Shallalist2pfBlockerNG.php - script para importar shallalist a pfBlockerNG
-
Hola.
shallalist2pfBlockerNG.php – script para importar categorias de shallalist a pfBlockerNG
Descarga - download: http://www.javcasta.com/?smd_process_download=1&download_id=33336
shallalist2pfBlockerNG.php es un php cli script para importar las categorias de shallalist a pfBlockerNG y crea un cron para actualizarlas.
Testeado en pfSense 2.3.2_1 amd64 con pfBlockerNG 2.1.1_4
Condición necesaria: Tener instalado en pfSense el paquete pfBlockerNG y configurado y operativo su DNSBL.
El script se aloja en una carpeta, por ejemplo /scripts , y se ejecuta desde shell o consola:
php /scripts/shallalist2pfBlockerNG.php
Una vez ejecutado e importadas las categorias de shallalist al DNSBL feed shalllaist2pfBlockerNG, vamos a la GUI de pfSense: Firewall > pfBlockerNG > DNSBL Feeds,
y editamos el feed shallalist2pfBlockerNG y ponemos a ON (o dejamos a OFF) las categorias que deseemos.
Solo quedará hacer un Force Update update/reload del DNSBL pfblockerNG
El código: shallalist2pfBlockerNG.php
/* shallalist2pfBlockerNG.php Copyright (C) 2016 javier@javcasta.com Javier Castañón @javcasta - PIyMenta - https://javcasta.com/ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1\. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2\. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ require_once("config.inc"); require_once("util.inc"); require_once("functions.inc"); require_once("pkg-utils.inc"); require_once("pfsense-utils.inc"); require_once("globals.inc"); require_once("services.inc"); global $config; $config = parse_config(true); //bash //Remove directory print_r("Remove /tmp/BL dir \n"); mwexec("/bin/rm -rf /tmp/BL"); //Create directory print_r("Create /tmp/BL dir \n"); mwexec("/bin/mkdir /tmp/BL"); //Download list print_r("Download shallalist.tar.gz \n"); mwexec("/usr/bin/fetch -o /tmp/BL http://www.shallalist.de/Downloads/shallalist.tar.gz"); #Extract and remove archive print_r("Extract... \n"); //mwexec("/usr/bin/cd /tmp/BL"); mwexec("/usr/bin/tar -xf /tmp/BL/shallalist.tar.gz --strip 1 -C /tmp/BL"); mwexec("/bin/rm -rf /tmp/BL/shallalist.tar.gz"); function listFolders($dir) { //ref //http://stackoverflow.com/questions/14358346/how-to-build-a-array-that-contains-a-folder-structure $dh = scandir($dir); $resultado = array(); $laruta = ''; foreach ($dh as $folder) { if ($folder != '.' && $folder != '..' && $folder != 'COPYRIGHT' && $folder != 'global_usage' && $folder != 'shallalist.tar.gz') { $laruta = $dir . '/' . $folder; if (is_dir($dir . '/' . $folder)) { $resultado[] = listFolders($dir . '/' . $folder); } else { if (strpos($folder, 'domains') !== false) $resultado[] = $laruta; } } } return $resultado; } //folders /tmp/BL to array $losdiraux = listFolders("/tmp/BL"); $losdir = iterator_to_array(new RecursiveIteratorIterator(new RecursiveArrayIterator($losdiraux)), 0); //DNSBL feed shallalist2pfBlockerNG $j = 0; $existeDNSBLfeed = false; while (!empty($config['installedpackages']['pfblockerngdnsbl']['config'][$j]['aliasname'])) { $j++; if (strpos($config['installedpackages']['pfblockerngdnsbl']['config'][$j]['aliasname'], "shallalist2pfpBlockerNG") !== false) { $existeDNSBLfeed = true; print_r("Already exists DNSBL feed shallalist2pfpBlockerNG ... \n"); } } if (!