From 047a4f435a482849c0becd8d51dcece0d53ca1d4 Mon Sep 17 00:00:00 2001 From: ItsDrike Date: Mon, 1 Mar 2021 20:22:49 +0100 Subject: [PATCH] Add more opensnitch rules --- root/etc/opensnitchd/rules/Arch-Audit.json | 45 +++++++++++++++++++ .../rules/Caprine IP grabbers.json | 31 +++++++++++++ root/etc/opensnitchd/rules/Caprine UDP.json | 38 ++++++++++++++++ .../rules/Chromium Google DNS.json | 45 +++++++++++++++++++ .../Clord (color management daemon).json | 38 ++++++++++++++++ root/etc/opensnitchd/rules/Discord HTTPS.json | 4 +- root/etc/opensnitchd/rules/Discord UDP.json | 31 +++++++++++++ .../rules/DonloadHelper HTTPS.json | 38 ++++++++++++++++ .../etc/opensnitchd/rules/Electron HTTPS.json | 38 ++++++++++++++++ root/etc/opensnitchd/rules/Git All TCP.json | 31 +++++++++++++ root/etc/opensnitchd/rules/Pkgfile HTTPS.json | 38 ++++++++++++++++ .../Plasma Browser Integration HTTPS.json | 31 +++++++++++++ .../rules/{Git HTTPS.json => SSH.json} | 12 ++--- .../opensnitchd/rules/Spotify 1 - needed.json | 31 +++++++++++++ ...=> Spotify 2 - ads (everything else).json} | 8 ++-- .../opensnitchd/rules/Tor Browser ALL.json | 16 +++++++ root/etc/opensnitchd/rules/Tor service.json | 16 +++++++ .../etc/opensnitchd/rules/VirtualBox ALL.json | 16 +++++++ .../opensnitchd/rules/Wakatime VSCode.json | 38 ++++++++++++++++ root/etc/opensnitchd/rules/Zoom 8801,443.json | 38 ++++++++++++++++ ...st (allow rule should be prioritized).json | 16 +++++++ .../etc/opensnitchd/rules/Zoom deny rest.json | 16 +++++++ 22 files changed, 603 insertions(+), 12 deletions(-) create mode 100644 root/etc/opensnitchd/rules/Arch-Audit.json create mode 100644 root/etc/opensnitchd/rules/Caprine IP grabbers.json create mode 100644 root/etc/opensnitchd/rules/Caprine UDP.json create mode 100644 root/etc/opensnitchd/rules/Chromium Google DNS.json create mode 100644 root/etc/opensnitchd/rules/Clord (color management daemon).json create mode 100644 root/etc/opensnitchd/rules/Discord UDP.json create mode 100644 root/etc/opensnitchd/rules/DonloadHelper HTTPS.json create mode 100644 root/etc/opensnitchd/rules/Electron HTTPS.json create mode 100644 root/etc/opensnitchd/rules/Git All TCP.json create mode 100644 root/etc/opensnitchd/rules/Pkgfile HTTPS.json create mode 100644 root/etc/opensnitchd/rules/Plasma Browser Integration HTTPS.json rename root/etc/opensnitchd/rules/{Git HTTPS.json => SSH.json} (72%) create mode 100644 root/etc/opensnitchd/rules/Spotify 1 - needed.json rename root/etc/opensnitchd/rules/{Spotify.json => Spotify 2 - ads (everything else).json} (55%) create mode 100644 root/etc/opensnitchd/rules/Tor Browser ALL.json create mode 100644 root/etc/opensnitchd/rules/Tor service.json create mode 100644 root/etc/opensnitchd/rules/VirtualBox ALL.json create mode 100644 root/etc/opensnitchd/rules/Wakatime VSCode.json create mode 100644 root/etc/opensnitchd/rules/Zoom 8801,443.json create mode 100644 root/etc/opensnitchd/rules/Zoom deny rest (allow rule should be prioritized).json create mode 100644 root/etc/opensnitchd/rules/Zoom deny rest.json diff --git a/root/etc/opensnitchd/rules/Arch-Audit.json b/root/etc/opensnitchd/rules/Arch-Audit.json new file mode 100644 index 0000000..90358d6 --- /dev/null +++ b/root/etc/opensnitchd/rules/Arch-Audit.json @@ -0,0 +1,45 @@ +{ + "created": "2021-02-20T19:03:50.477917059+01:00", + "updated": "2021-02-20T19:03:50.478029169+01:00", + "name": "Arch-Audit", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/arch-audit\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.host\", \"data\": \"security.archlinux.org\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/arch-audit", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + }, + { + "type": "simple", + "operand": "dest.host", + "sensitive": false, + "data": "security.archlinux.org", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Caprine IP