aboutsummaryrefslogtreecommitdiffstats
path: root/config/pf-blocker
Commit message (Collapse)AuthorAgeFilesLines
* Add PERMIT BOTH option, and minor enhancementsstilez2014-02-171-13/+27
| | | | | | | | | | 1) Add PERMIT ALL as a list type (allows whitelisting without alias->multiple manual rules) 2) Fix typo "beggining" 3) Improve SWITCH-CASE code flows in 2 places (avoid dup. code) 4) Improve explanatory text for deny/permit Files modified: "pfblocker.inc" "pfblocker_lists.xml"
* Add PERMIT BOTH option, and minor enhancementsstilez2014-02-171-24/+12
| | | | | | | | | | 1) Add PERMIT ALL as a list type (allows whitelisting without alias->multiple manual rules) 2) Fix typo "beggining" 3) Improve SWITCH-CASE code flows in 2 places (avoid dup. code) 4) Improve explanatory text for deny/permit Files modified: "pfblocker.inc" "pfblocker_lists.xml"
* pfBlocker allow list ranges that are not exact subnetsPhil Davis2013-03-281-27/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #2892 I made a "nasty" list as follows: 192.168.100.0-192.168.101.255 192.168.103.8-192.168.103.23 192.168.104.1-192.168.104.254 192.168.105.22-192.168.106.66 192.168.107.3-192.168.107.33 And this code turns it into: 192.168.100.0/23 192.168.103.8/29 192.168.103.16/29 192.168.104.1/32 192.168.104.2/31 192.168.104.4/30 192.168.104.8/29 192.168.104.16/28 192.168.104.32/27 192.168.104.64/26 192.168.104.128/26 192.168.104.192/27 192.168.104.224/28 192.168.104.240/29 192.168.104.248/30 192.168.104.252/31 192.168.104.254/32 192.168.105.22/31 192.168.105.24/29 192.168.105.32/27 192.168.105.64/26 192.168.105.128/25 192.168.106.0/26 192.168.106.64/31 192.168.106.66/32 192.168.107.3/32 192.168.107.4/30 192.168.107.8/29 192.168.107.16/28 192.168.107.32/31 Which is the correct group of CIDRs to represent the given ranges.
* fix typos in pfblockerChris Buechler2013-01-141-4/+4
|
* Small cleanup for readabilityVince2012-10-101-1/+1
| | | Small cleanup for readability
* Net masking math was off by 1Vince2012-10-101-1/+1
| | | Net masking math was off by 1
* Fixing duplicate IP/Range entriesdarkain2012-10-091-10/+10
| | | | | | | | | | | | | | | | | | | Because all three cases (CIDR, IP Range, and Single IP Address) are always tested, it is possible that more than one will have a positive match. Examples: 172.16.0.0/12 matches both for CIDR and Individual IP Address 169.254.0.0-169.254.255.255 matches for both Address Range and Individual IP By doing if, elseif, elseif instead of if, if, if testing, the later tests will only be performed if the former tests fail. Because the Individual IP Address test will return a result, even for CIDRs and IP Ranges, that test has been moved to the end of the elseif list.
* IP Range to CIDRs not calculating properlydarkain2012-10-091-2/+2
| | | | | | | | | | | | | | | | | Several IP address ranges were being calculated improperly. Examples: 10.0.0.0-10.255.255.255 became 160.0.0.0/8 65.113.241.0-65.113.241.255 became 130.227.226.0/24 72.165.61.0-72.165.61.255 became 145.74.122.0/24 The use of complicated string and regular expressions to calculate netmasks has been replaced with basic and proper bit masking.
* Fix equals check for pfblocker rule loadingPhil Davis2012-10-021-1/+1
| | | Sorry guys - I missed out an equals sign here, the logic ended up only applying rules to the first interface, and not for others.
* Stop pfblocker rules being added twicePhil Davis2012-09-291-9/+18
| | | | If users move rules around in the GUI, the the rules for 1 interface can end up in separate blocks in config.xml. This causes pfBlocker code to put a set of pfBlocker rules before each separate block of rules for an interface, as they are processed out of config.xml. The code here fixes that, ensuring that pfBlocker rules are only added once to an interface, the first time the interface is found in a rule.
* Make the donation text read more naturally - Marcello, hopefully you get ↵Phil Davis2012-06-231-2/+2
| | | | lots of donations, thanks for the work.
* pfblocker - Include boot process checkmarcelloc2012-06-042-154/+165
|
* Revert "pfBlocker - Include boot process check"marcelloc2012-06-042-423/+473
| | | | This reverts commit 4149a349b894688723810e4886c95205dc34058f.
