From e4317adb0ef5ce25e57008f917bdcd6a11a83ba5 Mon Sep 17 00:00:00 2001 From: BBcan177 Date: Sun, 20 Mar 2016 22:40:55 -0400 Subject: Update pfblockerng_top20.xml * Implement 'Advanced Outbound Firewall Rules' customization options --- config/pfblockerng/pfblockerng_top20.xml | 146 +++++++++++++++++++++++++++---- 1 file changed, 131 insertions(+), 15 deletions(-) (limited to 'config') diff --git a/config/pfblockerng/pfblockerng_top20.xml b/config/pfblockerng/pfblockerng_top20.xml index ed3354f1..98e385aa 100644 --- a/config/pfblockerng/pfblockerng_top20.xml +++ b/config/pfblockerng/pfblockerng_top20.xml @@ -303,26 +303,32 @@ info - Note: In general, Auto-Rules are created as follows:
-
    Inbound  - 'any' port, 'any' protocol and 'any' destination
    - Outbound - 'any' port, 'any' protocol and 'any' destination address in the lists
- Configuring the Adv. Inbound Rule settings, will allow for more customization of the Inbound Auto-Rules.
- Select the pfSense 'Port' and/or 'Destination' Alias below:]]> + Note:  In general, Auto-Rules are created as follows:
+
    Inbound  - 'any' port, 'any' protocol, 'any' destination and 'any' gateway
+ Configuring the Adv. Inbound Rule settings, will allow for more customization of the Inbound Auto-Rules.]]>
- autoports + Invert Source + autoaddrnot_in + Invert - Option to invert the sense of the match. + ie - Not (!) Source Address(es)]]> + + checkbox + + Enable Custom Port + autoports_in checkbox - aliasports + aliasports_in begin Define Alias - aliasports + aliasports_in Click Here to add/edit Aliases - Do not manually enter port numbers.
Do not use 'pfB_' in the Port Alias name.]]> + Do not manually enter port numbers.
Do not use 'pfB_' in the Port Alias name.]]>
21 aliases @@ -332,17 +338,17 @@ end
- autodest Enable Custom Destination + autoaddr_in checkbox - aliasdest,autonot + aliasaddr_in,autonot_in begin - aliasdest + aliasaddr_in Click Here to add/edit Aliases - Do not manually enter Addresses(es).
Do not use 'pfB_' in the 'IP Network Type' Alias name.]]> + Do not manually enter Addresses(es).
Do not use 'pfB_' in the 'IP Network Type' Alias name.]]>
21 aliases @@ -353,7 +359,7 @@
Invert - autonot + autonot_in Invert - Option to invert the sense of the match.
ie - Not (!) Destination Address(es)]]>
@@ -364,7 +370,7 @@
Custom Protocol - autoproto + autoproto_in Default: any
Select the Protocol used for Inbound Firewall Rule(s).
Do not use 'any' with Adv. Inbound Rules as it will bypass these settings!]]>
select @@ -377,6 +383,116 @@ 4
+ + Custom Gateway + agateway_in + + 1 + select_source + + name + name + default + default + + + Advanced Outbound Firewall Rule Settings + listtopic + + + info + Note:  In general, Auto-Rules are created as follows:
+
    Outbound  - 'any' port, 'any' protocol, 'any' destination and 'any' gateway
+ Configuring the Adv. Outbound Rule settings, will allow for more customization of the Outbound Auto-Rules.]]> +
+
+ + Invert Destination + autoaddrnot_out + Invert - Option to invert the sense of the match. + ie - Not (!) Destination Address(es)]]> + + checkbox + + + Enable Custom Port + autoports_out + checkbox + aliasports_out + + begin + + + Define Alias + aliasports_out + Click Here to add/edit Aliases + Do not manually enter port numbers.
Do not use 'pfB_' in the Port Alias name.]]> +
+ 21 + aliases + port + + + end +
+ + Enable Custom Source + autoaddr_out + checkbox + aliasaddr_out,autonot_out + + begin + + + aliasaddr_out + Click Here to add/edit Aliases + Do not manually enter Addresses(es).
Do not use 'pfB_' in the 'IP Network Type' Alias name.]]> +
+ 21 + aliases + network + + + +
+ + Invert + autonot_out + Invert - Option to invert the sense of the match.
+ ie - Not (!) Destination Address(es)]]> +
+ checkbox + + + end +
+ + Custom Protocol + autoproto_out + Default: any
Select the Protocol used for Outbound Firewall Rule(s).
+ Do not use 'any' with Adv. Outbound Rules as it will bypass these settings!]]>
+ select + + + + + + + 4 + +
+ + Custom Gateway + agateway_out + + 1 + select_source + + name + name + default + default + Click to SAVE Settings and/or Rule Edits.   Changes are Applied via CRON or 'Force Update']]> -- cgit v1.2.3