diff options
Diffstat (limited to 'config/pfblockerng/pfblockerng.php')
-rw-r--r-- | config/pfblockerng/pfblockerng.php | 134 |
1 files changed, 67 insertions, 67 deletions
diff --git a/config/pfblockerng/pfblockerng.php b/config/pfblockerng/pfblockerng.php index 7dca9a1c..7539e9fd 100644 --- a/config/pfblockerng/pfblockerng.php +++ b/config/pfblockerng/pfblockerng.php @@ -922,10 +922,10 @@ $xml = <<<EOF <type>info</type> </field> <field> - <fielddescr><![CDATA[<br><strong>IPv4</strong><br>Countries]]></fielddescr> + <fielddescr><![CDATA[<br /><strong>IPv4</strong><br />Countries]]></fielddescr> <fieldname>countries4</fieldname> <description> - <![CDATA[Select IPv4 Countries you want to take an action on.<br> + <![CDATA[Select IPv4 Countries you want to take an action on.<br /> <strong>Use CTRL + CLICK to unselect countries</strong>]]> </description> <type>select</type> @@ -936,10 +936,10 @@ $xml = <<<EOF <multiple/> </field> <field> - <fielddescr><![CDATA[<br><strong>IPv6</strong><br>Countries]]></fielddescr> + <fielddescr><![CDATA[<br /><strong>IPv6</strong><br />Countries]]></fielddescr> <fieldname>countries6</fieldname> <description> - <![CDATA[Select IPv6 Countries you want to take an action on.<br> + <![CDATA[Select IPv6 Countries you want to take an action on.<br /> <strong>Use CTRL + CLICK to unselect countries</strong>]]> </description> <type>select</type> @@ -951,41 +951,41 @@ $xml = <<<EOF </field> <field> <fielddescr>List Action</fielddescr> - <description><![CDATA[<br>Default : <strong>Disabled</strong><br><br> - Select the <strong>Action</strong> for Firewall Rules on lists you have selected.<br><br> - <strong><u>'Disabled' Rules:</u></strong> Disables selection and does nothing to selected Alias.<br><br> + <description><![CDATA[<br />Default : <strong>Disabled</strong><br /><br /> + Select the <strong>Action</strong> for Firewall Rules on lists you have selected.<br /><br /> + <strong><u>'Disabled' Rules:</u></strong> Disables selection and does nothing to selected Alias.<br /><br /> - <strong><u>'Deny' Rules:</u></strong><br> + <strong><u>'Deny' Rules:</u></strong><br /> 'Deny' rules create high priority 'block' or 'reject' rules on the stated interfaces. They don't change the 'pass' rules on other - interfaces. Typical uses of 'Deny' rules are:<br> + interfaces. Typical uses of 'Deny' rules are:<br /> <ul><li><strong>Deny Both</strong> - blocks all traffic in both directions, if the source or destination IP is in the block list</li> <li><strong>Deny Inbound/Deny Outbound</strong> - blocks all traffic in one direction <u>unless</u> it is part of a session started by traffic sent in the other direction. Does not affect traffic in the other direction. </li> <li>One way 'Deny' rules can be used to selectively block <u>unsolicited</u> incoming (new session) packets in one direction, while still allowing <u>deliberate</u> outgoing sessions to be created in the other direction.</li></ul> - <strong><u>'Permit' Rules:</u></strong><br> - 'Permit' rules create high priority 'pass' rules on the stated interfaces. They are not the opposite of Deny rules, and don't create - any 'blocking' effect anywhere. They have priority over all Deny rules. Typical uses of 'Permit' rules are:<br> + <strong><u>'Permit' Rules:</u></strong><br /> + 'Permit' rules create high priority 'pass' rules on the stated interfaces. They are the opposite of Deny rules, and don't create + any 'blocking' effect anywhere. They have priority over all Deny rules. Typical uses of 'Permit' rules are:<br /> <ul><li><strong>To ensure</strong> that traffic to/from the listed IPs will <u>always</u> be allowed in the stated directions. They override <u>almost all other</u> Firewall rules on the stated interfaces.</li> <li><strong>To act as a whitelist</strong> for Deny rule exceptions, for example if a large IP range or pre-created blocklist blocks a few IPs that should be accessible.