aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/havp/antivirus.php2
-rw-r--r--config/havp/havp.inc2
-rw-r--r--config/havp/havp.xml10
-rw-r--r--config/havp/havp_avset.xml2
-rw-r--r--config/havp/havp_log.php2
-rwxr-xr-xconfig/openvpn-client-export/vpn_openvpn_export.php2
-rw-r--r--config/pfblockerng/pfblockerng.inc143
-rw-r--r--config/pfblockerng/pfblockerng.php524
-rw-r--r--config/pfblockerng/pfblockerng.priv.inc1
-rw-r--r--config/pfblockerng/pfblockerng.sh2
-rw-r--r--config/pfblockerng/pfblockerng.xml4
-rw-r--r--config/pfblockerng/pfblockerng_alerts.php5
-rw-r--r--config/pfblockerng/pfblockerng_log.php7
-rw-r--r--config/pfblockerng/pfblockerng_sync.xml4
-rw-r--r--config/pfblockerng/pfblockerng_top20.xml4
-rw-r--r--config/pfblockerng/pfblockerng_update.php5
-rw-r--r--config/pfblockerng/pfblockerng_v4lists.xml4
-rw-r--r--config/pfblockerng/pfblockerng_v6lists.xml4
-rwxr-xr-xconfig/squid3/34/squid.inc9
-rw-r--r--config/squid3/34/squid.xml2
-rw-r--r--config/squidGuard/squidguard_configurator.inc6
-rw-r--r--config/suricata/suricata_global.php4
22 files changed, 390 insertions, 358 deletions
diff --git a/config/havp/antivirus.php b/config/havp/antivirus.php
index 0d66a6b3..bf5f1879 100644
--- a/config/havp/antivirus.php
+++ b/config/havp/antivirus.php
@@ -204,7 +204,7 @@ if (pfsense_version_A() == '1') {
$tab_array[] = array(gettext("General page"), true, "antivirus.php");
$tab_array[] = array(gettext("HTTP proxy"), false, "pkg_edit.php?xml=havp.xml&id=0");
$tab_array[] = array(gettext("Settings"), false, "pkg_edit.php?xml=havp_avset.xml&id=0");
- $tab_array[] = array(gettext("Log"), false, "havp_log.php");
+ $tab_array[] = array(gettext("HAVP Log"), false, "havp_log.php");
display_top_tabs($tab_array);
?>
diff --git a/config/havp/havp.inc b/config/havp/havp.inc
index 8118f695..1648bcb0 100644
--- a/config/havp/havp.inc
+++ b/config/havp/havp.inc
@@ -633,7 +633,7 @@ function havp_config_havp()
# log
$conf[] = "\n# log ";
$conf[] = "ACCESSLOG " . HVDEF_HAVP_ACCESSLOG;
- $conf[] = "ERRORLOG " . HVDEF_HAVP_ERRORLOG;
+ $conf[] = "ERRORLOG " . ($havp_config[F_LOG] === 'true' ? HVDEF_HAVP_ERRORLOG : "/dev/null");
# syslog
$conf[] = "\n# syslog";
$conf[] = "USESYSLOG {$havp_config[F_SYSLOG]}";
diff --git a/config/havp/havp.xml b/config/havp/havp.xml
index 51356862..f5afc2fe 100644
--- a/config/havp/havp.xml
+++ b/config/havp/havp.xml
@@ -56,7 +56,7 @@
<url>/pkg_edit.php?xml=havp_avset.xml&amp;id=0</url>
</tab>
<tab>
- <text>Log</text>
+ <text>HAVP Log</text>
<url>/havp_log.php</url>
</tab>
</tabs>
@@ -293,16 +293,16 @@
<default_value>on</default_value>
</field>
<field>
- <fielddescr>Log</fielddescr>
+ <fielddescr>HAVP Log</fielddescr>
<fieldname>log</fieldname>
- <description>Check this for enable log.</description>
+ <description>Check this for enable HAVP log.</description>
<type>checkbox</type>
<enablefields>syslog</enablefields>
</field>
<field>
- <fielddescr>Syslog</fielddescr>
+ <fielddescr>HAVP Syslog</fielddescr>
<fieldname>syslog</fieldname>
- <description>Check this for enable Syslog.</description>
+ <description>Check this for enable HAVP Syslog.</description>
<type>checkbox</type>
</field>
</fields>
diff --git a/config/havp/havp_avset.xml b/config/havp/havp_avset.xml
index 1b0d5c5d..041c6f64 100644
--- a/config/havp/havp_avset.xml
+++ b/config/havp/havp_avset.xml
@@ -24,7 +24,7 @@
<active/>
</tab>
<tab>
- <text>Log</text>
+ <text>HAVP Log</text>
<url>/havp_log.php</url>
</tab>
</tabs>
diff --git a/config/havp/havp_log.php b/config/havp/havp_log.php
index 60c02fbf..f4a2dc2e 100644
--- a/config/havp/havp_log.php
+++ b/config/havp/havp_log.php
@@ -79,7 +79,7 @@ include("head.inc");
$tab_array[] = array(gettext("General page"), false, "antivirus.php");
$tab_array[] = array(gettext("HTTP proxy"), false, "pkg_edit.php?xml=havp.xml&amp;id=0");
$tab_array[] = array(gettext("Settings"), false, "pkg_edit.php?xml=havp_avset.xml&amp;id=0");
- $tab_array[] = array(gettext("Log"), true, "havp_log.php");
+ $tab_array[] = array(gettext("HAVP Log"), true, "havp_log.php");
display_top_tabs($tab_array);
?>
</td></tr>
diff --git a/config/openvpn-client-export/vpn_openvpn_export.php b/config/openvpn-client-export/vpn_openvpn_export.php
index 12ce01d0..8703d2da 100755
--- a/config/openvpn-client-export/vpn_openvpn_export.php
+++ b/config/openvpn-client-export/vpn_openvpn_export.php
@@ -601,7 +601,7 @@ function useproxy_changed(obj) {
<td width="78%" class="vtable">
<select name="server" id="server" class="formselect" onchange="server_changed()">
<?php foreach($ras_server as & $server): ?>
- <option value="<?=$server['sindex'];?>"><?=$server['name'];?></option>
+ <option value="<?=$server['index'];?>"><?=$server['name'];?></option>
<?php endforeach; ?>
</select>
</td>
diff --git a/config/pfblockerng/pfblockerng.inc b/config/pfblockerng/pfblockerng.inc
index bc2ccfe1..d612dbf1 100644
--- a/config/pfblockerng/pfblockerng.inc
+++ b/config/pfblockerng/pfblockerng.inc
@@ -56,12 +56,12 @@ function pfb_global() {
$pfb['aliasdir'] = "{$g['vardb_path']}/aliastables";
$pfb['logdir'] = "{$g['varlog_path']}/pfblockerng";
$pfb['etdir'] = "{$pfb['dbdir']}/ET";
- $pfb['ccdir'] = "{$pfb['dbdir']}/cc";
$pfb['nativedir'] = "{$pfb['dbdir']}/native";
$pfb['denydir'] = "{$pfb['dbdir']}/deny";
$pfb['matchdir'] = "{$pfb['dbdir']}/match";
$pfb['permitdir'] = "{$pfb['dbdir']}/permit";
$pfb['origdir'] = "{$pfb['dbdir']}/original";
+ $pfb['ccdir'] = "/usr/pbi/pfblockerng-" . php_uname("m") . "/share/GeoIP";
