diff options
Diffstat (limited to 'config/pfblockerng')
-rw-r--r-- | config/pfblockerng/pfblockerng.inc | 19 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng.php | 6 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng.xml | 2 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng_install.inc | 9 | ||||
-rw-r--r-- | config/pfblockerng/pfblockerng_top20.xml | 3 |
5 files changed, 22 insertions, 17 deletions
diff --git a/config/pfblockerng/pfblockerng.inc b/config/pfblockerng/pfblockerng.inc index c0e81b27..7bfc6f0e 100644 --- a/config/pfblockerng/pfblockerng.inc +++ b/config/pfblockerng/pfblockerng.inc @@ -198,9 +198,9 @@ function pfb_global() { $pfb['24hour'] = $pfb['config']['pfb_dailystart']; // Start hour of the 'Once a day' schedule $pfb['iplocal'] = $config['interfaces']['lan']['ipaddr']; // Lan IP address $pfb['dnsbl'] = $pfb['dnsblconfig']['pfb_dnsbl']; // Enabled state of DNSBL - $pfb['dnsbl_port'] = $pfb['dnsblconfig']['pfb_dnsport'] ?: ''; // Lighttpd web server http port setting - $pfb['dnsbl_port_ssl'] = $pfb['dnsblconfig']['pfb_dnsport_ssl']?: ''; // Lighttpd web server https port setting - $pfb['dnsbl_alexa'] = $pfb['dnsblconfig']['alexa_enable']; // Alexa whitelist + $pfb['dnsbl_port'] = $pfb['dnsblconfig']['pfb_dnsport']; // Lighttpd web server http port setting + $pfb['dnsbl_port_ssl'] = $pfb['dnsblconfig']['pfb_dnsport_ssl']; // Lighttpd web server https port setting + $pfb['dnsbl_alexa'] = $pfb['dnsblconfig']['alexa_enable']; // Alexa whitelist // Restore previous download on failure (default to 'on') $pfb['restore'] = $pfb['config']['restore_feed'] != '' ? $pfb['config']['restore_feed'] : 'on'; @@ -236,6 +236,7 @@ pfb_global(); // DNSBL Lighttpd HTTPS Daemon (Scans Lighttpd dnsbl_error.log for requested https domain names) if ($argv[1] == 'dnsbl') { + set_time_limit(0); pfb_livetail($pfb['dnserrlog'], 'dnsbl'); exit; } @@ -1325,7 +1326,7 @@ function pfb_download_failure($alias, $header, $pfbfolder, $vtype, $list_url) { // Query Firewall aliastables $result = find_reported_header($ip, "{$pfbfolder}/*", TRUE); if (!empty($result)) { - $log = " [ {$ip} ] Firewall IP block found in: [ {$result} ]\n"; + $log = " [ {$ip} ] Firewall IP block found in: [ {$result[1]} | {$result[0]} ]\n"; pfb_logger("{$log}", 2); $pfbfound = TRUE; } @@ -1778,7 +1779,7 @@ function sync_package_pfblockerng($cron='') { log_error('[pfBlockerNG] Sync terminated during boot process.'); return; } - syslog(LOG_NOTICE, '[pfBlockerNG] Starting sync process.'); + syslog(LOG_NOTICE, '[pfBlockerNG] Starting cron process.'); // Reloads existing lists without downloading new lists when defined 'on' $pfb['reuse'] = $pfb['config']['pfb_reuse']; @@ -4119,7 +4120,8 @@ function sync_package_pfblockerng($cron='') { $log = "\n===[ Aliastables / Rules ]================================\n\n"; pfb_logger("{$log}", 1); - $log = "Firewall Rule Changes found, Applying Filter Reload\n"; + $log = "Firewall rule changes found, applying Filter Reload\n"; + syslog(LOG_NOTICE, "[pfBlockerNG] {$log}"); pfb_logger("{$log}", 1); } @@ -4142,7 +4144,8 @@ function sync_package_pfblockerng($cron='') { $log = "\n\n===[ Aliastables / Rules ]==========================================\n\n"; pfb_logger("{$log}", 1); - $log = "No Changes to Firewall Rules, Skipping Filter Reload\n"; + $log = "No changes to Firewall rules, skipping Filter Reload\n"; + syslog(LOG_NOTICE, "[pfBlockerNG] {$log}"); pfb_logger("{$log}", 1); // Only Save Aliases that have been updated. @@ -4777,4 +4780,4 @@ function pfblockerng_do_xmlrpc_sync($sync_to_ip, $port, $protocol, $username, $p } return $success; } -?> +?>
