Monster pfBlockerNG import script pfBlockerNG_import_gravity.php 224 lists
-
It includes the ones from the original, but under different alias and header names so it will not overwrite
Tony
Thanks, is it possible to just import the firehol ones?
Could just do the import and turn off the ones you don't want, the Alias are disabled so they will not run until you set them to. Or modify the script before doing the import, delete the ones you don't need.
-
Parse error: syntax error, unexpected 'infolists' (T_STRING), expecting ')' in /usr/local/www/pfBlockerNG_import_gravity.php on line 563
… and more
-
Parse error: syntax error, unexpected 'infolists' (T_STRING), expecting ')' in /usr/local/www/pfBlockerNG_import_gravity.php on line 563
… and more
Same error here :/
-
Parse error: syntax error, unexpected 'infolists' (T_STRING), expecting ')' in /usr/local/www/pfBlockerNG_import_gravity.php on line 563
… and more
Same error here :/
Crud sorry about that typo on line 563
"description" => "Malware Expect false positives white lists will need to be created",",
Change to
"description" => "Malware Expect false positives white lists will need to be created",
Also update file on Github
-
also change this:
line 680
"header" => "trustedsec_atif"),
->
"header" => "trustedsec_atif")),
and
line 1020"custom_update" => "disabled")
->
"custom_update" => "disabled"),
-
Hello.
Very good tool for pfBlockerNG :)
this is my debugged script that works for me, (zip file attached. or in my web: http://www.javcasta.com/?smd_process_download=1&download_id=33310 )
Regads.
-
also change this:
line 680
"header" => "trustedsec_atif"),
->
"header" => "trustedsec_atif")),
and
line 1020"custom_update" => "disabled")
->
"custom_update" => "disabled"),
Thanks for the review, changes updated on github. This is what happens when your up 24 hours straight :)
-
Ok, thanks for update in github
One detail, wget is not by default in pfSense 2.3.2, other way to download script:
curl https://raw.githubusercontent.com/tonymorella/pfsense_scipts/master/pfBlockerNG_import_gravity.php > pfBlockerNG_import_gravity.php
-
Some of the lists blocked other lists. e.g. Malware[ransomware_feed] blocks Spam_Bots_PHP[lashback_ubl], Attacks[gofferje_sip] blocks Attacks[blueliv_crimeserver_online, blueliv_crimeserver_recent]. Totally confusion. Also, can't get access from "https://freeapi.blueliv.com"
-
Some of the lists blocked other lists. e.g. Malware[ransomware_feed] blocks Spam_Bots_PHP[lashback_ubl], Attacks[gofferje_sip] blocks Attacks[blueliv_crimeserver_online, blueliv_crimeserver_recent]. Totally confusion. Also, can't get access from "https://freeapi.blueliv.com"
Good point, by default I added all the URLs to a custom allow lists so they can not block each other :) Also you need to create and account to access the blueliv.com API
-
Some of the lists blocked other lists. e.g. Malware[ransomware_feed] blocks Spam_Bots_PHP[lashback_ubl], Attacks[gofferje_sip] blocks Attacks[blueliv_crimeserver_online, blueliv_crimeserver_recent]. Totally confusion. Also, can't get access from "https://freeapi.blueliv.com"
Good point, by default I added all the URLs to a custom allow lists so they can not block each other :) Also you need to create and account to access the blueliv.com API
Added 88.198.202.51 (blueliv.com) into the pfBlockerNG surpress list, but it was still blocked by gofferje, What am I missing?
-
Also, can't get access from "https://freeapi.blueliv.com"
Added 88.198.202.51 (blueliv.com) into the pfBlockerNG surpress list, but it was still blocked by gofferje, What am I missing?
I haven't used blueliv, but your not checking the correct domain name…
ping freeapi.blueliv.com
PING f01.blueliv.com (88.198.51.46): 56 data bytes
-
Also, can't get access from "https://freeapi.blueliv.com"
Added 88.198.202.51 (blueliv.com) into the pfBlockerNG surpress list, but it was still blocked by gofferje, What am I missing?
I haven't used blueliv, but your not checking the correct domain name…
ping freeapi.blueliv.com
PING f01.blueliv.com (88.198.51.46): 56 data bytes
Hi,
if I manually add the ip in the suppress list and apply the changes, Should I do a update or force reload?
-
I think you should put a warning about false positives on the bots and organisations ones. I had to delete them.
-
I think you should put a warning about false positives on the bots and organisations ones. I had to delete them.
Sure why not :) I used Organisations for allow rules not block, did you notice issues with this one??
-
blocking emails to/from me.com from a local mail server I think it was.
-
Thanks for the script, it was quite a timesaver.
A number of the lists ought to end up in the DNSBL section rather than IP4 (Privacy/SomeoneWhoCares is one example) - if you're maintaining the script that's something to check. If I get some time I might take a look.