</li></ul> - <strong><u>'Match' Rules:</u></strong><br> + <strong><u>'Match' Rules:</u></strong><br /> 'Match' or 'Log' only the traffic on the stated interfaces. This does not Block or Reject. It just Logs the traffic. <ul><li><strong>Match Both</strong> - Matches all traffic in both directions, if the source or destination IP is in the list.</li> - <li><strong>Match Inbound/Match Outbound</strong> - Matches all traffic in one direction only.</ul></li> - <strong><u>'Alias' Rules:</u></strong><br> - <strong>'Alias'</strong> rules create an <a target=_new href="/firewall_aliases.php">alias</a> for the list (and do nothing else). + <li><strong>Match Inbound/Match Outbound</strong> - Matches all traffic in one direction only.</li></ul> + <strong><u>'Alias' Rules:</u></strong><br /> + <strong>'Alias'</strong> rules create an <a href="/firewall_aliases.php">alias</a> for the list (and do nothing else). This enables a pfBlockerNG list to be used by name, in any firewall rule or pfSense function, as desired. - <ul><li><strong>Options - Alias Deny, Alias Permit, Alias Match, Alias Native</strong></li><br> - <li>'Alias Deny' can use De-Duplication and Reputation Processes if configured.</li><br> - <li>'Alias Permit' and 'Alias Match' will be saved in the Same folder as the other Permit/Match Auto-Rules</li><br> - <li>'Alias Native' lists are kept in their Native format without any modifications.</ul></li> + <ul><li><strong>Options - Alias Deny, Alias Permit, Alias Match, Alias Native</strong></li><br /> + <li>'Alias Deny' can use De-Duplication and Reputation Processes if configured.</li><br /> + <li>'Alias Permit' and 'Alias Match' will be saved in the Same folder as the other Permit/Match Auto-Rules</li><br /> + <li>'Alias Native' lists are kept in their Native format without any modifications.</li></ul> <strong>When using 'Alias' rules, change (pfB_) to ( pfb_ ) in the beginning of rule description and use the 'Exact' spelling of the Alias (no trailing Whitespace) </strong> Custom 'Alias' rules with 'pfB_ xxx' description will be removed by package if - using Auto Rule Creation.<br><br><strong>Tip</strong>: You can create the Auto Rules and remove "<u>auto rule</u>" from the Rule + using Auto Rule Creation.<br /><br /><strong>Tip</strong>: You can create the Auto Rules and remove "<u>auto rule</u>" from the Rule Descriptions, then disable Auto Rules. This method will 'KEEP' these rules from being 'Deleted' which will allow editing for a Custom - Alias Configuration<br>]]> + Alias Configuration<br />]]> </description> <fieldname>action</fieldname> <type>select</type> @@ -1009,8 +1009,8 @@ $xml = <<<EOF <field> <fielddescr>Enable Logging</fielddescr> <fieldname>aliaslog</fieldname> - <description><![CDATA[Default:<strong>Enable</strong><br> - Select - Logging to Status: System Logs: FIREWALL ( Log )<br> + <description><![CDATA[Default:<strong>Enable</strong><br /> + Select - Logging to Status: System Logs: FIREWALL ( Log )<br /> This can be overriden by the 'Global Logging' Option in the General Tab.]]></description> <type>select</type> <options> @@ -1020,7 +1020,7 @@ $xml = <<<EOF </field> <field> <name><![CDATA[<ul>Click to SAVE Settings and/or Rule Edits. Changes are Applied via CRON or - 'Force Update']]> + 'Force Update'</ul>]]> </name> <type>listtopic</type> </field> @@ -1208,15 +1208,15 @@ $xmlrep = <<<EOF <fieldname>why</fieldname> <type>info</type> <description><![CDATA[By Enabling '<strong>Reputation</strong>', each Blocklist will be analyzed for Repeat Offenders in each IP Range. - <ul>Example: x.x.x.1, x.x.x.2, x.x.x.3, x.x.x.4, x.x.x.5<br> + <ul>Example: x.x.x.1, x.x.x.2, x.x.x.3, x.x.x.4, x.x.x.5<br /> No. of <strong> Repeat Offending IPs </strong> [ <strong>5</strong> ], in a Blocklist within the same IP Range.