From patchwork Mon Nov 25 20:13:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tim FitzGeorge X-Patchwork-Id: 2609 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 47MJCv0nJ0z43WL for ; Mon, 25 Nov 2019 20:14:35 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 47MJCt5640z2R5; Mon, 25 Nov 2019 20:14:34 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 47MJCt3mkLz2yZn; Mon, 25 Nov 2019 20:14:34 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 47MJCr4Ycfz2y3Y for ; Mon, 25 Nov 2019 20:14:32 +0000 (UTC) Received: from smtp.hosts.co.uk (smtp.hosts.co.uk [85.233.160.19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPS id 47MJCr1DS8z2M5 for ; Mon, 25 Nov 2019 20:14:32 +0000 (UTC) Received: from [95.149.142.227] (helo=aragorn.tfitzgeorge.me.uk) by smtp.hosts.co.uk with esmtpa (Exim) (envelope-from ) id 1iZKkf-0000EB-56; Mon, 25 Nov 2019 20:14:31 +0000 From: Tim FitzGeorge To: development@lists.ipfire.org Subject: [PATCH 2/5] ipblacklist: WUI and language file Date: Mon, 25 Nov 2019 20:13:06 +0000 Message-Id: <20191125201309.10840-3-ipfr@tfitzgeorge.me.uk> X-Mailer: git-send-email 2.16.4 In-Reply-To: <20191125201309.10840-1-ipfr@tfitzgeorge.me.uk> References: <20191125201309.10840-1-ipfr@tfitzgeorge.me.uk> Authentication-Results: mail01.ipfire.org; dkim=none; dmarc=none; spf=pass (mail01.ipfire.org: domain of ipfr@tfitzgeorge.me.uk designates 85.233.160.19 as permitted sender) smtp.mailfrom=ipfr@tfitzgeorge.me.uk X-Rspamd-Queue-Id: 47MJCr1DS8z2M5 X-Spamd-Result: default: False [2.59 / 11.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[85.233.160.19:from]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; HTML_META_REFRESH_URL(5.00)[]; R_SPF_ALLOW(-0.20)[+ip4:85.233.160.0/27]; MIME_GOOD(-0.10)[text/plain]; SENDER_REP_HAM(0.00)[asn: 8622(0.00), country: GB(-0.01), ip: 85.233.160.19(0.00)]; DMARC_NA(0.00)[tfitzgeorge.me.uk]; RWL_MAILSPIKE_GOOD(0.00)[85.233.160.19:from]; RECEIVED_SPAMHAUS_PBL(0.00)[95.149.142.227:received]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MX_GOOD(-0.01)[cached: mx1.ukservers.net]; RCPT_COUNT_TWO(0.00)[2]; MID_CONTAINS_FROM(1.00)[]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:8622, ipnet:85.233.160.0/19, country:GB]; MIME_TRACE(0.00)[0:+]; BAYES_HAM(-3.00)[100.00%]; RCVD_COUNT_TWO(0.00)[2] X-Rspamd-Server: mail01.haj.ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Main WUI page and update to system logs page Signed-off-by: Tim FitzGeorge --- config/menu/50-firewall.menu | 5 + html/cgi-bin/ipblacklist.cgi | 725 ++++++++++++++++++++++++++++++++++++++++++ html/cgi-bin/logs.cgi/log.dat | 2 + langs/en/cgi-bin/en.pl | 31 ++ 4 files changed, 763 insertions(+) create mode 100644 html/cgi-bin/ipblacklist.cgi diff --git a/config/menu/50-firewall.menu b/config/menu/50-firewall.menu index 5ec1f67fc..cd82bfaa3 100644 --- a/config/menu/50-firewall.menu +++ b/config/menu/50-firewall.menu @@ -21,6 +21,11 @@ 'title' => "$Lang::tr{'intrusion detection system'}", 'enabled' => 1, }; + $subfirewall->{'45.ipblacklist'} = {'caption' => $Lang::tr{'ipblacklist'}, + 'uri' => '/cgi-bin/ipblacklist.cgi', + 'title' => "$Lang::tr{'ipblacklist'}", + 'enabled' => 1, + }; $subfirewall->{'50.p2p'} = { 'caption' => $Lang::tr{'p2p block'}, 'uri' => '/cgi-bin/p2p-block.cgi', diff --git a/html/cgi-bin/ipblacklist.cgi b/html/cgi-bin/ipblacklist.cgi new file mode 100644 index 000000000..b2ccf7b3f --- /dev/null +++ b/html/cgi-bin/ipblacklist.cgi @@ -0,0 +1,725 @@ +#!