aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/pfblockerng/countrycodes.tar.bz2bin841191 -> 841191 bytes
-rw-r--r--config/pfblockerng/pfblockerng.php17
-rw-r--r--config/pfblockerng/pfblockerng.xml76
-rw-r--r--config/pfblockerng/pfblockerng_alerts.php15
-rw-r--r--config/pfblockerng/pfblockerng_sync.xml17
-rw-r--r--config/pfblockerng/pfblockerng_top20.xml4
-rw-r--r--config/pfblockerng/pfblockerng_v4lists.xml4
-rw-r--r--config/pfblockerng/pfblockerng_v6lists.xml4
8 files changed, 51 insertions, 86 deletions
diff --git a/config/pfblockerng/countrycodes.tar.bz2 b/config/pfblockerng/countrycodes.tar.bz2
index 0884a882..afebf58a 100644
--- a/config/pfblockerng/countrycodes.tar.bz2
+++ b/config/pfblockerng/countrycodes.tar.bz2
Binary files differ
diff --git a/config/pfblockerng/pfblockerng.php b/config/pfblockerng/pfblockerng.php
index 79f6c108..20080aa4 100644
--- a/config/pfblockerng/pfblockerng.php
+++ b/config/pfblockerng/pfblockerng.php
@@ -879,11 +879,11 @@ $xml = <<<EOF
</tab>
<tab>
<text>IPv4</text>
- <url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml</url>
+ <url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&amp;id=0</url>
</tab>
<tab>
<text>IPv6</text>
- <url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml</url>
+ <url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&amp;id=0</url>
</tab>
<tab>
<text>Top 20</text>
@@ -936,7 +936,7 @@ $xml = <<<EOF
</field>
<field>
<fielddescr>LINKS</fielddescr>
- <fieldname>none</fieldname>
+ <fieldname></fieldname>
<description><![CDATA[<a href="/firewall_aliases.php">Firewall Alias</a> &nbsp;&nbsp;&nbsp; <a href="/firewall_rules.php">Firewall Rules</a> &nbsp;&nbsp;&nbsp; <a href="diag_logs_filter.php">Firewall Logs</a>]]>
</description>
<type>info</type>
@@ -1168,11 +1168,11 @@ $xmlrep = <<<EOF
</tab>
<tab>
<text>IPv4</text>
- <url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml</url>
+ <url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&amp;id=0</url>
</tab>
<tab>
<text>IPv6</text>
- <url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml</url>
+ <url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&amp;id=0</url>
</tab>
<tab>
<text>Top 20</text>
@@ -1218,14 +1218,14 @@ $xmlrep = <<<EOF
</field>
<field>
<fielddescr>LINKS</fielddescr>
- <fieldname>none</fieldname>
+ <fieldname></fieldname>
<description><![CDATA[<a href="/firewall_aliases.php">Firewall Alias</a> &nbsp;&nbsp;&nbsp; <a href="/firewall_rules.php">Firewall Rules</a> &nbsp;&nbsp;&nbsp; <a href="diag_logs_filter.php">Firewall Logs</a>]]>
</description>
<type>info</type>
</field>
<field>
<fielddescr><![CDATA[<strong>Why Reputation Matters:</strong>]]></fielddescr>
- <fieldname>why</fieldname>
+ <fieldname></fieldname>
<type>info</type>
<description><![CDATA[By Enabling '<strong>Reputation</strong>', each Blocklist will be analyzed for Repeat Offenders in each IP Range.
