From fb67de7e8ecd2f8550e3824541fd64a7a4ee8277 Mon Sep 17 00:00:00 2001 From: BBcan177 Date: Wed, 7 Jan 2015 12:26:07 -0500 Subject: Update Maxmind CC Archive and pfblockerng.xml 1. Compressed CC file is provided as a backup in case the Download from the maxmind.com website fails to complete during Installation. 2. Update pfblockerng.xml a) Reflect Compressed Archive file changes. b) Add missing "&id=0" to xml files. c) Cleanup some text. d) Add priv.inc file to xml --- config/pfblockerng/countrycodes.tar.bz2 | Bin 841191 -> 841191 bytes config/pfblockerng/pfblockerng.xml | 76 ++++++-------------------------- 2 files changed, 13 insertions(+), 63 deletions(-) diff --git a/config/pfblockerng/countrycodes.tar.bz2 b/config/pfblockerng/countrycodes.tar.bz2 index 0884a882..afebf58a 100644 Binary files a/config/pfblockerng/countrycodes.tar.bz2 and b/config/pfblockerng/countrycodes.tar.bz2 differ diff --git a/config/pfblockerng/pfblockerng.xml b/config/pfblockerng/pfblockerng.xml index a8517a30..9442bc7f 100644 --- a/config/pfblockerng/pfblockerng.xml +++ b/config/pfblockerng/pfblockerng.xml @@ -55,10 +55,15 @@ pfBlockerNG pfblockerng.xml - Configure pfblockerNG + Configure pfBlockerNG
Firewall
/pkg_edit.php?xml=pfblockerng.xml
+ + https://packages.pfsense.org/packages/config/pfblockerng/pfblockerng.priv.inc + /etc/inc/priv/ + 0644 + https://packages.pfsense.org/packages/config/pfblockerng/pfblockerng.inc /usr/local/pkg/pfblockerng/ @@ -125,62 +130,7 @@ 0644 - https://packages.pfsense.org/packages/config/pfblockerng/cc/Africa_v4.txt - /var/db/pfblockerng/cc/ - 0444 - - - https://packages.pfsense.org/packages/config/pfblockerng/cc/Africa_v6.txt - /var/db/pfblockerng/cc/ - 0444 - - - https://packages.pfsense.org/packages/config/pfblockerng/cc/Asia_v4.txt - /var/db/pfblockerng/cc/ - 0444 - - - https://packages.pfsense.org/packages/config/pfblockerng/cc/Asia_v6.txt - /var/db/pfblockerng/cc/ - 0444 - - - https://packages.pfsense.org/packages/config/pfblockerng/cc/Europe_v4.txt - /var/db/pfblockerng/cc/ - 0444 - - - https://packages.pfsense.org/packages/config/pfblockerng/cc/Europe_v6.txt - /var/db/pfblockerng/cc/ - 0444 - - - https://packages.pfsense.org/packages/config/pfblockerng/cc/North_America_v4.txt - /var/db/pfblockerng/cc/ - 0444 - - - https://packages.pfsense.org/packages/config/pfblockerng/cc/North_America_v6.txt - /var/db/pfblockerng/cc/ - 0444 - - - https://packages.pfsense.org/packages/config/pfblockerng/cc/Oceania_v4.txt - /var/db/pfblockerng/cc/ - 0444 - - - https://packages.pfsense.org/packages/config/pfblockerng/cc/Oceania_v6.txt - /var/db/pfblockerng/cc/ - 0444 - - - https://packages.pfsense.org/packages/config/pfblockerng/cc/South_America_v4.txt - /var/db/pfblockerng/cc/ - 0444 - - - https://packages.pfsense.org/packages/config/pfblockerng/cc/South_America_v6.txt + https://packages.pfsense.org/packages/config/pfblockerng/countrycodes.tar.bz2 /var/db/pfblockerng/cc/ 0444 @@ -214,11 +164,11 @@ IPv4 - /pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml + /pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&id=0 IPv6 - /pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml + /pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&id=0 Top20 @@ -264,7 +214,7 @@ LINKS - none + Firewall Alias     Firewall Rules     Firewall Logs]]> info @@ -356,7 +306,7 @@ - Remove Duplication + Enable De-Duplication enable_dup checkbox Only for IPv4 Lists @@ -414,7 +364,7 @@ Inbound Interface(s) inbound_interface - WAN
Select the interface(s) you want to Apply Rules to]]>
+ Select the Inbound interface(s) you want to Apply Auto Rules to interfaces_selection loopback @@ -434,7 +384,7 @@ Outbound Interface(s) outbound_interface - LAN or none.