/usr/bin/perl + +############################################################################### +# # +# IPFire.org - A linux based firewall # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +# Copyright (C) 2018 - 2019 The IPFire Team # +# # +############################################################################### + +use strict; +use CGI qw/:standard/; +#enable only the following on debugging purpose +#use warnings; +#use CGI::Carp 'fatalsToBrowser'; +use Sort::Naturally; +use Socket; + +require '/var/ipfire/general-functions.pl'; +require "${General::swroot}/lang.pl"; +require "${General::swroot}/header.pl"; + +############################################################################### +# Initialize variables and hashes +############################################################################### + +my $settings = "${General::swroot}/ipblacklist/settings"; +my $modified = "${General::swroot}/ipblacklist/modified"; +my $sources = "${General::swroot}/ipblacklist/sources"; +my $getipstat = '/usr/local/bin/getipstat'; +my $getipsetstat = '/usr/local/bin/getipsetstat'; +my $control = '/usr/local/bin/ipblacklistctrl'; +my $lockfile = '/var/run/ipblacklist.pid'; +my $autoblacklist = 'AUTOBLACKLIST'; +my %cgiparams = ('ACTION' => '', 'AUTOACTION' => ''); +my $errormessage = ''; +my $updating = 0; +my %mainsettings; +my %color; +my %modified; +my %sources; +my %stats; +my %autoblock_addresses; + +my %settings = ( 'DEBUG' => 0, + 'LOGGING' => 'on', + 'RATE' => 24, + 'ENABLE' => 'off', + 'BLOCK_THRESHOLD' => 10, + 'BLOCK_PERIOD' => 3600, + $autoblacklist => 'off' ); + +# Read all parameters for site +Header::getcgihash( \%cgiparams); +General::readhash( "${General::swroot}/main/settings", \%mainsettings ); +General::readhash( "/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color ); +General::readhash( $settings, \%settings ) if (-r $settings); +General::readhash( $modified, \%modified) if (-r $modified); +eval qx|/bin/cat $sources| if (-r $sources); + +# Show Headers + +Header::showhttpheaders(); + +# Process actions + +if ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}") +{ + #Save Button on configsite + + my %new_settings = ( 'ENABLE' => 'off', + 'RATE' => 24, + 'LOGGING' => 'off', + 'DEBUG' => 0, + 'BLOCK_THRESHOLD' => $settings{'BLOCK_THRESHOLD'} || 10, + 'BLOCK_PERIOD' => $settings{'BLOCK_PERIOD'} || 3600, + $autoblacklist => $settings{$autoblacklist} ); + + $errormessage .= "$Lang::tr{'ipblacklist invalid check rate'}
" if (($cgiparams{'RATE'} !~ m/^\d+$/) or + ($cgiparams{'RATE'} < 1) or + ($cgiparams{'RATE'} > 1000)); + + $new_settings{'RATE'} = $cgiparams{'RATE'}; + delete $cgiparams{'RATE'}; + + foreach my $item ('LOGGING', 'ENABLE', keys %sources) + { + $new_settings{$item} = (exists $cgiparams{$item}) ? 'on' : 'off'; + + $updating = 1 if (not exists $settings{$item} or $new_settings{$item} ne $settings{$item}); + } + + # Check for redundant blacklists being enabled + + foreach my $list (keys %sources) + { + if (exists $settings{$list} and + $settings{$list} eq 'on' and + exists $sources{$list}{'override'} and + $settings{$sources{$list}{'override'}} eq 'on') + { + $settings{$sources{$list}{'override'}} = 'off'; + + $updating = 1; + $errormessage .= "$Lang::tr{'ipblacklist disable pre'} $sources{$list}{'override'} " . + "$Lang::tr{'ipblacklist disable mid'} $list $Lang::tr{'ipblacklist disable post'}
