imperialism!) and keep looking + sortfn = sorttable.sort_ddmm; + } + } + } + } + return sortfn; + }, + + getInnerText: function(node) { + // gets the text we want to use for sorting for a cell. + // strips leading and trailing whitespace. + // this is *not* a generic getInnerText function; it's special to sorttable. + // for example, you can override the cell text with a customkey attribute. + // it also gets .value for <input> fields. + + hasInputs = (typeof node.getElementsByTagName == 'function') && + node.getElementsByTagName('input').length; + + if (node.getAttribute("sorttable_customkey") != null) { + return node.getAttribute("sorttable_customkey"); + } + else if (typeof node.textContent != 'undefined' && !hasInputs) { + return node.textContent.replace(/^\s+|\s+$/g, ''); + } + else if (typeof node.innerText != 'undefined' && !hasInputs) { + return node.innerText.replace(/^\s+|\s+$/g, ''); + } + else if (typeof node.text != 'undefined' && !hasInputs) { + return node.text.replace(/^\s+|\s+$/g, ''); + } + else { + switch (node.nodeType) { + case 3: + if (node.nodeName.toLowerCase() == 'input') { + return node.value.replace(/^\s+|\s+$/g, ''); + } + case 4: + return node.nodeValue.replace(/^\s+|\s+$/g, ''); + break; + case 1: + case 11: + var innerText = ''; + for (var i = 0; i < node.childNodes.length; i++) { + innerText += sorttable.getInnerText(node.childNodes[i]); + } + return innerText.replace(/^\s+|\s+$/g, ''); + break; + default: + return ''; + } + } + }, + + reverse: function(tbody) { + // reverse the rows in a tbody + newrows = []; + for (var i=0; i<tbody.rows.length; i++) { + newrows[newrows.length] = tbody.rows[i]; + } + for (var i=newrows.length-1; i>=0; i--) { + tbody.appendChild(newrows[i]); + } + delete newrows; + }, + + /* sort functions + each sort function takes two parameters, a and b + you are comparing a[0] and b[0] */ + sort_numeric: function(a,b) { + aa = parseFloat(a[0].replace(/[^0-9.-]/g,'')); + if (isNaN(aa)) aa = 0; + bb = parseFloat(b[0].replace(/[^0-9.-]/g,'')); + if (isNaN(bb)) bb = 0; + return aa-bb; + }, + sort_alpha: function(a,b) { + if (a[0]==b[0]) return 0; + if (a[0]<b[0]) return -1; + return 1; + }, + sort_ddmm: function(a,b) { + mtch = a[0].match(sorttable.DATE_RE); + y = mtch[3]; m = mtch[2]; d = mtch[1]; + if (m.length == 1) m = '0'+m; + if (d.length == 1) d = '0'+d; + dt1 = y+m+d; + mtch = b[0].match(sorttable.DATE_RE); + y = mtch[3]; m = mtch[2]; d = mtch[1]; + if (m.length == 1) m = '0'+m; + if (d.length == 1) d = '0'+d; + dt2 = y+m+d; + if (dt1==dt2) return 0; + if (dt1<dt2) return -1; + return 1; + }, + sort_mmdd: function(a,b) { + mtch = a[0].match(sorttable.DATE_RE); + y = mtch[3]; d = mtch[2]; m = mtch[1]; + if (m.length == 1) m = '0'+m; + if (d.length == 1) d = '0'+d; + dt1 = y+m+d; + mtch = b[0].match(sorttable.DATE_RE); + y = mtch[3]; d = mtch[2]; m = mtch[1]; + if (m.length == 1) m = '0'+m; + if (d.length == 1) d = '0'+d; + dt2 = y+m+d; + if (dt1==dt2) return 0; + if (dt1<dt2) return -1; + return 1; + }, + + shaker_sort: function(list, comp_func) { + // A stable sort function to allow multi-level sorting of data + // see: http://en.wikipedia.org/wiki/Cocktail_sort + // thanks to Joseph Nahmias + var b = 0; + var t = list.length - 1; + var swap = true; + + while(swap) { + swap = false; + for(var i = b; i < t; ++i) { + if ( comp_func(list[i], list[i+1]) > 0 ) { + var q = list[i]; list[i] = list[i+1]; list[i+1] = q; + swap = true; + } + } // for + t--; + + if (!swap) break; + + for(var i = t; i > b; --i) { + if ( comp_func(list[i], list[i-1]) < 0 ) { + var q = list[i]; list[i] = list[i-1]; list[i-1] = q; + swap = true; + } + } // for + b++; + + } // while(swap) + } +} + +/* ****************************************************************** + Supporting functions: bundled here to avoid depending on a library + ****************************************************************** */ + +// Dean Edwards/Matthias Miller/John Resig + +/* for Mozilla/Opera9 */ +if (document.addEventListener) { + document.addEventListener("DOMContentLoaded", sorttable.init, false); +} + +/* for Internet Explorer */ +/*@cc_on @*/ +/*@if (@_win32) + document.write("<script id=__ie_onload defer src=javascript:void(0)><\/script>"); + var script = document.getElementById("__ie_onload"); + script.onreadystatechange = function() { + if (this.readyState == "complete") { + sorttable.init(); // call the onload handler + } + }; +/*@end @*/ + +/* for Safari */ +if (/WebKit/i.test(navigator.userAgent)) { // sniff + var _timer = setInterval(function() { + if (/loaded|complete/.test(document.readyState)) { + sorttable.init(); // call the onload handler + } + }, 10); +} + +/* for other browsers */ +window.onload = sorttable.init; + +// written by Dean Edwards, 2005 +// with input from Tino Zijdel, Matthias Miller, Diego Perini + +// http://dean.edwards.name/weblog/2005/10/add-event/ + +function dean_addEvent(element, type, handler) { + if (element.addEventListener) { + element.addEventListener(type, handler, false); + } else { + // assign each event handler a unique ID + if (!handler.$$guid) handler.$$guid = dean_addEvent.guid++; + // create a hash table of event types for the element + if (!element.events) element.events = {}; + // create a hash table of event handlers for each element/event pair + var handlers = element.events[type]; + if (!handlers) { + handlers = element.events[type] = {}; + // store the existing event handler (if there is one) + if (element["on" + type]) { + handlers[0] = element["on" + type]; + } + } + // store the event handler in the hash table + handlers[handler.$$guid] = handler; + // assign a global event handler to do all the work + element["on" + type] = handleEvent; + } +}; +// a counter used to create unique IDs +dean_addEvent.guid = 1; + +function removeEvent(element, type, handler) { + if (element.removeEventListener) { + element.removeEventListener(type, handler, false); + } else { + // delete the event handler from the hash table + if (element.events && element.events[type]) { + delete element.events[type][handler.$$guid]; + } + } +}; + +function handleEvent(event) { + var returnValue = true; + // grab the event object (IE uses a global event object) + event = event || fixEvent(((this.ownerDocument || this.document || this).parentWindow || window).event); + // get a reference to the hash table of event handlers + var handlers = this.events[event.type]; + // execute each event handler + for (var i in handlers) { + this.$$handleEvent = handlers[i]; + if (this.$$handleEvent(event) === false) { + returnValue = false; + } + } + return returnValue; +}; + +function fixEvent(event) { + // add W3C standard event methods + event.preventDefault = fixEvent.preventDefault; + event.stopPropagation = fixEvent.stopPropagation; + return event; +}; +fixEvent.preventDefault = function() { + this.returnValue = false; +}; +fixEvent.stopPropagation = function() { + this.cancelBubble = true; +} + +// Dean's forEach: http://dean.edwards.name/base/forEach.js +/* + forEach, version 1.0 + Copyright 2006, Dean Edwards + License: http://www.opensource.org/licenses/mit-license.php +*/ + +// array-like enumeration +if (!Array.forEach) { // mozilla already supports this + Array.forEach = function(array, block, context) { + for (var i = 0; i < array.length; i++) { + block.call(context, array[i], i, array); + } + }; +} + +// generic enumeration +Function.prototype.forEach = function(object, block, context) { + for (var key in object) { + if (typeof this.prototype[key] == "undefined") { + block.call(context, object[key], key, object); + } + } +}; + +// character enumeration +String.forEach = function(string, block, context) { + Array.forEach(string.split(""), function(chr, index) { + block.call(context, chr, index, string); + }); +}; + +// globally resolve forEach enumeration +var forEach = function(object, block, context) { + if (object) { + var resolve = Object; // default + if (object instanceof Function) { + // functions have a "length" property + resolve = Function; + } else if (object.forEach instanceof Function) { + // the object implements a custom forEach method so use that + object.forEach(block, context); + return; + } else if (typeof object == "string") { + // the object is a string + resolve = String; + } else if (typeof object.length == "number") { + // the object is array-like + resolve = Array; + } + resolve.forEach(object, block, context); + } +}; + diff --git a/config/sarg/sarg_sync.xml b/config/sarg/sarg_sync.xml new file mode 100755 index 00000000..6c81b3f8 --- /dev/null +++ b/config/sarg/sarg_sync.xml @@ -0,0 +1,124 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + sarg_sync.xml + part of the sarg package for pfSense + Copyright (C) 2012 Marcello Coutinho + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>sargsync</name> + <version>1.0</version> + <title>Status: Sarg Sync</title> + <include_file>/usr/local/pkg/sarg.inc</include_file> + <tabs> + <tab> + <text>General</text> + <url>/pkg_edit.php?xml=sarg.xml&id=0</url> + </tab> + <tab> + <text>Users</text> + <url>/pkg_edit.php?xml=sarg_users.xml&id=0</url> + </tab> + <tab> + <text>Schedule</text> + <url>/pkg.php?xml=sarg_schedule.xml&id=0</url> + </tab> + <tab> + <text>View Report</text> + <url>/sarg_reports.php</url> + </tab> + <tab> + <text>Realtime</text> + <url>/sarg_realtime.php</url> + </tab> + <tab> + <text>XMLRPC Sync</text> + <url>/pkg_edit.php?xml=sarg_sync.xml&id=0</url> + <active/> + </tab> + <tab> + <text>Help</text> + <url>/sarg_about.php</url> + </tab> +</tabs> + <fields> + <field> + <name>XMLRPC Sync</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Automatically sync sarg configuration changes</fielddescr> + <fieldname>synconchanges</fieldname> + <description>pfSense will automatically sync changes to the hosts defined below.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Remote Server</fielddescr> + <fieldname>none</fieldname> + <type>rowhelper</type> + <rowhelper> + <rowhelperfield> + <fielddescr>IP Address</fielddescr> + <fieldname>ipaddress</fieldname> + <description>IP Address of remote server</description> + <type>input</type> + <size>20</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Password</fielddescr> + <fieldname>password</fieldname> + <description>Password for remote server.</description> + <type>password</type> + <size>20</size> + </rowhelperfield> + </rowhelper> + </field> + </fields> + <custom_php_install_command> + sarg_php_install_command(); + </custom_php_install_command> + <custom_php_deinstall_command> + sarg_php_deinstall_command(); + </custom_php_deinstall_command> + <custom_php_validation_command> + sarg_validate_input($_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> + sarg_resync(); + </custom_php_resync_config_command> +</packagegui> diff --git a/config/sarg/sarg_users.xml b/config/sarg/sarg_users.xml new file mode 100644 index 00000000..d038e5b3 --- /dev/null +++ b/config/sarg/sarg_users.xml @@ -0,0 +1,219 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + sarg_users.xml + part of the sarg for pfSense + Copyright (C) 2012 Marcello Coutinho + + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>sarguser</name> + <version>1.0</version> + <title>Status: Sarg User Settings</title> + <include_file>/usr/local/pkg/sarg.inc</include_file> + <tabs> + <tab> + <text>General</text> + <url>/pkg_edit.php?xml=sarg.xml&id=0</url> + </tab> + <tab> + <text>Users</text> + <url>/pkg_edit.php?xml=sarg_users.xml&id=0</url> + <active/> + </tab> + <tab> + <text>Schedule</text> + <url>/pkg.php?xml=sarg_schedule.xml&id=0</url> + </tab> + <tab> + <text>View Report</text> + <url>/sarg_reports.php</url> + </tab> + <tab> + <text>Realtime</text> + <url>/sarg_realtime.php</url> + </tab> + <tab> + <text>XMLRPC Sync</text> + <url>/pkg_edit.php?xml=sarg_sync.xml&id=0</url> + </tab> + <tab> + <text>Help</text> + <url>/sarg_about.php</url> + </tab> +</tabs> + <fields> + <field> + <name>User Settings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>User Sort Field</fielddescr> + <fieldname>user_sort_field</fieldname> + <description><![CDATA[Sort field for the User Report.]]></description> + <type>select</type> + <options> + <option><name>BYTES(default)</name><value>BYTES</value></option> + <option><name>SITE normal</name><value>SITE</value></option> + <option><name>CONNECT</name><value>CONNECT</value></option> + <option><name>TIME</name><value>TIME</value></option> + </options> + </field> + <field> + <fielddescr>Ntlm User Format</fielddescr> + <fieldname>ntlm_user_format</fieldname> + <description><![CDATA[NTLM users format]]></description> + <type>select</type> + <options> + <option><name>domainname+username (default)</name><value>domainname+username</value></option> + <option><name>username</name><value>user</value></option> + </options> + </field> + <field> + <fielddescr>Exclude users</fielddescr> + <fieldname>exclude_userlist</fieldname> + <description><![CDATA[Users within the file will be excluded from reports.<br> + You can use indexonly to have only index.html file.<br> + <strong>Format: one user per line.</strong>]]></description> + <type>textarea</type> + <cols>70</cols> + <rows>10</rows> + <encoding>base64</encoding> + </field> + <field> + <fielddescr>Include users</fielddescr> + <fieldname>include_userlist</fieldname> + <description><![CDATA[Reports will be generated only for listed users.<br> + <strong>Format: user1:user2:...:usern</strong>]]></description> + <type>input</type> + <size>70</size> + </field> + <field> + <fielddescr>Users association</fielddescr> + <fieldname>usertab</fieldname> + <description><![CDATA[You can change the "userid" or the "ip address" to be a real user name on the reports.<br> + If resolve_ip is active, the ip address is resolved before being looked up into this file.<br> + That is, if you want to map the ip address, be sure to set resolv_ip to no or the resolved name will be looked into the file instead of the ip address.<br> + Note that it can be used to resolve any ip address known to the dns and then map the unresolved ip addresses to a name found in the usertab file.<br> + <strong>Table syntax: userid name or ip address name</strong><br> + Eg:<br>SirIsaac Isaac Newton<br> + vinci Leonardo da Vinci<br> + 192.168.10.1 Karol Wojtyla]]></description> + <type>textarea</type> + <cols>70</cols> + <rows>10</rows> + <encoding>base64</encoding> + </field> + <field> + <name>Ldap Settings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Enable LDAP search</fielddescr> + <fieldname>ldap_enable</fieldname> + <description><![CDATA[Enable LDAP search for username replacement based on active directory info.<br> + This option is usefull to show full usernames in sarg reports instead of user logins.]]></description> + <type>checkbox</type> + </field> + <field> + <fielddescr>LDAP Hostname</fielddescr> + <fieldname>ldap_host</fieldname> + <description><![CDATA[FQDN or IP address of host with LDAP service or AD DC]]></description> + <type>input</type> + <size>60</size> + </field> + <field> + <fielddescr>LDAP Port</fielddescr> + <fieldname>ldap_port</fieldname> + <description><![CDATA[LDAP service port number.<br>Default is 389]]></description> + <type>input</type> + <size>10</size> + </field> + <field> + <fielddescr>LDAP Bind DN</fielddescr> + <fieldname>ldap_bind_dn</fieldname> + <description><![CDATA[DN of LDAP user, who is authorized to read user's names from LDAP base.<br> + Sample: CN=username,OU=group,DC=mydomain,DC=com<br>]]></description> + <type>input</type> + <size>60</size> + </field> + <field> + <fielddescr>LDAP Bind Password</fielddescr> + <fieldname>ldap_bind_pw</fieldname> + <description><![CDATA[LDAPBindPW secret Password of DN, who is authorized to read user's names from LDAP base.]]></description> + <type>password</type> + <size>10</size> + </field> + <field> + <fielddescr>LDAP Base Search</fielddescr> + <fieldname>ldap_base_search</fieldname> + <description><![CDATA[LDAP search base.<br> + Sample: OU=users,DC=mydomain,DC=com]]></description> + <type>input</type> + <size>60</size> + </field> + <field> + <fielddescr>LDAP filter Search</fielddescr> + <fieldname>ldap_filter_search</fieldname> + <description><![CDATA[LDAPFilterSearch (uid=%s)<br> + User search filter by user's logins in LDAP. First founded record will be used.<br> + %s - will be changed to userlogins from access.log file filter string can have up to 5 '%s' tags.<br> + Default value is '(uid=%s)']]></description> + <type>input</type> + <size>60</size> + </field> + <field> + <fielddescr>LDAP Target Attribute</fielddescr> + <fieldname>ldap_target_attr</fieldname> + <description><![CDATA[Name of the attribute containing a name of the user<br> + Default value is 'cn']]></description> + <type>input</type> + <size>60</size> + </field> + </fields> + <custom_php_install_command> + </custom_php_install_command> + <custom_php_deinstall_command> + </custom_php_deinstall_command> + <custom_php_validation_command> + sarg_validate_input($_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> + sync_package_sarg(); + </custom_php_resync_config_command> +</packagegui> diff --git a/config/snort/help_and_info.php b/config/snort/help_and_info.php index a8e3ae38..af8eb4ae 100644 --- a/config/snort/help_and_info.php +++ b/config/snort/help_and_info.php @@ -163,7 +163,7 @@ jQuery(document).ready(function() { <p><font size="5"><strong>Change Log</strong></font><p> - <p>Changes to this package can be viewed by following <a href="https://rcs.pfsense.org/projects/pfsense-packages" target="_blank"><font size="2" color="#990000"><strong>pfSense packages repository</strong></font></a></p> + <p>Changes to this package can be viewed by following <a href="https://github.com/bsdperimeter/pfsense-packages" target="_blank"><font size="2" color="#990000"><strong>packages repository</strong></font></a></p> </div> <div id="tab3" class="tab_content"> diff --git a/config/snort/snort_define_servers.php b/config/snort/snort_define_servers.php index 6ffbc797..497f0a79 100644 --- a/config/snort/snort_define_servers.php +++ b/config/snort/snort_define_servers.php @@ -389,7 +389,7 @@ echo "{$snort_general_css}\n"; type="text" class="formfld" id="def_ssh_ports" size="40" value="<?=htmlspecialchars($pconfig['def_ssh_ports']);?>"> <br> <span class="vexpl">Example: Specific ports "25,443" or All ports - betwen "5060:5090 . Default is Pfsense SSH port.</span></td> + betwen "5060:5090 . Default is the firewall's SSH port.</span></td> </tr> <tr> <td width="22%" valign="top" class="vncell2">Define POP_SERVERS</td> diff --git a/config/snort/snort_interfaces_edit.php b/config/snort/snort_interfaces_edit.php index 0282723b..f3d96848 100644 --- a/config/snort/snort_interfaces_edit.php +++ b/config/snort/snort_interfaces_edit.php @@ -668,7 +668,7 @@ function enable_change(enable_change) { type="checkbox" value="on" <?php if ($pconfig['alertsystemlog'] == "on") echo "checked"; ?> onClick="enable_change(false)"><br> - Snort will send Alerts to the Pfsense system logs.</td> + Snort will send Alerts to the firewall's system logs.</td> </tr> <tr> <td width="22%" valign="top" class="vncell2">Log to a Tcpdump file</td> diff --git a/config/snort/snort_interfaces_global.php b/config/snort/snort_interfaces_global.php index 57fec1f1..a267f561 100644 --- a/config/snort/snort_interfaces_global.php +++ b/config/snort/snort_interfaces_global.php @@ -340,7 +340,7 @@ enable JavaScript to view this content <?php if($pconfig['snortloglimit']=='off') echo 'checked'; ?>> <strong>Disable</strong> directory size limit<br> <br> - <span class="red"><strong>Warning</span>:</strong> Pfsense Nanobsd + <span class="red"><strong>Warning</span>:</strong> Nanobsd should use no more than 10MB of space.</td> </tr> <tr> diff --git a/config/snort/snort_rulesets.php b/config/snort/snort_rulesets.php index e4577818..313daea2 100644 --- a/config/snort/snort_rulesets.php +++ b/config/snort/snort_rulesets.php @@ -243,7 +243,7 @@ if (file_exists($d_snortconfdirty_path)) { cellpadding="0" cellspacing="0"> <tr id="frheader"> <td width="5%" class="listhdrr">Enabled</td> - <td class="listhdrr"><?php if($snort_arch == 'x86'){echo 'Ruleset: Rules that end with "so.rules" are shared object rules.';}else{echo 'Shared object rules are "so.rules" and not available on Pfsense 2.0 64 bit.';}?></td> + <td class="listhdrr"><?php if($snort_arch == 'x86'){echo 'Ruleset: Rules that end with "so.rules" are shared object rules.';}else{echo 'Shared object rules are "so.rules" and not available on 64 bit architectures.';}?></td> <!-- <td class="listhdrr">Description</td> --> </tr> <?php diff --git a/config/squid-reverse/squid.inc b/config/squid-reverse/squid.inc index 151f710c..99b3cfc5 100644 --- a/config/squid-reverse/squid.inc +++ b/config/squid-reverse/squid.inc @@ -4,7 +4,8 @@ squid.inc Copyright (C) 2006-2009 Scott Ullrich Copyright (C) 2006 Fernando Lemos - Copyright (C) 2008 Martin Fuchs + Copyright (C) 2012 Martin Fuchs + Copyright (C) 2012 Marcello Coutinho All rights reserved. Redistribution and use in source and binary forms, with or without @@ -43,9 +44,16 @@ define('SQUID_CONFBASE', '/usr/local/etc/squid'); define('SQUID_BASE', '/var/squid/'); define('SQUID_ACLDIR', '/var/squid/acl'); define('SQUID_PASSWD', '/var/etc/squid.passwd'); +define('SQUID_LIB','/var/squid/lib'); +define('SQUID_SSL_DB','/var/squid/lib/ssl_db'); $valid_acls = array(); +function sq_text_area_decode($text){ + return preg_replace('/\r\n/', "\n",base64_decode($text)); +} + + function squid_get_real_interface_address($iface) { global $config; @@ -120,11 +128,17 @@ function squid_is_valid_acl($acl) { function squid_install_command() { global $config; global $g; + update_status("Checking if there is configuration to migrate... One moment please..."); /* migrate existing csv config fields */ - $settingsauth = $config['installedpackages']['squidauth']['config'][0]; - $settingscache = $config['installedpackages']['squidcache']['config'][0]; - $settingsnac = $config['installedpackages']['squidnac']['config'][0]; - + if (is_array($config['installedpackages']['squidauth']['config'])) + $settingsauth = $config['installedpackages']['squidauth']['config'][0]; + if (is_array($config['installedpackages']['squidcache']['config'])) + $settingscache = $config['installedpackages']['squidcache']['config'][0]; + if (is_array($config['installedpackages']['squidnac']['config'])) + $settingsnac = $config['installedpackages']['squidnac']['config'][0]; + if (is_array($config['installedpackages']['squid']['config'])) + $settingsgen = $config['installedpackages']['squid']['config'][0]; + /* Set storage system */ if ($g['platform'] == "nanobsd") { $config['installedpackages']['squidcache']['config'][0]['harddisk_cache_system'] = 'null'; @@ -153,7 +167,6 @@ function squid_install_command() { $config['installedpackages']['squidnac']['config'][0]['allowed_subnets'] = $settingsnac['allowed_subnets']; } } - if(! empty($settingsnac['banned_hosts'])) { if(strstr($settingsnac['banned_hosts'], ",")) { $settingsnac['banned_hosts'] = base64_encode(implode("\n", explode(",", $settingsnac['banned_hosts']))); @@ -195,7 +208,49 @@ function squid_install_command() { $config['installedpackages']['squidnac']['config'][0]['blacklist'] = $settingsnac['blacklist']; } } - + + /*Migrate reverse settings*/ + if (is_array($config['installedpackages']['squidreverse'])){ + $old_reverse_settings=$config['installedpackages']['squidreverse']['config'][0]; + + //Settings + if (!is_array($config['installedpackages']['squidreversegeneral'])){ + $config['installedpackages']['squidreversegeneral']['config'][0]=$old_reverse_settings; + unset ($config['installedpackages']['squidreversegeneral']['config'][0]['reverse_cache_peer']); + unset ($config['installedpackages']['squidreversegeneral']['config'][0]['reverse_uri']); + unset ($config['installedpackages']['squidreversegeneral']['config'][0]['reverse_acl']); + } + + //PEERS + if (!is_array($config['installedpackages']['squidreversepeer'])){ + foreach (explode("\n",sq_text_area_decode($old_reverse_settings['reverse_cache_peer'])) as $cache_peers) + foreach (explode(";",$cache_peers) as $cache_peer) + $config['installedpackages']['squidreversepeer']['config'][]=array('description'=>'migrated', + 'enable'=> 'on', + 'name'=> $cache_peer[0], + 'port'=> $cache_peer[1], + 'protocol' => $cache_peer[2]); + } + + //MAPPINGS + if (!is_array($config['installedpackages']['squidreverseuri'])){ + foreach (explode("\n",sq_text_area_decode($old_reverse_settings['reverse_acl'])) as $acls){ + foreach (explode(";",$acls) as $acl) + array_push(${'peer_'.$acl[0]},$acl[1]); + } + foreach (explode("\n",sq_text_area_decode($old_reverse_settings['reverse_uri'])) as $uris) + foreach (explode(";",$uris) as $uri){ + $peer_list=(is_array(${'peer_'.$uri[0]})?implode(",",${'peer_'.$uri[0]}):""); + $config['installedpackages']['squidreverseuri']['config'][]=array('description'=>'migrated', + 'enable'=> 'on', + 'name'=> $uri[0], + 'uri'=> $uri[1], + 'vhost' => $uri[2], + 'peers'=>$peer_list); + } + } + } + update_status("Writing configuration... One moment please..."); write_config(); @@ -209,13 +264,14 @@ function squid_install_command() { if(file_exists("/usr/local/etc/rc.d/squid")) exec("/bin/rm /usr/local/etc/rc.d/squid"); squid_write_rcfile(); - exec("chmod a+rx /usr/local/libexec/squid/dnsserver"); if(file_exists("/usr/local/pkg/swapstate_check.php")) exec("/bin/chmod a+x /usr/local/pkg/swapstate_check.php"); foreach (array( SQUID_CONFBASE, SQUID_ACLDIR, - SQUID_BASE ) as $dir) { + SQUID_BASE, + SQUID_LIB, + SQUID_SSL_DB ) as $dir) { make_dirs($dir); squid_chown_recursive($dir, 'proxy', 'proxy'); } @@ -273,9 +329,12 @@ function squid_deinstall_command() { function squid_before_form_general($pkg) { $values = get_dir(SQUID_CONFBASE . '/errors/'); - // Get rid of '..' and '.' + // Get rid of '..' and '.' and ... array_shift($values); array_shift($values); + array_shift($values); + array_shift($values); + $name = array(); foreach ($values as $value) $names[] = implode(" ", explode("_", $value)); @@ -347,12 +406,13 @@ function squid_validate_general($post, $input_errors) { foreach ($altdns as $dnssrv) { if (!is_ipaddr($dnssrv)) $input_errors[] = 'You must enter a valid IP address in the \'Alternate DNS servers\' field'; + break; }} } function squid_validate_upstream($post, $input_errors) { - if ($post['proxy_forwarding'] == 'on') { - $addr = trim($post['proxy_addr']); + if ($post['enabled'] == 'on') { + $addr = trim($post['proxyaddr']); if (empty($addr)) $input_errors[] = 'The field \'Hostname\' is required'; else { @@ -360,7 +420,7 @@ function squid_validate_upstream($post, $input_errors) { $input_errors[] = 'You must enter a valid IP address or host name in the \'Proxy hostname\' field'; } - foreach (array('proxy_port' => 'TCP port', 'icp_port' => 'ICP port') as $field => $name) { + foreach (array('proxyport' => 'TCP port', 'icpport' => 'ICP port') as $field => $name) { $port = trim($post[$field]); if (empty($port)) $input_errors[] = "The field '$name' is required"; @@ -482,20 +542,28 @@ function squid_validate_traffic($post, $input_errors) { function squid_validate_reverse($post, $input_errors) { - $fqdn = trim($post['reverse_external_fqdn']); - if (!empty($fqdn) && !is_domain($fqdn)) - $input_errors[] = 'The field \'external FQDN\' must contain a valid domain name'; + if(!empty($post['reverse_ip'])) { + $reverse_ip = explode(";", ($post['reverse_ip'])); + foreach ($reverse_ip as $reip) { + if (!is_ipaddr($reip)) + $input_errors[] = 'You must enter a valid IP address in the \'User-defined reverse-proxy IPs\' field'; + break; + }} + + $fqdn = trim($post['reverse_external_fqdn']); + if (!empty($fqdn) && !is_domain($fqdn)) + $input_errors[] = 'The field \'external FQDN\' must contain a valid domain name'; - $port = trim($post['reverse_http_port']); - if (!empty($port) && !is_port($port)) - $input_errors[] = 'The field \'reverse HTTP port\' must contain a valid port number'; + $port = trim($post['reverse_http_port']); + if (!empty($port) && !is_port($port)) + $input_errors[] = 'The field \'reverse HTTP port\' must contain a valid port number'; - $port = trim($post['reverse_https_port']); - if (!empty($port) && !is_port($port)) - $input_errors[] = 'The field \'reverse HTTPS port\' must contain a valid port number'; + $port = trim($post['reverse_https_port']); + if (!empty($port) && !is_port($port)) + $input_errors[] = 'The field \'reverse HTTPS port\' must contain a valid port number'; - if ($post['reverse_ssl_cert'] == 'none') - $input_errors[] = 'A valid certificate for the external interface must be selected'; + if ($post['reverse_ssl_cert'] == 'none') + $input_errors[] = 'A valid certificate for the external interface must be selected'; if (($post['reverse_https'] != 'on') && ($post['reverse_owa'] == 'on')) { $input_errors[] = "You have to enable reverse HTTPS before enabling OWA support."; @@ -506,9 +574,9 @@ function squid_validate_reverse($post, $input_errors) { $input_errors[] = 'A valid certificate for the external interface must be selected'; */ - $rowa = trim($post['reverse_owa_ip']); - if (!empty($rowa) && !is_ipaddr($rowa)) - $input_errors[] = 'The field \'OWA frontend IP address\' must contain a valid IP address'; + $rowa = trim($post['reverse_owa_ip']); + if (!empty($rowa) && !is_ipaddr($rowa)) + $input_errors[] = 'The field \'OWA frontend IP address\' must contain a valid IP address'; $contents = $post['reverse_cache_peer']; @@ -672,9 +740,9 @@ function squid_resync_general() { } } if (($settings['transparent_proxy'] == 'on')) { - $conf .= "http_port 127.0.0.1:" . $settings['proxy_port'] . " transparent\n"; + $conf .= "http_port 127.0.0.1:" . $settings['proxy_port'] . " intercept\n"; } - $icp_port = ($settings['icp_port'] ? $settings['icp_port'] : 0); + $icp_port = ($settings['icp_port'] ? $settings['icp_port'] : 7); $pidfile = "{$g['varrun_path']}/squid.pid"; $language = ($settings['error_language'] ? $settings['error_language'] : 'English'); @@ -701,6 +769,7 @@ cache_mgr $email access_log $logdir_access cache_log $logdir_cache cache_store_log none +sslcrtd_children 0 EOD; @@ -721,6 +790,7 @@ EOD; foreach ($real_ifaces as $iface) { list($ip, $mask) = $iface; $ip = long2ip(ip2long($ip) & ip2long($mask)); + $mask = 32-log((ip2long($mask) ^ ip2long('255.255.255.255'))+1,2); $src .= " $ip/$mask"; } $conf .= "# Allow local network(s) on interface(s)\n"; @@ -755,13 +825,14 @@ function squid_resync_cache() { $disk_cache_size = ($settings['harddisk_cache_size'] ? $settings['harddisk_cache_size'] : 100); $level1 = ($settings['level1_subdirs'] ? $settings['level1_subdirs'] : 16); $memory_cache_size = ($settings['memory_cache_size'] ? $settings['memory_cache_size'] : 8); - $max_objsize = ($settings['maximum_object_size'] ? $settings['maximum_object_size'] : 10); + $max_objsize = ($settings['maximum_object_size'] ? $settings['maximum_object_size']." KB" : "10 KB"); $min_objsize = ($settings['minimum_object_size'] ? $settings['minimum_object_size'] : 0); $max_objsize_in_mem = ($settings['maximum_objsize_in_mem'] ? $settings['maximum_objsize_in_mem'] : 32); $cache_policy = ($settings['cache_replacement_policy'] ? $settings['cache_replacement_policy'] : 'heap LFUDA'); $memory_policy = ($settings['memory_replacement_policy'] ? $settings['memory_replacement_policy'] : 'heap GDSF'); $offline_mode = ($settings['enable_offline'] == 'on' ? 'on' : 'off'); - + $conf = ''; + if (!isset($settings['harddisk_cache_system'])) { if ($g['platform'] == "nanobsd") { $disk_cache_system = 'null'; @@ -771,29 +842,93 @@ function squid_resync_cache() { } else { $disk_cache_system = $settings['harddisk_cache_system']; } + #'null' storage type dropped. In-memory cache is always present. Remove all cache_dir options to prevent on-disk caching. + if ($disk_cache_system != "null") { + $disk_cache_opts = "cache_dir {$disk_cache_system} {$cachedir} {$disk_cache_size} {$level1} 256"; + } +//check dynamic content +if(empty($settings['cache_dynamic_content'])){ + $conf.='acl dynamic urlpath_regex cgi-bin \?'."\n"; + $conf.="cache deny dynamic\n"; +} +else{ + if(preg_match('/youtube/',$settings['refresh_patterns'])){ + $conf.=<<<EOC +# Break HTTP standard for flash videos. Keep them in cache even if asked not to. +refresh_pattern -i \.flv$ 10080 90% 999999 ignore-no-cache override-expire ignore-private - if ($disk_cache_system == "null") { - $disk_cache_opts = "{$disk_cache_system} /tmp"; - } else { - $disk_cache_opts = "{$disk_cache_system} {$cachedir} {$disk_cache_size} {$level1} 256"; +# Let the clients favorite video site through with full caching +acl youtube dstdomain .youtube.com +cache allow youtube + +EOC; } + if(preg_match('/windows/',$settings['refresh_patterns'])){ + $conf.