<ul>Example: &nbsp;&nbsp; x.x.x.1, x.x.x.2, x.x.x.3, x.x.x.4, x.x.x.5<br />
@@ -1237,7 +1237,8 @@ $xmlrep = <<<EOF
Its Important to select a Broad Range of Blocklists that cover different types of Malicious Activity.<br /><br />
You *may* experience some False Positives. Add any False Positive IPs manually to the<br />
<strong>pfBlockerNGSuppress Alias</strong> or use the "+" suppression Icon in the Alerts TAB<br /><br />
- To help mitigate False Positives 'Countries' can be '<strong>Excluded</strong>' from this Process. (Refer to Country Code Settings)]]>
+ To help mitigate False Positives 'Countries' can be '<strong>Excluded</strong>' from this Process. (Refer to Country Code Settings)
+ <br /><br />Enabling <strong>De-Duplication</strong> is highly recommended before utilizing 'Reputation' processes.]]>
</description>
</field>
<field>
diff --git a/config/pfblockerng/pfblockerng.xml b/config/pfblockerng/pfblockerng.xml
index a8517a30..9442bc7f 100644
--- a/config/pfblockerng/pfblockerng.xml
+++ b/config/pfblockerng/pfblockerng.xml
@@ -55,11 +55,16 @@
<menu>
<name>pfBlockerNG</name>
<configfile>pfblockerng.xml</configfile>
- <tooltiptext>Configure pfblockerNG</tooltiptext>
+ <tooltiptext>Configure pfBlockerNG</tooltiptext>
<section>Firewall</section>
<url>/pkg_edit.php?xml=pfblockerng.xml</url>
</menu>
<additional_files_needed>
+ <item>https://packages.pfsense.org/packages/config/pfblockerng/pfblockerng.priv.inc</item>
+ <prefix>/etc/inc/priv/</prefix>
+ <chmod>0644</chmod>
+ </additional_files_needed>
+ <additional_files_needed>
<item>https://packages.pfsense.org/packages/config/pfblockerng/pfblockerng.inc</item>
<prefix>/usr/local/pkg/pfblockerng/</prefix>
<chmod>0644</chmod>
@@ -125,62 +130,7 @@
<chmod>0644</chmod>
</additional_files_needed>
<additional_files_needed>
- <item>https://packages.pfsense.org/packages/config/pfblockerng/cc/Africa_v4.txt</item>
- <prefix>/var/db/pfblockerng/cc/</prefix>
- <chmod>0444</chmod>
- </additional_files_needed>
- <additional_files_needed>
- <item>https://packages.pfsense.org/packages/config/pfblockerng/cc/Africa_v6.txt</item>
- <prefix>/var/db/pfblockerng/cc/</prefix>
- <chmod>0444</chmod>
- </additional_files_needed>
- <additional_files_needed>
- <item>https://packages.pfsense.org/packages/config/pfblockerng/cc/Asia_v4.txt</item>
- <prefix>/var/db/pfblockerng/cc/</prefix>
- <chmod>0444</chmod>
- </additional_files_needed>
- <additional_files_needed>
- <item>https://packages.pfsense.org/packages/config/pfblockerng/cc/Asia_v6.txt</item>
- <prefix>/var/db/pfblockerng/cc/</prefix>
- <chmod>0444</chmod>
- </additional_files_needed>
- <additional_files_needed>
- <item>https://packages.pfsense.org/packages/config/pfblockerng/cc/Europe_v4.txt</item>
- <prefix>/var/db/pfblockerng/cc/</prefix>
- <chmod>0444</chmod>
- </additional_files_needed>
- <additional_files_needed>
- <item>https://packages.pfsense.org/packages/config/pfblockerng/cc/Europe_v6.txt</item>
- <prefix>/var/db/pfblockerng/cc/</prefix>
- <chmod>0444</chmod>
- </additional_files_needed>
- <additional_files_needed>
- <item>https://packages.pfsense.org/packages/config/pfblockerng/cc/North_America_v4.txt</item>
- <prefix>/var/db/pfblockerng/cc/</prefix>
- <chmod>0444</chmod>
- </additional_files_needed>
- <additional_files_needed>
- <item>https://packages.pfsense.org/packages/config/pfblockerng/cc/North_America_v6.txt</item>
- <prefix>/var/db/pfblockerng/cc/</prefix>
