aboutsummaryrefslogtreecommitdiffstats
path: root/config/pfblockerng
diff options
context:
space:
mode:
Diffstat (limited to 'config/pfblockerng')
-rw-r--r--config/pfblockerng/pfblockerng.inc474
-rw-r--r--config/pfblockerng/pfblockerng.php14
-rw-r--r--config/pfblockerng/pfblockerng.sh2
-rw-r--r--config/pfblockerng/pfblockerng_alerts.php8
-rw-r--r--config/pfblockerng/pfblockerng_log.php31
-rw-r--r--config/pfblockerng/pfblockerng_update.php2
6 files changed, 266 insertions, 265 deletions
diff --git a/config/pfblockerng/pfblockerng.inc b/config/pfblockerng/pfblockerng.inc
index d40ea61a..9abda8ee 100644
--- a/config/pfblockerng/pfblockerng.inc
+++ b/config/pfblockerng/pfblockerng.inc
@@ -46,7 +46,7 @@ require_once("pfsense-utils.inc");
require_once("globals.inc");
require_once("services.inc");
-# [ $pfb ] pfBlockerNG Global Array for Paths and Variables. This needs to be called to get the Updated Settings.
+// [ $pfb ] pfBlockerNG Global Array for Paths and Variables. This needs to be called to get the Updated Settings.
function pfb_global() {
global $g,$config,$pfb;
@@ -58,7 +58,7 @@ function pfb_global() {
$prefix = "/usr/local";
}
- # Folders
+ // Folders
$pfb['dbdir'] = "{$g['vardb_path']}/pfblockerng";
$pfb['aliasdir'] = "{$g['vardb_path']}/aliastables";
$pfb['logdir'] = "{$g['varlog_path']}/pfblockerng";
@@ -70,13 +70,13 @@ function pfb_global() {
$pfb['origdir'] = "{$pfb['dbdir']}/original";
$pfb['ccdir'] = "{$prefix}/share/GeoIP";
- # Create Folders if not Exist.
+ // Create Folders if not Exist.
$folder_array = array ("{$pfb['dbdir']}","{$pfb['logdir']}","{$pfb['ccdir']}","{$pfb['origdir']}","{$pfb['nativedir']}","{$pfb['denydir']}","{$pfb['matchdir']}","{$pfb['permitdir']}","{$pfb['aliasdir']}");
foreach ($folder_array as $folder) {
safe_mkdir ("{$folder}",0755);
}
- # Files
+ // Files
$pfb['master'] = "{$pfb['dbdir']}/masterfile";
$pfb['errlog'] = "{$pfb['logdir']}/error.log";
$pfb['geolog'] = "{$pfb['logdir']}/geoip.log";
@@ -85,32 +85,32 @@ function pfb_global() {
$pfb['script'] = 'sh /usr/local/pkg/pfblockerng/pfblockerng.sh';
$pfb['aliasarchive'] = "{$prefix}/etc/aliastables.tar.bz2";
- # General Variables
+ // General Variables
$pfb['config'] = $config['installedpackages']['pfblockerng']['config'][0];
- # Enable/Disable of pfBlockerNG
+ // Enable/Disable of pfBlockerNG
$pfb['enable'] = $pfb['config']['enable_cb'];
- # Keep Blocklists on pfBlockerNG Disable
+ // Keep Blocklists on pfBlockerNG Disable
$pfb['keep'] = $pfb['config']['pfb_keep'];
- # Enable Suppression
+ // Enable Suppression
$pfb['supp'] = $pfb['config']['suppression'];
- # Max Lines in pfblockerng.log file
+ // Max Lines in pfblockerng.log file
$pfb['logmax'] = $pfb['config']['log_maxlines'];
- # Lan IP Address
+ // Lan IP Address
$pfb['iplocal'] = $config['interfaces']['lan']['ipaddr'];
- # Disable Country Database CRON Updates
+ // Disable Country Database CRON Updates
$pfb['cc'] = $pfb['config']['database_cc'];
- # User Defined CRON Start Minute
+ // User Defined CRON Start Minute
$pfb['min'] = $pfb['config']['pfb_min'];
- # Start hour of the Scheduler
+ // Start hour of the Scheduler
$pfb['hour'] = $pfb['config']['pfb_hour'];
- # Hour cycle for Scheduler
+ // Hour cycle for Scheduler
$pfb['interval'] = $pfb['config']['pfb_interval'];
- # Start hour of the 'Once a day' Schedule
+ // Start hour of the 'Once a day' Schedule
$pfb['24hour'] = $pfb['config']['pfb_dailystart'];
- # Set pfBlockerNG to Disabled on 'Re-Install'
+ // Set pfBlockerNG to Disabled on 'Re-Install'
if (isset($pfb['install']) && $pfb['install']) {
$pfb['enable'] = "";
$pfb['install'] = FALSE;
@@ -119,14 +119,14 @@ function pfb_global() {
pfb_global();
-# Set Max PHP Memory Setting
+// Set Max PHP Memory Setting
$uname = posix_uname();
if ($uname['machine'] == 'amd64') {
ini_set('memory_limit', '256M');
}
-# Function to decode to Alias Custom entry box.
+// Function to decode to Alias Custom entry box.
function pfbng_text_area_decode($text) {
$customlist = explode("\r\n", base64_decode($text));
foreach ($customlist as $line) {
@@ -142,13 +142,13 @@ function pfbng_text_area_decode($text) {
}
-# Manage Log File Line Limit
+// Manage Log File Line Limit
function pfb_log_mgmt() {
global $pfb;
pfb_global();
if ($pfb['logmax'] == "nolimit") {
- # Skip Log Mgmt
+ // Skip Log Mgmt
} else {
if (file_exists($pfb['log'])) {
exec("/usr/bin/tail -n {$pfb['logmax']} {$pfb['log']} > /tmp/pfblog; /bin/mv -f /tmp/pfblog {$pfb['log']}");
@@ -157,13 +157,13 @@ function pfb_log_mgmt() {
}
-# Record Log Messsages to pfBlockerNG Log File and/or Error Log File.
+// Record Log Messsages to pfBlockerNG Log File and/or Error Log File.
function pfb_logger($log, $type) {
global $g,$pfb,$pfbarr;
$now = date("m/d/y G:i:s", time());
- # Only log timestamp if new
+ // Only log timestamp if new
if (preg_match("/NOW/", $log)) {
if ($now == $pfb['pnow']) {
$log = str_replace("[ NOW ]", "", "{$log}");
@@ -199,7 +199,7 @@ function pfb_determine_list_detail($list="", $header_url="", $confconfig="", $ke
$pfbarr['skip'] = FALSE;
$pfbarr['folder'] = "{$pfb['nativedir']}";
} else {
- # Deny
+ // Deny
$pfbarr['skip'] = TRUE;
$pfbarr['folder'] = "{$pfb['denydir']}";
}
@@ -211,7 +211,7 @@ function pfb_determine_list_detail($list="", $header_url="", $confconfig="", $ke
$pfbarr['descr'] = " Auto ";
}
- //Determine length of Header to format log Output
+ // Determine length of Header to format log Output
if (strlen($header_url) > 19) {
$pfbarr['logtab'] = "";
}
@@ -283,7 +283,7 @@ function pfb_cron_base_hour() {
}
if ($pfb['interval'] == 2) {
- # 2 Hour Schedule Converter
+ // 2 Hour Schedule Converter
$shour = intval(substr($pfb['hour'], 0, 2));
$sch2 = strval($shour);
for ($i=0; $i<11; $i++) {
@@ -298,7 +298,7 @@ function pfb_cron_base_hour() {
}
if ($pfb['interval'] == 3) {
- # 3 Hour Schedule Converter
+ // 3 Hour Schedule Converter
$shour = intval(substr($pfb['hour'], 0, 2));
$sch3 = strval($shour);
for ($i=0; $i<7; $i++) {
@@ -313,7 +313,7 @@ function pfb_cron_base_hour() {
}
if ($pfb['interval'] == 4) {
- # 4 Hour Schedule Converter
+ // 4 Hour Schedule Converter
$shour = intval(substr($pfb['hour'], 0, 2));
$sch4 = strval($shour);
for ($i=0; $i<5; $i++) {
@@ -328,7 +328,7 @@ function pfb_cron_base_hour() {
}
if ($pfb['interval'] == 6) {
- # 6 Hour Schedule Converter
+ // 6 Hour Schedule Converter
$shour = intval(substr($pfb['hour'], 0, 2));
$sch6 = strval($shour);
for ($i=0; $i<3; $i++) {
@@ -343,7 +343,7 @@ function pfb_cron_base_hour() {
}
if ($pfb['interval'] == 8) {
- # 8 Hour Schedule Converter
+ // 8 Hour Schedule Converter
$shour = intval(substr($pfb['hour'], 0, 2));
$sch8 = strval($shour);
for ($i=0; $i<2; $i++) {
@@ -358,7 +358,7 @@ function pfb_cron_base_hour() {
}
if ($pfb['interval'] == 12) {
- # 12 Hour Schedule Converter
+ // 12 Hour Schedule Converter
$shour = intval(substr($pfb['hour'], 0, 2));
$sch12 = strval($shour) . ",";
$shour += 12;
@@ -380,7 +380,7 @@ function pfb_cron_base_hour() {
}
-# Create Suppression Alias
+// Create Suppression Alias
function pfb_create_suppression_alias() {
global $config;
@@ -402,7 +402,7 @@ function pfb_create_suppression_alias() {
}
-# Create Suppression file from Alias
+// Create Suppression file from Alias
function pfb_create_suppression_file() {
global $config,$pfb;
@@ -426,7 +426,7 @@ function pfb_create_suppression_file() {
unlink_if_exists("{$pfb['supptxt']}");
}
} else {
- # Delete Suppression File if Alias is Empty.
+ // Delete Suppression File if Alias is Empty.
unlink_if_exists("{$pfb['supptxt']}");
}
}
@@ -587,14 +587,14 @@ function pfb_aliastables($mode) {
}
-# Main pfBlockerNG Function
+// Main pfBlockerNG Function
function sync_package_pfblockerng($cron = "") {
global $g,$config,$pfb,$pfbarr;
pfb_global();
$pfb['cron_mod'] = FALSE; // Flag to check for mods to the config.xml file.
