From a68f5263bc92a88f92d97ddbdffb49f51514e075 Mon Sep 17 00:00:00 2001
From: BBcan177 <bbcan177@gmail.com>
Date: Sun, 30 Nov 2014 20:15:36 -0500
Subject: Revert "pfBlockerNG Beta v0.99"

This reverts commit b3ce3bde07750e25fabca14faf18c0e5f0eb74dc.
---
 config/pfblockerng/pfblockerng.php | 1546 ------------------------------------
 1 file changed, 1546 deletions(-)
 delete mode 100644 config/pfblockerng/pfblockerng.php

(limited to 'config/pfblockerng/pfblockerng.php')

diff --git a/config/pfblockerng/pfblockerng.php b/config/pfblockerng/pfblockerng.php
deleted file mode 100644
index 2c4af706..00000000
--- a/config/pfblockerng/pfblockerng.php
+++ /dev/null
@@ -1,1546 +0,0 @@
-<?php
-/*
-	pfBlockerNG.php
-
-	pfBlockerNG
-	Copyright (C) 2014 BBcan177@gmail.com
-	All rights reserved.
-
-	Based upon pfBlocker by
-	Copyright (C) 2011-2012 Marcello Coutinho
-	All rights reserved.
-
-	Hour Schedule Convertor code by
-	Snort Package
-	Copyright (c) 2014 Bill Meeks
-
-	Redistribution and use in source and binary forms, with or without
-	modification, are permitted provided that the following conditions are met:
-
-
-	1. Redistributions of source code must retain the above copyright notice,
-	   this list of conditions and the following disclaimer.
-
-	2. Redistributions in binary form must reproduce the above copyright
-	   notice, this list of conditions and the following disclaimer in the
-	   documentation and/or other materials provided with the distribution.
-
-
-	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-	POSSIBILITY OF SUCH DAMAGE.
-
-*/
-
-require_once("util.inc");
-require_once("functions.inc");
-require_once("pkg-utils.inc");
-require_once("globals.inc");
-require_once("services.inc");
-require_once("/usr/local/pkg/pfblockerng/pfblockerng.inc");
-
-pfb_global();
-
-// IPv6 Range to CIDR function used courtesey from:
-// https://github.com/stilez/pfsense-leases/blob/50cc0fa81dba5fe91bcddaea016c245d1b8479cc/etc/inc/util.inc
-function ip_range_to_subnet_array_temp($ip1, $ip2) {
-
-	if (is_ipaddrv4($ip1) && is_ipaddrv4($ip2)) {
-		$proto = 'ipv4';  // for clarity
-		$bits = 32;
-		$ip1bin = decbin(ip2long32($ip1));
-		$ip2bin = decbin(ip2long32($ip2));
-	} elseif (is_ipaddrv6($ip1) && is_ipaddrv6($ip2)) {
-		$proto = 'ipv6';
-		$bits = 128;
-		$ip1bin = Net_IPv6::_ip2Bin($ip1);
-		$ip2bin = Net_IPv6::_ip2Bin($ip2);
-	} else
-		return array();
-
-	// it's *crucial* that binary strings are guaranteed the expected length;  do this for certainty even though for IPv6 it's redundant
-	$ip1bin = str_pad($ip1bin, $bits, '0', STR_PAD_LEFT);
-	$ip2bin = str_pad($ip2bin, $bits, '0', STR_PAD_LEFT);
-
-	if ($ip1bin === $ip2bin)
-		return array($ip1 . '/' . $bits);
-	
-	if (strcmp($ip1bin, $ip2bin) > 0)
-		list ($ip1bin, $ip2bin) = array($ip2bin, $ip1bin);  // swap contents of ip1 <= ip2
-
-	$rangesubnets = array();
-	$netsize = 0;
-
-	do {
-		// at loop start, $ip1 is guaranteed strictly less than $ip2 (important for edge case trapping and preventing accidental binary wrapround)
-		// which means the assignments $ip1 += 1 and $ip2 -= 1 will always be "binary-wrapround-safe"
-
-		// step #1 if start ip (as shifted) ends in any '1's, then it must have a single cidr to itself (any cidr would include the '0' below it)
-		
-		if (substr($ip1bin, -1, 1) == '1') {
-			// the start ip must be in a separate one-IP cidr range
-			$new_subnet_ip = substr($ip1bin, $netsize, $bits - $netsize) . str_repeat('0', $netsize);
-			$rangesubnets[$new_subnet_ip] = $bits - $netsize;
-			$n = strrpos($ip1bin, '0');  //can't be all 1's
-			$ip1bin = ($n == 0 ? '' : substr($ip1bin, 0, $n)) . '1' . str_repeat('0', $bits - $n - 1);  // BINARY VERSION OF $ip1 += 1
-		} 
-
-		// step #2, if end ip (as shifted) ends in any zeros then that must have a cidr to itself (as cidr cant span the 1->0 gap)
-		
-		if (substr($ip2bin, -1, 1) == '0') {
-			// the end ip must be in a separate one-IP cidr range
-			$new_subnet_ip = substr($ip2bin, $netsize, $bits - $netsize) . str_repeat('0', $netsize);
-			$rangesubnets[$new_subnet_ip] = $bits - $netsize;
-			$n = strrpos($ip2bin, '1');  //can't be all 0's
-			$ip2bin = ($n == 0 ? '' : substr($ip2bin, 0, $n)) . '0' . str_repeat('1', $bits - $n - 1);  // BINARY VERSION OF $ip2 -= 1
-			// already checked for the edge case where end = start+1 and start ends in 0x1, above, so it's safe
-		}
-
-		// this is the only edge case arising from increment/decrement. 
-		// it happens if the range at start of loop is exactly 2 adjacent ips, that spanned the 1->0 gap. (we will have enumerated both by now)
-		
-		if (strcmp($ip2bin, $ip1bin) < 0)
-			continue;
-
-		// step #3 the start and end ip MUST now end in '0's and '1's respectively
-		// so we have a non-trivial range AND the last N bits are no longer important for CIDR purposes.
-
-		$shift = $bits - max(strrpos($ip1bin, '0'), strrpos($ip2bin, '1'));  // num of low bits which are '0' in ip1 and '1' in ip2
-		$ip1bin = str_repeat('0', $shift) . substr($ip1bin, 0, $bits - $shift);
-		$ip2bin = str_repeat('0', $shift) . substr($ip2bin, 0, $bits - $shift);
-		$netsize += $shift;
-		if ($ip1bin === $ip2bin) {
-			// we're done.
-			$new_subnet_ip = substr($ip1bin, $netsize, $bits - $netsize) . str_repeat('0', $netsize);
-			$rangesubnets[$new_subnet_ip] = $bits - $netsize;
-			continue;
-		}
-		
-		// at this point there's still a remaining range, and either startip ends with '1', or endip ends with '0'. So repeat cycle.
