= '2.2') { preg_match ("/@(\d+)\(/",$result, $rule); } else { preg_match ("/@(\d+)\s/",$result, $rule); } $id = $rule[1]; # Create array of Rule Description and pfctl Rule Number $rule_list['id'][] = $id; $rule_list[$id]['name'] = $descr; } } // Add IP to the Suppression Alias if (isset($_POST['addsuppress'])) { $ip = ""; if (isset($_POST['ip'])) { $ip = $_POST['ip']; $table = $_POST['table']; $descr = $_POST['descr']; if (empty($descr)) $descr = sprintf(gettext("Entry added %s"), date('r')); $cidr = $_POST['cidr']; if (is_ipaddr($ip)) { $savemsg1 = "Host IP address {$ip}"; if (is_ipaddrv4($ip)) { $iptrim1 = preg_replace("/(\d{1,3})\.(\d{1,3}).(\d{1,3}).(\d{1,3})/", '$1.$2.$3.0/24', $ip); $iptrim2 = preg_replace("/(\d{1,3})\.(\d{1,3}).(\d{1,3}).(\d{1,3})/", '$1.$2.$3.', $ip); $iptrim3 = preg_replace("/(\d{1,3})\.(\d{1,3}).(\d{1,3}).(\d{1,3})/", '$4', $ip); if ($cidr == "32") { $pfb_pfctl = exec ("/sbin/pfctl -t {$table} -T show | grep {$iptrim1} 2>&1"); if ($pfb_pfctl == "") { $savemsg2 = " : Removed /32 entry"; exec ("/sbin/pfctl -t {$table} -T delete {$ip}"); } else { $savemsg2 = " : Removed /24 entry, added 254 addr"; exec ("/sbin/pfctl -t {$table} -T delete {$iptrim1}"); for ($add_ip=0; $add_ip <= 255; $add_ip++){ if ($add_ip != $iptrim3) { exec ("/sbin/pfctl -t {$table} -T add {$iptrim2}{$add_ip}"); } } } } else { $cidr = 24; $savemsg2 = " : Removed /24 entry"; exec ("/sbin/pfctl -t {$table} -T delete {$iptrim1} 2>&1", $pfb_pfctl); if (!preg_grep("/1\/1 addresses deleted/", $pfb_pfctl)) { $savemsg2 = " : Removed all entries"; // Remove 0-255 IP Address from Alias Table for ($del_ip=0; $del_ip <= 255; $del_ip++){ exec ("/sbin/pfctl -t {$table} -T delete {$iptrim2}{$del_ip}"); } } } } // Collect pfBlockerNGSuppress Alias Contents $pfb_sup_list = array(); $pfb_sup_array = array(); $pfb['found'] = FALSE; $pfb['update'] = FALSE; if (is_array($config['aliases']['alias'])) { foreach ($config['aliases']['alias'] as $alias) { if ($alias['name'] == "pfBlockerNGSuppress") { $data = $alias['address']; $data2 = $alias['detail']; $arr1 = explode(" ",$data); $arr2 = explode("||",$data2); if (!empty($data)) { $row = 0; foreach ($arr1 as $host) { $pfb_sup_list[] = $host; $pfb_sup_array[$row]['host'] = $host; $row++; } $row = 0; foreach ($arr2 as $detail) { $pfb_sup_array[$row]['detail'] = $detail; $row++; } } $pfb['found'] = TRUE; } } } // Call Function to Create Suppression Alias if not found. if (!$pfb['found']) pfb_create_suppression_alias(); // Save New Suppress IP to pfBlockerNGSuppress Alias if (in_array($ip . '/' . $cidr, $pfb_sup_list)) { $savemsg = gettext("Host IP address {$ip} already exists in the pfBlockerNG Suppress Table."); } else { if (!$pfb['found'] && empty($pfb_sup_list)) { $next_id = 0; } else { $next_id = count($pfb_sup_list); } $pfb_sup_array[$next_id]['host'] = $ip . '/' . $cidr; $pfb_sup_array[$next_id]['detail'] = $descr; $address = ""; $detail = ""; foreach ($pfb_sup_array as $pfb_sup) { $address .= $pfb_sup['host'] . " "; $detail .= $pfb_sup['detail'] . "||"; } // Find pfBlockerNGSuppress Array ID Number if (is_array($config['aliases']['alias'])) { $pfb_id = 0; foreach ($config['aliases']['alias'] as $alias) { if ($alias['name'] == "pfBlockerNGSuppress") { break; } $pfb_id++; } } $config['aliases']['alias'][$pfb_id]['address'] = rtrim($address, " "); $config['aliases']['alias'][$pfb_id]['detail'] = rtrim($detail, "||"); $savemsg = gettext($savemsg1) . gettext($savemsg2) . gettext(" and added Host to the pfBlockerNG Suppress Table."); $pfb['update'] = TRUE; } if ($pfb['found'] || $pfb['update']) { // Save all Changes to pfsense config file write_config(); } } } } // Auto-Resolve Hostnames if (isset($_REQUEST['getpfhostname'])) { $getpfhostname = htmlspecialchars($_REQUEST['getpfhostname']); $hostname = htmlspecialchars(gethostbyaddr($getpfhostname), ENT_QUOTES); if ($hostname == $getpfhostname) { $hostname = 'unknown'; } echo $hostname; die; } // Host Resolve Function lookup function getpfbhostname($type = 'src', $hostip, $countme = 0) { $hostnames['src'] = ''; $hostnames['dst'] = ''; $hostnames[$type] = '
'; return $hostnames; } // Determine if Alert Host 'Dest' is within the Local Lan IP Range. function check_lan_dest($lan_ip,$lan_mask,$dest_ip,$dest_mask="32") { $result = check_subnets_overlap($lan_ip, $lan_mask, $dest_ip, $dest_mask); return $result; } $pgtitle = gettext("pfBlockerNG: Alerts"); include_once("head.inc"); ?>