- # Detect Boot Process or Update via CRON
+ // Detect Boot Process or Update via CRON
if (isset($_POST) && $cron == "") {
if (!preg_match("/\w+/",$_POST['__csrf_magic'])) {
log_error("[pfBlockerNG] Sync terminated during boot process.");
@@ -608,7 +608,7 @@ function sync_package_pfblockerng($cron = "") {
$pfb['save'] = TRUE;
}
- # Start of pfBlockerNG Logging to 'pfblockerng.log'
+ // Start of pfBlockerNG Logging to 'pfblockerng.log'
if ($pfb['enable'] == "on" && !$pfb['save']) {
$log = " UPDATE PROCESS START [ NOW ]\n";
pfb_logger("{$log}","1");
@@ -622,15 +622,15 @@ function sync_package_pfblockerng($cron = "") {
// Call function for NanoBSD/Ramdisk processes.
pfb_aliastables("conf");
- # Collect pfSense Max Table Size Entry
+ // Collect pfSense Max Table Size Entry
if (empty($config['system']['maximumtableentries'])) {
- # If Table limit not defined, set Default to 2M
+ // If Table limit not defined, set Default to 2M
$config['system']['maximumtableentries'] = "2000000";
$pfb['cron_mod'] = TRUE;
}
$pfb['table_limit'] = $config['system']['maximumtableentries'];
- # Collect local web gui configuration
+ // Collect local web gui configuration
$pfb['weblocal'] = ($config['system']['webgui']['protocol'] != "" ? $config['system']['webgui']['protocol'] : "http");
$pfb['port'] = $config['system']['webgui']['port'];
if ($pfb['port'] == "") {
@@ -642,57 +642,57 @@ function sync_package_pfblockerng($cron = "") {
}
$pfb['weblocal'] .= "://127.0.0.1:{$pfb['port']}/pfblockerng/pfblockerng.php";
- # Define Inbound/Outbound Action is not user selected.
+ // Define Inbound/Outbound Action is not user selected.
$pfb['deny_action_inbound'] = ($pfb['config']['inbound_deny_action'] != "" ? $pfb['config']['inbound_deny_action'] : "block");
$pfb['deny_action_outbound'] = ($pfb['config']['outbound_deny_action'] != "" ? $pfb['config']['outbound_deny_action'] : "reject");
- # Reloads Existing Blocklists without Downloading New Lists
+ // Reloads Existing Blocklists without Downloading New Lists
$pfb['reuse'] = $pfb['config']['pfb_reuse'];
- # Enable OpenVPN AutoRules
+ // Enable OpenVPN AutoRules
$pfb['openvpn'] = $pfb['config']['openvpn_action'];
- # Enable/Disable Floating Auto-Rules
+ // Enable/Disable Floating Auto-Rules
$pfb['float'] = $pfb['config']['enable_float'];
- # Enable Remove of Duplicate IPs utilizing Grepcidr
+ // Enable Remove of Duplicate IPs utilizing Grepcidr
$pfb['dup'] = $pfb['config']['enable_dup'];
- # Order of the Auto-Rules
+ // Order of the Auto-Rules
$pfb['order'] = $pfb['config']['pass_order'];
- # Suffix used for Auto-Rules
+ // Suffix used for Auto-Rules
$pfb['suffix'] = $pfb['config']['autorule_suffix'];
- # Reputation Variables
+ // Reputation Variables
$pfb['config_rep'] = $config['installedpackages']['pfblockerngreputation']['config'][0];
- # Enable/Disable Reputation
+ // Enable/Disable Reputation
$pfb['rep'] = $pfb['config_rep']['enable_rep'];
- # Enable/Disable 'pDup'
+ // Enable/Disable 'pDup'
$pfb['pdup'] = $pfb['config_rep']['enable_pdup'];
- # Enable/Disable 'dDup'
+ // Enable/Disable 'dDup'
$pfb['dedup'] = ($pfb['config_rep']['enable_dedup'] != "" ? $pfb['config_rep']['enable_dedup'] : "x");
- # 'Max' variable setting for Reputation
+ // 'Max' variable setting for Reputation
$pfb['max'] = ($pfb['config_rep']['p24_max_var'] != "" ? $pfb['config_rep']['p24_max_var'] : "x");
- # 'dMax' variable setting for Reputation
+ // 'dMax' variable setting for Reputation
$pfb['dmax'] = ($pfb['config_rep']['p24_dmax_var'] != "" ? $pfb['config_rep']['p24_dmax_var'] : "x");
- # 'pMax' variable setting for Reputation
+ // 'pMax' variable setting for Reputation
$pfb['pmax'] = ($pfb['config_rep']['p24_pmax_var'] != "" ? $pfb['config_rep']['p24_pmax_var'] : "x");
- # Action for Whitelist Country Category
+ // Action for Whitelist Country Category
$pfb['ccwhite'] = $pfb['config_rep']['ccwhite'];
- # Action for Blacklist Country Category
+ // Action for Blacklist Country Category
$pfb['ccblack'] = $pfb['config_rep']['ccblack'];
- # List of Countries in the Whitelist Category
+ // List of Countries in the Whitelist Category
$pfb['ccexclude']= ($pfb['config_rep']['ccexclude'] != "" ? $pfb['config_rep']['ccexclude'] : "x");
- # Emerging Threats IQRisk Block Categories
+ // Emerging Threats IQRisk Block Categories
$pfb['etblock'] = ($pfb['config_rep']['etblock'] != "" ? $pfb['config_rep']['etblock'] : "x");
- # Emerging Threats IQRisk Match Categories
+ // Emerging Threats IQRisk Match Categories
$pfb['etmatch'] = ($pfb['config_rep']['etmatch'] != "" ? $pfb['config_rep']['etmatch'] : "x");
- # Perform a Force Update on ET Categories
+ // Perform a Force Update on ET Categories
$pfb['etupdate']= $pfb['config_rep']['et_update'];
- # Variables
+ // Variables
- # Starting Variable to Skip rep, pdup and dedeup functions if no changes are required
+ // Starting Variable to Skip rep, pdup and dedeup functions if no changes are required
$pfb['dupcheck'] = FALSE;
- ## $pfb['save'] is used to determine if User pressed "Save" Button to avoid Collision with CRON.
- ## This is defined in each pfBlockerNG XML Files
+ // $pfb['save'] is used to determine if User pressed "Save" Button to avoid Collision with CRON.
+ // This is defined in each pfBlockerNG XML Files
#################################
@@ -710,8 +710,8 @@ function sync_package_pfblockerng($cron = "") {
"Proxy and Satellite" => "pfB_PS"
);
- #create rules vars and arrays
- # Array used to Collect Changes to Aliases to be saved to Config
+ // create rules vars and arrays
+ // Array used to Collect Changes to Aliases to be saved to Config
$new_aliases = array();
$new_aliases_list = array();
$continent_existing = array();
@@ -720,14 +720,14 @@ function sync_package_pfblockerng($cron = "") {
$permit_outbound = array();
$deny_inbound = array();
$deny_outbound = array();
- # An Array of all Aliases (Active and non-Active)
+ // An Array of all Aliases (Active and non-Active)
$aliases_list = array();
- # This is an Array of Aliases that Have Updated Lists via CRON/Force Update when 'Reputation' disabled.
+ // This is an Array of Aliases that Have Updated Lists via CRON/Force Update when 'Reputation' disabled.
$pfb_alias_lists = array();
- # This is an Array of All Active Aliases used when 'Reputation' enabled
+ // This is an Array of All Active Aliases used when 'Reputation' enabled
$pfb_alias_lists_all = array();
- # Base Rule Array
+ // Base Rule Array
$base_rule_reg = array( "id" => "",
"tag" => "",
"tagged" => "",
@@ -740,7 +740,7 @@ function sync_package_pfblockerng($cron = "") {
"os" => ""
);
- # Floating Rules, Base Rule Array
+ // Floating Rules, Base Rule Array
$base_rule_float = array("id" => "",
"tag" => "",
"tagged" => "",
@@ -760,8 +760,8 @@ function sync_package_pfblockerng($cron = "") {
# Configure Rule Suffix #
#########################################
- # Discover if any Rules are AutoRules (If no AutoRules found, $pfb['autorules'] is FALSE, Skip Rules Re-Order )
- # To configure Auto Rule Suffix. pfBlockerNG must be disabled to change Suffix and to avoid Duplicate Rules
+ // Discover if any Rules are AutoRules (If no AutoRules found, $pfb['autorules'] is FALSE, Skip Rules Re-Order )
+ // To configure Auto Rule Suffix. pfBlockerNG must be disabled to change Suffix and to avoid Duplicate Rules
$pfb['autorules'] = FALSE;
$pfb['found'] = FALSE;
foreach ($continents as $continent => $pfb_alias) {
@@ -787,16 +787,16 @@ function sync_package_pfblockerng($cron = "") {
}
}
- #Configure Auto Rule Suffix. pfBlockerNG must be disabled to change Suffix and to avoid Duplicate Rules
- # Count Number of Rules with 'pfB_'
+ // Configure Auto Rule Suffix. pfBlockerNG must be disabled to change Suffix and to avoid Duplicate Rules
+ // Count Number of Rules with 'pfB_'
$count = 0;
if (is_array($config['filter']['rule'])) {
foreach ($config['filter']['rule'] as $rule) {
- # Collect any pre-existing Suffix
+ // Collect any pre-existing Suffix
if (preg_match("/pfB_\w+(\s.*)/",$rule['descr'], $pfb_suffix_real) && $count == 0) {
$pfb_suffix_match = $pfb_suffix_real[1];
}
- # Query for Existing pfB Rules
+ // Query for Existing pfB Rules
if (preg_match("/pfB_/",$rule['descr'])) {
$count++;
break;
@@ -804,7 +804,7 @@ function sync_package_pfblockerng($cron = "") {
}
}
- # Change Suffix only if No pfB Rules Found and Auto Rules are Enabled.
+ // Change Suffix only if No pfB Rules Found and Auto Rules are Enabled.
if ($pfb['autorules'] && $count == 0) {
switch ($pfb['suffix']) {
case "autorule":
@@ -819,10 +819,10 @@ function sync_package_pfblockerng($cron = "") {
}
} else {
if ($pfb['autorules']) {
- # Use existing Suffix Match
+ // Use existing Suffix Match
$pfb['suffix'] = $pfb_suffix_match;
} else {
- # Leave Rule Suffix 'Blank'
+ // Leave Rule Suffix 'Blank'
$pfb['suffix'] = "";
}
}
@@ -832,39 +832,39 @@ function sync_package_pfblockerng($cron = "") {
# Configure INBOUND/OUTBOUND INTERFACES #
#########################################################
- # Collect pfSense Interface Order
+ // Collect pfSense Interface Order
$ifaces = get_configured_interface_list();
if (!empty($pfb['config']['inbound_interface'])) {
- # Sort Interface Array to match pfSense Interface order to allow Floating Rules to populate.