-	} while (strcmp($ip1bin, $ip2bin) < 0);
-
-	// subnets are ordered by bit size. Re sort by IP ("naturally") and convert back to IPv4/IPv6
-
-	ksort($rangesubnets, SORT_STRING);
-	$out = array();
-
-	foreach ($rangesubnets as $ip => $netmask) {
-		if ($proto == 'ipv4') {
-			$i = str_split($ip, 8);
-			$out[] = implode('.', array( bindec($i[0]),bindec($i[1]),bindec($i[2]),bindec($i[3]))) . '/' . $netmask;
-		} else
-			$out[] = Net_IPv6::compress(Net_IPv6::_bin2Ip($ip)) . '/' . $netmask;
-	}
-
-	return $out;
-}
-
-# Set php Memory Limit to 256M. This is required to process the MaxMind IP Database
-ini_set('memory_limit', '256M');
-
-function pfb_update_check($header_url, $list_url, $url_format) {
-	global $pfb;
-
-	if ($url_format == "rsync" || $url_format == "html") {
-		print "[ {$header_url} ]\n";
-		print "  Skipping timestamp query\n";
-		return TRUE;
-	}
-
-	switch ($url_format) {
-		case "gz":
-		case "gz_2":
-		case "gz_lg":
-		case "et":
-			$type = '.gz';
-			break;
-		case "zip":
-		case "xlsx":
-			$type = '.zip';
-			break;
-		case "txt":
-			$type = '.orig';
-			break;
-		case "html":
-		case "block":
-			$type = '.raw';
-			break;
-	}
-
-	print "[ {$header_url} ]\n";
-	$host = @parse_url($list_url);
-	$local_file = "{$pfb['origdir']}/{$header_url}{$type}";
-	if (file_exists($local_file)) {
-		// Determine if URL is Remote or Local
-		if ($host['host'] == "127.0.0.1" || $host['host'] == $pfb['iplocal'] || empty($host['host'])) {
-			$remote_tds = gmdate ("D, d M Y H:i:s T", filemtime($local_file));
-		} else {
-			$remote_tds = @implode(preg_grep("/Last-Modified/", get_headers($list_url)));
-			$remote_tds = preg_replace("/^Last-Modified: /","", $remote_tds);
-		}
-
-		$log = "  Remote timestamp: {$remote_tds}\n";
-		pfb_logger("{$log}","1");
-		$local_tds = gmdate ("D, d M Y H:i:s T", filemtime($local_file));
-		$log = "  Local  timestamp: {$local_tds}\n";
-		pfb_logger("{$log}","1");
-		if ("{$remote_tds}" != "{$local_tds}") {
-			return TRUE;
-		} else {
-			print "  Remote file unchanged. Download Terminated\n";
-			return FALSE;
-		}
-	} else {
-		return TRUE;
-	}
-}
-
-
-if ($argv[1] == 'update') {
-	sync_package_pfblockerng("cron");
-}
-
-if ($argv[1] == 'uc') {
-	pfblockerng_uc_countries();
-	pfblockerng_get_countries();
-}
-
-if ($argv[1] == 'gc') {
-	pfblockerng_get_countries();
-}
-
-if ($argv[1] == 'cron') {
-	$hour = date('H');
-	$dow  = date('N');
-
-	# Start hour of the 'Once a day' Schedule
-	$pfb['dailystart'] = $config['installedpackages']['pfblockerng']['config'][0]['pfb_dailystart'];
-	# Start hour of the Scheduler
-	if ($config['installedpackages']['pfblockerng']['config'][0]['pfb_hour'] != "") {
-		$pfb['hour'] = $config['installedpackages']['pfblockerng']['config'][0]['pfb_hour'];
-	} else {
-		$pfb['hour'] = "1";
-	}
-	$updates = 0;
-
-	# 2 Hour Schedule Converter
-	$shour = intval(substr($pfb['hour'], 0, 2));
-	$sch2 = strval($shour);
-	for ($i=0; $i<11; $i++) {
-		$shour += 2;
-		if ($shour > 24)
-			$shour -= 24;
-		$sch2 .= "," . strval($shour);
-	}
-
-	# 3 Hour Schedule Converter
-	$shour = intval(substr($pfb['hour'], 0, 2));
-	$sch3 = strval($shour);
-	for ($i=0; $i<7; $i++) {
-		$shour += 3;
-		if ($shour > 24)
-			$shour -= 24;
-		$sch3 .= "," . strval($shour);
-	}
-
-	# 4 Hour Schedule Converter
-	$shour = intval(substr($pfb['hour'], 0, 2));
-	$sch4 = strval($shour);
-	for ($i=0; $i<5; $i++) {
-		$shour += 4;
-		if ($shour > 24)
-			$shour -= 24;
-		$sch4 .= "," . strval($shour);
-	}
-
-	# 6 Hour Schedule Converter
-	$shour = intval(substr($pfb['hour'], 0, 2));
-	$sch6 = strval($shour);
-	for ($i=0; $i<3; $i++) {
-		$shour += 6;
-		if ($shour > 24)
-			$shour -= 24;
-		$sch6 .= "," . strval($shour);
-	}
-
-	# 8 Hour Schedule Converter
-	$shour = intval(substr($pfb['hour'], 0, 2));
-	$sch8 = strval($shour);
-	for ($i=0; $i<2; $i++) {
-		$shour += 8;
-		if ($shour > 24)
-			$shour -= 24;
-		$sch8 .= "," . strval($shour);
-	}
-
-	# 12 Hour Schedule Converter
-	$shour = intval(substr($pfb['hour'], 0, 2));
-	$sch12 = strval($shour) . ",";
-	$shour += 12;
-	if ($shour > 24)
-		$shour -= 24;
-	$sch12 .= strval($shour);
-
-	$e_sch2  = explode(",", $sch2);
-	$e_sch3  = explode(",", $sch3);
-	$e_sch4  = explode(",", $sch4);
-	$e_sch6  = explode(",", $sch6);
-	$e_sch8  = explode(",", $sch8);
-	$e_sch12 = explode(",", $sch12);
-
-	$log = " CRON  PROCESS  START [ NOW ]\n";
-	pfb_logger("{$log}","1");
-
-	$list_type = array ("pfblockernglistsv4" => "_v4", "pfblockernglistsv6" => "_v6");
-	foreach ($list_type as $ip_type => $vtype) {
-		if ($config['installedpackages'][$ip_type]['config'] != "") {
-			foreach ($config['installedpackages'][$ip_type]['config'] as $list) {
-				if (is_array($list['row']) && $list['action'] != "Disabled" && $list['action'] != "") {
-					foreach ($list['row'] as $row) {
-						if ($row['url'] != "" && $row['format'] != "hold" && $row['format'] != "skip") {
-
-							if ($vtype == "_v4") {
-								$header_url = "{$row['header']}";
-							} else {
-								$header_url = "{$row['header']}_v6";
-							}
-
-							# Determine Folder Location for Alias (return array $pfbarr)
-							pfb_determine_list_detail($list['action']);
-							$pfbfolder = $pfbarr['folder'];
-
-							$list_cron = $list['cron'];
-							$list_url = $row['url'];
-							$header_dow = $list['dow'];
-							$url_format = $row['format'];
-
-							# Check if List file exists, if not found run Update
-							if (!file_exists($pfbfolder . '/' . $header_url . '.txt')) {
-								print "  Updates Found\n";
-								$updates++;
-								continue;
-							}
-
-							switch ($list_cron) {
-								case "01hour":
-									if (pfb_update_check($header_url, $list_url, $url_format)) {
-										print "  Updates Found\n";
-										unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
-										$updates++;
-									}
-									break;
-								case "02hours":
-									if (in_array($hour, $e_sch2)) {
-										if (pfb_update_check($header_url, $list_url, $url_format)) {
-											print "  Updates Found\n";
-											unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
-											$updates++;
-										}
-									}
-									break;
-								case "03hours":
-									if (in_array($hour, $e_sch3)) {
-										if (pfb_update_check($header_url, $list_url, $url_format)) {
-											print "  Updates Found\n";
-											unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
-											$updates++;
-										}
-									}
-									break;
-								case "04hours":
-									if (in_array($hour, $e_sch4)) {
-										if (pfb_update_check($header_url, $list_url, $url_format)) {
-											print "  Updates Found\n";
-											unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
-											$updates++;
-										}
-									}
-									break;
-								case "06hours":
-									if (in_array($hour, $e_sch6)) {
-										if (pfb_update_check($header_url, $list_url, $url_format)) {
-											print "  Updates Found\n";
-											unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
-											$updates++;
-										}
-									}
-									break;
-								case "08hours":
-									if (in_array($hour, $e_sch8)) {
-										if (pfb_update_check($header_url, $list_url, $url_format)) {
-											print "  Updates Found\n";
-											unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
-											$updates++;
-										}
-									}
-									break;
-								case "12hours":
-									if (in_array($hour, $e_sch12)) {
-										if (pfb_update_check($header_url, $list_url, $url_format)) {
-											print "  Updates Found\n";
-											unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
-											$updates++;
-										}
-									}
-									break;
-								case "EveryDay":
-									if ($hour == $pfb['dailystart']) {
-										if (pfb_update_check($header_url, $list_url, $url_format)) {
-											print "  Updates Found\n";
-											unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
-											$updates++;
-										}
-									}
-									break;
-								case "Weekly":
-									if ($hour == $pfb['dailystart'] && $dow == $header_dow) {
-										if (pfb_update_check($header_url, $list_url, $url_format)) {
-											print "  Updates Found\n";
-											unlink_if_exists($pfbfolder . '/' . $header_url . '.txt');
-											$updates++;
-										}
-									}
-									break;
-								default: {
-									}
-									break;
-							}
-						}
-					}
-				}
-			}
-		}
-	}
-
-	if ($updates > 0) {
-		sync_package_pfblockerng("cron");
-	} else {
-		$log = "\n  No Updates required. \n\n";
-		pfb_logger("{$log}","1");
-	}
-
-	$log = " CRON  PROCESS  ENDED [ NOW ]\n";
-	pfb_logger("{$log}","1");
-
-	# Call Log Mgmt Function
-	// If Update GUI 'Manual view' is selected. Last output will be missed. So sleep for 5 secs.