grabbers.json b/root/etc/opensnitchd/rules/Caprine IP grabbers.json new file mode 100644 index 0000000..f07c35c --- /dev/null +++ b/root/etc/opensnitchd/rules/Caprine IP grabbers.json @@ -0,0 +1,31 @@ +{ + "created": "2021-02-19T00:29:16.119021299+01:00", + "updated": "2021-02-19T00:29:16.119128892+01:00", + "name": "Caprine IP grabbers", + "enabled": true, + "precedence": true, + "action": "deny", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"process.command\", \"data\": \"/usr/lib/electron/electron /usr/bin/caprine\", \"sensitive\": false}, {\"type\": \"regexp\", \"operand\": \"dest.host\", \"data\": \"(icanhazip.com|myip.opendns.com|api.ipify.org)\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "process.command", + "sensitive": false, + "data": "/usr/lib/electron/electron /usr/bin/caprine", + "list": null + }, + { + "type": "regexp", + "operand": "dest.host", + "sensitive": false, + "data": "(icanhazip.com|myip.opendns.com|api.ipify.org)", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Caprine UDP.json b/root/etc/opensnitchd/rules/Caprine UDP.json new file mode 100644 index 0000000..44d1143 --- /dev/null +++ b/root/etc/opensnitchd/rules/Caprine UDP.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-19T00:28:51.198864766+01:00", + "updated": "2021-02-19T00:28:51.198995323+01:00", + "name": "Caprine UDP", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"udp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.command\", \"data\": \"/usr/lib/electron/electron /usr/bin/caprine\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"53\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "udp", + "list": null + }, + { + "type": "simple", + "operand": "process.command", + "sensitive": false, + "data": "/usr/lib/electron/electron /usr/bin/caprine", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "53", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Chromium Google DNS.json b/root/etc/opensnitchd/rules/Chromium Google DNS.json new file mode 100644 index 0000000..de48def --- /dev/null +++ b/root/etc/opensnitchd/rules/Chromium Google DNS.json @@ -0,0 +1,45 @@ +{ + "created": "2021-02-17T12:00:56.475733011+01:00", + "updated": "2021-02-17T12:00:56.475877494+01:00", + "name": "Chromium Google DNS", + "enabled": true, + "precedence": false, + "action": "deny", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/lib/chromium/chromium\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"5228\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.host\", \"data\": \"mtalk.google.com\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/chromium/chromium", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "5228", + "list": null + }, + { + "type": "simple", + "operand": "dest.host", + "sensitive": false, + "data": "mtalk.google.com", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Clord (color management daemon).json b/root/etc/opensnitchd/rules/Clord (color management daemon).json new file mode 100644 index 0000000..91367cc --- /dev/null +++ b/root/etc/opensnitchd/rules/Clord (color management daemon).json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-15T00:45:05.734560163+01:00", + "updated": "2021-02-15T00:45:05.734609624+01:00", + "name": "Clord (color management daemon)", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/lib/colord-sane\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.ip\", \"data\": \"255.255.255.255\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"user.id\", \"data\": \"974\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/colord-sane", + "list": null + }, + { + "type": "simple", + "operand": "dest.ip", + "sensitive": false, + "data": "255.255.255.255", + "list": null + }, + { + "type": "simple", + "operand": "user.id", + "sensitive": false, + "data": "974", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Discord HTTPS.json