+ // Sort Interface Array to match pfSense Interface order to allow Floating Rules to populate.
$selected_interfaces = explode(",",$pfb['config']['inbound_interface']);
- # Sort pfBlockerNG Interface order to pfSense Interface Order
+ // Sort pfBlockerNG Interface order to pfSense Interface Order
$sort_interfaces = array_intersect($ifaces, $selected_interfaces);
$implode_interfaces = ltrim(implode(",",$sort_interfaces), ",");
- # CSV String for Inbound Interfaces for 'pfB_' Match Rules
+ // CSV String for Inbound Interfaces for 'pfB_' Match Rules
$pfb['inbound_floating'] = $implode_interfaces;
$pfb['inbound_interfaces_float'] = explode(" ",$implode_interfaces);
- # Assign Inbound Base Rule/Interfaces
+ // Assign Inbound Base Rule/Interfaces
if ($pfb['float'] == "on") {
- # Define Base Firewall Floating Rules Settings
+ // Define Base Firewall Floating Rules Settings
$base_rule = $base_rule_float;
$pfb['inbound_interfaces'] = $pfb['inbound_interfaces_float'];
} else {
- # Define Base Firewall Rules Settings
+ // Define Base Firewall Rules Settings
$base_rule = $base_rule_reg;
$pfb['inbound_interfaces'] = explode(",",$pfb['config']['inbound_interface']);
}
} else {
- # Define Empty Variable/Array
+ // Define Empty Variable/Array
$pfb['inbound_interfaces_float'] = "";
$pfb['inbound_interfaces'] = array();
}
if (!empty($pfb['config']['outbound_interface'])) {
- # Sort Interface Array to match pfSense Interface order to allow Floating Rules to populate.
+ // Sort Interface Array to match pfSense Interface order to allow Floating Rules to populate.
$selected_interfaces = explode(",",$pfb['config']['outbound_interface']);
- # Sort pfBlockerNG Interface order to pfSense Interface Order
+ // Sort pfBlockerNG Interface order to pfSense Interface Order
$sort_interfaces = array_intersect($ifaces, $selected_interfaces);
// If OpenVPN Interfaces are not in dropdown menu
if ($pfb['openvpn'] == "on" && $config['openvpn']['openvpn-server'] || $pfb['openvpn'] == "on" && $config['openvpn']['openvpn-client']) {
@@ -873,11 +873,11 @@ function sync_package_pfblockerng($cron = "") {
}
}
$implode_interfaces = ltrim(implode(",",$sort_interfaces), ",");
- # CSV String for Outbound Interfaces for 'pfB_' Match Rules
+ // CSV String for Outbound Interfaces for 'pfB_' Match Rules
$pfb['outbound_floating'] = $implode_interfaces;
$pfb['outbound_interfaces_float'] = explode(" ",$implode_interfaces);
- # Assign Outbound Base Rule/Interfaces
+ // Assign Outbound Base Rule/Interfaces
if ($pfb['float'] == "on") {
$base_rule = $base_rule_float;
$pfb['outbound_interfaces'] = $pfb['outbound_interfaces_float'];
@@ -892,7 +892,7 @@ function sync_package_pfblockerng($cron = "") {
}
}
} else {
- # Define Empty Variable/Array
+ // Define Empty Variable/Array
$pfb['outbound_interfaces_float'] = "";
$pfb['outbound_interfaces'] = array();
}
@@ -902,10 +902,10 @@ function sync_package_pfblockerng($cron = "") {
# Clear Removed Lists from Masterfiles #
#################################################
- # Process to keep Masterfiles in Sync with Valid Lists from config.conf file.
+ // Process to keep Masterfiles in Sync with Valid Lists from config.conf file.
$pfb['sync_master'] = TRUE;
- # Don't execute this function when pfBlockerNG is Disabled and 'Keep Blocklists' is enabled.
+ // Don't execute this function when pfBlockerNG is Disabled and 'Keep Blocklists' is enabled.
if ($pfb['enable'] == "" && $pfb['keep'] == "on") {
$pfb['sync_master'] = FALSE;
}
@@ -936,7 +936,7 @@ function sync_package_pfblockerng($cron = "") {
$cont_type = array ("countries4" => "_v4", "countries6" => "_v6");
foreach ($cont_type as $c_type => $vtype) {
if ($continent_config[$c_type] != "") {
- # Set Parameters for 'Match', 'Permit', 'Native' and 'Deny'
+ // Set Parameters for 'Match', 'Permit', 'Native' and 'Deny'
if (in_array($continent_config['action'],array('Match_Both','Match_Inbound','Match_Outbound','Alias_Match'))) {
$pfb['existing']['match'][] = "{$pfb_alias}{$vtype}";
} elseif (in_array($continent_config['action'],array('Permit_Both','Permit_Inbound','Permit_Outbound','Alias_Permit'))){
@@ -952,7 +952,7 @@ function sync_package_pfblockerng($cron = "") {
}
}
- # Find all Enabled IPv4/IPv6 Lists
+ // Find all Enabled IPv4/IPv6 Lists
$list_type = array ("pfblockernglistsv4" => "_v4", "pfblockernglistsv6" => "_v6");
foreach ($list_type as $ip_type => $vtype) {
if ($config['installedpackages'][$ip_type]['config'] != "" && $pfb['enable'] == "on") {
@@ -964,9 +964,9 @@ function sync_package_pfblockerng($cron = "") {
} else {
$pfb_alias = "{$row['header']}_v6";
}
- # Collect Enabled Lists
+ // Collect Enabled Lists
if ($row['url'] != "" && $row['state'] != "Disabled") {
- # Set Parameters for 'Match', 'Permit', 'Native' and 'Deny'
+ // Set Parameters for 'Match', 'Permit', 'Native' and 'Deny'
if (in_array($list['action'],array('Match_Both','Match_Inbound','Match_Outbound','Alias_Match'))) {
$pfb['existing']['match'][] = "{$pfb_alias}";
} elseif (in_array($list['action'],array('Permit_Both','Permit_Inbound','Permit_Outbound','Alias_Permit'))) {
@@ -983,7 +983,7 @@ function sync_package_pfblockerng($cron = "") {
}
}
- # Find all Enabled IPv4 'Custom List' Header Names and Check if 'Emerging Threats Update' and 'Custom List Update' Needs Force Updating
+ // Find all Enabled IPv4 'Custom List' Header Names and Check if 'Emerging Threats Update' and 'Custom List Update' Needs Force Updating
$list_type = array ("pfblockernglistsv4" => "_v4", "pfblockernglistsv6" => "_v6");
foreach ($list_type as $ip_type => $vtype) {
if ($config['installedpackages'][$ip_type]['config'] != "" && $pfb['enable'] == "on") {
@@ -991,7 +991,7 @@ function sync_package_pfblockerng($cron = "") {
foreach ($config['installedpackages'][$ip_type]['config'] as $list) {
if (is_array($list['row']) && $list['action'] != "Disabled") {
$count++;
- # Check if 'Emerging Threats Update' Needs Updating before next CRON Event.
+ // Check if 'Emerging Threats Update' Needs Updating before next CRON Event.
if (is_array($list['row']) && $row['state'] != "Disabled" && $pfb['etupdate'] == "enabled" && $vtype == "_v4") {
foreach ($list['row'] as $row) {
$aliasname = $row['header'];
@@ -1005,14 +1005,14 @@ function sync_package_pfblockerng($cron = "") {
}
}
- # Collect Enabled Custom List Box Aliases
+ // Collect Enabled Custom List Box Aliases
if (pfbng_text_area_decode($list['custom']) != "") {
if ($vtype == "_v4") {
$pfb_alias = "{$list['aliasname']}_custom";
} else {
$pfb_alias = "{$list['aliasname']}_custom_v6";
}
- # Determine Folder Location for 'List'
+ // Determine Folder Location for 'List'
if (in_array($list['action'],array('Match_Both','Match_Inbound','Match_Outbound','Alias_Match'))) {
$pfb['existing']['match'][] = "{$pfb_alias}";
$pfbfolder = "{$pfb['matchdir']}";
@@ -1026,10 +1026,10 @@ function sync_package_pfblockerng($cron = "") {
$pfb['existing']['deny'][] = "{$pfb_alias},"; // Add Trailing ','
$pfbfolder = "{$pfb['denydir']}";
}
- # Determine if 'Custom List' Needs Force Updating before next CRON Event.
+ // Determine if 'Custom List' Needs Force Updating before next CRON Event.
if ($list['custom_update'] == "enabled") {
unlink_if_exists("{$pfbfolder}/{$pfb_alias}.txt");
- # Uncheck 'Enabled' in List 'Custom_update' Setting
+ // Uncheck 'Enabled' in List 'Custom_update' Setting
$config['installedpackages'][$ip_type]['config'][$count]['custom_update'] = "disabled";
$pfb['cron_mod'] = TRUE;
}
@@ -1038,7 +1038,7 @@ function sync_package_pfblockerng($cron = "") {
}
}
- # Collect all .txt file Names for each List Type
+ // Collect all .txt file Names for each List Type
$list_types = array('match' => $pfb['matchdir'], 'permit' => $pfb['permitdir'], 'deny' => $pfb['denydir'], 'native' => $pfb['nativedir']);
foreach ($list_types as $type => $pfbfolder) {
$pfb_files = glob("$pfbfolder/*.txt");
@@ -1052,12 +1052,12 @@ function sync_package_pfblockerng($cron = "") {
}
}
- # Flag to execute pfctl and Rules Ordering
+ // Flag to execute pfctl and Rules Ordering
$pfb['remove'] = FALSE;
- # Execute Final Summary as a List was Removed
+ // Execute Final Summary as a List was Removed
$pfb['summary'] = FALSE;
- # Process to Remove Lists from Masterfile/DB Folder if they do not Exist
+ // Process to Remove Lists from Masterfile/DB Folder if they do not Exist
if (isset($pfb['existing'])) {
foreach ($pfb['existing'] as $pfb_exist) {
$existing_type = $pfb_exist['type'];
@@ -1072,7 +1072,7 @@ function sync_package_pfblockerng($cron = "") {
if ($f_result != "") {
$log = "[ Removing List(s) : {$f_result} ]\n";
pfb_logger("{$log}","1");
- # Script to Remove un-associated Lists
+ // Script to Remove un-associated Lists
exec ("{$pfb['script']} remove x x x {$f_result} >> {$pfb['log']} 2>&1");
$pfb['summary'] = TRUE;
$pfb['remove'] = TRUE;
@@ -1082,7 +1082,7 @@ function sync_package_pfblockerng($cron = "") {
case "permit":
case "native":
$results = array_diff($pfb_act, $pfb_exist);
- # This variable ($f_result) used in next section below.
