diff options
Diffstat (limited to 'config/pfblockerng/pfblockerng_v4lists.xml')
-rw-r--r-- | config/pfblockerng/pfblockerng_v4lists.xml | 118 |
1 files changed, 59 insertions, 59 deletions
diff --git a/config/pfblockerng/pfblockerng_v4lists.xml b/config/pfblockerng/pfblockerng_v4lists.xml index b075f439..469607e6 100644 --- a/config/pfblockerng/pfblockerng_v4lists.xml +++ b/config/pfblockerng/pfblockerng_v4lists.xml @@ -162,11 +162,11 @@ <field> <fielddescr>Alias Name</fielddescr> <fieldname>aliasname</fieldname> - <description><![CDATA[Enter lists Alias Names.<br> - Example: Badguys<br> - Do not include <strong>'pfBlocker' or 'pfB_'</strong> in the Alias Name, it's done by package.<br> + <description><![CDATA[Enter lists Alias Names.<br /> + Example: Badguys<br /> + Do not include <strong>'pfBlocker' or 'pfB_'</strong> in the Alias Name, it's done by package.<br /> <strong>International, special or space characters will be ignored in firewall alias names. - </strong><br>]]> + </strong><br />]]> </description> <type>input</type> <size>20</size> @@ -180,43 +180,43 @@ <field> <fieldname>InfoLists</fieldname> <type>info</type> - <description><![CDATA[<strong><u>'Format'</u></strong> : Select the Format Type<br><br> + <description><![CDATA[<strong><u>'Format'</u></strong> : Select the Format Type<br /><br /> <strong><u>'URL'</u></strong> : Add direct link to list: Example: <a target=_new href='http://list.iblocklist.com/?list=bt_ads&fileformat=p2p&archiveformat=gz'>Ads</a>, <a target=_new href='http://list.iblocklist.com/?list=bt_spyware&fileformat=p2p&archiveformat=gz'>Spyware</a>, - <a target=_new href='http://list.iblocklist.com/?list=bt_proxy&fileformat=p2p&archiveformat=gz'>Proxies</a> )<br><br> - <strong><u>'pfSense Local File'</u></strong> Format :<br><br> + <a target=_new href='http://list.iblocklist.com/?list=bt_proxy&fileformat=p2p&archiveformat=gz'>Proxies</a> )<br /><br /> + <strong><u>'pfSense Local File'</u></strong> Format :<br /><br /> http(s)://127.0.0.1/NAME_OF_FILE <strong>or</strong> - /usr/local/www/NAME_OF_FILE (Files can also be placed in the /var/db/pfblockerng folders)<br><br> + /usr/local/www/NAME_OF_FILE (Files can also be placed in the /var/db/pfblockerng folders)<br /><br /> - <strong><u>'Header'</u></strong> : Enter the <u>'Header' Field</u> it must be <u>Unique</u>, it will - name the Blocklist File and it will be referenced in the pfBlocker Widget. - Use a Unique Prefix per 'Alias Category' followed by a unique descriptor for each Blocklist.<br><br>]]> + <strong><u>'Header'</u></strong> : The <u>'Header' Field</u> must be <u>Unique</u>, it will + name the List File and it will be referenced in the pfBlockerNG Widget. + Use a Unique Prefix per 'Alias Category' followed by a unique descriptor for each List.<br /><br />]]> </description> </field> <field> <fielddescr><![CDATA[<strong>IPv4</strong> Lists]]></fielddescr> <fieldname>none</fieldname> - <description><![CDATA[<br><strong>'Format'</strong> - Choose the file format that URL will retrieve.<br> + <description><![CDATA[<br /><strong>'Format'</strong> - Choose the file format that URL will retrieve.<br /> - <ul><li><strong>'txt'</strong> Plain txt Lists</li><br> - <li><strong>'gz'</strong> - IBlock GZ Lists in Range Format only.</li><br> - <li><strong>'gz_2'</strong> - Other GZ Lists in IP or CIDR only.</li><br> - <li><strong>'gz_lg'</strong> - Large IBlock GZ Lists in Range Format only.</li><br> - <li><strong>'zip'</strong> - ZIP'd Lists</li><br> - <li><strong>'block'</strong>- IP x.x.x.0 Block type</li><br> - <li><strong>'html'</strong> - Web Links</li><br> - <li><strong>'xlsx'</strong> - Excel Lists</li><br> - <li><strong>'rsync'</strong> - RSync Lists</li><br> - <li><strong>'ET IQRisk'</strong>- Only<br></li><br> - <li><strong>'SKIP'</strong> - This format can be used to 'Disable' an Individual List.</li><br> - <li><strong>'HOLD'</strong> - Once a List has been Downloaded, you can change to 'HOLD' to keep this list Static.</ul></li> + <ul><li><strong>'txt'</strong> Plain txt Lists</li><br /> + <li><strong>'gz'</strong> - IBlock GZ Lists in Range Format only.</li><br /> + <li><strong>'gz_2'</strong> - Other GZ Lists in IP or CIDR only.</li><br /> + <li><strong>'gz_lg'</strong> - Large IBlock GZ Lists in Range Format only.