=<<<EOC - $conf = <<<EOD -cache_mem $memory_cache_size MB -maximum_object_size_in_memory $max_objsize_in_mem KB -memory_replacement_policy $memory_policy -cache_replacement_policy $cache_policy -cache_dir $disk_cache_opts -minimum_object_size $min_objsize KB -maximum_object_size $max_objsize KB -offline_mode $offline_mode +# Windows Update refresh_pattern +range_offset_limit -1 +refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims +refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims +refresh_pattern -i my.windowsupdate.website.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims + +EOC; + } + +if(preg_match('/symantec/',$settings['refresh_patterns'])){ + $conf.=<<<EOC + +# Symantec refresh_pattern +range_offset_limit -1 +refresh_pattern liveupdate.symantecliveupdate.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims +refresh_pattern symantecliveupdate.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims + +EOC; + } +if(preg_match('/avast/',$settings['refresh_patterns'])){ + $conf.=<<<EOC + +# Avast refresh_pattern +range_offset_limit -1 +refresh_pattern avast.com/.*\.(vpu|cab|stamp|exe) 10080 100% 43200 reload-into-ims + +EOC; + } +if(preg_match('/avira/',$settings['refresh_patterns'])){ + $conf.=<<<EOC + +# Avira refresh_pattern +range_offset_limit -1 +refresh_pattern personal.avira-update.com/.*\.(cab|exe|dll|msi|gz) 10080 100% 43200 reload-into-ims +EOC; + } + $refresh_conf=<<<EOC + +# Add any of your own refresh_pattern entries above these. +refresh_pattern ^ftp: 1440 20% 10080 +refresh_pattern ^gopher: 1440 0% 1440 +refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 +refresh_pattern . 0 20% 4320 +EOC; + +} + + $conf .= <<<EOD +cache_mem $memory_cache_size MB +maximum_object_size_in_memory {$max_objsize_in_mem} KB +memory_replacement_policy {$memory_policy} +cache_replacement_policy {$cache_policy} +$disk_cache_opts +minimum_object_size {$min_objsize} KB +maximum_object_size {$max_objsize} +offline_mode {$offline_mode} EOD; if (!empty($settings['cache_swap_low'])) $conf .= "cache_swap_low {$settings['cache_swap_low']}\n"; if (!empty($settings['cache_swap_high'])) $conf .= "cache_swap_high {$settings['cache_swap_high']}\n"; - $donotcache = base64_decode($settings['donotcache']); + $donotcache = sq_text_area_decode($settings['donotcache']); if (!empty($donotcache)) { file_put_contents(SQUID_ACLDIR . '/donotcache.acl', $donotcache); $conf .= 'acl donotcache dstdomain "' . SQUID_ACLDIR . "/donotcache.acl\"\n"; @@ -802,28 +937,39 @@ EOD; elseif (file_exists(SQUID_ACLDIR . '/donotcache.acl')) { unlink(SQUID_ACLDIR . '/donotcache.acl'); } - - return $conf; + return $conf.$refresh_conf; } function squid_resync_upstream() { global $config; - $settings = $config['installedpackages']['squidupstream']['config'][0]; - - $conf = ''; - if ($settings['proxy_forwarding'] == 'on') { - $conf .= "cache_peer {$settings['proxy_addr']} parent {$settings['proxy_port']} "; - if ($settings['icp_port'] == '7') - $conf .= "{$settings['icp_port']} no-query"; - else - $conf .= "{$settings['icp_port']}"; - - if (!empty($settings['username'])) - $conf .= " login={$settings['username']}"; - if (!empty($settings['password'])) - $conf .= ":{$settings['password']}"; - } - + $conf = "\n#Remote proxies\n"; + if (is_array($config['installedpackages']['squidremote']['config'])) + foreach ($config['installedpackages']['squidremote']['config'] as $settings){ + if ($settings['enable'] == 'on') { + $conf .= "cache_peer {$settings['proxyaddr']} {$settings['hierarchy']} {$settings['proxyport']} "; + if ($settings['icpport'] == '7') + $conf .= "{$settings['icpport']} {$settings['icpoptions']} {$settings['peermethod']} {$settings['allowmiss']} "; + else + $conf .= "{$settings['icpport']} "; + #auth settings + if (!empty($settings['username']) && !empty($settings['password'])){ + $conf .= " login={$settings['username']}:{$settings['password']}"; + } + else{ + $conf .= "{$settings['authoption']} "; + } + #other options settings + if (!empty($settings['weight'])) + $conf .= "weight={$settings['weight']} "; + if (!empty($settings['basetime'])) + $conf .= "basetime={$settings['basetime']} "; + if (!empty($settings['ttl'])) + $conf .= "ttl={$settings['ttl']} "; + if (!empty($settings['nodelay'])) + $conf .= "no-delay"; + } + $conf .= "\n"; + } return $conf; } @@ -851,27 +997,27 @@ function squid_resync_nac() { $conf = <<<EOD # Setup some default acls -acl all src 0.0.0.0/0.0.0.0 -acl localhost src 127.0.0.1/255.255.255.255 +acl allsrc src all +acl localhost src 127.0.0.1/32 acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 $webgui_port $port 1025-65535 $addtl_ports acl sslports port 443 563 $webgui_port $addtl_sslports acl manager proto cache_object acl purge method PURGE acl connect method CONNECT -acl dynamic urlpath_regex cgi-bin \? + EOD; - $allowed_subnets = explode("\n", base64_decode($settings['allowed_subnets'])); - $allowed = ""; - foreach ($allowed_subnets as $subnet) { - if(!empty($subnet)) { - $subnet = trim($subnet); - $allowed .= "$subnet "; - } - } - if (!empty($allowed)) { - $conf .= "acl allowed_subnets src $allowed\n"; + $allowed_subnets = preg_replace("/\s+/"," ",sq_text_area_decode($settings['allowed_subnets'])); + #$allowed = ""; + #foreach ($allowed_subnets as $subnet) { + # if(!empty($subnet)) { + # $subnet = trim($subnet); + # $allowed .= "$subnet "; + # } + #} + if (!empty($allowed_subnets)) { + $conf .= "acl allowed_subnets src $allowed_subnets\n"; $valid_acls[] = 'allowed_subnets'; } @@ -881,7 +1027,7 @@ EOD; 'blacklist' => 'dstdom_regex -i', ); foreach ($options as $option => $directive) { - $contents = base64_decode($settings[$option]); + $contents = sq_text_area_decode($settings[$option]); if (!empty($contents)) { file_put_contents(SQUID_ACLDIR . "/$option.acl", $contents); $conf .= "acl $option $directive \"" . SQUID_ACLDIR . "/$option.acl\"\n"; @@ -893,23 +1039,21 @@ EOD; } $conf .= <<<EOD -cache deny dynamic http_access allow manager localhost EOD; - if(!empty($settings['ext_cachemanager'])) { - $extmgr = explode(";", ($settings['ext_cachemanager'])); - $count = 1; - $conf .= "\n# Allow external cache managers\n"; -// $conf .= "acl ext_manager src ".$settings['ext_cachemanager']."\n"; - foreach ($extmgr as $mgr) { - $conf .= "acl ext_manager_".$count." src "; - $conf .= $mgr." "; - $conf .= "\n"; - $conf .= "http_access allow manager ext_manager_".$count."\n"; - $count += 1; - }} + if (is_array($config['installedpackages']['squidcache'])){ + $settings_ch = $config['installedpackages']['squidcache']['config'][0]; + if(!empty($settings_ch['ext_cachemanager'])) { + $extmgr = explode(";", ($settings_ch['ext_cachemanager'])); + $conf .= "\n# Allow external cache managers\n"; + foreach ($extmgr as $mgr) { + $conf .= "acl ext_manager src {$mgr}\n"; + } + $conf .= "http_access allow manager ext_manager\n"; + } + } $conf .= <<<EOD @@ -941,8 +1085,10 @@ function squid_resync_traffic() { $up_limit = ($settings['max_upload_size'] ? $settings['max_upload_size'] : 0); $down_limit = ($settings['max_download_size'] ? $settings['max_download_size'] : 0); $conf .= "request_body_max_size $up_limit KB\n"; - $conf .= 'reply_body_max_size ' . ($down_limit * 1024) . " deny all\n"; + if ($down_limit != 0) + $conf .= 'reply_body_max_size ' . $down_limit . " KB allsrc \n"; + // Only apply throttling past 10MB // XXX: Should this really be hardcoded? $threshold = 10 * 1024 * 1024; @@ -996,10 +1142,10 @@ EOD; $conf .= "# Throttle extensions matched in the url\n"; $conf .= "acl throttle_exts urlpath_regex -i \"" . SQUID_ACLDIR . "/throttle_exts.acl\"\n"; $conf .= "delay_access 1 allow throttle_exts\n"; - $conf .= "delay_access 1 deny all\n"; + $conf .= "delay_access 1 deny allsrc\n"; } else - $conf .= "delay_access 1 allow all\n"; + $conf .= "delay_access 1 allow allsrc\n"; return $conf; } @@ -1014,144 +1160,27 @@ function squid_get_server_certs() { return $cert_arr; } -function squid_resync_reverse() { - global $config, $valid_acls; - if(!is_array($valid_acls)) - return; - $settings = $config['installedpackages']['squidreverse']['config'][0]; - $conf = ''; - - $conf .= "# Reverse Proxy settings\n"; - - if(isset($settings["reverse_ssl_cert"]) && $settings["reverse_ssl_cert"] != "none") { - $svr_cert = lookup_cert($settings["reverse_ssl_cert"]); - if ($svr_cert != false) { - if(base64_decode($svr_cert['crt'])) { - file_put_contents(SQUID_CONFBASE . "/{$settings["reverse_ssl_cert"]}.crt",base64_decode($svr_cert['crt'])); - $reverse_crt = SQUID_CONFBASE . "/{$settings["reverse_ssl_cert"]}.crt"; - } - if(base64_decode($svr_cert['prv'])) { - file_put_contents(SQUID_CONFBASE . "/{$settings["reverse_ssl_cert"]}.key",base64_decode($svr_cert['prv'])); - $reverse_key = SQUID_CONFBASE . "/{$settings["reverse_ssl_cert"]}.key"; - }}} - - if (!empty($settings['reverse_int_ca'])) file_put_contents(SQUID_CONFBASE . "/{$settings["reverse_ssl_cert"]}.crt","\n" . base64_decode($settings['reverse_int_ca']),FILE_APPEND | LOCK_EX); - - $ifaces = ($settings['reverse_interface'] ? $settings['reverse_interface'] : 'wan'); - $real_ifaces = array(); - foreach (explode(",", $ifaces) as $i => $iface) { - $real_ifaces[] = squid_get_real_interface_address($iface); - if($real_ifaces[$i][0]) { - //HTTP - if (!empty($settings['reverse_http']) && empty($settings['reverse_http_port']) && empty($settings['reverse_http_defsite'])) $conf .= "http_port {$real_ifaces[$i][0]}:80 accel defaultsite={$settings['reverse_external_fqdn']} vhost\n"; - if (!empty($settings['reverse_http']) && (!empty($settings['reverse_http_port'])) && empty($settings['reverse_http_defsite'])) $conf .= "http_port {$real_ifaces[$i][0]}:{$settings['reverse_http_port']} accel defaultsite={$settings['reverse_external_fqdn']} vhost\n"; - if (!empty($settings['reverse_http']) && empty($settings['reverse_http_port']) && (!empty($settings['reverse_http_defsite']))) $conf .= "http_port {$real_ifaces[$i][0]}:80 accel defaultsite={$settings['reverse_http_defsite']} vhost\n"; - if (!empty($settings['reverse_http']) && (!empty($settings['reverse_http_port'])) && (!empty($settings['reverse_http_defsite']))) $conf .= "http_port {$real_ifaces[$i][0]}:{$settings['reverse_http_port']} accel defaultsite={$settings['reverse_http_defsite']} vhost\n"; - //HTTPS - if (!empty($settings['reverse_https']) && empty($settings['reverse_https_port']) && empty($settings['reverse_https_defsite'])) $conf .= "https_port {$real_ifaces[$i][0]}:443 cert={$reverse_crt} key={$reverse_key} defaultsite={$settings['reverse_external_fqdn']}\n"; - if (!empty($settings['reverse_https']) && (!empty($settings['reverse_https_port'])) && empty($settings['reverse_https_defsite'])) $conf .= "https_port {$real_ifaces[$i][0]}:{$settings['reverse_https_port']} cert={$reverse_crt} key={$reverse_key} defaultsite={$settings['reverse_external_fqdn']} vhost\n"; - if (!empty($settings['reverse_https']) && empty($settings['reverse_https_port']) && (!empty($settings['reverse_https_defsite']))) $conf .= "https_port {$real_ifaces[$i][0]}:443 cert={$reverse_crt} key={$reverse_key} defaultsite={$settings['reverse_https_defsite']} vhost\n"; - if (!empty($settings['reverse_https']) && (!empty($settings['reverse_https_port'])) && (!empty($settings['reverse_https_defsite']))) $conf .= "https_port {$real_ifaces[$i][0]}:{$settings['reverse_https_port']} cert={$reverse_crt} key={$reverse_key} defaultsite={$settings['reverse_https_defsite']} vhost\n"; - } - } - //PEERS - if (($settings['reverse_owa'] == 'on') && (!empty($settings['reverse_owa_ip']))) $conf .= "cache_peer {$settings['reverse_owa_ip']} parent 443 0 proxy-only no-query originserver login=PASS ssl sslflags=DONT_VERIFY_PEER front-end-https=auto name=OWA_HOST_pfs\n"; - - $contents = base64_decode($settings['reverse_cache_peer']); - if(!empty($contents)) { - $defs = explode("\r\n", ($contents)); - foreach ($defs as $def) { - $cfg = explode(";",($def)); - if (($cfg[0]) != '' && ($cfg[1]) != '' && ($cfg[2]) != ''){ - $conf .= "cache_peer {$cfg[1]} parent {$cfg[2]} 0 proxy-only no-query originserver "; - if($cfg[3] == 'HTTPS') - $conf .= "login=PASS ssl sslflags=DONT_VERIFY_PEER front-end-https=auto "; - $conf .= "name={$cfg[0]}\n"; - }}} - - //ACLs - if (($settings['reverse_owa'] == 'on') && (!empty($settings['reverse_owa_ip']))) { - $conf .= "acl OWA_URI_pfs url_regex -i ^https://{$settings['reverse_external_fqdn']}/owa.*$\n"; - $conf .= "acl OWA_URI_pfs url_regex -i ^https://{$settings['reverse_external_fqdn']}/exchange.*$\n"; - $conf .= "acl OWA_URI_pfs url_regex -i ^https://{$settings['reverse_external_fqdn']}/public.*$\n"; - $conf .= "acl OWA_URI_pfs url_regex -i ^https://{$settings['reverse_external_fqdn']}/exchwebexchweb.*$\n"; - } - if (($settings['reverse_owa'] == 'on') && (!empty($settings['reverse_owa_ip'])) && ($settings['reverse_owa_activesync'] == 'on')) { - $conf .= "acl OWA_URI_pfs url_regex -i ^https://{$settings['reverse_external_fqdn']}/Microsoft-Server-ActiveSync.*$\n"; - } - if (($settings['reverse_owa'] == 'on') && (!empty($settings['reverse_owa_ip'])) && ($settings['reverse_owa_rpchttp'] == 'on')) { - $conf .= "acl OWA_URI_pfs url_regex -i ^https://{$settings['reverse_external_fqdn']}/rpc/rpcproxy.dll.*$\n"; - $conf .= "extension_methods RPC_IN_DATA RPC_OUT_DATA\n"; - } - - $contents = base64_decode($settings['revrse_uri']); - if(!empty($contents)) { - $defs = explode("\r\n", ($contents)); - foreach ($defs as $def) { - $cfg = explode(";",($def)); - if (($cfg[0]) != '' && ($cfg[1]) != ''){ - if($cfg[2] != '') - $conf .= "acl {$cfg[0]} url_regex -i {$cfg[2]}/{$cfg[1]}.*$\n"; - if($cfg[2] == '') - $conf .= "acl {$cfg[0]} url_regex -i {$settings['reverse_external_fqdn']}/{$cfg[1]}.*$\n"; - }}} - - - //ACCESS - if (($settings['reverse_owa'] == 'on') && (!empty($settings['reverse_owa_ip']))) { - $conf .= "cache_peer_access OWA_HOST_pfs allow OWA_URI_pfs\n"; - $conf .= "cache_peer_access OWA_HOST_pfs deny all\n"; - $conf .= "never_direct allow OWA_URI_pfs\n"; - $conf .= "http_access allow OWA_URI_pfs\n"; - } - - $contents = base64_decode($settings['reverse_acl']); - if(!empty($contents)) { - $defs = explode("\r\n", ($contents)); - foreach ($defs as $def) { - $cfg = explode(";",($def)); - if (($cfg[0]) != '' && ($cfg[1]) != ''){ - $conf .= "cache_peer_access {$cfg[0]} allow {$cfg[1]}\n"; - }} - foreach ($defs as $def) { - $cfg = explode(";",($def)); - if (($cfg[0]) != '' && ($cfg[1]) != ''){ - $conf .= "cache_peer_access {$cfg[0]} deny all\n"; - }} - foreach ($defs as $def) { - $cfg = explode(";",($def)); - if (($cfg[0]) != '' && ($cfg[1]) != ''){ - $conf .= "never direct allow {$cfg[1]}\n"; - }} - foreach ($defs as $def) { - $cfg = explode(";",($def)); - if (($cfg[0]) != '' && ($cfg[1]) != ''){ - $conf .= "http_access allow {$cfg[1]}\n"; - }} - } - - $conf .= "\n"; - - if (!empty($settings['deny_info_tcp_reset'])) $conf .= "deny_info TCP_RESET all\n"; - return $conf; -} +#squid reverse +include('/usr/local/pkg/squid_reverse.inc'); function squid_resync_auth() { global $config, $valid_acls; - $settings = $config['installedpackages']['squidauth']['config'][0]; - $settingsnac = $config['installedpackages']['squidnac']['config'][0]; - $settingsconfig = $config['installedpackages']['squid']['config'][0]; + if (is_array($config['installedpackages']['squidauth']['config'])) + $settings = $config['installedpackages']['squidauth']['config'][0]; + if (is_array($config['installedpackages']['squidnac']['config'])) + $settingsnac = $config['installedpackages']['squidnac']['config'][0]; + if (is_array($config['installedpackages']['squid']['config'])) + $settingsconfig = $config['installedpackages']['squid']['config'][0]; + $conf = ''; - // Custom Options - if(!empty($config['installedpackages']['squid']['config'][0]['custom_options'])) { - $custopts = explode(";", ($config['installedpackages']['squid']['config'][0]['custom_options'])); - $conf .= "# Custom options\n"; - foreach ($custopts as $custopt) { - $conf .= $custopt."\n"; - } - } + // Package integration + if(!empty($settingsconfig['custom_options'])) + $conf.="# Package Integration\n".preg_replace('/;/',"\n",$settingsconfig['custom_options'])."\n\n"; + + // Custom User Options + $conf .= "# Custom options\n".sq_text_area_decode($settingsconfig['custom_options_squid3'])."\n\n"; // Deny the banned guys before allowing the good guys if(! empty($settingsnac['banned_hosts'])) { @@ -1268,7 +1297,7 @@ EOD; } $conf .= "# Default block all to be sure\n"; - $conf .= "http_access deny all\n"; + $conf .= "http_access deny allsrc\n"; return $conf; } @@ -1302,7 +1331,29 @@ function squid_resync_msnt() { function squid_resync() { global $config; + + # detect boot process + if (is_array($_POST)){ + if (preg_match("/\w+/",$_POST['__csrf_magic'])) + unset($boot_process); + else + $boot_process="on"; + } + + if (is_process_running('squid') && isset($boot_process)) + return; + conf_mount_rw(); + foreach (array( SQUID_CONFBASE, + SQUID_ACLDIR, + SQUID_BASE, + SQUID_LIB, + SQUID_SSL_DB ) as $dir) { + make_dirs($dir); + chown($dir, 'proxy'); + chgrp($dir, 'proxy'); + squid_chown_recursive($dir, 'proxy', 'proxy'); + } $conf = squid_resync_general() . "\n"; $conf .= squid_resync_cache() . "\n"; $conf .= squid_resync_redirector() . "\n"; @@ -1313,20 +1364,17 @@ function squid_resync() { $conf .= squid_resync_auth(); squid_resync_users(); squid_write_rcfile(); - + + if(!isset($boot_process)) + squid_sync_on_changes(); + + #write config file + file_put_contents(SQUID_CONFBASE . '/squid.conf', $conf); + /* make sure pinger is executable */ if(file_exists("/usr/local/libexec/squid/pinger")) exec("chmod a+x /usr/local/libexec/squid/pinger"); - foreach (array( SQUID_CONFBASE, - SQUID_ACLDIR, - SQUID_BASE ) as $dir) { - make_dirs($dir); - squid_chown_recursive($dir, 'proxy', 'proxy'); - } - - file_put_contents(SQUID_CONFBASE . '/squid.conf', $conf); - $log_dir = $config['installedpackages']['squid']['config'][0]['log_dir'].'/'; if(!is_dir($log_dir)) { @@ -1337,12 +1385,16 @@ function squid_resync() { squid_dash_z(); + if (!is_service_running('squid')) { log_error("Starting Squid"); - mwexec("/usr/local/sbin/squid -D"); - } else { - log_error("Reloading Squid for configuration sync"); - mwexec("/usr/local/sbin/squid -k reconfigure"); + mwexec("/usr/local/sbin/squid"); + } + else { + if (!isset($boot_process)){ + log_error("Reloading Squid for configuration sync"); + mwexec("/usr/local/sbin/squid -k reconfigure"); + } } // Sleep for a couple seconds to give squid a chance to fire up fully. @@ -1493,7 +1545,42 @@ function squid_generate_rules($type) { global $config; $squid_conf = $config['installedpackages']['squid']['config'][0]; - + + //check captive portal option + $cp_file='/etc/inc/captiveportal.inc'; + $pfsense_version=preg_replace("/\s/","",file_get_contents("/etc/version")); + $port = ($settings['proxy_port'] ? $settings['proxy_port'] : 3128); + $cp_inc = file($cp_file); + $new_cp_inc=""; + $found_rule=0; + foreach ($cp_inc as $line){ + $new_line=$line; + //remove applied squid patch + if (preg_match('/} set 1 skipto 65314/',$line)){ + $found_rule++; + $new_line =""; + } + //add squid patch option based on current config + if (preg_match('/set 1 pass ip from any to/',$line) && $squid_conf['patch_cp']){ + $found_rule++; + $new_line = "\t".'$cprules .= "add {$rulenum} set 1 skipto 65314 ip from any to {$ips} '.$port.' in\n";'."\n"; + $new_line .= $line; + } + if (preg_match('/set 1 pass ip from {/',$line) && $squid_conf['patch_cp']){ + $found_rule++; + $new_line = "\t".'$cprules .= "add {$rulenum} set 1 skipto 65314 ip from {$ips} '.$port.' to any out\n";'."\n"; + $new_line .= $line; + } + $new_cp_inc .= $new_line; + } + if (!file_exists('/root/'.$pfsense_version.'.captiveportal.inc.backup')) { + copy ($cp_file,'/root/'.$pfsense_version.'.captiveportal.inc.backup'); + } + if($found_rule > 0){ + file_put_contents($cp_file,$new_cp_inc, LOCK_EX); + } + + //normal squid rule check if (($squid_conf['transparent_proxy'] != 'on') || ($squid_conf['allow_interface'] != 'on')) { return; } @@ -1620,8 +1707,8 @@ function squid_write_rcfile() { $rc = array(); $rc['file'] = 'squid.sh'; $rc['start'] = <<<EOD -if [ -z "`ps auxw | grep "[s]quid -D"|awk '{print $2}'`" ];then - /usr/local/sbin/squid -D +if [ -z "`ps auxw | grep "[s]quid "|awk '{print $2}'`" ];then + /usr/local/sbin/squid fi EOD; @@ -1634,8 +1721,8 @@ killall pinger 2>/dev/null EOD; $rc['restart'] = <<<EOD -if [ -z "`ps auxw | grep "[s]quid -D"|awk '{print $2}'`" ];then - /usr/local/sbin/squid -D +if [ -z "`ps auxw | grep "[s]quid "|awk '{print $2}'`" ];then + /usr/local/sbin/squid else /usr/local/sbin/squid -k reconfigure fi @@ -1644,4 +1731,127 @@ EOD; conf_mount_rw(); write_rcfile($rc); } + +/* Uses XMLRPC to synchronize the changes to a remote node */ +function squid_sync_on_changes() { + global $config, $g; + + log_error("[squid] xmlrpc sync is starting."); + $synconchanges = $config['installedpackages']['squidsync']['config'][0]['synconchanges']; + if(!$synconchanges) + return; + foreach ($config['installedpackages']['squidsync']['config'] as $rs ){ + foreach($rs['row'] as $sh){ + $sync_to_ip = $sh['ipaddress']; + $password = $sh['password']; + if($sh['username']) + $username = $sh['username']; + else + $username = 'admin'; + if($password && $sync_to_ip) + squid_do_xmlrpc_sync($sync_to_ip, $username, $password); + } + } + log_error("[squid] xmlrpc sync is ending."); +} +/* Do the actual XMLRPC sync */ +function squid_do_xmlrpc_sync($sync_to_ip, $username, $password) { + global $config, $g; + + if(!$username) + return; + + if(!$password) + return; + + if(!$sync_to_ip) + return; + + $xmlrpc_sync_neighbor = $sync_to_ip; + if($config['system']['webgui']['protocol'] != "") { + $synchronizetoip = $config['system']['webgui']['protocol']; + $synchronizetoip .= "://"; + } + $port = $config['system']['webgui']['port']; + /* if port is empty lets rely on the protocol selection */ + if($port == "") { + if($config['system']['webgui']['protocol'] == "http") + $port = "80"; + else + $port = "443"; + } + $synchronizetoip .= $sync_to_ip; + + /* xml will hold the sections to sync */ + $xml = array(); + $xml['squid'] = $config['installedpackages']['squid']; + $xml['squidupstream'] = $config['installedpackages']['squidupstream']; + $xml['squidcache'] = $config['installedpackages']['squidcache']; + $xml['squidnac'] = $config['installedpackages']['squidnac']; + $xml['squidtraffic'] = $config['installedpackages']['squidtraffic']; + $xml['squidreverse'] = $config['installedpackages']['squidreverse']; + $xml['squidauth'] = $config['installedpackages']['squidauth']; + $xml['squidusers'] = $config['installedpackages']['squidusers']; + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($xml) + ); + + /* set a few variables needed for sync code borrowed from filter.inc */ + $url = $synchronizetoip; + log_error("Beginning squid XMLRPC sync to {$url}:{$port}."); + $method = 'pfsense.merge_installedpackages_section_xmlrpc'; + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials($username, $password); + if($g['debug']) + $cli->setDebug(1); + /* send our XMLRPC message and timeout after 250 seconds */ + $resp = $cli->send($msg, "250"); + if(!$resp) { + $error = "A communications error occurred while attempting squid XMLRPC sync with {$url}:{$port}."; + log_error($error); + file_notice("sync_settings", $error, "squid Settings Sync", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, "250"); + $error = "An error code was received while attempting squid XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "squid Settings Sync", ""); + } else { + log_error("squid XMLRPC sync successfully completed with {$url}:{$port}."); + } + + /* tell squid to reload our settings on the destionation sync host. */ + $method = 'pfsense.exec_php'; + $execcmd = "require_once('/usr/local/pkg/squid.inc');\n"; + $execcmd .= "squid_resync();"; + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($execcmd) + ); + + log_error("squid XMLRPC reload data {$url}:{$port}."); + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials($username, $password); + $resp = $cli->send($msg, "250"); + if(!$resp) { + $error = "A communications error occurred while attempting squid XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; + log_error($error); + file_notice("sync_settings", $error, "squid Settings Sync", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, "250"); + $error = "An error code was received while attempting squid XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "squid Settings Sync", ""); + } else { + log_error("squid XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); + } + +} + ?> diff --git a/config/squid-reverse/squid.xml b/config/squid-reverse/squid.xml index 5cb5ea4a..2a7771b3 100644 --- a/config/squid-reverse/squid.xml +++ b/config/squid-reverse/squid.xml @@ -10,6 +10,7 @@ authng.xml part of pfSense (http://www.pfSense.com) Copyright (C) 2007 to whom it may belong + Copyright (C) 2012 Marcello Coutinho All rights reserved. Based on m0n0wall (http://m0n0.ch/wall) @@ -46,7 +47,7 @@ <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> <name>squid</name> - <version>2.7.STABLE9</version> + <version>3.1.STABLE19</version> <title>Proxy server: General settings</title> <include_file>/usr/local/pkg/squid.inc</include_file> <menu> @@ -55,6 +56,12 @@ <section>Services</section> <url>/pkg_edit.php?xml=squid.xml&id=0</url> </menu> + <menu> + <name>Reverse Proxy</name> + <tooltiptext>Modify the proxy reverse server's settings</tooltiptext> + <section>Services</section> + <url>/pkg_edit.php?xml=squid_reverse_general.xml&id=0</url> + </menu> <service> <name>squid</name> <rcfile>squid.sh</rcfile> @@ -68,15 +75,15 @@ <active/> </tab> <tab> - <text>Upstream Proxy</text> - <url>/pkg_edit.php?xml=squid_upstream.xml&id=0</url> + <text>Remote Cache</text> + <url>/pkg.php?xml=squid_upstream.xml</url> </tab> <tab> - <text>Cache Mgmt</text> + <text>Local Cache</text> <url>/pkg_edit.php?xml=squid_cache.xml&id=0</url> </tab> <tab> - <text>Access Control</text> + <text>ACLs</text> <url>/pkg_edit.php?xml=squid_nac.xml&id=0</url> </tab> <tab> @@ -84,17 +91,17 @@ <url>/pkg_edit.php?xml=squid_traffic.xml&id=0</url> </tab> <tab> - <text>Reverse Settings</text> - <url>/pkg_edit.php?xml=squid_reverse.xml&id=0</url> - </tab> - <tab> - <text>Auth Settings</text> + <text>Authentication</text> <url>/pkg_edit.php?xml=squid_auth.xml&id=0</url> </tab> <tab> - <text>Local Users</text> + <text>Users</text> <url>/pkg.php?xml=squid_users.xml</url> </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=squid_sync.xml</url> + </tab> </tabs> <!-- Installation --> <additional_files_needed> @@ -105,6 +112,31 @@ <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/squid-reverse/squid_reverse_general.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/squid-reverse/squid_reverse_peer.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/squid-reverse/squid_reverse_uri.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/squid-reverse/squid_reverse_sync.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/squid-reverse/squid_sync.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> <item>http://www.pfsense.org/packages/config/squid-reverse/squid_cache.xml</item> </additional_files_needed> <additional_files_needed> @@ -120,6 +152,11 @@ <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/squid-reverse/squid_ng.inc</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> <item>http://www.pfsense.org/packages/config/squid-reverse/squid_traffic.xml</item> </additional_files_needed> <additional_files_needed> @@ -135,6 +172,11 @@ <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/squid-reverse/squid_reverse.inc</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> <item>http://www.pfsense.org/packages/config/squid-reverse/squid_auth.xml</item> </additional_files_needed> <additional_files_needed> @@ -148,17 +190,16 @@ <item>http://www.pfsense.org/packages/config/squid-reverse/proxy_monitor.sh</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/squid-reverse/squid_cache.xml</item> - </additional_files_needed> - <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> <item>http://www.pfsense.org/packages/config/squid-reverse/swapstate_check.php</item> </additional_files_needed> <fields> <field> + <name>Squid General Settings</name> + <type>listtopic</type> + </field> + <field> <fielddescr>Proxy interface</fielddescr> <fieldname>active_interface</fieldname> <description>The interface(s) the proxy server will bind to.</description> @@ -168,6 +209,23 @@ <multiple/> </field> <field> + <fielddescr>Proxy port</fielddescr> + <fieldname>proxy_port</fieldname> + <description>This is the port the proxy server will listen on.</description> + <type>input</type> + <size>5</size> + <required/> + <default_value>3128</default_value> + </field> + <field> + <fielddescr>ICP port</fielddescr> + <fieldname>icp_port</fieldname> + <description>This is the port the Proxy Server will send and receive ICP queries to and from neighbor caches. Leave this blank if you don't want the proxy server to communicate with neighbor caches through ICP.</description> + <type>input</type> + <size>5</size> + </field> + + <field> <fielddescr>Allow users on interface</fielddescr> <fieldname>allow_interface</fieldname> <description>If this field is checked, the users connected to the interface selected in the 'Proxy interface' field will be allowed to use the proxy, i.e., there will be no need to add the interface's subnet to the list of allowed subnets. This is just a shortcut.</description> @@ -178,12 +236,21 @@ <field> <fielddescr>Transparent proxy</fielddescr> <fieldname>transparent_proxy</fieldname> - <description>If transparent mode is enabled, all requests for destination port 80 will be forwarded to the proxy server without any additional configuration necessary.</description> + <description><![CDATA[Enable transparent mode to forward all requests for destination port 80 to the proxy server without any additional configuration necessary.<br> + <strong>NOTE:</strong> Transparent mode does not filter ssl(port 443) or any other http/https port.<br> + To filter both http and https protocol without touching user config, enable WPAD/PAC options on your dns/dhcp.]]></description> <type>checkbox</type> <enablefields>private_subnet_proxy_off,defined_ip_proxy_off,defined_ip_proxy_off_dest</enablefields> <required/> </field> <field> + <fielddescr>Patch captive portal</fielddescr> + <fieldname>patch_cp</fieldname> + <description><![CDATA[Enable this option to force captive portal to non transparent proxy users.<br> + <strong>NOTE:</strong> You may need to reapply captive portal config after changing this option.]]></description> + <type>checkbox</type> + </field> + <field> <fielddescr>Bypass proxy for Private Address Space (RFC 1918) destination</fielddescr> <fieldname>private_subnet_proxy_off</fieldname> <description>Do not forward traffic to Private Address Space (RFC 1918) <b>destination</b> through the proxy server but directly through the firewall.</description> @@ -194,14 +261,25 @@ <fieldname>defined_ip_proxy_off</fieldname> <description>Do not forward traffic from these <b>source</b> IPs, CIDR nets, hostnames, or aliases through the proxy server but directly through the firewall. Separate by semi-colons (;). [Applies only to transparent mode]</description> <type>input</type> - <size>80</size> + <size>70</size> </field> <field> <fielddescr>Bypass proxy for these destination IPs</fielddescr> <fieldname>defined_ip_proxy_off_dest</fieldname> <description>Do not proxy traffic going to these <b>destination</b> IPs, CIDR nets, hostnames, or aliases, but let it pass directly through the firewall. Separate by semi-colons (;). [Applies only to transparent mode]</description> <type>input</type> - <size>80</size> + <size>70</size> + </field> + <field> + <fielddescr>Use alternate DNS-servers for the proxy-server</fielddescr> + <fieldname>dns_nameservers</fieldname> + <description>If you want to use other DNS-servers than the DNS-forwarder, enter the IPs here, separated by semi-colons (;).</description> + <type>input</type> + <size>70</size> + </field> + <field> + <name>Logging Settings</name> + <type>listtopic</type> </field> <field> <fielddescr>Enabled logging</fielddescr> @@ -227,22 +305,6 @@ <size>5</size> </field> <field> - <fielddescr>Proxy port</fielddescr> - <fieldname>proxy_port</fieldname> - <description>This is the port the proxy server will listen on.</description> - <type>input</type> - <size>5</size> - <required/> - <default_value>3128</default_value> - </field> - <field> - <fielddescr>ICP port</fielddescr> - <fieldname>icp_port</fieldname> - <description>This is the port the Proxy Server will send and receive ICP queries to and from neighbor caches. Leave this blank if you don't want the proxy server to communicate with neighbor caches through ICP.