From 40438c8ba1f7348d840e807e1c8446f5e8bf5561 Mon Sep 17 00:00:00 2001 From: BBcan177 Date: Tue, 9 Dec 2014 21:56:52 -0500 Subject: XHTML mods All
to
Widget Added alt="" to img tags Closed any open tags > to /> --- config/pfblockerng/pfblockerng.php | 134 ++++++++++++++++++------------------- 1 file changed, 67 insertions(+), 67 deletions(-) (limited to 'config/pfblockerng/pfblockerng.php') diff --git a/config/pfblockerng/pfblockerng.php b/config/pfblockerng/pfblockerng.php index 7dca9a1c..7539e9fd 100644 --- a/config/pfblockerng/pfblockerng.php +++ b/config/pfblockerng/pfblockerng.php @@ -922,10 +922,10 @@ $xml = <<info - IPv4
Countries]]> + IPv4
Countries]]> countries4 - + Use CTRL + CLICK to unselect countries]]> select @@ -936,10 +936,10 @@ $xml = << - IPv6
Countries]]> + IPv6
Countries]]> countries6 - + Use CTRL + CLICK to unselect countries]]> select @@ -951,41 +951,41 @@ $xml = << List Action - Default : Disabled

- Select the Action for Firewall Rules on lists you have selected.

- 'Disabled' Rules: Disables selection and does nothing to selected Alias.

+ Default : Disabled

+ Select the Action for Firewall Rules on lists you have selected.

+ 'Disabled' Rules: Disables selection and does nothing to selected Alias.

- 'Deny' Rules:
+ 'Deny' Rules:
'Deny' rules create high priority 'block' or 'reject' rules on the stated interfaces. They don't change the 'pass' rules on other - interfaces. Typical uses of 'Deny' rules are:
+ interfaces. Typical uses of 'Deny' rules are:
  • Deny Both - blocks all traffic in both directions, if the source or destination IP is in the block list
  • Deny Inbound/Deny Outbound - blocks all traffic in one direction unless it is part of a session started by traffic sent in the other direction. Does not affect traffic in the other direction.
  • One way 'Deny' rules can be used to selectively block unsolicited incoming (new session) packets in one direction, while still allowing deliberate outgoing sessions to be created in the other direction.
- 'Permit' Rules:
- 'Permit' rules create high priority 'pass' rules on the stated interfaces. They are not the opposite of Deny rules, and don't create - any 'blocking' effect anywhere. They have priority over all Deny rules. Typical uses of 'Permit' rules are:
+ 'Permit' Rules:
+ 'Permit' rules create high priority 'pass' rules on the stated interfaces. They are the opposite of Deny rules, and don't create + any 'blocking' effect anywhere. They have priority over all Deny rules. Typical uses of 'Permit' rules are:
  • To ensure that traffic to/from the listed IPs will always be allowed in the stated directions. They override almost all other Firewall rules on the stated interfaces.
  • To act as a whitelist for Deny rule exceptions, for example if a large IP range or pre-created blocklist blocks a few IPs that should be accessible.
- 'Match' Rules:
+ 'Match' Rules:
'Match' or 'Log' only the traffic on the stated interfaces. This does not Block or Reject. It just Logs the traffic.
  • Match Both - Matches all traffic in both directions, if the source or destination IP is in the list.
    • -
  • Match Inbound/Match Outbound - Matches all traffic in one direction only.
- 'Alias' Rules:
- 'Alias' rules create an alias for the list (and do nothing else). +
  • Match Inbound/Match Outbound - Matches all traffic in one direction only.
    • + 'Alias' Rules:
    + 'Alias' rules create an alias for the list (and do nothing else). This enables a pfBlockerNG list to be used by name, in any firewall rule or pfSense function, as desired. -
    • Options    - Alias Deny,  Alias Permit,  Alias Match,  Alias Native

      • -
    • 'Alias Deny' can use De-Duplication and Reputation Processes if configured.

      • -
    • 'Alias Permit' and 'Alias Match' will be saved in the Same folder as the other Permit/Match Auto-Rules

      • -
    • 'Alias Native' lists are kept in their Native format without any modifications.
    +
    • Options    - Alias Deny,  Alias Permit,  Alias Match,  Alias Native

      • +
    • 'Alias Deny' can use De-Duplication and Reputation Processes if configured.

      • +
    • 'Alias Permit' and 'Alias Match' will be saved in the Same folder as the other Permit/Match Auto-Rules

      • +
    • 'Alias Native' lists are kept in their Native format without any modifications.
    When using 'Alias' rules, change (pfB_) to ( pfb_ ) in the beginning of rule description and use the 'Exact' spelling of the Alias (no trailing Whitespace)  Custom 'Alias' rules with 'pfB_ xxx' description will be removed by package if - using Auto Rule Creation.

