aboutsummaryrefslogtreecommitdiffstats
path: root/config/pfblockerng
diff options
context:
space:
mode:
Diffstat (limited to 'config/pfblockerng')
-rw-r--r--config/pfblockerng/pfblockerng.inc44
-rw-r--r--config/pfblockerng/pfblockerng.php524
-rw-r--r--config/pfblockerng/pfblockerng.priv.inc1
-rw-r--r--config/pfblockerng/pfblockerng.sh2
-rw-r--r--config/pfblockerng/pfblockerng.xml4
-rw-r--r--config/pfblockerng/pfblockerng_alerts.php5
-rw-r--r--config/pfblockerng/pfblockerng_log.php7
-rw-r--r--config/pfblockerng/pfblockerng_sync.xml4
-rw-r--r--config/pfblockerng/pfblockerng_top20.xml4
-rw-r--r--config/pfblockerng/pfblockerng_update.php5
-rw-r--r--config/pfblockerng/pfblockerng_v4lists.xml4
-rw-r--r--config/pfblockerng/pfblockerng_v6lists.xml4
12 files changed, 275 insertions, 333 deletions
diff --git a/config/pfblockerng/pfblockerng.inc b/config/pfblockerng/pfblockerng.inc
index 86052f6b..d612dbf1 100644
--- a/config/pfblockerng/pfblockerng.inc
+++ b/config/pfblockerng/pfblockerng.inc
@@ -56,12 +56,12 @@ function pfb_global() {
$pfb['aliasdir'] = "{$g['vardb_path']}/aliastables";
$pfb['logdir'] = "{$g['varlog_path']}/pfblockerng";
$pfb['etdir'] = "{$pfb['dbdir']}/ET";
- $pfb['ccdir'] = "{$pfb['dbdir']}/cc";
$pfb['nativedir'] = "{$pfb['dbdir']}/native";
$pfb['denydir'] = "{$pfb['dbdir']}/deny";
$pfb['matchdir'] = "{$pfb['dbdir']}/match";
$pfb['permitdir'] = "{$pfb['dbdir']}/permit";
$pfb['origdir'] = "{$pfb['dbdir']}/original";
+ $pfb['ccdir'] = "/usr/pbi/pfblockerng-" . php_uname("m") . "/share/GeoIP";
# Create Folders if not Exist.
$folder_array = array ("{$pfb['dbdir']}","{$pfb['logdir']}","{$pfb['ccdir']}","{$pfb['origdir']}","{$pfb['nativedir']}","{$pfb['denydir']}","{$pfb['matchdir']}","{$pfb['permitdir']}","{$pfb['aliasdir']}");
@@ -457,14 +457,15 @@ function sync_package_pfblockerng($cron = "") {
# Configure ARRAYS #
#############################################
- $continents = array ( "Africa" => "pfB_Africa",
- "Antartica" => "pfB_Antartica",
- "Asia" => "pfB_Asia",
- "Europe" => "pfB_Europe",
- "North America" => "pfB_NAmerica",
- "Oceania" => "pfB_Oceania",
- "South America" => "pfB_SAmerica",
- "Top Spammers" => "pfB_Top"
+ $continents = array ( "Africa" => "pfB_Africa",
+ "Antartica" => "pfB_Antartica",
+ "Asia" => "pfB_Asia",
+ "Europe" => "pfB_Europe",
+ "North America" => "pfB_NAmerica",
+ "Oceania" => "pfB_Oceania",
+ "South America" => "pfB_SAmerica",
+ "Top Spammers" => "pfB_Top",
+ "Proxy and Satellite" => "pfB_PS"
);
#create rules vars and arrays
@@ -1192,16 +1193,16 @@ function sync_package_pfblockerng($cron = "") {
$log_tab = "\t\t";
}
- # Collect Active Alias List (Used for pfctl Update when 'Reputation' is enabled.
- $pfb_alias_lists_all[] = "{$alias}";
-
// Empty Header Field Validation Check
- if (empty($header_url)) {
- $log = "\n [ {$row['url']} ] {$log_tab} Header Field cannot be Empty. *Skipping* \n";
+ if (empty($header_url) || preg_match("/\W/",$header_url)) {
+ $log = "\n [ {$row['url']} ]\n ** TERMINATED - Header contains Blank/International/Special or Spaces\n";
pfb_logger("{$log}","2");
continue;
}
+ # Collect Active Alias List (Used for pfctl Update when 'Reputation' is enabled.
+ $pfb_alias_lists_all[] = "{$alias}";
+
if (file_exists($pfbfolder . '/' . $header_url . '.txt') && $pfb['reuse'] == "") {
if ($row['state'] == "Hold") {
$log = "\n[ {$header_url} ] {$log_tab} Static Hold [ NOW ]\n";
@@ -2330,12 +2331,19 @@ function pfblockerng_php_install_command() {
global $config,$pfb;
pfb_global();
+ // Remove previously used CC folder location if exists
+ @rmdir_recursive("{$pfb['dbdir']}/cc");