-	sleep(5);
-	pfb_log_mgmt();
-}
-
-
-function pfblockerng_uc_countries() {
-
-	global $g,$pfb;
-	pfb_global();
-
-	$maxmind_cont = "{$pfb['dbdir']}/country_continent.csv";
-	$maxmind_cc4  = "{$pfb['dbdir']}/GeoIPCountryWhois.csv";
-	$maxmind_cc6  = "{$pfb['dbdir']}/GeoIPv6.csv";
-	
-	# Create Folders if not Exist
-	$folder_array = array ("{$pfb['dbdir']}","{$pfb['logdir']}","{$pfb['ccdir']}");
-	foreach ($folder_array as $folder) {
-		safe_mkdir ("{$folder}",0755);
-	}
-
-	$now = date("m/d/y G.i:s", time());
-	$log = "Country Code Update Start - [ NOW ]\n\n";
-	print "Country Code Update Start - [ $now ]\n\n";
-	pfb_logger("{$log}","3");
-
-	if (!file_exists($maxmind_cont) || !file_exists($maxmind_cc4) || !file_exists($maxmind_cc6)) {
-		$log = " [ MAXMIND UPDATE FAIL, CSV Missing, using Previous Country Code Database \n";
-		print $log;
-		pfb_logger("{$log}","3");
-		return;
-	}
-
-	# Save Date/Time Stamp to MaxMind version file
-	$maxmind_ver	= "MaxMind GeoLite Date/Time Stamps \n\n";
-	$remote_tds	= @implode(preg_grep("/Last-Modified/", get_headers("http://geolite.maxmind.com/download/geoip/database/GeoIPCountryCSV.zip")));
-	$maxmind_ver	.= "MaxMind_v4 \t" . $remote_tds . "\n";
-	$local_tds	= @gmdate ("D, d M Y H:i:s T", filemtime($maxmind_cc4));
-	$maxmind_ver	.= "Local_v4 \tLast-Modified: " . $local_tds . "\n\n";
-	$remote_tds	= @implode(preg_grep("/Last-Modified/", get_headers("http://geolite.maxmind.com/download/geoip/database/GeoIPv6.csv.gz")));
-	$maxmind_ver	.= "MaxMind_v6 \t" . $remote_tds . "\n";
-	$local_tds	= @gmdate ("D, d M Y H:i:s T", filemtime($maxmind_cc6));
-	$maxmind_ver	.= "Local_v6 \tLast-Modified: " . $local_tds . "\n";
-	$maxmind_ver	.= "\nThese Timestamps should *match* \n";
-	@file_put_contents("{$pfb['logdir']}/maxmind_ver", $maxmind_ver);
-
-
-	// Collect ISO Codes for Each Continent
-	$log = "Processing Continent Data \n";
-	print $log;
-	pfb_logger("{$log}","3");
-
-	$cont_array = array ( array($AF),array($AS),array($EU),array($NA),array($OC),array($SA));
-	$csv = array_map('str_getcsv', @file($maxmind_cont));
-	if (isset($csv)) {
-		foreach ($csv as $cc) {
-			$cc_key = $cc[0];
-			$cont_key = $cc[1];
-			switch ($cont_key) {
-				case "AF":
-					$cont_array[0]['continent'] = "Africa";
-					$cont_array[0]['iso'] .= "{$cc_key},";
-					$cont_array[0]['file4'] = "{$pfb['ccdir']}/Africa_v4.txt";
-					$cont_array[0]['file6'] = "{$pfb['ccdir']}/Africa_v6.txt";
-					break;
-				case "AS":
-					$cont_array[1]['continent'] = "Asia";
-					$cont_array[1]['iso'] .= "{$cc_key},";
-					$cont_array[1]['file4'] = "{$pfb['ccdir']}/Asia_v4.txt";
-					$cont_array[1]['file6'] = "{$pfb['ccdir']}/Asia_v6.txt";
-					break;
-				case "EU":
-					$cont_array[2]['continent'] = "Europe";
-					$cont_array[2]['iso'] .= "{$cc_key},";
-					$cont_array[2]['file4'] = "{$pfb['ccdir']}/Europe_v4.txt";
-					$cont_array[2]['file6'] = "{$pfb['ccdir']}/Europe_v6.txt";
-					break;
-				case "NA":
-					$cont_array[3]['continent'] = "North America";
-					$cont_array[3]['iso'] .= "{$cc_key},";
-					$cont_array[3]['file4'] = "{$pfb['ccdir']}/North_America_v4.txt";
-					$cont_array[3]['file6'] = "{$pfb['ccdir']}/North_America_v6.txt";
-					break;
-				case "OC":
-					$cont_array[4]['continent'] = "Oceania";
-					$cont_array[4]['iso'] .= "{$cc_key},";
-					$cont_array[4]['file4'] = "{$pfb['ccdir']}/Oceania_v4.txt";
-					$cont_array[4]['file6'] = "{$pfb['ccdir']}/Oceania_v6.txt";
-					break;
-				case "SA":
-					$cont_array[5]['continent'] = "South America";
-					$cont_array[5]['iso'] .= "{$cc_key},";
-					$cont_array[5]['file4'] = "{$pfb['ccdir']}/South_America_v4.txt";
-					$cont_array[5]['file6'] = "{$pfb['ccdir']}/South_America_v6.txt";
-					break;
-			}
-		}
-	}
-	unset($csv);
-
-	// Collect Country ISO Data IPv4 and Sort to Continent Array
-	$log = "Processing ISO IPv4 Continent/Country Data \n";
-	print $log;
-	pfb_logger("{$log}","3");
-
-	$csv2 = array_map('str_getcsv', @file($maxmind_cc4));
-	if (isset($csv2)) {
-		foreach ($csv2 as $cc) {
-			$ip1_key	= $cc[0];
-			$ip2_key	= $cc[1];
-			$var1_key	= $cc[2];
-			$var2_key	= $cc[3];
-			$cc_key		= $cc[4];
-			$country_key	= $cc[5];
-			$a_cidr		= implode(",", ip_range_to_subnet_array_temp($cc[0],$cc[1]));
-
-			$counter = 0;
-			foreach ($cont_array as $iso) {
-				if (preg_match("/\b$cc_key\b/", $iso['iso'])) {
-					$cont_array[$counter][$cc_key]['ip4'] .= $a_cidr . ",";
-					$cont_array[$counter][$cc_key]['country'] = $country_key;
-					continue;
-				}
-				$counter++;
-			}
-		}
-	}
-	unset($csv2);
-
-	// Build Continent IPv4 CIDR Files
-	$counter = 0;
-	foreach ($cont_array as $iso) {
-		$header		= "";
-		$pfb_file	= "";
-		$iso_key	= "";
-		$header		.= "# Generated from MaxMind Inc. on: " . date("m/d/y G.i:s", time()) . "\n";
-		$header		.= "# Continent IPv4: " . $cont_array[$counter]['continent'] . "\n";
-		$pfb_file	= $cont_array[$counter]['file4'];
-		$iso_key	= array_keys($iso);
-		foreach ($iso_key as $key) {
-			if (preg_match("/[A-Z]{2}/", $key)) {
-				$header .= "# Country: " . $iso[$key]['country'] . "\n";
-				$header .= "# ISO Code: " . $key . "\n";
-				$header .= "# Total Networks: " . substr_count($iso[$key]['ip4'], ",") . "\n";
-				$header .= str_replace(",", "\n", $iso[$key]['ip4']);
-				$iso[$key]['ip4'] = "";
-			}
-		}
-		$counter++;
-		@file_put_contents($pfb_file, $header, LOCK_EX);
-	}
-
-
-	// Collect Country ISO Data IPv6 and Sort to Continent Array
-	$log = "Processing ISO IPv6 Continent/Country Data \n";
-	print $log;
-	pfb_logger("{$log}","3");
-
-	$csv3 = array_map('str_getcsv', @file($maxmind_cc6));
-	if (isset($csv3)) {
-		foreach ($csv3 as $cc) {
-			$ip1_key	= $cc[0];
-			$ip2_key	= $cc[1];
-			$var1_key	= $cc[2];
-			$var2_key	= $cc[3];
-			$cc_key		= $cc[4];
-			$country_key	= $cc[5];
-			$a_cidr		= implode(",", ip_range_to_subnet_array_temp($cc[0],$cc[1]));
-
-			$counter = 0;
-			foreach ($cont_array as $iso) {
-				if (preg_match("/\b$cc_key\b/", $iso['iso'])) {
-					$cont_array[$counter][$cc_key]['ip6'] .= $a_cidr . ",";
-					continue;
-				}
-				$counter++;
-			}
-		}
-	}
-	unset ($csv3);
-
-	// Build Continent IPv6 Files
-	$counter = 0;
-	foreach ($cont_array as $iso) {
-		$header		= "";
-		$pfb_file	= "";
-		$iso_key	= "";
-
-		$header		.= "# Generated from MaxMind Inc. on: " . date("m/d/y G.i:s", time()) . "\n";
-		$header		.= "# Continent IPv6: " . $cont_array[$counter]['continent'] . "\n";
-		$pfb_file	= $cont_array[$counter]['file6'];
-		$iso_key	= array_keys($iso);
-		foreach ($iso_key as $key) {
-			if (preg_match("/[A-Z]{2}/", $key)) {
-				$header .= "# Country: " . $iso[$key]['country'] . "\n";
-				$header .= "# ISO Code: " . $key . "\n";
-				$header .= "# Total Networks: " . substr_count($iso[$key]['ip6'], ",") . "\n";
-				$header .= str_replace(",", "\n", $iso[$key]['ip6']);
-				$iso[$key]['ip6'] = "";
-			}
-		}
-		$counter++;
-		@file_put_contents($pfb_file, $header, LOCK_EX);
-	}
-	unset($cont_array);
-}
-
-
-function pfblockerng_get_countries() {
-
-	global $g,$pfb;
-	pfb_global();
-
-	# These arrays are used to collect the <option> tags for the XML Continent Files
-	$roptions4 = array();
-	$coptions4 = array();
-	$roptions6 = array();
-	$coptions6 = array();
-
-	$files4 = array (	"Africa"	=> "{$pfb['ccdir']}/Africa_v4.txt",
-				"Asia"		=> "{$pfb['ccdir']}/Asia_v4.txt",
-				"Europe"	=> "{$pfb['ccdir']}/Europe_v4.txt",
-				"North America"	=> "{$pfb['ccdir']}/North_America_v4.txt",
-				"Oceania"	=> "{$pfb['ccdir']}/Oceania_v4.txt",
-				"South America"	=> "{$pfb['ccdir']}/South_America_v4.txt"
-				);
-
-	# IPv4 Collect Data to generate new continent XML Files.