# Create Folders if not Exist.
$folder_array = array ("{$pfb['dbdir']}","{$pfb['logdir']}","{$pfb['ccdir']}","{$pfb['origdir']}","{$pfb['nativedir']}","{$pfb['denydir']}","{$pfb['matchdir']}","{$pfb['permitdir']}","{$pfb['aliasdir']}");
@@ -240,6 +240,101 @@ function pfb_create_suppression_file() {
}
+// IPv6 Range to CIDR function used courtesey from:
+// https://github.com/stilez/pfsense-leases/blob/50cc0fa81dba5fe91bcddaea016c245d1b8479cc/etc/inc/util.inc
+function ip_range_to_subnet_array_temp2($ip1, $ip2) {
+
+ if (is_ipaddrv4($ip1) && is_ipaddrv4($ip2)) {
+ $proto = 'ipv4'; // for clarity
+ $bits = 32;
+ $ip1bin = decbin(ip2long32($ip1));
+ $ip2bin = decbin(ip2long32($ip2));
+ } elseif (is_ipaddrv6($ip1) && is_ipaddrv6($ip2)) {
+ $proto = 'ipv6';
+ $bits = 128;
+ $ip1bin = Net_IPv6::_ip2Bin($ip1);
+ $ip2bin = Net_IPv6::_ip2Bin($ip2);
+ } else
+ return array();
+
+ // it's *crucial* that binary strings are guaranteed the expected length; do this for certainty even though for IPv6 it's redundant
+ $ip1bin = str_pad($ip1bin, $bits, '0', STR_PAD_LEFT);
+ $ip2bin = str_pad($ip2bin, $bits, '0', STR_PAD_LEFT);
+
+ if ($ip1bin === $ip2bin)
+ return array($ip1 . '/' . $bits);
+
+ if (strcmp($ip1bin, $ip2bin) > 0)
+ list ($ip1bin, $ip2bin) = array($ip2bin, $ip1bin); // swap contents of ip1 <= ip2
+
+ $rangesubnets = array();
+ $netsize = 0;
+
+ do {
+ // at loop start, $ip1 is guaranteed strictly less than $ip2 (important for edge case trapping and preventing accidental binary wrapround)
+ // which means the assignments $ip1 += 1 and $ip2 -= 1 will always be "binary-wrapround-safe"
+
+ // step #1 if start ip (as shifted) ends in any '1's, then it must have a single cidr to itself (any cidr would include the '0' below it)
+
+ if (substr($ip1bin, -1, 1) == '1') {
+ // the start ip must be in a separate one-IP cidr range
+ $new_subnet_ip = substr($ip1bin, $netsize, $bits - $netsize) . str_repeat('0', $netsize);
+ $rangesubnets[$new_subnet_ip] = $bits - $netsize;
+ $n = strrpos($ip1bin, '0'); //can't be all 1's
+ $ip1bin = ($n == 0 ? '' : substr($ip1bin, 0, $n)) . '1' . str_repeat('0', $bits - $n - 1); // BINARY VERSION OF $ip1 += 1
+ }
+
+ // step #2, if end ip (as shifted) ends in any zeros then that must have a cidr to itself (as cidr cant span the 1->0 gap)
+
+ if (substr($ip2bin, -1, 1) == '0') {
+ // the end ip must be in a separate one-IP cidr range
+ $new_subnet_ip = substr($ip2bin, $netsize, $bits - $netsize) . str_repeat('0', $netsize);
+ $rangesubnets[$new_subnet_ip] = $bits - $netsize;
+ $n = strrpos($ip2bin, '1'); //can't be all 0's
+ $ip2bin = ($n == 0 ? '' : substr($ip2bin, 0, $n)) . '0' . str_repeat('1', $bits - $n - 1); // BINARY VERSION OF $ip2 -= 1
+ // already checked for the edge case where end = start+1 and start ends in 0x1, above, so it's safe
+ }
+
+ // this is the only edge case arising from increment/decrement.
+ // it happens if the range at start of loop is exactly 2 adjacent ips, that spanned the 1->0 gap. (we will have enumerated both by now)
+
+ if (strcmp($ip2bin, $ip1bin) < 0)
+ continue;
+
+ // step #3 the start and end ip MUST now end in '0's and '1's respectively
+ // so we have a non-trivial range AND the last N bits are no longer important for CIDR purposes.
+
+ $shift = $bits - max(strrpos($ip1bin, '0'), strrpos($ip2bin, '1')); // num of low bits which are '0' in ip1 and '1' in ip2
+ $ip1bin = str_repeat('0', $shift) . substr($ip1bin, 0, $bits - $shift);
+ $ip2bin = str_repeat('0', $shift) . substr($ip2bin, 0, $bits - $shift);
+ $netsize += $shift;
+ if ($ip1bin === $ip2bin) {
+ // we're done.
+ $new_subnet_ip = substr($ip1bin, $netsize, $bits - $netsize) . str_repeat('0', $netsize);
+ $rangesubnets[$new_subnet_ip] = $bits - $netsize;
+ continue;
+ }
+
+ // at this point there's still a remaining range, and either startip ends with '1', or endip ends with '0'. So repeat cycle.
+ } while (strcmp($ip1bin, $ip2bin) < 0);
+
+ // subnets are ordered by bit size. Re sort by IP ("naturally") and convert back to IPv4/IPv6
+
+ ksort($rangesubnets, SORT_STRING);
+ $out = array();
+
+ foreach ($rangesubnets as $ip => $netmask) {
+ if ($proto == 'ipv4') {
+ $i = str_split($ip, 8);
+ $out[] = implode('.', array( bindec($i[0]),bindec($i[1]),bindec($i[2]),bindec($i[3]))) . '/' . $netmask;
+ } else
+ $out[] = Net_IPv6::compress(Net_IPv6::_bin2Ip($ip)) . '/' . $netmask;
+ }
+
+ return $out;
+}
+
+
# Main pfBlockerNG Function
function sync_package_pfblockerng($cron = "") {
@@ -362,14 +457,15 @@ function sync_package_pfblockerng($cron = "") {
# Configure ARRAYS #
#############################################
- $continents = array ( "Africa" => "pfB_Africa",
- "Antartica" => "pfB_Antartica",
- "Asia" => "pfB_Asia",
- "Europe" => "pfB_Europe",
- "North America" => "pfB_NAmerica",
- "Oceania" => "pfB_Oceania",
- "South America" => "pfB_SAmerica",
- "Top Spammers" => "pfB_Top"
+ $continents = array ( "Africa" => "pfB_Africa",
+ "Antartica" => "pfB_Antartica",
+ "Asia" => "pfB_Asia",
+ "Europe" => "pfB_Europe",
+ "North America" => "pfB_NAmerica",
+ "Oceania" => "pfB_Oceania",
+ "South America" => "pfB_SAmerica",
+ "Top Spammers" => "pfB_Top",
+ "Proxy and Satellite" => "pfB_PS"
);
#create rules vars and arrays
@@ -1097,16 +1193,16 @@ function sync_package_pfblockerng($cron = "") {
$log_tab = "\t\t";
}
- # Collect Active Alias List (Used for pfctl Update when 'Reputation' is enabled.
- $pfb_alias_lists_all[] = "{$alias}";
-
// Empty Header Field Validation Check
- if (empty($header_url)) {
- $log = "\n [ {$row['url']} ] {$log_tab} Header Field cannot be Empty. *Skipping* \n";
+ if (empty($header_url) || preg_match("/\W/",$header_url)) {
+ $log = "\n [ {$row['url']} ]\n ** TERMINATED - Header contains Blank/International/Special or Spaces\n";
pfb_logger("{$log}","2");
continue;
}
+ # Collect Active Alias List (Used for pfctl Update when 'Reputation' is enabled.