$existeDNSBLfeed) { $config['installedpackages']['pfblockerngdnsbl']['config'][$j]['aliasname'] = "shallalist2pfpBlockerNG"; $config['installedpackages']['pfblockerngdnsbl']['config'][$j]['description'] = "shallalist to pfBlockerNG"; $config['installedpackages']['pfblockerngdnsbl']['config'][$j]['infolist'] = ""; //... $i = 0; foreach ($losdir as $elemento) { $config['installedpackages']['pfblockerngdnsbl']['config'][$j]['row'][$i]['format'] = 'auto'; $config['installedpackages']['pfblockerngdnsbl']['config'][$j]['row'][$i]['state'] = 'Disabled'; //Enabled $config['installedpackages']['pfblockerngdnsbl']['config'][$j]['row'][$i]['url'] = "$elemento"; $config['installedpackages']['pfblockerngdnsbl']['config'][$j]['row'][$i]['header'] = "sh2pfB_$i"; $i++; } //... $config['installedpackages']['pfblockerngdnsbl']['config'][$j]['action'] = "unbound"; $config['installedpackages']['pfblockerngdnsbl']['config'][$j]['cron'] = "Weekly"; $config['installedpackages']['pfblockerngdnsbl']['config'][$j]['filter_alexa'] = "on"; $config['installedpackages']['pfblockerngdnsbl']['config'][$j]['custom'] = ""; $config['installedpackages']['pfblockerngdnsbl']['config'][$j]['custom_update'] = "disabled"; print "pfBlockerNG DNSBL feed List shallalist2pfpBlockerNG Import Completed...\n\n"; write_config(); } //Cron //si no existe /scripts lo creamos - if not exist /scripts create it if(!is_dir('/scripts')) { mkdir('/scripts'); } //si no existe /scripts/cron-download-shallalist2pfpBlockerNG.sh lo creamos if (!file_exists('/scripts/cron-download-shallalist2pfpBlockerNG.sh')) { //bash $contenido = "#!/bin/sh\n" . "/bin/rm -rf /tmp/BL\n" . "/bin/mkdir /tmp/BL\n" . "/usr/bin/fetch -o /tmp/BL http://www.shallalist.de/Downloads/shallalist.tar.gz\n" . "/usr/bin/tar -xf /tmp/BL/shallalist.tar.gz --strip 1 -C /tmp/BL\n" . "/bin/rm -rf /tmp/BL/shallalist.tar.gz\n"; file_put_contents("/scripts/cron-download-shallalist2pfpBlockerNG.sh", $contenido); print_r("Create /scripts/cron-download-shallalist2pfpBlockerNG.sh ... \n"); } else print_r("Already exists /scripts/cron-download-shallalist2pfpBlockerNG.sh ... \n"); //existe Cron? $j = 0; $existecron = false; while (!empty($config['cron']['item'][$j]['command'])) { $j++; //print_r($config['cron']['item'][$j]['command']."\n"); if (strpos($config['cron']['item'][$j]['command'], "/bin/sh /scripts/cron-download-shallalist2pfpBlockerNG.sh") !== false) { $existecron = true; print_r("Already exists cron for /bin/sh /scripts/cron-download-shallalist2pfpBlockerNG.sh \n"); } } //si no existe cron lo creamos a ejecutar como root cada domingo a las 06:06 if (!$existecron) { $config['cron']['item'][$j]['minute'] = "6"; $config['cron']['item'][$j]['hour'] = "6"; //$config['cron']['item'][$j]['mday'] = "*"; //$config['cron']['item'][$j]['month'] = "*"; $config['cron']['item'][$j]['wday'] = "7"; $config['cron']['item'][$j]['who'] = "root"; $config['cron']['item'][$j]['command'] = "/bin/sh /scripts/cron-download-shallalist2pfpBlockerNG.sh"; print_r("Create cron for /bin/sh /scripts/cron-download-shallalist2pfpBlockerNG.sh ... \n\n"); write_config(); } print_r("You have to go to https://YOUR-IP-PFSENSE/pkg.php?xml=/pfblockerng/pfblockerng_dnsbl_lists.xml \n" . " Firewall > pfBlockerNG > DNSBL Feeds: and edit/put ON/OFF the Categories you wish \n" . "and Force Update update/reload DNSBL pfblockerNG \n\n"); print_r("The End :). By javcasta - htpps://javcasta.com \n"); ?>
Salu2
Referencias:
Descarga - download: http://www.javcasta.com/?smd_process_download=1&download_id=33336
https://www.javcasta.com/shallalist2pfblockerng-php-script-para-importar-categorias-shallalist-a-pfblockerng/
https://forum.pfsense.org/index.php?topic=119851.0 -
valla pero que aporte, muchas gracias
-
Ok ;D
sólo decir que si el pfSense no dispone de mucha ram, ojo con activar Enable TLD en DNSBL , no poner listas demasiado grandes en pfBlockerNG si así fuese , ( cuando las listas superan 300K elementos hace falta bastante ram, 100K domains <–> 1GB) -
Hola.