</description> - <type>input</type> - <size>5</size> - </field> - <field> <fielddescr>Visible hostname</fielddescr> <fieldname>visible_hostname</fieldname> <description>This is the URL to be displayed in proxy server error messages.</description> @@ -307,26 +369,33 @@ </options> </field> <field> - <fielddescr>Use alternate DNS-servers for the proxy-server</fielddescr> - <fieldname>dns_nameservers</fieldname> - <description>If you want to use other DNS-servers than the DNS-forwarder, enter the IPs here, separated by semi-colons (;).</description> - <type>input</type> - <size>60</size> - </field> - <field> <fielddescr>Suppress Squid Version</fielddescr> <fieldname>disable_squidversion</fieldname> <description>If set, suppress Squid version string info in HTTP headers and HTML error pages.</description> <type>checkbox</type> </field> - <field> - <fielddescr>Custom Options</fielddescr> + <field> + <name>Custom Settings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Integrations</fielddescr> <fieldname>custom_options</fieldname> - <description>You can put your own custom options here, separated by semi-colons (;). They'll be added to the configuration. They need to be squid.conf native options, otherwise squid will NOT work.</description> + <description><![CDATA[Squid options added from packages like squidguard or havp for squid integration.]]></description> <type>textarea</type> - <cols>65</cols> + <cols>78</cols> <rows>5</rows> </field> + <field> + <fielddescr>Custom Options</fielddescr> + <fieldname>custom_options_squid3</fieldname> + <description><![CDATA[Put your own custom options here,one per line. They'll be added to the configuration.<br> + <strong>They need to be squid.conf native options, otherwise squid will NOT work.</strong>]]></description> + <type>textarea</type> + <encoding>base64</encoding> + <cols>78</cols> + <rows>10</rows> + </field> </fields> <custom_php_command_before_form> squid_before_form_general(&$pkg); @@ -339,7 +408,7 @@ </custom_php_validation_command> <custom_php_resync_config_command> squid_resync(); - exec("/bin/rm -f /usr/local/etc/rc.d/squid"); + unlink_if_exists("/usr/local/etc/rc.d/squid"); </custom_php_resync_config_command> <custom_php_install_command> update_status("Checking Squid cache... One moment please..."); diff --git a/config/squid-reverse/squid_auth.xml b/config/squid-reverse/squid_auth.xml index 8d6e046e..43cbe7ea 100644 --- a/config/squid-reverse/squid_auth.xml +++ b/config/squid-reverse/squid_auth.xml @@ -48,22 +48,22 @@ <name>squidauth</name> <version>none</version> <title>Proxy server: Authentication</title> - <include_file>squid.inc</include_file> + <include_file>/usr/local/pkg/squid.inc</include_file> <tabs> <tab> <text>General</text> <url>/pkg_edit.php?xml=squid.xml&id=0</url> </tab> <tab> - <text>Upstream Proxy</text> - <url>/pkg_edit.php?xml=squid_upstream.xml&id=0</url> + <text>Remote Cache</text> + <url>/pkg.php?xml=squid_upstream.xml</url> </tab> <tab> - <text>Cache Mgmt</text> + <text>Local Cache</text> <url>/pkg_edit.php?xml=squid_cache.xml&id=0</url> </tab> <tab> - <text>Access Control</text> + <text>ACLs</text> <url>/pkg_edit.php?xml=squid_nac.xml&id=0</url> </tab> <tab> @@ -71,21 +71,25 @@ <url>/pkg_edit.php?xml=squid_traffic.xml&id=0</url> </tab> <tab> - <text>Reverse Settings</text> - <url>/pkg_edit.php?xml=squid_reverse.xml&id=0</url> - </tab> - <tab> - <text>Auth Settings</text> + <text>Authentication</text> <url>/pkg_edit.php?xml=squid_auth.xml&id=0</url> <active/> </tab> <tab> - <text>Local Users</text> + <text>Users</text> <url>/pkg.php?xml=squid_users.xml</url> </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=squid_sync.xml</url> + </tab> </tabs> <fields> <field> + <name>Squid Authentication General Settings</name> + <type>listtopic</type> + </field> + <field> <fielddescr>Authentication method</fielddescr> <fieldname>auth_method</fieldname> <description>Select an authentication method. This will allow users to be authenticated by local or external services.</description> @@ -102,17 +106,6 @@ <onchange>on_auth_method_changed()</onchange> </field> <field> - <fielddescr>LDAP version</fielddescr> - <fieldname>ldap_version</fieldname> - <description>Enter LDAP protocol version (2 or 3).</description> - <type>select</type> - <default_value>2</default_value> - <options> - <option><name>2</name><value>2</value></option> - <option><name>3</name><value>3</value></option> - </options> - </field> - <field> <fielddescr>Authentication server</fielddescr> <fieldname>auth_server</fieldname> <description>Enter here the IP or hostname of the server that will perform the authentication.</description> @@ -127,11 +120,57 @@ <size>60</size> </field> <field> - <fielddescr>NT domain</fielddescr> - <fieldname>auth_ntdomain</fieldname> - <description>Enter here the NT domain.</description> + <fielddescr>Authentication prompt</fielddescr> + <fieldname>auth_prompt</fieldname> + <description>This string will be displayed at the top of the authentication request window.</description> + <type>input</type> + <default_value>Please enter your credentials to access the proxy</default_value> + </field> + <field> + <fielddescr>Authentication processes</fielddescr> + <fieldname>auth_processes</fieldname> + <description>The number of authenticator processes to spawn. If many authentications are expected within a short timeframe, increase this number accordingly.</description> <type>input</type> <size>60</size> + <default_value>5</default_value> + </field> + <field> + <fielddescr>Authentication TTL</fielddescr> + <fieldname>auth_ttl</fieldname> + <description>This specifies for how long (in minutes) the proxy server assumes an externally validated username and password combination is valid (Time To Live). When the TTL expires, the user will be prompted for credentials again.</description> + <type>input</type> + <size>60</size> + <default_value>60</default_value> + </field> + <field> + <fielddescr>Requiere authentication for unrestricted hosts</fielddescr> + <fieldname>unrestricted_auth</fieldname> + <description>If this option is enabled, even users tagged as unrestricted through access control are required to authenticate to use the proxy.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Subnets that don't need authentication</fielddescr> + <fieldname>no_auth_hosts</fieldname> + <description>Enter each subnet or IP address on a new line (in CIDR format, e.g.: 10.5.0.0/16, 192.168.1.50/32) that should not be asked for authentication to access the proxy.</description> + <type>textarea</type> + <cols>50</cols> + <rows>5</rows> + <encoding>base64</encoding> + </field> + <field> + <name>Squid Authentication Ldap Settings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>LDAP version</fielddescr> + <fieldname>ldap_version</fieldname> + <description>Enter LDAP protocol version (2 or 3).</description> + <type>select</type> + <default_value>2</default_value> + <options> + <option><name>2</name><value>2</value></option> + <option><name>3</name><value>3</value></option> + </options> </field> <field> <fielddescr>LDAP server user DN</fielddescr> @@ -171,10 +210,14 @@ <default_value>(&(objectClass=person)(uid=%s))</default_value> </field> <field> - <fielddescr>RADIUS secret</fielddescr> - <fieldname>radius_secret</fieldname> - <description>The RADIUS secret for RADIUS authentication.</description> - <type>password</type> + <name>Squid Authentication NT Domain Settings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>NT domain</fielddescr> + <fieldname>auth_ntdomain</fieldname> + <description>Enter here the NT domain.</description> + <type>input</type> <size>60</size> </field> <field> @@ -185,42 +228,15 @@ <size>60</size> </field> <field> - <fielddescr>Authentication prompt</fielddescr> - <fieldname>auth_prompt</fieldname> - <description>This string will be displayed at the top of the authentication request window.</description> - <type>input</type> - <default_value>Please enter your credentials to access the proxy</default_value> - </field> - <field> - <fielddescr>Authentication processes</fielddescr> - <fieldname>auth_processes</fieldname> - <description>The number of authenticator processes to spawn. If many authentications are expected within a short timeframe, increase this number accordingly.</description> - <type>input</type> - <size>60</size> - <default_value>5</default_value> + <name>Squid Authentication Radius Settings</name> + <type>listtopic</type> </field> <field> - <fielddescr>Authentication TTL</fielddescr> - <fieldname>auth_ttl</fieldname> - <description>This specifies for how long (in minutes) the proxy server assumes an externally validated username and password combination is valid (Time To Live). When the TTL expires, the user will be prompted for credentials again.</description> - <type>input</type> + <fielddescr>RADIUS secret</fielddescr> + <fieldname>radius_secret</fieldname> + <description>The RADIUS secret for RADIUS authentication.</description> + <type>password</type> <size>60</size> - <default_value>60</default_value> - </field> - <field> - <fielddescr>Requiere authentication for unrestricted hosts</fielddescr> - <fieldname>unrestricted_auth</fieldname> - <description>If this option is enabled, even users tagged as unrestricted through access control are required to authenticate to use the proxy.</description> - <type>checkbox</type> - </field> - <field> - <fielddescr>Subnets that don't need authentication</fielddescr> - <fieldname>no_auth_hosts</fieldname> - <description>Enter each subnet or IP address on a new line (in CIDR format, e.g.: 10.5.0.0/16, 192.168.1.50/32) that should not be asked for authentication to access the proxy.</description> - <type>textarea</type> - <cols>50</cols> - <rows>5</rows> - <encoding>base64</encoding> </field> </fields> <custom_php_validation_command> diff --git a/config/squid-reverse/squid_cache.xml b/config/squid-reverse/squid_cache.xml index beafa5dd..c00322cf 100644 --- a/config/squid-reverse/squid_cache.xml +++ b/config/squid-reverse/squid_cache.xml @@ -48,23 +48,23 @@ <name>squidcache</name> <version>none</version> <title>Proxy server: Cache management</title> - <include_file>squid.inc</include_file> + <include_file>/usr/local/pkg/squid.inc</include_file> <tabs> - <tab> +<tab> <text>General</text> <url>/pkg_edit.php?xml=squid.xml&id=0</url> </tab> <tab> - <text>Upstream Proxy</text> - <url>/pkg_edit.php?xml=squid_upstream.xml&id=0</url> + <text>Remote Cache</text> + <url>/pkg.php?xml=squid_upstream.xml</url> </tab> <tab> - <text>Cache Mgmt</text> + <text>Local Cache</text> <url>/pkg_edit.php?xml=squid_cache.xml&id=0</url> <active/> </tab> <tab> - <text>Access Control</text> + <text>ACLs</text> <url>/pkg_edit.php?xml=squid_nac.xml&id=0</url> </tab> <tab> @@ -72,25 +72,86 @@ <url>/pkg_edit.php?xml=squid_traffic.xml&id=0</url> </tab> <tab> - <text>Reverse Settings</text> - <url>/pkg_edit.php?xml=squid_reverse.xml&id=0</url> - </tab> - <tab> - <text>Auth Settings</text> + <text>Authentication</text> <url>/pkg_edit.php?xml=squid_auth.xml&id=0</url> </tab> <tab> - <text>Local Users</text> + <text>Users</text> <url>/pkg.php?xml=squid_users.xml</url> </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=squid_sync.xml</url> + </tab> </tabs> <fields> <field> + <name>Squid Cache General Settings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Cache replacement policy</fielddescr> + <fieldname>cache_replacement_policy</fieldname> + <description>The cache replacement policy decides which objects will remain in cache and which objects are replaced to create space for the new objects. The default policy for cache replacement is LFUDA. Please see the type descriptions specified in the memory replacement policy for additional detail.</description> + <type>select</type> + <default_value>heap LFUDA</default_value> + <options> + <option><name>LRU</name><value>lru</value></option> + <option><name>Heap LFUDA</name><value>heap LFUDA</value></option> + <option><name>Heap GDSF</name><value>heap GDSF</value></option> + <option><name>Heap LRU</name><value>heap LRU</value></option> + </options> + </field> + <field> + <fielddescr>Low-water-mark in %</fielddescr> + <fieldname>cache_swap_low</fieldname> + <description>Cache replacement begins when the swap usage is above the low-low-water mark and attempts to maintain utilisation near the low-water-mark.</description> + <type>input</type> + <size>5</size> + <default_value>90</default_value> + </field> + <field> + <fielddescr>High-water-mark in %</fielddescr> + <fieldname>cache_swap_high</fieldname> + <description>As swap utilisation gets close to the high-water-mark object eviction becomes more aggressive.</description> + <type>input</type> + <size>5</size> + <default_value>95</default_value> + </field> + <field> + <fielddescr>Do not cache</fielddescr> + <fieldname>donotcache</fieldname> + <description>Enter each domain or IP address on a new line that should never be cached.</description> + <type>textarea</type> + <cols>50</cols> + <rows>5</rows> + <encoding>base64</encoding> + </field> + <field> + <fielddescr>Enable offline mode</fielddescr> + <fieldname>enable_offline</fieldname> + <description>Enable this option and the proxy server will never try to validate cached objects. The offline mode gives access to more cached information than the proposed feature would allow (stale cached versions, where the origin server should have been contacted).</description> + <type>checkbox</type> + <required/> + </field> + <field> + <fielddescr>External Cache-Managers</fielddescr> + <fieldname>ext_cachemanager</fieldname> + <description>Enter the IPs for the external Cache Managers to be allowed here, separated by semi-colons (;).</description> + <type>input</type> + <size>60</size> + </field> + <field> + <name>Squid Hard disk cacheSettings</name> + <type>listtopic</type> + </field> + <field> <fielddescr>Hard disk cache size</fielddescr> <fieldname>harddisk_cache_size</fieldname> <description>This is the amount of disk space (in megabytes) to use for cached objects.</description> <type>input</type> <required/> + <size>10</size> <default_value>100</default_value> </field> <field> @@ -107,6 +168,22 @@ </options> </field> <field> + <fielddescr>Level 1 subdirectories</fielddescr> + <fieldname>level1_subdirs</fieldname> + <description>Each level-1 directory contains 256 subdirectories, so a value of 256 level-1 directories will use a total of 65536 directories for the hard disk cache. This will significantly slow down the startup process of the proxy service, but can speed up the caching under certain conditions.</description> + <type>select</type> + <default_value>16</default_value> + <options> + <option><name>4</name><value>4</value></option> + <option><name>8</name><value>8</value></option> + <option><name>16</name><value>16</value></option> + <option><name>32</name><value>32</value></option> + <option><name>64</name><value>64</value></option> + <option><name>128</name><value>128</value></option> + <option><name>256</name><value>256</value></option> + </options> + </field> + <field> <fielddescr>Hard disk cache location</fielddescr> <fieldname>harddisk_cache_location</fieldname> <description>This is the directory where the cache will be stored. (note: do not end with a /). If you change this location, squid needs to make a new cache, this could take a while</description> @@ -116,19 +193,12 @@ <default_value>/var/squid/cache</default_value> </field> <field> - <fielddescr>Memory cache size</fielddescr> - <fieldname>memory_cache_size</fieldname> - <description>This is the amount of physical RAM (in megabytes) to be used for negative cache and in-transit objects. This value should not exceed more than 50% of the installed RAM. The minimum value is 1MB.</description> - <type>input</type> - <required/> - <default_value>8</default_value> - </field> - <field> <fielddescr>Minimum object size</fielddescr> <fieldname>minimum_object_size</fieldname> <description>Objects smaller than the size specified (in kilobytes) will not be saved on disk. The default value is 0, meaning there is no minimum.</description> <type>input</type> <required /> + <size>10</size> <default_value>0</default_value> </field> <field> @@ -137,33 +207,32 @@ <description>Objects larger than the size specified (in kilobytes) will not be saved on disk. If you wish to increase speed more than you want to save bandwidth, this should be set to a low value.</description> <type>input</type> <required/> + <size>10</size> <default_value>4</default_value> </field> <field> + <name>Squid Memory Cache Settings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Memory cache size</fielddescr> + <fieldname>memory_cache_size</fieldname> + <description>This is the amount of physical RAM (in megabytes) to be used for negative cache and in-transit objects. This value should not exceed more than 50% of the installed RAM. The minimum value is 1MB.</description> + <type>input</type> + <size>10</size> + <required/> + <default_value>8</default_value> + </field> + <field> <fielddescr>Maximum object size in RAM</fielddescr> <fieldname>maximum_objsize_in_mem</fieldname> <description>Objects smaller than the size specified (in kilobytes) will be saved in RAM. Default is 32.</description> <type>input</type> + <size>10</size> <required/> <default_value>32</default_value> </field> <field> - <fielddescr>Level 1 subdirectories</fielddescr> - <fieldname>level1_subdirs</fieldname> - <description>Each level-1 directory contains 256 subdirectories, so a value of 256 level-1 directories will use a total of 65536 directories for the hard disk cache. This will significantly slow down the startup process of the proxy service, but can speed up the caching under certain conditions.</description> - <type>select</type> - <default_value>16</default_value> - <options> - <option><name>4</name><value>4</value></option> - <option><name>8</name><value>8</value></option> - <option><name>16</name><value>16</value></option> - <option><name>32</name><value>32</value></option> - <option><name>64</name><value>64</value></option> - <option><name>128</name><value>128</value></option> - <option><name>256</name><value>256</value></option> - </options> - </field> - <field> <fielddescr>Memory replacement policy</fielddescr> <fieldname>memory_replacement_policy</fieldname> <description>The memory replacement policy determines which objects are purged from memory when space is needed. The default policy for memory replacement is GDSF. <p> <b> LRU: Last Recently Used Policy </b> - The LRU policies keep recently referenced objects. i.e., it replaces the object that has not been accessed for the longest time. <p> <b> Heap GDSF: Greedy-Dual Size Frequency </b> - The Heap GDSF policy optimizes object-hit rate by keeping smaller, popular objects in cache. It achieves a lower byte hit rate than LFUDA though, since it evicts larger (possibly popular) objects. <p> <b> Heap LFUDA: Least Frequently Used with Dynamic Aging </b> - The Heap LFUDA policy keeps popular objects in cache regardless of their size and thus optimizes byte hit rate at the expense of hit rate since one large, popular object will prevent many smaller, slightly less popular objects from being cached. <p> <b> Heap LRU: Last Recently Used </b> - Works like LRU, but uses a heap instead. <p> Note: If using the LFUDA replacement policy, the value of Maximum Object Size should be increased above its default of 12KB to maximize the potential byte hit rate improvement of LFUDA.</description> @@ -177,48 +246,36 @@ </options> </field> <field> - <fielddescr>Cache replacement policy</fielddescr> - <fieldname>cache_replacement_policy</fieldname> - <description>The cache replacement policy decides which objects will remain in cache and which objects are replaced to create space for the new objects. The default policy for cache replacement is LFUDA. Please see the type descriptions specified in the memory replacement policy for additional detail.</description> - <type>select</type> - <default_value>heap LFUDA</default_value> - <options> - <option><name>LRU</name><value>lru</value></option> - <option><name>Heap LFUDA</name><value>heap LFUDA</value></option> - <option><name>Heap GDSF</name><value>heap GDSF</value></option> - <option><name>Heap LRU</name><value>heap LRU</value></option> - </options> - </field> - <field> - <fielddescr>Low-water-mark in %</fielddescr> - <fieldname>cache_swap_low</fieldname> - <description>Cache replacement begins when the swap usage is above the low-low-water mark and attempts to maintain utilisation near the low-water-mark.</description> - <type>input</type> - <default_value>90</default_value> - </field> - <field> - <fielddescr>High-water-mark in %</fielddescr> - <fieldname>cache_swap_high</fieldname> - <description>As swap utilisation gets close to the high-water-mark object eviction becomes more aggressive.</description> - <type>input</type> - <default_value>95</default_value> + <name>Dynamic and Update Content</name> + <type>listtopic</type> </field> <field> - <fielddescr>Do not cache</fielddescr> - <fieldname>donotcache</fieldname> - <description>Enter each domain or IP address on a new line that should never be cached.</description> - <type>textarea</type> - <cols>50</cols> - <rows>5</rows> - <encoding>base64</encoding> - </field> - <field> - <fielddescr>Enable offline mode</fielddescr> - <fieldname>enable_offline</fieldname> - <description>Enable this option and the proxy server will never try to validate cached objects. The offline mode gives access to more cached information than the proposed feature would allow (stale cached versions, where the origin server should have been contacted).</description> + <fielddescr>Cache Dynamic Content</fielddescr> + <fieldname>cache_dynamic_content</fieldname> + <description><![CDATA[Select this option to <a target=_new href='http://wiki.squid-cache.org/ConfigExamples/DynamicContent'>enable caching of dynamic content.</a><br> + ]]></description> <type>checkbox</type> - <required/> + <size>10</size> </field> + <field> + <fielddescr>Refresh Patterns</fielddescr> + <fieldname>refresh_patterns</fieldname> + <description><![CDATA[With dynamic cache enabled, you can also apply squid wiki refresh_patterns to sites like <a target=_new href='http://wiki.squid-cache.org/ConfigExamples/DynamicContent/YouTube'>Youtube</a> and <a target=_new href='http://wiki.squid-cache.org/SquidFaq/WindowsUpdate'>windowsupdate</a><br> + <br><strong>Notes:</strong><br> + Squid wiki suggests 'Finish transfer if less than x KB remaining' on 'traffic mgmt' squid tab to -1 but you can apply your own values to control cache.<br><br> + set Maximum download size on 'traffic mgmt' squid tab to a value that fits patterns your are applying.<br>Microsoft may need 200Mb and youtube 4GB.]]></description> + <type>select</type> + <default_value>none</default_value> + <options> + <option><name>Youtube</name><value>youtube</value></option> + <option><name>Windows Update</name><value>windows</value></option> + <option><name>Symantec Antivirus</name><value>symantec</value></option> + <option><name>Avira</name><value>avira</value></option> + <option><name>Avast</name><value>avast</value></option> + </options> + <multiple/> + <size>06</size> + </field> </fields> <custom_php_command_before_form> if($_POST['harddisk_cache_size'] != $config['installedpackages']['squidcache']['config'][0]['harddisk_cache_size']) { diff --git a/config/squid-reverse/squid_monitor.php b/config/squid-reverse/squid_monitor.php new file mode 100644 index 00000000..da293358 --- /dev/null +++ b/config/squid-reverse/squid_monitor.php @@ -0,0 +1,162 @@ +<?php +/* $Id$ */ +/* ========================================================================== */ +/* + squid_monitor.php + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 ccesario @ pfsense forum + All rights reserved. + +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + +require_once("/etc/inc/util.inc"); +require_once("/etc/inc/functions.inc"); +require_once("/etc/inc/pkg-utils.inc"); +require_once("/etc/inc/globals.inc"); +require_once("guiconfig.inc"); + +$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); +if(strstr($pfSversion, "1.2")) + $one_two = true; + +$pgtitle = "Status: Proxy Monitor"; +include("head.inc"); +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> + +<?php include("fbegin.inc"); ?> + +<?php if($one_two): ?> + + <p class="pgtitle"><?=$pgtitle?></font></p> + +<?php endif; ?> + +<?php if ($savemsg) print_info_box($savemsg); ?> + +<!-- Function to call programs logs --> +<script language="JavaScript"> + function showLog(content,url,program) + { + new PeriodicalExecuter(function(pe) { + new Ajax.Updater(content, url, { + method: 'post', + asynchronous: true, + evalScripts: true, + parameters: { maxlines: $('maxlines').getValue(), + strfilter: $('strfilter').getValue(), + program: program } + }) + }, 1) + } +</script> + + +<div id="mainarea" style="padding-top: 0px; padding-bottom: 0px; "> + <form id="paramsForm" name="paramsForm" method="post"> + <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="6"> + <tbody> + <tr> + <td width="22%" valign="top" class="vncellreq">Max lines:</td> + <td width="78%" class="vtable"> + <select name="maxlines" id="maxlines"> + <option value="5">5 lines</option> + <option value="10" selected="selected">10 lines</option> + <option value="15">15 lines</option> + <option value="20">20 lines</option> + <option value="25">25 lines</option> + <option value="30">30 lines</option> + </select> + <br/> + <span class="vexpl"> + Max. lines to be displayed. + </span> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq">String filter:</td> + <td width="78%" class="vtable"> + <input name="strfilter" type="text" class="formfld search" id="strfilter" size="50" value=""> + <br/> + <span class="vexpl"> + Enter the string filter: eg. username or ip addr or url. + </span> + </td> + </tr> + </tbody> + </table> + </form> + + <!-- Squid Table --> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tbody> + <tr> + <td> + <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0"> + <tr> + <td colspan="6" class="listtopic"><center><?=gettext("Squid Logs"); ?><center></td> + </tr> + <tbody id="squidView"> + <script language="JavaScript"> + // Call function to show squid log + showLog('squidView', 'squid_monitor_data.php','squid'); + </script> + </tbody> + </table> + </td> + </tr> + </tbody> + </table> + + <!-- SquidGuard Table --> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tbody> + <tr> + <td> + <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0"> + <tr> + <td colspan="5" class="listtopic"><center><?=gettext("SquidGuard Logs"); ?><center></td> + </tr> + <tbody id="sguardView"> + <script language="JavaScript"> + // Call function to show squidGuard log + showLog('sguardView', 'squid_monitor_data.php','sguard'); + </script> + </tbody> + </table> + </td> + </tr> + </tbody> + </table> +</div> + +<?php +include("fend.inc"); +?> + +</body> +</html> diff --git a/config/squid-reverse/squid_monitor_data.php b/config/squid-reverse/squid_monitor_data.php new file mode 100644 index 00000000..12d2a34a --- /dev/null +++ b/config/squid-reverse/squid_monitor_data.php @@ -0,0 +1,189 @@ +<?php +/* $Id$ */ +/* ========================================================================== */ +/* + squid_monitor.php + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 ccesario @ pfsense forum + All rights reserved. + +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + +# ------------------------------------------------------------------------------ +# Defines +# ------------------------------------------------------------------------------ +require_once("guiconfig.inc"); + +# ------------------------------------------------------------------------------ +# Requests +# ------------------------------------------------------------------------------ +if ($_POST) { + # Actions + switch (strtolower($_POST['program'])) { + case 'squid': + showSquid(); + break; + case 'sguard'; + showSGuard(); + break; + } +} + +# ------------------------------------------------------------------------------ +# Functions +# ------------------------------------------------------------------------------ + +// From SquidGuard Package +function html_autowrap($cont) +{ + # split strings + $p = 0; + $pstep = 25; + $str = $cont; + $cont = ''; + for ( $p = 0; $p < strlen($str); $p += $pstep ) { + $s = substr( $str, $p, $pstep ); + if ( !$s ) break; + $cont .= $s . "<wbr/>"; + } + return $cont; +} + + +// Show Squid Logs +function showSquid() { + // Define log file + $squid_log='/var/squid/logs/access.log'; + + echo "<tr valign=\"top\">\n"; + echo "<td class=\"listhdrr\">".gettext("Date")."</td>\n"; + echo "<td class=\"listhdrr\">".gettext("IP")."</td>\n"; + echo "<td class=\"listhdrr\">".gettext("Status")."</td>\n"; + echo "<td class=\"listhdrr\">".gettext("Address")."</td>\n"; + echo "<td class=\"listhdrr\">".gettext("User")."</td>\n"; + echo "<td class=\"listhdrr\">".gettext("Destination")."</td>\n"; + echo "</tr>\n"; + + // Get Data from form post + $lines = $_POST['maxlines']; + $filter = $_POST['strfilter']; + + + // Get logs based in filter expression + if($filter != "") { + exec("tail -r -n $lines $squid_log | php -q parser_squid_log.php | grep -i ". escapeshellarg(htmlspecialchars($filter)), $logarr); + } + else { + exec("tail -r -n $lines $squid_log | php -q parser_squid_log.php", $logarr); + } + + // Print lines + foreach ($logarr as $logent) { + // Split line by space delimiter + $logline = preg_split("/\s+/", $logent); + + // Apply date format to first line + //$logline[0] = date("d.m.Y H:i:s",$logline[0]); + + // Word wrap the URL + $logline[7] = htmlentities($logline[7]); + $logline[7] = html_autowrap($logline[7]); + + // Remove /(slash) in destination row + $logline_dest = preg_split("/\//", $logline[9]); + + // Apply filter and color + // Need validate special chars + if ($filter != "") + $logline = preg_replace("/$filter/i","<spam><font color='red'>$filter</font></span>",$logline); + + + echo "<tr valign=\"top\">\n"; + echo "<td class=\"listlr\" nowrap>{$logline[0]} {$logline[1]}</td>\n"; + echo "<td class=\"listr\">{$logline[3]}</td>\n"; + echo "<td class=\"listr\">{$logline[4]}</td>\n"; + echo "<td class=\"listr\" width=\"*\">{$logline[7]}</td>\n"; + echo "<td class=\"listr\">{$logline[8]}</td>\n"; + echo "<td class=\"listr\">{$logline_dest[1]}</td>\n"; + echo "</tr>\n"; + } +} + +// Show SquidGuard Logs +function showSGuard() { + // Define log file + $sguard_log='/var/squidGuard/log/block.log'; + + echo "<tr valign=\"top\">\n"; + echo "<td class=\"listhdrr\">".gettext("Date-Time")."</td>\n"; + echo "<td class=\"listhdrr\">".gettext("ACL")."</td>\n"; + echo "<td class=\"listhdrr\">".gettext("Address")."</td>\n"; + echo "<td class=\"listhdrr\">".gettext("Host")."</td>\n"; + echo "<td class=\"listhdrr\">".gettext("User")."</td>\n"; + echo "</tr>\n"; + + // Get Data from form post + $lines = $_POST['maxlines']; + $filter = $_POST['strfilter']; + + // Get logs based in filter expression + if($filter != "") { + exec("tail -r -n $lines $sguard_log | grep -i ". escapeshellarg(htmlspecialchars($filter)), $logarr); + } + else { + exec("tail -r -n $lines $sguard_log", $logarr); + } + + + // Print lines + foreach ($logarr as $logent) { + // Split line by space delimiter + $logline = preg_split("/\s+/", $logent); + + // Apply time format + $logline[0] = date("d.m.Y", strtotime($logline[0])); + + // Word wrap the URL + $logline[4] = htmlentities($logline[4]); + $logline[4] = html_autowrap($logline[4]); + + + // Apply filter color + // Need validate special chars + if ($filter != "") + $logline = preg_replace("/$filter/","<spam><font color='red'>$filter</font></span>",$logline); + + echo "<tr>\n"; + echo "<td class=\"listlr\" nowrap>{$logline[0]} {$logline[1]}</td>\n"; + echo "<td class=\"listr\">{$logline[3]}</td>\n"; + echo "<td class=\"listr\" width=\"*\">{$logline[4]}</td>\n"; + echo "<td class=\"listr\">{$logline[5]}</td>\n"; + echo "<td class=\"listr\">{$logline[6]}</td>\n"; + echo "</tr>\n"; + } +} + +?