* pfBlocker - Include boot process checkMarcello Coutinho2012-06-042-473/+423
|
* pfblocker - update continent listsMarcello Coutinho2012-03-296-19910/+10407
|
* Merge pull request #232 from phil-davis/masterMarcello Coutinho2012-03-281-406/+452
|\ | | | | Code formatting of pfblocker.inc
| * Add bracketing to "if" and "foreach" statements. Make tab indenting ↵Phil Davis2012-03-281-406/+452
| | | | | | | | consistent throughout. This should make it easier to debug in future, as it is now easy to see which code is nested in which loops.
* | Generalize more referencesjim-p2012-03-273-5/+5
| |
* | Merge pull request #231 from phil-davis/masterMarcello Coutinho2012-03-261-2/+8
|\| | | | | Prevent duplicated pfblocker rules on some interfaces
| * Avoid getting pfBlocker rules duplicated on some interfaces if there are ↵Phil Davis2012-03-271-2/+8
| | | | | | | | floating rules with interface="" mixed in the config filter rule list.
* | pfblocker - updated country listsMarcello Coutinho2012-03-166-11801/+29198
|/
* When called with the 'cron' parameter, add config.inc to the require_once ↵Phil Davis2012-03-151-0/+1
| | | | list. config.inc will set date.timezone, thus avoiding PHP messages about use of the date() and mktime() functions.
* Include foreach loop in "if (is_array($config['aliases']['alias']))" test, ↵Phil Davis2012-03-151-17/+18
| | | | otherwise warnings are reported when the array is empty.
* Put pfblocker.inc back the way it was. I didn't mean to change it in this fork.Phil Davis2012-03-141-18/+17
|
* Update config/pf-blocker/pfblocker.incPhil Davis2012-03-141-17/+18
|
* pfBlocker - include php memory limit set to 250Mb when amd64 is detectedmarcelloc2012-02-202-0/+8
|
* pfBlocker - fix alias array check before loop, fix duplicates on autmatic ↵marcelloc2012-02-197-3752/+6762
| | | | rules and update country lists
* fix menu url in pfblocker,postfix and mailscanner xml filemarcelloc2012-01-021-1/+1
|
* pfblocker - remove illegal character from javascriptmarcelloc2011-12-201-1/+0
| | | | | postfix - remove illegal character from javascript varnish - remove illegal character from javascript
* pfblocker - remove widget scrollmarcelloc2011-12-201-2/+2
| | | | | varnish - remove widget scroll postfix - remove widget scroll
* pfblocker - update country listsmarcelloc2011-12-196-6073/+6844
|
* pfblocker - version 1.0.1 with minor fixesMarcello Coutinho2011-12-194-18/+54
|
* pfBlocker - Fix update_frequency cron callmarcelloc2011-11-111-11/+20
|
* pfBlocker - version 0.1.4.6 with fixes in float rules check and about gui infomarcelloc2011-11-112-3/+24
|
* pfBlocker - Copy continent lists to www.pfsense.orgMarcello Coutinho2011-11-117-6/+117712
|
* pfBlocker - minor fix in text displayMarcello Coutinho2011-11-111-1/+1
|
* pfBlocker - version 0.1.4.5 is out with lists update frequency and widget ↵Marcello Coutinho2011-11-114-31/+109
| | | | rule package count
* pfBlocker - include connection timeout to fetch callsMarcello Coutinho2011-11-061-0/+6
|
* pfBlocker - fixes in boot process, embedded platform and url table get file ↵Marcello Coutinho2011-11-052-17/+30
| | | | package function
* pfBlocker - fix widgetMarcello Coutinho2011-11-011-1/+0
|
* pfBlocker - version 0.1.4 changes alias/lists/rules engine and guiMarcello Coutinho2011-11-017-457/+697
|
* pfBlocker - fix table reload and txt load fileMarcello Coutinho2011-10-301-2/+14
|
* pfBlocker - include table-entries size validation checkmarcelloc2011-10-293-10/+41
|
* pfBlocker - fix bug in get_countriesmarcelloc2011-10-281-3/+3
|
* pfBlocker - version 0.1.2 with widget and more fixesmarcelloc2011-10-283-11/+99
|
* pfblocker - refix missing topspammers call in pfBlocker.xmlmarcelloc2011-10-281-4/+4
|
* pfBlocker - fix whitelist checkmarcelloc2011-10-281-2/+2
|
* pfBlocker - more improvementsmarcelloc2011-10-282-17/+43
|
* pfBlocker-dev - fix alias creation check for outbound trafficmarcelloc2011-10-285-977/+1
|
* pfBlocker-dev - fix missing xml call to tospammers.xmlmarcelloc2011-10-271-2/+2
|