</ul> With '<strong>Reputation</strong> enabled, these 5 IPs will be removed and a single - <strong>x.x.x.0/24</strong> Block is used.<br> - This will completely Block/Reject this particular range from your Firewall.<br><br> - Selecting Blocklists from various Threat Sources will help to highlight Repeat Offending IP Ranges,<br> - Its Important to select a Broad Range of Blocklists that cover different types of Malicious Activity.<br><br> - You *may* experience some False Positives. Add any False Positive IPs manually to the<br> - <strong>pfBlockerNGSuppress Alias</strong> or use the "+" suppression Icon in the Alerts TAB<br><br> + <strong>x.x.x.0/24</strong> Block is used.<br /> + This will completely Block/Reject this particular range from your Firewall.<br /><br /> + Selecting Blocklists from various Threat Sources will help to highlight Repeat Offending IP Ranges,<br /> + Its Important to select a Broad Range of Blocklists that cover different types of Malicious Activity.<br /><br /> + You *may* experience some False Positives. Add any False Positive IPs manually to the<br /> + <strong>pfBlockerNGSuppress Alias</strong> or use the "+" suppression Icon in the Alerts TAB<br /><br /> To help mitigate False Positives 'Countries' can be '<strong>Excluded</strong>' from this Process. (Refer to Country Code Settings)]]> </description> </field> @@ -1226,7 +1226,7 @@ $xmlrep = <<<EOF </field> <field> <fieldname></fieldname> - <fielddescr><![CDATA[<br><strong>Individual List Reputation</strong><br><br>]]></fielddescr> + <fielddescr><![CDATA[<br /><strong>Individual List Reputation</strong><br /><br />]]></fielddescr> <type>info</type> <description></description> </field> @@ -1239,7 +1239,7 @@ $xmlrep = <<<EOF <field> <fielddescr><![CDATA[ [ <strong>Max</strong> ] Setting]]></fielddescr> <fieldname>p24_max_var</fieldname> - <description><![CDATA[Default: <strong>5</strong><br> + <description><![CDATA[Default: <strong>5</strong><br /> Maximum number of Repeat Offenders allowed in a Single IP Range]]></description> <type>select</type> <options> @@ -1253,22 +1253,22 @@ $xmlrep = <<<EOF </field> <field> <fieldname></fieldname> - <fielddescr><![CDATA[<br><strong>Collective List Reputation</strong><br><br>]]></fielddescr> + <fielddescr><![CDATA[<br /><strong>Collective List Reputation</strong><br /><br />]]></fielddescr> <type>info</type> <description></description> </field> <field> <fieldname></fieldname> <type>info</type> - <description><![CDATA[Once all Blocklists are Downloaded, these two 'additional' processes <strong>[ pMax ] and [ dMax ]</strong><br> - Can be used to Further analyze for Repeat Offenders.<br> + <description><![CDATA[Once all Blocklists are Downloaded, these two 'additional' processes <strong>[ pMax ] and [ dMax ]</strong><br /> + Can be used to Further analyze for Repeat Offenders.<br /> <ul>Analyzing All Blocklists as a Whole:</ul> - <ul><strong>[ pMax ]</strong> will analyze for Repeat Offenders in each IP Range but will not use the Country Exclusion.<br> - Default is 50 IPs in any Range. Having 50 Repeat Offenders IPs in any Range will Block the entire Range.<br><br></ul> - <ul><strong>[ dMax ]</strong> will analyze for Repeat Offenders in each IP Range. Country Exclusions will be applied.<br> + <ul><strong>[ pMax ]</strong> will analyze for Repeat Offenders in each IP Range but will not use the Country Exclusion.<br /> + Default is 50 IPs in any Range. Having 50 Repeat Offenders IPs in any Range will Block the entire Range.<br /><br /></ul> + <ul><strong>[ dMax ]</strong> will analyze for Repeat Offenders in each IP Range. Country Exclusions will be applied.<br /> Default is 5 IPs in any Range.</ul> Note: <strong>MAX</strong> performs on individual Blocklists, while <strong>pMAX / dMAX</strong> - perform on all Lists together.