+ $pfb_alias_lists_all[] = "{$alias}";
+
if (file_exists($pfbfolder . '/' . $header_url . '.txt') && $pfb['reuse'] == "") {
if ($row['state'] == "Hold") {
$log = "\n[ {$header_url} ] {$log_tab} Static Hold [ NOW ]\n";
@@ -1280,7 +1376,7 @@ function sync_package_pfblockerng($cron = "") {
foreach ($url_list as $line) {
# Network range 192.168.0.0-192.168.0.254
if (preg_match($pfb['range'],$line,$matches)) {
- $a_cidr = ip_range_to_subnet_array($matches[1],$matches[2]);
+ $a_cidr = ip_range_to_subnet_array_temp2($matches[1],$matches[2]);
if (!empty($a_cidr)) {
foreach ($a_cidr as $cidr) {
$new_file .= preg_replace($pfb_ipreg,'',$cidr) . "\n";
@@ -1498,7 +1594,7 @@ function sync_package_pfblockerng($cron = "") {
}
# Network range 192.168.0.0-192.168.0.254
elseif (preg_match($pfb['range'],$line,$matches)) {
- $a_cidr = ip_range_to_subnet_array($matches[1],$matches[2]);
+ $a_cidr = ip_range_to_subnet_array_temp2($matches[1],$matches[2]);
if (!empty($a_cidr)) {
foreach ($a_cidr as $cidr) {
$new_file .= preg_replace($pfb_ipreg, '',$cidr) . "\n";
@@ -2235,12 +2331,19 @@ function pfblockerng_php_install_command() {
global $config,$pfb;
pfb_global();
+ // Remove previously used CC folder location if exists
+ @rmdir_recursive("{$pfb['dbdir']}/cc");
+
# Uncompress Country Code File and delete Archive after extraction.
exec("cd /{$pfb['ccdir']}; /usr/bin/tar -jxvf {$pfb['ccdir']}/countrycodes.tar.bz2");
unlink_if_exists("{$pfb['ccdir']}/countrycodes.tar.bz2");
# Download MaxMind Files and Create Country Code files and Build Continent XML Files
update_output_window(gettext("Downloading MaxMind Country Databases. This may take a minute..."));
exec("/bin/sh /usr/local/pkg/pfblockerng/geoipupdate.sh all >> {$pfb['geolog']} 2>&1");
+
+ @rename("{$pfb['dbdir']}/GeoIP.dat", "{$pfb['ccdir']}/GeoIP.dat");
+ @rename("{$pfb['dbdir']}/GeoIPv6.dat", "{$pfb['ccdir']}/GeoIPv6.dat");
+
update_output_window(gettext("MaxMind Country Database downloads completed..."));
update_output_window(gettext("Converting MaxMind Country Databases for pfBlockerNG. This may take a few minutes..."));
pfblockerng_uc_countries();
@@ -2248,6 +2351,12 @@ function pfblockerng_php_install_command() {
pfblockerng_get_countries();
update_output_window(gettext("Completed Creating pfBlockerNG Continenet XML Files..."));
+ // Remove Original Maxmind Database Files
+ @unlink_if_exists("{$pfb['dbdir']}/GeoIPCountryCSV.zip");
+ @unlink_if_exists("{$pfb['dbdir']}/GeoIPCountryWhois.csv");
+ @unlink_if_exists("{$pfb['dbdir']}/GeoIPv6.csv");
+ @unlink_if_exists("{$pfb['dbdir']}/country_continent.csv");
+
# Add Widget to Dashboard
update_output_window(gettext("Adding pfBlockerNG Widget to Dashboard."));
if ($pfb['keep'] == "on" && !empty($pfb['widgets'])) {
@@ -2312,6 +2421,8 @@ function pfblockerng_php_deinstall_command() {
unset($config['installedpackages']['pfblockerngsouthamerica']);
if (is_array($config['installedpackages']['pfblockerngtopspammers']))
unset($config['installedpackages']['pfblockerngtopspammers']);
+ if (is_array($config['installedpackages']['pfblockerngproxyandsatellite']))
+ unset($config['installedpackages']['pfblockerngproxyandsatellite']);
}
# Remove Widget (code from Snort deinstall)
diff --git a/config/pfblockerng/pfblockerng.php b/config/pfblockerng/pfblockerng.php
index 20080aa4..1db36334 100644
--- a/config/pfblockerng/pfblockerng.php
+++ b/config/pfblockerng/pfblockerng.php
@@ -149,11 +149,12 @@ if ($uname['machine'] == "amd64")
function pfb_update_check($header_url, $list_url, $url_format) {
global $pfb;
+ $pfb['cron_update'] = FALSE;
if ($url_format == "rsync" || $url_format == "html") {
$log = "[ {$header_url} ]\n Skipping timestamp query\n";
pfb_logger("{$log}","1");
- return TRUE;
+ $pfb['cron_update'] = TRUE;
}
switch ($url_format) {
@@ -195,14 +196,23 @@ function pfb_update_check($header_url, $list_url, $url_format) {
$log = " Local timestamp: {$local_tds}\n";
pfb_logger("{$log}","1");
if ("{$remote_tds}" != "{$local_tds}") {
- return TRUE;
+ $pfb['cron_update'] = TRUE;
} else {
$log = " Remote file unchanged. Download Terminated\n";
pfb_logger("{$log}","1");
- return FALSE;
+ $pfb['cron_update'] = FALSE;
}
} else {
- return TRUE;
+ $pfb['cron_update'] = TRUE;
+ }
+
+ if ($pfb['cron_update']) {
+ // Trigger CRON Process if Updates are Found.
+ $pfb['update_cron'] = TRUE;
+
+ $log = " Updates Found\n";
+ pfb_logger("{$log}","1");
+ unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
}
}
@@ -233,6 +243,7 @@ if ($argv[1] == 'gc') {
if ($argv[1] == 'cron') {
$hour = date('H');
$dow = date('N');
+ $pfb['update_cron'] = FALSE;
# Start hour of the 'Once a day' Schedule
$pfb['dailystart'] = $config['installedpackages']['pfblockerng']['config'][0]['pfb_dailystart'];
@@ -344,101 +355,47 @@ if ($argv[1] == 'cron') {
if (!file_exists($pfbfolder . '/' . $header_url . '.txt')) {
$log = " Updates Found\n";
pfb_logger("{$log}","1");
- $updates++;
+ $pfb['update_cron'] = TRUE;
continue;
}
switch ($list_cron) {
case "01hour":
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
case "02hours":
- if (in_array($hour, $e_sch2)) {
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
- }
+ if (in_array($hour, $e_sch2))
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
case "03hours":
- if (in_array($hour, $e_sch3)) {
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
- }
+ if (in_array($hour, $e_sch3))
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
case "04hours":
- if (in_array($hour, $e_sch4)) {
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
- }
+ if (in_array($hour, $e_sch4))
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
case "06hours":
- if (in_array($hour, $e_sch6)) {
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
- }
+ if (in_array($hour, $e_sch6))
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
case "08hours":
- if (in_array($hour, $e_sch8)) {
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
- }
+ if (in_array($hour, $e_sch8))
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
case "12hours":
- if (in_array($hour, $e_sch12)) {
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
- }
+ if (in_array($hour, $e_sch12))
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
case "EveryDay":
- if ($hour == $pfb['dailystart']) {
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
- }
+ if ($hour == $pfb['dailystart'])
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
case "Weekly":
- if ($hour == $pfb['dailystart'] && $dow == $header_dow) {
- if (pfb_update_check($header_url, $list_url, $url_format)) {
- $log = " Updates Found\n";
- pfb_logger("{$log}","1");
- unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
- $updates++;
- }
- }
+ if ($hour == $pfb['dailystart'] && $dow == $header_dow)
+ pfb_update_check($header_url, $list_url, $url_format, $pfbfolder);
break;
- default: {
- }
+ default:
break;
}
}
@@ -448,7 +405,7 @@ if ($argv[1] == 'cron') {
}
}
- if ($updates > 0) {
+ if ($pfb['update_cron']) {
sync_package_pfblockerng("cron");
} else {
$log = "\n No Updates required. \n\n";
@@ -465,14 +422,14 @@ if ($argv[1] == 'cron') {
}
+// Function to process the downloaded Maxmind Database and format into Continent txt files.
