diff --git a/root/etc/opensnitchd/rules/3 - Resolver: Systemd Resolved (TCP DNS).json b/root/etc/opensnitchd/rules/3 - Resolver: Systemd Resolved (TCP DNS).json new file mode 100644 index 0000000..26c5be4 --- /dev/null +++ b/root/etc/opensnitchd/rules/3 - Resolver: Systemd Resolved (TCP DNS).json @@ -0,0 +1,38 @@ +{ + "created": "2021-04-07T07:30:07.18439781+02:00", + "updated": "2021-04-07T07:30:07.184496636+02:00", + "name": "3 - Resolver: Systemd Resolved (TCP DNS)", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/lib/systemd/systemd-resolved\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"853\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.ip\", \"data\": \"116.202.176.26\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/systemd/systemd-resolved", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "853", + "list": null + }, + { + "type": "simple", + "operand": "dest.ip", + "sensitive": false, + "data": "116.202.176.26", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/4 - Flatpak.json b/root/etc/opensnitchd/rules/4 - Flatpak.json new file mode 100644 index 0000000..acaa502 --- /dev/null +++ b/root/etc/opensnitchd/rules/4 - Flatpak.json @@ -0,0 +1,38 @@ +{ + "created": "2021-04-01T03:02:23.608460294+02:00", + "updated": "2021-04-01T03:02:23.608585046+02:00", + "name": "4 - Flatpak", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/flatpak\", \"sensitive\": false}, {\"type\": \"regexp\", \"operand\": \"dest.port\", \"data\": \"^(80|443)$\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/flatpak", + "list": null + }, + { + "type": "regexp", + "operand": "dest.port", + "sensitive": false, + "data": "^(80|443)$", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/4 - Nslookup.json b/root/etc/opensnitchd/rules/4 - Nslookup.json new file mode 100644 index 0000000..9abe4be --- /dev/null +++ b/root/etc/opensnitchd/rules/4 - Nslookup.json @@ -0,0 +1,16 @@ +{ + "created": "2021-04-07T07:32:01.871499604+02:00", + "updated": "2021-04-07T07:32:01.871618908+02:00", + "name": "4 - Nslookup", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/nslookup", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/4 - Pacman HTTPS.json b/root/etc/opensnitchd/rules/4 - Pacman HTTP+S.json similarity index 71% rename from root/etc/opensnitchd/rules/4 - Pacman HTTPS.json rename to root/etc/opensnitchd/rules/4 - Pacman HTTP+S.json index 3272a4c..65ec27a 100644 --- a/root/etc/opensnitchd/rules/4 - Pacman HTTPS.json +++ b/root/etc/opensnitchd/rules/4 - Pacman HTTP+S.json @@ -1,7 +1,7 @@ { - "created": "2021-03-26T14:52:15.458656023+01:00", - "updated": "2021-03-26T14:52:15.458812681+01:00", - "name": "4 - Pacman HTTPS", + "created": "2021-04-01T02:59:52.127387559+02:00", + "updated": "2021-04-01T02:59:52.127534491+02:00", + "name": "4 - Pacman HTTP+S", "enabled": true, "precedence": false, "action": "allow", @@ -10,7 +10,7 @@ "type": "list", "operand": "list", "sensitive": false, - "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/pacman\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/pacman\", \"sensitive\": false}, {\"type\": \"regexp\", \"operand\": \"dest.port\", \"data\": \"^(80|443)$\", \"sensitive\": false}]", "list": [ { "type": "simple", @@ -27,10 +27,10 @@ "list": null }, { - "type": "simple", + "type": "regexp", "operand": "dest.port", "sensitive": false, - "data": "443", + "data": "^(80|443)$", "list": null } ] diff --git a/root/etc/opensnitchd/rules/5 - KDE Discover HTTPS.json b/root/etc/opensnitchd/rules/5 - KDE Discover HTTPS.json new file mode 100644 index 0000000..d346fe5 --- /dev/null +++ b/root/etc/opensnitchd/rules/5 - KDE Discover HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-04-01T03:00:23.962712398+02:00", + "updated": "2021-04-01T03:00:23.962833202+02:00", + "name": "5 - KDE Discover HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"regexp\", \"operand\": \"process.path\", \"data\": \"^(\\\\/usr\\\\/bin\\\\/plasma-discover|\\\\/usr\\\\/lib\\\\/DiscoverNotifier)$\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "regexp", + "operand": "process.path", + "sensitive": false, + "data": "^(\\/usr\\/bin\\/plasma-discover|\\/usr\\/lib\\/DiscoverNotifier)$", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/5 - KDE Plasmashell.json b/root/etc/opensnitchd/rules/5 - KDE Plasmashell.json new file mode 100644 index 0000000..2f382f2 --- /dev/null +++ b/root/etc/opensnitchd/rules/5 - KDE Plasmashell.json @@ -0,0 +1,16 @@ +{ + "created": "2021-04-01T02:54:46.246760182+02:00", + "updated": "2021-04-01T02:54:46.246834823+02:00", + "name": "5 - KDE Plasmashell", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/plasmashell", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/6 - LibreWolf HTTP+S.json b/root/etc/opensnitchd/rules/6 - LibreWolf HTTP+S.json new file mode 100644 index 0000000..3d9b518 --- /dev/null +++ b/root/etc/opensnitchd/rules/6 - LibreWolf HTTP+S.json @@ -0,0 +1,38 @@ +{ + "created": "2021-04-02T23:28:24.475396074+02:00", + "updated": "2021-04-02T23:28:24.475553501+02:00", + "name": "6 - LibreWolf HTTP+S", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/lib/librewolf/librewolf\", \"sensitive\": false}, {\"type\": \"regexp\", \"operand\": \"dest.port\", \"data\": \"^(80|443)$\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/librewolf/librewolf", + "list": null + }, + { + "type": "regexp", + "operand": "dest.port", + "sensitive": false, + "data": "^(80|443)$", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/6 - mpv.json b/root/etc/opensnitchd/rules/6 - mpv.json new file mode 100644 index 0000000..7902bdb --- /dev/null +++ b/root/etc/opensnitchd/rules/6 - mpv.json @@ -0,0 +1,16 @@ +{ + "created": "2021-04-02T23:52:36.689049623+02:00", + "updated": "2021-04-02T23:52:36.689121835+02:00", + "name": "6 - mpv", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/mpv", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/7 - DirMngr (Accessing OpenPGP Keyservers).json b/root/etc/opensnitchd/rules/7 - DirMngr (Accessing OpenPGP Keyservers).json new file mode 100644 index 0000000..0ab6295 --- /dev/null +++ b/root/etc/opensnitchd/rules/7 - DirMngr (Accessing OpenPGP Keyservers).json @@ -0,0 +1,16 @@ +{ + "created": "2021-04-02T23:27:40.492145563+02:00", + "updated": "2021-04-02T23:27:40.492220477+02:00", + "name": "7 - DirMngr (Accessing OpenPGP Keyservers)", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/dirmngr", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/7 - GImageReader.json b/root/etc/opensnitchd/rules/7 - GImageReader.json new file mode 100644 index 0000000..956efaf --- /dev/null +++ b/root/etc/opensnitchd/rules/7 - GImageReader.json @@ -0,0 +1,16 @@ +{ + "created": "2021-04-01T02:54:28.868922664+02:00", + "updated": "2021-04-01T02:54:28.868997421+02:00", + "name": "7 - GImageReader", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/gimagereader-qt5", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/7 - MailSpring 2: mailsync.json b/root/etc/opensnitchd/rules/7 - MailSpring 2: mailsync.json new file mode 100644 index 0000000..2238537 --- /dev/null +++ b/root/etc/opensnitchd/rules/7 - MailSpring 2: mailsync.json @@ -0,0 +1,16 @@ +{ + "created": "2021-04-02T23:29:38.186802771+02:00", + "updated": "2021-04-02T23:29:38.186899772+02:00", + "name": "7 - MailSpring 2: mailsync", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/share/mailspring/resources/app.asar.unpacked/mailsync.bin", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/7 - MailSpring.json b/root/etc/opensnitchd/rules/7 - MailSpring.json new file mode 100644 index 0000000..197d6e8 --- /dev/null +++ b/root/etc/opensnitchd/rules/7 - MailSpring.json @@ -0,0 +1,16 @@ +{ + "created": "2021-04-02T23:29:09.554510897+02:00", + "updated": "2021-04-02T23:29:09.554599422+02:00", + "name": "7 - MailSpring", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/share/mailspring/mailspring", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/7 - NMap.json b/root/etc/opensnitchd/rules/7 - NMap.json new file mode 100644 index 0000000..f965715 --- /dev/null +++ b/root/etc/opensnitchd/rules/7 - NMap.json @@ -0,0 +1,16 @@ +{ + "created": "2021-03-27T22:17:47.411966515+01:00", + "updated": "2021-03-27T22:17:47.412029252+01:00", + "name": "7 - NMap", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/nmap", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/7 - SSH 22.json b/root/etc/opensnitchd/rules/7 - SSH 22.json new file mode 100644 index 0000000..631d66d --- /dev/null +++ b/root/etc/opensnitchd/rules/7 - SSH 22.json @@ -0,0 +1,31 @@ +{ + "created": "2021-04-07T07:53:12.922862432+02:00", + "updated": "2021-04-07T07:53:12.922993954+02:00", + "name": "7 - SSH 22", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"22\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "22", + "list": null + } + ] + } +} \ No newline at end of file