+
# Uncompress Country Code File and delete Archive after extraction.
exec("cd /{$pfb['ccdir']}; /usr/bin/tar -jxvf {$pfb['ccdir']}/countrycodes.tar.bz2");
unlink_if_exists("{$pfb['ccdir']}/countrycodes.tar.bz2");
# Download MaxMind Files and Create Country Code files and Build Continent XML Files
update_output_window(gettext("Downloading MaxMind Country Databases. This may take a minute..."));
exec("/bin/sh /usr/local/pkg/pfblockerng/geoipupdate.sh all >> {$pfb['geolog']} 2>&1");
+
+ @rename("{$pfb['dbdir']}/GeoIP.dat", "{$pfb['ccdir']}/GeoIP.dat");
+ @rename("{$pfb['dbdir']}/GeoIPv6.dat", "{$pfb['ccdir']}/GeoIPv6.dat");
+
update_output_window(gettext("MaxMind Country Database downloads completed..."));
update_output_window(gettext("Converting MaxMind Country Databases for pfBlockerNG. This may take a few minutes..."));
pfblockerng_uc_countries();
@@ -2343,6 +2351,12 @@ function pfblockerng_php_install_command() {
pfblockerng_get_countries();
update_output_window(gettext("Completed Creating pfBlockerNG Continenet XML Files..."));
+ // Remove Original Maxmind Database Files
+ @unlink_if_exists("{$pfb['dbdir']}/GeoIPCountryCSV.zip");
+ @unlink_if_exists("{$pfb['dbdir']}/GeoIPCountryWhois.csv");
+ @unlink_if_exists("{$pfb['dbdir']}/GeoIPv6.csv");
+ @unlink_if_exists("{$pfb['dbdir']}/country_continent.csv");
+
# Add Widget to Dashboard
update_output_window(gettext("Adding pfBlockerNG Widget to Dashboard."));
if ($pfb['keep'] == "on" && !empty($pfb['widgets'])) {
@@ -2407,6 +2421,8 @@ function pfblockerng_php_deinstall_command() {
unset($config['installedpackages']['pfblockerngsouthamerica']);
if (is_array($config['installedpackages']['pfblockerngtopspammers']))
unset($config['installedpackages']['pfblockerngtopspammers']);
+ if (is_array($config['installedpackages']['pfblockerngproxyandsatellite']))
+ unset($config['installedpackages']['pfblockerngproxyandsatellite']);
}
# Remove Widget (code from Snort deinstall)
diff --git a/config/pfblockerng/pfblockerng.php b/config/pfblockerng/pfblockerng.php
index 20080aa4..1db36334 100644
--- a/config/pfblockerng/pfblockerng.php
+++ b/config/pfblockerng/pfblockerng.php
@@ -149,11 +149,12 @@ if ($uname['machine'] == "amd64")
function pfb_update_check($header_url, $list_url, $url_format) {
global $pfb;
+ $pfb['cron_update'] = FALSE;
if ($url_format == "rsync" || $url_format == "html") {
$log = "[ {$header_url} ]\n Skipping timestamp query\n";
pfb_logger("{$log}","1");
- return TRUE;
+ $pfb['cron_update'] = TRUE;
}
switch ($url_format) {
@@ -195,14 +196,23 @@ function pfb_update_check($header_url, $list_url, $url_format) {
$log = " Local timestamp: {$local_tds}\n";
pfb_logger("{$log}","1");
if ("{$remote_tds}" != "{$local_tds}") {
- return TRUE;
+ $pfb['cron_update'] = TRUE;
} else {
$log = " Remote file unchanged. Download Terminated\n";
pfb_logger("{$log}","1");
- return FALSE;
+ $pfb['cron_update'] = FALSE;
}
} else {
- return TRUE;
+ $pfb['cron_update'] = TRUE;
+ }
+
+ if ($pfb['cron_update']) {
+ // Trigger CRON Process if Updates are Found.
+ $pfb['update_cron'] = TRUE;
+
+ $log = " Updates Found\n";
+ pfb_logger("{$log}","1");
+ unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
}
}
@@ -233,6 +243,7 @@ if ($argv[1] == 'gc') {
if ($argv[1] == 'cron') {
$hour = date('H');
$dow = date('N');
+ $pfb['update_cron'] = FALSE;
# Start hour of the 'Once a day' Schedule
$pfb['dailystart'] = $config['installedpackages']['pfblockerng']['config'][0]['pfb_dailystart'];
@@ -344,101 +355,47 @@ if ($argv[1] == 'cron') {
if (!file_exists($pfbfolder . '/' . $header_url . '.txt')) {
$log = " Updates Found\n";
pfb_logger("{$log}","1");
- $updates++;
+ $pfb['update_cron'] = TRUE;
continue;
}
switch ($list_cron) {
case "01hour":
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
case "02hours":
- if (in_array($hour, $e_sch2)) {
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
- }
+ if (in_array($hour, $e_sch2))
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
case "03hours":
- if (in_array($hour, $e_sch3)) {
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
- }
+ if (in_array($hour, $e_sch3))
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
case "04hours":
- if (in_array($hour, $e_sch4)) {
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
- }
+ if (in_array($hour, $e_sch4))
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
case "06hours":
- if (in_array($hour, $e_sch6)) {
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
- }
+ if (in_array($hour, $e_sch6))
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
case "08hours":
- if (in_array($hour, $e_sch8)) {
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
- }
+ if (in_array($hour, $e_sch8))
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
case "12hours":
- if (in_array($hour, $e_sch12)) {
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
- }
+ if (in_array($hour, $e_sch12))
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
case "EveryDay":
- if ($hour == $pfb['dailystart']) {
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
- }
+ if ($hour == $pfb['dailystart'])
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
case "Weekly":
- if ($hour == $pfb['dailystart'] && $dow == $header_dow) {
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
- }
+ if ($hour == $pfb['dailystart'] && $dow == $header_dow)
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
- default: {
- }
+ default:
break;
}
}
@@ -448,7 +405,7 @@ if ($argv[1] == 'cron') {
}
}
- if ($updates > 0) {
+ if ($pfb['update_cron']) {
sync_package_pfblockerng("cron");
} else {
$log = "\n No Updates required. \n\n";
@@ -465,14 +422,14 @@ if ($argv[1] == 'cron') {
}
+// Function to process the downloaded Maxmind Database and format into Continent txt files.
