From 5e62cd2b7f557253fdcd96be99ba00f50e54f3e9 Mon Sep 17 00:00:00 2001 From: ItsDrike Date: Sun, 14 Feb 2021 18:03:30 +0100 Subject: [PATCH] Update opensnitch rules --- .../opensnitchd/rules/1-Localhost (v6).json | 6 +-- root/etc/opensnitchd/rules/Curl HTTP.json | 38 +++++++++++++++++++ root/etc/opensnitchd/rules/Curl HTTPS.json | 38 +++++++++++++++++++ 3 files changed, 79 insertions(+), 3 deletions(-) create mode 100644 root/etc/opensnitchd/rules/Curl HTTP.json create mode 100644 root/etc/opensnitchd/rules/Curl HTTPS.json diff --git a/root/etc/opensnitchd/rules/1-Localhost (v6).json b/root/etc/opensnitchd/rules/1-Localhost (v6).json index 3f60358..0eb8a92 100644 --- a/root/etc/opensnitchd/rules/1-Localhost (v6).json +++ b/root/etc/opensnitchd/rules/1-Localhost (v6).json @@ -1,10 +1,10 @@ { - "created": "2021-02-14T12:27:14.331641433+01:00", - "updated": "2021-02-14T12:27:14.331679703+01:00", + "created": "2021-02-14T17:48:04.098124196+01:00", + "updated": "2021-02-14T17:48:04.098183755+01:00", "name": "1-Localhost (v6)", "enabled": true, "precedence": false, - "action": "deny", + "action": "allow", "duration": "always", "operator": { "type": "network", diff --git a/root/etc/opensnitchd/rules/Curl HTTP.json b/root/etc/opensnitchd/rules/Curl HTTP.json new file mode 100644 index 0000000..ca93983 --- /dev/null +++ b/root/etc/opensnitchd/rules/Curl HTTP.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T17:46:54.292300015+01:00", + "updated": "2021-02-14T17:46:54.292421976+01:00", + "name": "Curl HTTP", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/curl\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"80\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/curl", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "80", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Curl HTTPS.json b/root/etc/opensnitchd/rules/Curl HTTPS.json new file mode 100644 index 0000000..6d5561d --- /dev/null +++ b/root/etc/opensnitchd/rules/Curl HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T17:47:02.764007397+01:00", + "updated": "2021-02-14T17:47:02.764115564+01:00", + "name": "Curl HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/curl\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/curl", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file