> diff --git a/config/squid-reverse/squid_nac.xml b/config/squid-reverse/squid_nac.xml index 7b333141..c951b6f3 100644 --- a/config/squid-reverse/squid_nac.xml +++ b/config/squid-reverse/squid_nac.xml @@ -48,22 +48,22 @@ <name>squidnac</name> <version>none</version> <title>Proxy server: Access control</title> - <include_file>squid.inc</include_file> + <include_file>/usr/local/pkg/squid.inc</include_file> <tabs> - <tab> - <text>General</text> + <tab> + <text>General</text> <url>/pkg_edit.php?xml=squid.xml&id=0</url> </tab> <tab> - <text>Upstream Proxy</text> - <url>/pkg_edit.php?xml=squid_upstream.xml&id=0</url> + <text>Remote Cache</text> + <url>/pkg.php?xml=squid_upstream.xml</url> </tab> <tab> - <text>Cache Mgmt</text> + <text>Local Cache</text> <url>/pkg_edit.php?xml=squid_cache.xml&id=0</url> </tab> <tab> - <text>Access Control</text> + <text>ACLs</text> <url>/pkg_edit.php?xml=squid_nac.xml&id=0</url> <active/> </tab> @@ -72,20 +72,24 @@ <url>/pkg_edit.php?xml=squid_traffic.xml&id=0</url> </tab> <tab> - <text>Reverse Settings</text> - <url>/pkg_edit.php?xml=squid_reverse.xml&id=0</url> - </tab> - <tab> - <text>Auth Settings</text> + <text>Authentication</text> <url>/pkg_edit.php?xml=squid_auth.xml&id=0</url> </tab> <tab> - <text>Local Users</text> + <text>Users</text> <url>/pkg.php?xml=squid_users.xml</url> </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=squid_sync.xml</url> + </tab> </tabs> <fields> <field> + <name>Squid Access Control Lists</name> + <type>listtopic</type> + </field> + <field> <fielddescr>Allowed subnets</fielddescr> <fieldname>allowed_subnets</fieldname> <description>Enter each subnet on a new line that is allowed to use the proxy. The subnets must be expressed as CIDR ranges (e.g.: 192.168.1.0/24). Note that the proxy interface subnet is already an allowed subnet. All the other subnets won't be able to use the proxy.</description> @@ -131,12 +135,9 @@ <encoding>base64</encoding> </field> <field> - <fielddescr>External Cache-Managers</fielddescr> - <fieldname>ext_cachemanager</fieldname> - <description>Enter the IPs for the external Cache Managers to be allowed here, separated by semi-colons (;).</description> - <type>input</type> - <size>60</size> - </field> + <name>Squid Allowed ports</name> + <type>listtopic</type> + </field> <field> <fielddescr>acl safeports</fielddescr> <fieldname>addtl_ports</fieldname> diff --git a/config/squid-reverse/squid_reverse.inc b/config/squid-reverse/squid_reverse.inc new file mode 100644 index 00000000..b208b7b1 --- /dev/null +++ b/config/squid-reverse/squid_reverse.inc @@ -0,0 +1,181 @@ +<?php +/* $Id$ */ +/* + squid_reverse.inc + Copyright (C) 2012 Martin Fuchs + Copyright (C) 2012 Marcello Coutinho + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +function squid_resync_reverse() { + global $config; + //if(!is_array($valid_acls)) + // return; + + //CONFIG FILE + if (is_array($config['installedpackages']['squidreversegeneral'])) + $settings = $config['installedpackages']['squidreversegeneral']['config'][0]; + if (is_array($config['installedpackages']['squidreversepeer'])) + $reverse_peers=$config['installedpackages']['squidreversepeer']['config']; + if (is_array($config['installedpackages']['squidreverseuri'])) + $reverse_maps=$config['installedpackages']['squidreverseuri']['config']; + + $conf = "# Reverse Proxy settings\n"; + + if(isset($settings["reverse_ssl_cert"]) && $settings["reverse_ssl_cert"] != "none") { + $svr_cert = lookup_cert($settings["reverse_ssl_cert"]); + if ($svr_cert != false) { + if(base64_decode($svr_cert['crt'])) { + file_put_contents(SQUID_CONFBASE . "/{$settings["reverse_ssl_cert"]}.crt",sq_text_area_decode($svr_cert['crt'])); + $reverse_crt = SQUID_CONFBASE . "/{$settings["reverse_ssl_cert"]}.crt"; + } + if(base64_decode($svr_cert['prv'])) { + file_put_contents(SQUID_CONFBASE . "/{$settings["reverse_ssl_cert"]}.key",sq_text_area_decode($svr_cert['prv'])); + $reverse_key = SQUID_CONFBASE . "/{$settings["reverse_ssl_cert"]}.key"; + } + } + } + + if (!empty($settings['reverse_int_ca'])) + file_put_contents(SQUID_CONFBASE . "/{$settings["reverse_ssl_cert"]}.crt","\n" . sq_text_area_decode($settings['reverse_int_ca']),FILE_APPEND | LOCK_EX); + + $ifaces = ($settings['reverse_interface'] ? $settings['reverse_interface'] : 'wan'); + $real_ifaces = array(); + + #set HTTP port and defsite + $http_port=(empty($settings['reverse_http_port'])?"80":$settings['reverse_http_port']); + $http_defsite=(empty($settings['reverse_http_defsite'])?$settings['reverse_external_fqdn']:$settings['reverse_http_defsite']); + + #set HTTPS port and defsite + $https_port=(empty($settings['reverse_https_port'])?"80":$settings['reverse_https_port']); + $https_defsite=(empty($settings['reverse_https_defsite'])?$settings['reverse_external_fqdn']:$settings['reverse_https_defsite']); + + foreach (explode(",", $ifaces) as $i => $iface) { + $real_ifaces[] = squid_get_real_interface_address($iface); + if($real_ifaces[$i][0]) { + //HTTP + if (!empty($settings['reverse_http'])) + $conf .= "http_port {$real_ifaces[$i][0]}:{$http_port} accel defaultsite={$http_defsite} vhost\n"; + //HTTPS + if (!empty($settings['reverse_https'])) + $conf .= "https_port {$real_ifaces[$i][0]}:{$https_port} accel cert={$reverse_crt} key={$reverse_key} defaultsite={$https_defsite}\n"; + } + } + + if(!empty($settings['reverse_ip'])) { + $reverse_ip = explode(";", ($settings['reverse_ip'])); + foreach ($reverse_ip as $reip) { + //HTTP + if (!empty($settings['reverse_http'])) + $conf .= "http_port {$reip}:{$http_port} accel defaultsite={$http_defsite} vhost\n"; + //HTTPS + if (!empty($settings['reverse_https'])) + $conf .= "https_port {$reip}:{$https_port} accel cert={$reverse_crt} key={$reverse_key} defaultsite={$https_defsite}\n"; + } + } + + //PEERS + if (($settings['reverse_owa'] == 'on') && (!empty($settings['reverse_owa_ip']))) + $conf .= "cache_peer {$settings['reverse_owa_ip']} parent 443 0 proxy-only no-query originserver login=PASS connection-auth=on ssl sslflags=DONT_VERIFY_PEER front-end-https=on name=OWA_HOST_pfs\n"; + + $active_peers=array(); + if (is_array($reverse_peers)) + foreach ($reverse_peers as $rp){ + if ($rp['enable'] =="on" && $rp['name'] !="" && $rp['ip'] !="" && $rp['port'] !=""){ + $conf_peer = "#{$rp['description']}\n"; + $conf_peer .= "cache_peer {$rp['ip']} parent {$rp['port']} 0 proxy-only no-query originserver login=PASS "; + if($rp['protocol'] == 'HTTPS') + $conf_peer .= "ssl sslflags=DONT_VERIFY_PEER front-end-https=auto "; + $conf_peer .= "name={$rp['name']}\n\n"; + + // add peer only if reverse proxy is enabled for http + if($rp['protocol'] == 'HTTP' && $settings['reverse_http'] =="on"){ + $conf .= $conf_peer; + array_push($active_peers,$rp['name']); + } + // add peer only if if reverse proxy is enabled for https + if($rp['protocol'] == 'HTTPS' && $settings['reverse_https'] =="on"){ + $conf .= $conf_peer; + array_push($active_peers,$rp['name']); + } + } + } + + //ACLS and MAPPINGS + + //create an empty owa_dirs to populate based on user selected options + $owa_dirs=array(); + if (($settings['reverse_owa'] == 'on') && $settings['reverse_https'] =="on"){ + if(!empty($settings['reverse_owa_ip'])){ + array_push($owa_dirs,'owa','exchange','public','exchweb','ecp','OAB'); + if($settings['reverse_owa_activesync']) + array_push($owa_dirs,'Microsoft-Server-ActiveSync'); + if($settngs['reverse_owa_rpchttp']) + array_push($owa_dirs,'rpc/rpcproxy.dll','rpcwithcert/rpcproxy.dll'); + if($settings['reverse_owa_autodiscover']) + array_push($owa_dirs,'autodiscover'); + if($settings['reverse_owa_webservice']){ + array_push($owa_dirs,'EWS'); + $conf .= "ignore_expect_100 on\n"; + } + } + if (is_array($owa_dirs)) + foreach ($owa_dirs as $owa_dir) + $conf .= "acl OWA_URI_pfs url_regex -i ^https://{$settings['reverse_external_fqdn']}/$owa_dir.*$\n"; + } + //$conf .= "ssl_unclean_shutdown on"; + if (is_array($reverse_maps)) + foreach ($reverse_maps as $rm){ + if ($rm['enable'] == "on" && $rm['name']!="" && $rm['peers']!=""){ + if (is_array($rm['row'])) + foreach ($rm['row'] as $uri){ + $url_regex=($uri['vhost'] == ''?$settings['reverse_external_fqdn']:$uri['vhost']); + $conf .= "acl {$rm['name']} url_regex -i {$url_regex}/{$uri['uri']}.*$\n"; + $cache_peer_never_direct_conf .= "never_direct allow {$rm['name']}\n"; + $http_access_conf .= "http_access allow {$rm['name']}\n"; + foreach (explode(',',$rm['peers']) as $map_peer) + if (in_array($map_peer,$active_peers)){ + $cache_peer_allow_conf .= "cache_peer_access {$map_peer} allow {$rm['name']}\n"; + $cache_peer_deny_conf .= "cache_peer_access {$map_peer} deny allsrc\n"; + } + } + } + } + + //ACCESS + if ($settings['reverse_owa'] == 'on' && !empty($settings['reverse_owa_ip']) && $settings['reverse_https'] =="on") { + $conf .= "cache_peer_access OWA_HOST_pfs allow OWA_URI_pfs\n"; + $conf .= "cache_peer_access OWA_HOST_pfs deny allsrc\n"; + $conf .= "never_direct allow OWA_URI_pfs\n"; + $conf .= "http_access allow OWA_URI_pfs\n"; + } + + $conf .= $cache_peer_allow_conf.$cache_peer_deny_conf.$cache_peer_never_direct_conf.$http_access_conf."\n"; + + if (!empty($settings['deny_info_tcp_reset'])) + $conf .= "deny_info TCP_RESET allsrc\n"; + + return $conf; +} +?> diff --git a/config/squid-reverse/squid_reverse.xml b/config/squid-reverse/squid_reverse.xml index d921254f..ae0c0e8a 100644 --- a/config/squid-reverse/squid_reverse.xml +++ b/config/squid-reverse/squid_reverse.xml @@ -50,47 +50,50 @@ <title>Proxy server: Reverse Proxy</title> <include_file>squid.inc</include_file> <tabs> - <tab> +<tab> <text>General</text> <url>/pkg_edit.php?xml=squid.xml&id=0</url> </tab> <tab> - <text>Upstream Proxy</text> + <text>Upstream</text> <url>/pkg_edit.php?xml=squid_upstream.xml&id=0</url> </tab> <tab> - <text>Cache Mgmt</text> + <text>Cache</text> <url>/pkg_edit.php?xml=squid_cache.xml&id=0</url> </tab> <tab> - <text>Access Control</text> + <text>ACLs</text> <url>/pkg_edit.php?xml=squid_nac.xml&id=0</url> </tab> <tab> <text>Traffic Mgmt</text> <url>/pkg_edit.php?xml=squid_traffic.xml&id=0</url> - </tab> - <tab> - <text>Reverse Proxy</text> - <url>/pkg_edit.php?xml=squid_reverse.xml&id=0</url> - <active/> </tab> <tab> - <text>Reverse Settings</text> + <text>Reverse</text> <url>/pkg_edit.php?xml=squid_reverse.xml&id=0</url> <active/> - </tab> + </tab> <tab> - <text>Auth Settings</text> + <text>Authentication</text> <url>/pkg_edit.php?xml=squid_auth.xml&id=0</url> </tab> <tab> - <text>Local Users</text> + <text>Users</text> <url>/pkg.php?xml=squid_users.xml</url> </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=squid_sync.xml</url> + </tab> </tabs> <fields> <field> + <name>Squid Reverse proxy General Settings</name> + <type>listtopic</type> + </field> + <field> <fielddescr>Reverse Proxy interface</fielddescr> <fieldname>reverse_interface</fieldname> <description>The interface(s) the reverse-proxy server will bind to.</description> @@ -100,12 +103,30 @@ <multiple/> </field> <field> + <fielddescr>User-defined reverse-proxy IPs</fielddescr> + <fieldname>reverse_ip</fieldname> + <description>Squid will additionally bind to this user-defined IPs for reverse-proxy operation. Useful for virtual IPs such as CARP. Separate by semi-colons (;).</description> + <type>input</type> + <size>70</size> + </field> + <field> <fielddescr>external FQDN</fielddescr> <fieldname>reverse_external_fqdn</fieldname> <description>The external full-qualified-domain-name of the WAN address.</description> <type>input</type> <required/> - <size>80</size> + <size>70</size> + </field> + <field> + <fielddescr>Reset TCP connections if request is unauthorized</fielddescr> + <fieldname>deny_info_tcp_reset</fieldname> + <description>If this field is checked, the reverse-proxy will reset the TCP connection if the request is unauthorized.</description> + <type>checkbox</type> + <default_value>on</default_value> + </field> + <field> + <name>Squid Reverse HTTP Settings</name> + <type>listtopic</type> </field> <field> <fielddescr>Enable HTTP reverse mode</fielddescr> @@ -131,15 +152,19 @@ <type>input</type> <size>60</size> </field> - <field> + <field> + <name>Squid Reverse HTTPS Settings</name> + <type>listtopic</type> + </field> + <field> <fielddescr>Enable HTTPS reverse proxy</fielddescr> <fieldname>reverse_https</fieldname> - <description>If this field is checked, squid will act as an accelerator/SSL offload for Outlook Web Access.</description> + <description>If this field is checked, the proxy-server will act in HTTPS reverse mode. <br>(You have to add a rule with destination "WAN-address")</description> <type>checkbox</type> - <enablefields>reverse_https_port,reverse_https_defsite,reverse_ssl_cert,reverse_ignore_ssl_valid,reverse_ssl_chain</enablefields> + <enablefields>reverse_https_port,reverse_https_defsite,reverse_ssl_cert,reverse_int_ca,reverse_ignore_ssl_valid,reverse_owa,reverse_owa_ip,reverse_owa_webservice,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_autodiscover,reverse_ssl_chain</enablefields> <required/> <default_value>off</default_value> - </field> + </field> <field> <fielddescr>reverse HTTPS port</fielddescr> <fieldname>reverse_https_port</fieldname> @@ -159,12 +184,12 @@ <fielddescr>reverse SSL certificate</fielddescr> <fieldname>reverse_ssl_cert</fieldname> <description>Choose the SSL Server Certificate here.</description> - <type>select_source</type> - <source><![CDATA[squid_get_server_certs()]]></source> + <type>select_source</type> + <source><![CDATA[$config['cert']]]></source> <source_name>descr</source_name> <source_value>refid</source_value> </field> - <field> + <field> <fielddescr>intermediate CA certificate (if needed)</fielddescr> <fieldname>reverse_int_ca</fieldname> <description>Paste a signed certificate in X.509 PEM format here.</description> @@ -174,53 +199,62 @@ <encoding>base64</encoding> </field> <field> - <fielddescr>Reset TCP connections if request is unauthorized</fielddescr> - <fieldname>deny_info_tcp_reset</fieldname> - <description>If this field is checked, the reverse-proxy will reset the TCP connection if the request is unauthorized.</description> - <type>checkbox</type> - <default_value>on</default_value> - </field> - <field> <fielddescr>Ignore internal Certificate validation</fielddescr> <fieldname>reverse_ignore_ssl_valid</fieldname> <description>If this field is checked, internal certificate validation will be ignored.</description> <type>checkbox</type> <default_value>on</default_value> </field> - <field> + <field> <fielddescr>Enable OWA reverse proxy</fielddescr> <fieldname>reverse_owa</fieldname> - <description>If this field is checked, squid will act as an accelerator/SSL offload for Outlook Web Access.</description> + <description>If this field is checked, squid will act as an accelerator/ SSL offloader for Outlook Web App.</description> <type>checkbox</type> - <enablefields>reverse_owa_ip,reverse_owa_activesync,reverse_owa_rpchttp</enablefields> - </field> + <enablefields>reverse_owa_ip,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_webservice,reverse_owa_autodiscover</enablefields> + </field> <field> <fielddescr>OWA frontend IP address</fielddescr> <fieldname>reverse_owa_ip</fieldname> <description>This is the internal IP Address of the OWA frontend server.</description> <type>input</type> <size>15</size> - <default_value>localhost</default_value> </field> <field> <fielddescr>Enable ActiveSync</fielddescr> <fieldname>reverse_owa_activesync</fieldname> - <description>If this field is checked, ActiveSync support will be enabled.</description> + <description>If this field is checked, ActiveSync will be enabled.</description> <type>checkbox</type> </field> <field> <fielddescr>Enable Outlook Anywhere</fielddescr> <fieldname>reverse_owa_rpchttp</fieldname> - <description>If this field is checked, RPC over HTTP support will be enabled.</description> + <description>If this field is checked, RPC over HTTP will be enabled.</description> <type>checkbox</type> - <enablefields>extension_methods</enablefields> </field> - + <field> + <fielddescr>Enable Exchange WebServices</fielddescr> + <fieldname>reverse_owa_webservice</fieldname> + <description><![CDATA[If this field is checked, Exchange WebServices will be enabled.<br> + <strong>There are potential DoS side effects to its use, please avoid unless you must.</strong>]]></description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Enable AutoDiscover</fielddescr> + <fieldname>reverse_owa_autodiscover</fieldname> + <description>If this field is checked, AutoDiscover will be enabled.</description> + <type>checkbox</type> + </field> + <field> + <name>Squid Reverse Mappings</name> + <type>listtopic</type> + </field> <field> <fielddescr><b>peer definitions</b> <br>publishing hosts</fielddescr> <fieldname>reverse_cache_peer</fieldname> - <description>Enter each peer definition on a new line. Directives have to be separated by a semicolon(;). <br>syntax: [peer alias];[internal ip address];[port];[HTTP / HTTPS] <br>example: HOST1;192.168.0.1;80;HTTP <br><i>WRONG SYNTAX USAGE WILL RESULT IN SQUID NOT STARTING</i> - </description> + <description><![CDATA[Enter each peer definition on a new line. Directives have to be separated by a semicolon(;).<BR> + syntax: [peer alias];[internal ip address];[port];[HTTP / HTTPS]<br> + example: HOST1;192.168.0.1;80;HTTP<br> + <strong>WRONG SYNTAX USAGE WILL RESULT IN SQUID NOT STARTING</strong>]]></description> <type>textarea</type> <cols>60</cols> <rows>10</rows> @@ -228,9 +262,12 @@ </field> <field> <fielddescr><b>URI definitions</b> <br>published URIs</fielddescr> - <fieldname>revrse_uri</fieldname> - <description>Enter each reverse acl definition on a new line. Directives have to be separated by a semicolon(;).<br>syntax: [group the uri belongs to];[URI to publish](;[vhost fqdn]) <br>(a group can contain multiple URIs, without vhost fqdn the external fqdn is used, you also can specity http:// or https://) <br>example: URI1;public;server.pfsense.org. <br><i>WRONG SYNTAX USAGE WILL RESULT IN SQUID NOT STARTING</i> - </description> + <fieldname>reverse_uri</fieldname> + <description><![CDATA[Enter each reverse acl definition on a new line. Directives have to be separated by a semicolon(;)<BR> + syntax: [group the uri belongs to];[URI to publish](;[vhost fqdn]) <BR> + (a group can contain multiple URIs, without vhost fqdn the external fqdn is used, you also can specity http:// or https://)<BR> + example: URI1;public;server.pfsense.org.<BR> + <STRONG>WRONG SYNTAX USAGE WILL RESULT IN SQUID NOT STARTING</STRONG>]]></description> <type>textarea</type> <cols>60</cols> <rows>10</rows> @@ -239,8 +276,9 @@ <field> <fielddescr><b>ACL definitions</b> <br>published URIs</fielddescr> <fieldname>reverse_acl</fieldname> - <description>Enter each reverse acl definition on a new line. Directives have to be separated by a semicolon(;). <br>syntax: [peer alias];[uri group alias] <br>example: HOST1;URI1 <br><i>WRONG SYNTAX USAGE WILL RESULT IN SQUID NOT STARTING</i> - </description> + <description><![CDATA[Enter each reverse acl definition on a new line. Directives have to be separated by a semicolon(;). <br> + syntax: [peer alias];[uri group alias] <br>example: HOST1;URI1 <br> + <strong>WRONG SYNTAX USAGE WILL RESULT IN SQUID NOT STARTING</strong>]]></description> <type>textarea</type> <cols>60</cols> <rows>10</rows> diff --git a/config/squid-reverse/squid_reverse_general.xml b/config/squid-reverse/squid_reverse_general.xml new file mode 100644 index 00000000..ff74b9d5 --- /dev/null +++ b/config/squid-reverse/squid_reverse_general.xml @@ -0,0 +1,241 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + squid_reverse_general.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 Marcello Coutinho + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>squidreversegeneral</name> + <version>none</version> + <title>Reverse Proxy server: General</title> + <include_file>/usr/local/pkg/squid.inc</include_file> + <tabs> + <tab> + <text>General</text> + <url>/pkg_edit.php?xml=squid_reverse_general.xml&id=0</url> + <active/> + </tab> + <tab> + <text>Web Servers</text> + <url>/pkg.php?xml=squid_reverse_peer.xml</url> + </tab> + <tab> + <text>Mappings</text> + <url>/pkg.php?xml=squid_reverse_uri.xml</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=squid_reverse_sync.xml&id=0</url> + </tab> + </tabs> + <fields> + <field> + <name>Squid Reverse proxy General Settings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Reverse Proxy interface</fielddescr> + <fieldname>reverse_interface</fieldname> + <description>The interface(s) the reverse-proxy server will bind to.</description> + <type>interfaces_selection</type> + <required/> + <default_value>wan</default_value> + <multiple/> + </field> + <field> + <fielddescr>User-defined reverse-proxy IPs</fielddescr> + <fieldname>reverse_ip</fieldname> + <description>Squid will additionally bind to this user-defined IPs for reverse-proxy operation. Useful for virtual IPs such as CARP. Separate by semi-colons (;).</description> + <type>input</type> + <size>70</size> + </field> + <field> + <fielddescr>external FQDN</fielddescr> + <fieldname>reverse_external_fqdn</fieldname> + <description>The external full-qualified-domain-name of the WAN address.</description> + <type>input</type> + <required/> + <size>70</size> + </field> + <field> + <fielddescr>Reset TCP connections if request is unauthorized</fielddescr> + <fieldname>deny_info_tcp_reset</fieldname> + <description>If this field is checked, the reverse-proxy will reset the TCP connection if the request is unauthorized.</description> + <type>checkbox</type> + <default_value>on</default_value> + </field> + <field> + <name>Squid Reverse HTTP Settings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Enable HTTP reverse mode</fielddescr> + <fieldname>reverse_http</fieldname> + <description>If this field is checked, the proxy-server will act in HTTP reverse mode. <br>(You have to add a rule with destination "WAN-address")</description> + <type>checkbox</type> + <enablefields>reverse_http_port,reverse_http_defsite</enablefields> + <required/> + <default_value>off</default_value> + </field> + <field> + <fielddescr>reverse HTTP port</fielddescr> + <fieldname>reverse_http_port</fieldname> + <description>This is the port the HTTP reverse-proxy will listen on. (leave empty to use 80)</description> + <type>input</type> + <size>5</size> + <default_value>80</default_value> + </field> + <field> + <fielddescr>reverse HTTP default site</fielddescr> + <fieldname>reverse_http_defsite</fieldname> + <description>This is the HTTP reverse default site. (leave empty to use the external fqdn)</description> + <type>input</type> + <size>60</size> + </field> + <field> + <name>Squid Reverse HTTPS Settings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Enable HTTPS reverse proxy</fielddescr> + <fieldname>reverse_https</fieldname> + <description>If this field is checked, the proxy-server will act in HTTPS reverse mode. <br>(You have to add a rule with destination "WAN-address")</description> + <type>checkbox</type> + <enablefields>reverse_https_port,reverse_https_defsite,reverse_ssl_cert,reverse_int_ca,reverse_ignore_ssl_valid,reverse_owa,reverse_owa_ip,reverse_owa_webservice,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_autodiscover,reverse_ssl_chain</enablefields> + <required/> + <default_value>off</default_value> + </field> + <field> + <fielddescr>reverse HTTPS port</fielddescr> + <fieldname>reverse_https_port</fieldname> + <description>This is the port the HTTPS reverse-proxy will listen on. (leave empty to use 443)</description> + <type>input</type> + <size>5</size> + <default_value>443</default_value> + </field> + <field> + <fielddescr>reverse HTTPS default site</fielddescr> + <fieldname>reverse_https_defsite</fieldname> + <description>This is the HTTPS reverse default site. (leave empty to use the external fqdn)</description> + <type>input</type> + <size>60</size> + </field> + <field> + <fielddescr>reverse SSL certificate</fielddescr> + <fieldname>reverse_ssl_cert</fieldname> + <description>Choose the SSL Server Certificate here.</description> + <type>select_source</type> + <source><![CDATA[$config['cert']]]></source> + <source_name>descr</source_name> + <source_value>refid</source_value> + </field> + <field> + <fielddescr>intermediate CA certificate (if needed)</fielddescr> + <fieldname>reverse_int_ca</fieldname> + <description>Paste a signed certificate in X.509 PEM format here.</description> + <type>textarea</type> + <cols>50</cols> + <rows>5</rows> + <encoding>base64</encoding> + </field> + <field> + <fielddescr>Ignore internal Certificate validation</fielddescr> + <fieldname>reverse_ignore_ssl_valid</fieldname> + <description>If this field is checked, internal certificate validation will be ignored.</description> + <type>checkbox</type> + <default_value>on</default_value> + </field> + <field> + <name>OWA Reverse proxy General Settings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Enable OWA reverse proxy</fielddescr> + <fieldname>reverse_owa</fieldname> + <description>If this field is checked, squid will act as an accelerator/ SSL offloader for Outlook Web App.</description> + <type>checkbox</type> + <enablefields>reverse_owa_ip,reverse_owa_activesync,reverse_owa_rpchttp,reverse_owa_webservice,reverse_owa_autodiscover</enablefields> + </field> + <field> + <fielddescr>OWA frontend IP address</fielddescr> + <fieldname>reverse_owa_ip</fieldname> + <description>This is the internal IP Address of the OWA frontend server.</description> + <type>input</type> + <size>15</size> + </field> + <field> + <fielddescr>Enable ActiveSync</fielddescr> + <fieldname>reverse_owa_activesync</fieldname> + <description>If this field is checked, ActiveSync will be enabled.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Enable Outlook Anywhere</fielddescr> + <fieldname>reverse_owa_rpchttp</fieldname> + <description>If this field is checked, RPC over HTTP will be enabled.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Enable Exchange WebServices</fielddescr> + <fieldname>reverse_owa_webservice</fieldname> + <description><![CDATA[If this field is checked, Exchange WebServices will be enabled.<br> + <strong>There are potential DoS side effects to its use, please avoid unless you must.</strong>]]></description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Enable AutoDiscover</fielddescr> + <fieldname>reverse_owa_autodiscover</fieldname> + <description>If this field is checked, AutoDiscover will be enabled.</description> + <type>checkbox</type> + </field> + </fields> + <custom_php_command_before_form> + squid_before_form_general(&$pkg); + </custom_php_command_before_form> + <custom_php_validation_command> + squid_validate_reverse($_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> + squid_resync(); + </custom_php_resync_config_command> +</packagegui>
\ No newline at end of file diff --git a/config/squid-reverse/squid_reverse_peer.xml b/config/squid-reverse/squid_reverse_peer.xml new file mode 100644 index 00000000..fb853eb3 --- /dev/null +++ b/config/squid-reverse/squid_reverse_peer.xml @@ -0,0 +1,159 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + squid_reverse_peer.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 Marcello Coutinho + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>squidreversepeer</name> + <version>none</version> + <title>Reverse Proxy server: Peers</title> + <include_file>/usr/local/pkg/squid.inc</include_file> + <tabs> + <tab> + <text>General</text> + <url>/pkg_edit.php?xml=squid_reverse_general.xml&id=0</url> + </tab> + <tab> + <text>Web Servers</text> + <url>/pkg.php?xml=squid_reverse_peer.xml</url> + <active/> + </tab> + <tab> + <text>Mappings</text> + <url>/pkg.php?xml=squid_reverse_uri.xml</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=squid_reverse_sync.xml&id=0</url> + </tab> + </tabs> + <adddeleteeditpagefields> + <columnitem> + <fielddescr>Status</fielddescr> + <fieldname>enable</fieldname> + </columnitem> + <columnitem> + <fielddescr>Alias</fielddescr> + <fieldname>name</fieldname> + </columnitem> + <columnitem> + <fielddescr>Ip address</fielddescr> + <fieldname>ip</fieldname> + </columnitem> + <columnitem> + <fielddescr>Port</fielddescr> + <fieldname>port</fieldname> + </columnitem> + <columnitem> + <fielddescr>Protocol</fielddescr> + <fieldname>Protocol</fieldname> + </columnitem> + <columnitem> + <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> + </columnitem> + </adddeleteeditpagefields> + <fields> + <field> + <name>Squid Reverse Peer Mappings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Enable this peer</fielddescr> + <fieldname>enable</fieldname> + <description>If this field is checked, then this peer will be available for reverse config.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Peer Alias</fielddescr> + <fieldname>name</fieldname> + <description><![CDATA[Name to identify this peer on squid reverse conf<br> + example: HOST1]]></description> + <type>input</type> + <size>20</size> + </field> + <field> + <fielddescr>Peer IP</fielddescr> + <fieldname>ip</fieldname> + <description><![CDATA[Ip Address of this peer.<br> + example: 192.168.0.1]]></description> + <type>input</type> + <size>20</size> + </field> + <field> + <fielddescr>Peer Port</fielddescr> + <fieldname>port</fieldname> + <description><![CDATA[Listening port of this peer.<br> + example: 80]]></description> + <type>input</type> + <size>20</size> + </field> + <field> + <fielddescr>Peer Protocol</fielddescr> + <fieldname>protocol</fieldname> + <description><![CDATA[Protocol listening on this peer port.]]></description> + <type>select</type> + <options> + <option> <name>HTTP</name> <value>HTTP</value> </option> + <option> <name>HTTPS</name> <value>HTTPS</value> </option> + </options> + </field> + <field> + <fielddescr>Peer Description</fielddescr> + <fieldname>description</fieldname> + <description><![CDATA[Peer Description (optional)]]></description> + <type>input</type> + <size>60</size> + </field> + </fields> + <custom_php_command_before_form> + squid_before_form_general(&$pkg); + </custom_php_command_before_form> + <custom_php_validation_command> + squid_validate_reverse($_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> + squid_resync(); + </custom_php_resync_config_command> +</packagegui>
\ No newline at end of file diff --git a/config/squid-reverse/squid_reverse_sync.xml b/config/squid-reverse/squid_reverse_sync.xml new file mode 100755 index 00000000..d666d4e8 --- /dev/null +++ b/config/squid-reverse/squid_reverse_sync.xml @@ -0,0 +1,105 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + squid_sync.xml + part of the sarg package for pfSense + Copyright (C) 2012 Marcello Coutinho + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>squidsync</name> + <version>1.0</version> + <title>Reverse Proxy server: XMLRPC Sync</title> + <include_file>/usr/local/pkg/squid.inc</include_file> + <tabs> + <tab> + <text>General</text> + <url>/pkg_edit.php?xml=squid_reverse_general.xml&id=0</url> + </tab> + <tab> + <text>Web Servers</text> + <url>/pkg.php?xml=squid_reverse_peer.xml</url> + </tab> + <tab> + <text>Mappings</text> + <url>/pkg.php?xml=squid_reverse_uri.xml</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=squid_reverse_sync.xml&id=0</url> + <active/> + </tab> + </tabs> + <fields> + <field> + <name>XMLRPC Sync</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Automatically sync squid configuration changes</fielddescr> + <fieldname>synconchanges</fieldname> + <description>Automatically sync squid(normal and reverse) changes to the hosts defined below.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Remote Server</fielddescr> + <fieldname>none</fieldname> + <type>rowhelper</type> + <rowhelper> + <rowhelperfield> + <fielddescr>IP Address</fielddescr> + <fieldname>ipaddress</fieldname> + <description>IP Address of remote server</description> + <type>input</type> + <size>20</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Password</fielddescr> + <fieldname>password</fieldname> + <description>Password for remote server.</description> + <type>password</type> + <size>20</size> + </rowhelperfield> + </rowhelper> + </field> + </fields> + <custom_php_validation_command> + </custom_php_validation_command> + <custom_php_resync_config_command> + squid_resync(); + </custom_php_resync_config_command> +</packagegui> diff --git a/config/squid-reverse/squid_reverse_uri.xml b/config/squid-reverse/squid_reverse_uri.xml new file mode 100644 index 00000000..a7a5a6d6 --- /dev/null +++ b/config/squid-reverse/squid_reverse_uri.xml @@ -0,0 +1,155 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + squid_reverse_general.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 Marcello Coutinho + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>squidreverseuri</name> + <version>none</version> + <title>Reverse Proxy server: Mappings</title> + <include_file>/usr/local/pkg/squid.inc</include_file> + <tabs> + <tab> + <text>General</text> + <url>/pkg_edit.php?xml=squid_reverse_general.xml&id=0</url> + </tab> + <tab> + <text>Web Servers</text> + <url>/pkg.php?xml=squid_reverse_peer.xml</url> + </tab> + <tab> + <text>Mappings</text> + <url>/pkg.php?xml=squid_reverse_uri.xml</url> + <active/> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=squid_reverse_sync.xml&id=0</url> + </tab> + </tabs> + <adddeleteeditpagefields> + <columnitem> + <fielddescr>Status</fielddescr> + <fieldname>enable</fieldname> + </columnitem> + <columnitem> + <fielddescr>Group Name</fielddescr> + <fieldname>name</fieldname> + </columnitem> + <columnitem> + <fielddescr>Peers</fielddescr> + <fieldname>peers</fieldname> + </columnitem> + <columnitem> + <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> + </columnitem> + </adddeleteeditpagefields> + <fields> + <field> + <name>Squid Reverse Peer Mappings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Enable this URI</fielddescr> + <fieldname>enable</fieldname> + <description><![CDATA[If this field is checked, then this URI(Uniform Resource Name) will be available for reverse config.]]></description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Group name</fielddescr> + <fieldname>name</fieldname> + <description><![CDATA[Name to identify this URI on squid reverse conf<br> + example: URI1]]></description> + <type>input</type> + <size>20</size> + </field> + <field> + <fielddescr>Group Description</fielddescr> + <fieldname>description</fieldname> + <description><![CDATA[URI Group Description (optional)]]></description> + <type>input</type> + <size>60</size> + </field> + <field> + <fielddescr>Peers</fielddescr> + <fieldname>peers</fieldname> + <description><![CDATA[Apply this Group Mappings to selected Peers<br> + Use CTRL + click to select.]]></description> + <type>select_source</type> + <source><![CDATA[$config['installedpackages']['squidreversepeer']['config']]]></source> + <source_name>name</source_name> + <source_value>name</source_value> + <multiple/> + <size>05</size> + </field> + <field> + <fielddescr><![CDATA[URIs]]></fielddescr> + <fieldname>none</fieldname> + <description><![CDATA[URI to publish]]></description> + <type>rowhelper</type> + <rowhelper> + <rowhelperfield> + <fielddescr>URI</fielddescr> + <fieldname>uri</fieldname> + <type>input</type> + <size>25</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>[http://|https://]vhost fqdn(optional)</fielddescr> + <fieldname>vhost</fieldname> + <type>input</type> + <size>40</size> + </rowhelperfield> + </rowhelper> + </field> + </fields> + <custom_php_command_before_form> + </custom_php_command_before_form> + <custom_php_validation_command> + </custom_php_validation_command> + <custom_php_resync_config_command> + squid_resync(); + </custom_php_resync_config_command> +</packagegui>
