<?xml version="1.0" encoding="utf-8" ?> <!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> <copyright> <![CDATA[ /* ========================================================================== */ /* pfBlockerNG_dnsbl.xml pfBlockerNG Copyright (c) 2015 BBcan177@gmail.com All rights reserved. */ /* ========================================================================== */ /* Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ /* ========================================================================== */ ]]> </copyright> <description>Describe your package here</description> <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> <name>pfblockerngdnsblsettings</name> <version>1.0</version> <title>pfBlockerNG: DNSBL: Settings</title> <include_file>/usr/local/pkg/pfblockerng/pfblockerng.inc</include_file> <addedit_string>pfBlockerNG: Save DNSBL general settings</addedit_string> <menu> <name>pfBlockerNG</name> <tooltiptext></tooltiptext> <section>Firewall</section> <configfile>pfblockerng_dnsbl.xml</configfile> </menu> <tabs> <tab> <text>General</text> <url>/pkg_edit.php?xml=pfblockerng.xml</url> <tooltiptext></tooltiptext> </tab> <tab> <text>Update</text> <url>/pfblockerng/pfblockerng_update.php</url> </tab> <tab> <text>Alerts</text> <url>/pfblockerng/pfblockerng_alerts.php</url> </tab> <tab> <text>Reputation</text> <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_reputation.xml</url> </tab> <tab> <text>IPv4</text> <url>/pkg.php?xml=/pfblockerng/pfblockerng_v4lists.xml</url> </tab> <tab> <text>IPv6</text> <url>/pkg.php?xml=/pfblockerng/pfblockerng_v6lists.xml</url> </tab> <tab> <text>DNSBL</text> <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_dnsbl.xml</url> </tab> <tab> <text>Country</text> <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_top20.xml</url> </tab> <tab> <text>Logs</text> <url>/pfblockerng/pfblockerng_log.php</url> </tab> <tab> <text>Sync</text> <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_sync.xml</url> </tab> <tab> <text>DNSBL</text> <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_dnsbl.xml</url> <tab_level>2</tab_level> <active/> </tab> <tab> <text>DNSBL Feeds</text> <url>/pkg.php?xml=/pfblockerng/pfblockerng_dnsbl_lists.xml</url> <tab_level>2</tab_level> </tab> <tab> <text>DNSBL EasyList</text> <url>/pkg_edit.php?xml=/pfblockerng/pfblockerng_dnsbl_easylist.xml</url> <tab_level>2</tab_level> </tab> </tabs> <fields> <field> <name><![CDATA[DNS Block List Configuration   Run 'Force Update' to deploy new Settings.]]></name> <type>listtopic</type> </field> <field> <fielddescr>LINKS</fielddescr> <fieldname></fieldname> <description><![CDATA[<a href="/firewall_aliases.php">Firewall Alias</a>  <a href="/firewall_rules.php">Firewall Rules</a> <a href="diag_logs_filter.php">Firewall Logs</a>]]> </description> <type>info</type> </field> <field> <type>info</type> <description><![CDATA[<font color='red'>Note: </font>DNSBL requires the DNS Resolver (Unbound) to be used as the DNS service.<br /> When a DNS request is made for a domain that is listed in DNSBL, the request is redirected to the Virtual IP address<br /> where an instance of Lighttpd Web Server will collect the packet statistics and push a '1x1' GIF image to the Browser. If browsing is slow, check for Firewall LAN Rules/Limiters that might be blocking access to the DNSBL VIP.<br /><br /> <font color='red'>Note: </font>DNSBL will block and <u>partially</u> log Alerts for HTTPS requests. To debug issues with 'False Positives', the following tools below can be used:<br /><ul> <li>1. Browser Dev mode (F12) and goto 'Console' to review any error messages.</li> <li>2. Execute the following command from pfSense Shell (Changing the interface 're1' to the pfSense Lan Interface):<br /> <li> <strong>tcpdump -nnvli re1 port 53 | grep -B1 'A 10.10.10.1'</strong></li> <li>3. Packet capture software such as Wireshark.