function pfblockerng_uc_countries() {
-
global $g,$pfb;
pfb_global();
- $maxmind_cont = "{$pfb['dbdir']}/country_continent.csv";
- $maxmind_cc4 = "{$pfb['dbdir']}/GeoIPCountryWhois.csv";
- $maxmind_cc6 = "{$pfb['dbdir']}/GeoIPv6.csv";
+ $maxmind_cont = "{$pfb['dbdir']}/country_continent.csv";
+ $maxmind_cc4 = "{$pfb['dbdir']}/GeoIPCountryWhois.csv";
+ $maxmind_cc6 = "{$pfb['dbdir']}/GeoIPv6.csv";
# Create Folders if not Exist
$folder_array = array ("{$pfb['dbdir']}","{$pfb['logdir']}","{$pfb['ccdir']}");
@@ -505,13 +462,12 @@ function pfblockerng_uc_countries() {
$maxmind_ver .= "\nThese Timestamps should *match* \n";
@file_put_contents("{$pfb['logdir']}/maxmind_ver", $maxmind_ver);
-
// Collect ISO Codes for Each Continent
- $log = "Processing Continent Data \n";
+ $log = "Processing Continent Data\n";
print $log;
pfb_logger("{$log}","3");
- $cont_array = array ( array($AF),array($AS),array($EU),array($NA),array($OC),array($SA));
+ $cont_array = array ( array($AF),array($AS),array($EU),array($NA),array($OC),array($SA),array($AX));
if (($handle = fopen("{$maxmind_cont}",'r')) !== FALSE) {
while (($cc = fgetcsv($handle)) !== FALSE) {
@@ -560,244 +516,163 @@ function pfblockerng_uc_countries() {
unset($cc);
fclose($handle);
- // Collect Country ISO Data IPv4 and Sort to Continent Array
- $log = "Processing ISO IPv4 Continent/Country Data \n";
- print $log;
- pfb_logger("{$log}","3");
+ // Add Maxmind Anonymous Proxy and Satellite Providers to array
+ $cont_array[6]['continent'] = "Proxy and Satellite";
+ $cont_array[6]['iso'] = "A1,A2";
+ $cont_array[6]['file4'] = "{$pfb['ccdir']}/Proxy_Satellite_v4.txt";
+ $cont_array[6]['file6'] = "{$pfb['ccdir']}/Proxy_Satellite_v6.txt";
- if (($handle = fopen("{$maxmind_cc4}",'r')) !== FALSE) {
- while (($cc = fgetcsv($handle)) !== FALSE) {
-
- $ip1_key = $cc[0];
- $ip2_key = $cc[1];
- $var1_key = $cc[2];
- $var2_key = $cc[3];
- $cc_key = $cc[4];
- $country_key = $cc[5];
- $a_cidr = implode(",", ip_range_to_subnet_array_temp($cc[0],$cc[1]));
-
- $counter = 0;
- foreach ($cont_array as $iso) {
- if (preg_match("/\b$cc_key\b/", $iso['iso'])) {
- $cont_array[$counter][$cc_key]['ip4'] .= $a_cidr . ",";
- $cont_array[$counter][$cc_key]['country'] = $country_key;
- continue;
- }
- $counter++;
- }
- }
- }
- unset($cc);
- fclose($handle);
+ // Collect Country ISO data and sort to Continent arrays (IPv4 and IPv6)
+ foreach (array("4", "6") as $type) {
+ $log = "Processing ISO IPv{$type} Continent/Country Data\n";
+ print $log;
+ pfb_logger("{$log}","3");
- // Build Continent IPv4 CIDR Files
- $counter = 0;
- foreach ($cont_array as $iso) {
- $header = "";
- $pfb_file = "";
- $iso_key = "";
- $header .= "# Generated from MaxMind Inc. on: " . date("m/d/y G:i:s", time()) . "\n";
- $header .= "# Continent IPv4: " . $cont_array[$counter]['continent'] . "\n";
- $pfb_file = $cont_array[$counter]['file4'];
- $iso_key = array_keys($iso);
- foreach ($iso_key as $key) {
- if (preg_match("/[A-Z]{2}/", $key)) {
- $header .= "# Country: " . $iso[$key]['country'] . "\n";
- $header .= "# ISO Code: " . $key . "\n";
- $header .= "# Total Networks: " . substr_count($iso[$key]['ip4'], ",") . "\n";
- $header .= str_replace(",", "\n", $iso[$key]['ip4']);
- $iso[$key]['ip4'] = "";
- }
+ if ($type == "4") {
+ $maxmind_cc = "{$pfb['dbdir']}/GeoIPCountryWhois.csv";
+ } else {
+ $maxmind_cc = "{$pfb['dbdir']}/GeoIPv6.csv";
}
- $counter++;
- @file_put_contents($pfb_file, $header, LOCK_EX);
- }
-
-
- // Collect Country ISO Data IPv6 and Sort to Continent Array
- $log = "Processing ISO IPv6 Continent/Country Data \n";
- print $log;
- pfb_logger("{$log}","3");
-
- if (($handle = fopen("{$maxmind_cc6}",'r')) !== FALSE) {
- while (($cc = fgetcsv($handle)) !== FALSE) {
-
- $ip1_key = $cc[0];
- $ip2_key = $cc[1];
- $var1_key = $cc[2];
- $var2_key = $cc[3];
- $cc_key = $cc[4];
- $country_key = $cc[5];
- $a_cidr = implode(",", ip_range_to_subnet_array_temp($cc[0],$cc[1]));
-
- $counter = 0;
- foreach ($cont_array as $iso) {
- if (preg_match("/\b$cc_key\b/", $iso['iso'])) {
- $cont_array[$counter][$cc_key]['ip6'] .= $a_cidr . ",";
- continue;
+ $iptype = "ip{$type}";
+ $filetype = "file{$type}";
+
+ if (($handle = fopen("{$maxmind_cc}",'r')) !== FALSE) {
+ while (($cc = fgetcsv($handle)) !== FALSE) {
+ $cc_key = $cc[4];
+ $country_key = $cc[5];
+ $a_cidr = implode(",", ip_range_to_subnet_array_temp($cc[0],$cc[1]));
+ $counter = 0;
+ foreach ($cont_array as $iso) {
+ if (preg_match("/\b$cc_key\b/", $iso['iso'])) {
+ $cont_array[$counter][$cc_key][$iptype] .= $a_cidr . ",";
+ $cont_array[$counter][$cc_key]['country'] = $country_key;
+ continue;
+ }
+ $counter++;
}
- $counter++;
}
}
- }
- unset($cc);
- fclose($handle);
-
- // Build Continent IPv6 Files
- $counter = 0;
- foreach ($cont_array as $iso) {
- $header = "";
- $pfb_file = "";
- $iso_key = "";
-
- $header .= "# Generated from MaxMind Inc. on: " . date("m/d/y G:i:s", time()) . "\n";
- $header .= "# Continent IPv6: " . $cont_array[$counter]['continent'] . "\n";
- $pfb_file = $cont_array[$counter]['file6'];
- $iso_key = array_keys($iso);
- foreach ($iso_key as $key) {
- if (preg_match("/[A-Z]{2}/", $key)) {
- $header .= "# Country: " . $iso[$key]['country'] . "\n";
- $header .= "# ISO Code: " . $key . "\n";
- $header .= "# Total Networks: " . substr_count($iso[$key]['ip6'], ",") . "\n";
- $header .= str_replace(",", "\n", $iso[$key]['ip6']);
- $iso[$key]['ip6'] = "";
+ unset($cc);
+ fclose($handle);
+
+ // Build Continent Files
+ $counter = 0;
+ foreach ($cont_array as $iso) {
+ $header = "";
+ $pfb_file = "";
+ $iso_key = "";
+ $header .= "# Generated from MaxMind Inc. on: " . date("m/d/y G:i:s", time()) . "\n";
+ $header .= "# Continent IPv{$type}: " . $cont_array[$counter]['continent'] . "\n";
+ $pfb_file = $cont_array[$counter][$filetype];
+ $iso_key = array_keys($iso);
+ foreach ($iso_key as $key) {
+ if (preg_match("/[A-Z]{2}|A1|A2/", $key)) {
+ $header .= "# Country: " . $iso[$key]['country'] . "\n";
+ $header .= "# ISO Code: " . $key . "\n";
+ $header .= "# Total Networks: " . substr_count($iso[$key][$iptype], ",") . "\n";
+ $header .= str_replace(",", "\n", $iso[$key][$iptype]);
+ $iso[$key][$iptype] = "";
+ }
}
+ $counter++;
+ @file_put_contents($pfb_file, $header, LOCK_EX);
}
- $counter++;
- @file_put_contents($pfb_file, $header, LOCK_EX);
}
- unset($cont_array);
}
+// Function to process Continent txt files and create Country ISO files and to Generate GUI XML files.