function pfblockerng_uc_countries() {
-
global $g,$pfb;
pfb_global();
- $maxmind_cont = "{$pfb['dbdir']}/country_continent.csv";
- $maxmind_cc4 = "{$pfb['dbdir']}/GeoIPCountryWhois.csv";
- $maxmind_cc6 = "{$pfb['dbdir']}/GeoIPv6.csv";
+ $maxmind_cont = "{$pfb['dbdir']}/country_continent.csv";
+ $maxmind_cc4 = "{$pfb['dbdir']}/GeoIPCountryWhois.csv";
+ $maxmind_cc6 = "{$pfb['dbdir']}/GeoIPv6.csv";
# Create Folders if not Exist
$folder_array = array ("{$pfb['dbdir']}","{$pfb['logdir']}","{$pfb['ccdir']}");
@@ -505,13 +462,12 @@ function pfblockerng_uc_countries() {
$maxmind_ver .= "\nThese Timestamps should *match* \n";
@file_put_contents("{$pfb['logdir']}/maxmind_ver", $maxmind_ver);
-
// Collect ISO Codes for Each Continent
- $log = "Processing Continent Data \n";
+ $log = "Processing Continent Data\n";
print $log;
pfb_logger("{$log}","3");
- $cont_array = array ( array($AF),array($AS),array($EU),array($NA),array($OC),array($SA));
+ $cont_array = array ( array($AF),array($AS),array($EU),array($NA),array($OC),array($SA),array($AX));
if (($handle = fopen("{$maxmind_cont}",'r')) !== FALSE) {
while (($cc = fgetcsv($handle)) !== FALSE) {
@@ -560,244 +516,163 @@ function pfblockerng_uc_countries() {
unset($cc);
fclose($handle);
- // Collect Country ISO Data IPv4 and Sort to Continent Array
- $log = "Processing ISO IPv4 Continent/Country Data \n";
- print $log;
- pfb_logger("{$log}","3");
+ // Add Maxmind Anonymous Proxy and Satellite Providers to array
+ $cont_array[6]['continent'] = "Proxy and Satellite";
+ $cont_array[6]['iso'] = "A1,A2";
+ $cont_array[6]['file4'] = "{$pfb['ccdir']}/Proxy_Satellite_v4.txt";
+ $cont_array[6]['file6'] = "{$pfb['ccdir']}/Proxy_Satellite_v6.txt";
- if (($handle = fopen("{$maxmind_cc4}",'r')) !== FALSE) {
- while (($cc = fgetcsv($handle)) !== FALSE) {
-
- $ip1_key = $cc[0];
- $ip2_key = $cc[1];
- $var1_key = $cc[2];
- $var2_key = $cc[3];
- $cc_key = $cc[4];
- $country_key = $cc[5];
- $a_cidr = implode(",", ip_range_to_subnet_array_temp($cc[0],$cc[1]));
-
- $counter = 0;
- foreach ($cont_array as $iso) {
- if (preg_match("/\b$cc_key\b/", $iso['iso'])) {
- $cont_array[$counter][$cc_key]['ip4'] .= $a_cidr . ",";
- $cont_array[$counter][$cc_key]['country'] = $country_key;
- continue;
- }
- $counter++;
- }
- }
- }
- unset($cc);
- fclose($handle);
+ // Collect Country ISO data and sort to Continent arrays (IPv4 and IPv6)
+ foreach (array("4", "6") as $type) {
+ $log = "Processing ISO IPv{$type} Continent/Country Data\n";
+ print $log;
+ pfb_logger("{$log}","3");
- // Build Continent IPv4 CIDR Files
- $counter = 0;
- foreach ($cont_array as $iso) {
- $header = "";
- $pfb_file = "";
- $iso_key = "";
- $header .= "# Generated from MaxMind Inc. on: " . date("m/d/y G:i:s", time()) . "\n";
- $header .= "# Continent IPv4: " . $cont_array[$counter]['continent'] . "\n";
- $pfb_file = $cont_array[$counter]['file4'];
- $iso_key = array_keys($iso);
- foreach ($iso_key as $key) {
- if (preg_match("/[A-Z]{2}/", $key)) {
- $header .= "# Country: " . $iso[$key]['country'] . "\n";
- $header .= "# ISO Code: " . $key . "\n";
- $header .= "# Total Networks: " . substr_count($iso[$key]['ip4'], ",") . "\n";
- $header .= str_replace(",", "\n", $iso[$key]['ip4']);
- $iso[$key]['ip4'] = "";
- }
+ if ($type == "4") {
+ $maxmind_cc = "{$pfb['dbdir']}/GeoIPCountryWhois.csv";
+ } else {
+ $maxmind_cc = "{$pfb['dbdir']}/GeoIPv6.csv";
}
- $counter++;
- @file_put_contents($pfb_file, $header, LOCK_EX);
- }
-
-
- // Collect Country ISO Data IPv6 and Sort to Continent Array
- $log = "Processing ISO IPv6 Continent/Country Data \n";
- print $log;
- pfb_logger("{$log}","3");
-
- if (($handle = fopen("{$maxmind_cc6}",'r')) !== FALSE) {
- while (($cc = fgetcsv($handle)) !== FALSE) {
-
- $ip1_key = $cc[0];
