From a68f5263bc92a88f92d97ddbdffb49f51514e075 Mon Sep 17 00:00:00 2001 From: BBcan177 Date: Sun, 30 Nov 2014 20:15:36 -0500 Subject: Revert "pfBlockerNG Beta v0.99" This reverts commit b3ce3bde07750e25fabca14faf18c0e5f0eb74dc. --- config/pfblockerng/pfblockerng_v4lists.xml | 414 ----------------------------- 1 file changed, 414 deletions(-) delete mode 100644 config/pfblockerng/pfblockerng_v4lists.xml (limited to 'config/pfblockerng/pfblockerng_v4lists.xml') diff --git a/config/pfblockerng/pfblockerng_v4lists.xml b/config/pfblockerng/pfblockerng_v4lists.xml deleted file mode 100644 index 66611c27..00000000 --- a/config/pfblockerng/pfblockerng_v4lists.xml +++ /dev/null @@ -1,414 +0,0 @@ - - - - - - - All rights reserved. -*/ -/* ========================================================================== */ -/* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ -/* ========================================================================== */ - ]]> - - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. - pfblockernglistsv4 - 1.0 - pfBlockerNG: IPv4 Alias/List Configuration - /usr/local/pkg/pfblockerng/pfblockerng.inc - - pfBlockerNG - -
Firewall
- pfblockerng_v4lists.xml - - - - General - /pkg_edit.php?xml=pfblockerng.xml&id=0 - - - - Update - /pfblockerng/pfblockerng_update.php - - - Alerts - /pfblockerng/pfblockerng_alerts.php - - - Reputation - /pkg_edit.php?xml=/pfblockerng/pfblockerng_reputation.xml&id=0 - - - IPv4 - /pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml - - - - IPv6 - /pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml - - - Top 20 - /pkg_edit.php?xml=/pfblockerng/pfblockerng_top20.xml&id=0 - - - Africa - /pkg_edit.php?xml=/pfblockerng/pfblockerng_Africa.xml&id=0 - - - Asia - /pkg_edit.php?xml=/pfblockerng/pfblockerng_Asia.xml&id=0 - - - Europe - /pkg_edit.php?xml=/pfblockerng/pfblockerng_Europe.xml&id=0 - - - N.A. - /pkg_edit.php?xml=/pfblockerng/pfblockerng_NorthAmerica.xml&id=0 - - - Oceania - /pkg_edit.php?xml=/pfblockerng/pfblockerng_Oceania.xml&id=0 - - - S.A. - /pkg_edit.php?xml=/pfblockerng/pfblockerng_SouthAmerica.xml&id=0 - - - Logs - /pfblockerng/pfblockerng_log.php - - - Sync - /pkg_edit.php?xml=/pfblockerng/pfblockerng_sync.xml&id=0 - - - - - Alias Name - aliasname - - - Alias Description - description - - - Action - action - - - Frequency - cron - - - Logging - aliaslog - - - - - - listtopic - - - LINKS - none - Firewall Alias     Firewall Rules     Firewall Logs]]> - - info - - - Alias Name - aliasname - - Example: Badguys
- Do not include 'pfBlocker' or 'pfB_' in the Alias Name, it's done by package.
- International, special or space characters will be ignored in firewall alias names. -
]]> - - input - 20 - - - List Description - description - input - 90 - - - InfoLists - info - 'Format' : Select the Format Type

- 'URL' : Add direct link to list: - Example: Ads, - Spyware, - Proxies )

- 'pfSense Local File' Format :

-   http(s)://127.0.0.1/NAME_OF_FILE   or   - /usr/local/www/NAME_OF_FILE    (Files can also be placed in the /var/db/pfblockerng folders)

- - 'Header' : Enter the 'Header' Field it must be Unique, it will - name the Blocklist File and it will be referenced in the pfBlocker Widget. - Use a Unique Prefix per 'Alias Category' followed by a unique descriptor for each Blocklist.

]]> - - - - IPv4 Lists]]> - none - 'Format' - Choose the file format that URL will retrieve.
- -
  • 'txt' Plain txt Lists

    • -
  • 'gz' - IBlock GZ Lists in Range Format only.

    • -
  • 'gz_2' - Other GZ Lists in IP or CIDR only.

    • -
  • 'gz_lg' - Large IBlock GZ Lists in Range Format only.

    • -
  • 'zip' - ZIP'd Lists

    • -
  • 'block'- IP x.x.x.0 Block type

    • -
  • 'html' - Web Links

    • -
  • 'xlsx' - Excel Lists

    • -
  • 'rsync' - RSync Lists

    • -
  • 'ET IQRisk'- Only

    • -
  • 'SKIP' - This format can be used to 'Disable' an Individual List.