+ // This variable ($f_result) used in next section below.
$f_result = implode($results);
if (!empty($results)) {
foreach ($results as $pfb_result) {
@@ -1096,7 +1096,7 @@ function sync_package_pfblockerng($cron = "") {
break;
}
- # Allow rebuilding of changed Alias to purge 'SKIP' Lists (when pfBlockerNG is enabled)
+ // Allow rebuilding of changed Alias to purge 'SKIP' Lists (when pfBlockerNG is enabled)
$list_type = array ("pfblockernglistsv4" => "_v4", "pfblockernglistsv6" => "_v6");
foreach ($list_type as $ip_type => $vtype) {
if ($f_result != "" && $pfb['enable'] == "on") {
@@ -1110,7 +1110,7 @@ function sync_package_pfblockerng($cron = "") {
if ($row['header'] == $removed) {
$pfb['summary'] = TRUE;
$pfb['remove'] = TRUE;
- # Add Alias to Update Array
+ // Add Alias to Update Array
$pfb_alias_lists[] = "{$alias}";
$pfb_alias_lists_all[] = "{$alias}";
}
@@ -1131,7 +1131,7 @@ function sync_package_pfblockerng($cron = "") {
# Clear Match/Pass/ET/Original Files/Folders #
#########################################################
- # When pfBlockerNG is Disabled and 'Keep Blocklists' is Disabled.
+ // When pfBlockerNG is Disabled and 'Keep Blocklists' is Disabled.
if ($pfb['enable'] == "" && $pfb['keep'] == "" && !$pfb['install']) {
$log = "\n Removing DB Files/Folders \n";
pfb_logger("{$log}","1");
@@ -1171,7 +1171,7 @@ function sync_package_pfblockerng($cron = "") {
$cont_type = array ("countries4" => "_v4", "countries6" => "_v6");
foreach ($cont_type as $c_type => $vtype) {
- # Determine 'List' details (return array $pfbarr)
+ // Determine 'List' details (return array $pfbarr)
pfb_determine_list_detail($continent_config['action'], "{$pfb_alias}{$vtype}", $cc_name, "0");
$pfb['skip'] = $pfbarr['skip'];
$pfb_descr = $pfbarr['descr'];
@@ -1200,16 +1200,16 @@ function sync_package_pfblockerng($cron = "") {
$match = $continent_new[$line];
$continent_new[$line] = rtrim($match, "\n");
- # Check if pfBlockerNG pfctl Continent Tables are Empty (pfBlockerNG was Disabled w/ "keep", then Re-enabled)
+ // Check if pfBlockerNG pfctl Continent Tables are Empty (pfBlockerNG was Disabled w/ "keep", then Re-enabled)
$pfctlck = exec ("/sbin/pfctl -vvsTables | grep -A1 {$pfb_alias}{$vtype} | awk '/Addresses/ {s+=$2}; END {print s}'");
if (empty($pfctlck) && file_exists($pfbfolder . '/' . $pfb_alias . $vtype . '.txt')) {
$file_cont = file_get_contents($pfbfolder . '/' . $pfb_alias . $vtype . '.txt');
@file_put_contents($pfb['aliasdir'] . '/' . $pfb_alias . $vtype . '.txt',$file_cont, LOCK_EX);
- # PFCTL - Update Only Aliases that have been updated. ('Reputation' Disabled)
+ // PFCTL - Update Only Aliases that have been updated. ('Reputation' Disabled)
$pfb_alias_lists[] = "{$pfb_alias}{$vtype}";
}
- # Collect Active Alias Lists (Used for pfctl Update when 'Reputation' is enabled).
+ // Collect Active Alias Lists (Used for pfctl Update when 'Reputation' is enabled).
$pfb_alias_lists_all[] = "{$pfb_alias}{$vtype}";
// Compare Existing (Original File) and New Continent Data
@@ -1224,7 +1224,7 @@ function sync_package_pfblockerng($cron = "") {
$log = "\n[ {$pfb_alias}{$vtype} ]{$log_tab} Changes Found... Updating \n";
pfb_logger("{$log}","1");
- # Test to Skip d-dup and p-dup functions when changes are found.
+ // Test to Skip d-dup and p-dup functions when changes are found.
$pfb['dupcheck'] = TRUE;
$pfb_alias_lists[] = "{$pfb_alias}{$vtype}";
@@ -1243,7 +1243,7 @@ function sync_package_pfblockerng($cron = "") {
@file_put_contents($pfb['aliasdir'] . '/' . $pfb_alias . $vtype . '.txt',$continent, LOCK_EX);
}
- # Check if File Exists and is > 0 in Size and Save alias file
+ // Check if File Exists and is > 0 in Size and Save alias file
$file_chk = "0";
$cont_chk = "{$pfbfolder}/{$pfb_alias}{$vtype}.txt";
if (file_exists($cont_chk) && @filesize($cont_chk) > 0) {
@@ -1261,7 +1261,7 @@ function sync_package_pfblockerng($cron = "") {
}
if (file_exists($pfbfolder . '/' . $pfb_alias . $vtype . '.txt')) {
- #Create alias config
+ // Create alias config
$new_aliases_list[] = "{$pfb_alias}{$vtype}";
$pfb_contlog = $continent_config['aliaslog'];
@@ -1275,7 +1275,7 @@ function sync_package_pfblockerng($cron = "") {
"detail" => "DO NOT EDIT THIS ALIAS"
);
- #Create rule if action permits
+ // Create rule if action permits
switch ($continent_config['action']) {
case "Deny_Both":
case "Deny_Outbound":
@@ -1403,42 +1403,42 @@ function sync_package_pfblockerng($cron = "") {
break;
}
} else {
- #unlink continent list if any
+ // unlink continent list if any
unlink_if_exists($pfb['aliasdir'] . '/' . $pfb_alias . $vtype . '.txt');
}
}
}
}
- #mark pfctl aliastable for cleanup
+ // mark pfctl aliastable for cleanup
if (!in_array($pfb_alias, $aliases_list)) {
$aliases_list[] = "{$pfb_alias}{$vtype}";
}
}
}
- # UNSET variables
+ // UNSET variables
unset ($continent, $continent_existing, $continent_new);
#################################################
# Download and Collect IPv4/IPv6 lists #
#################################################
- # IPv4 REGEX Definitions
+ // IPv4 REGEX Definitions
$pfb['range'] = '/((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))-((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))/';
$pfb['block'] = '/(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[ 0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.([0]{1})\s+/';
$pfb['cidr'] = '/(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)?\/([0-9]{2}|[0-9]{1})/';
$pfb['single'] = '/(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\s+/';
$pfb['s_html'] = '/(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/';
- # IPv4 preg_replace Regex Filter array
+ // IPv4 preg_replace Regex Filter array
$pfb_ipreg = array();
- $pfb_ipreg[0] = '/\b0+(?=\d)/'; # Remove any Leading Zeros in each Octet
- $pfb_ipreg[1] = '/\s/'; # Remove any Whitespaces
- $pfb_ipreg[2] = '/\/32/'; # Remove any /32 CIDR
- $pfb_ipreg[3] = '/127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/'; # Remove any Loopback Addresses 127/8
- $pfb_ipreg[4] = '/0\.0\.0\.0/'; # Remove 0.0.0.0
-
- # IPv6 REGEX Definitions -- ** Still Needs some Adjustment on Regex Definition for IPv6 **
- # https://mebsd.com/coding-snipits/php-regex-ipv6-with-preg_match.html
+ $pfb_ipreg[0] = '/\b0+(?=\d)/'; // Remove any Leading Zeros in each Octet
+ $pfb_ipreg[1] = '/\s/'; // Remove any Whitespaces
+ $pfb_ipreg[2] = '/\/32/'; // Remove any /32 CIDR
+ $pfb_ipreg[3] = '/127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/'; // Remove any Loopback Addresses 127/8
+ $pfb_ipreg[4] = '/0\.0\.0\.0/'; // Remove 0.0.0.0
+
+ // IPv6 REGEX Definitions -- ** Still Needs some Adjustment on Regex Definition for IPv6 **
+ // https://mebsd.com/coding-snipits/php-regex-ipv6-with-preg_match.html
$pattern1 = '([A-Fa-f0-9]{1,4}:){7}[A-Fa-f0-9]{1,4}';
$pattern2 = '[A-Fa-f0-9]{1,4}::([A-Fa-f0-9]{1,4}:){0,5}[A-Fa-f0-9]{1,4}';
$pattern3 = '([A-Fa-f0-9]{1,4}:){2}:([A-Fa-f0-9]{1,4}:){0,4}[A-Fa-f0-9]{1,4}';
@@ -1457,7 +1457,7 @@ function sync_package_pfblockerng($cron = "") {
if ($config['installedpackages'][$ip_type]['config'] != "") {
foreach ($config['installedpackages'][$ip_type]['config'] as $list) {
if ($list['action'] != "Disabled" && $pfb['enable'] == "on" && !$pfb['save'] && is_array($list['row'])) {
- # Capture Alias Name
+ // capture Alias Name
$alias = "pfB_" . preg_replace("/\W/","",$list['aliasname']);
foreach ($list['row'] as $row) {
if ($row['url'] != "" && $row['state'] != "Disabled") {
@@ -1468,7 +1468,7 @@ function sync_package_pfblockerng($cron = "") {
$header_url = "{$row['header']}_v6";
}
- # Determine 'List' details (return array $pfbarr)
+ // Determine 'List' details (return array $pfbarr)
pfb_determine_list_detail($list['action'], $header_url, "", "");
$pfb['skip'] = $pfbarr['skip'];
$pfbfolder = $pfbarr['folder'];
@@ -1481,7 +1481,7 @@ function sync_package_pfblockerng($cron = "") {
continue;
}
- # Collect Active Alias List (Used for pfctl Update when 'Reputation' is enabled.
+ // Collect Active Alias List (Used for pfctl Update when 'Reputation' is enabled.