\ No newline at end of file diff --git a/config/squid-reverse/squid_sync.xml b/config/squid-reverse/squid_sync.xml new file mode 100755 index 00000000..c581d2c5 --- /dev/null +++ b/config/squid-reverse/squid_sync.xml @@ -0,0 +1,121 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + squid_sync.xml + part of the sarg package for pfSense + Copyright (C) 2012 Marcello Coutinho + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>squidsync</name> + <version>1.0</version> + <title>Proxy server: XMLRPC Sync</title> + <include_file>/usr/local/pkg/squid.inc</include_file> + <tabs> + <tab> + <text>General</text> + <url>/pkg_edit.php?xml=squid.xml&id=0</url> + </tab> + <tab> + <text>Remote Cache</text> + <url>/pkg.php?xml=squid_upstream.xml</url> + </tab> + <tab> + <text>Local Cache</text> + <url>/pkg_edit.php?xml=squid_cache.xml&id=0</url> + </tab> + <tab> + <text>ACLs</text> + <url>/pkg_edit.php?xml=squid_nac.xml&id=0</url> + </tab> + <tab> + <text>Traffic Mgmt</text> + <url>/pkg_edit.php?xml=squid_traffic.xml&id=0</url> + </tab> + <tab> + <text>Authentication</text> + <url>/pkg_edit.php?xml=squid_auth.xml&id=0</url> + </tab> + <tab> + <text>Users</text> + <url>/pkg.php?xml=squid_users.xml</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=squid_sync.xml</url> + <active/> + </tab> + </tabs> + <fields> + <field> + <name>XMLRPC Sync</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Automatically sync squid configuration changes</fielddescr> + <fieldname>synconchanges</fieldname> + <description>Automatically sync squid(normal and reverse) changes to the hosts defined below.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Remote Server</fielddescr> + <fieldname>none</fieldname> + <type>rowhelper</type> + <rowhelper> + <rowhelperfield> + <fielddescr>IP Address</fielddescr> + <fieldname>ipaddress</fieldname> + <description>IP Address of remote server</description> + <type>input</type> + <size>20</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Password</fielddescr> + <fieldname>password</fieldname> + <description>Password for remote server.</description> + <type>password</type> + <size>20</size> + </rowhelperfield> + </rowhelper> + </field> + </fields> + <custom_php_validation_command> + </custom_php_validation_command> + <custom_php_resync_config_command> + squid_resync(); + </custom_php_resync_config_command> +</packagegui> diff --git a/config/squid-reverse/squid_traffic.xml b/config/squid-reverse/squid_traffic.xml index c56ca73f..b1799cce 100644 --- a/config/squid-reverse/squid_traffic.xml +++ b/config/squid-reverse/squid_traffic.xml @@ -48,22 +48,22 @@ <name>squidtraffic</name> <version>none</version> <title>Proxy server: Traffic management</title> - <include_file>squid.inc</include_file> + <include_file>/usr/local/pkg/squid.inc</include_file> <tabs> - <tab> - <text>General</text> + <tab> + <text>General</text> <url>/pkg_edit.php?xml=squid.xml&id=0</url> </tab> <tab> - <text>Upstream Proxy</text> - <url>/pkg_edit.php?xml=squid_upstream.xml&id=0</url> + <text>Remote Cache</text> + <url>/pkg.php?xml=squid_upstream.xml</url> </tab> <tab> - <text>Cache Mgmt</text> + <text>Local Cache</text> <url>/pkg_edit.php?xml=squid_cache.xml&id=0</url> </tab> <tab> - <text>Access Control</text> + <text>ACLs</text> <url>/pkg_edit.php?xml=squid_nac.xml&id=0</url> </tab> <tab> @@ -72,24 +72,29 @@ <active/> </tab> <tab> - <text>Reverse Settings</text> - <url>/pkg_edit.php?xml=squid_reverse.xml&id=0</url> - </tab> - <tab> - <text>Auth Settings</text> + <text>Authentication</text> <url>/pkg_edit.php?xml=squid_auth.xml&id=0</url> </tab> <tab> - <text>Local Users</text> + <text>Users</text> <url>/pkg.php?xml=squid_users.xml</url> </tab> - </tabs> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=squid_sync.xml</url> + </tab> + </tabs> <fields> <field> + <name>Squid Traffic Managment Settings</name> + <type>listtopic</type> + </field> + <field> <fielddescr>Maximum download size</fielddescr> <fieldname>max_download_size</fieldname> <description>Limit the maximum total download size to the size specified here (in kilobytes). Set to 0 to disable.</description> <type>input</type> + <size>10</size> <required/> <default_value>0</default_value> </field> @@ -98,6 +103,7 @@ <fieldname>max_upload_size</fieldname> <description>Limit the maximum total upload size to the size specified here (in kilobytes). Set to 0 to disable.</description> <type>input</type> + <size>10</size> <required/> <default_value>0</default_value> </field> @@ -106,6 +112,7 @@ <fieldname>overall_throttling</fieldname> <description>This value specifies (in kilobytes per second) the bandwidth throttle for downloads. Users will gradually have their download speed increased according to this value. Set to 0 to disable bandwidth throttling.</description> <type>input</type> + <size>10</size> <required/> <default_value>0</default_value> </field> @@ -114,10 +121,15 @@ <fieldname>perhost_throttling</fieldname> <description>This value specifies the download throttling per host. Set to 0 to disable this.</description> <type>input</type> + <size>10</size> <required/> <default_value>0</default_value> </field> <field> + <name>Squid Transfer Extension Settings</name> + <type>listtopic</type> + </field> + <field> <fielddescr>Throttle only specific extensions</fielddescr> <fieldname>throttle_specific</fieldname> <description>Leave this checked to be able to choose the extensions that throttling will be applied to. Otherwise, all files will be throttled.</description> @@ -151,10 +163,15 @@ <size>60</size> </field> <field> + <name>Squid Transfer Quick Abort Settings</name> + <type>listtopic</type> + </field> + <field> <fielddescr>Finish transfer if less than x KB remaining</fielddescr> <fieldname>quick_abort_min</fieldname> <description>If the transfer has less than x KB remaining, it will finish the retrieval. Set to 0 to abort the transfer immediately.</description> <type>input</type> + <size>10</size> <default_value>0</default_value> </field> <field> @@ -169,6 +186,7 @@ <fieldname>quick_abort_pct</fieldname> <description>If more than x % of the transfer has completed, it will finish the retrieval.</description> <type>input</type> + <size>10</size> <default_value>0</default_value> </field> </fields> diff --git a/config/squid-reverse/squid_upstream.xml b/config/squid-reverse/squid_upstream.xml index 3d4d1611..126a0710 100644 --- a/config/squid-reverse/squid_upstream.xml +++ b/config/squid-reverse/squid_upstream.xml @@ -7,9 +7,10 @@ /* $Id$ */ /* ========================================================================== */ /* - authng.xml + squid_upstream.xml part of pfSense (http://www.pfSense.com) Copyright (C) 2007 to whom it may belong + Copyright (C) 2012 Marcello Coutinho All rights reserved. Based on m0n0wall (http://m0n0.ch/wall) @@ -45,26 +46,26 @@ <description>Describe your package here</description> <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> - <name>squidupstream</name> + <name>squidremote</name> <version>none</version> - <title>Proxy server: Upstream proxy settings</title> - <include_file>squid.inc</include_file> + <title>Proxy server: Remote proxy settings</title> + <include_file>/usr/local/pkg/squid.inc</include_file> <tabs> - <tab> +<tab> <text>General</text> <url>/pkg_edit.php?xml=squid.xml&id=0</url> </tab> <tab> - <text>Upstream Proxy</text> - <url>/pkg_edit.php?xml=squid_upstream.xml&id=0</url> + <text>Remote Cache</text> + <url>/pkg.php?xml=squid_upstream.xml</url> <active/> </tab> <tab> - <text>Cache Mgmt</text> + <text>Local Cache</text> <url>/pkg_edit.php?xml=squid_cache.xml&id=0</url> </tab> <tab> - <text>Access Control</text> + <text>ACLs</text> <url>/pkg_edit.php?xml=squid_nac.xml&id=0</url> </tab> <tab> @@ -72,50 +73,232 @@ <url>/pkg_edit.php?xml=squid_traffic.xml&id=0</url> </tab> <tab> - <text>Reverse Settings</text> - <url>/pkg_edit.php?xml=squid_reverse.xml&id=0</url> - </tab> - <tab> - <text>Auth Settings</text> + <text>Authentication</text> <url>/pkg_edit.php?xml=squid_auth.xml&id=0</url> </tab> <tab> - <text>Local Users</text> + <text>Users</text> <url>/pkg.php?xml=squid_users.xml</url> </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=squid_sync.xml</url> + </tab> </tabs> + <adddeleteeditpagefields> + <columnitem> + <fielddescr>Status</fielddescr> + <fieldname>enable</fieldname> + </columnitem> + <columnitem> + <fielddescr>name</fielddescr> + <fieldname>proxyaddr</fieldname> + </columnitem> + <columnitem> + <fielddescr>Port</fielddescr> + <fieldname>proxyport</fieldname> + </columnitem> + <columnitem> + <fielddescr>ICP</fielddescr> + <fieldname>icpport</fieldname> + </columnitem> + <columnitem> + <fielddescr>Peer type</fielddescr> + <fieldname>hierarchy</fieldname> + </columnitem> + <columnitem> + <fielddescr>Method</fielddescr> + <fieldname>peermethod</fieldname> + </columnitem> + </adddeleteeditpagefields> + <fields> <field> - <fielddescr>Enable forwarding</fielddescr> - <fieldname>proxy_forwarding</fieldname> - <description>This option enables the proxy server to forward requests to an upstream server.</description> + <name>General Settings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Enable</fielddescr> + <fieldname>enable</fieldname> + <description>This option enables the proxy server to forward requests to an upstream/neighbor server.</description> <type>checkbox</type> - <enablefields>proxy_addr,proxy_port,icp_port,username,password</enablefields> <required/> </field> <field> <fielddescr>Hostname</fielddescr> - <fieldname>proxy_addr</fieldname> + <fieldname>proxyaddr</fieldname> <description>Enter here the IP address or host name of the upstream proxy.</description> <type>input</type> + <size>35</size> + <required/> + </field> + <field> + <fielddescr>Name</fielddescr> + <fieldname>proxyname</fieldname> + <description>Unique name for the peer.Required if you have multiple peers on the same host but different ports.</description> + <type>input</type> + <size>35</size> + <required/> </field> <field> <fielddescr>TCP port</fielddescr> - <fieldname>proxy_port</fieldname> + <fieldname>proxyport</fieldname> <description>Enter the port to use to connect to the upstream proxy.</description> <type>input</type> <size>5</size> <default_value>3128</default_value> + <required/> + </field> + <field> + <fielddescr>Timeout</fielddescr> + <fieldname>connecttimeout</fieldname> + <description>A peer-specific connect timeout. Also see the peer_connect_timeout directive.</description> + <type>input</type> + <size>5</size> + </field> + <field> + <fielddescr>Fail Limit</fielddescr> + <fieldname>connectfailLimit</fieldname> + <description>How many times connecting to a peer must fail before it is marked as down. Default is 10.</description> + <type>input</type> + <size>5</size> + <default_value>10</default_value> + </field> + <field> + <fielddescr>Max</fielddescr> + <fieldname>maxconn</fieldname> + <description>Limit the amount of connections Squid may open to this peer.</description> + <type>input</type> + <size>5</size> + </field> + <field> + <fielddescr>Allow Miss</fielddescr> + <fieldname>allowmiss</fieldname> + <description><![CDATA[<strong>allow-miss</strong> - Disable Squid's use of only-if-cached when forwarding requests to siblings. This is primarily useful when icp_hit_stale is used by the sibling.<br><br> + <strong>no-tproxy</strong> - Do not use the client-spoof TPROXY support when forwarding requests to this peer. Use normal address selection instead.<br><br> + <strong>proxy-only</strong> - Objects fetched from the peer will not be stored locally.]]></description> + <type>select</type> + <default_value>allow-miss</default_value> + <options> + <option><name>Allow Miss</name><value>allow-miss</value></option> + <option><name>No Tproxy</name><value>no-tproxy</value></option> + <option><name>Proxy Only</name><value>proxy-only</value></option> + </options> + <multiple/> + <size>4</size> + </field> + <field> + <name>Peer settings</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Hierarchy</fielddescr> + <fieldname>hierarchy</fieldname> + <description>Specify remote caches hierarchy.</description> + <type>select</type> + <default_value>parent</default_value> + <options> + <option><name>parent</name><value>parent</value></option> + <option><name>sibling</name><value>sibling</value></option> + <option><name>multicast</name><value>multicast</value></option> + </options> + </field> + <field> + <fielddescr>Select method</fielddescr> + <fieldname>peermethod</fieldname> + <description><![CDATA[The default peer selection method is ICP, with the first responding peer being used as source. These options can be used for better load balancing.<br><br> + <strong>default</strong> - This is a parent cache which can be used as a "last-resort" if a peer cannot be located by any of the peer-selection methods.<br> + If specified more than once, only the first is used.<br><br> + <strong>round-robin</strong> - Load-Balance parents which should be used in a round-robin fashion in the absence of any ICP queries.<br>weight=N can be used to add bias.<br><br> + <strong>weighted-round-robin</strong> - Load-Balance parents which should be used in a round-robin fashion with the frequency of each parent being based on the round trip time.<br> + Closer parents are used more often. Usually used for background-ping parents. weight=N can be used to add bias.<br><br> + <strong>carp</strong> - Load-Balance parents which should be used as a CARP array. The requests will be distributed among the parents based on the CARP load balancing hash function based on their weight.<br><br> + <strong>userhash</strong> - Load-balance parents based on the client proxy_auth or ident username.<br><br> + <strong>sourcehash</strong> - Load-balance parents based on the client source IP.<br><br> + <strong>multicast-siblings</strong> - To be used only for cache peers of type "multicast".<br> + ALL members of this multicast group have "sibling" relationship with it, not "parent". This is to a multicast group when the requested object would be fetched only from a "parent" cache, anyway.<br> + It's useful, e.g., when configuring a pool of redundant Squid proxies, being members of the same multicast group.]]></description> + <type>select</type> + <default_value>round-robin</default_value> + <options> + <option><name>round-robin</name><value>round-robin</value></option> + <option><name>default</name><value>default</value></option> + <option><name>weighted-round-robin</name><value>weighted-round-robin</value></option> + <option><name>carp</name><value>carp</value></option> + <option><name>userhash</name><value>userhash</value></option> + <option><name>sourcehash</name><value>sourcehash</value></option> + <option><name>multicast-sibling</name><value>multicast-sibling</value></option> + </options> + </field> + <field> + <fielddescr>weight</fielddescr> + <fieldname>weight</fieldname> + <description>Use to affect the selection of a peer during any weighted peer-selection mechanisms. The weight must be an integer; default is 1,larger weights are favored more.</description> + <type>input</type> + <size>5</size> + <default>1</default> + </field> + <field> + <fielddescr>basetime</fielddescr> + <fieldname>basetime</fieldname> + <description><![CDATA[Specify a base amount to be subtracted from round trip times of parents.<br> + It is subtracted before division by weight in calculating which parent to fectch from. If the rtt is less than the base time the rtt is set to a minimal value.]]></description> + <type>input</type> + <size>5</size> + <default>1</default> + </field> + <field> + <fielddescr>ttl</fielddescr> + <fieldname>ttl</fieldname> + <description><![CDATA[Specify a TTL to use when sending multicast ICP queries to this address<br> + Only useful when sending to a multicast group. Because we don't accept ICP replies from random hosts, you must configure other group members as peers with the 'multicast-responder' option.]]></description> + <type>input</type> + <size>5</size> + <default>1</default> + </field> + <field> + <fielddescr>no-delay</fielddescr> + <fieldname>nodelay</fieldname> + <description><![CDATA[To prevent access to this neighbor from influencing the delay pools.]]></description> + <type>checkbox</type> + </field> + <field> + <name>ICP settings</name> + <type>listtopic</type> </field> <field> <fielddescr>ICP port</fielddescr> - <fieldname>icp_port</fieldname> + <fieldname>icpport</fieldname> <description>Enter the port to connect to the upstream proxy for the ICP protocol. Use port number 7 to disable ICP communication between the proxies.</description> <type>input</type> <size>5</size> <default_value>7</default_value> </field> <field> + <fielddescr>ICP Options</fielddescr> + <fieldname>icpoptions</fieldname> + <description><![CDATA[You MUST also set icp_port and icp_access explicitly when using these options.<br> + The defaults will prevent peer traffic using ICP<br><br> + <strong>no-query</strong> - Disable ICP queries to this neighbor.<br><br> + <strong>multicast-responder</strong> -Indicates the named peer is a member of a multicast group.<br> + ICP queries will not be sent directly to the peer, but ICP replies will be accepted from it.<br><br> + <strong>closest-only</strong> - Indicates that, for ICP_OP_MISS replies, we'll only forward CLOSEST_PARENT_MISSes and never FIRST_PARENT_MISSes.<br><br> + <strong>background-ping</strong> - To only send ICP queries to this neighbor infrequently.<br> + This is used to keep the neighbor round trip time updated and is usually used in conjunction with weighted-round-robin.]]></description> + <type>select</type> + <default_value>no-query</default_value> + <options> + <option><name>no-query</name><value>no-query</value></option> + <option><name>multicast-responder</name><value>multicast-responder</value></option> + <option><name>closest-only</name><value>closest-only</value></option> + <option><name>background-ping</name><value>background-ping</value></option> + </options> + </field> + <field> + <name>Auth settings</name> + <type>listtopic</type> + </field> + <field> <fielddescr>Username</fielddescr> <fieldname>username</fieldname> <description>If the upstream proxy requires a username, specify it here.</description> @@ -127,6 +310,39 @@ <description>If the upstream proxy requires a password, specify it here.</description> <type>password</type> </field> + <field> + <fielddescr>Authentication options</fielddescr> + <fieldname>authoption</fieldname> + <description><![CDATA[<br><strong>login=user:password</strong> - If this is a personal/workgroup proxy and your parent requires proxy authentication.<br><br> + <strong>login=PASSTHRU</strong> - Send login details received from client to this peer. Authentication is not required by Squid for this to work.<br> + This will pass any form of authentication but only Basic auth will work through a proxy unless the connection-auth options are also used.<br><br> + <strong>login=PASS</strong> - Send login details received from client to this peer.Authentication is not required by this option.<br> + To combine this with proxy_auth both proxies must share the same user database as HTTP only allows for a single login (one for proxy, one for origin server).<br> + Also be warned this will expose your users proxy password to the peer. USE WITH CAUTION<br><br> + <strong>login=*:password</strong> - Send the username to the upstream cache, but with a fixed password. This is meant to be used when the peer is in another administrative domain, but it is still needed to identify each user.<br><br> + <strong>login=NEGOTIATE</strong> - If this is a personal/workgroup proxy and your parent requires a secure proxy authentication.<br> + The first principal from the default keytab or defined by the environment variable KRB5_KTNAME will be used.<br> + WARNING: The connection may transmit requests from multiple clients. Negotiate often assumes end-to-end authentication and a single-client. Which is not strictly true here.<br><br> + <strong>login=NEGOTIATE:principal_name</strong>If this is a personal/workgroup proxy and your parent requires a secure proxy authentication.<br> + The principal principal_name from the default keytab or defined by the environment variable KRB5_KTNAME will be used. + WARNING: The connection may transmit requests from multiple clients. Negotiate often assumes end-to-end authentication and a single-client. Which is not strictly true here.<br><br> + <strong>connection-auth=on</strong> - Tell Squid that this peer does support Microsoft connection oriented authentication, and any such challenges received from there should be ignored.<br> + Default is auto to automatically determine the status of the peer.<br><br> + <strong>connection-auth=off</strong> - Tell Squid that this peer does not support Microsoft connection oriented authentication, and any such challenges received from there should be ignored.<br> + Default is auto to automatically determine the status of the peer.]]></description> + <type>select</type> + <default_value>login=*:password</default_value> + <options> + <option><name>login=*:password</name><value>login=*:password</value></option> + <option><name>login=user:password</name><value>login=user:password</value></option> + <option><name>login=PASSTHRU</name><value>login=PASSTHRU</value></option> + <option><name>login=PASS</name><value>login=PASS</value></option> + <option><name>login=NEGOTIATE</name><value>login=NEGOTIATE</value></option> + <option><name>login=NEGOTIATE:principal_name</name><value>login=NEGOTIATE:principal_name</value></option> + <option><name>connection-auth=on</name><value>connection-auth=on</value></option> + <option><name>connection-auth=off</name><value>connection-auth=off</value></option> + </options> + </field> </fields> <custom_php_validation_command> squid_validate_upstream($_POST, &$input_errors); diff --git a/config/squid-reverse/squid_users.xml b/config/squid-reverse/squid_users.xml index f2f8fe1c..295ce4fa 100644 --- a/config/squid-reverse/squid_users.xml +++ b/config/squid-reverse/squid_users.xml @@ -48,24 +48,24 @@ <name>squidusers</name> <version>none</version> <title>Proxy server: Local users</title> - <include_file>squid.inc</include_file> + <include_file>/usr/local/pkg/squid.inc</include_file> <delete_string>A proxy server user has been deleted.</delete_string> <addedit_string>A proxy server user has been created/modified.</addedit_string> <tabs> - <tab> +<tab> <text>General</text> <url>/pkg_edit.php?xml=squid.xml&id=0</url> </tab> <tab> - <text>Upstream Proxy</text> - <url>/pkg_edit.php?xml=squid_upstream.xml&id=0</url> + <text>Remote Cache</text> + <url>/pkg.php?xml=squid_upstream.xml</url> </tab> <tab> - <text>Cache Mgmt</text> + <text>Local Cache</text> <url>/pkg_edit.php?xml=squid_cache.xml&id=0</url> </tab> <tab> - <text>Access Control</text> + <text>ACLs</text> <url>/pkg_edit.php?xml=squid_nac.xml&id=0</url> </tab> <tab> @@ -73,18 +73,18 @@ <url>/pkg_edit.php?xml=squid_traffic.xml&id=0</url> </tab> <tab> - <text>Reverse Settings</text> - <url>/pkg_edit.php?xml=squid_reverse.xml&id=0</url> - </tab> - <tab> - <text>Auth Settings</text> + <text>Authentication</text> <url>/pkg_edit.php?xml=squid_auth.xml&id=0</url> </tab> <tab> - <text>Local Users</text> + <text>Users</text> <url>/pkg.php?xml=squid_users.xml</url> <active/> </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=squid_sync.xml</url> + </tab> </tabs> <adddeleteeditpagefields> <columnitem> @@ -98,6 +98,10 @@ </adddeleteeditpagefields> <fields> <field> + <name>Squid Local Users</name> + <type>listtopic</type> + </field> + <field> <fielddescr>Username</fielddescr> <fieldname>username</fieldname> <description>Enter the username here.</description> diff --git a/config/squid-reverse/swapstate_check.php b/config/squid-reverse/swapstate_check.php index ab5b11d8..d70c2dd4 100644 --- a/config/squid-reverse/swapstate_check.php +++ b/config/squid-reverse/swapstate_check.php @@ -30,19 +30,23 @@ require_once('config.inc'); require_once('util.inc'); $settings = $config['installedpackages']['squidcache']['config'][0]; -$cachedir =($settings['harddisk_cache_location'] ? $settings['harddisk_cache_location'] : '/var/squid/cache'); -$swapstate = $cachedir . '/swap.state'; -$disktotal = disk_total_space(dirname($cachedir)); -$diskfree = disk_free_space(dirname($cachedir)); -$diskusedpct = round((($disktotal - $diskfree) / $disktotal) * 100); -$swapstate_size = filesize($swapstate); -$swapstate_pct = round(($swapstate_size / $disktotal) * 100); +// Only check the cache if Squid is actually caching. +// If there is no cache then quietly do nothing. +if ($settings['harddisk_cache_system'] != "null"){ + $cachedir =($settings['harddisk_cache_location'] ? $settings['harddisk_cache_location'] : '/var/squid/cache'); + $swapstate = $cachedir . '/swap.state'; + $disktotal = disk_total_space(dirname($cachedir)); + $diskfree = disk_free_space(dirname($cachedir)); + $diskusedpct = round((($disktotal - $diskfree) / $disktotal) * 100); + $swapstate_size = filesize($swapstate); + $swapstate_pct = round(($swapstate_size / $disktotal) * 100); -// If the swap.state file is taking up more than 75% disk space, -// or the drive is 90% full and swap.state is larger than 1GB, -// kill it and initiate a rotate to write a fresh copy. -if (($swapstate_pct > 75) || (($diskusedpct > 90) && ($swapstate_size > 1024*1024*1024))) { - mwexec_bg("/bin/rm $swapstate; /usr/local/sbin/squid -k rotate"); - log_error(gettext(sprintf("Squid swap.state file exceeded size limits. Removing and rotating. File was %d bytes, %d%% of total disk space.", $swapstate_size, $swapstate_pct))); + // If the swap.state file is taking up more than 75% disk space, + // or the drive is 90% full and swap.state is larger than 1GB, + // kill it and initiate a rotate to write a fresh copy. + if (($swapstate_pct > 75) || (($diskusedpct > 90) && ($swapstate_size > 1024*1024*1024))) { + mwexec_bg("/bin/rm $swapstate; /usr/local/sbin/squid -k rotate"); + log_error(gettext(sprintf("Squid swap.state file exceeded size limits. Removing and rotating. File was %d bytes, %d%% of total disk space.", $swapstate_size, $swapstate_pct))); + } } ?>
\ No newline at end of file diff --git a/config/squid/swapstate_check.php b/config/squid/swapstate_check.php index ab5b11d8..d70c2dd4 100644 --- a/config/squid/swapstate_check.php +++ b/config/squid/swapstate_check.php @@ -30,19 +30,23 @@ require_once('config.inc'); require_once('util.inc'); $settings = $config['installedpackages']['squidcache']['config'][0]; -$cachedir =($settings['harddisk_cache_location'] ? $settings['harddisk_cache_location'] : '/var/squid/cache'); -$swapstate = $cachedir . '/swap.state'; -$disktotal = disk_total_space(dirname($cachedir)); -$diskfree = disk_free_space(dirname($cachedir)); -$diskusedpct = round((($disktotal - $diskfree) / $disktotal) * 100); -$swapstate_size = filesize($swapstate); -$swapstate_pct = round(($swapstate_size / $disktotal) * 100); +// Only check the cache if Squid is actually caching. +// If there is no cache then quietly do nothing. +if ($settings['harddisk_cache_system'] != "null"){ + $cachedir =($settings['harddisk_cache_location'] ? $settings['harddisk_cache_location'] : '/var/squid/cache'); + $swapstate = $cachedir . '/swap.state'; + $disktotal = disk_total_space(dirname($cachedir)); + $diskfree = disk_free_space(dirname($cachedir)); + $diskusedpct = round((($disktotal - $diskfree) / $disktotal) * 100); + $swapstate_size = filesize($swapstate); + $swapstate_pct = round(($swapstate_size / $disktotal) * 100); -// If the swap.state file is taking up more than 75% disk space, -// or the drive is 90% full and swap.state is larger than 1GB, -// kill it and initiate a rotate to write a fresh copy. -if (($swapstate_pct > 75) || (($diskusedpct > 90) && ($swapstate_size > 1024*1024*1024))) { - mwexec_bg("/bin/rm $swapstate; /usr/local/sbin/squid -k rotate"); - log_error(gettext(sprintf("Squid swap.state file exceeded size limits. Removing and rotating. File was %d bytes, %d%% of total disk space.", $swapstate_size, $swapstate_pct))); + // If the swap.state file is taking up more than 75% disk space, + // or the drive is 90% full and swap.state is larger than 1GB, + // kill it and initiate a rotate to write a fresh copy. + if (($swapstate_pct > 75) || (($diskusedpct > 90) && ($swapstate_size > 1024*1024*1024))) { + mwexec_bg("/bin/rm $swapstate; /usr/local/sbin/squid -k rotate"); + log_error(gettext(sprintf("Squid swap.state file exceeded size limits. Removing and rotating. File was %d bytes, %d%% of total disk space.", $swapstate_size, $swapstate_pct))); + } } ?>
\ No newline at end of file diff --git a/config/squidGuard/squidguard.inc b/config/squidGuard/squidguard.inc index c1680adb..856e15b6 100644 --- a/config/squidGuard/squidguard.inc +++ b/config/squidGuard/squidguard.inc @@ -326,7 +326,7 @@ function squidguard_resync() { # apply changes //if ($submit == APPLY_BTN) { # write_config('Update squidGuard options.'); # store, if not 'Save' button -# ïåðåíåñòè â validate äëÿ äåòåêòèðîâàíèÿ îøèáîê? + sg_reconfigure(); //} @@ -817,7 +817,7 @@ function squidguard_install_command() { # conf_mount_rw(); $blklist_file = SQUIDGUARD_BLK_FILELISTPATH; - # ðàññìîòðåòü âàðèàíò ñëèÿíèÿ examples áàçû è ñóùåñòâóþùåé â ñèñòåìå + if (!file_exists($blklist_file)) { # if blacklist not exists, then copy default db from samples # $entries = array("ads", "aggressive", "audio-video", "drugs", "gambling", "hacking", "mail", "porn", "proxy", "violence", "warez"); @@ -934,6 +934,10 @@ function convert_pfxml_to_sgxml() { $sgxml[F_ENABLEGUILOG] = $pfxml['enable_guilog'] == 'on' ? 'on' : 'off'; $sgxml[F_LOGROTATION] = $pfxml['log_rotation'] == 'on' ? 'on' : 'off'; + #Clean adversiting + $sgxml[F_ADV_BLANKIMG] = $pfxml['adv_blankimg'] == 'on' ? 'on' : 'off'; + + # other $lanip = $config['interfaces']['lan']['ipaddr']; $sgxml[F_CURRENT_LAN_IP] = $lanip; @@ -1395,4 +1399,4 @@ function squidguard_blacklist_list() return $res; } -?> +?>
\ No newline at end of file diff --git a/config/squidGuard/squidguard.xml b/config/squidGuard/squidguard.xml index 61bdf146..d84d53ab 100644 --- a/config/squidGuard/squidguard.xml +++ b/config/squidGuard/squidguard.xml @@ -132,6 +132,12 @@ <type>checkbox</type> </field> <field> + <fielddescr>Clean Advertising</fielddescr> + <fieldname>adv_blankimg</fieldname> + <description>Check this to display a blank gif image instead the default block page. With this option you get a cleaner page.</description> + <type>checkbox</type> + </field> + <field> <name>Blacklist options</name> <type>listtopic</type> </field> @@ -155,7 +161,7 @@ <field> <fielddescr>Blacklist URL</fielddescr> <fieldname>blacklist_url</fieldname> - <description>Enter FTP, HTTP or LOCAL (pfSense) URL blacklist archive, or leave blank.</description> + <description>Enter FTP, HTTP or LOCAL (firewall) URL blacklist archive, or leave blank.</description> <type>input</type> <size>100</size> </field> @@ -180,4 +186,4 @@ <custom_php_deinstall_command> squidguard_deinstall_command(); </custom_php_deinstall_command> -</packagegui>