    • -
  • 'HOLD' - Once a List has been Downloaded, you can change to 'HOLD' to keep this list Static.
- - Note:
- Downloaded or pfsense local file must have only one network per line and follows the syntax below:
- Network ranges: 172.16.1.0-172.16.1.255
- IP Address: 172.16.1.10
- CIDR: 172.16.1.0/24

]]> - - rowhelper - - - Format - format - select - - - - - - - - - - - - - - - - - URL or pfSense local file - url - input - 75 - - - Header - header - input - 15 - - - - - List Action - Default : Disabled

- Select the Action for Firewall Rules on lists you have selected.

- 'Disabled' Rules: Disables selection and does nothing to selected Alias.

- - 'Deny' Rules:
- 'Deny' rules create high priority 'block' or 'reject' rules on the stated interfaces. They don't change the 'pass' rules on other - interfaces. Typical uses of 'Deny' rules are:
-
  • Deny Both - blocks all traffic in both directions, if the source or destination IP is in the block list
    • -
  • Deny Inbound/Deny Outbound - blocks all traffic in one direction unless it is part of a session started by - traffic sent in the other direction. Does not affect traffic in the other direction.
    • -
  • One way 'Deny' rules can be used to selectively block unsolicited incoming (new session) packets in one direction, while - still allowing deliberate outgoing sessions to be created in the other direction.
- 'Permit' Rules:
- 'Permit' rules create high priority 'pass' rules on the stated interfaces. They are not the opposite of Deny rules, and don't create - any 'blocking' effect anywhere. They have priority over all Deny rules. Typical uses of 'Permit' rules are:
-
  • To ensure that traffic to/from the listed IPs will always be allowed in the stated directions. They - override almost all other Firewall rules on the stated interfaces.
    • -
  • To act as a whitelist for Deny rule exceptions, for example if a large IP range or pre-created blocklist blocks a - few IPs that should be accessible.
- 'Match' Rules:
- 'Match' or 'Log' only the traffic on the stated interfaces. This does not Block or Reject. It just Logs the traffic. -
  • Match Both - Matches all traffic in both directions, if the source or destination IP is in the list.
    • -
  • Match Inbound/Match Outbound - Matches all traffic in one direction only.
- 'Alias' Rules:
- 'Alias' rules create an alias for the list (and do nothing else). - This enables a pfBlockerNG list to be used by name, in any firewall rule or pfSense function, as desired. -
  • Options    - Alias Deny,  Alias Permit,  Alias Match,  Alias Native

    • -
  • 'Alias Deny' can use De-Duplication and Reputation Processes if configured.

    • -
  • 'Alias Permit' and 'Alias Match' will be saved in the Same folder as the other Permit/Match Auto-Rules

    • -
  • 'Alias Native' lists are kept in their Native format without any modifications.
- When using 'Alias' rules, change (pfB_) to ( pfb_ ) in the beginning of rule description and Use the 'Exact' spelling of - the Alias (no trailing Whitespace)  Custom 'Alias' rules with 'pfB_ xxx' description will be removed by package if - using Auto Rule Creation.

Tip: You can create the Auto Rules and remove "auto rule" from the Rule - Descriptions, then disable Auto Rules. This method will 'KEEP' these rules from being 'Deleted' which will allow editing for a Custom - Alias Configuration
]]> - - action - select - - - - - - - - - - - - - - - - - - - Update Frequency - cron - Never
- Select how often List files will be downloaded]]> - select - - - - - - - - - - - - - - - Weekly (Day of Week) - dow - 1
- Select the 'Weekly' ( Day of the Week ) to Update
- This is only required for the 'Weekly' Frequency Selection. The 24 Hour Download 'Time' will be used.]]> - - select - - - - - - - - - - - - Enable Logging - aliaslog - Enable
- Select - Logging to Status: System Logs: FIREWALL ( Log )
- This can be overriden by the 'Global Logging' Option in the General Tab.]]> - - select - - - - - - - IPv4 Custom list - listtopic - - - IPv4 Custom Address(es) - custom - - Follow the syntax below:

- Network ranges: 172.16.1.0-172.16.1.255
- IP Address: 172.16.1.10
- CIDR: 172.16.1.0/24

- You may use "#" after any IP/CIDR/Range to add comments. ie: x.x.x.x # Safe IP Address]]> - - textarea - 50 - 10 - base64 - - - Update Custom List - custom_update - Disable
- select - Enable Update if changes are made to this List. Cron will also resync this list at the next Scheduled Update.]]> - - select - - - - - - - Click to SAVE Settings and/or Rule Edits.       Changes are Applied via CRON or - 'Manual Update']]> - listtopic - - - - pfblockerng_php_install_command(); - - - pfblockerng_php_deinstall_command(); - - - pfblockerng_validate_input($_POST, $input_errors); - - - global $pfb; - $pfb['save'] = TRUE; - sync_package_pfblockerng(); - - \ No newline at end of file -- cgit v1.2.3