From a68f5263bc92a88f92d97ddbdffb49f51514e075 Mon Sep 17 00:00:00 2001 From: BBcan177 Date: Sun, 30 Nov 2014 20:15:36 -0500 Subject: Revert "pfBlockerNG Beta v0.99" This reverts commit b3ce3bde07750e25fabca14faf18c0e5f0eb74dc. --- config/pfblockerng/pfblockerng_top20.xml | 290 ------------------------------- 1 file changed, 290 deletions(-) delete mode 100644 config/pfblockerng/pfblockerng_top20.xml (limited to 'config/pfblockerng/pfblockerng_top20.xml') diff --git a/config/pfblockerng/pfblockerng_top20.xml b/config/pfblockerng/pfblockerng_top20.xml deleted file mode 100644 index 1f959dd6..00000000 --- a/config/pfblockerng/pfblockerng_top20.xml +++ /dev/null @@ -1,290 +0,0 @@ - - - - - - - - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. - pfblockerngtopspammers - 1.0 - pfBlockerNG: Top 20 Spammer Countries - /usr/local/pkg/pfblockerng/pfblockerng.inc - - pfBlockerNG - Configure pfblockerNG -
Firewall
- pkg_edit.php?xml=pfblockerng.xml&id=0 - - - - General - /pkg_edit.php?xml=pfblockerng.xml&id=0 - - - Update - /pfblockerng/pfblockerng_update.php - - - Alerts - /pfblockerng/pfblockerng_alerts.php - - - Reputation - /pkg_edit.php?xml=/pfblockerng/pfblockerng_reputation.xml&id=0 - - - IPv4 - /pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml - - - IPv6 - /pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml - - - Top 20 - /pkg_edit.php?xml=/pfblockerng/pfblockerng_top20.xml&id=0 - - - - Africa - /pkg_edit.php?xml=/pfblockerng/pfblockerng_Africa.xml&id=0 - - - Asia - /pkg_edit.php?xml=/pfblockerng/pfblockerng_Asia.xml&id=0 - - - Europe - /pkg_edit.php?xml=/pfblockerng/pfblockerng_Europe.xml&id=0 - - - N.A. - /pkg_edit.php?xml=/pfblockerng/pfblockerng_NorthAmerica.xml&id=0 - - - Oceania - /pkg_edit.php?xml=/pfblockerng/pfblockerng_Oceania.xml&id=0 - - - S.A. - /pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&id=0 - - - Logs - /pfblockerng/pfblockerng_log.php - - - Sync - /pkg_edit.php?xml=/pfblockerng/pfblockerng_sync.xml&id=0 - - - - - - listtopic - - - LINKS - none - Firewall Alias     Firewall Rules     Firewall Logs]]> - - info - - - Top 20 IPv4
Spammer Countries]]> - countries4 - - - Use CTRL + CLICK to unselect countries]]> - - select - - - - - - - - - - - - - - - - - - - - - - - 20 - - - - Top 20 IPv6
Spammer Countries]]> - countries6 - - - Use CTRL + CLICK to unselect countries]]> - - select - - - - - - - - - - - - - - - - - - - - - - - 20 - - - - List Action - Default : Disabled

- Select the Action for Firewall Rules on lists you have selected.

- 'Disabled' Rules: Disables selection and does nothing to selected Alias.

- - 'Deny' Rules:
- 'Deny' rules create high priority 'block' or 'reject' rules on the stated interfaces. They don't change the 'pass' rules on other - interfaces. Typical uses of 'Deny' rules are:
-
  • Deny Both - blocks all traffic in both directions, if the source or destination IP is in the block list
    • -
  • Deny Inbound/Deny Outbound - blocks all traffic in one direction unless it is part of a session started by - traffic sent in the other direction. Does not affect traffic in the other direction.
    • -
  • One way 'Deny' rules can be used to selectively block unsolicited incoming (new session) packets in one direction, while - still allowing deliberate outgoing sessions to be created in the other direction.
- 'Permit' Rules:
- 'Permit' rules create high priority 'pass' rules on the stated interfaces. They are not the opposite of Deny rules, and don't create - any 'blocking' effect anywhere. They have priority over all Deny rules. Typical uses of 'Permit' rules are:
-
  • To ensure that traffic to/from the listed IPs will always be allowed in the stated directions. They - override almost all other Firewall rules on the stated interfaces.
    • -
  • To act as a whitelist for Deny rule exceptions, for example if a large IP range or pre-created blocklist blocks a - few IPs that should be accessible.
- 'Match' Rules:
- 'Match' or 'Log' only the traffic on the stated interfaces. This does not Block or Reject. It just Logs the traffic. -
  • Match Both - Matches all traffic in both directions, if the source or destination IP is in the list.
    • -
  • Match Inbound/Match Outbound - Matches all traffic in one direction only.
- 'Alias' Rules:
- 'Alias' rules create an alias for the list (and do nothing else). - This enables a pfBlockerNG list to be used by name, in any firewall rule or pfSense function, as desired. -
  • Options    - Alias Deny,  Alias Permit,  Alias Match,  Alias Native

    • -
  • 'Alias Deny' can use De-Duplication and Reputation Processes if configured.

    • -
  • 'Alias Permit' and 'Alias Match' will be saved in the Same folder as the other Permit/Match Auto-Rules

    • -
  • 'Alias Native' lists are kept in their Native format without any modifications.
- When using 'Alias' rules, change (pfB_) to ( pfb_ ) in the beginning of rule description and Use the 'Exact' spelling of - the Alias (no trailing Whitespace)  Custom 'Alias' rules with 'pfB_ xxx' description will be removed by package if - using Auto Rule Creation.

Tip: You can create the Auto Rules and remove "auto rule" from the Rule - Descriptions, then disable Auto Rules. This method will 'KEEP' these rules from being 'Deleted' which will allow editing for a Custom - Alias Configuration
]]> - - action - select - - - - - - - - - - - - - - - - - - Enable Logging - aliaslog - Enable
- Select - Logging to Status: System Logs: FIREWALL ( Log )]]> - - select - - - - - - - Click to SAVE Settings and/or Rule Edits.       Changes are Applied via CRON or - 'Manual Update']]> - listtopic - - - - pfblockerng_php_install_command(); - - - pfblockerng_php_deinstall_command(); - - - pfblockerng_validate_input($_POST, $input_errors); - - - global $pfb; - $pfb['save'] = TRUE; - sync_package_pfblockerng(); - - \ No newline at end of file -- cgit v1.2.3