\n"; + } + } + + if ($settings{'LOGGING'} ne $new_settings{'LOGGING'}) + { + if ($new_settings{'LOGGING'} eq 'on') + { + system( "$control log-on" ); + } + else + { + system( "$control log-off" ); + } + } + + if ($settings{'ENABLE'} ne $new_settings{'ENABLE'}) + { + if ($new_settings{'ENABLE'} eq 'on') + { + system( "$control enable" ); + } + else + { + $settings{$autoblacklist} = 'off'; + system( "$control disable" ); + } + + $updating = 1; + } + + %settings = %new_settings; + + if ($errormessage) + { + $updating = 0; + } + else + { + General::writehash($settings, \%new_settings); + + if ($updating) + { + system( "$control update &" ); + get_ipset_stats(); + show_running(); + exit 0; + } + } +} +elsif ($cgiparams{'AUTOACTION'} eq "$Lang::tr{'save'}") +{ + $updating = 1 if ($settings{$autoblacklist} eq 'on' and not exists $cgiparams{$autoblacklist}); + $updating = 1 if ($settings{$autoblacklist} eq 'off' and exists $cgiparams{$autoblacklist}); + + $settings{$autoblacklist} = (exists $cgiparams{$autoblacklist}) ? 'on' : 'off'; + $settings{'BLOCK_THRESHOLD'} = $cgiparams{'BLOCK_THRESHOLD'}; + $settings{'BLOCK_PERIOD'} = $cgiparams{'BLOCK_PERIOD'} ; + + if (($cgiparams{'BLOCK_THRESHOLD'} !~ m/^\d+$/) or + ($cgiparams{'BLOCK_THRESHOLD'} < 1) or + ($cgiparams{'BLOCK_THRESHOLD'} > 1000000)) + { + $errormessage .= "$Lang::tr{'ipblacklist invalid threshold'}: $cgiparams{'BLOCK_THRESHOLD'}
"; + } + + if (($cgiparams{'BLOCK_PERIOD'} !~ m/^\d+$/) or + ($cgiparams{'BLOCK_PERIOD'} < 1) or + ($cgiparams{'BLOCK_PERIOD'} > 86400)) + { + $errormessage .= "$Lang::tr{'ipblacklist invalid block time'}: $cgiparams{'BLOCK_PERIOD'}
"; + } + + if ($errormessage) + { + $updating = 0; + } + else + { + General::writehash($settings, \%settings); + system( "$control autoblacklist-update" ) if ($updating); + } +} +elsif ($cgiparams{'AUTOACTION'} eq "$Lang::tr{'unblock all'}") +{ + system( "$control autoblacklist-clear" ); +} + +get_ipset_stats(); + +if (is_running()) +{ + show_running(); + exit 0; +} + +# Get blacklist statistics + +get_iptables_stats(); + +# Show site + +Header::openpage($Lang::tr{'ipblacklist'}, 1, ''); +Header::openbigbox('100%', 'left'); +error(); + +showstatus() if ($settings{ENABLE} eq 'on'); + +configsite(); + +# End of page + +Header::closebigbox(); +Header::closepage(); + +exit 0; + + +#------------------------------------------------------------------------------ +# sub configsite() +# +# Displays configuration +#------------------------------------------------------------------------------ + +sub configsite +{ + # Find preselections + + my $enable = 'checked'; + Header::openbox('100%', 'left', $Lang::tr{'settings'}); + + #### JAVA SCRIPT #### + + print< + \$(document).ready(function() + { + // Show/Hide elements when ENABLE checkbox is checked. + if (\$("#ENABLE").attr("checked")) + { + \$(".sources").show(); + } + else + { + \$(".sources").hide(); + } + + // Toggle Source list elements when "ENABLE" checkbox is clicked + \$("#ENABLE").change(function() + { + \$(".sources").toggle(); + }); + }); + +END + + ##### JAVA SCRIPT END #### + + # Enable checkbox + + $enable = ($settings{'ENABLE'} eq 'on') ? ' checked' : ''; + + print< + + + + + +
$Lang::tr{'ipblacklist use ipblacklists'}

+ +END + + # The following are only displayed if the blacklists are enabled + + $enable = ($settings{'LOGGING'} eq 'on') ? ' checked' : ''; + + print < + + + + + + + +