- $ip2_key = $cc[1];
- $var1_key = $cc[2];
- $var2_key = $cc[3];
- $cc_key = $cc[4];
- $country_key = $cc[5];
- $a_cidr = implode(",", ip_range_to_subnet_array_temp($cc[0],$cc[1]));
-
- $counter = 0;
- foreach ($cont_array as $iso) {
- if (preg_match("/\b$cc_key\b/", $iso['iso'])) {
- $cont_array[$counter][$cc_key]['ip6'] .= $a_cidr . ",";
- continue;
+ $iptype = "ip{$type}";
+ $filetype = "file{$type}";
+
+ if (($handle = fopen("{$maxmind_cc}",'r')) !== FALSE) {
+ while (($cc = fgetcsv($handle)) !== FALSE) {
+ $cc_key = $cc[4];
+ $country_key = $cc[5];
+ $a_cidr = implode(",", ip_range_to_subnet_array_temp($cc[0],$cc[1]));
+ $counter = 0;
+ foreach ($cont_array as $iso) {
+ if (preg_match("/\b$cc_key\b/", $iso['iso'])) {
+ $cont_array[$counter][$cc_key][$iptype] .= $a_cidr . ",";
+ $cont_array[$counter][$cc_key]['country'] = $country_key;
+ continue;
+ }
+ $counter++;
}
- $counter++;
}
}
- }
- unset($cc);
- fclose($handle);
-
- // Build Continent IPv6 Files
- $counter = 0;
- foreach ($cont_array as $iso) {
- $header = "";
- $pfb_file = "";
- $iso_key = "";
-
- $header .= "# Generated from MaxMind Inc. on: " . date("m/d/y G:i:s", time()) . "\n";
- $header .= "# Continent IPv6: " . $cont_array[$counter]['continent'] . "\n";
- $pfb_file = $cont_array[$counter]['file6'];
- $iso_key = array_keys($iso);
- foreach ($iso_key as $key) {
- if (preg_match("/[A-Z]{2}/", $key)) {
- $header .= "# Country: " . $iso[$key]['country'] . "\n";
- $header .= "# ISO Code: " . $key . "\n";
- $header .= "# Total Networks: " . substr_count($iso[$key]['ip6'], ",") . "\n";
- $header .= str_replace(",", "\n", $iso[$key]['ip6']);
- $iso[$key]['ip6'] = "";
+ unset($cc);
+ fclose($handle);
+
+ // Build Continent Files
+ $counter = 0;
+ foreach ($cont_array as $iso) {
+ $header = "";
+ $pfb_file = "";
+ $iso_key = "";
+ $header .= "# Generated from MaxMind Inc. on: " . date("m/d/y G:i:s", time()) . "\n";
+ $header .= "# Continent IPv{$type}: " . $cont_array[$counter]['continent'] . "\n";
+ $pfb_file = $cont_array[$counter][$filetype];
+ $iso_key = array_keys($iso);
+ foreach ($iso_key as $key) {
+ if (preg_match("/[A-Z]{2}|A1|A2/", $key)) {
+ $header .= "# Country: " . $iso[$key]['country'] . "\n";
+ $header .= "# ISO Code: " . $key . "\n";
+ $header .= "# Total Networks: " . substr_count($iso[$key][$iptype], ",") . "\n";
+ $header .= str_replace(",", "\n", $iso[$key][$iptype]);
+ $iso[$key][$iptype] = "";
+ }
}
+ $counter++;
+ @file_put_contents($pfb_file, $header, LOCK_EX);
}
- $counter++;
- @file_put_contents($pfb_file, $header, LOCK_EX);
}
- unset($cont_array);
}
+// Function to process Continent txt files and create Country ISO files and to Generate GUI XML files.
function pfblockerng_get_countries() {
-
global $g,$pfb;
pfb_global();
- # These arrays are used to collect the <option> tags for the XML Continent Files
- $roptions4 = array();
- $coptions4 = array();
- $roptions6 = array();
- $coptions6 = array();
-
- $files4 = array ( "Africa" => "{$pfb['ccdir']}/Africa_v4.txt",
- "Asia" => "{$pfb['ccdir']}/Asia_v4.txt",
- "Europe" => "{$pfb['ccdir']}/Europe_v4.txt",
- "North America" => "{$pfb['ccdir']}/North_America_v4.txt",
- "Oceania" => "{$pfb['ccdir']}/Oceania_v4.txt",
- "South America" => "{$pfb['ccdir']}/South_America_v4.txt"
+ $files = array ( "Africa" => "{$pfb['ccdir']}/Africa_v4.txt",
+ "Asia" => "{$pfb['ccdir']}/Asia_v4.txt",
+ "Europe" => "{$pfb['ccdir']}/Europe_v4.txt",
+ "North America" => "{$pfb['ccdir']}/North_America_v4.txt",
+ "Oceania" => "{$pfb['ccdir']}/Oceania_v4.txt",
+ "South America" => "{$pfb['ccdir']}/South_America_v4.txt",
+ "Proxy and Satellite" => "{$pfb['ccdir']}/Proxy_Satellite_v4.txt"
);
- # IPv4 Collect Data to generate new continent XML Files.
+ // Collect Data to generate new continent XML Files.
