{$pfb['geoipshare']}/{$feed['file']}"); unlink_if_exists("{$file_dwn}"); } update_static_output(" done.\n"); $maxmind_verify += 1; } else { update_static_output(" failed!\n"); break; } } curl_close($ch); fclose($fhandle); } if ($maxmind_verify != 5) { update_static_output(" MaxMind download failed!\nFetching MaxMind archive from pfSense package repo..."); // Fetch archived MaxMind database $url = 'https://packages.pfsense.org/packages/config/pfblockerng/countrycodes.tar.bz2'; exec("/usr/bin/fetch -o /tmp/countrycodes.tar.bz2 {$url}"); // Uncompress archived Country code file exec("/usr/bin/tar -jx -C {$pfb['ccdir']} -f /tmp/countrycodes.tar.bz2"); update_static_output(" done.\n"); } else { update_static_output("Downloading MaxMind Country databases... done.\n"); } } else { update_static_output("\nMaxMind Country databases previously downloaded.\n"); } update_static_output("Converting MaxMind Country databases for pfBlockerNG.\n This may take a few minutes..."); pfblockerng_uc_countries(); update_static_output(" done.\nCreating pfBlockerNG Continent XML files..."); pfblockerng_get_countries(); if ($pfb['keep'] == 'on' && isset($pfb['widgets']) && strpos($pfb['widgets'], 'pfblockerng-container') !== FALSE) { update_static_output(" done.\nRestoring previous pfBlockerNG Widget settings..."); // Restore previous widget setting if 'keep' is enabled. $config['widgets']['sequence'] = $pfb['widgets']; write_config('pfBlockerNG: Save widget'); } else { update_static_output(" done.\nAdding pfBlockerNG Widget to the Dashboard..."); $widgets = $config['widgets']['sequence']; if (strpos($widgets, 'pfblockerng-container') === FALSE) { if (empty($widgets)) { $config['widgets']['sequence'] = 'pfblockerng-container:col2:show'; } else { $config['widgets']['sequence'] .= ',pfblockerng-container:col2:show'; } write_config('pfBlockerNG: Save widget'); } } update_static_output(" done.\nRemove any existing and create link for DNSBL lighttpd executable..."); unlink_if_exists('/usr/local/sbin/lighttpd_pfb'); link('/usr/local/sbin/lighttpd', '/usr/local/sbin/lighttpd_pfb'); update_static_output(" done.\nCreating DNSBL web server start-up script..."); $pfb['dnsbl_conf'] = '/var/unbound/pfb_dnsbl_lighty.conf'; $rc = array(); $rc['file'] = 'dnsbl.sh'; $rc['start'] = << "text/html", ".gif" => "image/gif" ) url.access-deny = ( "~", ".inc" ) fastcgi.server = ( ".php" => ( "localhost" => ( "socket" => "/var/run/php-fpm.socket", "broken-scriptfilename" => "enable" ) ) ) debug.log-condition-handling = "enable" \$HTTP["host"] =~ ".*" { url.rewrite-once = ( ".*" => "index.php" ) } \$SERVER["socket"] == "0.0.0.0:{$pfb['dnsbl_port_ssl']}" { ssl.engine = "enable" ssl.pemfile = "/var/unbound/dnsbl_cert.pem" ssl.use-sslv2 = "disable" ssl.use-sslv3 = "disable" ssl.honor-cipher-order = "enable" ssl.cipher-list = "AES128+EECDH:AES256+EECDH:AES128+EDH:AES256+EDH:AES128-SHA:AES256-SHA:!aNULL:!eNULL:!DSS" \$HTTP["host"] =~ ".*" { url.rewrite-once = ( ".*" => "index.php" ) } } EOF; @file_put_contents($pfb['dnsbl_conf'], $pfb_conf, LOCK_EX); unset($pfb_conf); update_static_output(" done.\n"); update_static_output("Starting DNSBL Service..."); restart_service('dnsbl'); update_static_output(" done.\n"); } // Upgrade - Adv. Inbound settings to new variable names. update_static_output("Upgrading Adv. Inbound firewall rule settings ..."); $ufound = FALSE; $upgrade_type = array('pfblockernglistsv4', 'pfblockernglistsv6', 'pfblockerngdnsblsettings', 'pfblockerngafrica', 'pfblockerngantartica', 'pfblockerngasia', 'pfblockerngeurope', 'pfblockerngnorthamerica', 'pfblockerngoceania', 'pfblockerngsouthamerica', 'pfblockerngtopspammers', 'pfblockerngproxyandsatellite'); foreach ($upgrade_type as $type) { $conf_config = &$config['installedpackages'][$type]['config']; if (isset($conf_config)) { foreach ($conf_config as $key => $utype) { if (isset($utype['autoports'])) { $ufound = TRUE; if ($utype['autoports'] == 'on' && !empty($utype['aliasports']) && !isset($conf_config[$key]['autoports_in'])) { $conf_config[$key]['autoports_in'] = 'on'; $conf_config[$key]['aliasports_in'] = $utype['aliasports']; } unset($conf_config[$key]['autoports']); unset($conf_config[$key]['aliasports']); } if (isset($utype['autodest'])) { $ufound = TRUE; if ($utype['autodest'] == 'on' && !empty($utype['aliasdest']) && !isset($conf_config[$key]['autoaddr_in'])) { $conf_config[$key]['autoaddr_in'] = 'on'; $conf_config[$key]['aliasaddr_in'] = $utype['aliasdest']; } unset($conf_config[$key]['autodest']); unset($conf_config[$key]['aliasdest']); } if (isset($utype['autonot'])) { $ufound = TRUE; if ($utype['autonot'] == 'on' && !isset($conf_config[$key]['autonot_in'])) { $conf_config[$key]['autonot_in'] = $utype['autonot']; } unset($conf_config[$key]['autonot']); } if (isset($utype['autoproto'])) { $ufound = TRUE; $conf_config[$key]['autoproto_in'] = $utype['autoproto']; unset($conf_config[$key]['autoproto']); } } } } if ($ufound) { write_config('pfBlockerNG: Upgrade Adv. Inbound Settings.'); update_static_output(" saving new changes ... done.\n"); } else { update_static_output(" no changes required ... done.\n"); } unset($g['pfblockerng_install']); // Remove 'Install flag' update_static_output("Custom commands completed ... "); return TRUE; ?>