$Lang::tr{'ipblacklist log'}$Lang::tr{'ipblacklist check rate'} + +
+

+

$Lang::tr{'ipblacklist blacklist settings'}

+ + + + + + + +END + + # Iterate through the list of sources + + my $lines = 0; + + foreach my $list (sort keys %sources) + { + my $name = escapeHTML( $sources{$list}{'name'} ); + my $safe = $Lang::tr{$sources{$list}{safe}}; + $enable = ''; + my $col = ($lines++ % 2) ? "bgcolor='$color{'color20'}'" : "bgcolor='$color{'color22'}'"; + + $enable = ' checked' if (exists $settings{$list} and $settings{$list} eq 'on'); + + print < + + + + \n +END + } + + # The save button at the bottom of the table + + print < +

$Lang::tr{'ipblacklist safe note'}

+ +
$Lang::tr{'ipblacklist id'}$Lang::tr{'ipblacklist name'}$Lang::tr{'ipblacklist safe'}$Lang::tr{'ipblacklist enable'}
+END + + if ($sources{$list}{info}) + { + print "$list\n"; + } + else + { + print "$list\n"; + } + + print < + $name$safe
+ + + +
+
+
+END + + $enable = $settings{$autoblacklist} eq 'on' ? ' checked' : ''; + + print <
+

$Lang::tr{'ipblacklist auto list'}

+ + + + + + + + + + + + + + +
+ $Lang::tr{'ipblacklist autoblacklist enable'} + + + +   +
+ $Lang::tr{'ipblacklist autoblacklist threshold'} + + + +
+ $Lang::tr{'ipblacklist autoblacklist block time'} + + + +
+ + + + +
+ +
+END + + Header::closebox(); +} + + +#------------------------------------------------------------------------------ +# sub showstatus() +# +# Displays current blacklist status +#------------------------------------------------------------------------------ + +sub showstatus +{ + Header::openbox('100%', 'center', $Lang::tr{'status'}); + + print < + + $Lang::tr{'ipblacklist id'} + $Lang::tr{'ipblacklist entries'} + $Lang::tr{'ipblacklist pkts in'} + $Lang::tr{'ipblacklist bytes in'} + $Lang::tr{'ipblacklist pkts out'} + $Lang::tr{'ipblacklist bytes out'} + $Lang::tr{'ipblacklist updated'} + +END + + # Iterate through the list of sources + + foreach my $list ($autoblacklist, sort keys %sources) + { + next unless ($settings{$list} eq 'on'); + + my $size = ' '; + my $pkts_in = ' '; + my $bytes_in = ' '; + my $pkts_out = ' '; + my $bytes_out = ' '; + my $updated = ' '; + + if (exists $stats{$list}) + { + ($pkts_in, $bytes_in) = @{ $stats{$list}{IPBLACKLISTREDIN} } if (exists $stats{$list}{IPBLACKLISTREDIN}); + ($pkts_out, $bytes_out) = @{ $stats{$list}{IPBLACKLISTREDOUT} } if (exists $stats{$list}{IPBLACKLISTREDOUT}); + $size = $stats{$list}{size} if (exists $stats{$list}{size}); + } + + if (exists $modified{$list} and $modified{$list} > 0) + { + $updated = localtime( $modified{$list} ); + } + + print < + $list + $size + $pkts_in + $bytes_in + $pkts_out + $bytes_out + $updated + \n +END + + } + + print < +END + + if ($settings{$autoblacklist} eq 'on') + { + print <
+

$Lang::tr{'ipblacklist auto list'}

+ + + + + +END + + foreach my $address (nsort keys %autoblock_addresses ) + { + print "\n"; + } + + print < +
$Lang::tr{'ip address'}$Lang::tr{'ipblacklist block time remaining'}
$address$autoblock_addresses{$address}
+ + + + + +