$log = "Building pfBlockerNG XML Files \n";
print $log;
pfb_logger("{$log}","3");
- foreach ($files4 as $cont => $file) {
- $log = "IPv4 " . $cont . "\n";
- print $log;
- pfb_logger("{$log}","3");
- $ips = file_get_contents($file);
- $convert = explode("\n", $ips);
- $cont_name = preg_replace("/ /","",$cont);
- $cont_name_lower = strtolower($cont_name);
- $active = array( "$cont" => '<active/>');
- $total4 = 0;
- $pfb['complete'] = FALSE;
-
- foreach ($convert as $line) {
- if (preg_match("/#/",$line)) {
- if ($pfb['complete']) {
- $coptions4[] = $Country . '-' . $ISOCode . ' ('. $total4 .') ' . ' </name><value>' . $ISOCode . '</value></option>';
- $roptions4[] = $Country . '-' . $ISOCode . ' ('. $total4 .') ' . ' </name><value>' . $ISOCode . '</value></option>';
-
- // Save ISO IPv4 Data
- @file_put_contents($pfb['ccdir'] . '/' . $ISOCode . '_v4.txt',$pfb_v4,LOCK_EX);
-
- // Clear Variables and Restart Continent Collection process
- $total4 = 0;
- $pfb_v4 = "";
- $pfb['complete'] = FALSE;
+ foreach ($files as $cont => $file) {
+ // Process the following for IPv4 and IPv6
+ foreach (array("4", "6") as $type) {
+ $log = "IPv{$type} " . $cont . "\n";
+ print $log;
+ pfb_logger("{$log}","3");
+
+ if ($type == "6")
+ $file = preg_replace("/v4/", "v6", $file);
+ $convert = explode("\n", file_get_contents($file));
+ $cont_name = preg_replace("/ /", "", $cont);
+ $cont_name_lower = strtolower($cont_name);
+ $active = array("$cont" => '<active/>');
+ $lastkey = count ($convert) - 1;
+ $pfb['complete'] = FALSE;
+ $keycount = 1;
+ $total = 0;
+
+ foreach ($convert as $line) {
+ if (preg_match("/#/",$line)) {
+ if ($pfb['complete']) {
+ ${'coptions' . $type}[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>';
+ ${'roptions' . $type}[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>';
+
+ // Save ISO data
+ @file_put_contents($pfb['ccdir'] . '/' . $isocode . '_v' . $type . '.txt', $xml_data, LOCK_EX);
+
+ // Clear variables and restart Continent collection process
+ unset($total, $xml_data);
+ $pfb['complete'] = FALSE;
+ }
+ if (preg_match("/Total Networks: 0/", $line)) { continue;} // Don't Display Countries with Null Data
+ if (preg_match("/Country:\s(.*)/",$line, $matches)) { $country = $matches[1];}
+ if (preg_match("/ISO Code:\s(.*)/",$line, $matches)) { $isocode = $matches[1];}
+ }
+ elseif (!preg_match("/#/",$line)) {
+ $total++;
+ if (!empty($line))
+ $xml_data .= $line . "\n";
+ $pfb['complete'] = TRUE;
}
- if (preg_match("/Country:\s(.*)/",$line, $matches)) { $Country = $matches[1];}
- if (preg_match("/ISO Code:\s(.*)/",$line, $matches)) { $ISOCode = $matches[1];}
- } elseif (!preg_match("/#/",$line)) {
- $total4++;
- if (!empty($line))
- $pfb_v4 .= $line . "\n";
- $pfb['complete'] = TRUE;
- }
- }
- unset ($ips, $convert);
-
- // Sort IPv4 Countries Alphabetically and Build XML <option> Data for Continents Tab
- sort($coptions4, SORT_STRING);
- $ftotal4 = count($coptions4);
- $count = 1;
- $options4 = "";
-
- foreach ($coptions4 as $option4) {
- if ($count == 1) { $options4 .= "\t" . '<option><name>' . $option4 . "\n"; $count++; continue;}
- if ($ftotal4 == $count) {
- $options4 .= "\t\t\t\t" . '<option><name>' . $option4;
- } else {
- $options4 .= "\t\t\t\t" . '<option><name>' . $option4 . "\n";
- }
- $count++;
- }
- unset ($coptions4);
- // IPv6 Collect Data to generate new continent XML Files.