-	$log = "Building pfBlockerNG XML Files \n";
-	print $log;
-	pfb_logger("{$log}","3");
-
-	foreach ($files4 as $cont => $file) {
-		$log = "IPv4 " . $cont . "\n";
-		print $log;
-		pfb_logger("{$log}","3");
-		$ips = file_get_contents($file);
-		$convert = explode("\n", $ips);
-		$cont_name = preg_replace("/ /","",$cont);
-		$cont_name_lower = strtolower($cont_name);
-		$active = array( "$cont" => '<active/>');
-		$total4 = 0;
-		$pfb['complete'] = FALSE;
-
-		foreach ($convert as $line) {
-			if (preg_match("/#/",$line)) {
-				if ($pfb['complete']) {
-					$coptions4[] = $Country . '-' . $ISOCode . ' ('. $total4 .') ' . ' </name><value>' . $ISOCode . '</value></option>';
-					$roptions4[] = $Country . '-' . $ISOCode . ' ('. $total4 .') ' . ' </name><value>' . $ISOCode . '</value></option>';
-
-					// Save ISO IPv4 Data
-					@file_put_contents($pfb['ccdir'] . '/' . $ISOCode . '_v4.txt',$pfb_v4,LOCK_EX);
-
-					// Clear Variables and Restart Continent Collection process
-					$total4 = 0;
-					$pfb_v4 = "";
-					$pfb['complete'] = FALSE;
-				}
-				if (preg_match("/Country:\s(.*)/",$line, $matches)) { $Country = $matches[1];}
-				if (preg_match("/ISO Code:\s(.*)/",$line, $matches)) { $ISOCode = $matches[1];}
-			} elseif (!preg_match("/#/",$line)) {
-				$total4++;
-				if (!empty($line))
-					$pfb_v4 .= $line . "\n";
-				$pfb['complete'] = TRUE;
-			}
-		}
-		unset ($ips, $convert);
-
-		// Sort IPv4 Countries Alphabetically and Build XML <option> Data for Continents Tab
-		sort($coptions4, SORT_STRING);
-		$ftotal4 = count($coptions4);
-		$count = 1;
-		$options4 = "";
-
-		foreach ($coptions4 as $option4) {
-			if ($count == 1) { $options4 .= "\t" . '<option><name>' . $option4 . "\n"; $count++; continue;}
-			if ($ftotal4 == $count) {
-				$options4 .= "\t\t\t\t" . '<option><name>' . $option4;
-			} else {
-				$options4 .= "\t\t\t\t" . '<option><name>' . $option4 . "\n";
-			}
-			$count++;
-		}
-		unset ($coptions4);
-
-		// IPv6 Collect Data to generate new continent XML Files.
-		$file6 = preg_replace("/v4/", "v6", $file);
-		$ips = file_get_contents($file6);
-		$convert = explode("\n", $ips);
-		$log = "IPv6 " . $cont . "\n";
-		pfb_logger("{$log}","3");
-		$total6 = 0;
-		$pfb['complete'] = FALSE;
-
-		foreach ($convert as $line) {
-			if (preg_match("/#/",$line)) {
-				if ($pfb['complete']) {
-					$coptions6[] = $Country . '-' . $ISOCode . ' ('. $total6 .') ' . ' </name><value>' . $ISOCode . '</value></option>';
-					$roptions6[] = $Country . '-' . $ISOCode . ' ('. $total6 .') ' . ' </name><value>' . $ISOCode . '</value></option>';
-
-					// Save ISO IPv6 Data
-					@file_put_contents($pfb['ccdir'] . '/' . $ISOCode . '_v6.txt',$pfb_v6,LOCK_EX);
-
-					// Clear Variables and Restart Continent Collection process
-					$total6 = 0;
-					$pfb_v6 = "";
-					$pfb['complete'] = FALSE;
-				}
-				if (preg_match("/Country:\s(.*)/",$line, $matches)) { $Country = $matches[1];}
-				if (preg_match("/ISO Code:\s(.*)/",$line, $matches)) { $ISOCode = $matches[1];}
-			} elseif (!preg_match("/#/",$line)) {
-				$total6++;
-				if (!empty($line))
-					$pfb_v6 .= $line . "\n";
-				$pfb['complete'] = TRUE;
-			}
-		}
-
-		// Sort IPv6 Countries Alphabetically for Continents Tab
-		sort($coptions6, SORT_STRING);
-		$ftotal6 = count($coptions6);
-		$count = 1;
-		$options6 = "";
-
-		foreach ($coptions6 as $option6) {
-			if ($count == 1) { $options6 .= "\t" . '<option><name>' . $option6 . "\n"; $count++; continue;}
-			if ($ftotal6 == $count) {
-				$options6 .= "\t\t\t\t" . '<option><name>' . $option6;
-			} else {
-				$options6 .= "\t\t\t\t" . '<option><name>' . $option6 . "\n";
-			}
-			$count++;
-		}
-		unset ($coptions6);
-
-
-$xml = <<<EOF
-<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
-<packagegui>
-	<copyright>
-	<![CDATA[
-/* \$Id\$ */
-/* ========================================================================== */
-/*
-	pfblockerng_{$cont_name}.xml
-
-	pfBlockerNG
-	Copyright (C) 2014 BBcan177@gmail.com
-	All rights reserved.
-
-	Based upon pfblocker for pfSense
-	Copyright (C) 2011 Marcello Coutinho
-	All rights reserved.
-*/
-/* ========================================================================== */
-/*
-	Redistribution and use in source and binary forms, with or without
-	modification, are permitted provided that the following conditions are met:
-
-
-	1. Redistributions of source code must retain the above copyright notice,
-	   this list of conditions and the following disclaimer.
-
-	2. Redistributions in binary form must reproduce the above copyright
-	   notice, this list of conditions and the following disclaimer in the
-	   documentation and/or other materials provided with the distribution.
-
-
-	THIS SOFTWARE IS PROVIDED ``AS IS`` AND ANY EXPRESS OR IMPLIED WARRANTIES,
-	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-	POSSIBILITY OF SUCH DAMAGE.