function pfblockerng_get_countries() {
-
global $g,$pfb;
pfb_global();
- # These arrays are used to collect the <option> tags for the XML Continent Files
- $roptions4 = array();
- $coptions4 = array();
- $roptions6 = array();
- $coptions6 = array();
-
- $files4 = array ( "Africa" => "{$pfb['ccdir']}/Africa_v4.txt",
- "Asia" => "{$pfb['ccdir']}/Asia_v4.txt",
- "Europe" => "{$pfb['ccdir']}/Europe_v4.txt",
- "North America" => "{$pfb['ccdir']}/North_America_v4.txt",
- "Oceania" => "{$pfb['ccdir']}/Oceania_v4.txt",
- "South America" => "{$pfb['ccdir']}/South_America_v4.txt"
+ $files = array ( "Africa" => "{$pfb['ccdir']}/Africa_v4.txt",
+ "Asia" => "{$pfb['ccdir']}/Asia_v4.txt",
+ "Europe" => "{$pfb['ccdir']}/Europe_v4.txt",
+ "North America" => "{$pfb['ccdir']}/North_America_v4.txt",
+ "Oceania" => "{$pfb['ccdir']}/Oceania_v4.txt",
+ "South America" => "{$pfb['ccdir']}/South_America_v4.txt",
+ "Proxy and Satellite" => "{$pfb['ccdir']}/Proxy_Satellite_v4.txt"
);
- # IPv4 Collect Data to generate new continent XML Files.
+ // Collect Data to generate new continent XML Files.
$log = "Building pfBlockerNG XML Files \n";
print $log;
pfb_logger("{$log}","3");
- foreach ($files4 as $cont => $file) {
- $log = "IPv4 " . $cont . "\n";
- print $log;
- pfb_logger("{$log}","3");
- $ips = file_get_contents($file);
- $convert = explode("\n", $ips);
- $cont_name = preg_replace("/ /","",$cont);
- $cont_name_lower = strtolower($cont_name);
- $active = array( "$cont" => '<active/>');
- $total4 = 0;
- $pfb['complete'] = FALSE;
-
- foreach ($convert as $line) {
- if (preg_match("/#/",$line)) {
- if ($pfb['complete']) {
- $coptions4[] = $Country . '-' . $ISOCode . ' ('. $total4 .') ' . ' </name><value>' . $ISOCode . '</value></option>';
- $roptions4[] = $Country . '-' . $ISOCode . ' ('. $total4 .') ' . ' </name><value>' . $ISOCode . '</value></option>';
-
- // Save ISO IPv4 Data
- @file_put_contents($pfb['ccdir'] . '/' . $ISOCode . '_v4.txt',$pfb_v4,LOCK_EX);
-
- // Clear Variables and Restart Continent Collection process
- $total4 = 0;
- $pfb_v4 = "";
- $pfb['complete'] = FALSE;
+ foreach ($files as $cont => $file) {
+ // Process the following for IPv4 and IPv6
+ foreach (array("4", "6") as $type) {
+ $log = "IPv{$type} " . $cont . "\n";
+ print $log;
+ pfb_logger("{$log}","3");
+
+ if ($type == "6")
+ $file = preg_replace("/v4/", "v6", $file);
+ $convert = explode("\n", file_get_contents($file));
+ $cont_name = preg_replace("/ /", "", $cont);
+ $cont_name_lower = strtolower($cont_name);
+ $active = array("$cont" => '<active/>');
+ $lastkey = count ($convert) - 1;
+ $pfb['complete'] = FALSE;
+ $keycount = 1;
+ $total = 0;
+
+ foreach ($convert as $line) {
+ if (preg_match("/#/",$line)) {
+ if ($pfb['complete']) {
+ ${'coptions' . $type}[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>';
+ ${'roptions' . $type}[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>';
+
+ // Save ISO data
+ @file_put_contents($pfb['ccdir'] . '/' . $isocode . '_v' . $type . '.txt', $xml_data, LOCK_EX);
+
+ // Clear variables and restart Continent collection process
+ unset($total, $xml_data);
+ $pfb['complete'] = FALSE;
+ }
+ if (preg_match("/Total Networks: 0/", $line)) { continue;} // Don't Display Countries with Null Data
+ if (preg_match("/Country:\s(.*)/",$line, $matches)) { $country = $matches[1];}
+ if (preg_match("/ISO Code:\s(.*)/",$line, $matches)) { $isocode = $matches[1];}
+ }
+ elseif (!preg_match("/#/",$line)) {
+ $total++;
+ if (!empty($line))
+ $xml_data .= $line . "\n";
+ $pfb['complete'] = TRUE;
}
- if (preg_match("/Country:\s(.*)/",$line, $matches)) { $Country = $matches[1];}
- if (preg_match("/ISO Code:\s(.*)/",$line, $matches)) { $ISOCode = $matches[1];}
- } elseif (!preg_match("/#/",$line)) {
- $total4++;
- if (!empty($line))
- $pfb_v4 .= $line . "\n";
- $pfb['complete'] = TRUE;
- }
- }
- unset ($ips, $convert);
-
- // Sort IPv4 Countries Alphabetically and Build XML <option> Data for Continents Tab
- sort($coptions4, SORT_STRING);
- $ftotal4 = count($coptions4);
- $count = 1;
- $options4 = "";
-
- foreach ($coptions4 as $option4) {
- if ($count == 1) { $options4 .= "\t" . '<option><name>' . $option4 . "\n"; $count++; continue;}
- if ($ftotal4 == $count) {
- $options4 .= "\t\t\t\t" . '<option><name>' . $option4;
- } else {
- $options4 .= "\t\t\t\t" . '<option><name>' . $option4 . "\n";
- }
- $count++;
- }
- unset ($coptions4);
- // IPv6 Collect Data to generate new continent XML Files.