$pfb_alias_lists_all[] = "{$alias}";
if (file_exists($pfbfolder . '/' . $header_url . '.txt') && $pfb['reuse'] == "") {
@@ -1501,7 +1501,7 @@ function sync_package_pfblockerng($cron = "") {
$list_url = "{$row['url']}";
if (!$pfb['reuse'] == "on") {
- # Perform Remote URL Date/Time Stamp checks
+ // Perform Remote URL Date/Time Stamp checks
$host = @parse_url($row['url']);
if ($row['format'] != "rsync" || $row['format'] != "html") {
if ($host['host'] == "127.0.0.1" || $host['host'] == $pfb['iplocal'] || empty($host['host'])) {
@@ -1517,7 +1517,7 @@ function sync_package_pfblockerng($cron = "") {
if ($row['format'] == "gz" || $row['format'] == "gz_2") {
$file_dwn = "{$pfb['origdir']}/{$header_url}.gz";
if ($pfb['reuse'] == "on" && file_exists($file_dwn)) {
- # File Exists/Reuse
+ // File Exists/Reuse
} else {
$url_gz = "{$row['url']}";
$file_gz = @file_get_contents($url_gz);
@@ -1531,11 +1531,11 @@ function sync_package_pfblockerng($cron = "") {
$url_list = @gzfile($file_dwn);
}
- # IBlock Large Files mixed with IPs and Domains. PHP mem of 256M can't handle very large Files.
+ // IBlock Large Files mixed with IPs and Domains. PHP mem of 256M can't handle very large Files.
if ($row['format'] == "gz_lg") {
$file_dwn = "{$pfb['origdir']}/{$header_url}.gz";
if ($pfb['reuse'] == "on" && file_exists($file_dwn)) {
- # File Exists/Reuse
+ // File Exists/Reuse
} else {
$url_gz = "{$row['url']}";
$file_gz = @file_get_contents($url_gz);
@@ -1553,7 +1553,7 @@ function sync_package_pfblockerng($cron = "") {
elseif ($row['format'] == "zip") {
$file_dwn = "{$pfb['origdir']}/{$header_url}.zip";
if ($pfb['reuse'] == "on" && file_exists($file_dwn)) {
- # File Exists/Reuse
+ // File Exists/Reuse
} else {
$url_zip = "{$row['url']}";
if (!$file_zip = @file_get_contents($url_zip)) {
@@ -1576,9 +1576,9 @@ function sync_package_pfblockerng($cron = "") {
elseif ($row['format'] == "et") {
$file_dwn = "{$pfb['origdir']}/{$header_url}.gz";
- # Script to Call ET IQRISK Process
+ // Script to Call ET IQRISK Process
if ($pfb['reuse'] == "on" && file_exists($file_dwn)) {
- # File Exists/Reuse
+ // File Exists/Reuse
} else {
$url_et = "{$row['url']}";
$file_et = @file_get_contents($url_et);
@@ -1595,9 +1595,9 @@ function sync_package_pfblockerng($cron = "") {
elseif ($row['format'] == "xlsx") {
$file_dwn = "{$pfb['origdir']}/{$header_url}.zip";
- # Script to Call XLSX Process
+ // Script to Call XLSX Process
if ($pfb['reuse'] == "on" && file_exists($file_dwn)) {
- # File Exists/Reuse
+ // File Exists/Reuse
} else {
$url_xlsx = "{$row['url']}";
$file_xlsx = @file_get_contents($url_xlsx);
@@ -1631,7 +1631,7 @@ function sync_package_pfblockerng($cron = "") {
elseif ($row['format'] == "html" || $row['format'] == "block") {
$file_dwn = "{$pfb['origdir']}/{$header_url}.raw";
if ($pfb['reuse'] == "on" && file_exists($file_dwn)) {
- # File Exists/Reuse
+ // File Exists/Reuse
$return = 0;
} else {
$url_html = "{$row['url']}";
@@ -1644,7 +1644,7 @@ function sync_package_pfblockerng($cron = "") {
elseif ($row['format'] == "rsync") {
$file_dwn = "{$pfb['origdir']}/{$header_url}.orig";
if ($pfb['reuse'] == "on" && file_exists($file_dwn)) {
- # File Exists/Reuse
+ // File Exists/Reuse
} else {
$url_rsync = "{$row['url']}";
exec ("/usr/local/bin/rsync --timeout=5 {$url_rsync} {$file_dwn}");
@@ -1652,13 +1652,13 @@ function sync_package_pfblockerng($cron = "") {
$url_list = @file($file_dwn);
}
- #extract range lists
+ // extract range lists
$new_file = "";
if (!empty($url_list)) {
if ($row['format'] == "gz" && $vtype == "_v4") {
foreach ($url_list as $line) {
if (!preg_match("/^#/", $line)) {
- # Network range 192.168.0.0-192.168.0.254
+ // Network range 192.168.0.0-192.168.0.254
if (preg_match($pfb['range'],$line,$matches)) {
$a_cidr = ip_range_to_subnet_array_temp2($matches[1],$matches[2]);
if (!empty($a_cidr)) {
@@ -1674,7 +1674,7 @@ function sync_package_pfblockerng($cron = "") {
elseif ($row['format'] == "block" && $vtype == "_v4") {
foreach ($url_list as $line) {
if (!preg_match("/^#/", $line)) {
- # Block Type '218.77.79.0 218.77.79.255 24'
+ // Block Type '218.77.79.0 218.77.79.255 24'
if (preg_match($pfb['block'],$line,$matches)) {
$new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "/24\n";
}
@@ -1685,11 +1685,11 @@ function sync_package_pfblockerng($cron = "") {
elseif ($row['format'] == "html" && $vtype == "_v4") {
foreach ($url_list as $line) {
if (!preg_match("/^#/", $line)) {
- # CIDR format 192.168.0.0/16
+ // CIDR format 192.168.0.0/16
if (preg_match($pfb['cidr'],$line,$matches)) {
$new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
}
- # Single ip addresses
+ // Single ip addresses
elseif (preg_match($pfb['s_html'],$line,$matches)) {
$new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
}
@@ -1700,7 +1700,7 @@ function sync_package_pfblockerng($cron = "") {
elseif ($vtype == "_v6") {
foreach ($url_list as $line) {
if (!preg_match("/^#/", $line)) {
- # IPv6 Regex Match
+ // IPv6 Regex Match
if (preg_match($pfb['ipv6'],$line,$matches)) {
$new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
}
@@ -1711,7 +1711,7 @@ function sync_package_pfblockerng($cron = "") {
else {
foreach ($url_list as $line) {
if (!preg_match("/^#/", $line)) {
- # Network range 192.168.0.0-192.168.0.254
+ // Network range 192.168.0.0-192.168.0.254
if (preg_match($pfb['range'],$line,$matches)) {
$a_cidr = ip_range_to_subnet_array_temp2($matches[1],$matches[2]);
if (!empty($a_cidr)) {
@@ -1720,11 +1720,11 @@ function sync_package_pfblockerng($cron = "") {
}
}
}
- # CIDR format 192.168.0.0/16
+ // CIDR format 192.168.0.0/16
elseif (preg_match($pfb['cidr'],$line,$matches)) {
$new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
}
- # Single ip addresses
+ // Single ip addresses
elseif (preg_match($pfb['single'],$line,$matches)) {
$new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
}
@@ -1733,14 +1733,14 @@ function sync_package_pfblockerng($cron = "") {
}
}
- # Check to see if Blocklist actually Failed Download or has no IPs listed.
+ // Check to see if Blocklist actually Failed Download or has no IPs listed.
if ($row['format'] == "html" || $row['format'] == "block") {
$url_chk = $file_dwn;
} else {
$url_chk = "{$pfb['origdir']}/{$header_url}.orig";
}
- # Check if File Exists and is > 0 in Size
+ // Check if File Exists and is > 0 in Size
$file_chk = "";
if (file_exists($url_chk) && @filesize($url_chk) > 0) {
$file_chk = exec ("/usr/bin/grep -cv '^#\|^$' {$url_chk}");
@@ -1755,42 +1755,42 @@ function sync_package_pfblockerng($cron = "") {
if ($new_file != "") {
if ($row['format'] == "gz" || $row['format'] == "gz_2" || $row['format'] == "html" || $row['format'] == "block") {
- # Re-Save these formats as original file
+ // Re-Save these formats as original file
$url_other = $new_file;
@file_put_contents($pfb['origdir'] . '/' . $header_url . '.orig',$url_other, LOCK_EX);
}
- # Save List to '.txt' format in appropriate Folder
+ // Save List to '.txt' format in appropriate Folder
@file_put_contents($pfbfolder . '/' .$header_url . '.txt',$new_file, LOCK_EX);
if ($pfb['rep'] == "on" && $pfb['skip'] && $vtype == "_v4") {
- # Script to Call p24 Process
+ // Script to Call p24 Process
exec ("{$pfb['script']} p24 {$header_url} {$pfb['max']} {$pfb['dedup']} {$pfb['ccexclude']} {$pfb['ccwhite']} {$pfb['ccblack']} >> {$pfb['log']} 2>&1");
}
if ($pfb['dup'] == "on" && $pfb['skip'] && $vtype == "_v4") {
- # Script to call Duplication Check Process
+ // Script to call Duplication Check Process
exec ("{$pfb['script']} duplicate {$header_url} >> {$pfb['log']} 2>&1");
}
- # PFCTL - Update Only Aliases that have been updated only.
+ // PFCTL - Update Only Aliases that have been updated only.
$pfb_alias_lists[] = "{$alias}";
- # Launch d-dup and p-dup functions when changes are found.
+ // Launch d-dup and p-dup functions when changes are found.
if ($pfb['skip'] && $vtype == "_v4") {
$pfb['dupcheck'] = TRUE;
}
- # Enable Suppression Process due to Updates
+ // Enable Suppression Process due to Updates
if ($pfb['supp'] == "on" && $vtype == "_v4") {
$pfb['supp_update'] = TRUE;
}
} else {
- # Log FAILED Downloads and Check if Firewall or Snort/Suricata is Blocking Host
+ // Log FAILED Downloads and Check if Firewall or Snort/Suricata is Blocking Host
$log = "\n [ {$alias} {$header_url} ] Download FAIL [ NOW ]\n";
pfb_logger("{$log}","2");
- # Rebuild Previous List File from contents of Masterfile
+ // Rebuild Previous List File from contents of Masterfile
if ($pfb['skip'] && $vtype == "_v4") {
- # Search with trailing Whitespace to match exact Header in Masterfile
+ // Search with trailing Whitespace to match exact Header in Masterfile
$header_url2 = $header_url . "[[:space:]]";
$file_chk = exec ("/usr/bin/grep {$header_url2} {$pfb['master']} | grep -c ^");
@@ -1800,17 +1800,17 @@ function sync_package_pfblockerng($cron = "") {
exec ("/usr/bin/grep {$header_url2} {$pfb['master']} | cut -d' ' -f2 > {$pfbfolder}/{$header_url}.txt");
}
}
- # A "Space" string Variable
+ // A "Space" string Variable
$sp = " ";
$ip = @gethostbyname($host['host']);
$ip2 = preg_replace("/(\d{1,3})\.(\d{1,3}).(\d{1,3}).(\d{1,3})/", "\"^$1\.$2\.$3\.\"", $ip);
- # Only Perform these Checks if they are not "localfiles"
+ // Only Perform these Checks if they are not "localfiles"
if ($host['host'] == "127.0.0.1" || $host['host'] == $pfb['iplocal'] || empty($host['host'])) {
$log = " [ {$alias} {$header_url} ] Local File Failure \n";
pfb_logger("{$log}","2");
} else {
- # only perform these steps if an 'IP' is found.