    Tip: You can create the Auto Rules and remove "auto rule" from the Rule + using Auto Rule Creation.

    Tip: You can create the Auto Rules and remove "auto rule" from the Rule Descriptions, then disable Auto Rules. This method will 'KEEP' these rules from being 'Deleted' which will allow editing for a Custom - Alias Configuration
    ]]> + Alias Configuration
    ]]>     action select @@ -1009,8 +1009,8 @@ $xml = << Enable Logging aliaslog - Enable
    - Select - Logging to Status: System Logs: FIREWALL ( Log )
    + Enable
    + Select - Logging to Status: System Logs: FIREWALL ( Log )
    This can be overriden by the 'Global Logging' Option in the General Tab.]]>     select @@ -1020,7 +1020,7 @@ $xml = << Click to SAVE Settings and/or Rule Edits.      Changes are Applied via CRON or - 'Force Update']]> + 'Force Update']]> listtopic @@ -1208,15 +1208,15 @@ $xmlrep = <<why info Reputation', each Blocklist will be analyzed for Repeat Offenders in each IP Range. -
      Example:    x.x.x.1, x.x.x.2, x.x.x.3, x.x.x.4, x.x.x.5
      +
        Example:    x.x.x.1, x.x.x.2, x.x.x.3, x.x.x.4, x.x.x.5
        No. of Repeat Offending IPs [  5  ], in a Blocklist within the same IP Range.
      With 'Reputation enabled, these 5 IPs will be removed and a single - x.x.x.0/24 Block is used.
      - This will completely Block/Reject this particular range from your Firewall.

      - Selecting Blocklists from various Threat Sources will help to highlight Repeat Offending IP Ranges,
      - Its Important to select a Broad Range of Blocklists that cover different types of Malicious Activity.

      - You *may* experience some False Positives. Add any False Positive IPs manually to the
      - pfBlockerNGSuppress Alias or use the "+" suppression Icon in the Alerts TAB

      + x.x.x.0/24 Block is used.
      + This will completely Block/Reject this particular range from your Firewall.

      + Selecting Blocklists from various Threat Sources will help to highlight Repeat Offending IP Ranges,
      + Its Important to select a Broad Range of Blocklists that cover different types of Malicious Activity.

      + You *may* experience some False Positives. Add any False Positive IPs manually to the
      + pfBlockerNGSuppress Alias or use the "+" suppression Icon in the Alerts TAB

      To help mitigate False Positives 'Countries' can be 'Excluded' from this Process. (Refer to Country Code Settings)]]> @@ -1226,7 +1226,7 @@ $xmlrep = << - Individual List Reputation

      ]]>       + Individual List Reputation

      ]]>       info       @@ -1239,7 +1239,7 @@ $xmlrep = << Max ] Setting]]> p24_max_var - 5
      + 5
      Maximum number of Repeat Offenders allowed in a Single IP Range]]>       select @@ -1253,22 +1253,22 @@ $xmlrep = << - Collective List Reputation

      ]]>       + Collective List Reputation

      ]]>       info       info - [ pMax ] and [ dMax ]
      - Can be used to Further analyze for Repeat Offenders.
      + [ pMax ] and [ dMax ]
      + Can be used to Further analyze for Repeat Offenders.
        Analyzing All Blocklists as a Whole:
      -
        [ pMax ] will analyze for Repeat Offenders in each IP Range but will not use the Country Exclusion.
        - Default is 50 IPs in any Range. Having 50 Repeat Offenders IPs in any Range will Block the entire Range.

      -
        [ dMax ] will analyze for Repeat Offenders in each IP Range. Country Exclusions will be applied.
        +
          [ pMax ] will analyze for Repeat Offenders in each IP Range but will not use the Country Exclusion.
          + Default is 50 IPs in any Range. Having 50 Repeat Offenders IPs in any Range will Block the entire Range.

        +
          [ dMax ] will analyze for Repeat Offenders in each IP Range. Country Exclusions will be applied.
          Default is 5 IPs in any Range.
        Note: MAX performs on individual Blocklists, while pMAX / dMAX - perform on all Lists together.
        ]]> + perform on all Lists together.
        ]]> @@ -1281,7 +1281,7 @@ $xmlrep = << pMax ] Setting]]> p24_pmax_var - 50
        Maximum number of Repeat Offenders]]>         + 50
        Maximum number of Repeat Offenders]]>         select @@ -1302,7 +1302,7 @@ $xmlrep = << dMax ] Setting]]> p24_dmax_var - 5
        + 5
        Maximum number of Repeat Offenders]]>         select @@ -1322,23 +1322,23 @@ $xmlrep = <<INFO info ignore Repeat Offenders in select - Countries. The Original Blocklisted IPs remain intact. All other Repeat Offending Country Ranges will be processed.