- <chmod>0444</chmod>
- </additional_files_needed>
- <additional_files_needed>
- <item>https://packages.pfsense.org/packages/config/pfblockerng/cc/Oceania_v4.txt</item>
- <prefix>/var/db/pfblockerng/cc/</prefix>
- <chmod>0444</chmod>
- </additional_files_needed>
- <additional_files_needed>
- <item>https://packages.pfsense.org/packages/config/pfblockerng/cc/Oceania_v6.txt</item>
- <prefix>/var/db/pfblockerng/cc/</prefix>
- <chmod>0444</chmod>
- </additional_files_needed>
- <additional_files_needed>
- <item>https://packages.pfsense.org/packages/config/pfblockerng/cc/South_America_v4.txt</item>
- <prefix>/var/db/pfblockerng/cc/</prefix>
- <chmod>0444</chmod>
- </additional_files_needed>
- <additional_files_needed>
- <item>https://packages.pfsense.org/packages/config/pfblockerng/cc/South_America_v6.txt</item>
+ <item>https://packages.pfsense.org/packages/config/pfblockerng/countrycodes.tar.bz2</item>
<prefix>/var/db/pfblockerng/cc/</prefix>
<chmod>0444</chmod>
</additional_files_needed>
@@ -214,11 +164,11 @@
</tab>
<tab>
<text>IPv4</text>
- <url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml</url>
+ <url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&amp;id=0</url>
</tab>
<tab>
<text>IPv6</text>
- <url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml</url>
+ <url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&amp;id=0</url>
</tab>
<tab>
<text>Top20</text>
@@ -264,7 +214,7 @@
</field>
<field>
<fielddescr>LINKS</fielddescr>
- <fieldname>none</fieldname>
+ <fieldname></fieldname>
<description><![CDATA[<a href="/firewall_aliases.php">Firewall Alias</a> &nbsp;&nbsp;&nbsp; <a href="/firewall_rules.php">Firewall Rules</a> &nbsp;&nbsp;&nbsp; <a href="diag_logs_filter.php">Firewall Logs</a>]]></description>
<type>info</type>
</field>
@@ -356,7 +306,7 @@
</options>
</field>
<field>
- <fielddescr>Remove Duplication</fielddescr>
+ <fielddescr>Enable De-Duplication</fielddescr>
<fieldname>enable_dup</fieldname>
<type>checkbox</type>
<description>Only for IPv4 Lists</description>
@@ -414,7 +364,7 @@
<field>
<fielddescr>Inbound Interface(s)</fielddescr>
<fieldname>inbound_interface</fieldname>
- <description><![CDATA[Default: <strong>WAN</strong><br />Select the interface(s) you want to Apply Rules to]]></description>
+ <description>Select the Inbound interface(s) you want to Apply Auto Rules to</description>
<type>interfaces_selection</type>
<hideinterfaceregex>loopback</hideinterfaceregex>
<required/>
@@ -434,7 +384,7 @@
<field>
<fielddescr>Outbound Interface(s)</fielddescr>
<fieldname>outbound_interface</fieldname>
- <description><![CDATA[Default:<strong>LAN</strong> or none.<br />Select the interface(s) you want to Apply Rules to]]></description>
+ <description>Select the Outbound interface(s) you want to Apply Auto Rules to</description>
<type>interfaces_selection</type>
<hideinterfaceregex>loopback</hideinterfaceregex>
<required/>
diff --git a/config/pfblockerng/pfblockerng_alerts.php b/config/pfblockerng/pfblockerng_alerts.php
index 1b54f8f2..541d1e03 100644
--- a/config/pfblockerng/pfblockerng_alerts.php
+++ b/config/pfblockerng/pfblockerng_alerts.php
@@ -143,9 +143,14 @@ if (isset($_POST['addsuppress'])) {
$ip = $_POST['ip'];
$table = $_POST['table'];
$descr = $_POST['descr'];
- if (empty($descr))
- $descr = sprintf(gettext("Entry added %s"), date('r'));
$cidr = $_POST['cidr'];
+
+ // If Description or CIDR field is empty, exit.