Select the interface(s) you want to Apply Rules to]]>
+ Select the Outbound interface(s) you want to Apply Auto Rules to interfaces_selection loopback -- cgit v1.2.3 From 16b1354f5ded71763ee05a9ceae298c5e48f566a Mon Sep 17 00:00:00 2001 From: BBcan177 Date: Wed, 7 Jan 2015 13:05:25 -0500 Subject: XML Mods 1) Add missing "&id=0" lines 2) sync.xml - Text modifications 2) Sync.xml - Add Username to the GUI 3) Remove un-necessary Field Names 4) Update pfblockerng.php (XML file builder code) --- config/pfblockerng/pfblockerng.php | 19 ++++++++++--------- config/pfblockerng/pfblockerng_sync.xml | 17 ++++++++++++----- config/pfblockerng/pfblockerng_top20.xml | 4 ++-- config/pfblockerng/pfblockerng_v4lists.xml | 4 ++-- config/pfblockerng/pfblockerng_v6lists.xml | 4 ++-- 5 files changed, 28 insertions(+), 20 deletions(-) diff --git a/config/pfblockerng/pfblockerng.php b/config/pfblockerng/pfblockerng.php index 79f6c108..4d2ad3bf 100644 --- a/config/pfblockerng/pfblockerng.php +++ b/config/pfblockerng/pfblockerng.php @@ -879,11 +879,11 @@ $xml = << IPv4 - /pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml + /pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&id=0 IPv6 - /pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml + /pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&id=0 Top 20 @@ -936,7 +936,7 @@ $xml = << LINKS - none + Firewall Alias     Firewall Rules     Firewall Logs]]> info @@ -1168,11 +1168,11 @@ $xmlrep = << IPv4 - /pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml + /pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&id=0 IPv6 - /pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml + /pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&id=0 Top 20 @@ -1218,14 +1218,14 @@ $xmlrep = << LINKS - none + Firewall Alias     Firewall Rules     Firewall Logs]]> info - + ? Why Reputation Matters:]]> - why + info Reputation', each Blocklist will be analyzed for Repeat Offenders in each IP Range.
    Example:    x.x.x.1, x.x.x.2, x.x.x.3, x.x.x.4, x.x.x.5
    @@ -1237,7 +1237,8 @@ $xmlrep = <<
    You *may* experience some False Positives. Add any False Positive IPs manually to the
    pfBlockerNGSuppress Alias or use the "+" suppression Icon in the Alerts TAB

    - To help mitigate False Positives 'Countries' can be 'Excluded' from this Process. (Refer to Country Code Settings)]]> + To help mitigate False Positives 'Countries' can be 'Excluded' from this Process. (Refer to Country Code Settings) +

    Enabling De-Duplication is highly recommended before utilizing 'Reputation' processes.]]> diff --git a/config/pfblockerng/pfblockerng_sync.xml b/config/pfblockerng/pfblockerng_sync.xml index 06ea40db..856af2f4 100644 --- a/config/pfblockerng/pfblockerng_sync.xml +++ b/config/pfblockerng/pfblockerng_sync.xml @@ -77,11 +77,11 @@ IPv4 - /pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml + /pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&id=0 IPv6 - /pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml + /pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&id=0 Top 20 @@ -190,21 +190,28 @@ - IP-Address + Target IP Address varsyncipaddress input 15 - Port + Target Port varsyncport input 3 - Admin Password + Target Username (admin) + varsyncusername + + input + 15 + + + Target Password varsyncpassword password diff --git a/config/pfblockerng/pfblockerng_top20.xml b/config/pfblockerng/pfblockerng_top20.xml index 7d2cf033..4974c488 100644 --- a/config/pfblockerng/pfblockerng_top20.xml +++ b/config/pfblockerng/pfblockerng_top20.xml @@ -77,11 +77,11 @@ IPv4 - /pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml + /pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&id=0 IPv6 - /pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml + /pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&id=0 Top 20 diff --git a/config/pfblockerng/pfblockerng_v4lists.xml b/config/pfblockerng/pfblockerng_v4lists.xml index 17f1a14d..ce92f4be 100644 --- a/config/pfblockerng/pfblockerng_v4lists.xml +++ b/config/pfblockerng/pfblockerng_v4lists.xml @@ -80,12 +80,12 @@ IPv4 - /pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml + /pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&id=0 IPv6 - /pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml + /pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&id=0 Top 20 diff --git a/config/pfblockerng/pfblockerng_v6lists.xml b/config/pfblockerng/pfblockerng_v6lists.xml index 2a381451..6f507057 100644 --- a/config/pfblockerng/pfblockerng_v6lists.xml +++ b/config/pfblockerng/pfblockerng_v6lists.xml @@ -80,11 +80,11 @@ IPv4 - /pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml + /pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml&id=0 IPv6 - /pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml + /pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml&id=0 -- cgit v1.2.3 From e972b644be1226be1e756334c43062e7b83bdbb1 Mon Sep 17 00:00:00 2001 From: BBcan177 Date: Wed, 7 Jan 2015 13:13:15 -0500 Subject: Improve Alert Tab - Suppression Code When the user clicked "Cancel" in the second JS Prompt, it would not cancel the Suppression process. This change fixes that issue. --- config/pfblockerng/pfblockerng_alerts.php | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/config/pfblockerng/pfblockerng_alerts.php b/config/pfblockerng/pfblockerng_alerts.php index 1b54f8f2..541d1e03 100644 --- a/config/pfblockerng/pfblockerng_alerts.php +++ b/config/pfblockerng/pfblockerng_alerts.php @@ -143,9 +143,14 @@ if (isset($_POST['addsuppress'])) { $ip = $_POST['ip']; $table = $_POST['table']; $descr = $_POST['descr']; - if (empty($descr)) - $descr = sprintf(gettext("Entry added %s"), date('r')); $cidr = $_POST['cidr']; + + // If Description or CIDR field is empty, exit. + if (empty($descr) || empty($cidr)) { + header("Location: " . $_SERVER['PHP_SELF']); + exit; + } + if (is_ipaddr($ip)) { $savemsg1 = "Host IP address {$ip}"; @@ -730,8 +735,10 @@ function hostruleid(host,table) { var description = prompt("Please enter Suppression Description"); document.getElementById("descr").value = description; - var cidr = prompt("Please enter CIDR [ 32 or 24 CIDR only supported ]","32"); - document.getElementById("cidr").value = cidr; + if (description.value != "") { + var cidr = prompt("Please enter CIDR [ 32 or 24 CIDR only supported ]","32"); + document.getElementById("cidr").value = cidr; + } } // Auto-Resolve of Alerted Hostnames -- cgit v1.2.3 From 59b1069b3d591ec03d479ddfbc0638c5e2cdbe0b Mon Sep 17 00:00:00 2001 From: BBcan177 Date: Wed, 7 Jan 2015 13:20:18 -0500 Subject: Remove Fat Finger Typo --- config/pfblockerng/pfblockerng.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/pfblockerng/pfblockerng.php b/config/pfblockerng/pfblockerng.php index 4d2ad3bf..20080aa4 100644 --- a/config/pfblockerng/pfblockerng.php +++ b/config/pfblockerng/pfblockerng.php @@ -1222,7 +1222,7 @@ $xmlrep = <<Firewall Alias     Firewall Rules     Firewall Logs]]> info - ? + Why Reputation Matters:]]> -- cgit v1.2.3