- $file6 = preg_replace("/v4/", "v6", $file);
- $ips = file_get_contents($file6);
- $convert = explode("\n", $ips);
- $log = "IPv6 " . $cont . "\n";
- pfb_logger("{$log}","3");
- $total6 = 0;
- $pfb['complete'] = FALSE;
-
- foreach ($convert as $line) {
- if (preg_match("/#/",$line)) {
- if ($pfb['complete']) {
- $coptions6[] = $Country . '-' . $ISOCode . ' ('. $total6 .') ' . ' </name><value>' . $ISOCode . '</value></option>';
- $roptions6[] = $Country . '-' . $ISOCode . ' ('. $total6 .') ' . ' </name><value>' . $ISOCode . '</value></option>';
-
- // Save ISO IPv6 Data
- @file_put_contents($pfb['ccdir'] . '/' . $ISOCode . '_v6.txt',$pfb_v6,LOCK_EX);
-
- // Clear Variables and Restart Continent Collection process
- $total6 = 0;
- $pfb_v6 = "";
- $pfb['complete'] = FALSE;
+ // Save last EOF ISO IP data
+ if ($keycount == $lastkey) {
+ if (preg_match("/Total Networks: 0/", $line)) { continue;} // Dont Display Countries with Null Data
+ ${'coptions' . $type}[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>';
+ ${'roptions' . $type}[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>';
+ @file_put_contents($pfb['ccdir'] . '/' . $isocode . '_v' . $type . '.txt', $xml_data, LOCK_EX);
+ unset($total, $xml_data);
}
- if (preg_match("/Country:\s(.*)/",$line, $matches)) { $Country = $matches[1];}
- if (preg_match("/ISO Code:\s(.*)/",$line, $matches)) { $ISOCode = $matches[1];}
- } elseif (!preg_match("/#/",$line)) {
- $total6++;
- if (!empty($line))
- $pfb_v6 .= $line . "\n";
- $pfb['complete'] = TRUE;
+ $keycount++;
}
- }
-
- // Sort IPv6 Countries Alphabetically for Continents Tab
- sort($coptions6, SORT_STRING);
- $ftotal6 = count($coptions6);
- $count = 1;
- $options6 = "";
-
- foreach ($coptions6 as $option6) {
- if ($count == 1) { $options6 .= "\t" . '<option><name>' . $option6 . "\n"; $count++; continue;}
- if ($ftotal6 == $count) {
- $options6 .= "\t\t\t\t" . '<option><name>' . $option6;
- } else {
- $options6 .= "\t\t\t\t" . '<option><name>' . $option6 . "\n";
+ unset ($ips, $convert);
+
+ // Sort IP Countries alphabetically and build XML <option> data for Continents tab
+ if (!empty (${'coptions' . $type})) {
+ sort(${'coptions' . $type}, SORT_STRING);
+ ${'ftotal' . $type} = count(${'coptions' . $type});
+ $count = 1;
+ ${'options' . $type} = "";
+
+ foreach (${'coptions' . $type} as $option) {
+ if ($count == 1) { ${'options' . $type} .= "\t" . '<option><name>' . $option . "\n"; $count++; continue;}
+ if (${'ftotal' . $type} == $count) {
+ ${'options' . $type} .= "\t\t\t\t" . '<option><name>' . $option;
+ } else {
+ ${'options' . $type} .= "\t\t\t\t" . '<option><name>' . $option . "\n";
+ }
+ $count++;
+ }
}
- $count++;
+ unset (${'coptions' . $type});
}
- unset ($coptions6);
-
$xml = <<<EOF
<?xml version="1.0" encoding="utf-8" ?>
@@ -888,7 +763,6 @@ $xml = <<<EOF
<tab>
<text>Top 20</text>
<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_top20.xml&amp;id=0</url>
- {$active['top']}
</tab>
<tab>
<text>Africa</text>
@@ -921,6 +795,11 @@ $xml = <<<EOF
{$active['South America']}
</tab>
<tab>
+ <text>P.S.</text>
+ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&amp;id=0</url>
+ {$active['Proxy and Satellite']}
+ </tab>
+ <tab>
<text>Logs</text>
<url>/pfblockerng/pfblockerng_log.php</url>
</tab>
@@ -950,11 +829,17 @@ $xml = <<<EOF
</description>
<type>select</type>
<options>
- {$options4}
+ ${'options4'}
</options>
- <size>{$ftotal4}</size>
+ <size>${'ftotal4'}</size>
<multiple/>
</field>
+
+EOF;
+
+// Skip IPv6 when Null data found
+if (!empty (${'options6'})) {
+ $xml .= <<<EOF
<field>
<fielddescr><![CDATA[<br /><strong>IPv6</strong><br />Countries]]></fielddescr>
<fieldname>countries6</fieldname>
@@ -964,11 +849,16 @@ $xml = <<<EOF
</description>
<type>select</type>
<options>
- {$options6}
+ ${'options6'}
</options>
- <size>{$ftotal6}</size>
+ <size>${'ftotal6'}</size>
<multiple/>
</field>
+
+EOF;
+}
+
+$xml .= <<<EOF
<field>
<fielddescr>List Action</fielddescr>
<description><![CDATA[<br />Default : <strong>Disabled</strong><br /><br />
@@ -1062,19 +952,23 @@ $xml = <<<EOF
</packagegui>
EOF;
- // Update Each Continent XML file.
- @file_put_contents('/usr/local/pkg/pfblockerng/pfblockerng_'.$cont_name.'.xml',$xml,LOCK_EX);
+ // Update Each Continent XML file.