- $file6 = preg_replace("/v4/", "v6", $file);
- $ips = file_get_contents($file6);
- $convert = explode("\n", $ips);
- $log = "IPv6 " . $cont . "\n";
- pfb_logger("{$log}","3");
- $total6 = 0;
- $pfb['complete'] = FALSE;
-
- foreach ($convert as $line) {
- if (preg_match("/#/",$line)) {
- if ($pfb['complete']) {
- $coptions6[] = $Country . '-' . $ISOCode . ' ('. $total6 .') ' . ' </name><value>' . $ISOCode . '</value></option>';
- $roptions6[] = $Country . '-' . $ISOCode . ' ('. $total6 .') ' . ' </name><value>' . $ISOCode . '</value></option>';
-
- // Save ISO IPv6 Data
- @file_put_contents($pfb['ccdir'] . '/' . $ISOCode . '_v6.txt',$pfb_v6,LOCK_EX);
-
- // Clear Variables and Restart Continent Collection process
- $total6 = 0;
- $pfb_v6 = "";
- $pfb['complete'] = FALSE;
+ // Save last EOF ISO IP data
+ if ($keycount == $lastkey) {
+ if (preg_match("/Total Networks: 0/", $line)) { continue;} // Dont Display Countries with Null Data
+ ${'coptions' . $type}[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>';
+ ${'roptions' . $type}[] = $country . '-' . $isocode . ' ('. $total .') ' . ' </name><value>' . $isocode . '</value></option>';
+ @file_put_contents($pfb['ccdir'] . '/' . $isocode . '_v' . $type . '.txt', $xml_data, LOCK_EX);
+ unset($total, $xml_data);
}
- if (preg_match("/Country:\s(.*)/",$line, $matches)) { $Country = $matches[1];}
- if (preg_match("/ISO Code:\s(.*)/",$line, $matches)) { $ISOCode = $matches[1];}
- } elseif (!preg_match("/#/",$line)) {
- $total6++;
- if (!empty($line))
- $pfb_v6 .= $line . "\n";
- $pfb['complete'] = TRUE;
+ $keycount++;
}
- }
-
- // Sort IPv6 Countries Alphabetically for Continents Tab
- sort($coptions6, SORT_STRING);
- $ftotal6 = count($coptions6);
- $count = 1;
- $options6 = "";
-
- foreach ($coptions6 as $option6) {
- if ($count == 1) { $options6 .= "\t" . '<option><name>' . $option6 . "\n"; $count++; continue;}
- if ($ftotal6 == $count) {
- $options6 .= "\t\t\t\t" . '<option><name>' . $option6;
- } else {
- $options6 .= "\t\t\t\t" . '<option><name>' . $option6 . "\n";
+ unset ($ips, $convert);
+
+ // Sort IP Countries alphabetically and build XML <option> data for Continents tab
+ if (!empty (${'coptions' . $type})) {
+ sort(${'coptions' . $type}, SORT_STRING);
+ ${'ftotal' . $type} = count(${'coptions' . $type});
+ $count = 1;
+ ${'options' . $type} = "";
+
+ foreach (${'coptions' . $type} as $option) {
+ if ($count == 1) { ${'options' . $type} .= "\t" . '<option><name>' . $option . "\n"; $count++; continue;}
+ if (${'ftotal' . $type} == $count) {
+ ${'options' . $type} .= "\t\t\t\t" . '<option><name>' . $option;
+ } else {
+ ${'options' . $type} .= "\t\t\t\t" . '<option><name>' . $option . "\n";
+ }
+ $count++;
+ }
}
- $count++;
+ unset (${'coptions' . $type});
}
- unset ($coptions6);
-
$xml = <<<EOF
<?xml version="1.0" encoding="utf-8" ?>
@@ -888,7 +763,6 @@ $xml = <<<EOF
<tab>
<text>Top 20</text>
<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_top20.xml&amp;id=0</url>
- {$active['top']}
</tab>
<tab>
<text>Africa</text>
@@ -921,6 +795,11 @@ $xml = <<<EOF
{$active['South America']}
</tab>
<tab>
+ <text>P.S.</text>
+ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&amp;id=0</url>
+ {$active['Proxy and Satellite']}
+ </tab>
+ <tab>
<text>Logs</text>
<url>/pfblockerng/pfblockerng_log.php</url>
</tab>
@@ -950,11 +829,17 @@ $xml = <<<EOF
</description>
<type>select</type>
<options>
- {$options4}
+ ${'options4'}
</options>
- <size>{$ftotal4}</size>
+ <size>${'ftotal4'}</size>
<multiple/>
</field>
+
+EOF;
+
+// Skip IPv6 when Null data found
+if (!empty (${'options6'})) {
+ $xml .= <<<EOF
<field>
<fielddescr><![CDATA[<br /><strong>IPv6</strong><br />Countries]]></fielddescr>
<fieldname>countries6</fieldname>
@@ -964,11 +849,16 @@ $xml = <<<EOF
</description>
<type>select</type>
<options>
- {$options6}
+ ${'options6'}
</options>
- <size>{$ftotal6}</size>
+ <size>${'ftotal6'}</size>
<multiple/>
</field>
+
+EOF;
+}
+
+$xml .= <<<EOF
<field>
<fielddescr>List Action</fielddescr>
<description><![CDATA[<br />Default : <strong>Disabled</strong><br /><br />
@@ -1062,19 +952,23 @@ $xml = <<<EOF
</packagegui>
EOF;
- // Update Each Continent XML file.
- @file_put_contents('/usr/local/pkg/pfblockerng/pfblockerng_'.$cont_name.'.xml',$xml,LOCK_EX);
+ // Update Each Continent XML file.