</li><br /> + <li><strong>'zip'</strong> - ZIP'd Lists</li><br /> + <li><strong>'block'</strong>- IP x.x.x.0 Block type</li><br /> + <li><strong>'html'</strong> - Web Links</li><br /> + <li><strong>'xlsx'</strong> - Excel Lists</li><br /> + <li><strong>'rsync'</strong> - RSync Lists</li><br /> + <li><strong>'ET IQRisk'</strong> - Only</li><br /> + <li><strong>'SKIP'</strong> - This format can be used to 'Disable' an Individual List.</li><br /> + <li><strong>'HOLD'</strong> - Once a List has been Downloaded, you can change to 'HOLD' to keep this list Static.</li><br /> - <strong>Note: </strong><br> - Downloaded or pfsense local file must have only one network per line and follows the syntax below:<br> - Network ranges: <strong>172.16.1.0-172.16.1.255</strong><br> - IP Address: <strong>172.16.1.10</strong><br> - CIDR: <strong>172.16.1.0/24</strong><br><br>]]> + <strong>Note: </strong><br /> + Downloaded or pfsense local file must have only one network per line and follows the syntax below:<br /> + Network ranges: <strong>172.16.1.0-172.16.1.255</strong><br /> + IP Address: <strong>172.16.1.10</strong><br /> + CIDR: <strong>172.16.1.0/24</strong></ul><br /><br />]]> </description> <type>rowhelper</type> <rowhelper> @@ -255,41 +255,41 @@ </field> <field> <fielddescr>List Action</fielddescr> - <description><![CDATA[<br>Default : <strong>Disabled</strong><br><br> - Select the <strong>Action</strong> for Firewall Rules on lists you have selected.<br><br> - <strong><u>'Disabled' Rules:</u></strong> Disables selection and does nothing to selected Alias.<br><br> + <description><![CDATA[<br />Default : <strong>Disabled</strong><br /><br /> + Select the <strong>Action</strong> for Firewall Rules on lists you have selected.<br /><br /> + <strong><u>'Disabled' Rules:</u></strong> Disables selection and does nothing to selected Alias.<br /><br /> - <strong><u>'Deny' Rules:</u></strong><br> + <strong><u>'Deny' Rules:</u></strong><br /> 'Deny' rules create high priority 'block' or 'reject' rules on the stated interfaces. They don't change the 'pass' rules on other - interfaces. Typical uses of 'Deny' rules are:<br> + interfaces. Typical uses of 'Deny' rules are:<br /> <ul><li><strong>Deny Both</strong> - blocks all traffic in both directions, if the source or destination IP is in the block list</li> <li><strong>Deny Inbound/Deny Outbound</strong> - blocks all traffic in one direction <u>unless</u> it is part of a session started by - traffic sent in the other direction. Does not affect traffic in the other direction. </li> + traffic sent in the other direction. Does not affect traffic in the other direction.</li> <li>One way 'Deny' rules can be used to selectively block <u>unsolicited</u> incoming (new session) packets in one direction, while still allowing <u>deliberate</u> outgoing sessions to be created in the other direction.</li></ul> - <strong><u>'Permit' Rules:</u></strong><br> - 'Permit' rules create high priority 'pass' rules on the stated interfaces. They are not the opposite of Deny rules, and don't create - any 'blocking' effect anywhere. They have priority over all Deny rules. Typical uses of 'Permit' rules are:<br> + <strong><u>'Permit' Rules:</u></strong><br /> + 'Permit' rules create high priority 'pass' rules on the stated interfaces. They are the opposite of Deny rules, and don't create + any 'blocking' effect anywhere. They have priority over all Deny rules. Typical uses of 'Permit' rules are:<br /> <ul><li><strong>To ensure</strong> that traffic to/from the listed IPs will <u>always</u> be allowed in the stated directions. They override <u>almost all other</u> Firewall rules on the stated interfaces.</li> <li><strong>To act as a whitelist</strong> for Deny rule exceptions, for example if a large IP range or pre-created blocklist blocks a few IPs that should be accessible.</li></ul> - <strong><u>'Match' Rules:</u></strong><br> + <strong><u>'Match' Rules:</u></strong><br /> 'Match' or 'Log' only the traffic on the stated interfaces. This does not Block or Reject. It just Logs the traffic. <ul><li><strong>Match Both</strong> - Matches all traffic in both directions, if the source or destination IP is in the list.</li> - <li><strong>Match Inbound/Match Outbound</strong> - Matches all traffic in one direction only.</ul></li> - <strong><u>'Alias' Rules:</u></strong><br> - <strong>'Alias'</strong> rules create an <a target=_new href="/firewall_aliases.php">alias</a> for the list (and do nothing else). + <li><strong>Match Inbound/Match Outbound</strong> - Matches all traffic in one direction only.