</li></ul>]]> </description> </field> <field> <fielddescr>Enable DNSBL</fielddescr> <fieldname>pfb_dnsbl</fieldname> <type>checkbox</type> <description><![CDATA[This will enable DNS Block List for Malicious and/or unwanted Adverts Domains<br /> To Utilize, <strong>Unbound DNS Resolver</strong> must be enabled.]]> </description> </field> <field> <fielddescr>DNSBL Virtual IP</fielddescr> <fieldname>pfb_dnsvip</fieldname> <type>input</type> <size>13</size> <description><![CDATA[Example ( 10.10.10.1 )<br /> Enter a  <strong>single IPv4 VIP address</strong>  that is RFC1918 Compliant.<br /><br /> This address should be in an Isolated Range than what is used in your Network.<br /> Rejected DNS Requests will be forwarded to this VIP (Virtual IP)<br /> RFC1918 Compliant - (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16)]]> </description> <default_value>10.10.10.1</default_value> </field> <field> <fielddescr>DNSBL Listening Port</fielddescr> <fieldname>pfb_dnsport</fieldname> <type>input</type> <size>3</size> <description><![CDATA[Example ( 8081 )<br /> Enter a  <strong>single PORT</strong>  that is in the range of 1 - 65535<br /><br /> This Port must not be in use by any other process.]]> </description> <default_value>8081</default_value> </field> <field> <fielddescr>DNSBL SSL Listening Port</fielddescr> <fieldname>pfb_dnsport_ssl</fieldname> <type>input</type> <size>3</size> <description><![CDATA[Example ( 8443 )<br /> Enter a  <strong>single PORT</strong>  that is in the range of 1 - 65535<br /><br /> This Port must not be in use by any other process.]]> </description> <default_value>8443</default_value> </field> <field> <fielddescr>DNSBL Listening Interface</fielddescr> <fieldname>dnsbl_interface</fieldname> <description><![CDATA[Select the interface you want DNSBL to Listen on.<br /> Default: <strong>LAN</strong> - Selected Interface should be a Local Interface only.]]> </description> <type>interfaces_selection</type> <hideinterfaceregex>wan|loopback</hideinterfaceregex> <default_value>lan</default_value> </field> <field> <fielddescr>DNSBL Firewall Rule</fielddescr> <fieldname>pfb_dnsbl_rule</fieldname> <type>checkbox</type> <usecolspan2/> <combinefields>begin</combinefields> </field> <field> <fieldname>dnsbl_allow_int</fieldname> <description><![CDATA[This will create a 'Floating' Firewall rule to allow traffic from the Selected Interface(s) below<br /> to access the DNSBL VIP on the LAN interface. This is only required for multiple LAN Segments.]]> </description> <type>interfaces_selection</type> <hideinterfaceregex>wan</hideinterfaceregex> <multiple/> <usecolspan2/> <dontdisplayname/> <combinefields>end</combinefields> </field> <field> <name>DNSBL IP Firewall Rule Settings</name> <type>listtopic</type> </field> <field> <description>Configure settings for Firewall Rules when any DNSBL Feed contain IP Addresses</description> <type>info</type> </field> <field> <fielddescr>List Action</fielddescr> <description><![CDATA[Default: <strong>Disabled</strong><br /><br /> Select the <strong>Action</strong> for Firewall Rules when any DNSBL Feed contain IP addresses.<br /><br /> <strong><u>'Disabled' Rule:</u></strong> Disables selection and does nothing to selected Alias.<br /><br /> <strong><u>'Deny' Rules:</u></strong><br /> 'Deny' rules create high priority 'block' or 'reject' rules on the stated interfaces. They don't change the 'pass' rules on other interfaces. Typical uses of 'Deny' rules are:<br /> <ul><li><strong>Deny Both</strong> - blocks all traffic in both directions, if the source or destination IP is in the block list</li> <li><strong>Deny Inbound/Deny Outbound</strong> - blocks all traffic in one direction <u>unless</u> it is part of a session started by traffic sent in the other direction. Does not affect traffic in the other direction.</li> <li>One way 'Deny' rules can be used to selectively block <u>unsolicited</u> incoming (new session) packets in one direction, while still allowing <u>deliberate</u> outgoing sessions to be created in the other direction.