+ @file_put_contents('/usr/local/pkg/pfblockerng/pfblockerng_'.$cont_name.'.xml',$xml,LOCK_EX);
- } // End foreach 'Six Continents' Update XML Process
+ // Unset Arrays
+ unset (${'options4'}, ${'options6'}, $xml);
+ } // End foreach 'Six Continents and Proxy/Satellite' Update XML Process
// Sort Countries IPv4 Alphabetically and Build XML <option> Data for Reputation Tab (IPv6 not used by ET IQRisk)
- sort($roptions4, SORT_STRING);
- $eoa = count($roptions4);
+
+ $type = "4";
+ sort(${'roptions' . $type}, SORT_STRING);
+ $eoa = count(${'roptions' . $type});
$count = 1;
- $options4 = "";
+ $etoptions = "";
- foreach ($roptions4 as $option4) {
+ foreach (${'roptions' . $type} as $option4) {
if ($count == 1) { $et_options .= "\t" . '<option><name>' . $option4 . "\n"; $count++; continue; }
if ($eoa == $count) {
$et_options .= "\t\t\t\t" . '<option><name>' . $option4;
@@ -1084,10 +978,8 @@ EOF;
$count++;
}
-
// Update pfBlockerNG_Reputation.xml file with Country Code Changes
-
$xmlrep = <<<EOF
<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
@@ -1203,6 +1095,10 @@ $xmlrep = <<<EOF
<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&amp;id=0</url>
</tab>
<tab>
+ <text>P.S.</text>
+ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&amp;id=0</url>
+ </tab>
+ <tab>
<text>Logs</text>
<url>/pfblockerng/pfblockerng_log.php</url>
</tab>
@@ -1558,22 +1454,22 @@ $xmlrep = <<<EOF
</custom_php_resync_config_command>
</packagegui>
EOF;
- # Unset Arrays
- unset ($options4, $options6, $et_options);
-
$log = "Saving pfBlockerNG Reputation TAB \n";
print $log;
pfb_logger("{$log}","3");
// Save pfBlockerng_reputation.xml file
- @file_put_contents('/usr/local/pkg/pfblockerng/pfblockerng_reputation.xml',$xmlrep,LOCK_EX);
+ @file_put_contents('/usr/local/pkg/pfblockerng/pfblockerng_reputation.xml', $xmlrep, LOCK_EX);
+
$log = "\n Country Code - XML File Update completed.\n";
print $log;
pfb_logger("{$log}","3");
-
$now = date("m/d/y G.i:s", time());
$log = "Country Code Update Ended - [ NOW ]\n";
print "Country Code Update Ended - [ $now ]\n";
pfb_logger("{$log}","3");
+
+ // Unset Arrays
+ unset ($et_options, $xmlrep);
}
?> \ No newline at end of file
diff --git a/config/pfblockerng/pfblockerng.priv.inc b/config/pfblockerng/pfblockerng.priv.inc
index 092c34ae..970ab25f 100644
--- a/config/pfblockerng/pfblockerng.priv.inc
+++ b/config/pfblockerng/pfblockerng.priv.inc
@@ -17,6 +17,7 @@ $priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblocker
$priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblockerng/pfblockerng_NorthAmerica.xml*";
$priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblockerng/pfblockerng_Oceania.xml*";
$priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblockerng/pfblockerng_SouthAmerica.xml*";
+$priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblockerng/pfblockerng_ProxyandSatellite.xml*";
$priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblockerng/pfblockerng_sync.xml*";
$priv_list['page-firewall-pfblockerng']['match'][] = "pfblockerng/pfblockerng_update.php*";
$priv_list['page-firewall-pfblockerng']['match'][] = "pfblockerng/pfblockerng_alerts.php*";
diff --git a/config/pfblockerng/pfblockerng.sh b/config/pfblockerng/pfblockerng.sh
index c09d52e1..cc11be6b 100644
--- a/config/pfblockerng/pfblockerng.sh
+++ b/config/pfblockerng/pfblockerng.sh
@@ -35,7 +35,7 @@ etblock=$(echo $8 | sed 's/,/, /g')
etmatch=$(echo $9 | sed 's/,/, /g')
# File Locations
-pathgeoipdat=/var/db/pfblockerng/GeoIP.dat
+pathgeoipdat=/usr/pbi/pfblockerng-$mtype/share/GeoIP/GeoIP.dat
pfbsuppression=/var/db/pfblockerng/pfbsuppression.txt
masterfile=/var/db/pfblockerng/masterfile
mastercat=/var/db/pfblockerng/mastercat
diff --git a/config/pfblockerng/pfblockerng.xml b/config/pfblockerng/pfblockerng.xml
index 9442bc7f..e2f4b508 100644
--- a/config/pfblockerng/pfblockerng.xml
+++ b/config/pfblockerng/pfblockerng.xml
@@ -199,6 +199,10 @@
<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&amp;id=0</url>
</tab>
<tab>
+ <text>P.S.</text>
+ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&amp;id=0</url>
+ </tab>
+ <tab>
<text>Logs</text>
<url>/pfblockerng/pfblockerng_log.php</url>
</tab>
diff --git a/config/pfblockerng/pfblockerng_alerts.php b/config/pfblockerng/pfblockerng_alerts.php
index 541d1e03..7b84bca8 100644
--- a/config/pfblockerng/pfblockerng_alerts.php
+++ b/config/pfblockerng/pfblockerng_alerts.php
@@ -53,8 +53,8 @@ $pathgeoip6 = "/usr/pbi/pfblockerng-" . php_uname("m") . "/bin/geoiplookup6";
// Define File Locations
$filter_logfile = "{$g['varlog_path']}/filter.log";
-$pathgeoipdat = "{$pfb['dbdir']}/GeoIP.dat";
-$pathgeoipdat6 = "{$pfb['dbdir']}/GeoIPv6.dat";
+$pathgeoipdat = "/usr/pbi/pfblockerng-" . php_uname("m") . "/share/GeoIP/GeoIP.dat";
+$pathgeoipdat6 = "/usr/pbi/pfblockerng-" . php_uname("m") . "/share/GeoIP/GeoIPv6.dat";
// Emerging Threats IQRisk Header Name Reference
$pfb['et_header'] = TRUE;
@@ -334,6 +334,7 @@ if ($savemsg) {
$tab_array[] = array(gettext("N.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_NorthAmerica.xml&id=0");
$tab_array[] = array(gettext("Oceania"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_Oceania.xml&id=0");