-*/
-/* ========================================================================== */
-]]>
-	</copyright>
-	<description>Describe your package here</description>
-	<requirements>Describe your package requirements here</requirements>
-	<faq>Currently there are no FAQ items provided.</faq>
-	<name>pfblockerng{$cont_name_lower}</name>
-	<version>1.0</version>
-	<title>pfBlockerNG: {$cont}</title>
-	<include_file>/usr/local/pkg/pfblockerng/pfblockerng.inc</include_file>
-	<menu>
-		<name>pfBlockerNG: {$cont_name}</name>
-		<tooltiptext>Configure pfBlockerNG</tooltiptext>
-		<section>Firewall</section>
-		<url>pkg_edit.php?xml=pfblockerng_{$cont_name_lower}.xml&amp;id=0</url>
-	</menu>
-		<tabs>
-		<tab>
-			<text>General</text>
-			<url>/pkg_edit.php?xml=pfblockerng.xml&amp;id=0</url>
-		</tab>
-		<tab>
-			<text>Update</text>
-			<url>/pfblockerng/pfblockerng_update.php</url>
-		</tab>
-		<tab>
-			<text>Alerts</text>
-			<url>/pfblockerng/pfblockerng_alerts.php</url>
-		</tab>
-		<tab>
-			<text>Reputation</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_reputation.xml&amp;id=0</url>
-		</tab>
-		<tab>
-			<text>IPv4</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml</url>
-		</tab>
-		<tab>
-			<text>IPv6</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml</url>
-		</tab>
-		<tab>
-			<text>Top 20</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_top20.xml&amp;id=0</url>
-			{$active['top']}
-		</tab>
-		<tab>
-			<text>Africa</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_Africa.xml&amp;id=0</url>
-			{$active['Africa']}
-		</tab>
-		<tab>
-			<text>Asia</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_Asia.xml&amp;id=0</url>
-			{$active['Asia']}
-		</tab>
-		<tab>
-			<text>Europe</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_Europe.xml&amp;id=0</url>
-			{$active['Europe']}
-		</tab>
-		<tab>
-			<text>N.A.</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_NorthAmerica.xml&amp;id=0</url>
-			{$active['North America']}
-		</tab>
-		<tab>
-			<text>Oceania</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_Oceania.xml&amp;id=0</url>
-			{$active['Oceania']}
-		</tab>
-		<tab>
-			<text>S.A.</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&amp;id=0</url>
-			{$active['South America']}
-		</tab>
-		<tab>
-			<text>Logs</text>
-			<url>/pfblockerng/pfblockerng_log.php</url>
-		</tab>
-		<tab>
-			<text>Sync</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_sync.xml&amp;id=0</url>
-		</tab>
-		</tabs>
-	<fields>
-		<field>
-			<name><![CDATA[Continent {$cont}&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; (Geolite Data by MaxMind Inc. - ISO 3166)]]></name>
-			<type>listtopic</type>
-		</field>
-		<field>
-			<fielddescr>LINKS</fielddescr>
-			<fieldname>none</fieldname>
-			<description><![CDATA[<a href="/firewall_aliases.php">Firewall Alias</a> &nbsp;&nbsp;&nbsp; <a href="/firewall_rules.php">Firewall Rules</a> &nbsp;&nbsp;&nbsp; <a href="diag_logs_filter.php">Firewall Logs</a>]]>
-			</description>
-			<type>info</type>
-		</field>
-		<field>	
-			<fielddescr><![CDATA[<br><strong>IPv4</strong><br>Countries]]></fielddescr>
-			<fieldname>countries4</fieldname>
-			<description>
-			<![CDATA[Select IPv4 Countries you want to take an action on.<br>
-				<strong>Use CTRL + CLICK to unselect countries</strong>]]>
-			</description>
-			<type>select</type>
-			<options>
-			{$options4}
-			</options>
-			<size>{$ftotal4}</size>
-			<multiple/>
-		</field>
-		<field>
-			<fielddescr><![CDATA[<br><strong>IPv6</strong><br>Countries]]></fielddescr>
-			<fieldname>countries6</fieldname>
-			<description>
-			<![CDATA[Select IPv6 Countries you want to take an action on.<br>
-				<strong>Use CTRL + CLICK to unselect countries</strong>]]>
-			</description>
-			<type>select</type>
-			<options>
-			{$options6}
-			</options>
-			<size>{$ftotal6}</size>
-			<multiple/>
-		</field>
-		<field>
-			<fielddescr>List Action</fielddescr>
-			<description><![CDATA[<br>Default : <strong>Disabled</strong><br><br>
-				Select the <strong>Action</strong> for Firewall Rules on lists you have selected.<br><br>
-				<strong><u>'Disabled' Rules:</u></strong> Disables selection and does nothing to selected Alias.<br><br>
-
-				<strong><u>'Deny' Rules:</u></strong><br>
-				'Deny' rules create high priority 'block' or 'reject' rules on the stated interfaces. They don't change the 'pass' rules on other
-				interfaces. Typical uses of 'Deny' rules are:<br>
-				<ul><li><strong>Deny Both</strong> - blocks all traffic in both directions, if the source or destination IP is in the block list</li>
-				<li><strong>Deny Inbound/Deny Outbound</strong> - blocks all traffic in one direction <u>unless</u> it is part of a session started by
-				traffic sent in the other direction. Does not affect traffic in the other direction. </li>
-				<li>One way 'Deny' rules can be used to selectively block <u>unsolicited</u> incoming (new session) packets in one direction, while
-				still allowing <u>deliberate</u> outgoing sessions to be created in the other direction.</li></ul>
-				<strong><u>'Permit' Rules:</u></strong><br>
-				'Permit' rules create high priority 'pass' rules on the stated interfaces. They are not the opposite of Deny rules, and don't create
-				any 'blocking' effect anywhere. They have priority over all Deny rules. Typical uses of 'Permit' rules are:<br>
-				<ul><li><strong>To ensure</strong> that traffic to/from the listed IPs will <u>always</u> be allowed in the stated directions. They
-				override <u>almost all other</u> Firewall rules on the stated interfaces.</li>
-				<li><strong>To act as a whitelist</strong> for Deny rule exceptions, for example if a large IP range or pre-created blocklist blocks a
-				few IPs that should be accessible.</li></ul>
-				<strong><u>'Match' Rules:</u></strong><br>
-				'Match' or 'Log' only the traffic on the stated interfaces. This does not Block or Reject. It just Logs the traffic.
-				<ul><li><strong>Match Both</strong> - Matches all traffic in both directions, if the source or destination IP is in the list.</li>
-				<li><strong>Match Inbound/Match Outbound</strong> - Matches all traffic in one direction only.</ul></li>
-				<strong><u>'Alias' Rules:</u></strong><br>
-				<strong>'Alias'</strong> rules create an <a target=_new href="/firewall_aliases.php">alias</a> for the list (and do nothing else).
-				This enables a pfBlockerNG list to be used by name, in any firewall rule or pfSense function, as desired.
-				<ul><li><strong>Options &nbsp;&nbsp; - Alias Deny,&nbsp; Alias Permit,&nbsp; Alias Match,&nbsp; Alias Native</strong></li><br>
-				<li>'Alias Deny' can use De-Duplication and Reputation Processes if configured.</li><br>
-				<li>'Alias Permit' and 'Alias Match' will be saved in the Same folder as the other Permit/Match Auto-Rules</li><br>
-				<li>'Alias Native' lists are kept in their Native format without any modifications.</ul></li>
-				<strong>When using 'Alias' rules, change (pfB_) to ( pfb_ ) in the beginning of rule description and use the 'Exact' spelling of
-				the Alias (no trailing Whitespace)&nbsp;</strong> Custom 'Alias' rules with 'pfB_  xxx' description will be removed by package if
-				using Auto Rule Creation.<br><br><strong>Tip</strong>: You can create the Auto Rules and remove "<u>auto rule</u>" from the Rule
-				Descriptions, then disable Auto Rules. This method will 'KEEP' these rules from being 'Deleted' which will allow editing for a Custom
-				Alias Configuration<br>]]>
-			</description>
-			<fieldname>action</fieldname>
-			<type>select</type>
-			<options>
-				<option><name>Disabled</name><value>Disabled</value></option>
-				<option><name>Deny Inbound</name><value>Deny_Inbound</value></option>
-				<option><name>Deny Outbound</name><value>Deny_Outbound</value></option>
-				<option><name>Deny Both</name><value>Deny_Both</value></option>
-				<option><name>Permit Inbound</name><value>Permit_Inbound</value></option>
-				<option><name>Permit Outbound</name><value>Permit_Outbound</value></option>
-				<option><name>Permit Both</name><value>Permit_Both</value></option>
-				<option><name>Match Inbound</name><value>Match_Inbound</value></option>
-				<option><name>Match Outbound</name><value>Match_Outbound</value></option>
-				<option><name>Match Both</name><value>Match_Both</value></option>
-				<option><name>Alias Deny</name><value>Alias_Deny</value></option>
-				<option><name>Alias Permit</name><value>Alias_Permit</value></option>
-				<option><name>Alias Match</name><value>Alias_Match</value></option>
-				<option><name>Alias Native</name><value>Alias_Native</value></option>
-			</options>
-		</field>
-		<field>
-			<fielddescr>Enable Logging</fielddescr>
-			<fieldname>aliaslog</fieldname>
-			<description><![CDATA[Default:<strong>Enable</strong><br>
-				Select - Logging to Status: System Logs: FIREWALL ( Log )<br>
-				This can be overriden by the 'Global Logging' Option in the General Tab.]]></description>
-			<type>select</type>
-			<options>
-				<option><name>Enable</name><value>enabled</value></option>
-				<option><name>Disable</name><value>disabled</value></option>
-			</options>
-		</field>
-		<field>
-			<name><![CDATA[<ul>Click to SAVE Settings and/or Rule Edits. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Changes are Applied via CRON or
-				'Manual Update']]>
-			</name>
-			<type>listtopic</type>
-		</field>
-	</fields>
-	<custom_php_install_command>
-		pfblockerng_php_install_command();
-	</custom_php_install_command>
-	<custom_php_deinstall_command>
-		pfblockerng_php_deinstall_command();
-	</custom_php_deinstall_command>
-	<custom_php_validation_command>
-		pfblockerng_validate_input(\$_POST, \$input_errors);
-	</custom_php_validation_command>
-	<custom_php_resync_config_command>
-		global \$pfb;
-		\$pfb['save'] = TRUE;
-		sync_package_pfblockerng();
-	</custom_php_resync_config_command>
-</packagegui>
-EOF;
-
-	// Update Each Continent XML file.