b/root/etc/opensnitchd/rules/Discord HTTPS.json index 5aaa6c7..477e4d8 100644 --- a/root/etc/opensnitchd/rules/Discord HTTPS.json +++ b/root/etc/opensnitchd/rules/Discord HTTPS.json @@ -1,6 +1,6 @@ { - "created": "2021-02-13T23:36:38.062313553+01:00", - "updated": "2021-02-13T23:36:38.062390238+01:00", + "created": "2021-02-15T13:29:25.065236008+01:00", + "updated": "2021-02-15T13:29:25.065387003+01:00", "name": "Discord HTTPS", "enabled": true, "precedence": false, diff --git a/root/etc/opensnitchd/rules/Discord UDP.json b/root/etc/opensnitchd/rules/Discord UDP.json new file mode 100644 index 0000000..9d87cd6 --- /dev/null +++ b/root/etc/opensnitchd/rules/Discord UDP.json @@ -0,0 +1,31 @@ +{ + "created": "2021-02-15T01:22:26.772953567+01:00", + "updated": "2021-02-15T01:22:26.773090799+01:00", + "name": "Discord UDP", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"udp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/opt/discord/Discord\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "udp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/opt/discord/Discord", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/DonloadHelper HTTPS.json b/root/etc/opensnitchd/rules/DonloadHelper HTTPS.json new file mode 100644 index 0000000..f8eefa4 --- /dev/null +++ b/root/etc/opensnitchd/rules/DonloadHelper HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-16T11:55:31.950395802+01:00", + "updated": "2021-02-16T11:55:31.950531189+01:00", + "name": "DonloadHelper HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/home/itsdrike/net.downloadhelper.coapp-1.6.0/bin/net.downloadhelper.coapp-linux-64\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/home/itsdrike/net.downloadhelper.coapp-1.6.0/bin/net.downloadhelper.coapp-linux-64", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Electron HTTPS.json b/root/etc/opensnitchd/rules/Electron HTTPS.json new file mode 100644 index 0000000..0f7e08e --- /dev/null +++ b/root/etc/opensnitchd/rules/Electron HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-19T00:24:20.370479504+01:00", + "updated": "2021-02-19T00:24:20.370634955+01:00", + "name": "Electron HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/lib/electron/electron\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/electron/electron", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Git All TCP.json b/root/etc/opensnitchd/rules/Git All TCP.json new file mode 100644 index 0000000..8daf50e --- /dev/null +++ b/root/etc/opensnitchd/rules/Git All TCP.json @@ -0,0 +1,31 @@ +{ + "created": "2021-02-15T13:33:07.582364723+01:00", + "updated": "2021-02-15T13:33:07.582471317+01:00", + "name": "Git All TCP", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/git\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/git", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Pkgfile HTTPS.json b/root/etc/opensnitchd/rules/Pkgfile HTTPS.json new file mode 100644 index 0000000..c774728 --- /dev/null +++ b/root/etc/opensnitchd/rules/Pkgfile HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-16T15:17:18.298172602+01:00", + "updated": "2021-02-16T15:17:18.298287419+01:00", + "name": "Pkgfile HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/pkgfile\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/pkgfile", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Plasma Browser Integration HTTPS.json b/root/etc/opensnitchd/rules/Plasma Browser Integration HTTPS.json new file mode 100644 index 0000000..63aee96 --- /dev/null +++ b/root/etc/opensnitchd/rules/Plasma Browser Integration HTTPS.json @@ -0,0 +1,31 @@ +{ + "created": "2021-02-23T22:56:10.93718998+01:00", + "updated": "2021-02-23T22:56:10.937244167+01:00", + "name": "Plasma Browser Integration HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/plasma-browser-integration-host\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/plasma-browser-integration-host", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Git