"; $pfb['up'] = "

Rules are Defined using this Alias (# of fw rules defined)

"; $pfb['err'] = "

"; // Alternating line shading $pfb['RowOddClass'] = "style='background-color: #FFFFFF;'"; $pfb['RowEvenClass'] = "style='background-color: #F0F0F0;'"; $pfb['RowEvenClass2'] = "style='background-color: #D0D0D0;'"; $pfb['ColClass'] = 'listMRr'; // Widget customizations $wglobal_array = array('popup' => 'off', 'sortcolumn' => 'none', 'sortdir' => 'asc', 'maxfails' => 3, 'maxpivot' => 200); $pfb['wglobal'] = &$config['installedpackages']['pfblockerngglobal']; foreach ($wglobal_array as $type => $value) { $pfb[$type] = $pfb['wglobal']['widget-' . "{$type}"] ?: $value; } // Save widget customizations if (isset($_POST['pfb_submit'])) { $pfb['wglobal']['widget-popup'] = htmlspecialchars($_POST['pfb_popup']) ?: 'off'; $pfb['wglobal']['widget-sortcolumn'] = htmlspecialchars($_POST['pfb_sortcolumn']) ?: 'none'; $pfb['wglobal']['widget-sortdir'] = htmlspecialchars($_POST['pfb_sortdir']) ?: 'asc'; if (ctype_digit(htmlspecialchars($_POST['pfb_maxfails']))) { $pfb['wglobal']['widget-maxfails'] = htmlspecialchars($_POST['pfb_maxfails']); } if (ctype_digit(htmlspecialchars($_POST['pfb_maxpivot']))) { $pfb['wglobal']['widget-maxpivot'] = htmlspecialchars($_POST['pfb_maxpivot']); } write_config('pfBlockerNG: Saved Widget customizations via Dashboard'); header('Location: ../../index.php'); } // Ackwnowlege failed downloads if (isset($_POST['pfblockerngack'])) { exec("{$pfb['sed']} -i '' 's/FAIL/Fail/g' {$pfb['errlog']}"); header('Location: ../../index.php'); } // Called by Ajax to update table contents if (isset($_GET['getNewCounts'])) { pfBlockerNG_get_table('js'); return; } // Reset DNSBL Alias packet counters if (isset($_POST['pfblockerngdnsblclear'])) { $dnsbl_info = array_map('str_getcsv', @file("{$pfb['dnsbl_info']}")); if (!empty ($dnsbl_info)) { $handle = fopen("{$pfb['dnsbl_info']}", 'w'); foreach ($dnsbl_info as $line) { if (substr($line[0], 0, 1) != '#') { $line[3] = '0'; } fputcsv($handle, $line); } fclose ($handle); } header('Location: ../../index.php'); } // Sort widget table according to user configuration function pfbsort(&$array, $subkey='id', $sort_ascending=FALSE) { if (empty($array)) { return; } if (count($array)) { $temp_array[key($array)] = array_shift($array); } if ($subkey == 'alias') { $subkey = 0; } foreach ($array as $key => $val) { $offset = 0; $found = FALSE; foreach ($temp_array as $tmp_key => $tmp_val) { if (!$found && strtolower($val[$subkey]) > strtolower($tmp_val[$subkey])) { $temp_array = array_merge((array)array_slice($temp_array, 0, $offset), array($key => $val), array_slice($temp_array, $offset)); $found = TRUE; } $offset++; } if (!$found) { $temp_array = array_merge($temp_array, array($key => $val)); } } if ($sort_ascending) { $array = array_reverse($temp_array); } else { $array = $temp_array; } return; } // Collect all pfBlockerNG statistics function pfBlockerNG_get_counts() { global $config, $pfb; $pfb_table = $pfb_dtable = array(); /* Alias Table Definitions - 'update' - Last Updated Timestamp 'rule' - Total number of Firewall rules per alias 'count' - Total Line Count per alias 'packets' - Total number of pf packets per alias */ exec("{$pfb['pfctl']} -vvsTables | {$pfb['grep']} -A4 'pfB_'", $pfb_pfctl); if (!empty($pfb_pfctl)) { foreach($pfb_pfctl as $line) { $line = trim(str_replace(array( '[', ']' ), '', $line)); if (substr($line, 0, 1) == '-') { $pfb_alias = trim(strstr($line, 'pfB', FALSE)); if (empty($pfb_alias)) { unset($pfb_alias); continue; } exec("{$pfb['grep']} -cv '^1\.1\.1\.1$' {$pfb['aliasdir']}/{$pfb_alias}.txt", $match); $pfb_table[$pfb_alias] = array('count' => $match[1], 'img' => $pfb['down']); exec("{$pfb['ls']} -ld {$pfb['aliasdir']}/{$pfb_alias}.txt | {$pfb['awk']} '{ print $6,$7,$8 }'", $update); $pfb_table[$pfb_alias]['update'] = $update[0]; $pfb_table[$pfb_alias]['rule'] = 0; unset($match, $update); continue; } if (isset($pfb_alias)) { if (substr($line, 0, 9) == 'Addresses') { $addr = trim(substr(strrchr($line, ':'), 1)); $pfb_table[$pfb_alias]['count'] = $addr; continue; } if (substr($line, 0, 11) == 'Evaluations') { $packets = trim(substr(strrchr($line, ':'), 1)); $pfb_table[$pfb_alias]['packets'] = $packets; unset($pfb_alias); } } } } else { // Error. No pf labels found. $pfb['pfctlerr'] = TRUE; } // Determine if firewall rules are defined if (isset($config['filter']['rule'])) { foreach ($config['filter']['rule'] as $rule) { // Skip disabled rules if (isset($rule['disabled'])) { continue; } if (stripos($rule['source']['address'], 'pfb_') !== FALSE) { $pfb_table[$rule['source']['address']]['img'] = $pfb['up']; $pfb_table[$rule['source']['address']]['rule'] += 1; } if (stripos($rule['destination']['address'], 'pfb_') !== FALSE) { $pfb_table[$rule['destination']['address']]['img'] = $pfb['up']; $pfb_table[$rule['destination']['address']]['rule'] += 1; } } } // Collect packet fence rule numbers exec("{$pfb['pfctl']} -vv -sr | {$pfb['grep']} 'pfB_'", $pfrules); if (!empty($pfrules)) { foreach ($pfrules as $result) { // Sample : @112(0) block return in log quick on em1 from any to label "USER_RULE: pfB_PRI1" $id = strstr($result, '(', FALSE); $id = ltrim(strstr($id, ')', TRUE), '('); $descr = ltrim(stristr($result, ' 'disabled', 'img' => $pfb['down']); } else { $pfb_dtable[$line[0]] = array ('count' => $line[2], 'img' => $pfb['up']); } $pfb_dtable[$line[0]]['update'] = "{$line[1]}"; $pfb_dtable[$line[0]]['packets'] = "{$line[3]}"; } } } } // Sort tables per sort customization if ($pfb['sortcolumn'] != 'none') { if ($pfb['sortdir'] == 'asc') { pfbsort($pfb_table, $pfb['sortcolumn'], FALSE); pfbsort($pfb_dtable, $pfb['sortcolumn'], FALSE); } else { pfbsort($pfb_table, $pfb['sortcolumn'], TRUE); pfbsort($pfb_dtable, $pfb['sortcolumn'], TRUE); } } $pfb_table = array_merge($pfb_table, $pfb_dtable); return $pfb_table; } // Called on initial load and Ajax to update table contents function pfBlockerNG_get_table($mode='') { global $pfb; $counter = 0; $dcounter = 1; $response = ''; $pfb_table = pfBlockerNG_get_counts(); if (!empty($pfb_table)) { foreach ($pfb_table as $pfb_alias => $values) { if (strpos($pfb_alias, 'DNSBL_') !