+ @file_put_contents('/usr/local/pkg/pfblockerng/pfblockerng_'.$cont_name.'.xml',$xml,LOCK_EX);
- } // End foreach 'Six Continents' Update XML Process
+ // Unset Arrays
+ unset (${'options4'}, ${'options6'}, $xml);
+ } // End foreach 'Six Continents and Proxy/Satellite' Update XML Process
// Sort Countries IPv4 Alphabetically and Build XML <option> Data for Reputation Tab (IPv6 not used by ET IQRisk)
- sort($roptions4, SORT_STRING);
- $eoa = count($roptions4);
+
+ $type = "4";
+ sort(${'roptions' . $type}, SORT_STRING);
+ $eoa = count(${'roptions' . $type});
$count = 1;
- $options4 = "";
+ $etoptions = "";
- foreach ($roptions4 as $option4) {
+ foreach (${'roptions' . $type} as $option4) {
if ($count == 1) { $et_options .= "\t" . '<option><name>' . $option4 . "\n"; $count++; continue; }
if ($eoa == $count) {
$et_options .= "\t\t\t\t" . '<option><name>' . $option4;
@@ -1084,10 +978,8 @@ EOF;
$count++;
}
-
// Update pfBlockerNG_Reputation.xml file with Country Code Changes
-
$xmlrep = <<<EOF
<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
@@ -1203,6 +1095,10 @@ $xmlrep = <<<EOF
<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&amp;id=0</url>
</tab>
<tab>
+ <text>P.S.</text>
+ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&amp;id=0</url>
+ </tab>
+ <tab>
<text>Logs</text>
<url>/pfblockerng/pfblockerng_log.php</url>
</tab>
@@ -1558,22 +1454,22 @@ $xmlrep = <<<EOF
</custom_php_resync_config_command>
</packagegui>
EOF;
- # Unset Arrays
- unset ($options4, $options6, $et_options);
-
$log = "Saving pfBlockerNG Reputation TAB \n";
print $log;
pfb_logger("{$log}","3");
// Save pfBlockerng_reputation.xml file
- @file_put_contents('/usr/local/pkg/pfblockerng/pfblockerng_reputation.xml',$xmlrep,LOCK_EX);
+ @file_put_contents('/usr/local/pkg/pfblockerng/pfblockerng_reputation.xml', $xmlrep, LOCK_EX);
+
$log = "\n Country Code - XML File Update completed.\n";
print $log;
pfb_logger("{$log}","3");
-
$now = date("m/d/y G.i:s", time());
$log = "Country Code Update Ended - [ NOW ]\n";
print "Country Code Update Ended - [ $now ]\n";
pfb_logger("{$log}","3");
+
+ // Unset Arrays
+ unset ($et_options, $xmlrep);
}
?> \ No newline at end of file
diff --git a/config/pfblockerng/pfblockerng.priv.inc b/config/pfblockerng/pfblockerng.priv.inc
index 092c34ae..970ab25f 100644
--- a/config/pfblockerng/pfblockerng.priv.inc
+++ b/config/pfblockerng/pfblockerng.priv.inc
@@ -17,6 +17,7 @@ $priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblocker
$priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblockerng/pfblockerng_NorthAmerica.xml*";
$priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblockerng/pfblockerng_Oceania.xml*";
$priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblockerng/pfblockerng_SouthAmerica.xml*";
+$priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblockerng/pfblockerng_ProxyandSatellite.xml*";
$priv_list['page-firewall-pfblockerng']['match'][] = "pkg_edit.php?xml=pfblockerng/pfblockerng_sync.xml*";
$priv_list['page-firewall-pfblockerng']['match'][] = "pfblockerng/pfblockerng_update.php*";
$priv_list['page-firewall-pfblockerng']['match'][] = "pfblockerng/pfblockerng_alerts.php*";
diff --git a/config/pfblockerng/pfblockerng.sh b/config/pfblockerng/pfblockerng.sh
index c09d52e1..cc11be6b 100644
--- a/config/pfblockerng/pfblockerng.sh
+++ b/config/pfblockerng/pfblockerng.sh
@@ -35,7 +35,7 @@ etblock=$(echo $8 | sed 's/,/, /g')
etmatch=$(echo $9 | sed 's/,/, /g')
# File Locations
-pathgeoipdat=/var/db/pfblockerng/GeoIP.dat
+pathgeoipdat=/usr/pbi/pfblockerng-$mtype/share/GeoIP/GeoIP.dat
pfbsuppression=/var/db/pfblockerng/pfbsuppression.txt
masterfile=/var/db/pfblockerng/masterfile
mastercat=/var/db/pfblockerng/mastercat
diff --git a/config/pfblockerng/pfblockerng.xml b/config/pfblockerng/pfblockerng.xml
index 9442bc7f..e2f4b508 100644
--- a/config/pfblockerng/pfblockerng.xml
+++ b/config/pfblockerng/pfblockerng.xml
@@ -199,6 +199,10 @@
<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&amp;id=0</url>
</tab>
<tab>
+ <text>P.S.</text>
+ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&amp;id=0</url>
+ </tab>
+ <tab>
<text>Logs</text>
<url>/pfblockerng/pfblockerng_log.php</url>
</tab>
diff --git a/config/pfblockerng/pfblockerng_alerts.php b/config/pfblockerng/pfblockerng_alerts.php
index 541d1e03..7b84bca8 100644
--- a/config/pfblockerng/pfblockerng_alerts.php
+++ b/config/pfblockerng/pfblockerng_alerts.php
@@ -53,8 +53,8 @@ $pathgeoip6 = "/usr/pbi/pfblockerng-" . php_uname("m") . "/bin/geoiplookup6";
// Define File Locations
$filter_logfile = "{$g['varlog_path']}/filter.log";
-$pathgeoipdat = "{$pfb['dbdir']}/GeoIP.dat";
-$pathgeoipdat6 = "{$pfb['dbdir']}/GeoIPv6.dat";
+$pathgeoipdat = "/usr/pbi/pfblockerng-" . php_uname("m") . "/share/GeoIP/GeoIP.dat";
+$pathgeoipdat6 = "/usr/pbi/pfblockerng-" . php_uname("m") . "/share/GeoIP/GeoIPv6.dat";
// Emerging Threats IQRisk Header Name Reference
$pfb['et_header'] = TRUE;
@@ -334,6 +334,7 @@ if ($savemsg) {
$tab_array[] = array(gettext("N.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_NorthAmerica.xml&id=0");
$tab_array[] = array(gettext("Oceania"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_Oceania.xml&id=0");
$tab_array[] = array(gettext("S.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&id=0");
+ $tab_array[] = array(gettext("P.S."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&id=0");
$tab_array[] = array(gettext("Logs"), false, "/pfblockerng/pfblockerng_log.php");
$tab_array[] = array(gettext("Sync"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_sync.xml&id=0");
display_top_tabs($tab_array, true);
diff --git a/config/pfblockerng/pfblockerng_log.php b/config/pfblockerng/pfblockerng_log.php
index 39f9eb06..74f513a2 100644
--- a/config/pfblockerng/pfblockerng_log.php
+++ b/config/pfblockerng/pfblockerng_log.php
@@ -144,6 +144,12 @@ $pfb_logtypes = array( 'defaultlogs' => array('name' => 'Log Files',
'logdir' => "{$pfb['etdir']}/",
'download' => TRUE,
'clear' => FALSE
+ ),
+ 'country' => array('name' => 'Country Files',
+ 'ext' => 'txt',
+ 'logdir' => "{$pfb['ccdir']}/",
+ 'download' => TRUE,
+ 'clear' => FALSE
)
);
@@ -288,6 +294,7 @@ if ($savemsg) {
$tab_array[] = array(gettext("N.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_NorthAmerica.xml&id=0");
$tab_array[] = array(gettext("Oceania"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_Oceania.xml&id=0");
$tab_array[] = array(gettext("S.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&id=0");
+ $tab_array[] = array(gettext("P.S."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&id=0");
$tab_array[] = array(gettext("Logs"), true, "/pfblockerng/pfblockerng_log.php");
$tab_array[] = array(gettext("Sync"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_sync.xml&id=0");
display_top_tabs($tab_array, true);
diff --git a/config/pfblockerng/pfblockerng_sync.xml b/config/pfblockerng/pfblockerng_sync.xml
index 856af2f4..00186af8 100644
--- a/config/pfblockerng/pfblockerng_sync.xml
+++ b/config/pfblockerng/pfblockerng_sync.xml
@@ -112,6 +112,10 @@
<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&amp;id=0</url>
</tab>
<tab>
+ <text>P.S.</text>
+ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&amp;id=0</url>
+ </tab>
+ <tab>
<text>Logs</text>
<url>/pfblockerng/pfblockerng_log.php</url>
</tab>
diff --git a/config/pfblockerng/pfblockerng_top20.xml b/config/pfblockerng/pfblockerng_top20.xml
index 4974c488..ccaf68a0 100644
--- a/config/pfblockerng/pfblockerng_top20.xml
+++ b/config/pfblockerng/pfblockerng_top20.xml
@@ -113,6 +113,10 @@
<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&amp;id=0</url>
</tab>
<tab>
+ <text>P.S.</text>
+ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&amp;id=0</url>
+ </tab>
+ <tab>
<text>Logs</text>
<url>/pfblockerng/pfblockerng_log.php</url>
</tab>
diff --git a/config/pfblockerng/pfblockerng_update.php b/config/pfblockerng/pfblockerng_update.php
index dc0fab85..99480900 100644
--- a/config/pfblockerng/pfblockerng_update.php
+++ b/config/pfblockerng/pfblockerng_update.php
@@ -128,7 +128,7 @@ function pfb_cron_update($type) {
while (!feof($f)) {
$pfb_buffer = fread($f, 2048);
- $pfb_output .= str_replace( "\r", "", $pfb_buffer);
+ $pfb_output .= str_replace( array ("\r", "\")"), "", $pfb_buffer);
// Refresh on new lines only. This allows Scrolling.