-	@file_put_contents('/usr/local/pkg/pfblockerng/pfblockerng_'.$cont_name.'.xml',$xml,LOCK_EX);
-
-	}		// End foreach 'Six Continents' Update XML Process
-
-
-	// Sort Countries IPv4 Alphabetically and Build XML <option> Data for Reputation Tab (IPv6 not used by ET IQRisk)
-	sort($roptions4, SORT_STRING);
-	$eoa = count($roptions4);
-	$count = 1;
-	$options4 = "";
-
-	foreach ($roptions4 as $option4) {
-		if ($count == 1) { $et_options .= "\t" . '<option><name>' . $option4 . "\n"; $count++; continue; }
-		if ($eoa == $count) {
-			$et_options .= "\t\t\t\t" . '<option><name>' . $option4;
-		} else {
-			$et_options .= "\t\t\t\t" . '<option><name>' . $option4 . "\n";
-		}
-		$count++;
-	}
-
-
-// Update pfBlockerNG_Reputation.xml file with Country Code Changes
-
-
-$xmlrep = <<<EOF
-<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
-<packagegui>
-	<copyright>
-	<![CDATA[
-/* \$Id\$ */
-/* ========================================================================== */
-/*
-	pfBlockerNG_Reputation.xml
-
-	pfBlockerNG
-	Copyright (C) 2014 BBcan177@gmail.com
-	All rights reserved.
-
-	Based upon pfblocker for pfSense
-	Copyright (C) 2011 Marcello Coutinho
-	All rights reserved.
-
-*/
-/* ========================================================================== */
-/*
-	Redistribution and use in source and binary forms, with or without
-	modification, are permitted provided that the following conditions are met:
-
-
-	1. Redistributions of source code must retain the above copyright notice,
-	   this list of conditions and the following disclaimer.
-
-	2. Redistributions in binary form must reproduce the above copyright
-	   notice, this list of conditions and the following disclaimer in the
-	   documentation and/or other materials provided with the distribution.
-
-	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-	POSSIBILITY OF SUCH DAMAGE.
-*/
-	]]>
-	</copyright>
-	<description>Describe your package here</description>
-	<requirements>Describe your package requirements here</requirements>
-	<faq>Currently there are no FAQ items provided.</faq>
-	<name>pfblockerngreputation</name>
-	<version>1.0</version>
-	<title>pfBlockerNG: IPv4 Reputation</title>
-	<include_file>/usr/local/pkg/pfblockerng/pfblockerng.inc</include_file>
-	<menu>
-		<name>pfBlockerNG</name>
-		<tooltiptext>Configure pfblockerNG</tooltiptext>
-		<section>Firewall</section>
-		<url>pkg_edit.php?xml=pfblockerng.xml&amp;id=0</url>
-	</menu>
-	<tabs>
-		<tab>
-			<text>General</text>
-			<url>/pkg_edit.php?xml=pfblockerng.xml&amp;id=0</url>
-		</tab>
-		<tab>
-			<text>Update</text>
-			<url>/pfblockerng/pfblockerng_update.php</url>
-		</tab>
-		<tab>
-			<text>Alerts</text>
-			<url>/pfblockerng/pfblockerng_alerts.php</url>
-		</tab>
-		<tab>
-			<text>Reputation</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_reputation.xml&amp;id=0</url>
-			<active/>
-		</tab>
-		<tab>
-			<text>IPv4</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml</url>
-		</tab>
-		<tab>
-			<text>IPv6</text>
-			<url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml</url>
-		</tab>
-		<tab>
-			<text>Top 20</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_top20.xml&amp;id=0</url>
-		</tab>
-		<tab>
-			<text>Africa</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_Africa.xml&amp;id=0</url>
-		</tab>
-		<tab>
-			<text>Asia</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_Asia.xml&amp;id=0</url>
-		</tab>
-		<tab>
-			<text>Europe</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_Europe.xml&amp;id=0</url>
-		</tab>
-		<tab>
-			<text>N.A.</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_NorthAmerica.xml&amp;id=0</url>
-		</tab>
-		<tab>
-			<text>Oceania</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_Oceania.xml&amp;id=0</url>
-		</tab>
-		<tab>
-			<text>S.A.</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&amp;id=0</url>
-		</tab>
-		<tab>
-			<text>Logs</text>
-			<url>/pfblockerng/pfblockerng_log.php</url>
-		</tab>
-		<tab>
-			<text>Sync</text>
-			<url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_sync.xml&amp;id=0</url>
-		</tab>
-	</tabs>
-	<fields>
-		<field>
-			<name>IPv4 Reputation Preface</name>
-			<type>listtopic</type>
-		</field>
-		<field>
-			<fielddescr>LINKS</fielddescr>
-			<fieldname>none</fieldname>
-			<description><![CDATA[<a href="/firewall_aliases.php">Firewall Alias</a> &nbsp;&nbsp;&nbsp; <a href="/firewall_rules.php">Firewall Rules</a> &nbsp;&nbsp;&nbsp; <a href="diag_logs_filter.php">Firewall Logs</a>]]>
-			</description>
-			<type>info</type>
-		</field>
-		<field>
-			<fielddescr><![CDATA[<strong>Why Reputation Matters:</strong>]]></fielddescr>
-			<fieldname>why</fieldname>
-			<type>info</type>
-			<description><![CDATA[By Enabling '<strong>Reputation</strong>', each Blocklist will be analyzed for Repeat Offenders in each IP Range.