== FALSE) { $alias_span = $alias_span_end = ''; $packets = $values['packets']; $dnsbl = TRUE; } else { // Add firewall rules count associated with alias $values['img'] = $values['img'] . "({$values['rule']})"; // If packet fence errors found, display error. if ($pfb['pfctlerr']) { $values['img'] = $pfb['err']; } // Alias table popup if ($values['count'] > 0 && $pfb['popup'] == 'on') { $alias_popup = rule_popup($pfb_alias, '', '', ''); $alias_span = $alias_popup['src']; $alias_span_end = $alias_popup['src_end']; } else { $alias_span = $alias_span_end = ''; } // Packet column pivot to Alerts Tab if ($values['packets'] > 0) { $rules = rtrim($values['rules'], '|'); if ($values['packets'] > $pfb['maxpivot']) { $aentries = $pfb['maxpivot']; } else { $aentries = $values['packets']; } $packets = "{$values['packets']}"; } else { $packets = $values['packets']; } } if ($mode == 'js') { echo $response = "{$alias_span}{$pfb_alias}{$alias_span_end}||{$values['count']}||{$packets}||{$values['update']}||{$values['img']}\n"; } else { // Print darker shading for DNSBL if ($dnsbl) { $RowClass = $dcounter % 2 ? $pfb['RowEvenClass2'] : $pfb['RowOddClass']; $dcounter++; } else { $RowClass = $counter % 2 ? $pfb['RowEvenClass'] : $pfb['RowOddClass']; $counter++; } echo (" {$alias_span}{$pfb_alias}{$alias_span_end} {$values['count']} {$packets} {$values['update']} {$values['img']} "); } } } } // Status indicator if pfBlockerNG is enabled/disabled if ($pfb['enable'] == 'on') { $mode = 'pass'; $pfb_msg = 'pfBlockerNG is Active.'; if ($pfb['config']['enable_dup'] == 'on') { // Check Masterfile Database Sanity $db_sanity = exec("{$pfb['grep']} 'Sanity check' {$pfb['logdir']}/pfblockerng.log | {$pfb['grep']} -o 'PASSED' | tail -1"); if ($db_sanity != 'PASSED') { $mode = 'reject'; $pfb_msg = 'pfBlockerNG deDuplication is out of sync. Perform a Force Reload to correct.'; } } } else { $mode = 'block'; $pfb_msg = 'pfBlockerNG is Disabled.'; } $pfb_status = "/themes/{$g['theme']}/images/icons/icon_{$mode}.gif"; // Status indicator if DNSBL is actively running if ($pfb['dnsbl'] == 'on' && $pfb['unbound_state'] == 'on' && $pfb['enable'] == 'on' && strpos(file_get_contents("{$pfb['dnsbldir']}/unbound.conf"), 'pfb_dnsbl') !== FALSE) { $mode = 'pass'; $dnsbl_msg = 'DNSBL is Active.'; } else { $mode = 'block'; $dnsbl_msg = 'DNSBL is Disabled.'; } $dnsbl_status = "/themes/{$g['theme']}/images/icons/icon_{$mode}.gif"; // Collect total IP/Cidr counts $dcount = exec("{$pfb['cat']} {$pfb['denydir']}/*.txt | {$pfb['grep']} -cv '^#\|^$\|^1\.1\.1\.1$'"); $pcount = exec("{$pfb['cat']} {$pfb['permitdir']}/*.txt | {$pfb['grep']} -cv '^#\|^$\|^1\.1\.1\.1$'"); $mcount = exec("{$pfb['cat']} {$pfb['matchdir']}/*.txt | {$pfb['grep']} -cv '^#\|^$\|^1\.1\.1\.1$'"); $ncount = exec("{$pfb['cat']} {$pfb['nativedir']}/*.txt | {$pfb['grep']} -cv '^#\|^$\|^1\.1\.1\.1$'"); $scount = exec("{$pfb['grep']} -c ^ {$pfb['dnsbl_file']}.conf"); $maxver = exec("grep -o 'Last-.*' /var/log/pfblockerng/maxmind_ver"); // Collect number of suppressed hosts $pfbsupp_cnt = 0; if (file_exists("{$pfb['supptxt']}")) { $pfbsupp_cnt = exec("{$pfb['grep']} -c ^ {$pfb['supptxt']}"); } // Collect any failed downloads exec("{$pfb['grep']} 'FAIL' {$pfb['errlog']} | {$pfb['grep']} $(date +%m/%d/%y)", $results); $results = array_reverse($results); ?>

{$dcount}"); ?> {$pcount}"); ?> {$mcount}"); ?> {$ncount}"); ?> {$pfbsupp_cnt}"); ?> " alt="" /> "/>
{$scount} "); ?> "/>
MaxMind: {$maxver}"; ?>

$pfb['maxfails'] && $entries > $pfb['maxfails']) { // To many errors stop displaying echo("'); break; } echo(""); $counter++; } } ?>

" . ($entries - $pfb['maxfails']) . ' more error(s)...

{$result}