$tab_array[] = array(gettext("S.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&id=0");
+ $tab_array[] = array(gettext("P.S."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&id=0");
$tab_array[] = array(gettext("Logs"), false, "/pfblockerng/pfblockerng_log.php");
$tab_array[] = array(gettext("Sync"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_sync.xml&id=0");
display_top_tabs($tab_array, true);
diff --git a/config/pfblockerng/pfblockerng_log.php b/config/pfblockerng/pfblockerng_log.php
index 39f9eb06..74f513a2 100644
--- a/config/pfblockerng/pfblockerng_log.php
+++ b/config/pfblockerng/pfblockerng_log.php
@@ -144,6 +144,12 @@ $pfb_logtypes = array( 'defaultlogs' => array('name' => 'Log Files',
'logdir' => "{$pfb['etdir']}/",
'download' => TRUE,
'clear' => FALSE
+ ),
+ 'country' => array('name' => 'Country Files',
+ 'ext' => 'txt',
+ 'logdir' => "{$pfb['ccdir']}/",
+ 'download' => TRUE,
+ 'clear' => FALSE
)
);
@@ -288,6 +294,7 @@ if ($savemsg) {
$tab_array[] = array(gettext("N.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_NorthAmerica.xml&id=0");
$tab_array[] = array(gettext("Oceania"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_Oceania.xml&id=0");
$tab_array[] = array(gettext("S.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&id=0");
+ $tab_array[] = array(gettext("P.S."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&id=0");
$tab_array[] = array(gettext("Logs"), true, "/pfblockerng/pfblockerng_log.php");
$tab_array[] = array(gettext("Sync"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_sync.xml&id=0");
display_top_tabs($tab_array, true);
diff --git a/config/pfblockerng/pfblockerng_sync.xml b/config/pfblockerng/pfblockerng_sync.xml
index 856af2f4..00186af8 100644
--- a/config/pfblockerng/pfblockerng_sync.xml
+++ b/config/pfblockerng/pfblockerng_sync.xml
@@ -112,6 +112,10 @@
<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&amp;id=0</url>
</tab>
<tab>
+ <text>P.S.</text>
+ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&amp;id=0</url>
+ </tab>
+ <tab>
<text>Logs</text>
<url>/pfblockerng/pfblockerng_log.php</url>
</tab>
diff --git a/config/pfblockerng/pfblockerng_top20.xml b/config/pfblockerng/pfblockerng_top20.xml
index 4974c488..ccaf68a0 100644
--- a/config/pfblockerng/pfblockerng_top20.xml
+++ b/config/pfblockerng/pfblockerng_top20.xml
@@ -113,6 +113,10 @@
<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&amp;id=0</url>
</tab>
<tab>
+ <text>P.S.</text>
+ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&amp;id=0</url>
+ </tab>
+ <tab>
<text>Logs</text>
<url>/pfblockerng/pfblockerng_log.php</url>
</tab>
diff --git a/config/pfblockerng/pfblockerng_update.php b/config/pfblockerng/pfblockerng_update.php
index dc0fab85..99480900 100644
--- a/config/pfblockerng/pfblockerng_update.php
+++ b/config/pfblockerng/pfblockerng_update.php
@@ -128,7 +128,7 @@ function pfb_cron_update($type) {
while (!feof($f)) {
$pfb_buffer = fread($f, 2048);
- $pfb_output .= str_replace( "\r", "", $pfb_buffer);
+ $pfb_output .= str_replace( array ("\r", "\")"), "", $pfb_buffer);
// Refresh on new lines only. This allows Scrolling.
if ($lastpos != $lastpos_old)
@@ -184,6 +184,7 @@ include_once("head.inc");
$tab_array[] = array(gettext("N.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_NorthAmerica.xml&id=0");
$tab_array[] = array(gettext("Oceania"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_Oceania.xml&id=0");
$tab_array[] = array(gettext("S.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&id=0");
+ $tab_array[] = array(gettext("P.S."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&id=0");
$tab_array[] = array(gettext("Logs"), false, "/pfblockerng/pfblockerng_log.php");
$tab_array[] = array(gettext("Sync"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_sync.xml&id=0");
display_top_tabs($tab_array, true);
@@ -378,7 +379,7 @@ if (isset($_POST['pfbview'])) {
while (!feof($f)) {
$pfb_buffer = fread($f, 4096);
- $pfb_output .= str_replace( "\r", "", $pfb_buffer);
+ $pfb_output .= str_replace( array ("\r", "\")"), "", $pfb_buffer);
// Refresh on new lines only. This allows scrolling.
if ($lastpos != $lastpos_old) {
diff --git a/config/pfblockerng/pfblockerng_v4lists.xml b/config/pfblockerng/pfblockerng_v4lists.xml
index ce92f4be..6df839ed 100644
--- a/config/pfblockerng/pfblockerng_v4lists.xml
+++ b/config/pfblockerng/pfblockerng_v4lists.xml
@@ -116,6 +116,10 @@
<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&amp;id=0</url>
</tab>
<tab>
+ <text>P.S.</text>
+ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&amp;id=0</url>
+ </tab>
+ <tab>
<text>Logs</text>
<url>/pfblockerng/pfblockerng_log.php</url>
</tab>
diff --git a/config/pfblockerng/pfblockerng_v6lists.xml b/config/pfblockerng/pfblockerng_v6lists.xml
index 6f507057..15d788cf 100644
--- a/config/pfblockerng/pfblockerng_v6lists.xml
+++ b/config/pfblockerng/pfblockerng_v6lists.xml
@@ -116,6 +116,10 @@
<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&amp;id=0</url>
</tab>
<tab>
+ <text>P.S.</text>
+ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&amp;id=0</url>
+ </tab>
+ <tab>
<text>Logs</text>
<url>/pfblockerng/pfblockerng_log.php</url>
</tab>