HTTPS.json b/root/etc/opensnitchd/rules/SSH.json similarity index 72% rename from root/etc/opensnitchd/rules/Git HTTPS.json rename to root/etc/opensnitchd/rules/SSH.json index 782b329..1b0f679 100644 --- a/root/etc/opensnitchd/rules/Git HTTPS.json +++ b/root/etc/opensnitchd/rules/SSH.json @@ -1,7 +1,7 @@ { - "created": "2021-02-14T00:13:41.961199834+01:00", - "updated": "2021-02-14T00:13:41.961289962+01:00", - "name": "Git HTTPS", + "created": "2021-02-15T13:19:58.353616558+01:00", + "updated": "2021-02-15T13:19:58.353662508+01:00", + "name": "SSH", "enabled": true, "precedence": false, "action": "allow", @@ -10,7 +10,7 @@ "type": "list", "operand": "list", "sensitive": false, - "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/git\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/ssh\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"22\", \"sensitive\": false}]", "list": [ { "type": "simple", @@ -23,14 +23,14 @@ "type": "simple", "operand": "process.path", "sensitive": false, - "data": "/usr/bin/git", + "data": "/usr/bin/ssh", "list": null }, { "type": "simple", "operand": "dest.port", "sensitive": false, - "data": "443", + "data": "22", "list": null } ] diff --git a/root/etc/opensnitchd/rules/Spotify 1 - needed.json b/root/etc/opensnitchd/rules/Spotify 1 - needed.json new file mode 100644 index 0000000..2054f8e --- /dev/null +++ b/root/etc/opensnitchd/rules/Spotify 1 - needed.json @@ -0,0 +1,31 @@ +{ + "created": "2021-03-01T20:04:39.570767993+01:00", + "updated": "2021-03-01T20:04:39.570848018+01:00", + "name": "Spotify 1 - needed", + "enabled": true, + "precedence": true, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/opt/spotify/spotify\", \"sensitive\": false}, {\"type\": \"regexp\", \"operand\": \"dest.host\", \"data\": \"(.*\\\\.?spotify\\\\.com)|(audio.+spotify.+\\\\.akamaized\\\\.net)|(.*\\\\.?scdn\\\\.co)\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/opt/spotify/spotify", + "list": null + }, + { + "type": "regexp", + "operand": "dest.host", + "sensitive": false, + "data": "(.*\\.?spotify\\.com)|(audio.+spotify.+\\.akamaized\\.net)|(.*\\.?scdn\\.co)", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Spotify.json b/root/etc/opensnitchd/rules/Spotify 2 - ads (everything else).json similarity index 55% rename from root/etc/opensnitchd/rules/Spotify.json rename to root/etc/opensnitchd/rules/Spotify 2 - ads (everything else).json index 92ce4d0..6935ff1 100644 --- a/root/etc/opensnitchd/rules/Spotify.json +++ b/root/etc/opensnitchd/rules/Spotify 2 - ads (everything else).json @@ -1,10 +1,10 @@ { - "created": "2021-02-13T23:56:57.320167106+01:00", - "updated": "2021-02-13T23:56:57.320204749+01:00", - "name": "Spotify", + "created": "2021-03-01T19:58:54.03179178+01:00", + "updated": "2021-03-01T19:58:54.031858532+01:00", + "name": "Spotify 2 - ads (everything else)", "enabled": true, "precedence": false, - "action": "allow", + "action": "deny", "duration": "always", "operator": { "type": "simple", diff --git a/root/etc/opensnitchd/rules/Tor Browser ALL.json b/root/etc/opensnitchd/rules/Tor Browser ALL.json new file mode 100644 index 0000000..f025f73 --- /dev/null +++ b/root/etc/opensnitchd/rules/Tor Browser ALL.json @@ -0,0 +1,16 @@ +{ + "created": "2021-02-22T13:28:34.500529324+01:00", + "updated": "2021-02-22T13:28:34.500593302+01:00", + "name": "Tor Browser ALL", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/home/itsdrike/.config/tor-browser/app/Browser/TorBrowser/Tor/tor", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Tor service.json b/root/etc/opensnitchd/rules/Tor service.json new file mode 100644 index 0000000..03908c5 --- /dev/null +++ b/root/etc/opensnitchd/rules/Tor service.json @@ -0,0 +1,16 @@ +{ + "created": "2021-02-15T12:00:44.377009767+01:00", + "updated": "2021-02-15T12:00:44.377062795+01:00", + "name": "Tor service", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/tor", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/VirtualBox ALL.json b/root/etc/opensnitchd/rules/VirtualBox ALL.json new file mode 100644 index 0000000..7f8c669 --- /dev/null +++ b/root/etc/opensnitchd/rules/VirtualBox ALL.json @@ -0,0 +1,16 @@ +{ + "created": "2021-02-23T22:57:19.095106696+01:00", + "updated": "2021-02-23T22:57:19.095178679+01:00", + "name": "VirtualBox ALL", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/virtualbox/VirtualBoxVM", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Wakatime VSCode.json b/root/etc/opensnitchd/rules/Wakatime VSCode.json new file mode 100644 index 0000000..97c9b87 --- /dev/null +++ b/root/etc/opensnitchd/rules/Wakatime VSCode.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-15T14:18:48.745490294+01:00", + "updated": "2021-02-15T14:18:48.74566463+01:00", + "name": "Wakatime VSCode", + "enabled": true, + "precedence": true, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"regexp\", \"operand\": \"process.path\", \"data\": \"\\\\/home\\\\/itsdrike\\\\/\\\\.local\\\\/share\\\\/vscode\\\\/extensions\\\\/wakatime\\\\.vscode-wakatime-[0-9\\\\.]+\\\\/wakatime-cli\\\\/wakatime-cli\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "regexp", + "operand": "process.path", + "sensitive": false, + "data": "\\/home\\/itsdrike\\/\\.local\\/share\\/vscode\\/extensions\\/wakatime\\.vscode-wakatime-[0-9\\.]+\\/wakatime-cli\\/wakatime-cli", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Zoom 8801,443.json b/root/etc/opensnitchd/rules/Zoom 8801,443.json new file mode 100644 index 0000000..d3a1222 --- /dev/null +++ b/root/etc/opensnitchd/rules/Zoom 8801,443.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-24T13:50:40.858174814+01:00", + "updated": "2021-02-24T13:50:40.858320084+01:00", + "name": "Zoom 8801,443", + "enabled": true, + "precedence": true, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/opt/zoom/zoom\", \"sensitive\": false}, {\"type\": \"regexp\", \"operand\": \"dest.port\", \"data\": \"^(8801|443)$\", \"sensitive\": false}, {\"type\": \"regexp\", \"operand\": \"dest.host\", \"data\": \".*\\\\.zoom\\\\.us\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/opt/zoom/zoom", + "list": null + }, + { + "type": "regexp", + "operand": "dest.port", + "sensitive": false, + "data": "^(8801|443)$", + "list": null + }, + { + "type": "regexp", + "operand": "dest.host", + "sensitive": false, + "data": ".*\\.zoom\\.us", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Zoom deny rest (allow rule should be prioritized).json b/root/etc/opensnitchd/rules/Zoom deny rest (allow rule should be prioritized).json new file mode 100644 index 0000000..e6e4da9 --- /dev/null +++ b/root/etc/opensnitchd/rules/Zoom deny rest (allow rule should be prioritized).json @@ -0,0 +1,16 @@ +{ + "created": "2021-02-24T13:50:23.520756145+01:00", + "updated": "2021-02-24T13:50:23.520820716+01:00", + "name": "Zoom deny rest (allow rule should be prioritized)", + "enabled": true, + "precedence": false, + "action": "deny", + "duration": "always", + "operator": { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/opt/zoom/zoom", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Zoom deny rest.json b/root/etc/opensnitchd/rules/Zoom deny rest.json new file mode 100644 index 0000000..d5caa08 --- /dev/null +++ b/root/etc/opensnitchd/rules/Zoom deny rest.json @@ -0,0 +1,16 @@ +{ + "created": "2021-03-01T20:20:07.151232333+01:00", + "updated": "2021-03-01T20:20:07.151303255+01:00", + "name": "Zoom deny rest", + "enabled": true, + "precedence": false, + "action": "deny", + "duration": "always", + "operator": { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/opt/zoom/zoom", + "list": [] + } +} \ No newline at end of file