+END + } + + Header::closebox(); +} + + +#------------------------------------------------------------------------------ +# sub get_ipset_stats() +# +# Gets the number of entries in each IPSet. +#------------------------------------------------------------------------------ + +sub get_ipset_stats +{ + my $name; + + system( $getipsetstat ); + + # Get the number of entries in each IP set + + if (-r '/var/tmp/ipsets.txt') + { + open STATS, '<', '/var/tmp/ipsets.txt' or die "Can't open IP Sets stats file: $!"; + + foreach my $line () + { + if ($line =~ m/Name: (\w+)/) + { + $name = $1; + next; + } + + if ($line =~ m/Number of entries: (\d+)/) + { + $stats{$name}{'size'} = $1; + } + } + + close STATS; + + unlink( '/var/tmp/ipsets.txt' ); + } + + # Get the IP addresses in the autoblacklist + + if (-r '/var/tmp/autoblacklist.txt') + { + open HASHTABLE, '<', '/var/tmp/autoblacklist.txt' or die "Can't open autoblacklist address file: $!"; + + # Iterate through the blocked addresses + + foreach my $line () + { + next unless ($line =~ m/(\d+\.\d+\.\d+\.\d+) timeout (\d+)/); + + $autoblock_addresses{$1} = format_time( $2 ); + } + + close HASHTABLE; + + unlink( '/var/tmp/autoblacklist.txt' ); + } + +} + + +#------------------------------------------------------------------------------ +# sub get_iptables_stats() +# +# Gets information on the number of packets and bytes rejected by each +# blacklist +#------------------------------------------------------------------------------ + +sub get_iptables_stats +{ + system( $getipstat ); + unlink( '/var/tmp/iptablesmangle.txt' ); + unlink( '/var/tmp/iptablesnat.txt' ); + + return unless (-r '/var/tmp/iptables.txt'); + + open STATS, '<', '/var/tmp/iptables.txt' or die "Can't open IP Tables stats file: $!"; + + my $table = 'Unknown'; + + foreach my $line () + { + if ($line =~ m/^Chain (\w+)/) + { + $table = $1; + next; + } + + next unless ($line =~ m/_BLOCK/); + + my ($pkts, $bytes, $chain) = $line =~ m/^\s*(\d+\w?)\s+(\d+\w?)\s+(\w+)_BLOCK/; + $stats{$chain}{$table} = [ $pkts, $bytes ]; + } + + close STATS; + + unlink( '/var/tmp/iptables.txt' ); +} + + +#------------------------------------------------------------------------------ +# sub is_running() +# +# Checks to see if the main script is running +#------------------------------------------------------------------------------ + +sub is_running +{ + return 0 unless (-r $lockfile); + + open LOCKFILE, '<', $lockfile or die "Can't open lockfile"; + my $pid = ; + close LOCKFILE; + + chomp $pid; + + return (-e "/proc/$pid"); +} + + +#------------------------------------------------------------------------------ +# sub show_running +# +# Displayed when update is running +#------------------------------------------------------------------------------ + +sub show_running +{ + # Open site + + Header::openpage( $Lang::tr{'ipblacklist'}, 1, '' ); + Header::openbigbox( '100%', 'center' ); + error(); + Header::openbox( 'Working', 'center', "$Lang::tr{'ipblacklist working'}" ); + + print < + + + $Lang::tr{  + + + +
+ + +END + + foreach my $name (keys %sources) + { + $stats{$name}{'size'} = ' ' if (not exists ($stats{$name}) and + exists $settings{$name} and + $settings{$name} eq 'on'); + } + + foreach my $name (sort keys %stats) + { + print "\n" if (exists $stats{$name}{'size'}); + } + + print < +END + + Header::closebox(); + + Header::closebigbox(); + Header::closepage(); +} + + +#------------------------------------------------------------------------------ +# sub error() +# +# Shows error messages +#------------------------------------------------------------------------------ + +sub error +{ + if ($errormessage) + { + Header::openbox('100%', 'left', $Lang::tr{'error messages'}); + print "$errormessage\n"; + print " \n"; + Header::closebox(); + } +} + + +#------------------------------------------------------------------------------ +# sub format_time( seconds ) +# +# Converts time in seconds to HH:MM:SS +#------------------------------------------------------------------------------ + +sub format_time($) { + my $time = shift; + + my $seconds = $time % 60; + my $minutes = $time / 60; + + my $hours = 0; + if ($minutes >= 60) { + $hours = $minutes / 60; + $minutes %= 60; + } + + return sprintf("%3d:%02d:%02d", $hours, $minutes, $seconds); +} diff --git a/html/cgi-bin/logs.cgi/log.dat b/html/cgi-bin/logs.cgi/log.dat index 8ca32d675..ba1a482c8 100644 --- a/html/cgi-bin/logs.cgi/log.dat +++ b/html/cgi-bin/logs.cgi/log.dat @@ -59,6 +59,7 @@ my %sections = ( 'dhcp' => '(dhcpd: )', 'dma' => '(dma: |dma\[.*\]: |postfix/\w*\[\d*\]: )', 'guardian' => '(guardian\[.*\]: )', + 'ipblacklist' => '(ipblacklist: )', 'ipfire' => '(ipfire: )', 'ipsec' => '(ipsec_[\w_]+: |pluto\[.*\]: |charon: |vpnwatch: )', 'kernel' => '(kernel: (?!DROP_))', @@ -87,6 +88,7 @@ my %trsections = ( 'dhcp' => "$Lang::tr{'dhcp server'}", 'dma' => 'Mail', 'guardian' => "$Lang::tr{'guardian'}", + 'ipblacklist' => "$Lang::tr{'ipblacklist'}", 'ipfire' => 'IPFire', 'ipsec' => 'IPSec', 'kernel' => "$Lang::tr{'kernel'}", diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index b40ef9390..5acf3678c 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1518,6 +1518,37 @@ 'ip alias changed' => 'External IP alias changed', 'ip alias removed' => 'External IP alias removed', 'ip info' => 'IP Information', +'ipblacklist auto list' => 'Automatic blacklist', +'ipblacklist autoblacklist enable' => 'Enable automatically updating local blacklist', +'ipblacklist autoblacklist threshold' => 'Threshold (packets/hour)', +'ipblacklist autoblacklist block time' => 'Block time (seconds)', +'ipblacklist blacklist settings' => 'Blacklist settings', +'ipblacklist bytes in' => 'bytes in', +'ipblacklist bytes out' => 'bytes out', +'ipblacklist check rate' => 'Update check rate (hours)', +'ipblacklist day' => 'day', +'ipblacklist disable pre' => 'Disabling', +'ipblacklist disable mid' => 'because it is included in', +'ipblacklist disable port' => '', +'ipblacklist enable' => 'Enable', +'ipblacklist entries' => 'Entries', +'ipblacklist hour' => 'hour', +'ipblacklist id' => 'Blacklist', +'ipblacklist invalid block time' => 'Invalid automatic blacklist block time', +'ipblacklist invalid check rate' => 'Invalid update check rate', +'ipblacklist invalid threshold' => 'Invalid automatic blacklist threshold', +'ipblacklist log' => 'Log dropped packets', +'ipblacklist name' => 'Name', +'ipblacklist pkts in' => 'pkts in', +'ipblacklist pkts out' => 'pkts out', +'ipblacklist safe note' => 'Note: safe blacklists block addresses that only generate malicious traffic and therefore will not block any wanted sites.', +'ipblacklist safe' => 'Safe', +'ipblacklist sixhour' => 'six hours', +'ipblacklist updated' => 'Last updated', +'ipblacklist use ipblacklists' => 'Enable IP Blacklists', +'ipblacklist week' => 'week', +'ipblacklist working' => 'Updating IP address blacklists...', +'ipblacklist' => 'IP Address Blacklists', 'ipfire has now rebooted' => 'IPFire is rebooting now.', 'ipfire has now shutdown' => 'IPFire is shutting down now.', 'ipfire side' => 'IPFire side:',
$Lang::tr{'ipblacklist id'}$Lang::tr{'ipblacklist entries'}
$name$stats{$name}{'size'}