+ if (empty($descr) || empty($cidr)) {
+ header("Location: " . $_SERVER['PHP_SELF']);
+ exit;
+ }
+
if (is_ipaddr($ip)) {
$savemsg1 = "Host IP address {$ip}";
@@ -730,8 +735,10 @@ function hostruleid(host,table) {
var description = prompt("Please enter Suppression Description");
document.getElementById("descr").value = description;
- var cidr = prompt("Please enter CIDR [ 32 or 24 CIDR only supported ]","32");
- document.getElementById("cidr").value = cidr;
+ if (description.value != "") {
+ var cidr = prompt("Please enter CIDR [ 32 or 24 CIDR only supported ]","32");
+ document.getElementById("cidr").value = cidr;
+ }
}
// Auto-Resolve of Alerted Hostnames
diff --git a/config/pfblockerng/pfblockerng_sync.xml b/config/pfblockerng/pfblockerng_sync.xml
index 06ea40db..856af2f4 100644
--- a/config/pfblockerng/pfblockerng_sync.xml
+++ b/config/pfblockerng/pfblockerng_sync.xml
@@ -77,11 +77,11 @@
</tab>
<tab>
<text>IPv4</text>
- <url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml</url>
+ <url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&amp;id=0</url>
</tab>
<tab>
<text>IPv6</text>
- <url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml</url>
+ <url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&amp;id=0</url>
</tab>
<tab>
<text>Top 20</text>
@@ -190,21 +190,28 @@
</options>
</rowhelperfield>
<rowhelperfield>
- <fielddescr>IP-Address</fielddescr>
+ <fielddescr>Target IP Address</fielddescr>
<fieldname>varsyncipaddress</fieldname>
<description><![CDATA[IP Address of the destination host.]]></description>
<type>input</type>
<size>15</size>
</rowhelperfield>
<rowhelperfield>
- <fielddescr>Port</fielddescr>
+ <fielddescr>Target Port</fielddescr>
<fieldname>varsyncport</fieldname>
<description><![CDATA[Choose the sync port of the destination host.]]></description>
<type>input</type>
<size>3</size>
</rowhelperfield>
<rowhelperfield>
- <fielddescr>Admin Password</fielddescr>
+ <fielddescr>Target Username (admin)</fielddescr>
+ <fieldname>varsyncusername</fieldname>
+ <description><![CDATA[Enter the Username Account for Authentication]]></description>
+ <type>input</type>
+ <size>15</size>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>Target Password</fielddescr>
<fieldname>varsyncpassword</fieldname>
<description><![CDATA[Password of the user "admin" on the destination host.]]></description>
<type>password</type>
diff --git a/config/pfblockerng/pfblockerng_top20.xml b/config/pfblockerng/pfblockerng_top20.xml
index 7d2cf033..4974c488 100644
--- a/config/pfblockerng/pfblockerng_top20.xml
+++ b/config/pfblockerng/pfblockerng_top20.xml
@@ -77,11 +77,11 @@
</tab>
<tab>
<text>IPv4</text>
- <url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml</url>
+ <url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&amp;id=0</url>
</tab>
<tab>
<text>IPv6</text>
- <url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml</url>
+ <url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&amp;id=0</url>
</tab>
<tab>
<text>Top 20</text>
diff --git a/config/pfblockerng/pfblockerng_v4lists.xml b/config/pfblockerng/pfblockerng_v4lists.xml
index 17f1a14d..ce92f4be 100644
--- a/config/pfblockerng/pfblockerng_v4lists.xml
+++ b/config/pfblockerng/pfblockerng_v4lists.xml
@@ -80,12 +80,12 @@
</tab>
<tab>
<text>IPv4</text>
- <url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml</url>
+ <url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&amp;id=0</url>
<active/>
</tab>
<tab>
<text>IPv6</text>
- <url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml</url>
+ <url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&amp;id=0</url>
</tab>
<tab>
<text>Top 20</text>
diff --git a/config/pfblockerng/pfblockerng_v6lists.xml b/config/pfblockerng/pfblockerng_v6lists.xml
index 2a381451..6f507057 100644
--- a/config/pfblockerng/pfblockerng_v6lists.xml
+++ b/config/pfblockerng/pfblockerng_v6lists.xml
@@ -80,11 +80,11 @@
</tab>
<tab>
<text>IPv4</text>
- <url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml</url>
+ <url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&amp;id=0</url>
</tab>
<tab>
<text>IPv6</text>
- <url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml</url>
+ <url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&amp;id=0</url>
<active/>
</tab>
<tab>