+ // only perform these steps if an 'IP' is found.
if (!empty($ip)) {
// Query for Exact IP Match
$result_b1 = array();
@@ -1821,7 +1821,7 @@ function sync_package_pfblockerng($cron = "") {
// Query Snort/Suricata snort2c IP Block Table
$snort_pfb = exec("/sbin/pfctl -t snort2c -T show | grep {$ip}");
- # If an exact IP Match is not found report any First Three IP Octets.
+ // If an exact IP Match is not found report any First Three IP Octets.
if (!empty($result_b1)) {
$final_b1 = implode("\n ", $result_b1);
$log = " [ {$alias} {$header_url}, {$ip} ] Firewall IP Block Found in : \n{$sp}{$final_b1}\n";
@@ -1843,12 +1843,12 @@ function sync_package_pfblockerng($cron = "") {
}
}
}
- # UNSET variables
+ // UNSET variables
unset ($file_gz,$file_zip,$file_et,$file_xlsx,$url_other,$url_list);
}
}
}
- #check custom network list
+ // check custom network list
if (pfbng_text_area_decode($list['custom']) != "") {
if ($vtype == "_v4") {
@@ -1857,10 +1857,10 @@ function sync_package_pfblockerng($cron = "") {
$aliascustom = "{$list['aliasname']}_custom_v6";
}
- # Collect Active Alias List (Used for pfctl Update when 'Reputation' is enabled.
+ // Collect Active Alias List (Used for pfctl Update when 'Reputation' is enabled.
$pfb_alias_lists_all[] = "{$alias}";
- # Determine 'List' details (return array $pfbarr)
+ // Determine 'List' details (return array $pfbarr)
pfb_determine_list_detail($list['action'], $aliascustom, "", "");
$pfb['skip'] = $pfbarr['skip'];
$pfbfolder = $pfbarr['folder'];
@@ -1882,7 +1882,7 @@ function sync_package_pfblockerng($cron = "") {
if (!empty($url_list)) {
foreach ($url_list as $line) {
if ($vtype == "_v4") {
- # Network range 192.168.0.0-192.168.0.254
+ // Network range 192.168.0.0-192.168.0.254
if (preg_match($pfb['range'],$line,$matches)) {
$a_cidr = ip_range_to_subnet_array_temp2($matches[1],$matches[2]);
if (!empty($a_cidr)) {
@@ -1891,16 +1891,16 @@ function sync_package_pfblockerng($cron = "") {
}
}
}
- # CIDR format 192.168.0.0/16
+ // CIDR format 192.168.0.0/16
elseif (preg_match($pfb['cidr'],$line,$matches)) {
$new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
}
- # Single ip addresses
+ // Single ip addresses
elseif (preg_match($pfb['s_html'],$line,$matches)) {
$new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
}
} else {
- # IPv6 Regex
+ // IPv6 Regex
if (preg_match($pfb['ipv6'],$line,$matches)) {
$new_file .= preg_replace($pfb_ipreg, '',$matches[0]) . "\n";
}
@@ -1909,20 +1909,20 @@ function sync_package_pfblockerng($cron = "") {
}
if ($new_file != "") {
- # PFCTL - Collect Only Aliases that have been updated only.
+ // PFCTL - Collect Only Aliases that have been updated only.
$pfb_alias_lists[] = "{$alias}";
- # Collect Updated lists for Suppression Process
+ // Collect Updated lists for Suppression Process
@file_put_contents($pfbfolder . '/'. $aliascustom . '.txt',$new_file, LOCK_EX);
- # Enable Suppression Process due to Updates
+ // Enable Suppression Process due to Updates
if ($pfb['supp'] == "on" && $vtype == "_v4") {
$pfb['supp_update'] = TRUE;
}
if ($pfb['rep'] == "on" && $pfb['skip'] && $vtype == "_v4") {
- # Script to Call p24 Process
+ // Script to Call p24 Process
exec ("{$pfb['script']} p24 {$aliascustom} {$pfb['max']} {$pfb['dedup']} {$pfb['ccexclude']} {$pfb['ccwhite']} {$pfb['ccblack']} >> {$pfb['log']} 2>&1");
}
if ($pfb['dup'] == "on" && $pfb['skip'] && $vtype == "_v4") {
- # Script to call Duplication Check Process
+ // Script to call Duplication Check Process
exec ("{$pfb['script']} duplicate {$aliascustom} >> {$pfb['log']} 2>&1");
}
} else {
@@ -1941,13 +1941,13 @@ function sync_package_pfblockerng($cron = "") {
# REPUTATION PROCESSES #
#################################
- # IP Reputation processes (pdup and ddup)
+ // IP Reputation processes (pdup and ddup)
if ($pfb['pdup'] == "on" && $pfb['dupcheck'] && !$pfb['save'] && $pfb['enable'] == "on") {
- # Script to run pdup process
+ // Script to run pdup process
exec ("{$pfb['script']} pdup x {$pfb['pmax']} >> {$pfb['log']} 2>&1");
}
if ($pfb['dedup'] == "on" && $pfb['dupcheck'] && !$pfb['save'] && $pfb['enable'] == "on") {
- # Script to run dedup process
+ // Script to run dedup process
exec ("{$pfb['script']} dedup x {$pfb['dmax']} {$pfb['dedup']} {$pfb['ccexclude']} {$pfb['ccwhite']} {$pfb['ccblack']} >> {$pfb['log']} 2>&1");
}
@@ -1962,7 +1962,7 @@ function sync_package_pfblockerng($cron = "") {
foreach ($config['installedpackages'][$ip_type]['config'] as $key => $list) {
$alias = "pfB_" . preg_replace("/\W/","",$list['aliasname']);
- # Determine 'List' details (return array $pfbarr)
+ // Determine 'List' details (return array $pfbarr)
pfb_determine_list_detail($list['action'], "", $ip_type, $key);
$pfb['skip'] = $pfbarr['skip'];
$pfb_descr = $pfbarr['descr'];
@@ -1985,7 +1985,7 @@ function sync_package_pfblockerng($cron = "") {
}
if ($list['action'] != "Disabled") {
- #remove empty lists files if any
+ // remove empty lists files if any
if (is_array($list['row'])) {
$update = 0;
${$alias} = "";
@@ -1998,20 +1998,20 @@ function sync_package_pfblockerng($cron = "") {
}
$pfctlck = exec ("/sbin/pfctl -vvsTables | grep -A1 {$alias} | awk '/Addresses/ {s+=$2}; END {print s}'");
- # Update Alias if List File Exists and its been updated or if the Alias URL Table is Empty.
+ // Update Alias if List File Exists and its been updated or if the Alias URL Table is Empty.
if (file_exists($pfbfolder . "/" . $header_url . ".txt") && in_array($alias, $final_alias) || file_exists($pfbfolder . "/" . $header_url . ".txt") && empty($pfctlck)) {
- # Script to run Suppression process (Print Header Only)
+ // Script to run Suppression process (Print Header Only)
if ($pfb['supp'] == "on" && $vtype == "_v4" && $runonce == 0 && $pfb['supp_update']) {
exec ("{$pfb['script']} suppress x x x suppressheader >> {$pfb['log']} 2>&1");
$runonce++;
}
- # Script to run Suppression Process (Body)
+ // Script to run Suppression Process (Body)
if ($pfb['supp'] == "on" && $vtype == "_v4" && $pfb['supp_update']) {
if ($pfb['dup'] == "on" || !$pfb['skip']) {
- # Execute if Duplication Process is Enabled or List is Permit or Match
+ // Execute if Duplication Process is Enabled or List is Permit or Match
exec ("{$pfb['script']} suppress x x x {$header_url}\|{$pfbfolder}/ >> {$pfb['log']} 2>&1");
} else {
- # Execute if Duplication Process is Disabled
+ // Execute if Duplication Process is Disabled
exec ("{$pfb['script']} suppress x x off {$header_url}\|{$pfbfolder}/ >> {$pfb['log']} 2>&1");
}
}
@@ -2022,14 +2022,14 @@ function sync_package_pfblockerng($cron = "") {
}
}
- #check custom network list
+ // check custom network list
if ($vtype == "_v4") {
$aliasname = "{$list['aliasname']}_custom";
} else {
$aliasname = "{$list['aliasname']}_custom_v6";
}
- # Update Alias if List File Exists and its been updated or if the Alias URL Table is Empty.
+ // Update Alias if List File Exists and its been updated or if the Alias URL Table is Empty.