Ok, I'm about to ask a stupid question. Yes I searched first, but didn't find the answer - or was too stupid to understand it.
Where is everyone getting the IP block lists to import into pfBNG? I know of a few, but it seems like everyone uses many of the same (based on the screenshots), so thought I would just ask if there is a list somewhere.This was provided by BBcan17, stick the under /usr/local/www and run once via your browser. (All the lists are disabled by default.)
Casi Off topic, pero muy util, un script del desarrollador de pfBlockerNG @BBcan177 pfBlockerNG_import.php , para importar listas IPv4 (poner enabled u disabled las que convengan despues desde el configurador de pfBlockerNG) para el pfBlockerNG:
Se aloja el fichero del script en /usr/local/www/pfBlockerNG_import.php y se ejecuta desde navegador ( https://la-ip-pfsense/pfBlockerNG_import.php )
Cuando termine de ejecutarse el script se verá en el navegadorChecking for Existing pfBlockerNG Alias/Lists Found existing Alias/Lists. Merging Existing Alias/Lists with Imported Version pfBlockerNG Alias List Import Completed.;
Y en IPv4 lists aparecerán
IBlock pfBlockerNG IBlock Disabled 04hours enabled
PRI1 pfBlockerNG PRI1 Disabled 01hour enabled
PRI2 pfBlockerNG PRI2 Disabled 04hours enabled
PRI3 pfBlockerNG PRI3 Disabled 04hours enabled
SEC1 pfBlockerNG SEC1 Disabled 04hours enabled
TOR pfBlockerNG TOR Disabled 04hours enabled
MAIL pfBlockerNG MAIL Disabled 08hours enabled
El código pfBlockerNG_import.php
/* pfBlockerNG_import.php pfBlockerNG Copyright (C) 2014 BBcan177@gmail.com All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1\. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2\. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ require_once("config.inc"); require_once("util.inc"); require_once("functions.inc"); require_once("pkg-utils.inc"); require_once("pfsense-utils.inc"); require_once("globals.inc"); require_once("services.inc"); print ""; $pfblist_new = array ( array ( "none" => "", "aliasname" => "IBlock", "description" => "pfBlockerNG IBlock", "infolists" => "", "row" => array (array ("format" => "gz", "state" => "Disabled", "url" => "http://list.iblocklist.com/?list=usrcshglbiilevmyfhse&fileformat=p2p&archiveformat=gz", "header"=> "IBlock_BT_Hijack"), array ("format" => "gz", "state" => "Disabled", "url" => "http://list.iblocklist.com/?list=ficutxiwawokxlcyoeye&fileformat=p2p&archiveformat=gz", "header"=> "IBlock_BT_FS"), array ("format" => "gz", "state" => "Disabled", "url" => "http://list.iblocklist.com/?list=ghlzqtqxnzctvvajwwag&fileformat=p2p&archiveformat=gz", "header"=> "IBlock_BT_Web"), array ("format" => "gz", "state" => "Disabled", "url" => "http://list.iblocklist.com/?list=llvtlsjyoyiczbkjsxpf&fileformat=p2p&archiveformat=gz", "header"=> "IBlock_BT_Spy"), array ("format" => "gz", "state" => "Disabled", "url" => "http://list.iblocklist.com/?list=cwworuawihqvocglcoss&fileformat=p2p&archiveformat=gz", "header"=> "IBlock_Badpeer"), array ("format" => "gz", "state" => "Disabled", "url" => "http://list.iblocklist.com/?list=dgxtneitpuvgqqcpfulq&fileformat=p2p&archiveformat=gz", "header"=> "IBlock_Ads"), array ("format" => "gz", "state" => "Disabled", "url" => "http://list.iblocklist.com/?list=xoebmbyexwuiogmbyprb&fileformat=p2p&archiveformat=gz", "header"=> "IBlock_Proxy")), "action"=> "Disabled", "cron" => "04hours", "dow" => "1", "aliaslog" => "enabled", "custom"=> "", "custom_update" => "disabled"), array ( "none" => "", "aliasname" => "PRI1", "description" => "pfBlockerNG PRI1", "infolists" => "", "row" => array (array ("format" => "txt", "state" => "Disabled", "url" => "https://rules.emergingthreats.net/blockrules/compromised-ips.txt", "header"=> "ET_Comp"), array ("format" => "txt", "state" => "Disabled", "url" => "https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt", "header"=> "ET_Block"), array ("format" => "txt", "state" => "Disabled", "url" => "http://www.spamhaus.org/drop/drop.txt", "header"=> "Spamhaus_drop"), array ("format" => "txt", "state" => "Disabled", "url" => "http://www.spamhaus.org/drop/edrop.txt", "header"=> "Spamhaus_edrop"), array ("format" => "txt", "state" => "Disabled", "url" => "http://cinsscore.com/list/ci-badguys.txt", "header"=> "CIArmy"), array ("format" => "txt", "state" => "Disabled", "url" => "https://zeustracker.abuse.ch/blocklist.php?download=ipblocklist", "header"=> "Abuse_Zeus"), array ("format" => "txt", "state" => "Disabled", "url" => "https://spyeyetracker.abuse.ch/blocklist.php?download=ipblocklist", "header"=> "Abuse_Spyeye"), array ("format" => "txt", "state" => "Disabled", "url" => "https://palevotracker.abuse.ch/blocklists.php?download=ipblocklist", "header"=> "Abuse_Palevo"), array ("format" => "html", "state" => "Disabled", "url" => "https://sslbl.abuse.ch/blacklist/sslipblacklist_aggressive.csv", "header"=> "Abuse_SSLBL"), array ("format" => "block", "state" => "Disabled", "url" => "https://feeds.dshield.org/block.txt", "header"=> "dShield_Block"), array ("format" => "txt", "state" => "Disabled", "url" => "https://labs.snort.org/feeds/ip-filter.blf", "header"=> "Snort_BL"), array ("format" => "html", "state" => "Disabled", "url" => "http://osint.bambenekconsulting.com/feeds/goz-iplist.txt", "header"=> "BBC_Goz")), "action"=> "Disabled", "cron" => "01hour", "dow" => "1", "aliaslog" => "enabled", "custom"=> "", "custom_update" => "disabled"), array ( "none" => "", "aliasname" => "PRI2", "description" => "pfBlockerNG PRI2", "infolists" => "", "row" => array (array ("format" => "gz_2", "state" => "Disabled", "url" => "https://reputation.alienvault.com/reputation.snort.gz", "header"=> "Alienvault"), array ("format" => "html", "state" => "Disabled", "url" => "https://atlas.arbor.net/summary/attacks.csv", "header"=> "Atlas_Attacks"), array ("format" => "html", "state" => "Disabled", "url" => "https://atlas.arbor.net/summary/botnets.csv", "header"=> "Atlas_Botnets"), array ("format" => "html", "state" => "Disabled", "url" => "https://atlas.arbor.net/summary/fastflux.csv", "header"=> "Atlas_Fastflux"), array ("format" => "html", "state" => "Disabled", "url" => "https://atlas.arbor.net/summary/phishing.csv", "header"=> "Atlas_Phishing"), array ("format" => "html", "state" => "Disabled", "url" => "https://atlas.arbor.net/summary/scans.csv", "header"=> "Atlas_Scans"), array ("format" => "txt", "state" => "Disabled", "url" => "http://www.cyber-ta.org/releases/malware/SOURCES/Attacker.Cumulative.Summary", "header"=> "SRI_Attackers"), array ("format" => "txt", "state" => "Disabled", "url" => "http://www.cyber-ta.org/releases/malware/SOURCES/CandC.Cumulative.Summary", "header"=> "SRI_CC"), array ("format" => "html", "state" => "Disabled", "url" => "https://www.projecthoneypot.org/list_of_ips.php?t=d&rss=1", "header"=> "HoneyPot")), "action"=> "Disabled", "cron" => "04hours", "dow" => "1", "aliaslog" => "enabled", "custom"=> "", "custom_update" => "disabled"), array ( "none" => "", "aliasname" => "PRI3", "description" => "pfBlockerNG PRI3", "infolists" => "", "row" => array (array ("format" => "txt", "state" => "Disabled", "url" => "http://www.malwaredomainlist.com/hostslist/ip.txt", "header"=> "MDL"), array ("format" => "txt", "state" => "Disabled", "url" => "http://www.nothink.org/blacklist/blacklist_malware_http.txt", "header"=> "Nothink_BL"), array ("format" => "txt", "state" => "Disabled", "url" => "http://www.nothink.org/blacklist/blacklist_ssh_week.txt", "header"=> "Nothink_SSH"), array ("format" => "txt", "state" => "Disabled", "url" => "http://www.nothink.org/blacklist/blacklist_malware_dns.txt", "header"=> "Nothink_Malware"), array ("format" => "txt", "state" => "Disabled", "url" => "https://danger.rulez.sk/projects/bruteforceblocker/blist.php", "header"=> "DangerRulez"), array ("format" => "html", "state" => "Disabled", "url" => "https://www.autoshun.org/files/shunlist.csv", "header"=> "Shunlist"), array ("format" => "txt", "state" => "Disabled", "url" => "http://www.infiltrated.net/blacklisted", "header"=> "Infiltrated"), array ("format" => "txt", "state" => "Disabled", "url" => "https://www.dragonresearchgroup.org/insight/sshpwauth.txt", "header"=> "DRG_SSH"), array ("format" => "txt", "state" => "Disabled", "url" => "https://www.dragonresearchgroup.org/insight/vncprobe.txt", "header"=> "DRG_VNC"), array ("format" => "txt", "state" => "Disabled", "url" => "https://www.dragonresearchgroup.org/insight/http-report.txt", "header"=> "DRG_HTTP"), array ("format" => "txt", "state" => "Disabled", "url" => "https://feodotracker.abuse.ch/blocklist/?download=ipblocklist", "header"=> "Feodo_Block"), array ("format" => "txt", "state" => "Disabled", "url" => "https://feodotracker.abuse.ch/blocklist/?download=badips", "header"=> "Feodo_Bad"), array ("format" => "txt", "state" => "Disabled", "url" => "http://www.reputationauthority.org/toptens.php", "header"=> "WatchGuard"), array ("format" => "txt", "state" => "Disabled", "url" => "https://vmx.yourcmc.ru/BAD_HOSTS.IP4", "header"=> "VMX"), array ("format" => "html", "state" => "Disabled", "url" => "http://www.geopsy.org/blacklist.html", "header"=> "Geopsy"), array ("format" => "html", "state" => "Disabled", "url" => "https://www.maxmind.com/en/anonymous_proxies", "header"=> "Maxmind"), array ("format" => "html", "state" => "Disabled", "url" => "http://www.botscout.com/last_caught_cache.htm", "header"=> "BotScout"), array ("format" => "html", "state" => "Disabled", "url" => "https://www.juniper.net/security/auto/spam", "header"=> "Juniper"), array ("format" => "txt", "state" => "Disabled", "url" => "http://blocklist.greensnow.co/greensnow.txt", "header"=> "Greensnow"), array ("format" => "txt", "state" => "Disabled", "url" => "https://lists.blocklist.de/lists/all.txt", "header"=> "BlocklistDE"), array ("format" => "txt", "state" => "Disabled", "url" => "http://www.stopforumspam.com/downloads/toxic_ip_cidr.txt", "header"=> "SFS_Toxic")), "action"=> "Disabled", "cron" => "04hours", "dow" => "1", "aliaslog" => "enabled", "custom"=> "", "custom_update" => "disabled"), array ( "none" => "", "aliasname" => "SEC1", "description" => "pfBlockerNG SEC1", "infolists" => "", "row" => array (array ("format" => "html", "state" => "Disabled", "url" => "http://www.malwaregroup.com/ipaddresses/malicious", "header"=> "MalwareGroup"), array ("format" => "gz_2", "state" => "Disabled", "url" => "https://www.openbl.org/lists/base_90days.txt.gz", "header"=> "OpenBL"), array ("format" => "txt", "state" => "Disabled", "url" => "https://malc0de.com/bl/IP_Blacklist.txt", "header"=> "Malcode"), array ("format" => "txt", "state" => "Disabled", "url" => "https://www.badips.com/get/list/any/2", "header"=> "BadIPs")), "action"=> "Disabled", "cron" => "04hours", "dow" => "1", "aliaslog" => "enabled", "custom"=> "", "custom_update" => "disabled"), array ( "none" => "", "aliasname" => "TOR", "description" => "pfBlockerNG TOR", "infolists" => "", "row" => array (array ("format" => "gz", "state" => "Disabled", "url" => "http://list.iblocklist.com/?list=togdoptykrlolpddwbvz&fileformat=p2p&archiveformat=gz", "header"=> "IBlock_Tor"), array ("format" => "txt", "state" => "Disabled", "url" => "https://torstatus.blutmagie.de/ip_list_exit.php/Tor_ip_list_EXIT.csv", "header"=> "Blut_Tor"), array ("format" => "html", "state" => "Disabled", "url" => "https://rules.emergingthreats.net/open/suricata/rules/tor.rules", "header"=> "ET_Tor")), "action"=> "Disabled", "cron" => "04hours", "dow" => "1", "aliaslog" => "enabled", "custom"=> "", "custom_update" => "disabled"), array ( "none" => "", "aliasname" => "MAIL", "description" => "pfBlockerNG MAIL", "infolists" => "", "row" => array (array ("format" => "txt", "state" => "Disabled", "url" => "https://virbl.bit.nl/download/virbl.dnsbl.bit.nl.txt", "header"=> "VirBL"), array ("format" => "zip", "state" => "Disabled", "url" => "http://www.stopforumspam.com/downloads/bannedips.zip", "header"=> "SFS_All"), array ("format" => "txt", "state" => "Disabled", "url" => "http://antispam.imp.ch/spamlist", "header"=> "Improware"), array ("format" => "html", "state" => "Disabled", "url" => "http://toastedspam.com/denylist.cgi", "header"=> "ToastedSpam"), array ("format" => "html", "state" => "Disabled", "url" => "http://rss.uribl.com/reports/7d/dns_a.html", "header"=> "URIBL"), array ("format" => "txt", "state" => "Disabled", "url" => "http://spamcop.net/w3m?action=map;net=cmaxcnt;mask=65535;sort=spamcnt;format=text", "header"=> "SpamCop"), array ("format" => "gz_2", "state" => "Disabled", "url" => "http://www.dnsbl.manitu.net/download/nixspam-ip.dump.gz", "header" => "Nix_Spam")), "action"=> "Disabled", "cron" => "08hours", "dow" => "1", "aliaslog" => "enabled", "custom"=> "", "custom_update" => "disabled") ); print "Checking for Existing pfBlockerNG Alias/Lists\n"; // Check for Existing pfBlockerNG Allias/Lists if (is_array($config['installedpackages']['pfblockernglistsv4']['config'])) { print "Found existing Alias/Lists. Merging Existing Alias/Lists with Imported Version\n\n"; $pfblist = $config['installedpackages']['pfblockernglistsv4']['config']; $pfbfinal = array_merge($pfblist, $pfblist_new); $config['installedpackages']['pfblockernglistsv4']['config'] = $pfbfinal; } else { print "No existing Alias/Lists found. Importing new Version.\n\n"; $config['installedpackages']['pfblockernglistsv4']['config'] = $pfblist_new; } print "pfBlockerNG Alias List Import Completed."; write_config(); ?>;
Salu2
-
Hola.
Ok, I'm about to ask a stupid question. Yes I searched first, but didn't find the answer - or was too stupid to understand it.
Where is everyone getting the IP block lists to import into pfBNG? I know of a few, but it seems like everyone uses many of the same (based on the screenshots), so thought I would just ask if there is a list somewhere.This was provided by BBcan17, stick the under /usr/local/www and run once via your browser. (All the lists are disabled by default.)
Casi Off topic, pero muy util, un script del desarrollador de pfBlockerNG @BBcan177 pfBlockerNG_import.php , para importar listas IPv4 (poner enabled u disabled las que convengan despues desde el configurador de pfBlockerNG) para el pfBlockerNG:
Cómo import_gravity?
-
Hola
Cómo import_gravity?
Efectivamente, no lo he posteado aquí, pero tengo el script (depurado) pfBlockerNG_import_gravity.php
Script de creación y update de listas de firehole project para pfBlockerNG – pfBlockerNG_import_gravity.php
https://www.javcasta.com/script-de-creacion-y-update-de-listas-de-firehole-project-para-pfblockerng-pfblockerng_import_gravity-php/Este php script sirve para crear y actualizar listas IPv4 del proyecto FireHole para el paquete pfBlockerNG de pfSense.
…Download pfBlockerNG_import_gravity.php: http://www.javcasta.com/?smd_process_download=1&download_id=33310
Salu2.
-
Ok ;D
I'll try it
-
Hola
Creo que hay ya en "el horno" una nueva versión de pfBlockerNG, que saldrá su release en breve, y creo que también @BBcan177 (el desarrollador de pfBl), está trabajando en añadir listas de categorias de bloqueo a su utilidad (como con shallalist)… Esperando estoy :)
https://twitter.com/pfsense/status/788203605950025728
https://twitter.com/pfsense/status/789501978158075904
Salu2
-
Lleva desde el 21 sin conectarse al foro @BBcan177, debe de estar programando y depurando a full ;D
-