\ No newline at end of file +</packagegui> diff --git a/config/squidGuard/squidguard_configurator.inc b/config/squidGuard/squidguard_configurator.inc index 3347b48b..c69ef0ee 100644 --- a/config/squidGuard/squidguard_configurator.inc +++ b/config/squidGuard/squidguard_configurator.inc @@ -273,6 +273,9 @@ define('F_ENABLELOG', 'enablelog'); define('F_ENABLEGUILOG', 'enableguilog'); define('F_LOGROTATION', 'logrotation'); +#Clean adversiting +define('F_ADV_BLANKIMG', 'adv_blankimg'); + # transparent mode define('F_SQUID_TRANSPARENT_MODE', 'squid_transparent_mode'); define('F_CURRENT_LAN_IP', 'current_lan_ip'); @@ -910,6 +913,13 @@ function sg_create_config() if ($ent_state[F_DOMAINS]) $sg_tag->items[] = "domainlist $ent/domains"; if ($ent_state[F_EXPRESSIONS]) $sg_tag->items[] = "expressionlist $ent/expressions"; if ($ent_state[F_URLS]) $sg_tag->items[] = "urllist $ent/urls"; + + # Check if $ent contains adv or ads, and F_ADV_BLANKIMG is on then add a custom redirect + $adv_pos = strpos($ent,'_adv'); + $ads_pos = strpos($ent, '_ads'); + if ( ($ads_pos > 0 || $adv_pos > 0) && $squidguard_config[F_ADV_BLANKIMG] == 'on') + $sg_tag->items[] = "redirect " . sg_redirector_base_url($dst[F_REDIRECT], RMOD_INT_BLANKIMG); + if ($squidguard_config[F_ENABLELOG] == 'on' ) { $sg_tag->items[] = "log ". SQUIDGUARD_LOGFILE; } @@ -2450,4 +2460,4 @@ class TSgTag } } -?> +?>
\ No newline at end of file diff --git a/config/sshdcond/sshdcond.inc b/config/sshdcond/sshdcond.inc new file mode 100644 index 00000000..cd9d8018 --- /dev/null +++ b/config/sshdcond/sshdcond.inc @@ -0,0 +1,254 @@ +<?php + +/* ========================================================================== */ +/* + sshdcond.inc + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012 Han Van (namezero@afim.info) + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + require_once("config.inc"); + require_once("util.inc"); + +function restart_sshd(){ + #backup /etc/sshd before any change + $etc_sshd="/etc/sshd"; + $pfsense_version=preg_replace("/\s/","",file_get_contents("/etc/version")); + if (!file_exists('/root/'.$pfsense_version.'.sshd.backup')){ + copy ($etc_sshd,'/root/'.$pfsense_version.'.sshd.backup'); + } + + #patch /etc/sshd if need + $sshd_file=file($etc_sshd); + $sshd_new_file=""; + foreach ($sshd_file as $line){ + if (preg_match('/sshconf .= "Port/',$line)){ + $sshd_new_file.= $line; + $sshd_new_file.= "\t".'if(file_exists("/etc/ssh/sshd_extra")){$sshconf.=file_get_contents("/etc/ssh/sshd_extra");}'."\n"; + } + elseif(!preg_match('/sshd_extra/',$line)){ + $sshd_new_file.= $line; + } + } + file_put_contents($etc_sshd,$sshd_new_file,LOCK_EX); + mwexec_bg($etc_sshd); + } + +function sshdcond_custom_php_install_command(){ + global $g, $config; + + conf_mount_rw(); + + // We need to generate an outfile for our extra commands + // The patched g_szSSHDFileGenerate php file then reads and appends that config + $fd = fopen("/etc/ssh/sshd_extra", 'w'); + fclose($fd); + + conf_mount_ro(); + } + +function sshdcond_custom_php_deinstall_command(){ + global $g, $config; + + conf_mount_rw(); + + // 1. Delete our config file + unlink_if_exists("/etc/ssh/sshd_extra"); + + // 2. Re-run sshd config generation script + restart_sshd(); + + conf_mount_ro(); + } + +function sshdcond_custom_php_write_config(){ + global $g, $config; + + # detect boot process + if (is_array($_POST)){ + if (!preg_match("/\w+/",$_POST['__csrf_magic'])) + return; + } + + $sshd_extra=""; + if (is_array($config['installedpackages']['sshdcond']['config'])){ + // Mount Read-only + conf_mount_rw(); + + // Read config + foreach ($config['installedpackages']['sshdcond']['config'] as $sshdcond){ + if ($sshdcond['enable'] && is_array($sshdcond['row'])){ + $sshd_extra.= "Match {$sshdcond['matchtype']} {$sshdcond['matchvalue']}\n"; + foreach ($sshdcond['row'] as $sshd){ + //check if there is spaces on sshd value + if(preg_match ("/\s+/",$sshd['sshdvalue'])) + $sshd['sshdvalue']='"'.$sshd['sshdvalue'].'"'; + + //check if value is not empty + if($sshd['sshdvalue']!="") + $sshd_extra.="\t {$sshd['sshdoption']} {$sshd['sshdvalue']}\n"; + + //apply file permission if option is ChrootDirectory + if ($sshd['sshdoption']=="ChrootDirectory" && file_exists($sshd['sshdvalue'])){ + chown('root',$sshd['sshdvalue']); + chgrp('operator',$sshd['sshdvalue']); + } + } + } + } + } + + //Save /etc/ssh/sshd_extra + file_put_contents("/etc/ssh/sshd_extra",$sshd_extra,LOCK_EX); + + + + // Restart sshd + restart_sshd(); + + // Mount Read-only + conf_mount_ro(); + + //sync config with other pfsense servers + sshdcond_sync_on_changes(); + } + +/* Uses XMLRPC to synchronize the changes to a remote node */ +function sshdcond_sync_on_changes() { + global $config, $g; + + if (is_array($config['installedpackages']['sshdcondsync'])) + if (!$config['installedpackages']['sshdcondsync']['config'][0]['synconchanges']) + return; + + log_error("[sshdcond] xmlrpc sync is starting."); + foreach ($config['installedpackages']['sshdcondsync']['config'] as $rs ){ + foreach($rs['row'] as $sh){ + $sync_to_ip = $sh['ipaddress']; + $password = $sh['password']; + if($password && $sync_to_ip) + sshdcond_do_xmlrpc_sync($sync_to_ip, $password); + } + } + log_error("[sshdcond] xmlrpc sync is ending."); +} + +/* Do the actual XMLRPC sync */ +function sshdcond_do_xmlrpc_sync($sync_to_ip, $password) { + global $config, $g; + + if(!$password) + return; + + if(!$sync_to_ip) + return; + + $username='admin'; + $xmlrpc_sync_neighbor = $sync_to_ip; + if($config['system']['webgui']['protocol'] != "") { + $synchronizetoip = $config['system']['webgui']['protocol']; + $synchronizetoip .= "://"; + } + $port = $config['system']['webgui']['port']; + /* if port is empty lets rely on the protocol selection */ + if($port == "") { + if($config['system']['webgui']['protocol'] == "http") + $port = "80"; + else + $port = "443"; + } + $synchronizetoip .= $sync_to_ip; + + /* xml will hold the sections to sync */ + $xml = array(); + $xml['sshdcond'] = $config['installedpackages']['sshdcond']; + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($xml) + ); + + /* set a few variables needed for sync code borrowed from filter.inc */ + $url = $synchronizetoip; + log_error("Beginning sshdcond XMLRPC sync to {$url}:{$port}."); + $method = 'pfsense.merge_installedpackages_section_xmlrpc'; + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials($username, $password); + if($g['debug']) + $cli->setDebug(1); + /* send our XMLRPC message and timeout after 250 seconds */ + $resp = $cli->send($msg, "250"); + if(!$resp) { + $error = "A communications error occurred while attempting sshdcond XMLRPC sync with {$url}:{$port}."; + log_error($error); + file_notice("sync_settings", $error, "sshdcond Settings Sync", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, "250"); + $error = "An error code was received while attempting sshdcond XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "sshdcond Settings Sync", ""); + } else { + log_error("sshdcond XMLRPC sync successfully completed with {$url}:{$port}."); + } + + /* tell sshdcond to reload our settings on the destionation sync host. */ + $method = 'pfsense.exec_php'; + $execcmd = "require_once('/usr/local/pkg/sshdcond.inc');\n"; + $execcmd .= "sshdcond_custom_php_write_config();"; + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($execcmd) + ); + + log_error("sshdcond XMLRPC reload data {$url}:{$port}."); + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials($username, $password); + $resp = $cli->send($msg, "250"); + if(!$resp) { + $error = "A communications error occurred while attempting sshdcond XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; + log_error($error); + file_notice("sync_settings", $error, "sshdcond Settings Sync", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, "250"); + $error = "An error code was received while attempting sshdcond XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "sshdcond Settings Sync", ""); + } else { + log_error("sshdcond XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); + } +} + ?>
\ No newline at end of file diff --git a/config/sshdcond/sshdcond.xml b/config/sshdcond/sshdcond.xml new file mode 100644 index 00000000..eeb35d75 --- /dev/null +++ b/config/sshdcond/sshdcond.xml @@ -0,0 +1,197 @@ +<?xml version="1.0" encoding="utf-8" ?> +<packagegui> +<copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + sshdcond.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012 Han Van (namezero@afim.info) + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + + <name>sshdcond</name> + <version>1.0</version> + <title>SSH Conditional</title> + <description>SSH Conditional blocks</description> + <savetext>Save</savetext> + <include_file>/usr/local/pkg/sshdcond.inc</include_file> + + <menu> + <name>SSH Conditions</name> + <tooltiptext>Configure SSH conditional exceptions</tooltiptext> + <section>Services</section> + <url>/pkg.php?xml=sshdcond.xml</url> + </menu> + <configpath>installedpackages->package->sshdcond</configpath> + + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>755</chmod> + <item>http://www.pfsense.com/packages/config/sshdcond/sshdcond.inc</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>755</chmod> + <item>http://www.pfsense.com/packages/config/sshdcond/sshdcond_sync.xml</item> + </additional_files_needed> + <tabs> + <tab> + <text>General</text> + <url>/pkg.php?xml=sshdcond.xml</url> + <active/> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=sshdcond_sync.xml</url> + </tab> + </tabs> + <adddeleteeditpagefields> + <columnitem> + <fielddescr>Status</fielddescr> + <fieldname>enable</fieldname> + </columnitem> + <columnitem> + <fielddescr>Match Type</fielddescr> + <fieldname>matchtype</fieldname> + </columnitem> + <columnitem> + <fielddescr>Match Value</fielddescr> + <fieldname>matchvalue</fieldname> + </columnitem> + </adddeleteeditpagefields> + <fields> + <field> + <type>listtopic</type> + <name>Conditional SSH Options</name> + <fieldname>temp</fieldname> + </field> + <field> + <fielddescr>Enable</fielddescr> + <fieldname>enable</fieldname> + <type>checkbox</type> + <description>Enable this ssh conditional option for specified options.</description> + </field> + <field> + <fielddescr>Match Type</fielddescr> + <fieldname>matchtype</fieldname> + <description>See Match keyword at http://www.manpagez.com/man/5/sshd_config/ for options</description> + <type>select</type> + <options> + <option><name>User</name><value>User</value></option> + <option><name>Group</name><value>Group</value></option> + <option><name>Host</name><value>Host</value></option> + <option><name>Address</name><value>Address</value></option> + </options> + <required/> + </field> + <field> + <fielddescr>Match Value</fielddescr> + <fieldname>matchvalue</fieldname> + <description>Insert Match Value. Do not use spaces or special characters.</description> + <type>input</type> + <size>40</size> + <required/> + </field> + <field> + <fielddescr>Match Config</fielddescr> + <fieldname>none</fieldname> + <type>rowhelper</type> + <rowhelper> + <rowhelperfield> + <fielddescr>sshd option</fielddescr> + <fieldname>sshdoption</fieldname> + <type>select</type> + <options> + <option><name>AllowAgentForwarding</name><value>AllowAgentForwarding</value></option> + <option><name>AllowTcpForwarding</name><value>AllowTcpForwarding</value></option> + <option><name>AuthorizedKeysFile</name><value>AuthorizedKeysFile</value></option> + <option><name>AuthorizedPrincipalsFile</name><value>AuthorizedPrincipalsFile</value></option> + <option><name>Banner</name><value>Banner</value></option> + <option><name>ChrootDirectory</name><value>ChrootDirectory</value></option> + <option><name>ForceCommand</name><value>ForceCommand</value></option> + <option><name>GatewayPorts</name><value>GatewayPorts</value></option> + <option><name>GSSAPIAuthentication</name><value>GSSAPIAuthentication</value></option> + <option><name>HostbasedAuthentication</name><value>HostbasedAuthentication</value></option> + <option><name>HostbasedUsesNameFromPacketOnly</name><value>HostbasedUsesNameFromPacketOnly</value></option> + <option><name>KbdInteractiveAuthentication</name><value>KbdInteractiveAuthentication</value></option> + <option><name>KerberosAuthentication</name><value>KerberosAuthentication</value></option> + <option><name>MaxAuthTries</name><value>MaxAuthTries</value></option> + <option><name>MaxSessions</name><value>MaxSessions</value></option> + <option><name>PasswordAuthentication</name><value>PasswordAuthentication</value></option> + <option><name>PermitEmptyPasswords</name><value>PermitEmptyPasswords</value></option> + <option><name>PermitOpen</name><value>PermitOpen</value></option> + <option><name>PermitRootLogin</name><value>PermitRootLogin</value></option> + <option><name>PermitTunnel</name><value>PermitTunnel</value></option> + <option><name>PubkeyAuthentication</name><value>PubkeyAuthentication</value></option> + <option><name>RhostsRSAAuthentication</name><value>RhostsRSAAuthentication</value></option> + <option><name>RSAAuthentication</name><value>RSAAuthentication</value></option> + <option><name>X11DisplayOffset</name><value>X11DisplayOffset</value></option> + <option><name>X11Forwarding</name><value>X11Forwarding</value></option> + <option><name>X11UseLocalHost</name><value>X11UseLocalHost</value></option> + </options> + <required/> + </rowhelperfield> + <rowhelperfield> + <fielddescr>sshd value</fielddescr> + <fieldname>sshdvalue</fieldname> + <type>input</type> + <size>60</size> + <required/> + </rowhelperfield> + </rowhelper> + </field> + </fields> + + <custom_delete_php_command> + sshdcond_custom_php_write_config(); + </custom_delete_php_command> + <custom_add_php_command> + sshdcond_custom_php_write_config(); + </custom_add_php_command> + <custom_php_install_command> + sshdcond_custom_php_install_command(); + </custom_php_install_command> + <custom_php_deinstall_command> + sshdcond_custom_php_deinstall_command(); + </custom_php_deinstall_command> + <custom_php_resync_config_command> + sshdcond_custom_php_write_config(); + </custom_php_resync_config_command> + <custom_php_command_before_form> + unset($_POST['temp']); + </custom_php_command_before_form> + +</packagegui>
\ No newline at end of file diff --git a/config/sshdcond/sshdcond_sync.xml b/config/sshdcond/sshdcond_sync.xml new file mode 100755 index 00000000..2bd4a26b --- /dev/null +++ b/config/sshdcond/sshdcond_sync.xml @@ -0,0 +1,97 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + sshdcond_sync.xml + part of the sarg package for pfSense + Copyright (C) 2012 Marcello Coutinho + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>sshdcondsync</name> + <version>1.0</version> + <title>SSH Conditional - Sync</title> + <include_file>/usr/local/pkg/sshdcond.inc</include_file> + <tabs> + <tab> + <text>General</text> + <url>/pkg.php?xml=sshdcond.xml</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=sshdcond_sync.xml</url> + <active/> + </tab> + </tabs> + <fields> + <field> + <name>XMLRPC Sync</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Automatically sync configuration changes</fielddescr> + <fieldname>synconchanges</fieldname> + <description>Automatically sync changes to the hosts defined below.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Remote Server</fielddescr> + <fieldname>none</fieldname> + <type>rowhelper</type> + <rowhelper> + <rowhelperfield> + <fielddescr>IP Address</fielddescr> + <fieldname>ipaddress</fieldname> + <description>IP Address of remote server</description> + <type>input</type> + <size>20</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Password</fielddescr> + <fieldname>password</fieldname> + <description>Password for remote server.</description> + <type>password</type> + <size>20</size> + </rowhelperfield> + </rowhelper> + </field> + </fields> + <custom_php_validation_command> + </custom_php_validation_command> + <custom_php_resync_config_command> + sshdcond_custom_php_write_config(); + </custom_php_resync_config_command> +</packagegui> diff --git a/config/systempatches/patches.inc b/config/systempatches/patches.inc new file mode 100644 index 00000000..d17e3614 --- /dev/null +++ b/config/systempatches/patches.inc @@ -0,0 +1,142 @@ +<?php +/* + patches.inc + Copyright (C) 2012 Jim Pingle + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require_once("globals.inc"); +require_once("util.inc"); + +$git_root_url = "http://github.com/bsdperimeter/pfsense/commit/"; +$patch_suffix = ".patch"; +$patch_dir = "/var/patches"; +$patch_cmd = "/usr/bin/patch"; + +function patch_commit($patch, $action, $test=false, $fulldetail=false) { + global $patch_dir, $patch_cmd, $patch_suffix; + $directory = empty($patch['basedir']) ? "/" : $patch['basedir']; + $filename = '-i ' . $patch_dir . '/' . $patch['uniqid'] . $patch_suffix; + $check = ($test) ? "--check" : ""; + $force = ($action == "revert") ? "-f" : "-t"; + $direction = ($action == "revert") ? "--reverse" : "--forward"; + $whitespace = $patch['ignorewhitespace'] ? "--ignore-whitespace" : ""; + $pathstrip = '-p' . $patch['pathstrip']; + $full_patch_command = "{$patch_cmd} --directory={$directory} {$force} {$pathstrip} {$filename} {$check} {$direction} {$whitespace}"; + patch_write($patch); + if (!$fulldetail) + $output = (mwexec($full_patch_command, true) == 0); + else + $output = $full_patch_command . "\n\n" . shell_exec($full_patch_command . ' 2>&1'); + patch_erase($patch); + return $output; +} + +/* Attempt to apply a patch */ +function patch_apply($patch) { + return patch_commit($patch, "apply", false); +} + +/* Attempt to revert a patch */ +function patch_revert($patch) { + return patch_commit($patch, "revert", false); +} + +/* Test if a patch would apply cleanly */ +function patch_test_apply($patch, $fulldetail=false) { + return patch_commit($patch, "apply", true, $fulldetail); +} + +/* Test if a patch would revert cleanly */ +function patch_test_revert($patch, $fulldetail=false) { + return patch_commit($patch, "revert", true, $fulldetail); +} + +/* Fetch a patch from a URL or github */ +function patch_fetch(& $patch) { + $url = patch_fixup_url($patch['location']); + $text = @file_get_contents($url); + if (empty($text)) { + return false; + } else { + $patch['patch'] = base64_encode($text); + write_config("Fetched patch {$patch['descr']}"); + return true; + } +} + +/* Write a patch file out to $patch_dir */ +function patch_write($patch) { + global $patch_dir, $patch_suffix; + if (!file_exists($patch_dir)) { + safe_mkdir($patch_dir); + } + if (empty($patch['patch'])) { + return false; + } else { + $text = base64_decode($patch['patch']); + $filename = $patch_dir . '/' . $patch['uniqid'] . $patch_suffix; + return (file_put_contents($filename, $text) > 0); + } +} + +function patch_erase($patch) { + global $patch_dir, $patch_suffix; + if (!file_exists($patch_dir)) { + return true; + } + $filename = $patch_dir . '/' . $patch['uniqid'] . $patch_suffix; + return @unlink($filename); +} + +/* Detect a github URL or commit ID and fix it up */ +function patch_fixup_url($url) { + global $git_root_url, $patch_suffix; + // If it's a commit id then prepend git url, and add .patch + if (is_commit_id($url)) { + $url = $git_root_url . $url . $patch_suffix; + } elseif (is_URL($url)) { + $urlbits = explode("/", $url); + if (substr($urlbits[2], -10) == "github.com") { + // If it's a github url and does not already end in .patch, add it + if (substr($url, -strlen($patch_suffix)) != $patch_suffix) { + // Make sure it's really a URL to a commit id before adding .patch + if (is_commit_id(array_pop($urlbits))) { + $url .= $patch_suffix; + } + } + } + } + return $url; +} + +function is_commit_id($str) { + return preg_match("/^[0-9a-f]{5,40}$/", $str); +} + +function is_github_url($url) { + $urlbits = explode("/", $url); + return (substr($urlbits[2], -10) == "github.com"); +} +?>
\ No newline at end of file diff --git a/config/systempatches/system_patches.php b/config/systempatches/system_patches.php new file mode 100644 index 00000000..2cb6abf9 --- /dev/null +++ b/config/systempatches/system_patches.php @@ -0,0 +1,287 @@ +<?php +/* + system_patches.php + Copyright (C) 2012 Jim Pingle + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* + pfSense_MODULE: system +*/ + +##|+PRIV +##|*IDENT=page-system-patches +##|*NAME=System: Patches +##|*DESCR=Allow access to the 'System: Patches' page. +##|*MATCH=system_patches.php* +##|-PRIV + +require("guiconfig.inc"); +require_once("functions.inc"); +require_once("itemid.inc"); +require_once("patches.inc"); + +if (!is_array($config['installedpackages']['patches']['item'])) + $config['installedpackages']['patches']['item'] = array(); + +$a_patches = &$config['installedpackages']['patches']['item']; + +/* if a custom message has been passed along, lets process it */ +if ($_GET['savemsg']) + $savemsg = $_GET['savemsg']; + +if ($_POST) { + $pconfig = $_POST; + if ($_POST['apply']) { + write_config(); + } +} + +if ($_GET['act'] == "del") { + if ($a_patches[$_GET['id']]) { + unset($a_patches[$_GET['id']]); + write_config(); + header("Location: system_patches.php"); + exit; + } +} + +if (($_GET['act'] == "fetch") && ($a_patches[$_GET['id']])) { + $savemsg = patch_fetch(& $a_patches[$_GET['id']]) ? gettext("Patch Fetched Successfully") : gettext("Patch Fetch Failed"); +} +if (($_GET['act'] == "test") && ($a_patches[$_GET['id']])) { + $savemsg = patch_test_apply($a_patches[$_GET['id']]) ? gettext("Patch can be applied cleanly") : gettext("Patch can NOT be applied cleanly"); + $savemsg .= " (<a href=\"system_patches.php?id={$_GET['id']}&fulltest=apply\">" . gettext("detail") . "</a>)"; + $savemsg .= empty($savemsg) ? "" : "<br/>"; + $savemsg .= patch_test_revert($a_patches[$_GET['id']]) ? gettext("Patch can be reverted cleanly") : gettext("Patch can NOT be reverted cleanly"); + $savemsg .= " (<a href=\"system_patches.php?id={$_GET['id']}&fulltest=revert\">" . gettext("detail") . "</a>)"; +} +if (($_GET['fulltest']) && ($a_patches[$_GET['id']])) { + if ($_GET['fulltest'] == "apply") { + $fulldetail = patch_test_apply($a_patches[$_GET['id']], true); + } elseif ($_GET['fulltest'] == "revert") { + $fulldetail = patch_test_revert($a_patches[$_GET['id']], true); + } +} +if (($_GET['act'] == "apply") && ($a_patches[$_GET['id']])) { + $savemsg = patch_apply($a_patches[$_GET['id']]) ? gettext("Patch applied successfully") : gettext("Patch could NOT be applied!"); +} +if (($_GET['act'] == "revert") && ($a_patches[$_GET['id']])) { + $savemsg = patch_revert($a_patches[$_GET['id']]) ? gettext("Patch reverted successfully") : gettext("Patch could NOT be reverted!"); +} + + +if (isset($_POST['del_x'])) { + /* delete selected patches */ + if (is_array($_POST['patch']) && count($_POST['patch'])) { + foreach ($_POST['patch'] as $patchi) { + unset($a_patches[$patchi]); + } + write_config(); + header("Location: system_patches.php"); + exit; + } +} else { + /* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */ + unset($movebtn); + foreach ($_POST as $pn => $pd) { + if (preg_match("/move_(\d+)_x/", $pn, $matches)) { + $movebtn = $matches[1]; + break; + } + } + /* move selected patches before this patch */ + if (isset($movebtn) && is_array($_POST['patch']) && count($_POST['patch'])) { + $a_patches_new = array(); + + /* copy all patches < $movebtn and not selected */ + for ($i = 0; $i < $movebtn; $i++) { + if (!in_array($i, $_POST['patch'])) + $a_patches_new[] = $a_patches[$i]; + } + + /* copy all selected patches */ + for ($i = 0; $i < count($a_patches); $i++) { + if ($i == $movebtn) + continue; + if (in_array($i, $_POST['patch'])) + $a_patches_new[] = $a_patches[$i]; + } + + /* copy $movebtn patch */ + if ($movebtn < count($a_patches)) + $a_patches_new[] = $a_patches[$movebtn]; + + /* copy all patches > $movebtn and not selected */ + for ($i = $movebtn+1; $i < count($a_patches); $i++) { + if (!in_array($i, $_POST['patch'])) + $a_patches_new[] = $a_patches[$i]; + } + $a_patches = $a_patches_new; + write_config(); + header("Location: system_patches.php"); + return; + } +} + +$pgtitle = array(gettext("System"),gettext("Patches")); +include("head.inc"); + +echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/domLib.js\"></script>"; +echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/domTT.js\"></script>"; +echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/behaviour.js\"></script>"; +echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/fadomatic.js\"></script>"; + +?> +<link rel="stylesheet" href="/javascript/chosen/chosen.css" /> +<body link="#000000" vlink="#000000" alink="#000000"> +<?php include("fbegin.inc"); ?> +<form action="system_patches.php" method="post" name="iform"> +<script type="text/javascript" language="javascript" src="/javascript/row_toggle.js"></script> +<?php if ($savemsg) print_info_box($savemsg); ?> +<table width="100%" border="0" cellpadding="0" cellspacing="0"> +<tr><td><div id="mainarea"> +<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> +<tr><td colspan="8" align="center"> +<?php echo gettext("This page allows you to add patches, either from the official code repository or ones pasted in from e-mail or other sources."); ?> +<br/><br/> +<strong><?php echo gettext("Use with caution!"); ?></strong> +<br/><br/> +<?php if (!empty($fulldetail)): ?> +</td></tr> +<tr><td></td><td colspan="7" align="left">Output of full patch <?php echo $_GET['fulltest']; ?> test: +<pre><?php echo $fulldetail; ?></pre> +<a href="system_patches.php">Close</a><br/><br/> +<?php endif; ?> +</td></tr> +<tr id="frheader"> +<td width="5%" class="list"> </td> +<td width="5%" class="listhdrr"><?=gettext("Description");?></td> +<td width="65%" class="listhdrr"><?=gettext("URL/ID");?></td> +<td width="5%" class="listhdrr"><?=gettext("Fetch");?></td> +<td width="5%" class="listhdrr"><?=gettext("Test");?></td> +<td width="5%" class="listhdrr"><?=gettext("Apply");?></td> +<td width="5%" class="listhdr"><?=gettext("Revert");?></td> +<td width="5%" class="list"> +<table border="0" cellspacing="0" cellpadding="1"> + <tr><td width="17"> + <?php if (count($a_patches) == 0): ?> + <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?=gettext("delete selected patches");?>" border="0"> + <?php else: ?> + <input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="<?=gettext("delete selected patches"); ?>" onclick="return confirm('<?=gettext("Do you really want to delete the selected patches?");?>')"> + <?php endif; ?> + </td> + <td><a href="system_patches_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add new patch"); ?>"></a></td> + </tr> +</table> +</td> +</tr> + +<?php +$npatches = $i = 0; +foreach ($a_patches as $thispatch): + $can_apply = patch_test_apply($thispatch); + $can_revert = patch_test_revert($thispatch); + +?> + <tr valign="top" id="fr<?=$npatches;?>"> + <td class="listt"><input type="checkbox" id="frc<?=$npatches;?>" name="patch[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$npatches;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;"></td> + <td class="listlr" onClick="fr_toggle(<?=$npatches;?>)" id="frd<?=$npatches;?>" ondblclick="document.location='system_patches_edit.php?id=<?=$npatches;?>';"> + <?=$thispatch['descr'];?> + </td> + <td class="listr" onClick="fr_toggle(<?=$npatches;?>)" id="frd<?=$npatches;?>" ondblclick="document.location='system_patches_edit.php?id=<?=$npatches;?>';"> + + <?php + if (!empty($thispatch['location'])) + echo $thispatch['location']; + elseif (!empty($thispatch['patch'])) + echo gettext("Saved Patch"); + ?> + </td> + <td class="listr" onClick="fr_toggle(<?=$npatches;?>)" id="frd<?=$npatches;?>" ondblclick="document.location='system_patches_edit.php?id=<?=$npatches;?>';"> + <?php if (empty($thispatch['patch'])): ?> + <a href="system_patches.php?id=<?=$i;?>&act=fetch"><?php echo gettext("Fetch"); ?></a> + <?php elseif (!empty($thispatch['location'])): ?> + <a href="system_patches.php?id=<?=$i;?>&act=fetch"><?php echo gettext("Re-Fetch"); ?></a> + <?php endif; ?> + </td> + <td class="listr" onClick="fr_toggle(<?=$npatches;?>)" id="frd<?=$npatches;?>" ondblclick="document.location='system_patches_edit.php?id=<?=$npatches;?>';"> + <?php if (!empty($thispatch['patch'])): ?> + <a href="system_patches.php?id=<?=$i;?>&act=test"><?php echo gettext("Test"); ?></a> + <?php endif; ?> + </td> + <td class="listr" onClick="fr_toggle(<?=$npatches;?>)" id="frd<?=$npatches;?>" ondblclick="document.location='system_patches_edit.php?id=<?=$npatches;?>';"> + <?php if ($can_apply): ?> + <a href="system_patches.php?id=<?=$i;?>&act=apply"><?php echo gettext("Apply"); ?></a> + <?php endif; ?> + </td> + <td class="listr" onClick="fr_toggle(<?=$npatches;?>)" id="frd<?=$npatches;?>" ondblclick="document.location='system_patches_edit.php?id=<?=$npatches;?>';"> + <?php if ($can_revert): ?> + <a href="system_patches.php?id=<?=$i;?>&act=revert"><?php echo gettext("Revert"); ?></a> + <?php endif; ?> + </td> + <td valign="middle" class="list" nowrap> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td><input onmouseover="fr_insline(<?=$npatches;?>, true)" onmouseout="fr_insline(<?=$npatches;?>, false)" name="move_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" title="<?=gettext("move selected patches before this patch");?>" height="17" type="image" width="17" border="0"></td> + <td><a href="system_patches_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="<?=gettext("edit patch"); ?>"></a></td> + </tr> + <tr> + <td align="center" valign="middle"><a href="system_patches.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this patch?");?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("delete patch");?>"></a></td> + <td></td> + </tr> + </table> + </td></tr> +<?php $i++; $npatches++; endforeach; ?> + <tr> + <td class="list" colspan="7"></td> + <td class="list" valign="middle" nowrap> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td><?php if ($npatches == 0): ?><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected patches to end"); ?>" border="0"><?php else: ?><input name="move_<?=$i;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" width="17" height="17" title="<?=gettext("move selected patches to end");?>" border="0"><?php endif; ?></td> + </tr> + <tr> + <td width="17"> + <?php if (count($a_patches) == 0): ?> + <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?=gettext("delete selected patches");?>" border="0"> + <?php else: ?> + <input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="<?=gettext("delete selected patches"); ?>" onclick="return confirm('<?=gettext("Do you really want to delete the selected patches?");?>')"> + <?php endif; ?> + </td> + <td><a href="system_patches_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add new patch"); ?>"></a></td> + </tr> + </table> + </td> + </tr> + <tr><td></td><td colspan="6"> + <?php echo gettext("NOTE: Each patch is tested, and the appropriate action is shown. If neither 'Apply' or 'Revert' shows up, the patch cannot be used (check the pathstrip and whitespace options)."); ?> + <br/><br/> + <?php echo gettext("Use the 'Test' link to see if a patch can be applied or reverted. You can reorder patches so that higher patches apply later than lower patches."); ?