</li></ul> + <strong><u>'Alias' Rules:</u></strong><br /> + <strong>'Alias'</strong> rules create an <a href="/firewall_aliases.php">alias</a> for the list (and do nothing else). This enables a pfBlockerNG list to be used by name, in any firewall rule or pfSense function, as desired. - <ul><li><strong>Options - Alias Deny, Alias Permit, Alias Match, Alias Native</strong></li><br> - <li>'Alias Deny' can use De-Duplication and Reputation Processes if configured.</li><br> - <li>'Alias Permit' and 'Alias Match' will be saved in the Same folder as the other Permit/Match Auto-Rules</li><br> - <li>'Alias Native' lists are kept in their Native format without any modifications.</ul></li> + <ul><li><strong>Options - Alias Deny, Alias Permit, Alias Match, Alias Native</strong></li><br /> + <li>'Alias Deny' can use De-Duplication and Reputation Processes if configured.</li><br /> + <li>'Alias Permit' and 'Alias Match' will be saved in the Same folder as the other Permit/Match Auto-Rules</li><br /> + <li>'Alias Native' lists are kept in their Native format without any modifications.</li></ul> <strong>When using 'Alias' rules, change (pfB_) to ( pfb_ ) in the beginning of rule description and Use the 'Exact' spelling of the Alias (no trailing Whitespace) </strong> Custom 'Alias' rules with 'pfB_ xxx' description will be removed by package if - using Auto Rule Creation.<br><br><strong>Tip</strong>: You can create the Auto Rules and remove "<u>auto rule</u>" from the Rule + using Auto Rule Creation.<br /><br /><strong>Tip</strong>: You can create the Auto Rules and remove "<u>auto rule</u>" from the Rule Descriptions, then disable Auto Rules. This method will 'KEEP' these rules from being 'Deleted' which will allow editing for a Custom - Alias Configuration<br>]]> + Alias Configuration<br />]]> </description> <fieldname>action</fieldname> <type>select</type> @@ -313,7 +313,7 @@ <field> <fielddescr>Update Frequency</fielddescr> <fieldname>cron</fieldname> - <description><![CDATA[Default:<strong>Never</strong><br> + <description><![CDATA[Default:<strong>Never</strong><br /> Select how often List files will be downloaded]]></description> <type>select</type> <options> @@ -332,8 +332,8 @@ <field> <fielddescr>Weekly (Day of Week)</fielddescr> <fieldname>dow</fieldname> - <description><![CDATA[Default:<strong>1</strong><br> - Select the 'Weekly' ( Day of the Week ) to Update <br> + <description><![CDATA[Default:<strong>1</strong><br /> + Select the 'Weekly' ( Day of the Week ) to Update <br /> This is only required for the 'Weekly' Frequency Selection. The 24 Hour Download 'Time' will be used.]]> </description> <type>select</type> @@ -350,8 +350,8 @@ <field> <fielddescr>Enable Logging</fielddescr> <fieldname>aliaslog</fieldname> - <description><![CDATA[Default:<strong>Enable</strong><br> - Select - Logging to Status: System Logs: FIREWALL ( Log )<br> + <description><![CDATA[Default:<strong>Enable</strong><br /> + Select - Logging to Status: System Logs: FIREWALL ( Log )<br /> This can be overriden by the 'Global Logging' Option in the General Tab.]]> </description> <type>select</type> @@ -367,11 +367,11 @@ <field> <fielddescr>IPv4 Custom Address(es)</fielddescr> <fieldname>custom</fieldname> - <description><![CDATA[Please limit the size of the Custom List as this is stored as 'Base64' format in the config.xml file.<br> - Follow the syntax below:<br><br> - Network ranges: <strong>172.16.1.0-172.16.1.255</strong><br> - IP Address: <strong>172.16.1.10</strong><br> - CIDR: <strong>172.16.1.0/24</strong><br><br> + <description><![CDATA[Please limit the size of the Custom List as this is stored as 'Base64' format in the config.xml file.<br /> + Follow the syntax below:<br /><br /> + Network ranges: <strong>172.16.1.0-172.16.1.255</strong><br /> + IP Address: <strong>172.16.1.10</strong><br /> + CIDR: <strong>172.16.1.0/24</strong><br /><br /> You may use "<strong>#</strong>" after any IP/CIDR/Range to add comments. ie: x.x.x.x # Safe IP Address]]> </description> <type>textarea</type> @@ -382,7 +382,7 @@ <field> <fielddescr>Update Custom List</fielddescr> <fieldname>custom_update</fieldname> - <description><![CDATA[Default:<strong>Disable</strong><br> + <description><![CDATA[Default:<strong>Disable</strong><br /> select - Enable Update if changes are made to this List. Cron will also resync this list at the next Scheduled Update.]]> </description> <type>select</type> |