<br>]]> + perform on all Lists together.<br />]]> </description> </field> <field> @@ -1281,7 +1281,7 @@ $xmlrep = <<<EOF <field> <fielddescr><![CDATA[ [ <strong>pMax</strong> ] Setting]]></fielddescr> <fieldname>p24_pmax_var</fieldname> - <description><![CDATA[Default: <strong>50</strong><br>Maximum number of Repeat Offenders]]></description> + <description><![CDATA[Default: <strong>50</strong><br />Maximum number of Repeat Offenders]]></description> <type>select</type> <options> <option><name>50</name><value>50</value></option> @@ -1302,7 +1302,7 @@ $xmlrep = <<<EOF <field> <fielddescr><![CDATA[ [ <strong>dMax</strong> ] Setting]]></fielddescr> <fieldname>p24_dmax_var</fieldname> - <description><![CDATA[Default: <strong>5</strong><br> + <description><![CDATA[Default: <strong>5</strong><br /> Maximum number of Repeat Offenders]]></description> <type>select</type> <options> @@ -1322,23 +1322,23 @@ $xmlrep = <<<EOF <fieldname>INFO</fieldname> <type>info</type> <description><![CDATA[When performing Queries for Repeat Offenders, you can choose to <strong>ignore</strong> Repeat Offenders in select - Countries. The Original Blocklisted IPs remain intact. All other Repeat Offending Country Ranges will be processed.<br><br> - Define Repeat Offending Ranges [ <strong>Action</strong> ] Available settings are:<br> + Countries. The Original Blocklisted IPs remain intact. All other Repeat Offending Country Ranges will be processed.<br /><br /> + Define Repeat Offending Ranges [ <strong>Action</strong> ] Available settings are:<br /> <ul><strong>Ignore</strong>: Repeat Offenders that are in the 'ccwhite' category will be 'Ignored' (Default)</ul> <ul><strong>Block:</strong> Repeat Offenders are set to Block the entire Repeat Offending Range(s)</ul> - <ul><strong>Match:</strong> Repeat Offenders are added to a 'Match' List which can be used in a Floating Match Rule<br> + <ul><strong>Match:</strong> Repeat Offenders are added to a 'Match' List which can be used in a Floating Match Rule<br /> Selecting 'Match' will consume more processing time, so only select this option if you enable Rules for it.</ul> - '<strong>ccwhite</strong>' are Countries that are Selected to be excluded from the Repeat Offenders Search.<br> - '<strong>ccblack</strong>' are all other Countries that are not selected.<br><br> + '<strong>ccwhite</strong>' are Countries that are Selected to be excluded from the Repeat Offenders Search.<br /> + '<strong>ccblack</strong>' are all other Countries that are not selected.<br /><br /> To use '<strong>Match</strong>' Lists, Create a new 'Alias' - and select one of the <strong>Action 'Match'</strong> Formats and<br> enter the 'Localfile' as: + and select one of the <strong>Action 'Match'</strong> Formats and<br /> enter the 'Localfile' as: <ul>/var/db/pfblockerng/match/matchdedup.txt</ul>]]> </description> </field> <field> <fielddescr>ccwhite Action:</fielddescr> <fieldname>ccwhite</fieldname> - <description><![CDATA[Default: <strong>Ignore</strong><br> + <description><![CDATA[Default: <strong>Ignore</strong><br /> Select the 'Action' format for ccwhite]]> </description> <type>select</type> @@ -1350,7 +1350,7 @@ $xmlrep = <<<EOF <field> <fielddescr>ccblack Action:</fielddescr> <fieldname>ccblack</fieldname> - <description><![CDATA[Default: <strong>Block</strong><br> + <description><![CDATA[Default: <strong>Block</strong><br /> Select the 'Action' format for ccblack]]> </description> <type>select</type> @@ -1360,11 +1360,11 @@ $xmlrep = <<<EOF </options> </field> <field> - <fielddescr><![CDATA[<br><strong>IPv4</strong><br>Country Exclusion<br> - <br>Geolite Data by:<br>MaxMind Inc. (ISO 3166)]]></fielddescr> + <fielddescr><![CDATA[<br /><strong>IPv4</strong><br />Country Exclusion<br /> + <br />Geolite Data by:<br />MaxMind Inc. (ISO 3166)]]></fielddescr> <fieldname>ccexclude</fieldname> <description> - <![CDATA[Select Countries you want to <strong>Exclude</strong> from the Reputation Process.