        - Define Repeat Offending Ranges [ Action ] Available settings are:
        + Countries. The Original Blocklisted IPs remain intact. All other Repeat Offending Country Ranges will be processed.

        + Define Repeat Offending Ranges [ Action ] Available settings are:
          Ignore: Repeat Offenders that are in the 'ccwhite' category will be 'Ignored' (Default)
          Block: Repeat Offenders are set to Block the entire Repeat Offending Range(s)
        -
          Match: Repeat Offenders are added to a 'Match' List which can be used in a Floating Match Rule
          +
            Match: Repeat Offenders are added to a 'Match' List which can be used in a Floating Match Rule
            Selecting 'Match' will consume more processing time, so only select this option if you enable Rules for it.
          - 'ccwhite' are Countries that are Selected to be excluded from the Repeat Offenders Search.
          - 'ccblack' are all other Countries that are not selected.

          + 'ccwhite' are Countries that are Selected to be excluded from the Repeat Offenders Search.
          + 'ccblack' are all other Countries that are not selected.

          To use 'Match' Lists, Create a new 'Alias' - and select one of the Action 'Match' Formats and
          enter the 'Localfile' as: + and select one of the Action 'Match' Formats and
          enter the 'Localfile' as:
            /var/db/pfblockerng/match/matchdedup.txt
          ]]> ccwhite Action: ccwhite - Ignore
          + Ignore
          Select the 'Action' format for ccwhite]]>           select @@ -1350,7 +1350,7 @@ $xmlrep = << ccblack Action: ccblack - Block
          + Block
          Select the 'Action' format for ccblack]]>           select @@ -1360,11 +1360,11 @@ $xmlrep = <<           - IPv4
          Country Exclusion
          -
          Geolite Data by:
          MaxMind Inc.  (ISO 3166)]]>           + IPv4
          Country Exclusion
          +
          Geolite Data by:
          MaxMind Inc.  (ISO 3166)]]>           ccexclude - Exclude from the Reputation Process.
          + Exclude from the Reputation Process.
          Use CTRL + CLICK to unselect countries]]>           select @@ -1382,16 +1382,16 @@ $xmlrep = <<Subscription Pro. Blocklist ETINFO info - Emerging Threats IQRisk is a Subscription Professional Reputation List.

          + Emerging Threats IQRisk is a Subscription Professional Reputation List.

          ET IQRisk Blocklist must be entered in the Lists Tab using the following example:
            https://rules.emergingthreatspro.com/XXXXXXXXXXXXXXXX/reputation/iprepdata.txt.gz
          - Select the ET IQRisk' format. The URL should use the .gz File Type.
          + Select the ET IQRisk' format. The URL should use the .gz File Type.
          Enter your "ETPRO" code in URL. Further information can be found @ - ET IQRisk IP Reputation

          + ET IQRisk IP Reputation

          To use 'Match' Lists, Create a new 'Alias' and select one of the - Action 'Match' Formats and
          + Action 'Match' Formats and
          enter the 'Localfile' as:
            /var/db/pfblockerng/match/ETMatch.txt
          - ET IQRisk Individual Match Lists can be found in the following folder:
          + ET IQRisk Individual Match Lists can be found in the following folder:
            /var/db/pfblockerng/ET
          ]]>           @@ -1399,7 +1399,7 @@ $xmlrep = <<ET IQRisk Header Name et_header input - + This will be used to improve the Alerts TAB reporting for ET IPRep.]]> @@ -1407,9 +1407,9 @@ $xmlrep = <<ET IQRISK BLOCK LISTS etblock - + Use CTRL + CLICK to unselect Categories -

          Any Changes will take effect at the Next Scheduled CRON Task]]> +

          Any Changes will take effect at the Next Scheduled CRON Task]]>           select @@ -1456,9 +1456,9 @@ $xmlrep = <<ET IQRISK Match LISTS etmatch - + Use CTRL + CLICK to unselect Categories -

          Any Changes will take effect at the Next Scheduled CRON Task]]> +

          Any Changes will take effect at the Next Scheduled CRON Task]]>           select @@ -1504,9 +1504,9 @@ $xmlrep = << Update ET Categories et_update - Disable
          - Select - Enable ET Update if Category Changes are Made.
          - You can perform a 'Force Update' to enable these changes.
          + Disable
          + Select - Enable ET Update if Category Changes are Made.
          + You can perform a 'Force Update' to enable these changes.
          Cron will also resync this list at the next Scheduled Update.]]>           select -- cgit v1.2.3