$pfctlck = exec ("/sbin/pfctl -vvsTables | grep -A1 {$alias} | awk '/Addresses/ {s+=$2}; END {print s}'");
if (pfbng_text_area_decode($list['custom']) != "") {
@@ -2038,7 +2038,7 @@ function sync_package_pfblockerng($cron = "") {
$update++;
}
}
- # Determine Validity of Alias URL Tables/Rules. ie: Don't create Empty URL Tables or Aliases
+ // Determine Validity of Alias URL Tables/Rules. ie: Don't create Empty URL Tables or Aliases
if (${$alias} == "" && empty($pfctlck)) {
unlink_if_exists($pfb['aliasdir'] . '/' . $alias. '.txt');
} else {
@@ -2048,7 +2048,7 @@ function sync_package_pfblockerng($cron = "") {
}
$alias_log = $list['aliaslog'];
- #create alias
+ // create alias
$new_aliases_list[] = "{$alias}";
$new_aliases[] = array( "name" => "{$alias}",
@@ -2060,7 +2060,7 @@ function sync_package_pfblockerng($cron = "") {
"detail" => "DO NOT EDIT THIS ALIAS"
);
- #Create rule if action permits
+ // Create rule if action permits
switch ($list['action']) {
case "Deny_Both":
case "Deny_Outbound":
@@ -2188,18 +2188,18 @@ function sync_package_pfblockerng($cron = "") {
break;
}
}
- #mark pfctl aliastable for cleanup
+ // mark pfctl aliastable for cleanup
if (!in_array($alias, $aliases_list)) {
$aliases_list[] = "{$alias}";
}
} else {
- #unlink previous pfblockerNG alias list if any
+ // unlink previous pfblockerNG alias list if any
unlink_if_exists($pfb['aliasdir'] . '/' . $alias . '.txt');
}
}
}
}
- # Clear Variables
+ // Clear Variables
${$alias} = "";
@@ -2207,39 +2207,39 @@ function sync_package_pfblockerng($cron = "") {
# UPDATE pfSense ALIAS TABLES #
#########################################
- #update pfsense alias table
+ // update pfsense alias table
if (is_array($config['aliases']['alias'])) {
foreach ($config['aliases']['alias'] as $cbalias) {
if (substr($cbalias['name'], 0, 4) == 'pfB_') {
- #mark pfctl aliastable for cleaning
+ // mark pfctl aliastable for cleaning
if (!in_array($cbalias['name'], $aliases_list)) {
- $aliases_list[] = $cbalias['name']; #mark aliastable for cleaning
+ $aliases_list[] = $cbalias['name']; // mark aliastable for cleaning
}
- #remove previous aliastable file if alias is not defined any more
+ // remove previous aliastable file if alias is not defined any more
if (!in_array($cbalias['name'], $new_aliases_list)) {
unlink_if_exists($pfb['aliasdir'] . '/' . $cbalias['name'] . ".txt");
}
} else {
$new_aliases[] = $cbalias;
- # Check Table Size
+ // Check Table Size
if (file_exists($pfb['aliasdir'] . '/' . $alias . '.txt') && $message == "") {
preg_match("/(\d+)/",exec("/usr/bin/grep -c ^ " . $pfb['aliasdir'] . '/' . $alias . '.txt'),$matches);
}
if (($matches[1] * 2.1) >= $pfb['table_limit']) {
- #alias table too large
+ // alias table too large
$message = "{$alias} alias table is too large. Reduce networks in list or increase 'Firewall Maximum Table Entries' value to at least " . (int)($matches[1] * 2.1) . ' in "system - advanced - Firewall/NAT" . ';
}
}
}
}
- #apply new alias table to xml
+ // apply new alias table to xml
if ($message == "") {
$config['aliases']['alias'] = $new_aliases;
$pfb['cron_mod'] = TRUE;
}
- # UNSET Variables
+ // UNSET Variables
unset($new_aliases, $cbalias);
@@ -2247,7 +2247,7 @@ function sync_package_pfblockerng($cron = "") {
# Assign Rules #
#########################
- # Only Execute if AutoRules are defined or if an Alias has been removed.
+ // Only Execute if AutoRules are defined or if an Alias has been removed.
if ($pfb['autorules'] || $pfb['enable'] == "" || $pfb['remove']) {
if (count($deny_inbound) > 0 || count($permit_inbound) > 0 || count($match_inbound) > 0) {
if ($pfb['inbound_interfaces'] == "") {
@@ -2269,9 +2269,9 @@ function sync_package_pfblockerng($cron = "") {
$fmatch_rules = array();
$fother_rules = array();
- # Collect All Existing Rules
+ // Collect All Existing Rules
$rules = $config['filter']['rule'];
- # Collect Existing pfSense Rules 'Pass', 'Match' and 'Other' pfSense rules into new Arrays.
+ // Collect Existing pfSense Rules 'Pass', 'Match' and 'Other' pfSense rules into new Arrays.
if (!empty($rules)) {
foreach ($rules as $rule) {
if (!preg_match("/pfB_.*" . $pfb['suffix'] . "/",$rule['descr'])) {
@@ -2345,7 +2345,7 @@ function sync_package_pfblockerng($cron = "") {
}
}
- # Define Inbound Interface Rules
+ // Define Inbound Interface Rules
if (!empty($pfb['inbound_interfaces'])) {
$counter = 0;
foreach ($pfb['inbound_interfaces'] as $inbound_interface) {
@@ -2361,7 +2361,7 @@ function sync_package_pfblockerng($cron = "") {
$new_rules[] = $cb_rules;
}
}
- # Match Inbound Rules defined as Floating Only.
+ // Match Inbound Rules defined as Floating Only.
if (!empty($match_inbound) && $counter == 0) {
foreach ($match_inbound as $cb_rules) {
$cb_rules['interface'] = $pfb['inbound_floating'];
@@ -2406,7 +2406,7 @@ function sync_package_pfblockerng($cron = "") {
}
}
- # Define Outbound Interface Rules
+ // Define Outbound Interface Rules
if (!empty($pfb['outbound_interfaces'])) {
$counter = 0;
foreach ($pfb['outbound_interfaces'] as $outbound_interface) {
@@ -2422,7 +2422,7 @@ function sync_package_pfblockerng($cron = "") {
$new_rules[] = $cb_rules;
}
}
- # Match Outbound Rules defined as Floating Only.
+ // Match Outbound Rules defined as Floating Only.
if (!empty($match_outbound) && $counter == 0) {
foreach ($match_outbound as $cb_rules) {
$cb_rules['interface'] = $pfb['outbound_floating'];
@@ -2500,7 +2500,7 @@ function sync_package_pfblockerng($cron = "") {
}
}
- # Save New Rule Order to Config
+ // Save New Rule Order to Config
$config['filter']['rule'] = $new_rules;
}
if (!empty($message)) {
@@ -2508,7 +2508,7 @@ function sync_package_pfblockerng($cron = "") {
pfb_logger("{$log}","1");
}
- # UNSET arrays
+ // UNSET arrays
unset ($cb_rules,$permit_inbound,$permit_outbound,$deny_inbound,$deny_outbound,$match_inbound,$match_outbound);
unset ($other_rules,$fother_rules,$permit_rules,$fpermit_rules,$match_rules,$fmatch_rules);
}
@@ -2522,7 +2522,7 @@ function sync_package_pfblockerng($cron = "") {
# pfSense Integration #
#################################
- # If 'Rule Changes' are found, utilize the 'filter_configure()' function, if not, utilize 'pfctl replace' command
+ // If 'Rule Changes' are found, utilize the 'filter_configure()' function, if not, utilize 'pfctl replace' command
if ($pfb['autorules'] && $rules != $new_rules || $pfb['enable'] == "" || $pfb['remove']) {
require_once("filter.inc");
@@ -2534,20 +2534,20 @@ function sync_package_pfblockerng($cron = "") {
pfb_logger("{$log}","1");
}
- # Remove all pfBlockerNG Alias tables
+ // Remove all pfBlockerNG Alias tables
if (!empty($aliases_list)) {
foreach ($aliases_list as $table) {
exec ("/sbin/pfctl -t " . escapeshellarg($table) . " -T kill 2>&1", $pfb_null);
}
}
- #load filter file which will create the pfctl tables
+ // load filter file which will create the pfctl tables
filter_configure();
// Call function for NanoBSD/Ramdisk processes.
pfb_aliastables("update");
} else {
- # Don't Execute on User 'Save'
+ // Don't Execute on User 'Save'
if (!$pfb['save']) {
$log = "\n\n===[ Aliastables / Rules ]================================\n\n";
@@ -2593,10 +2593,10 @@ function sync_package_pfblockerng($cron = "") {
}
}
}
- # UNSET Variables
+ // UNSET Variables
unset($rules, $new_rules);
- #sync config
+ // sync config
pfblockerng_sync_on_changes();
@@ -2604,9 +2604,9 @@ function sync_package_pfblockerng($cron = "") {
# FINAL REPORTING #
#################################
- # Only run with CRON or Force Invoked Process
+ // Only run with CRON or Force Invoked Process
if ((!$pfb['save'] && $pfb['dupcheck'] && $pfb['enable'] == "on") || $pfb['summary']) {
- # Script to run Final Script Processes.
+ // Script to run Final Script Processes.
exec ("{$pfb['script']} closing {$pfb['dup']} >> {$pfb['log']} 2>&1");
}
@@ -2729,10 +2729,10 @@ function pfblockerng_php_install_command() {
// Remove previously used CC folder location if exists
@rmdir_recursive("{$pfb['dbdir']}/cc");
- # Uncompress Country Code File
+ // Uncompress Country Code File
@copy("{$pfb['dbdir']}/countrycodes.tar.bz2", "{$pfb['ccdir']}/countrycodes.tar.bz2");
exec("/usr/bin/tar -jx -C {$pfb['ccdif']} -f {$pfb['ccdir']}/countrycodes.tar.bz2");
- # Download MaxMind Files and Create Country Code files and Build Continent XML Files
+ // Download MaxMind Files and Create Country Code files and Build Continent XML Files
update_output_window(gettext("Downloading MaxMind Country Databases. This may take a minute..."));
exec("/bin/sh /usr/local/pkg/pfblockerng/geoipupdate.sh all >> {$pfb['geolog']} 2>&1");
@@ -2749,7 +2749,7 @@ function pfblockerng_php_install_command() {
@unlink_if_exists("{$pfb['dbdir']}/GeoIPv6.csv");
@unlink_if_exists("{$pfb['dbdir']}/country_continent.csv");
- # Add Widget to Dashboard
+ // Add Widget to Dashboard
update_output_window(gettext("Adding pfBlockerNG Widget to Dashboard."));
if ($pfb['keep'] == "on" && !empty($pfb['widgets'])) {
// Restore previous Widget setting if "Keep" is enabled.
@@ -2771,16 +2771,16 @@ function pfblockerng_php_deinstall_command() {
require_once("config.inc");
global $config,$pfb;
- # Set these two variables to Disable pfBlockerNG on De-Install
+ // Set these two variables to Disable pfBlockerNG on De-Install
$pfb['save'] = TRUE;
$pfb['install'] = TRUE;
sync_package_pfblockerng();
rmdir_recursive("/usr/local/pkg/pfblockerng");
rmdir_recursive("/usr/local/www/pfblockerng");
- # Maintain pfBlockerNG Settings and Database Files if $pfb['keep'] is ON.