\ No newline at end of file diff --git a/config/pfblockerng/pfblockerng.php b/config/pfblockerng/pfblockerng.php index 8a368d2e..c88e85a5 100644 --- a/config/pfblockerng/pfblockerng.php +++ b/config/pfblockerng/pfblockerng.php @@ -47,7 +47,7 @@ require_once('services.inc'); require_once('/usr/local/pkg/pfblockerng/pfblockerng.inc'); require_once('/usr/local/pkg/pfblockerng/pfblockerng_extra.inc'); // 'include functions' not yet merged into pfSense -global $config, $pfb; +global $config, $g, $pfb; // Extras - MaxMind/Alexa Download URLs/filenames/settings $pfb['extras'][0]['url'] = 'http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz'; @@ -406,7 +406,7 @@ function pfblockerng_sync_cron() { // Function to process the downloaded MaxMind database and format into Continent txt files. function pfblockerng_uc_countries() { - global $pfb; + global $g, $pfb; $maxmind_cont = "{$pfb['geoipshare']}/country_continent.csv"; $maxmind_cc4 = "{$pfb['geoipshare']}/GeoIPCountryWhois.csv"; @@ -564,7 +564,7 @@ function pfblockerng_uc_countries() { // Function to process Continent txt files and create Country ISO files and to Generate GUI XML files. function pfblockerng_get_countries() { - global $pfb; + global $g, $pfb; $files = array ( 'Africa' => "{$pfb['ccdir']}/Africa_v4.txt", 'Asia' => "{$pfb['ccdir']}/Asia_v4.txt", diff --git a/config/pfblockerng/pfblockerng.xml b/config/pfblockerng/pfblockerng.xml index c7f2c068..9e371e9b 100644 --- a/config/pfblockerng/pfblockerng.xml +++ b/config/pfblockerng/pfblockerng.xml @@ -48,7 +48,7 @@ <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> <name>pfblockerng</name> - <version>2.0</version> + <version>2.0.3</version> <title>pfBlockerNG: General Settings</title> <include_file>/usr/local/pkg/pfblockerng/pfblockerng.inc</include_file> <addedit_string>pfBlockerNG: Save General Settings</addedit_string> diff --git a/config/pfblockerng/pfblockerng_install.inc b/config/pfblockerng/pfblockerng_install.inc index 5f4a6986..54d0c374 100644 --- a/config/pfblockerng/pfblockerng_install.inc +++ b/config/pfblockerng/pfblockerng_install.inc @@ -34,7 +34,7 @@ require_once('/usr/local/pkg/pfblockerng/pfblockerng.inc'); require_once('/usr/local/www/pfblockerng/pfblockerng.php'); -global $config, $pfb, $static_output; +global $config, $g, $pfb, $static_output; pfb_global(); function update_static_output($text) { @@ -184,6 +184,7 @@ unlink_if_exists('/usr/local/sbin/lighttpd_pfb'); link('/usr/local/sbin/lighttpd', '/usr/local/sbin/lighttpd_pfb'); update_static_output(" done.\nCreating DNSBL web server start-up script..."); +$pfb['dnsbl_conf'] = '/var/unbound/pfb_dnsbl_lighty.conf'; $rc = array(); $rc['file'] = 'dnsbl.sh'; $rc['start'] = <<<EOF @@ -255,7 +256,7 @@ debug.log-condition-handling = "enable" \$SERVER["socket"] == "0.0.0.0:{$pfb['dnsbl_port_ssl']}" { ssl.engine = "enable" - ssl.pemfile = "{$pfb['dnsbl_cert']}" + ssl.pemfile = "/var/unbound/dnsbl_cert.pem" ssl.use-sslv2 = "disable" ssl.use-sslv3 = "disable" ssl.honor-cipher-order = "enable" @@ -273,7 +274,7 @@ EOF; update_static_output(" done.\n"); update_static_output("Starting DNSBL Service..."); - start_service('dnsbl'); + restart_service('dnsbl'); update_static_output(" done.\n"); } @@ -281,4 +282,4 @@ unset($g['pfblockerng_install']); // Remove 'Install flag' update_static_output("Custom commands completed ... "); return TRUE; -?>
\ No newline at end of file +?> diff --git a/config/pfblockerng/pfblockerng_top20.xml b/config/pfblockerng/pfblockerng_top20.xml index 6200a6a9..ed3354f1 100644 --- a/config/pfblockerng/pfblockerng_top20.xml +++ b/config/pfblockerng/pfblockerng_top20.xml @@ -282,6 +282,7 @@ <option><name>Alias Deny</name><value>Alias_Deny</value></option> <option><name>Alias Permit</name><value>Alias_Permit</value></option> <option><name>Alias Match</name><value>Alias_Match</value></option> + <option><name>Alias Native</name><value>Alias_Native</value></option> </options> </field> <field> @@ -394,4 +395,4 @@ sync_package_pfblockerng(); ]]> </custom_php_resync_config_command> -</packagegui>
\ No newline at end of file +</packagegui> |