</li></ul> <strong><u>'Alias' Rule:</u></strong><br /> <strong>'Alias'</strong> rules create an <a href="/firewall_aliases.php">alias</a> for the list (and do nothing else). This enables a pfBlockerNG list to be used by name, in any firewall rule or pfSense function, as desired.]]> </description> <fieldname>action</fieldname> <type>select</type> <options> <option><name>Disabled</name><value>Disabled</value></option> <option><name>Deny Inbound</name><value>Deny_Inbound</value></option> <option><name>Deny Outbound</name><value>Deny_Outbound</value></option> <option><name>Deny Both</name><value>Deny_Both</value></option> <option><name>Alias Deny</name><value>Alias_Deny</value></option> </options> </field> <field> <fielddescr>Enable Logging</fielddescr> <fieldname>aliaslog</fieldname> <description><![CDATA[Default: <strong>Enable</strong><br /> Select - Logging to Status: System Logs: FIREWALL ( Log )<br /> This can be overriden by the 'Global Logging' Option in the General Tab.]]> </description> <type>select</type> <options> <option><name>Enable</name><value>enabled</value></option> <option><name>Disable</name><value>disabled</value></option> </options> </field> <field> <name>Advanced Inbound Firewall Rule Settings</name> <type>listtopic</type> </field> <field> <type>info</type> <description><![CDATA[<font color='red'>Note: </font>In general, Auto-Rules are created as follows:<br /> <ul>Inbound  - 'any' port, 'any' protocol and 'any' destination<br /> Outbound - 'any' port, 'any' protocol and 'any' destination address in the lists</ul> Configuring the Adv. Inbound Rule settings, will allow for more customization of the Inbound Auto-Rules.<br /> <strong>Select the pfSense 'Port' and/or 'Destination' Alias below:</strong>]]> </description> </field> <field> <fieldname>autoports</fieldname> <fielddescr>Enable Custom Port</fielddescr> <type>checkbox</type> <enablefields>aliasports</enablefields> <usecolspan2/> <combinefields>begin</combinefields> </field> <field> <fielddescr>Define Alias</fielddescr> <fieldname>aliasports</fieldname> <description><![CDATA[<a href="/firewall_aliases.php?tab=port">Click Here to add/edit Aliases</a> Do not manually enter port numbers. <br />Do not use 'pfB_' in the Port Alias name.]]> </description> <size>21</size> <type>aliases</type> <typealiases>port</typealiases> <dontdisplayname/> <usecolspan2/> <combinefields>end</combinefields> </field> <field> <fieldname>autodest</fieldname> <fielddescr>Enable Custom Destination</fielddescr> <type>checkbox</type> <enablefields>aliasdest,autonot</enablefields> <usecolspan2/> <combinefields>begin</combinefields> </field> <field> <fieldname>aliasdest</fieldname> <description><![CDATA[<a href="/firewall_aliases.php?tab=ip">Click Here to add/edit Aliases</a> Do not manually enter Addresses(es). <br />Do not use 'pfB_' in the 'IP Network Type' Alias name.]]> </description> <size>21</size> <type>aliases</type> <typealiases>network</typealiases> <dontdisplayname/> <usecolspan2/> <combinefields/> </field> <field> <fielddescr>Invert</fielddescr> <fieldname>autonot</fieldname> <description><![CDATA[<div style="padding-left: 22px;"><strong>Invert</strong> - Option to invert the sense of the match.<br /> ie - Not (!) Destination Address(es)</div>]]> </description> <type>checkbox</type> <dontdisplayname/> <usecolspan2/> <combinefields>end</combinefields> </field> <field> <fielddescr>Custom Protocol</fielddescr> <fieldname>autoproto</fieldname> <description><![CDATA[<strong>Default: any</strong><br />Select the Protocol used for Inbound Firewall Rule(s).<br /> Do not use 'any' with Adv. Inbound Rules as it will bypass these settings!]]></description> <type>select</type> <options> <option><name>any</name><value></value></option> <option><name>TCP</name><value>tcp</value></option> <option><name>UDP</name><value>udp</value></option> <option><name>TCP/UDP</name><value>tcp/udp</value></option> </options> <size>4</size> <default_value></default_value> </field> <field> <name><![CDATA[Alexa Whitelist]]></name> <type>listtopic</type> </field> <field> <fielddescr>Enable Alexa</fielddescr> <fieldname>alexa_enable</fieldname> <description><![CDATA[Alexa provides a <a target="_blank" href="https://aws.amazon.com/alexa-top-sites/">Top 1 million sites list.