+ // Maintain pfBlockerNG Settings and Database Files if $pfb['keep'] is ON.
if ($pfb['keep'] != "on") {
- # Remove pfBlockerNG Log and DB Folder
+ // Remove pfBlockerNG Log and DB Folder
rmdir_recursive("{$pfb['dbdir']}");
rmdir_recursive("{$pfb['logdir']}");
@@ -2793,7 +2793,7 @@ function pfblockerng_php_deinstall_command() {
}
}
- # Remove Settings from Config
+ // Remove Settings from Config
if (is_array($config['installedpackages']['pfblockerng']))
unset($config['installedpackages']['pfblockerng']);
if (is_array($config['installedpackages']['pfblockerngglobal']))
@@ -2826,7 +2826,7 @@ function pfblockerng_php_deinstall_command() {
unset($config['installedpackages']['pfblockerngproxyandsatellite']);
}
- # Remove Widget (code from Snort deinstall)
+ // Remove Widget (code from Snort deinstall)
$pfb['widgets'] = $config['widgets']['sequence'];
if (!empty($pfb['widgets'])) {
$widgetlist = explode(",", $pfb['widgets']);
diff --git a/config/pfblockerng/pfblockerng.php b/config/pfblockerng/pfblockerng.php
index 194f4071..a3ff2105 100644
--- a/config/pfblockerng/pfblockerng.php
+++ b/config/pfblockerng/pfblockerng.php
@@ -146,7 +146,7 @@ function ip_range_to_subnet_array_temp($ip1, $ip2) {
return $out;
}
-# Set php Memory Limit
+// Set php Memory Limit
$uname = posix_uname();
if ($uname['machine'] == "amd64") {
ini_set('memory_limit', '256M');
@@ -226,7 +226,7 @@ if ($argv[1] == 'update') {
}
if ($argv[1] == 'dc') {
- # (Options - 'bu' Binary Update for Reputation/Alerts Page, 'all' for Country update and 'bu' options.
+ // (Options - 'bu' Binary Update for Reputation/Alerts Page, 'all' for Country update and 'bu' options.
if ($pfb['cc'] == "") {
exec("/bin/sh /usr/local/pkg/pfblockerng/geoipupdate.sh all >> {$pfb['geolog']} 2>&1");
} else {
@@ -275,7 +275,7 @@ if ($argv[1] == 'cron') {
$header_url = "{$row['header']}_v6";
}
- # Determine Folder Location for Alias (return array $pfbarr)
+ // Determine Folder Location for Alias (return array $pfbarr)
pfb_determine_list_detail($list['action'], "", "", "");
$pfbfolder = $pfbarr['folder'];
@@ -289,7 +289,7 @@ if ($argv[1] == 'cron') {
continue;
}
- # Check if List file exists, if not found run Update
+ // Check if List file exists, if not found run Update
if (!file_exists($pfbfolder . '/' . $header_url . '.txt')) {
$log = " Updates Found\n";
pfb_logger("{$log}","1");
@@ -353,7 +353,7 @@ if ($argv[1] == 'cron') {
pfb_logger("{$log}","1");
}
- # Call Log Mgmt Function
+ // Call Log Mgmt Function
// If Update GUI 'Manual view' is selected. Last output will be missed. So sleep for 5 secs.
sleep(5);
pfb_log_mgmt();
@@ -368,7 +368,7 @@ function pfblockerng_uc_countries() {
$maxmind_cc4 = "{$pfb['dbdir']}/GeoIPCountryWhois.csv";
$maxmind_cc6 = "{$pfb['dbdir']}/GeoIPv6.csv";
- # Create Folders if not Exist
+ // Create Folders if not Exist
$folder_array = array ("{$pfb['dbdir']}","{$pfb['logdir']}","{$pfb['ccdir']}");
foreach ($folder_array as $folder) {
safe_mkdir ("{$folder}",0755);
@@ -386,7 +386,7 @@ function pfblockerng_uc_countries() {
return;
}
- # Save Date/Time Stamp to MaxMind version file
+ // Save Date/Time Stamp to MaxMind version file
$maxmind_ver = "MaxMind GeoLite Date/Time Stamps \n\n";
$remote_tds = @implode(preg_grep("/Last-Modified/", get_headers("http://geolite.maxmind.com/download/geoip/database/GeoIPCountryCSV.zip")));
$maxmind_ver .= "MaxMind_v4 \t" . $remote_tds . "\n";
diff --git a/config/pfblockerng/pfblockerng.sh b/config/pfblockerng/pfblockerng.sh
index 9754d73c..fcfbcae1 100644
--- a/config/pfblockerng/pfblockerng.sh
+++ b/config/pfblockerng/pfblockerng.sh
@@ -723,7 +723,7 @@ if [ -s $pfborig$alias".gz" ]; then
esac
done <"$pfborig$alias.raw"
data=$(ls $etdir)
- echo "Compiling ET IP IQRisk REP Lists based upon User Selected Categories"
+ echo; echo "Compiling ET IP IQRisk REP Lists based upon User Selected Categories"
printf "%-10s %-25s\n" " Action" "Category"
echo "-------------------------------------------"
diff --git a/config/pfblockerng/pfblockerng_alerts.php b/config/pfblockerng/pfblockerng_alerts.php
index 25971ab5..bfb15c07 100644
--- a/config/pfblockerng/pfblockerng_alerts.php
+++ b/config/pfblockerng/pfblockerng_alerts.php
@@ -216,7 +216,7 @@ exec("/sbin/pfctl -vv -sr | grep 'pfB_'", $results);
if (!empty($results)) {
foreach ($results as $result) {
- # Find Rule Descriptions
+ // Find Rule Descriptions
$descr = "";
if (preg_match("/USER_RULE: (\w+)/",$result,$desc)) {
$descr = $desc[1];
@@ -225,7 +225,7 @@ if (!empty($results)) {
preg_match ("/@(\d+)\(/",$result, $rule);
$id = $rule[1];
- # Create array of Rule Description and pfctl Rule Number
+ // Create array of Rule Description and pfctl Rule Number
$rule_list['id'][] = $id;
$rule_list[$id]['name'] = $descr;
}
@@ -905,7 +905,7 @@ if (!empty($fields_array[$type]) && !empty($rule_list)) {
$country = substr(exec("$pathgeoip6 -f $pathgeoipdat6 $host"),26,2);
}
- # IP Query Grep Exclusion
+ // IP Query Grep Exclusion
$pfb_ex1 = "grep -v 'pfB\_\|\_v6\.txt'";
$pfb_ex2 = "grep -v 'pfB\_\|/32\|/24\|\_v6\.txt' | grep -m1 '/'";
@@ -967,7 +967,7 @@ if (!empty($fields_array[$type]) && !empty($rule_list)) {
$pfb_query = "No Match";
}
- # Split List Column into Two lines.
+ // Split List Column into Two lines.
unset ($pfb_match);
if ($pfb_query == "No Match") {
$pfb_match[1] = "{$pfb_query}";
diff --git a/config/pfblockerng/pfblockerng_log.php b/config/pfblockerng/pfblockerng_log.php
index 4c25ce29..a235f20a 100644
--- a/config/pfblockerng/pfblockerng_log.php
+++ b/config/pfblockerng/pfblockerng_log.php
@@ -52,13 +52,13 @@ require_once("/usr/local/pkg/pfblockerng/pfblockerng.inc");
pfb_global();
-# Get log files from directory
+// Get log files from directory
function getlogs($logdir, $log_extentions = array('log')) {
if (!is_array($log_extentions)) {
$log_extentions = array($log_extentions);
}
- # Get logfiles
+ // Get logfiles
$log_filenames = array();
foreach ($log_extentions as $extention) {
if ($extention <> '*') {
@@ -68,7 +68,7 @@ function getlogs($logdir, $log_extentions = array('log')) {
}
}
- # Convert to filenames only
+ // Convert to filenames only
if (count($log_filenames) > 0) {
$log_totalfiles = count($log_filenames);
for ($cnt = 0; $cnt < $log_totalfiles; $cnt++) {
@@ -76,18 +76,19 @@ function getlogs($logdir, $log_extentions = array('log')) {
}
}
- # Sort the filename
+ // Sort the filename
asort($log_filenames);
- # Done
+ // Done
return $log_filenames;
}
-# Define logtypes
-# name => Displayname of the type
-# ext => Log extentions (array for multiple extentions)
-# logdir=> Log directory
-# clear => Add clear button (TRUE/FALSE)
+/* Define logtypes:
+ name => Displayname of the type
+ ext => Log extentions (array for multiple extentions)
+ logdir => Log directory
+ clear => Add clear button (TRUE/FALSE) */
+
$pfb_logtypes = array( 'defaultlogs' => array('name' => 'Log Files',
'logdir' => "{$pfb['logdir']}/",
'logs' => array("pfblockerng.log", "error.log", "geoip.log", "maxmind_ver"),
@@ -153,7 +154,7 @@ $pfb_logtypes = array( 'defaultlogs' => array('name' => 'Log Files',
)
);
-# Check logtypes
+// Check logtypes
$logtypeid = 'defaultlogs';
if (isset($_POST['logtype'])) {
$logtypeid = $_POST['logtype'];
@@ -161,13 +162,13 @@ if (isset($_POST['logtype'])) {
$logtypeid = htmlspecialchars($_GET['logtype']);
}
-# Check if POST has been set
+// Check if POST has been set
if (isset($_POST['file'])) {
clearstatcache();
$pfb_logfilename = $_POST['file'];
$pfb_ext = pathinfo($pfb_logfilename, PATHINFO_EXTENSION);
- # Load log
+ // Load log
if ($_POST['action'] == 'load') {
if (!is_file($pfb_logfilename)) {
echo "|3|" . gettext("Log file is empty or does not exist") . ".|";
@@ -187,12 +188,12 @@ if (isset($_POST['file'])) {
if (isset($_POST['logFile'])) {
$s_logfile = $_POST['logFile'];
- # Clear selected file
+ // Clear selected file
if (isset($_POST['clear'])) {
unlink_if_exists($s_logfile);
}
- # Download log
+ // Download log
if (isset($_POST['download'])) {
if (file_exists($s_logfile)) {
ob_start(); //important or other posts will fail
diff --git a/config/pfblockerng/pfblockerng_update.php b/config/pfblockerng/pfblockerng_update.php
index 02a61505..e63d04dc 100644
--- a/config/pfblockerng/pfblockerng_update.php
+++ b/config/pfblockerng/pfblockerng_update.php
@@ -151,7 +151,7 @@ function pfb_cron_update($type) {
ob_flush();
flush();
fclose($f);
- # Call Log Mgmt Function
+ // Call Log Mgmt Function
pfb_log_mgmt();
die();
}