<br> + <![CDATA[Select Countries you want to <strong>Exclude</strong> from the Reputation Process.<br /> <strong>Use CTRL + CLICK to unselect countries</strong>]]> </description> <type>select</type> @@ -1382,16 +1382,16 @@ $xmlrep = <<<EOF <fielddescr>Subscription Pro. Blocklist</fielddescr> <fieldname>ETINFO</fieldname> <type>info</type> - <description><![CDATA[<strong>Emerging Threats IQRisk</strong> is a Subscription Professional Reputation List.<br><br> + <description><![CDATA[<strong>Emerging Threats IQRisk</strong> is a Subscription Professional Reputation List.<br /><br /> ET IQRisk Blocklist must be entered in the Lists Tab using the following example: <ul>https://rules.emergingthreatspro.com/XXXXXXXXXXXXXXXX/reputation/iprepdata.txt.gz</ul> - Select the <strong>ET IQRisk'</strong> format. The URL should use the .gz File Type.<br> + Select the <strong>ET IQRisk'</strong> format. The URL should use the .gz File Type.<br /> Enter your "ETPRO" code in URL. Further information can be found @ - <a target=_new href='http://emergingthreats.net/solutions/iqrisk-suite/'>ET IQRisk IP Reputation</a><br><br> + <a target=_new href='http://emergingthreats.net/solutions/iqrisk-suite/'>ET IQRisk IP Reputation</a><br /><br /> To use <strong>'Match'</strong> Lists, Create a new 'Alias' and select one of the <strong> - Action 'Match'</strong> Formats and <br> + Action 'Match'</strong> Formats and <br /> enter the 'Localfile' as: <ul>/var/db/pfblockerng/match/ETMatch.txt</ul> - ET IQRisk Individual Match Lists can be found in the following folder:<br> + ET IQRisk Individual Match Lists can be found in the following folder:<br /> <ul>/var/db/pfblockerng/ET</ul> ]]> </description> </field> @@ -1399,7 +1399,7 @@ $xmlrep = <<<EOF <fielddescr>ET IQRisk Header Name</fielddescr> <fieldname>et_header</fieldname> <type>input</type> - <description><![CDATA[Enter the 'Header Name' referenced in the IPv4 List TAB for ET IQRisk IPRep.<br> + <description><![CDATA[Enter the 'Header Name' referenced in the IPv4 List TAB for ET IQRisk IPRep.<br /> This will be used to improve the Alerts TAB reporting for ET IPRep.]]> </description> </field> @@ -1407,9 +1407,9 @@ $xmlrep = <<<EOF <fielddescr>ET IQRISK BLOCK LISTS</fielddescr> <fieldname>etblock</fieldname> <description> - <![CDATA[Select Lists you want to BLOCK.<br> + <![CDATA[Select Lists you want to BLOCK.<br /> <strong>Use CTRL + CLICK to unselect Categories</strong> - <br><br>Any Changes will take effect at the Next Scheduled CRON Task]]> + <br /><br />Any Changes will take effect at the Next Scheduled CRON Task]]> </description> <type>select</type> <options> @@ -1456,9 +1456,9 @@ $xmlrep = <<<EOF <fielddescr>ET IQRISK Match LISTS</fielddescr> <fieldname>etmatch</fieldname> <description> - <![CDATA[Select Lists you want to MATCH.<br> + <![CDATA[Select Lists you want to MATCH.<br /> <strong>Use CTRL + CLICK to unselect Categories</strong> - <br><br>Any Changes will take effect at the Next Scheduled CRON Task]]> + <br /><br />Any Changes will take effect at the Next Scheduled CRON Task]]> </description> <type>select</type> <options> @@ -1504,9 +1504,9 @@ $xmlrep = <<<EOF <field> <fielddescr>Update ET Categories</fielddescr> <fieldname>et_update</fieldname> - <description><![CDATA[Default:<strong>Disable</strong><br> - Select - Enable ET Update if Category Changes are Made.<br> - You can perform a 'Force Update' to enable these changes.<br> + <description><![CDATA[Default:<strong>Disable</strong><br /> + Select - Enable ET Update if Category Changes are Made.<br /> + You can perform a 'Force Update' to enable these changes.<br /> Cron will also resync this list at the next Scheduled Update.]]> </description> <type>select</type> |