> + </td><td></td></tr> + </table> +</div></td></tr> +</table> +</form> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/config/systempatches/system_patches_edit.php b/config/systempatches/system_patches_edit.php new file mode 100644 index 00000000..a4038b05 --- /dev/null +++ b/config/systempatches/system_patches_edit.php @@ -0,0 +1,223 @@ +<?php +/* + system_patches_edit.php + Copyright (C) 2012 Jim Pingle + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* + pfSense_MODULE: system +*/ + +##|+PRIV +##|*IDENT=page-system-patches-edit +##|*NAME=System: Edit Patches +##|*DESCR=Allow access to the 'System: Edit Patches' page. +##|*MATCH=system_patches_edit.php* +##|-PRIV + +require("guiconfig.inc"); +require_once("itemid.inc"); +require_once("patches.inc"); + +if (!is_array($config['installedpackages']['patches']['item'])) { + $config['installedpackages']['patches']['item'] = array(); +} +$a_patches = &$config['installedpackages']['patches']['item']; + +$id = $_GET['id']; +if (isset($_POST['id'])) + $id = $_POST['id']; + +if (isset($_GET['dup'])) { + $id = $_GET['dup']; + $after = $_GET['dup']; +} + +if (isset($id) && $a_patches[$id]) { + $pconfig['descr'] = $a_patches[$id]['descr']; + $pconfig['location'] = $a_patches[$id]['location']; + $pconfig['patch'] = $a_patches[$id]['patch']; + $pconfig['pathstrip'] = $a_patches[$id]['pathstrip']; + $pconfig['basedir'] = $a_patches[$id]['basedir']; + $pconfig['ignorewhitespace'] = isset($a_patches[$id]['ignorewhitespace']); + $pconfig['autoapply'] = isset($a_patches[$id]['autoapply']); + $pconfig['uniqid'] = $a_patches[$id]['uniqid']; +} + +if (isset($_GET['dup'])) + unset($id); + +unset($input_errors); + +if ($_POST) { + $pconfig = $_POST; + + /* input validation */ + if(empty($_POST['location'])) { + $reqdfields = explode(" ", "patch"); + $reqdfieldsn = array(gettext("Patch Contents")); + } else { + $reqdfields = explode(" ", "descr location"); + $reqdfieldsn = array(gettext("Description"),gettext("URL/Commit ID")); + } + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if (!empty($_POST['location']) && !is_commit_id($_POST['location']) && !is_URL($_POST['location'])) { + $input_errors[] = gettext("The supplied commit ID/URL appears to be invalid."); + } + if (!is_numeric($_POST['pathstrip'])) { + $input_errors[] = gettext("Path Strip Count must be numeric!"); + } + if (!empty($_POST['basedir']) && (!file_exists($_POST['basedir']) || !is_dir($_POST['basedir']))) { + $input_errors[] = gettext("Base Directory must exist and be a directory!"); + } + + if (!$input_errors) { + $thispatch = array(); + + $thispatch['descr'] = $_POST['descr']; + $thispatch['location'] = patch_fixup_url($_POST['location']); + if (!empty($_POST['patch'])) { + /* Strip DOS style carriage returns from textarea input */ + $thispatch['patch'] = base64_encode(str_replace("\r", "", $_POST['patch'])); + } + if (is_github_url($thispatch['location']) && ($_POST['pathstrip'] == 0)) + $thispatch['pathstrip'] = 1; + else + $thispatch['pathstrip'] = $_POST['pathstrip']; + $thispatch['basedir'] = empty($_POST['basedir']) ? "/" : $_POST['basedir']; + $thispatch['ignorewhitespace'] = isset($_POST['ignorewhitespace']); + $thispatch['autoapply'] = isset($_POST['autoapply']); + if (empty($_POST['uniqid'])) { + $thispatch['uniqid'] = uniqid(); + } else { + $thispatch['uniqid'] = $_POST['uniqid']; + } + + // Update the patch entry now + if (isset($id) && $a_patches[$id]) + $a_patches[$id] = $thispatch; + else { + if (is_numeric($after)) + array_splice($a_patches, $after+1, 0, array($thispatch)); + else + $a_patches[] = $thispatch; + } + + write_config(); + header("Location: system_patches.php"); + return; + } +} + +$pgtitle = array(gettext("System"),gettext("Patches"), gettext("Edit")); +include("head.inc"); + +?> +<link rel="stylesheet" href="/pfCenter/javascript/chosen/chosen.css" /> +</head> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<script src="/pfCenter/javascript/chosen/chosen.proto.js" type="text/javascript"></script> + +<?php +include("fbegin.inc"); ?> +<?php if ($input_errors) print_input_errors($input_errors); ?> +<form action="system_patches_edit.php" method="post" name="iform" id="iform"> +<table width="100%" border="0" cellpadding="6" cellspacing="0"> +<tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Edit Patch Entry"); ?></td> +</tr> +<tr> + <td width="22%" valign="top" class="vncellreq"><strong><?=gettext("Description"); ?></strong></td> + <td width="78%" class="vtable"> + <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>"> + <br> <span class="vexpl"><?=gettext("Enter a description here for your reference."); ?></span></td> +</tr> +<tr> + <td width="22%" valign="top" class="vncell"><?=gettext("URL/Commit ID"); ?></td> + <td width="78%" class="vtable"> + <input name="location" type="text" class="formfld unknown" id="location" size="40" value="<?=htmlspecialchars($pconfig['location']);?>"> + <br> <span class="vexpl"><?=gettext("Enter a URL to a patch, or a commit ID from the main github repository (NOT the tools or packages repos!)."); ?></span></td> +</tr> +<tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Patch Contents"); ?></td> + <td width="78%" class="vtable"> + <textarea name="patch" class="" id="patch" ROWS="15" COLS="70" wrap="off"><?=base64_decode($pconfig['patch']);?></textarea> + <br> <span class="vexpl"><?=gettext("The contents of the patch. You can paste a patch here, or enter a URL/commit ID above, it can then be fetched into here automatically."); ?></span></td> +</tr> +<tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Path Strip Count:"); ?></td> + <td width="78%" class="vtable"> + <select name="pathstrip" class="formselect" id="pathstrip"> +<?php for ($i = 0; $i < 20; $i++): ?> + <option value="<?=$i;?>" <?php if ($i == $pconfig['pathstrip']) echo "selected"; ?>><?=$i;?></option> +<?php endfor; ?> + </select> + </td> +</tr> +<tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Base Directory"); ?></td> + <td width="78%" class="vtable"> + <input name="basedir" type="text" class="formfld unknown" id="basedir" size="40" value="<?=htmlspecialchars($pconfig['basedir']);?>"> + <br> <span class="vexpl"><?=gettext("Enter the base directory for the patch, default is /. Patches from github are all based in /. Custom patches may need a full path here such as /usr/local/www/"); ?></span></td> +</tr> +<tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Ignore Whitespace"); ?></td> + <td width="78%" class="vtable"> + <input name="ignorewhitespace" type="checkbox" id="ignorewhitespace" value="yes" <?php if ($pconfig['ignorewhitespace']) echo "checked"; ?>> + <strong><?=gettext("Ignore Whitespace"); ?></strong><br /> + <span class="vexpl"><?=gettext("Set this option to ignore whitespace in the patch."); ?></span> + </td> +</tr> +<!-- This isn't ready yet +<tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Auto Apply"); ?></td> + <td width="78%" class="vtable"> + <input name="autoapply" type="checkbox" id="autoapply" value="yes" <?php if ($pconfig['autoapply']) echo "checked"; ?>> + <strong><?=gettext("Auto-Apply Patch"); ?></strong><br /> + <span class="vexpl"><?=gettext("Set this option to apply the patch automatically when possible, useful for patches to survive after firmware updates."); ?></span> + </td> +</tr> +--> +<tr> + <td width="22%" valign="top"> </td> + <td width="78%">Patch id: <?php echo $pconfig['uniqid']; ?></td> +</tr> +<tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> <input type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="history.back()"> + <?php if (isset($id) && $a_patches[$id]): ?> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> + <input name="uniqid" type="hidden" value="<?=htmlspecialchars($pconfig['uniqid']);?>"> + <?php endif; ?> + </td> +</tr> +</table> +</form> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/config/systempatches/systempatches.xml b/config/systempatches/systempatches.xml new file mode 100644 index 00000000..3730c84f --- /dev/null +++ b/config/systempatches/systempatches.xml @@ -0,0 +1,66 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* ========================================================================== */ +/* + systempatches.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 Jim Pingle + All rights reserved. +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>System Patches</description> + <requirements>None</requirements> + <faq>Applies patches supplied by the user to the firewall.</faq> + <name>System Patches</name> + <version>0.5</version> + <title>System: Patches</title> + <menu> + <name>Patches</name> + <tooltiptext></tooltiptext> + <section>System</section> + <url>/system_patches.php</url> + </menu> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>644</chmod> + <item>http://www.pfsense.com/packages/config/systempatches/system_patches.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>644</chmod> + <item>http://www.pfsense.com/packages/config/systempatches/system_patches_edit.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>644</chmod> + <item>http://www.pfsense.com/packages/config/systempatches/patches.inc</item> + </additional_files_needed> +</packagegui>
\ No newline at end of file diff --git a/config/varnish3/varnish.inc b/config/varnish3/varnish.inc index 91d09413..9e78d41f 100644 --- a/config/varnish3/varnish.inc +++ b/config/varnish3/varnish.inc @@ -378,7 +378,7 @@ EOFA; function sync_package_varnish() { global $config, $g; - if($config['installedpackages']['varnishcustomvcl']['config'] != "") { + if(is_array($config['installedpackages']['varnishcustomvcl']['config'])) { foreach($config['installedpackages']['varnishcustomvcl']['config'] as $vcl) { if($vcl['vcl_recv_early']) $vcl_recv_early = text_area_decode($vcl['vcl_recv_early']); @@ -397,7 +397,8 @@ function sync_package_varnish() { $vcl_recv_set_basic='#BASIC VCL RULES SETTING'."\n"; $vcl_recv_action_basic='#BASIC VCL RULES ACTIONS'."\n"; #$plataform=posix_uname(); - foreach($config['installedpackages']['varnishsettings']['config'] as $vcl) { + if (is_array($config['installedpackages']['varnishsettings']['config'])) + foreach($config['installedpackages']['varnishsettings']['config'] as $vcl) { if($vcl['streaming']){ $vcl_fetch_stream="set beresp.do_stream = true;\n"; } diff --git a/config/varnish64/varnish.inc b/config/varnish64/varnish.inc index 24891215..a7009c7d 100644 --- a/config/varnish64/varnish.inc +++ b/config/varnish64/varnish.inc @@ -378,7 +378,7 @@ EOFA; function sync_package_varnish() { global $config, $g; - if($config['installedpackages']['varnishcustomvcl']['config'] != "") { + if(is_array($config['installedpackages']['varnishcustomvcl']['config'])) { foreach($config['installedpackages']['varnishcustomvcl']['config'] as $vcl) { if($vcl['vcl_recv_early']) $vcl_recv_early = text_area_decode($vcl['vcl_recv_early']); @@ -397,7 +397,8 @@ function sync_package_varnish() { $vcl_recv_set_basic='#BASIC VCL RULES SETTING'."\n"; $vcl_recv_action_basic='#BASIC VCL RULES ACTIONS'."\n"; #$plataform=posix_uname(); - foreach($config['installedpackages']['varnishsettings']['config'] as $vcl) { + if (is_array($config['installedpackages']['varnishsettings']['config'])) + foreach($config['installedpackages']['varnishsettings']['config'] as $vcl) { if($vcl['fixgzip']){ $vcl_recv_set_basic.="\t#Fix gzip compression\n"; $vcl_recv_set_basic.="\t".'if (req.http.Accept-Encoding) {'."\n"; @@ -468,10 +469,10 @@ function sync_package_varnish() { #set static content var $vcl_recv_static_sufix=($vcl['staticache']=='no'?"pass":"lookup"); $vcl_recv_static ="\t#Enable static cache\n"; - $vcl_recv_static.="\t".'if (req.request=="GET" && req.url ~ "\.(css|js|txt|zip|pdf|rtf|flv|swf|html|htm)$") {'.$vcl_recv_static_prefix."\n\t\treturn($vcl_recv_static_sufix);\n\t\t}\n"; + $vcl_recv_static.="\t".'if (req.request=="GET" && req.url ~ "\.(css|js|txt|zip|rtf|flv|swf|html|htm)$") {'.$vcl_recv_static_prefix."\n\t\treturn($vcl_recv_static_sufix);\n\t\t}\n"; $vcl_recv_static.="\t".'if (req.request=="GET" && req.url ~ "\.(gif|jpg|jpeg|bmp|png|ico|img|tga|wmf|mp3|ogg)$") {'.$vcl_recv_static_prefix."\n\t\treturn($vcl_recv_static_sufix);\n\t\t}\n"; $vcl_fetch_static ="#Enable static cache\n"; - $vcl_fetch_static.='if (req.url ~ "\.(css|js|txt|zip|pdf|rtf|flv|swf|html|htm)$") {'."\n\tunset beresp.http.set-cookie;\n\t}\n"; + $vcl_fetch_static.='if (req.url ~ "\.(css|js|txt|zip|rtf|flv|swf|html|htm)$") {'."\n\tunset beresp.http.set-cookie;\n\t}\n"; $vcl_fetch_static.='if (req.url ~ "\.(gif|jpg|jpeg|bmp|png|ico|img|tga|wmf|mp3|ogg)$") {'."\n\tunset beresp.http.set-cookie;\n\t}\n"; switch ($vcl['staticache']){ @@ -723,7 +724,7 @@ function varnish_do_xmlrpc_sync($sync_to_ip, $password) { $cli->setCredentials('admin', $password); $resp = $cli->send($msg, "250"); if(!$resp) { - $error = "A communications error occurred while attempting varnish XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; + $error = "A communications error occurred while attempting varnish XMLRPC sync with {$url}:{$port} (exec_php)."; log_error($error); file_notice("sync_settings", $error, "varnish Settings Sync", ""); } elseif($resp->faultCode()) { @@ -733,7 +734,7 @@ function varnish_do_xmlrpc_sync($sync_to_ip, $password) { log_error($error); file_notice("sync_settings", $error, "varnish Settings Sync", ""); } else { - log_error("varnish XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); + log_error("varnish XMLRPC reload data success with {$url}:{$port} (exec_php)."); } } diff --git a/config/varnish64/varnish_sync.xml b/config/varnish64/varnish_sync.xml index 02434389..e9594d44 100644 --- a/config/varnish64/varnish_sync.xml +++ b/config/varnish64/varnish_sync.xml @@ -86,7 +86,7 @@ <field> <fielddescr>Automatically sync Varnish configuration changes</fielddescr> <fieldname>synconchanges</fieldname> - <description>pfSense will automatically sync changes to the hosts defined below.</description> + <description>Automatically sync changes to the hosts defined below.</description> <type>checkbox</type> </field> <field> diff --git a/config/zebedee/zebedee.inc b/config/zebedee/zebedee.inc index d66a269b..90a538e7 100755 --- a/config/zebedee/zebedee.inc +++ b/config/zebedee/zebedee.inc @@ -311,7 +311,7 @@ function zebedee_do_xmlrpc_sync($sync_to_ip, $password) { $cli->setCredentials('admin', $password); $resp = $cli->send($msg, "250"); if(!$resp) { - $error = "A communications error occurred while attempting zebedee XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; + $error = "A communications error occurred while attempting zebedee XMLRPC sync with {$url}:{$port} (exec_php)."; log_error($error); file_notice("sync_settings", $error, "zebedee Settings Sync", ""); } elseif($resp->faultCode()) { @@ -321,7 +321,7 @@ function zebedee_do_xmlrpc_sync($sync_to_ip, $password) { log_error($error); file_notice("sync_settings", $error, "zebedee Settings Sync", ""); } else { - log_error("zebedee XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); + log_error("zebedee XMLRPC reload data success with {$url}:{$port} (exec_php)."); } } diff --git a/config/zebedee/zebedee.xml b/config/zebedee/zebedee.xml index 9e3061a0..b56fa1a6 100644 --- a/config/zebedee/zebedee.xml +++ b/config/zebedee/zebedee.xml @@ -163,7 +163,7 @@ <type>input</type> <size>60</size> <description> - This specifies the external name are put in client.zbd file in field serverhost. Ex: 200.111.111.22 or zebedee.pfsense.org + This specifies the external name are put in client.zbd file in field serverhost. Ex: 200.111.111.22 or zebedee.example.com </description> </field> <field> diff --git a/config/zebedee/zebedee_sync.xml b/config/zebedee/zebedee_sync.xml index e2649fc8..2a4a4e14 100644 --- a/config/zebedee/zebedee_sync.xml +++ b/config/zebedee/zebedee_sync.xml @@ -1,117 +1,117 @@ -<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
-<packagegui>
- <copyright>
- <![CDATA[
-/* ========================================================================== */
-/*
- zebedee_sync.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2008 Scott Ullrich <sullrich@gmail.com>
- Copyright (C) 2011 Marcello Coutinho
- Copyright (C) 2011 Jorge Lustosa
- All rights reserved.
- */
-/* ========================================================================== */
-/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
- <name>zebedeesync</name>
- <version>1.1</version>
- <title>Zebedee: Manual Sync</title>
- <include_file>/usr/local/pkg/zebedee.inc</include_file>
- <tabs>
- <tab>
- <text>Settings</text>
- <url>/pkg_edit.php?xml=zebedee.xml&id=0</url>
- </tab>
- <tab>
- <text>Tunnels</text>
- <url>/pkg_edit.php?xml=zebedee_tunnels.xml&id=0</url>
- </tab>
- <tab>
- <text>Keys</text>
- <url>/zebedee_keys.php</url>
- </tab>
- <tab>
- <text>XMLRPC Sync</text>
- <url>/pkg_edit.php?xml=zebedee_sync.xml&id=0</url>
- <active/>
- </tab>
- <tab>
- <text>View config files</text>
- <url>/zebedee_view_config.php</url>
- </tab>
- <tab>
- <text>View log files</text>
- <url>/zebedee_log.php</url>
- </tab>
- </tabs>
- <configpath>installedpackages->package->zebedee</configpath>
- <fields>
- <field>
- <type>listtopic</type>
- <fieldname>temp</fieldname>
- <name>Enable Zebedee configuration sync</name>
- </field>
- <field>
- <fielddescr>Automatically sync Zebedee configuration changes</fielddescr>
- <fieldname>synconchanges</fieldname>
- <description>pfSense will automatically sync changes to the hosts defined below.</description>
- <type>checkbox</type>
- </field>
- <field>
- <fielddescr>Remote Server</fielddescr>
- <fieldname>none</fieldname>
- <type>rowhelper</type>
- <rowhelper>
- <rowhelperfield>
- <fielddescr>IP Address</fielddescr>
- <fieldname>ipaddress</fieldname>
- <description>IP Address of remote server</description>
- <type>input</type>
- <size>20</size>
- </rowhelperfield>
- <rowhelperfield>
- <fielddescr>Password</fielddescr>
- <fieldname>password</fieldname>
- <description>Password for remote server.</description>
- <type>password</type>
- <size>20</size>
- </rowhelperfield>
- </rowhelper>
- </field>
- </fields>
- <custom_php_resync_config_command>
- zebedee_sync_on_changes();
- </custom_php_resync_config_command>
- <custom_php_command_before_form>
- unset($_POST['temp']);
- </custom_php_command_before_form>
+<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* ========================================================================== */ +/* + zebedee_sync.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2008 Scott Ullrich <sullrich@gmail.com> + Copyright (C) 2011 Marcello Coutinho + Copyright (C) 2011 Jorge Lustosa + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>zebedeesync</name> + <version>1.1</version> + <title>Zebedee: Manual Sync</title> + <include_file>/usr/local/pkg/zebedee.inc</include_file> + <tabs> + <tab> + <text>Settings</text> + <url>/pkg_edit.php?xml=zebedee.xml&id=0</url> + </tab> + <tab> + <text>Tunnels</text> + <url>/pkg_edit.php?xml=zebedee_tunnels.xml&id=0</url> + </tab> + <tab> + <text>Keys</text> + <url>/zebedee_keys.php</url> + </tab> + <tab> + <text>XMLRPC Sync</text> + <url>/pkg_edit.php?xml=zebedee_sync.xml&id=0</url> + <active/> + </tab> + <tab> + <text>View config files</text> + <url>/zebedee_view_config.php</url> + </tab> + <tab> + <text>View log files</text> + <url>/zebedee_log.php</url> + </tab> + </tabs> + <configpath>installedpackages->package->zebedee</configpath> + <fields> + <field> + <type>listtopic</type> + <fieldname>temp</fieldname> + <name>Enable Zebedee configuration sync</name> + </field> + <field> + <fielddescr>Automatically sync Zebedee configuration changes</fielddescr> + <fieldname>synconchanges</fieldname> + <description>Automatically sync changes to the hosts defined below.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Remote Server</fielddescr> + <fieldname>none</fieldname> + <type>rowhelper</type> + <rowhelper> + <rowhelperfield> + <fielddescr>IP Address</fielddescr> + <fieldname>ipaddress</fieldname> + <description>IP Address of remote server</description> + <type>input</type> + <size>20</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Password</fielddescr> + <fieldname>password</fieldname> + <description>Password for remote server.</description> + <type>password</type> + <size>20</size> + </rowhelperfield> + </rowhelper> + </field> + </fields> + <custom_php_resync_config_command> + zebedee_sync_on_changes(); + </custom_php_resync_config_command> + <custom_php_command_before_form> + unset($_POST['temp']); + </custom_php_command_before_form> </packagegui>
\ No newline at end of file diff --git a/pkg_config.7.xml b/pkg_config.7.xml index bed6827e..519eb499 100755 --- a/pkg_config.7.xml +++ b/pkg_config.7.xml @@ -9,7 +9,7 @@ <category>File Management</category> <pkginfolink>http://doc.pfsense.org/index.php/Filer_package</pkginfolink> <config_file>http://www.pfsense.com/packages/config/filer/filer.xml</config_file> - <version>0.50</version> + <version>0.60</version> <status>Beta</status> <required_version>1.2.3</required_version> <maintainer>bscholer@cshl.edu</maintainer> diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 09688bb5..abdc7f57 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -6,15 +6,32 @@ <copy_packages_to_folder_ssh>/usr/local/www/files/packages/8/All/</copy_packages_to_folder_ssh> <packages> <package> + <name>Asterisk</name> + <pkginfolink>http://forum.pfsense.org/index.php/topic,47210.0.html</pkginfolink> + <descr><![CDATA[Asterisk is an open source framework for building communications applications.<br>Asterisk turns an ordinary computer into a communications server.]]></descr> + <website>http://www.asterisk.org/</website> + <category>Services</category> + <version>1.8.8.1 pkg v 0.1</version> + <status>Beta</status> + <required_version>2.0</required_version> + <config_file>http://www.pfsense.com/packages/config/asterisk/asterisk.xml</config_file> + <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/8/All/</depends_on_package_base_url> + <depends_on_package>asterisk18-1.8.8.1.tbz</depends_on_package> + <depends_on_package>openldap-sasl-client-2.4.26.tbz</depends_on_package> + <maintainer>marcellocoutinho@gmail.com robreg@zsurob.hu</maintainer> + <configurationfile>asterisk.xml</configurationfile> + <after_install_info>Please visit the Asterisk tab on status menu.</after_install_info> + </package> + <package> <name>Filer</name> <website/> <descr>Allows you to create and overwrite files from the GUI.</descr> <category>File Management</category> <pkginfolink>http://doc.pfsense.org/index.php/Filer_package</pkginfolink> <config_file>http://www.pfsense.com/packages/config/filer/filer.xml</config_file> - <version>0.50</version> + <version>0.60</version> <status>Beta</status> - <required_version>1.2.3</required_version> + <required_version>2.0</required_version> <maintainer>bscholer@cshl.edu</maintainer> <configurationfile>filer.xml</configurationfile> </package> @@ -117,19 +134,35 @@ <package> <name>haproxy</name> <pkginfolink>http://doc.pfsense.org/index.php/haproxy_package</pkginfolink> - <descr>The Reliable, High Performance TCP/HTTP Load Balancer</descr> + <descr><![CDATA[The Reliable, High Performance HTTP Load Balancer<br> + This package implements HTTP balance features from Haproxy.]]></descr> <website>http://haproxy.1wt.eu/</website> <category>Services</category> - <version>1.4.18 pkg v 1.2</version> + <version>1.4.20 pkg v 1.2</version> <status>Release</status> <required_version>2.0</required_version> <config_file>http://www.pfsense.com/packages/config/haproxy/haproxy.xml</config_file> - <depends_on_package_base_url>http://e-sac.siteseguro.ws/pfsense/8/All/</depends_on_package_base_url> - <depends_on_package>haproxy-1.4.18.tbz</depends_on_package> + <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/8/All/</depends_on_package_base_url> + <depends_on_package>haproxy-1.4.20.tbz</depends_on_package> <configurationfile>haproxy.xml</configurationfile> <build_port_path>/usr/ports/net/haproxy</build_port_path> </package> <package> + <name>haproxy-full</name> + <pkginfolink>http://doc.pfsense.org/index.php/haproxy_package</pkginfolink> + <descr><![CDATA[The Reliable, High Performance TCP/HTTP Load Balancer<br> + This package implements both TCP and HTTP balance features from Haproxy.]]></descr> + <website>http://haproxy.1wt.eu/</website> + <category>Services</category> + <version>1.4.20 pkg v 1.0</version> + <status>Release</status> + <required_version>2.0</required_version> + <config_file>http://www.pfsense.com/packages/config/haproxy-legacy/haproxy.xml</config_file> + <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/8/All/</depends_on_package_base_url> + <depends_on_package>haproxy-1.4.20.tbz</depends_on_package> + <configurationfile>haproxy.xml</configurationfile> + </package> + <package> <name>Proxy Server with mod_security</name> <pkginfolink>http://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink> <website>http://www.modsecurity.org/</website> @@ -202,14 +235,15 @@ <descr>ntop is a network probe that shows network usage in a way similar to what top does for processes. In interactive mode, it displays the network status on the user's terminal. In Web mode it acts as a Web server, creating an HTML dump of the network status. It sports a NetFlow/sFlow emitter/collector, an HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics.</descr> <category>Network Management</category> <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_pbi>rrdtool-1.2.30_1-i386.pbi gdbm-1.9.1-i386.pbi perl-5.12.4_2-i386.pbi libpcap-1.1.1_1-i386.pbi geoip-1.4.8_1-i386.pbi font-util-1.2.0-i386.pbi webfonts-0.30_6-i386.pbi ntop-4.1.0_1-i386.pbi</depends_on_package_pbi> <depends_on_package>rrdtool-1.2.26_1.tbz</depends_on_package> - <depends_on_package>gdbm-1.8.3_3.tbz</depends_on_package> - <depends_on_package>perl-5.12.3.tbz</depends_on_package> + <depends_on_package>gdbm-1.9.1.tbz</depends_on_package> + <depends_on_package>perl-5.12.4_4.tbz</depends_on_package> <depends_on_package>libpcap-1.1.1_1.tbz</depends_on_package> <depends_on_package>GeoIP-1.4.8_1.tbz</depends_on_package> <depends_on_package>font-util-1.2.0.tbz</depends_on_package> <depends_on_package>webfonts-0.30_6.tbz</depends_on_package> - <depends_on_package>ntop-4.0.1_1.tbz</depends_on_package> + <depends_on_package>ntop-4.1.0_3.tbz</depends_on_package> <build_port_path>/usr/ports/net/GeoIP</build_port_path> <build_port_path>/usr/ports/databases/gdbm</build_port_path> <build_port_path>/usr/ports/databases/rrdtool12</build_port_path> @@ -217,10 +251,8 @@ <build_port_path>/usr/ports/graphics/graphviz</build_port_path> <build_port_path>/usr/ports/x11-fonts/webfonts</build_port_path> <build_port_path>/usr/ports/net/ntop</build_port_path> - <depends_on_package_pbi>rrdtool-1.2.30_1-i386.pbi gdbm-1.9.1-i386.pbi perl-5.12.4_2-i386.pbi libpcap-1.1.1_1-i386.pbi geoip-1.4.8_1-i386.pbi font-util-1.2.0-i386.pbi webfonts-0.30_6-i386.pbi ntop-4.1.0_1-i386.pbi</depends_on_package_pbi> - <build_options>WITHOUT_APNG=true WITHOUT_COLLATION_FIX=true WITHOUT_DEBUGGING=true WITHOUT_DEJAVU=true WITHOUT_DEVIL=true WITHOUT_DIGCOLA=true WITHOUT_EXTRA_PATCHES=true WITHOUT_FONTCONFIG=true WITHOUT_FPECTL=true WITHOUT_GAM_POLLER=true WITHOUT_GDBM=true WITHOUT_GDK_PIXBUF=true WITHOUT_GHOSTSCRIPT=true WITHOUT_GLITZ=true WITHOUT_GNOMEUI=true WITHOUT_GTK=true WITHOUT_GUILE=true WITHOUT_HUGE_STACK_SIZE=true WITHOUT_ICONV=true WITHOUT_IPSEPCOLA=true WITHOUT_LIBSIGSEGV=true WITHOUT_LOCALE=true WITHOUT_LUA=true WITHOUT_MING=true WITHOUT_MMAP=true WITHOUT_MULTIPLICITY=true WITHOUT_PANGOCAIRO=true WITHOUT_PCAP_PORT=true WITHOUT_PERL=true WITHOUT_PERL_MALLOC=true WITHOUT_PERL_MODULE=true WITHOUT_PHP=true WITHOUT_PTH=true WITHOUT_PYTHON=true WITHOUT_PYTHON_MODULE=true WITHOUT_RSVG=true WITHOUT_RUBY=true WITHOUT_RUBY_MODULE=true WITHOUT_SEM=true WITHOUT_SIMD=true WITHOUT_SITECUSTOMIZE=true WITHOUT_SMYRNA=true WITHOUT_SUIDPERL=true WITHOUT_TCL=true WITHOUT_THREADS=true WITHOUT_TK=true WITHOUT_X11=true WITHOUT_XCB=true WITHOUT_XMLDUMP=true WITHOUT_XPM=true WITHOUT_ZSH=true WITH_BASH=true WITH_EXTRA_ENCODINGS=true WITH_ICONV=true WITH_IPV6=true WITH_NLS=true WITH_PERL_64BITINT=true WITH_PYMALLOC=true WITH_TCPWRAPPER=true WITH_THREADS=true WITH_UCS4=true WITH_USE_PERL=true</build_options> - <version>4.0.1_1 v2</version> + <version>4.1.0_3 v2.3</version> <status>BETA</status> <required_version>2.0</required_version> <config_file>http://www.pfsense.com/packages/config/ntop2/ntop.xml</config_file> @@ -395,7 +427,7 @@ <pkginfolink>http://forum.pfsense.org/index.php/topic,40622.0.html</pkginfolink> <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>postfix-2.8.7,1.tbz</depends_on_package> - <version>2.8.7,1 pkg v.2.3.3_1</version> + <version>2.8.7,1 pkg v.2.3.4</version> <status>RC1</status> <required_version>2.0</required_version> <configurationfile>postfix.xml</configurationfile> @@ -416,12 +448,13 @@ <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/8/All/</depends_on_package_base_url> <depends_on_package>dansguardian-2.12.0.0.tbz</depends_on_package> <depends_on_package>clamav-0.97.3_1.tbz</depends_on_package> - <version>2.12.0.0 pkg v.0.1.4_1</version> + <depends_on_package>ca_root_nss-3.13.3.tbz</depends_on_package> + <version>2.12.0.0 pkg v.0.1.5.3</version> <status>beta</status> <required_version>2.0</required_version> <configurationfile>dansguardian.xml</configurationfile> <build_port_path>/usr/ports/www/dansguardian-devel</build_port_path> - <build_options>WITHOUT_APACHE=true WITHOUT_TRICKLE=false WITH_CLAMD=true WITH_ICAP=true WITH_NTLM=true</build_options> + <build_options>WITHOUT_APACHE=true WITH_TRICKLE=true WITH_CLAMD=true WITH_ICAP=true WITH_NTLM=true WITH_SSL=true</build_options> </package> <package> <name>mailscanner-dev</name> @@ -499,7 +532,7 @@ <maintainer>dv_serg@mail.ru</maintainer> <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>lightsquid-1.8_2.tbz</depends_on_package> - <depends_on_package>perl-5.12.3.tbz</depends_on_package> + <depends_on_package>perl-5.12.4_3.tbz</depends_on_package> <build_port_path>/usr/ports/www/lightsquid</build_port_path> <build_port_path>/usr/ports/lang/perl5.12</build_port_path> <status>Beta</status> @@ -510,6 +543,24 @@ <noembedded>true</noembedded> </package> <package> + <name>Sarg</name> + <website>http://www.dansguardian.org/</website> + <descr><![CDATA[Sarg - Squid Analysis Report Generator is a tool that allow you to view "where" your users are going to on the Internet.<br> + Sarg provides many informations about Proxy(squid,squidguard or dansguardian) users activities: times, bytes, sites, etc...]]></descr> + <category>Network Report</category> + <config_file>http://www.pfsense.com/packages/config/sarg/sarg.xml</config_file> + <pkginfolink>http://forum.pfsense.org/index.php/topic,47765.0.html</pkginfolink> + <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/8/All/</depends_on_package_base_url> + <depends_on_package>sarg-2.3.2.tbz</depends_on_package> + <version>2.3.2 pkg v.0.4.2_1</version> + <status>beta</status> + <required_version>2.0</required_version> + <configurationfile>sarg.xml</configurationfile> + <build_port_path>/usr/ports/www/sarg</build_port_path> + <build_options>WITHOUT_GD=false WITHOUT_PHP=true</build_options> + <after_install_info>Please visit sarg settings on Status Menu to configure sarg.</after_install_info> + </package> + <package> <name>Varnish</name> <descr><![CDATA[Varnish is a state-of-the-art, high-performance HTTP accelerator.<br> It uses the advanced features in FreeBSD 6/7/8 to achieve its high performance.]]></descr> @@ -609,7 +660,7 @@ <descr>VMware Tools</descr> <website>http://open-vm-tools.sourceforge.net/</website> <category>Services</category> - <version>313025</version> + <version>8.7.0.3046 (build-313025)</version> <status>Stable</status> <pkginfolink>http://doc.pfsense.org/index.php/Open_VM_Tools_package</pkginfolink> <required_version>2.0</required_version> @@ -651,6 +702,21 @@ </depends_on_package_pbi> </package> <package> + <name>Open-VM-Tools-8.8.1</name> + <descr>VMware Tools</descr> + <website>http://open-vm-tools.sourceforge.net/</website> + <category>Services</category> + <version>528969</version> + <status>RC</status> + <pkginfolink>http://doc.pfsense.org/index.php/Open_VM_Tools_package</pkginfolink> + <required_version>2.0</required_version> + <config_file>http://www.pfsense.org/packages/config/open-vm-tools_2/open-vm-tools.xml</config_file> + <configurationfile>open-vm-tools.xml</configurationfile> + <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/8/All/</depends_on_package_base_url> + <depends_on_package>open-vm-tools-nox11-528969,1.tbz</depends_on_package> + <depends_on_package>pcre-8.30_1.tbz</depends_on_package> + </package> + <package> <name>AutoConfigBackup</name> <maintainer>portal@bsdperimeter.com</maintainer> <descr>Automatically backs up your pfSense configuration. All contents are encrypted on the server. Requires pfSense Premium Support Portal Subscription from https://portal.pfsense.org</descr> @@ -708,10 +774,27 @@ <config_file>http://www.pfsense.com/packages/config/imspector/imspector.xml</config_file> <configurationfile>imspector.xml</configurationfile> <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package>sqlite3-3.7.9.tbz</depends_on_package> <depends_on_package>imspector-0.9.tbz</depends_on_package> <build_port_path>/usr/home/pfsense/tools/pfPorts/imspector</build_port_path> </package> <package> + <name>imspector-dev</name> + <descr>IMSpector is an Instant Messenger transparent proxy with logging capabilities. Currently it supports MSN, AIM, ICQ, Yahoo and IRC to different degrees.