-				<ul>Example: &nbsp;&nbsp; x.x.x.1, x.x.x.2, x.x.x.3, x.x.x.4, x.x.x.5<br>
-				No. of <strong> Repeat Offending IPs </strong> [ &nbsp;<strong>5</strong>&nbsp; ], in a Blocklist within the same IP Range.</ul>
-				With '<strong>Reputation</strong> enabled, these 5 IPs will be removed and a single
-				<strong>x.x.x.0/24</strong> Block is used.<br>
-				This will completely Block/Reject this particular range from your Firewall.<br><br>
-				Selecting Blocklists from various Threat Sources will help to highlight Repeat Offending IP Ranges,<br>
-				Its Important to select a Broad Range of Blocklists that cover different types of Malicious Activity.<br><br>
-				You *may* experience some False Positives. Add any False Positive IPs manually to the<br>
-				<strong>pfBlockerNGSuppress Alias</strong> or use the "+" suppression Icon in the Alerts TAB<br><br>
-				To help mitigate False Positives 'Countries' can be '<strong>Excluded</strong>' from this Process. (Refer to Country Code Settings)]]>
-			</description>
-		</field>
-		<field>
-			<name>Reputation Settings:</name>
-			<type>listtopic</type>
-		</field>
-		<field>
-			<fieldname></fieldname>
-			<fielddescr><![CDATA[<br><strong>Individual List Reputation</strong><br><br>]]></fielddescr>
-			<type>info</type>
-			<description></description>
-		</field>
-		<field>
-			<fielddescr><![CDATA[Enable Max]]></fielddescr>
-			<fieldname>enable_rep</fieldname>
-			<type>checkbox</type>
-			<description><![CDATA[Enables Search for Repeat Offenders in a /24 Range on <strong>Each Individual Blocklist</strong>]]></description>
-		</field>
-		<field>
-			<fielddescr><![CDATA[&nbsp;&nbsp;&nbsp;[ <strong>Max</strong> ] Setting]]></fielddescr>
-			<fieldname>p24_max_var</fieldname>
-			<description><![CDATA[Default: <strong>5</strong><br>
-				Maximum number of Repeat Offenders allowed in a Single IP Range]]></description>
-			<type>select</type>
-			<options>
-				<option><name>5</name><value>5</value></option>
-				<option><name>10</name><value>10</value></option>
-				<option><name>15</name><value>15</value></option>
-				<option><name>20</name><value>20</value></option>
-				<option><name>25</name><value>25</value></option>
-				<option><name>50</name><value>50</value></option>
-			</options>
-		</field>
-		<field>
-			<fieldname></fieldname>
-			<fielddescr><![CDATA[<br><strong>Collective List Reputation</strong><br><br>]]></fielddescr>
-			<type>info</type>
-			<description></description>
-		</field>
-		<field>
-			<fieldname></fieldname>
-			<type>info</type>
-			<description><![CDATA[Once all Blocklists are Downloaded, these two 'additional' processes <strong>[ pMax ] and [ dMax ]</strong><br>
-				Can be used to Further analyze for Repeat Offenders.<br>
-				<ul>Analyzing All Blocklists as a Whole:</ul>
-				<ul><strong>[ pMax ]</strong> will analyze for Repeat Offenders in each IP Range but will not use the Country Exclusion.<br>
-				Default is 50 IPs in any Range. Having 50 Repeat Offenders IPs in any Range will Block the entire Range.<br><br></ul>
-				<ul><strong>[ dMax ]</strong> will analyze for Repeat Offenders in each IP Range. Country Exclusions will be applied.<br>
-				Default is 5 IPs in any Range.</ul>
-				Note: <strong>MAX</strong> performs on individual Blocklists, while <strong>pMAX / dMAX</strong>
-				perform on all Lists together.<br>]]>
-			</description>
-		</field>
-		<field>
-			<fielddescr>Enable pMAX</fielddescr>
-			<fieldname>enable_pdup</fieldname>
-			<type>checkbox</type>
-			<description><![CDATA[Enables Search for Repeat Offenders in All BlockLists, <strong>Without</strong> Country Code Exclusion]]>
-			</description>
-		</field>
-		<field>
-			<fielddescr><![CDATA[&nbsp;&nbsp;&nbsp;[ <strong>pMax</strong> ] Setting]]></fielddescr>
-			<fieldname>p24_pmax_var</fieldname>
-			<description><![CDATA[Default: <strong>50</strong><br>Maximum number of Repeat Offenders]]></description>
-			<type>select</type>
-			<options>
-				<option><name>50</name><value>50</value></option>
-				<option><name>25</name><value>25</value></option>
-				<option><name>20</name><value>20</value></option>
-				<option><name>15</name><value>15</value></option>
-				<option><name>10</name><value>10</value></option>
-				<option><name>5</name><value>5</value></option>
-			</options>
-		</field>
-		<field>
-			<fielddescr>Enable dMAX</fielddescr>
-			<fieldname>enable_dedup</fieldname>
-			<type>checkbox</type>
-			<description><![CDATA[Enables Search for Repeat Offenders in All BlockLists <strong>Using</strong> Country Code Exclusion]]>
-			</description>
-		</field>
-		<field>
-			<fielddescr><![CDATA[&nbsp;&nbsp;&nbsp;[ <strong>dMax</strong> ] Setting]]></fielddescr>
-			<fieldname>p24_dmax_var</fieldname>
-			<description><![CDATA[Default: <strong>5</strong><br>
-				Maximum number of Repeat Offenders]]></description>
-			<type>select</type>
-			<options>
-				<option><name>5</name><value>5</value></option>
-				<option><name>10</name><value>10</value></option>
-				<option><name>15</name><value>15</value></option>
-				<option><name>20</name><value>20</value></option>
-				<option><name>25</name><value>25</value></option>
-				<option><name>50</name><value>50</value></option>
-			</options>
-		</field>
-		<field>
-			<name>Country Code Settings</name>
-			<type>listtopic</type>
-		</field>
-		<field>
-			<fieldname>INFO</fieldname>
-			<type>info</type>
-			<description><![CDATA[When performing Queries for Repeat Offenders, you can choose to <strong>ignore</strong> Repeat Offenders in select
-				Countries. The Original Blocklisted IPs remain intact. All other Repeat Offending Country Ranges will be processed.<br><br>
-				Define Repeat Offending Ranges [ <strong>Action</strong> ] Available settings are:<br>
-				<ul><strong>Ignore</strong>: Repeat Offenders that are in the 'ccwhite' category will be 'Ignored' (Default)</ul>
-				<ul><strong>Block:</strong> Repeat Offenders are set to Block the entire Repeat Offending Range(s)</ul>
-				<ul><strong>Match:</strong> Repeat Offenders are added to a 'Match' List which can be used in a Floating Match Rule<br>
-				Selecting 'Match' will consume more processing time, so only select this option if you enable Rules for it.</ul>
-				'<strong>ccwhite</strong>' are Countries that are Selected to be excluded from the Repeat Offenders Search.<br>
-				'<strong>ccblack</strong>' are all other Countries that are not selected.<br><br>
-				To use '<strong>Match</strong>' Lists, Create a new 'Alias'
-				and select one of the <strong>Action 'Match'</strong> Formats and<br> enter the 'Localfile' as:
-				<ul>/var/db/pfblockerng/match/matchdedup.txt</ul>]]>
-			</description>
-		</field>
-		<field>
-			<fielddescr>ccwhite Action:</fielddescr>
-			<fieldname>ccwhite</fieldname>
-			<description><![CDATA[Default: <strong>Ignore</strong><br>
-				Select the 'Action' format for ccwhite]]>
-			</description>
-			<type>select</type>
-			<options>
-				<option><name>Ignore</name><value>ignore</value></option>
-				<option><name>Match</name><value>match</value></option>
-			</options>
-		</field>
-		<field>
-			<fielddescr>ccblack Action:</fielddescr>
-			<fieldname>ccblack</fieldname>
-			<description><![CDATA[Default: <strong>Block</strong><br>
-				Select the 'Action' format for ccblack]]>
-			</description>
-			<type>select</type>
-			<options>
-				<option><name>Block</name><value>block</value></option>
-				<option><name>Match</name><value>match</value></option>
-			</options>
-		</field>
-		<field>
-			<fielddescr><![CDATA[<br><strong>IPv4</strong><br>Country Exclusion<br>
-				<br>Geolite Data by:<br>MaxMind Inc.&nbsp;&nbsp;(ISO 3166)]]></fielddescr>
-			<fieldname>ccexclude</fieldname>
-			<description>
-				<![CDATA[Select Countries you want to <strong>Exclude</strong> from the Reputation Process.<br>
-				<strong>Use CTRL + CLICK to unselect countries</strong>]]>
-			</description>
-			<type>select</type>
-			<options>
-			{$et_options}
-			</options>
-			<size>20</size>
-			<multiple/>
-		</field>
-		<field>
-			<name>Emerging Threats IQRISK IPv4 Reputation</name>
-			<type>listtopic</type>
-		</field>
-		<field>
-			<fielddescr>Subscription Pro. Blocklist</fielddescr>
-			<fieldname>ETINFO</fieldname>
-			<type>info</type>
-			<description><![CDATA[<strong>Emerging Threats IQRisk</strong> is a Subscription Professional Reputation List.<br><br>
-					ET IQRisk Blocklist must be entered in the Lists Tab using the following example:
-					<ul>https://rules.emergingthreatspro.com/XXXXXXXXXXXXXXXX/reputation/iprepdata.txt.gz</ul>
-					Select the <strong>ET IQRisk'</strong> format. The URL should use the .gz File Type.<br>
-					Enter your "ETPRO" code in URL. Further information can be found @