</a> (Global 1 month average traffic ranking)<br /><br /> Alexa can be used to whitelist the most popular domain names to avoid false positives. To use this feature, select the number of 'Top Domains' to whitelist. You can also 'include' which TLDs to whitelist.<br /> <br /><font color='red'>Recommendation: </font> <ul>Alexa also contains the 'Top' AD Servers, so its recommended to configure the first DNSBL Alias with AD Server<br /> (ie. yoyo, Adaway...) based feeds. Alexa whitelisting can be disabled for this first defined Alias.<br /><br /> Generally, Alexa should be used for feeds that post full URLs like PhishTank, OpenPhish or MalwarePatrol.<br /><br /> To bypass an Alexa domain, add the Domain to the first defined Alias 'Custom Block list' with Alexa disabled in this alias.</ul> The complete 'Top 1M list' can be downloaded from <a target=_blank href="https://s3.amazonaws.com/alexa-static/top-1m.csv.zip">Here</a> (Database is free to use.)<br /> When enabled, this list will be automatically updated once per month along with the MaxMind Database.]]> </description> <type>checkbox</type> </field> <field> <fielddescr><![CDATA[Number of Alexa<br />Top Domains to Whitelisting]]></fielddescr> <fieldname>alexa_count</fieldname> <description><![CDATA[<strong>Default: Top 1k</strong><br /> Select the <strong>number</strong> of Alexa 'Top Domain global ranking' to whitelist.]]></description> <type>select</type> <options> <option><name>Top 100</name><value>100</value></option> <option><name>Top 1k</name><value>1000</value></option> <option><name>Top 10k</name><value>10000</value></option> <option><name>Top 100k</name><value>100000</value></option> <option><name>Top 250k</name><value>250000</value></option> <option><name>Top 500k</name><value>500000</value></option> <option><name>Top 750k</name><value>750000</value></option> <option><name>Top 1M</name><value>1000000</value></option> </options> <default_value>1000</default_value> </field> <field> <fielddescr>Alexa TLD Inclusion</fielddescr> <fieldname>alexa_inclusion</fieldname> <description><![CDATA[Select the TLDs for Whitelist. (Only showing the Top 150 TLDs)<br /> <strong>Default: COM, NET, ORG, CA, CO, IO</strong><br /><br /> Detailed listing : <a target=_blank href="http://www.iana.org/domains/root/db">Root Zone top-level domains.</a> ]]> </description> <type>select</type> <options> <option><name>AE</name><value>ae</value></option> <option><name>AERO</name><value>aero</value></option> <option><name>AG</name><value>ag</value></option> <option><name>AL</name><value>al</value></option> <option><name>AM</name><value>am</value></option> <option><name>AR</name><value>ar</value></option> <option><name>AE</name><value>ae</value></option> <option><name>AERO</name><value>aero</value></option> <option><name>AG</name><value>ag</value></option> <option><name>AL</name><value>al</value></option> <option><name>AM</name><value>am</value></option> <option><name>AR</name><value>ar</value></option> <option><name>ASIA</name><value>asia</value></option> <option><name>AT</name><value>at</value></option> <option><name>AU (16)</name><value>au</value></option> <option><name>AZ</name><value>az</value></option> <option><name>BA</name><value>ba</value></option> <option><name>BD</name><value>bd</value></option> <option><name>BE</name><value>be</value></option> <option><name>BG</name><value>bg</value></option> <option><name>BIZ</name><value>biz</value></option> <option><name>BO</name><value>bo</value></option> <option><name>BR (7)</name><value>br</value></option> <option><name>BY</name><value>by</value></option> <option><name>BZ</name><value>bz</value></option> <option><name>CA (21)</name><value>ca</value></option> <option><name>CAT</name><value>cat</value></option> <option><name>CC</name><value>cc</value></option> <option><name>CF</name><value>cf</value></option> <option><name>CH</name><value>ch</value></option> <option><name>CL</name><value>cl</value></option> <option><name>CLUB</name><value>club</value></option> <option><name>CN (14)</name><value>cn</value></option> <option><name>CO (22)</name><value>co</value></option> <option><name>COM (1)</name><value>com</value></option> <option><name>COOP</name><value>coop</value></option> <option><name>CR</name><value>cr</value></option> <option><name>CU</name><value>cu</value></option> <option><name>CY</name><value>cy</value></option> <option><name>CZ (23)</name><value>cz</value></option> <option><name>DE (5)</name><value>de</value></option> <option><name>DEV</name><value>dev</value></option> <option><name>DK</name><value>dk</value></option> <option><name>DO</name><value>do</value></option> <option><name>DZ</name><value>dz</value></option> <option><name>EC</name><value>ec</value></option> <option><name>EDU</name><value>edu</value></option> <option><name>EE</name><value>ee</value></option> <option><name>EG</name><value>eg</value></option> <option><name>ES (18)</name><value>es</value></option> <option><name>EU (25)</name><value>eu</value></option> <option><name>FI</name><value>fi</value></option> <option><name>FM</name><value>fm</value></option> <option><name>FR (12)</name><value>fr</value></option> <option><name>GA</name><value>ga</value></option> <option><name>GE</name><value>ge</value></option> <option><name>GOV</name><value>gov</value></option> <option><name>GR (20)</name><value>gr</value></option> <option><name>GT</name><value>gt</value></option> <option><name>GURU</name><value>guru</value></option> <option><name>HK</name><value>hk</value></option> <option><name>HR</name><value>hr</value></option> <option><name>HU</name><value>hu</value></option> <option><name>ID</name><value>id</value></option> <option><name>IE</name><value>ie</value></option> <option><name>IL</name><value>il</value></option> <option><name>IM</name><value>im</value></option> <option><name>IN (9)</name><value>in</value></option> <option><name>INFO (15)</name><value>info</value></option> <option><name>INT</name><value>int</value></option> <option><name>IO</name><value>io</value></option> <option><name>IR (13)</name><value>ir</value></option> <option><name>IS</name><value>is</value></option> <option><name>IT (11)</name><value>it</value></option> <option><name>JO</name><value>jo</value></option> <option><name>JOBS</name><value>jobs</value></option> <option><name>JP (6)</name><value>jp</value></option> <option><name>KE</name><value>ke</value></option> <option><name>KG</name><value>kg</value></option> <option><name>KR (19)</name><value>kr</value></option> <option><name>KW</name><value>kw</value></option> <option><name>KZ</name><value>kz</value></option> <option><name>LA</name><value>la</value></option> <option><name>LI</name><value>li</value></option> <option><name>LINK</name><value>link</value></option> <option><name>LK</name><value>lk</value></option> <option><name>LT</name><value>lt</value></option> <option><name>LU</name><value>lu</value></option> <option><name>LV</name><value>lv</value></option> <option><name>LY</name><value>ly</value></option> <option><name>MA</name><value>ma</value></option> <option><name>MD</name><value>md</value></option> <option><name>ME</name><value>me</value></option> <option><name>MK</name><value>mk</value></option> <option><name>ML</name><value>ml</value></option> <option><name>MN</name><value>mn</value></option> <option><name>MOBI</name><value>mobi</value></option> <option><name>MX</name><value>mx</value></option> <option><name>MY</name><value>my</value></option> <option><name>NAME</name><value>name</value></option> <option><name>NET (2)</name><value>net</value></option> <option><name>NG</name><value>ng</value></option> <option><name>NINJA</name><value>ninja</value></option> <option><name>NL (17)</name><value>nl</value></option> <option><name>NO</name><value>no</value></option> <option><name>NP</name><value>np</value></option> <option><name>NU</name><value>nu</value></option> <option><name>NZ</name><value>nz</value></option> <option><name>OM</name><value>om</value></option> <option><name>ORG (4)</name><value>org</value></option> <option><name>PA</name><value>pa</value></option> <option><name>PE</name><value>pe</value></option> <option><name>PH</name><value>ph</value></option> <option><name>PK</name><value>pk</value></option> <option><name>PL (10)</name><value>pl</value></option> <option><name>PRO</name><value>pro</value></option> <option><name>PT</name><value>pt</value></option> <option><name>PW</name><value>pw</value></option> <option><name>PY</name><value>py</value></option> <option><name>QA</name><value>qa</value></option> <option><name>RO</name><value>ro</value></option> <option><name>RS</name><value>rs</value></option> <option><name>RU (3)</name><value>ru</value></option> <option><name>SA</name><value>sa</value></option> <option><name>SE</name><value>se</value></option> <option><name>SG</name><value>sg</value></option> <option><name>SI</name><value>si</value></option> <option><name>SK</name><value>sk</value></option> <option><name>SO</name><value>so</value></option> <option><name>SPACE</name><value>space</value></option> <option><name>SU</name><value>su</value></option> <option><name>TH</name><value>th</value></option> <option><name>TK</name><value>tk</value></option> <option><name>TN</name><value>tn</value></option> <option><name>TO</name><value>to</value></option> <option><name>TODAY</name><value>today</value></option> <option><name>TOP</name><value>top</value></option> <option><name>TR</name><value>tr</value></option> <option><name>TRAVEL</name><value>travel</value></option> <option><name>TV</name><value>tv</value></option> <option><name>TW (24)</name><value>tw</value></option> <option><name>TZ</name><value>tz</value></option> <option><name>UA</name><value>ua</value></option> <option><name>UK (8)</name><value>uk</value></option> <option><name>US</name><value>us</value></option> <option><name>UY</name><value>uy</value></option> <option><name>UZ</name><value>uz</value></option> <option><name>VC</name><value>vc</value></option> <option><name>VE</name><value>ve</value></option> <option><name>VN</name><value>vn</value></option> <option><name>WEBSITE</name><value>website</value></option> <option><name>WS</name><value>ws</value></option> <option><name>XN--P1AI</name><value>xn--p1ai</value></option> <option><name>XXX</name><value>xxx</value></option> <option><name>XYZ</name><value>xyz</value></option> <option><name>ZA</name><value>za</value></option> </options> <default_value><![CDATA[com,net,org,ca,co,io]]></default_value> <size>10</size> <multiple/> </field> <field> <name><![CDATA[Custom Domain Suppression]]></name> <type>listtopic</type> </field> <field> <fielddescr>Custom List</fielddescr> <fieldname>suppression</fieldname> <description><![CDATA[No Regex Entries Allowed!<br /><br /> Enter one   <strong>Domain Name</strong>  per line<br /> You may use "<strong>#</strong>" after any Domain name to add comments. example (google.com # Suppress Google.com)<br /> This List is stored as 'Base64' format in the config.xml file.<br /><br /> <font color='red'>Note: </font>These entries are only suppressed when Feeds are downloaded or on a <font color='red'>'Force Reload'.</font><br /> Use the Alerts Tab '+' Suppression icon to immediately remove a domain from Unbound DNSBL.]]> </description> <type>textarea</type> <cols>50</cols> <rows>25</rows> <encoding>base64</encoding> </field> <field> <name><![CDATA[<center>Click to SAVE Settings and/or Rule Edits.   Changes are Applied via CRON or 'Force Update'</center>]]></name> <type>listtopic</type> </field> </fields> <custom_php_validation_command> <![CDATA[ pfblockerng_validate_input($_POST, $input_errors); ]]> </custom_php_validation_command> <custom_php_resync_config_command> <![CDATA[ global $pfb; $pfb['save'] = TRUE; sync_package_pfblockerng(); ]]> </custom_php_resync_config_command> </packagegui>