</descr> + <website>http://www.imspector.org/</website> + <category>Network Management</category> + <maintainer>marcellocoutinho@gmail.com</maintainer> + <version>20111108 pkg v 0.2_2</version> + <required_version>2.0</required_version> + <status>BETA</status> + <pkginfolink>http://doc.pfsense.org/index.php/IMSpector_package</pkginfolink> + <config_file>http://www.pfsense.com/packages/config/imspector-dev/imspector.xml</config_file> + <configurationfile>imspector.xml</configurationfile> + <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/8/All/</depends_on_package_base_url> + <depends_on_package>mysql-client-5.5.19.tbz</depends_on_package> + <depends_on_package>imspector-20111108.tbz</depends_on_package> + </package> + <package> <name>nut</name> <descr>Network UPS Tools</descr> <website>http://www.networkupstools.org/</website> @@ -815,8 +898,8 @@ On pfSense docs there is a how-to which could help you on porting users.]]></descr> <pkginfolink>http://doc.pfsense.org/index.php/FreeRADIUS_2.x_package</pkginfolink> <category>System</category> - <version>2.1.12 pkg v1.6.5</version> - <status>BETA</status> + <version>2.1.12 pkg v1.6.6_3</version> + <status>RC1</status> <required_version>2.0</required_version> <maintainer>nachtfalkeaw@web.de</maintainer> <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/8/All/</depends_on_package_base_url> @@ -936,72 +1019,25 @@ <configurationfile>squid.xml</configurationfile> </package> <package> - <name>squid-reverse</name> + <name>squid3</name> <descr><![CDATA[High performance web proxy cache.<br> It combines squid as a proxy server with it's capabilities of acting as a HTTP / HTTPS reverse proxy.<br> - It includes an Exchange-Web-Access (OWA) Assistant.<br> - <i>squid-reverse replaces the squid-package (squid config is maintained)</i>.]]></descr> - <pkginfolink>http://forum.pfsense.org/index.php/topic,44735.0.html</pkginfolink> + It includes an Exchange-Web-Access (OWA) Assistant.]]></descr> + <pkginfolink>http://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> <website>http://www.squid-cache.org/</website> <category>Network</category> - <version>2.7.9_2</version> - <status>Stable</status> + <version>3.1.19 pkg 2.0.5_2</version> + <status>beta</status> <required_version>2.0</required_version> - <maintainer>fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> - <depends_on_package>squid-2.7.9_1.tbz</depends_on_package> - <depends_on_package>squid_radius_auth-1.10.tbz</depends_on_package> - <depends_on_package>libwww-5.4.0_4.tbz</depends_on_package> - <depends_on_package_pbi> - libwww-5.4.0_4-i386.pbi - squid_radius_auth-1.10-i386.pbi - squid-2.7.9_1-i386.pbi - </depends_on_package_pbi> + <maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> + <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/8/All/</depends_on_package_base_url> + <depends_on_package>squid-3.1.19.tbz</depends_on_package> <!-- use build ports from squid 2.0 --> <build_options>WITH_SQUID_KERB_AUTH=true WITH_SQUID_LDAP_AUTH=true WITH_SQUID_NIS_AUTH=true WITH_SQUID_SASL_AUTH=true WITH_SQUID_DELAY_POOLS=true WITH_SQUID_SNMP=true WITH_SQUID_CARP=true WITH_SQUID_SSL=true WITHOUT_SQUID_PINGER=true WITHOUT_SQUID_DNS_HELPER=true WITH_SQUID_HTCP=true WITH_SQUID_VIA_DB=true WITH_SQUID_CACHE_DIGESTS=true WITH_SQUID_WCCP=true WITHOUT_SQUID_WCCPV2=true WITHOUT_SQUID_STRICT_HTTP=true WITH_SQUID_IDENT=true WITH_SQUID_REFERER_LOG=true WITHOUT_SQUID_USERAGENT_LOG=true WITH_SQUID_ARP_ACL=true WITH_SQUID_PF=true WITHOUT_SQUID_IPFILTER=true WITH_SQUID_FOLLOW_XFF=true WITH_SQUID_AUFS=true WITH_SQUID_COSS=true WITH_SQUID_KQUEUE=true WITH_SQUID_LARGEFILE=true WITHOUT_SQUID_STACKTRACES=true</build_options> <config_file>http://www.pfsense.org/packages/config/squid-reverse/squid.xml</config_file> <configurationfile>squid.xml</configurationfile> </package> <package> - <name>squid3</name> - <descr>EXPERIMENTAL! Not all directives are ported yet! High performance web proxy cache.</descr> - <website>http://www.squid-cache.org/</website> - <category>Network</category> - <version>3.1.9_0.1</version> - <status>ALPHA</status> - <required_version>2.0</required_version> - <maintainer>fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> - <depends_on_package>squid-3.1.9.tbz</depends_on_package> - <depends_on_package>squid_radius_auth-1.10.tbz</depends_on_package> - <depends_on_package>libwww-5.4.0_4.tbz</depends_on_package> - <!-- Do not add build paths please, it conflicts with squid 2.x --> - <build_options>WITH_SQUID_KERB_AUTH=true WITH_SQUID_LDAP_AUTH=true WITH_SQUID_NIS_AUTH=true WITH_SQUID_SASL_AUTH=true WITH_SQUID_IPV6=true WITH_SQUID_DELAY_POOLS=true WITH_SQUID_SNMP=true WITH_SQUID_SSL=true WITHOUT_SQUID_PINGER=true WITHOUT_SQUID_DNS_HELPER=true WITH_SQUID_HTCP=true WITH_SQUID_VIA_DB=true WITH_SQUID_CACHE_DIGESTS=true WITH_SQUID_WCCP=true WITHOUT_SQUID_WCCPV2=true WITHOUT_SQUID_STRICT_HTTP=true WITH_SQUID_IDENT=true WITH_SQUID_REFERER_LOG=true WITHOUT_SQUID_USERAGENT_LOG=true WITH_SQUID_ARP_ACL=true WITHOUT_SQUID_IPFW=true WITH_SQUID_PF=true WITHOUT_SQUID_IPFILTER=true WITH_SQUID_FOLLOW_XFF=true WITH_SQUID_ECAP=true WITH_SQUID_ICAP=true WITHOUT_SQUID_ESI=true WITH_SQUID_AUFS=true WITHOUT_SQUID_COSS=true WITH_SQUID_KQUEUE=true WITH_SQUID_LARGEFILE=true WITHOUT_SQUID_STACKTRACES=true WITHOUT_SQUID_DEBUG=true</build_options> - <config_file>http://www.pfsense.org/packages/config/squid3/squid.xml</config_file> - <configurationfile>squid.xml</configurationfile> - <noembedded>true</noembedded> - </package> - <package> - <name>squid3-reverse</name> - <descr>EXPERIMENTAL! High performance web proxy cache with reverse proxy.</descr> - <website>http://www.squid-cache.org/</website> - <category>Network</category> - <version>3.1.14_0.1</version> - <status>PRE-ALPHA</status> - <required_version>3.0</required_version> - <maintainer>fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> - <depends_on_package>squid-3.1.14.tbz</depends_on_package> - <depends_on_package>squid_radius_auth-1.10.tbz</depends_on_package> - <depends_on_package>libwww-5.4.0_4.tbz</depends_on_package> - <!-- Do not add build paths please, it conflicts with squid 2.x --> - <!-- COSS IS NOT SUPPORTED WITH VERSION 3.1.14 [build_options>WITH_SQUID_KERB_AUTH=true WITH_SQUID_LDAP_AUTH=true WITH_SQUID_NIS_AUTH=true WITH_SQUID_SASL_AUTH=true WITH_SQUID_IPV6=true WITH_SQUID_DELAY_POOLS=true WITH_SQUID_SNMP=true WITH_SQUID_SSL=true WITHOUT_SQUID_PINGER=true WITHOUT_SQUID_DNS_HELPER=true WITH_SQUID_HTCP=true WITH_SQUID_VIA_DB=true WITH_SQUID_CACHE_DIGESTS=true WITH_SQUID_WCCP=true WITHOUT_SQUID_WCCPV2=true WITHOUT_SQUID_STRICT_HTTP=true WITH_SQUID_IDENT=true WITH_SQUID_REFERER_LOG=true WITHOUT_SQUID_USERAGENT_LOG=true WITH_SQUID_ARP_ACL=true WITHOUT_SQUID_IPFW=true WITH_SQUID_PF=true WITHOUT_SQUID_IPFILTER=true WITH_SQUID_FOLLOW_XFF=true WITH_SQUID_ECAP=true WITH_SQUID_ICAP=true WITHOUT_SQUID_ESI=true WITH_SQUID_AUFS=true WITH_SQUID_COSS=true WITH_SQUID_KQUEUE=true WITH_SQUID_LARGEFILE=true WITHOUT_SQUID_STACKTRACES=true WITHOUT_SQUID_DEBUG=true</build_options]--> - <build_options>WITH_SQUID_KERB_AUTH=true WITH_SQUID_LDAP_AUTH=true WITH_SQUID_NIS_AUTH=true WITH_SQUID_SASL_AUTH=true WITH_SQUID_IPV6=true WITH_SQUID_DELAY_POOLS=true WITH_SQUID_SNMP=true WITH_SQUID_SSL=true WITHOUT_SQUID_PINGER=true WITHOUT_SQUID_DNS_HELPER=true WITH_SQUID_HTCP=true WITH_SQUID_VIA_DB=true WITH_SQUID_CACHE_DIGESTS=true WITH_SQUID_WCCP=true WITHOUT_SQUID_WCCPV2=true WITHOUT_SQUID_STRICT_HTTP=true WITH_SQUID_IDENT=true WITH_SQUID_REFERER_LOG=true WITHOUT_SQUID_USERAGENT_LOG=true WITH_SQUID_ARP_ACL=true WITHOUT_SQUID_IPFW=true WITH_SQUID_PF=true WITHOUT_SQUID_IPFILTER=true WITH_SQUID_FOLLOW_XFF=true WITH_SQUID_ECAP=true WITH_SQUID_ICAP=true WITHOUT_SQUID_ESI=true WITH_SQUID_AUFS=true WITHOUT_SQUID_COSS=true WITH_SQUID_KQUEUE=true WITH_SQUID_LARGEFILE=true WITHOUT_SQUID_STACKTRACES=true WITHOUT_SQUID_DEBUG=true</build_options> - <config_file>http://www.pfsense.org/packages/config/squid3-reverse/squid.xml</config_file> - <configurationfile>squid.xml</configurationfile> - <noembedded>true</noembedded> - </package> - <package> <name>LCDproc</name> <descr>LCD display driver</descr> <website>http://www.lcdproc.org/</website> @@ -1065,10 +1101,10 @@ <status>Beta</status> <required_version>1.1</required_version> <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> - <depends_on_package>squidGuard-1.4_3.tbz</depends_on_package> + <depends_on_package>squidGuard-1.4_4.tbz</depends_on_package> <depends_on_package>db41-4.1.25_4.tbz</depends_on_package> <depends_on_package>db3-3.3.11_3,1.tbz</depends_on_package> - <depends_on_package>cyrus-sasl-2.1.23_3.tbz</depends_on_package> + <depends_on_package>cyrus-sasl-2.1.25_1.tbz</depends_on_package> <depends_on_package_pbi> cyrus-sasl-2.1.25_1-i386.pbi db42-4.2.52_5-i386.pbi @@ -1126,7 +1162,7 @@ </depends_on_package_pbi> <build_port_path>/usr/ports/archivers/p7zip</build_port_path> <build_port_path>/usr/ports/archivers/zip</build_port_path> - <version>0.9.7</version> + <version>0.9.9</version> <status>BETA</status> <required_version>2.0</required_version> <config_file>http://www.pfsense.com/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file> @@ -1261,6 +1297,7 @@ <status>Alpha</status> <maintainer>warren@decoy.co.za</maintainer> <required_version>2.0</required_version> + <maximum_version>2.0.1</maximum_version> <pkginfolink>http://doc.pfsense.org/index.php/Unbound_package</pkginfolink> <config_file>http://www.pfsense.com/packages/config/unbound/unbound.xml</config_file> <configurationfile>unbound.xml</configurationfile> @@ -1329,6 +1366,18 @@ <configurationfile>nrpe2.xml</configurationfile> </package> <package> + <name>SSHDCond</name> + <descr><![CDATA[Allows to define SSH overrides for users,groups,hosts and addresses using Match in a convenient way.<br> + This package acts as an access list frontend for ssh connections]]></descr> + <category>Enhancements</category> + <version>1.0</version> + <status>Beta</status> + <required_version>2.0</required_version> + <config_file>http://www.pfsense.com/packages/config/sshdcond/sshdcond.xml</config_file> + <maintainer>namezero@afim.info</maintainer> + <configurationfile>sshdcond.xml</configurationfile> + </package> + <package> <name>mailreport</name> <descr>Allows you to setup periodic e-mail reports containing RRD graphs.</descr> <category>Network Management</category> @@ -1364,5 +1413,32 @@ <required_version>2.0</required_version> <maximum_version>2.1</maximum_version> </package> + <package> + <name>Quagga OSPF</name> + <descr>OSPF routing protocol using Quagga -- WARNING! Installs files to the same place as OpenOSPFD. Installing both will break things.</descr> + <maintainer>jimp@pfsense.org</maintainer> + <version>0.99.20_3 v0.1.1</version> + <category>Routing</category> + <status>BETA</status> + <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package>quagga-0.99.20_3.tbz</depends_on_package> + <config_file>http://www.pfsense.com/packages/config/quagga_ospfd/quagga_ospfd.xml</config_file> + <build_port_path>/usr/ports/net/quagga</build_port_path> + <pkginfolink></pkginfolink> + <required_version>2.0</required_version> + <configurationfile>quagga_ospfd.xml</configurationfile> + </package> + <package> + <name>System Patches</name> + <descr>A package to apply and maintain custom system patches.</descr> + <maintainer>jimp@pfsense.org</maintainer> + <version>0.7.1</version> + <category>System</category> + <status>BETA</status> + <config_file>http://www.pfsense.com/packages/config/systempatches/systempatches.xml</config_file> + <pkginfolink></pkginfolink> + <required_version>2.0</required_version> + <configurationfile>systempatches.xml</configurationfile> + </package> </packages> </pfsensepkgs> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index 60b28dce..5ab7278e 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -6,15 +6,32 @@ <copy_packages_to_folder_ssh>/usr/local/www/files/packages/amd64/8/All/</copy_packages_to_folder_ssh> <packages> <package> + <name>Asterisk</name> + <pkginfolink>http://forum.pfsense.org/index.php/topic,47210.0.html</pkginfolink> + <descr><![CDATA[Asterisk is an open source framework for building communications applications.<br>Asterisk turns an ordinary computer into a communications server.]]></descr> + <website>http://www.asterisk.org/</website> + <category>Services</category> + <version>1.8.8.1 pkg v 0.1</version> + <status>Beta</status> + <required_version>2.0</required_version> + <config_file>http://www.pfsense.com/packages/config/asterisk/asterisk.xml</config_file> + <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package>asterisk18-1.8.8.1.tbz</depends_on_package> + <depends_on_package>openldap-sasl-client-2.4.26.tbz</depends_on_package> + <maintainer>marcellocoutinho@gmail.com robreg@zsurob.hu</maintainer> + <configurationfile>asterisk.xml</configurationfile> + <after_install_info>Please visit the Asterisk tab on status menu.</after_install_info> + </package> + <package> <name>Filer</name> <website/> <descr>Allows you to create and overwrite files from the GUI.</descr> <category>File Management</category> <pkginfolink>http://doc.pfsense.org/index.php/Filer_package</pkginfolink> <config_file>http://www.pfsense.com/packages/config/filer/filer.xml</config_file> - <version>0.50</version> + <version>0.60</version> <status>Beta</status> - <required_version>1.2.3</required_version> + <required_version>2.0</required_version> <maintainer>bscholer@cshl.edu</maintainer> <configurationfile>filer.xml</configurationfile> </package> @@ -94,25 +111,21 @@ <configurationfile>squid.xml</configurationfile> </package> <package> - <name>squid-reverse</name> + <name>squid3</name> <descr><![CDATA[High performance web proxy cache.<br> It combines squid as a proxy server with it's capabilities of acting as a HTTP / HTTPS reverse proxy.<br> - It includes an Exchange-Web-Access (OWA) Assistant.<br> - <i>squid-reverse replaces the squid-package (squid config is maintained)</i>.]]></descr> - <pkginfolink>http://forum.pfsense.org/index.php/topic,44735.0.html</pkginfolink> + It includes an Exchange-Web-Access (OWA) Assistant.]]></descr> + <pkginfolink>http://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> <website>http://www.squid-cache.org/</website> <category>Network</category> - <version>2.7.9_2</version> - <status>Stable</status> + <version>3.1.19 pkg 2.0.5_2</version> + <status>beta</status> <required_version>2.0</required_version> <maintainer>fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> - <depends_on_package_pbi>squid-2.7.9_1-amd64.pbi squid_radius_auth-1.10-amd64.pbi libwww-5.4.0_4-amd64.pbi</depends_on_package_pbi> - <depends_on_package>squid-2.7.9_1.tbz</depends_on_package> - <depends_on_package>squid_radius_auth-1.10.tbz</depends_on_package> - <depends_on_package>libwww-5.4.0_4.tbz</depends_on_package> + <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package>squid-3.1.19.tbz</depends_on_package> <!-- use build ports from squid 2.0 --> - <build_options>WITH_SQUID_KERB_AUTH=true WITH_SQUID_LDAP_AUTH=true WITH_SQUID_NIS_AUTH=true WITH_SQUID_SASL_AUTH=true WITH_SQUID_DELAY_POOLS=true WITH_SQUID_SNMP=true WITH_SQUID_CARP=true WITH_SQUID_SSL=true WITHOUT_SQUID_PINGER=true WITHOUT_SQUID_DNS_HELPER=true WITH_SQUID_HTCP=true WITH_SQUID_VIA_DB=true WITH_SQUID_CACHE_DIGESTS=true WITH_SQUID_WCCP=true WITHOUT_SQUID_WCCPV2=true WITHOUT_SQUID_STRICT_HTTP=true WITH_SQUID_IDENT=true WITH_SQUID_REFERER_LOG=true WITHOUT_SQUID_USERAGENT_LOG=true WITH_SQUID_ARP_ACL=true WITH_SQUID_PF=true WITHOUT_SQUID_IPFILTER=true WITH_SQUID_FOLLOW_XFF=true WITH_SQUID_AUFS=true WITH_SQUID_COSS=true WITH_SQUID_KQUEUE=true WITH_SQUID_LARGEFILE=true WITHOUT_SQUID_STACKTRACES=true</build_options> + <build_options>WITH_SQUID_KERB_AUTH=true WITH_SQUID_LDAP_AUTH=true WITH_SQUID_NIS_AUTH=true WITH_SQUID_SASL_AUTH=true WITH_SQUID_DELAY_POOLS=true WITH_SQUID_SNMP=true WITH_SQUID_CARP=true WITH_SQUID_SSL=true WITHOUT_SQUID_PINGER=true WITHOUT_SQUID_DNS_HELPER=true WITH_SQUID_HTCP=true WITH_SQUID_VIA_DB=true WITH_SQUID_CACHE_DIGESTS=true WITH_SQUID_WCCP=true WITHOUT_SQUID_WCCPV2=true WITHOUT_SQUID_STRICT_HTTP=true WITH_SQUID_IDENT=true WITH_SQUID_REFERER_LOG=true WITHOUT_SQUID_USERAGENT_LOG=true WITH_SQUID_ARP_ACL=true WITH_SQUID_PF=true WITHOUT_SQUID_IPFILTER=true WITH_SQUID_FOLLOW_XFF=true WITH_SQUID_AUFS=true WITH_SQUID_COSS=true WITH_SQUID_KQUEUE=true WITH_SQUID_LARGEFILE=true WITHOUT_SQUID_STACKTRACES=true</build_options> <config_file>http://www.pfsense.org/packages/config/squid-reverse/squid.xml</config_file> <configurationfile>squid.xml</configurationfile> </package> @@ -200,19 +213,36 @@ <package> <name>haproxy</name> <pkginfolink>http://doc.pfsense.org/index.php/haproxy_package</pkginfolink> - <descr>The Reliable, High Performance TCP/HTTP Load Balancer</descr> + <descr><![CDATA[The Reliable, High Performance HTTP Load Balancer<br> + This package implements HTTP balance features from Haproxy.]]></descr> <website>http://haproxy.1wt.eu/</website> <category>Services</category> - <version>1.4.18 pkg v 1.2</version> + <version>1.4.20 pkg v 1.2</version> <status>Release</status> <required_version>2.0</required_version> <config_file>http://www.pfsense.com/packages/config/haproxy/haproxy.xml</config_file> <configurationfile>haproxy.xml</configurationfile> - <depends_on_package_base_url>http://e-sac.siteseguro.ws/pfsense/8/amd64/All/</depends_on_package_base_url> - <depends_on_package>haproxy-1.4.18.tbz</depends_on_package> + <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package>haproxy-1.4.20.tbz</depends_on_package> <build_port_path>/usr/ports/net/haproxy</build_port_path> </package> <package> + <name>haproxy-full</name> + <pkginfolink>http://doc.pfsense.org/index.php/haproxy_package</pkginfolink> + <descr><![CDATA[The Reliable, High Performance TCP/HTTP Load Balancer package<br> + This package implements both TCP and HTTP balance features from Haproxy.]]></descr> + <website>http://haproxy.1wt.eu/</website> + <category>Services</category> + <version>1.4.20 pkg v 1.0</version> + <status>Release</status> + <required_version>2.0</required_version> + <config_file>http://www.pfsense.com/packages/config/haproxy-legacy/haproxy.xml</config_file> + <configurationfile>haproxy.xml</configurationfile> + <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package>haproxy-1.4.20.tbz</depends_on_package> + </package> + + <package> <name>Proxy Server with mod_security</name> <pkginfolink>http://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink> <website>http://www.modsecurity.org/</website> @@ -287,13 +317,13 @@ <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package_pbi>rrdtool-1.2.30_1-amd64.pbi gdbm-1.9.1-amd64.pbi perl-5.12.4_2-amd64.pbi libpcap-1.1.1_1-amd64.pbi geoip-1.4.8_1-amd64.pbi font-util-1.2.0-amd64.pbi webfonts-0.30_6-amd64.pbi ntop-4.1.0_1-amd64.pbi</depends_on_package_pbi> <depends_on_package>rrdtool-1.2.26_1.tbz</depends_on_package> - <depends_on_package>gdbm-1.8.3_3.tbz</depends_on_package> - <depends_on_package>perl-5.12.3.tbz</depends_on_package> + <depends_on_package>gdbm-1.9.1.tbz</depends_on_package> + <depends_on_package>perl-5.12.4_4.tbz</depends_on_package> <depends_on_package>libpcap-1.1.1_1.tbz</depends_on_package> <depends_on_package>GeoIP-1.4.8_1.tbz</depends_on_package> <depends_on_package>font-util-1.2.0.tbz</depends_on_package> <depends_on_package>webfonts-0.30_6.tbz</depends_on_package> - <depends_on_package>ntop-4.0.1_1.tbz</depends_on_package> + <depends_on_package>ntop-4.1.0_3.tbz</depends_on_package> <build_port_path>/usr/ports/net/GeoIP</build_port_path> <build_port_path>/usr/ports/databases/gdbm</build_port_path> <build_port_path>/usr/ports/databases/rrdtool12</build_port_path> @@ -302,7 +332,7 @@ <build_port_path>/usr/ports/x11-fonts/webfonts</build_port_path> <build_port_path>/usr/ports/net/ntop</build_port_path> <build_options>WITHOUT_APNG=true WITHOUT_COLLATION_FIX=true WITHOUT_DEBUGGING=true WITHOUT_DEJAVU=true WITHOUT_DEVIL=true WITHOUT_DIGCOLA=true WITHOUT_EXTRA_PATCHES=true WITHOUT_FONTCONFIG=true WITHOUT_FPECTL=true WITHOUT_GAM_POLLER=true WITHOUT_GDBM=true WITHOUT_GDK_PIXBUF=true WITHOUT_GHOSTSCRIPT=true WITHOUT_GLITZ=true WITHOUT_GNOMEUI=true WITHOUT_GTK=true WITHOUT_GUILE=true WITHOUT_HUGE_STACK_SIZE=true WITHOUT_ICONV=true WITHOUT_IPSEPCOLA=true WITHOUT_LIBSIGSEGV=true WITHOUT_LOCALE=true WITHOUT_LUA=true WITHOUT_MING=true WITHOUT_MMAP=true WITHOUT_MULTIPLICITY=true WITHOUT_PANGOCAIRO=true WITHOUT_PCAP_PORT=true WITHOUT_PERL=true WITHOUT_PERL_MALLOC=true WITHOUT_PERL_MODULE=true WITHOUT_PHP=true WITHOUT_PTH=true WITHOUT_PYTHON=true WITHOUT_PYTHON_MODULE=true WITHOUT_RSVG=true WITHOUT_RUBY=true WITHOUT_RUBY_MODULE=true WITHOUT_SEM=true WITHOUT_SIMD=true WITHOUT_SITECUSTOMIZE=true WITHOUT_SMYRNA=true WITHOUT_SUIDPERL=true WITHOUT_TCL=true WITHOUT_THREADS=true WITHOUT_TK=true WITHOUT_X11=true WITHOUT_XCB=true WITHOUT_XMLDUMP=true WITHOUT_XPM=true WITHOUT_ZSH=true WITH_BASH=true WITH_EXTRA_ENCODINGS=true WITH_ICONV=true WITH_IPV6=true WITH_NLS=true WITH_PERL_64BITINT=true WITH_PYMALLOC=true WITH_TCPWRAPPER=true WITH_THREADS=true WITH_UCS4=true WITH_USE_PERL=true</build_options> - <version>4.0.1_1 v2</version> + <version>4.1.0_3 v2.3</version> <status>BETA</status> <required_version>2.0</required_version> <config_file>http://www.pfsense.com/packages/config/ntop2/ntop.xml</config_file> @@ -480,7 +510,7 @@ <depends_on_package>postfix-2.8.7,1.tbz</depends_on_package> <depends_on_package>perl-5.12.4_3.tbz</depends_on_package> <depends_on_package_pbi>postfix-2.8.5-amd64.pbi</depends_on_package_pbi> - <version>2.8.7,1 pkg v.2.3.3_1</version> + <version>2.8.7,1 pkg v.2.3.4</version> <status>RC1</status> <required_version>2.0</required_version> <configurationfile>postfix.xml</configurationfile> @@ -521,12 +551,13 @@ <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>dansguardian-2.12.0.0.tbz</depends_on_package> <depends_on_package>clamav-0.97.3_1.tbz</depends_on_package> - <version>2.12.0.0 pkg v.0.1.4_1</version> + <depends_on_package>ca_root_nss-3.13.3.tbz</depends_on_package> + <version>2.12.0.0 pkg v.0.1.5.3</version> <status>beta</status> <required_version>2.0</required_version> <configurationfile>dansguardian.xml</configurationfile> <build_port_path>/usr/ports/www/dansguardian-devel</build_port_path> - <build_options>WITHOUT_APACHE=true WITHOUT_TRICKLE=false WITH_CLAMD=true WITH_ICAP=true WITH_NTLM=true</build_options> + <build_options>WITHOUT_APACHE=true WITH_TRICKLE=true WITH_CLAMD=true WITH_ICAP=true WITH_NTLM=true WITH_SSL=true</build_options> </package> <package> <name>siproxd</name> @@ -585,7 +616,7 @@ <maintainer>dv_serg@mail.ru</maintainer> <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>lightsquid-1.8_2.tbz</depends_on_package> - <depends_on_package>perl-5.12.3.tbz</depends_on_package> + <depends_on_package>perl-5.12.4_3.tbz</depends_on_package> <depends_on_package_pbi>lightsquid-1.8_2-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/www/lightsquid</build_port_path> <build_port_path>/usr/ports/lang/perl5.12</build_port_path> @@ -598,6 +629,24 @@ <noembedded>true</noembedded> </package> <package> + <name>Sarg</name> + <website>http://www.dansguardian.org/</website> + <descr><![CDATA[Sarg - Squid Analysis Report Generator is a tool that allow you to view "where" your users are going to on the Internet.<br> + Sarg provides many informations about Proxy(squid,squidguard or dansguardian) users activities: times, bytes, sites, etc...]]></descr> + <category>Network Report</category> + <config_file>http://www.pfsense.com/packages/config/sarg/sarg.xml</config_file> + <pkginfolink>http://forum.pfsense.org/index.php/topic,47765.0.html</pkginfolink> + <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package>sarg-2.3.2.tbz</depends_on_package> + <version>2.3.2 pkg v.0.4.2_1</version> + <status>beta</status> + <required_version>2.0</required_version> + <configurationfile>sarg.xml</configurationfile> + <build_port_path>/usr/ports/www/sarg</build_port_path> + <build_options>WITHOUT_GD=false WITHOUT_PHP=true</build_options> + <after_install_info>Please visit sarg settings on Status Menu to configure sarg.</after_install_info> + </package> + <package> <name>vnstat2</name> <website>http://humdi.net/vnstat/</website> <descr>A console-based network traffic monitor + vnstat PHP frontend</descr> @@ -656,7 +705,7 @@ <descr>VMware Tools</descr> <website>http://open-vm-tools.sourceforge.net/</website> <category>Services</category> - <version>217847</version> + <version>8.7.0.3046 (build-313025)</version> <status>Stable</status> <pkginfolink>http://doc.pfsense.org/index.php/Open_VM_Tools_package</pkginfolink> <required_version>2.0</required_version> @@ -687,6 +736,21 @@ <build_port_path>/usr/ports/lang/python27</build_port_path> <depends_on_package_pbi>open-vm-tools-313025_4-amd64.pbi</depends_on_package_pbi> </package> + <package> + <name>Open-VM-Tools-8.8.1</name> + <descr>VMware Tools</descr> + <website>http://open-vm-tools.sourceforge.net/</website> + <category>Services</category> + <version>528969</version> + <status>RC</status> + <pkginfolink>http://doc.pfsense.org/index.php/Open_VM_Tools_package</pkginfolink> + <required_version>2.0</required_version> + <config_file>http://www.pfsense.org/packages/config/open-vm-tools_2/open-vm-tools.xml</config_file> + <configurationfile>open-vm-tools.xml</configurationfile> + <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package>open-vm-tools-nox11-528969,1.tbz</depends_on_package> + <depends_on_package>pcre-8.30_1.tbz</depends_on_package> + </package> <package> <name>AutoConfigBackup</name> <maintainer>portal@bsdperimeter.com</maintainer> @@ -746,10 +810,27 @@ <config_file>http://www.pfsense.com/packages/config/imspector/imspector.xml</config_file> <configurationfile>imspector.xml</configurationfile> <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package>sqlite3-3.7.9.tbz</depends_on_package> <depends_on_package>imspector-0.9.tbz</depends_on_package> <build_port_path>/usr/home/pfsense/tools/pfPorts/imspector</build_port_path> </package> <package> + <name>imspector-dev</name> + <descr>IMSpector is an Instant Messenger transparent proxy with logging capabilities. Currently it supports MSN, AIM, ICQ, Yahoo and IRC to different degrees.</descr> + <website>http://www.imspector.org/</website> + <category>Network Management</category> + <maintainer>marcellocoutinho@gmail.com</maintainer> + <version>20111108 pkg v 0.2_2</version> + <required_version>2.0</required_version> + <status>BETA</status> + <pkginfolink>http://doc.pfsense.org/index.php/IMSpector_package</pkginfolink> + <config_file>http://www.pfsense.com/packages/config/imspector-dev/imspector.xml</config_file> + <configurationfile>imspector.xml</configurationfile> + <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package>mysql-client-5.5.19.tbz</depends_on_package> + <depends_on_package>imspector-20111108.tbz</depends_on_package> + </package> + <package> <name>nut</name> <descr>Network UPS Tools</descr> <website>http://www.networkupstools.org/</website> @@ -854,8 +935,8 @@ On pfSense docs there is a how-to which could help you on porting users.]]></descr> <pkginfolink>http://doc.pfsense.org/index.php/FreeRADIUS_2.x_package</pkginfolink> <category>System</category> - <version>2.1.12 pkg v1.6.5</version> - <status>BETA</status> + <version>2.1.12 pkg v1.6.6_3</version> + <status>RC1</status> <required_version>2.0</required_version> <maintainer>nachtfalkeaw@web.de</maintainer> <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/amd64/8/All/</depends_on_package_base_url> @@ -949,25 +1030,6 @@ <build_port_path>/usr/ports/net/mtr</build_port_path> </package> <package> - <name>squid3</name> - <descr>EXPERIMENTAL! Not all directives are ported yet! High performance web proxy cache.</descr> - <website>http://www.squid-cache.org/</website> - <category>Network</category> - <version>3.1.9_0.1</version> - <status>ALPHA</status> - <required_version>2.0</required_version> - <maintainer>fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> - <depends_on_package>squid-3.1.9.tbz</depends_on_package> - <depends_on_package>squid_radius_auth-1.10.tbz</depends_on_package> - <depends_on_package>libwww-5.4.0_4.tbz</depends_on_package> - <!-- Do not add build paths please, it conflicts with squid 2.x --> - <build_options>WITH_SQUID_KERB_AUTH=true WITH_SQUID_LDAP_AUTH=true WITH_SQUID_NIS_AUTH=true WITH_SQUID_SASL_AUTH=true WITH_SQUID_IPV6=true WITH_SQUID_DELAY_POOLS=true WITH_SQUID_SNMP=true WITH_SQUID_SSL=true WITHOUT_SQUID_PINGER=true WITHOUT_SQUID_DNS_HELPER=true WITH_SQUID_HTCP=true WITH_SQUID_VIA_DB=true WITH_SQUID_CACHE_DIGESTS=true WITH_SQUID_WCCP=true WITHOUT_SQUID_WCCPV2=true WITHOUT_SQUID_STRICT_HTTP=true WITH_SQUID_IDENT=true WITH_SQUID_REFERER_LOG=true WITHOUT_SQUID_USERAGENT_LOG=true WITH_SQUID_ARP_ACL=true WITHOUT_SQUID_IPFW=true WITH_SQUID_PF=true WITHOUT_SQUID_IPFILTER=true WITH_SQUID_FOLLOW_XFF=true WITH_SQUID_ECAP=true WITH_SQUID_ICAP=true WITHOUT_SQUID_ESI=true WITH_SQUID_AUFS=true WITHOUT_SQUID_COSS=true WITH_SQUID_KQUEUE=true WITH_SQUID_LARGEFILE=true WITHOUT_SQUID_STACKTRACES=true WITHOUT_SQUID_DEBUG=true</build_options> - <config_file>http://www.pfsense.org/packages/config/squid3/squid.xml</config_file> - <configurationfile>squid.xml</configurationfile> - <noembedded>true</noembedded> - </package> - <package> <name>LCDproc</name> <descr>LCD display driver</descr> <website>http://www.lcdproc.org/</website> @@ -1030,10 +1092,10 @@ <status>Beta</status> <required_version>1.1</required_version> <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> - <depends_on_package>squidGuard-1.4_3.tbz</depends_on_package> + <depends_on_package>squidGuard-1.4_4.tbz</depends_on_package> <depends_on_package>db41-4.1.25_4.tbz</depends_on_package> <depends_on_package>db3-3.3.11_3,1.tbz</depends_on_package> - <depends_on_package>cyrus-sasl-2.1.23_3.tbz</depends_on_package> + <depends_on_package>cyrus-sasl-2.1.25_1.tbz</depends_on_package> <depends_on_package_pbi>squidguard-1.4_4-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/www/squidguard</build_port_path> <build_port_path>/usr/ports/databases/db41</build_port_path> @@ -1082,7 +1144,7 @@ <depends_on_package>zip-3.0.tbz</depends_on_package> <build_port_path>/usr/ports/archivers/p7zip</build_port_path> <build_port_path>/usr/ports/archivers/zip</build_port_path> - <version>0.9.7</version> + <version>0.9.9</version> <status>BETA</status> <required_version>2.0</required_version> <config_file>http://www.pfsense.com/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file> @@ -1206,6 +1268,7 @@ <status>Alpha</status> <maintainer>warren@decoy.co.za</maintainer> <required_version>2.0</required_version> + <maximum_version>2.0.1</maximum_version> <pkginfolink>http://doc.pfsense.org/index.php/Unbound_package</pkginfolink> <config_file>http://www.pfsense.com/packages/config/unbound/unbound.xml</config_file> <configurationfile>unbound.xml</configurationfile> @@ -1257,6 +1320,18 @@ <configurationfile>nrpe2.xml</configurationfile> </package> <package> + <name>SSHDCond</name> + <descr><![CDATA[Allows to define SSH overrides for users,groups,hosts and addresses using Match in a convenient way.<br> + This package acts as an access list frontend for ssh connections]]></descr> + <category>Enhancements</category> + <version>1.0</version> + <status>Beta</status> + <required_version>2.0</required_version> + <config_file>http://www.pfsense.com/packages/config/sshdcond/sshdcond.xml</config_file> + <maintainer>namezero@afim.info</maintainer> + <configurationfile>sshdcond.xml</configurationfile> + </package> + <package> <name>mailreport</name> <descr>Allows you to setup periodic e-mail reports containing RRD graphs.</descr> <category>Network Management</category> @@ -1291,5 +1366,32 @@ <required_version>2.0</required_version> <maximum_version>2.1</maximum_version> </package> + <package> + <name>Quagga OSPF</name> + <descr>OSPF routing protocol using Quagga -- WARNING! Installs files to the same place as OpenOSPFD. Installing both will break things.</descr> + <maintainer>jimp@pfsense.org</maintainer> + <version>0.99.20_3 v0.1.1</version> + <category>Routing</category> + <status>BETA</status> + <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package>quagga-0.99.20_3.tbz</depends_on_package> + <config_file>http://www.pfsense.com/packages/config/quagga_ospfd/quagga_ospfd.xml</config_file> + <build_port_path>/usr/ports/net/quagga</build_port_path> + <pkginfolink></pkginfolink> + <required_version>2.0</required_version> + <configurationfile>quagga_ospfd.xml</configurationfile> + </package> + <package> + <name>System Patches</name> + <descr>A package to apply and maintain custom system patches.</descr> + <maintainer>jimp@pfsense.org</maintainer> + <version>0.7.1</version> + <category>System</category> + <status>BETA</status> + <config_file>http://www.pfsense.com/packages/config/systempatches/systempatches.xml</config_file> + <pkginfolink></pkginfolink> + <required_version>2.0</required_version> + <configurationfile>systempatches.xml</configurationfile> + </package> </packages> </pfsensepkgs> |