if ($lastpos != $lastpos_old)
@@ -184,6 +184,7 @@ include_once("head.inc");
$tab_array[] = array(gettext("N.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_NorthAmerica.xml&id=0");
$tab_array[] = array(gettext("Oceania"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_Oceania.xml&id=0");
$tab_array[] = array(gettext("S.A."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&id=0");
+ $tab_array[] = array(gettext("P.S."), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&id=0");
$tab_array[] = array(gettext("Logs"), false, "/pfblockerng/pfblockerng_log.php");
$tab_array[] = array(gettext("Sync"), false, "/pkg_edit.php?xml=/pfblockerng/pfblockerng_sync.xml&id=0");
display_top_tabs($tab_array, true);
@@ -378,7 +379,7 @@ if (isset($_POST['pfbview'])) {
while (!feof($f)) {
$pfb_buffer = fread($f, 4096);
- $pfb_output .= str_replace( "\r", "", $pfb_buffer);
+ $pfb_output .= str_replace( array ("\r", "\")"), "", $pfb_buffer);
// Refresh on new lines only. This allows scrolling.
if ($lastpos != $lastpos_old) {
diff --git a/config/pfblockerng/pfblockerng_v4lists.xml b/config/pfblockerng/pfblockerng_v4lists.xml
index ce92f4be..6df839ed 100644
--- a/config/pfblockerng/pfblockerng_v4lists.xml
+++ b/config/pfblockerng/pfblockerng_v4lists.xml
@@ -116,6 +116,10 @@
<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&amp;id=0</url>
</tab>
<tab>
+ <text>P.S.</text>
+ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&amp;id=0</url>
+ </tab>
+ <tab>
<text>Logs</text>
<url>/pfblockerng/pfblockerng_log.php</url>
</tab>
diff --git a/config/pfblockerng/pfblockerng_v6lists.xml b/config/pfblockerng/pfblockerng_v6lists.xml
index 6f507057..15d788cf 100644
--- a/config/pfblockerng/pfblockerng_v6lists.xml
+++ b/config/pfblockerng/pfblockerng_v6lists.xml
@@ -116,6 +116,10 @@
<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&amp;id=0</url>
</tab>
<tab>
+ <text>P.S.</text>
+ <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_ProxyandSatellite.xml&amp;id=0</url>
+ </tab>
+ <tab>
<text>Logs</text>
<url>/pfblockerng/pfblockerng_log.php</url>
</tab>
diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc
index a058927e..69a50125 100755
--- a/config/squid3/34/squid.inc
+++ b/config/squid3/34/squid.inc
@@ -42,13 +42,8 @@ if(!function_exists("filter_configure"))
require_once("filter.inc");
$shortcut_section = "squid";
-if (is_dir('/usr/pbi/squid-' . php_uname("m"))) {
- define('SQUID_BASE', '/usr/pbi/squid-' . php_uname("m"));
- define('SQUID_LOCALBASE', SQUID_BASE . "/local");
-} else {
- define('SQUID_BASE', '/usr/local');
- define('SQUID_LOCALBASE', '/usr/local');
-}
+define('SQUID_BASE', '/usr/pbi/squid-' . php_uname("m"));
+define('SQUID_LOCALBASE', SQUID_BASE . "/local");
define('SQUID_CONFBASE', SQUID_LOCALBASE .'/etc/squid');
define('SQUID_CONFFILE', SQUID_CONFBASE . '/squid.conf');
diff --git a/config/squid3/34/squid.xml b/config/squid3/34/squid.xml
index 8103ce2c..57dfc938 100644
--- a/config/squid3/34/squid.xml
+++ b/config/squid3/34/squid.xml
@@ -46,7 +46,7 @@
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
<name>squid</name>
- <version>3.4.10_2 pkg 0.2.4</version>
+ <version>3.4.10_2 pkg 0.2.6</version>
<title>Proxy server: General settings</title>
<include_file>/usr/local/pkg/squid.inc</include_file>
<menu>
diff --git a/config/squidGuard/squidguard_configurator.inc b/config/squidGuard/squidguard_configurator.inc
index 66ad88a3..d3448c5d 100644
--- a/config/squidGuard/squidguard_configurator.inc
+++ b/config/squidGuard/squidguard_configurator.inc
@@ -92,10 +92,10 @@ define('CONFIG_SG_HEADER', "
# squid config options
# ------------------------------------------------------------------------------
define('REDIRECTOR_OPTIONS_REM', '# squidGuard options');
-define('REDIRECTOR_PROGRAM_OPT', 'url_rewrite_program');
-define('REDIRECT_BYPASS_OPT', 'url_rewrite_bypass');
+define('REDIRECTOR_PROGRAM_OPT', 'redirect_program');
+define('REDIRECT_BYPASS_OPT', 'redirector_bypass');
define('REDIRECT_CHILDREN_OPT', 'url_rewrite_children');
-define('REDIRECTOR_PROCESS_COUNT', '16 startup=8 idle=4 concurrency=0'); # redirector processes count will started
+define('REDIRECTOR_PROCESS_COUNT', '5'); # redirector processes count will started
# ------------------------------------------------------------------------------
# squidguard config options
diff --git a/config/suricata/suricata_global.php b/config/suricata/suricata_global.php
index eb657465..8eea8d2d 100644
--- a/config/suricata/suricata_global.php
+++ b/config/suricata/suricata_global.php
@@ -236,13 +236,13 @@ if ($input_errors)
<tr>
<td valign="top" width="8%"><input name="enable_etopen_rules" type="checkbox" value="on" onclick="enable_et_rules();"
<?php if ($config['installedpackages']['suricata']['config'][0]['enable_etopen_rules']=="on") echo "checked"; ?>/></td>
- <td><span class="vexpl"><?php echo gettext("ETOpen is an open source set of Snort rules whose coverage " .
+ <td><span class="vexpl"><?php echo gettext("ETOpen is an open source set of Suricata rules whose coverage " .
"is more limited than ETPro."); ?></span></td>
</tr>
<tr>
<td valign="top" width="8%"><input name="enable_etpro_rules" type="checkbox" value="on" onclick="enable_pro_rules();"
<?php if ($config['installedpackages']['suricata']['config'][0]['enable_etpro_rules']=="on") echo "checked"; ?>/></td>
- <td><span class="vexpl"><?php echo gettext("ETPro for Snort offers daily updates and extensive coverage of current malware threats."); ?></span></td>
+ <td><span class="vexpl"><?php echo gettext("ETPro for Suricata offers daily updates and extensive coverage of current malware threats."); ?></span></td>
</tr>
<tr>
<td>&nbsp;</td>