-					<a target=_new href='http://emergingthreats.net/solutions/iqrisk-suite/'>ET IQRisk IP Reputation</a><br><br>
-					To use <strong>'Match'</strong> Lists, Create a new 'Alias' and select one of the <strong>
-					Action 'Match'</strong> Formats and <br>
-					enter the 'Localfile' as: <ul>/var/db/pfblockerng/match/ETMatch.txt</ul>
-					ET IQRisk Individual Match Lists can be found in the following folder:<br>
-					<ul>/var/db/pfblockerng/ET</ul> ]]>
-			</description>
-		</field>
-		<field>
-			<fielddescr>ET IQRisk Header Name</fielddescr>
-			<fieldname>et_header</fieldname>
-			<type>input</type>
-			<description><![CDATA[Enter the 'Header Name' referenced in the IPv4 List TAB for ET IQRisk IPRep.<br>
-				This will be used to improve the Alerts TAB reporting for ET IPRep.]]>
-			</description>
-		</field>
-		<field>
-			<fielddescr>ET IQRISK BLOCK LISTS</fielddescr>
-			<fieldname>etblock</fieldname>
-			<description>
-				<![CDATA[Select Lists you want to BLOCK.<br>
-				<strong>Use CTRL + CLICK to unselect Categories</strong>
-				<br><br>Any Changes will take effect at the Next Scheduled CRON Task]]>
-			</description>
-			<type>select</type>
-			<options>
-				<option><name>ET CNC</name><value>ET_Cnc</value></option>
-				<option><name>ET BOT</name><value>ET_Bot</value></option>
-				<option><name>ET SPAM</name><value>ET_Spam</value></option>
-				<option><name>ET DROP</name><value>ET_Drop</value></option>
-				<option><name>ET Spyware CNC</name><value>ET_Spywarecnc</value></option>
-				<option><name>ET Online Gaming</name><value>ET_Onlinegaming</value></option>
-				<option><name>ET DrivebySRC</name><value>ET_Drivebysrc</value></option>
-				<option><name>ET Chat Server</name><value>ET_Chatserver</value></option>
-				<option><name>ET TOR Node</name><value>ET_Tornode</value></option>
-				<option><name>ET Compromised</name><value>ET_Compromised</value></option>
-				<option><name>ET P2P</name><value>ET_P2P</value></option>
-				<option><name>ET Proxy</name><value>ET_Proxy</value></option>
-				<option><name>ET IP Check</name><value>ET_Ipcheck</value></option>
-				<option><name>ET Utility</name><value>ET_Utility</value></option>
-				<option><name>ET DOS</name><value>ET_DDos</value></option>
-				<option><name>ET Scanner</name><value>ET_Scanner</value></option>
-				<option><name>ET Brute</name><value>ET_Brute</value></option>
-				<option><name>ET Fake AV</name><value>ET_Fakeav</value></option>
-				<option><name>ET DYN DNS</name><value>ET_Dyndns</value></option>
-				<option><name>ET Undersireable</name><value>ET_Undesireable</value></option>
-				<option><name>ET Abuse TLD</name><value>ET_Abusedtld</value></option>
-				<option><name>ET SelfSigned SSL</name><value>ET_Selfsignedssl</value></option>
-				<option><name>ET Blackhole</name><value>ET_Blackhole</value></option>
-				<option><name>ET RAS</name><value>ET_RAS</value></option>
-				<option><name>ET P2P CNC</name><value>ET_P2Pcnc</value></option>
-				<option><name>ET Shared Hosting</name><value>ET_Sharedhosting</value></option>
-				<option><name>ET Parking</name><value>ET_Parking</value></option>
-				<option><name>ET VPN</name><value>ET_VPN</value></option>
-				<option><name>ET EXE Source</name><value>ET_Exesource</value></option>
-				<option><name>ET Mobile CNC</name><value>ET_Mobilecnc</value></option>
-				<option><name>ET Mobile Spyware</name><value>ET_Mobilespyware</value></option>
-				<option><name>ET Skype Node</name><value>ET_Skypenode</value></option>
-				<option><name>ET Bitcoin</name><value>ET_Bitcoin</value></option>
-				<option><name>ET DOS Attack</name><value>ET_DDosattack</value></option>
-				<option><name>Unknown</name><value>ET_Unknown</value></option>
-			</options>
-			<size>35</size>
-			<multiple/>
-		</field>
-		<field>
-			<fielddescr>ET IQRISK Match LISTS</fielddescr>
-			<fieldname>etmatch</fieldname>
-			<description>
-				<![CDATA[Select Lists you want to MATCH.<br>
-				<strong>Use CTRL + CLICK to unselect Categories</strong>
-				<br><br>Any Changes will take effect at the Next Scheduled CRON Task]]>
-			</description>
-			<type>select</type>
-			<options>
-				<option><name>ET CNC</name><value>ET_Cnc</value></option>
-				<option><name>ET BOT</name><value>ET_Bot</value></option>
-				<option><name>ET SPAM</name><value>ET_Spam</value></option>
-				<option><name>ET DROP</name><value>ET_Drop</value></option>
-				<option><name>ET Spyware CNC</name><value>ET_Spywarecnc</value></option>
-				<option><name>ET Online Gaming</name><value>ET_Onlinegaming</value></option>
-				<option><name>ET DrivebySRC</name><value>ET_Drivebysrc</value></option>
-				<option><name>ET Chat Server</name><value>ET_Chatserver</value></option>
-				<option><name>ET TOR Node</name><value>ET_Tornode</value></option>
-				<option><name>ET Compromised</name><value>ET_Compromised</value></option>
-				<option><name>ET P2P</name><value>ET_P2P</value></option>
-				<option><name>ET Proxy</name><value>ET_Proxy</value></option>
-				<option><name>ET IP Check</name><value>ET_Ipcheck</value></option>
-				<option><name>ET Utility</name><value>ET_Utility</value></option>
-				<option><name>ET DOS</name><value>ET_DDos</value></option>
-				<option><name>ET Scanner</name><value>ET_Scanner</value></option>
-				<option><name>ET Brute</name><value>ET_Brute</value></option>
-				<option><name>ET Fake AV</name><value>ET_Fakeav</value></option>
-				<option><name>ET DYN DNS</name><value>ET_Dyndns</value></option>
-				<option><name>ET Undersireable</name><value>ET_Undesireable</value></option>
-				<option><name>ET Abuse TLD</name><value>ET_Abusedtld</value></option>
-				<option><name>ET SelfSigned SSL</name><value>ET_Selfsignedssl</value></option>
-				<option><name>ET Blackhole</name><value>ET_Blackhole</value></option>
-				<option><name>ET RAS</name><value>ET_RAS</value></option>
-				<option><name>ET P2P CNC</name><value>ET_P2Pcnc</value></option>
-				<option><name>ET Shared Hosting</name><value>ET_Sharedhosting</value></option>
-				<option><name>ET Parking</name><value>ET_Parking</value></option>
-				<option><name>ET VPN</name><value>ET_VPN</value></option>
-				<option><name>ET EXE Source</name><value>ET_Exesource</value></option>
-				<option><name>ET Mobile CNC</name><value>ET_Mobilecnc</value></option>
-				<option><name>ET Mobile Spyware</name><value>ET_Mobilespyware</value></option>
-				<option><name>ET Skype Node</name><value>ET_Skypenode</value></option>
-				<option><name>ET Bitcoin</name><value>ET_Bitcoin</value></option>
-				<option><name>ET DOS Attack</name><value>ET_DDosattack</value></option>
-				<option><name>Unknown</name><value>ET_Unknown</value></option>
-			</options>
-			<size>35</size>
-			<multiple/>
-		</field>
-		<field>
-			<fielddescr>Update ET Categories</fielddescr>
-			<fieldname>et_update</fieldname>
-			<description><![CDATA[Default:<strong>Disable</strong><br>
-				Select - Enable ET Update if Category Changes are Made.<br>
-				You can perform a 'Manual Update' to enable these changes.<br>
-				Cron will also resync this list at the next Scheduled Update.]]>
-			</description>
-			<type>select</type>
-			<options>
-				<option><name>Disable</name><value>disabled</value></option>
-				<option><name>Enable</name><value>enabled</value></option>
-			</options>
-		</field>
-		<field>
-			<name><![CDATA[<ul>Click to SAVE Settings and/or Rule Edits. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Changes are Applied via CRON or
-				'Manual Update'</ul>]]></name>
-			<type>listtopic</type>
-		</field>
-	</fields>
-	<custom_php_install_command>
-		pfblockerng_php_install_command();
-	</custom_php_install_command>
-	<custom_php_deinstall_command>
-		pfblockerng_php_deinstall_command();
-	</custom_php_deinstall_command>
-	<custom_php_validation_command>
-		pfblockerng_validate_input(\$_POST, \$input_errors);
-	</custom_php_validation_command>
-	<custom_php_resync_config_command>
-		global \$pfb;
-		\$pfb['save'] = TRUE;
-		sync_package_pfblockerng();
-	</custom_php_resync_config_command>
-</packagegui>
-EOF;
-	# Unset Arrays
-	unset ($options4, $options6, $et_options);
-
-	$log = "Saving pfBlockerNG Reputation TAB \n";
-	print $log;
-	pfb_logger("{$log}","3");
-
-	// Save pfBlockerng_reputation.xml file
-	@file_put_contents('/usr/local/pkg/pfblockerng/pfblockerng_reputation.xml',$xmlrep,LOCK_EX);
-	$log = "\n Country Code - XML File Update completed.\n";
-	print $log;
-	pfb_logger("{$log}","3");
-
-	$now = date("m/d/y G.i:s", time());
-	$log = "Country Code Update Ended - [ NOW ]\n";
-	print "Country Code Update Ended - [ $now ]\n";
-	pfb_logger("{$log}","3");
-}
-?>
\ No newline at end of file
-- 
cgit v1.2.3