Update opensnitch rules

2024-12-26 13:14:35 +00:00 · 2021-04-12 15:51:46 +02:00 · 2021-04-12 15:51:46 +02:00 · 9f688a0ebf
parent 5086c42d22
commit 9f688a0ebf
14 changed files with 317 additions and 6 deletions
--- a/root/etc/opensnitchd/rules/3
+++ b/root/etc/opensnitchd/rules/3
@ -0,0 +1,38 @@
 {
  "created": "2021-04-07T07:30:07.18439781+02:00",
  "updated": "2021-04-07T07:30:07.184496636+02:00",
  "name": "3 - Resolver: Systemd Resolved (TCP DNS)",
  "enabled": true,
  "precedence": false,
  "action": "allow",
  "duration": "always",
  "operator": {
    "type": "list",
    "operand": "list",
    "sensitive": false,
    "data": "[{\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/lib/systemd/systemd-resolved\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"853\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.ip\", \"data\": \"116.202.176.26\", \"sensitive\": false}]",
    "list": [
      {
        "type": "simple",
        "operand": "process.path",
        "sensitive": false,
        "data": "/usr/lib/systemd/systemd-resolved",
        "list": null
      },
      {
        "type": "simple",
        "operand": "dest.port",
        "sensitive": false,
        "data": "853",
        "list": null
      },
      {
        "type": "simple",
        "operand": "dest.ip",
        "sensitive": false,
        "data": "116.202.176.26",
        "list": null
      }
    ]
  }
 }
--- a/root/etc/opensnitchd/rules/4
+++ b/root/etc/opensnitchd/rules/4
@ -0,0 +1,38 @@
 {
  "created": "2021-04-01T03:02:23.608460294+02:00",
  "updated": "2021-04-01T03:02:23.608585046+02:00",
  "name": "4 - Flatpak",
  "enabled": true,
  "precedence": false,
  "action": "allow",
  "duration": "always",
  "operator": {
    "type": "list",
    "operand": "list",
    "sensitive": false,
    "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/flatpak\", \"sensitive\": false}, {\"type\": \"regexp\", \"operand\": \"dest.port\", \"data\": \"^(80|443)$\", \"sensitive\": false}]",
    "list": [
      {
        "type": "simple",
        "operand": "protocol",
        "sensitive": false,
        "data": "tcp",
        "list": null
      },
      {
        "type": "simple",
        "operand": "process.path",
        "sensitive": false,
        "data": "/usr/bin/flatpak",
        "list": null
      },
      {
        "type": "regexp",
        "operand": "dest.port",
        "sensitive": false,
        "data": "^(80|443)$",
        "list": null
      }
    ]
  }
 }
--- a/root/etc/opensnitchd/rules/4
+++ b/root/etc/opensnitchd/rules/4
@ -0,0 +1,16 @@
 {
  "created": "2021-04-07T07:32:01.871499604+02:00",
  "updated": "2021-04-07T07:32:01.871618908+02:00",
  "name": "4 - Nslookup",
  "enabled": true,
  "precedence": false,
  "action": "allow",
  "duration": "always",
  "operator": {
    "type": "simple",
    "operand": "process.path",
    "sensitive": false,
    "data": "/usr/bin/nslookup",
    "list": []
  }
 }
--- a/root/etc/opensnitchd/rules/4
+++ b/root/etc/opensnitchd/rules/4
@ -1,7 +1,7 @@
 {
-  "created": "2021-03-26T14:52:15.458656023+01:00",
+  "created": "2021-04-01T02:59:52.127387559+02:00",
-  "updated": "2021-03-26T14:52:15.458812681+01:00",
+  "updated": "2021-04-01T02:59:52.127534491+02:00",
-  "name": "4 - Pacman HTTPS",
+  "name": "4 - Pacman HTTP+S",
  "enabled": true,
  "precedence": false,
  "action": "allow",
@ -10,7 +10,7 @@
    "type": "list",
    "operand": "list",
    "sensitive": false,
-    "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/pacman\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]",
+    "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/pacman\", \"sensitive\": false}, {\"type\": \"regexp\", \"operand\": \"dest.port\", \"data\": \"^(80|443)$\", \"sensitive\": false}]",
    "list": [
      {
        "type": "simple",
@ -27,10 +27,10 @@
        "list": null
      },
      {
-        "type": "simple",
+        "type": "regexp",
        "operand": "dest.port",
        "sensitive": false,
-        "data": "443",
+        "data": "^(80|443)$",
        "list": null
      }
    ]
--- a/root/etc/opensnitchd/rules/5
+++ b/root/etc/opensnitchd/rules/5
@ -0,0 +1,38 @@
 {
  "created": "2021-04-01T03:00:23.962712398+02:00",
  "updated": "2021-04-01T03:00:23.962833202+02:00",
  "name": "5 - KDE Discover HTTPS",
  "enabled": true,
  "precedence": false,
  "action": "allow",
  "duration": "always",
  "operator": {
    "type": "list",
    "operand": "list",
    "sensitive": false,
    "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"regexp\", \"operand\": \"process.path\", \"data\": \"^(\\\\/usr\\\\/bin\\\\/plasma-discover|\\\\/usr\\\\/lib\\\\/DiscoverNotifier)$\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]",
    "list": [
      {
        "type": "simple",
        "operand": "protocol",
        "sensitive": false,
        "data": "tcp",
        "list": null
      },
      {
        "type": "regexp",
        "operand": "process.path",
        "sensitive": false,
        "data": "^(\\/usr\\/bin\\/plasma-discover|\\/usr\\/lib\\/DiscoverNotifier)$",
        "list": null
      },
      {
        "type": "simple",
        "operand": "dest.port",
        "sensitive": false,
        "data": "443",
        "list": null
      }
    ]
  }
 }
--- a/root/etc/opensnitchd/rules/5
+++ b/root/etc/opensnitchd/rules/5
@ -0,0 +1,16 @@
 {
  "created": "2021-04-01T02:54:46.246760182+02:00",
  "updated": "2021-04-01T02:54:46.246834823+02:00",
  "name": "5 - KDE Plasmashell",
  "enabled": true,
  "precedence": false,
  "action": "allow",
  "duration": "always",
  "operator": {
    "type": "simple",
    "operand": "process.path",
    "sensitive": false,
    "data": "/usr/bin/plasmashell",
    "list": []
  }
 }
--- a/root/etc/opensnitchd/rules/6
+++ b/root/etc/opensnitchd/rules/6
@ -0,0 +1,38 @@
 {
  "created": "2021-04-02T23:28:24.475396074+02:00",
  "updated": "2021-04-02T23:28:24.475553501+02:00",
  "name": "6 - LibreWolf HTTP+S",
  "enabled": true,
  "precedence": false,
  "action": "allow",
  "duration": "always",
  "operator": {
    "type": "list",
    "operand": "list",
    "sensitive": false,
    "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/lib/librewolf/librewolf\", \"sensitive\": false}, {\"type\": \"regexp\", \"operand\": \"dest.port\", \"data\": \"^(80|443)$\", \"sensitive\": false}]",
    "list": [
      {
        "type": "simple",
        "operand": "protocol",
        "sensitive": false,
        "data": "tcp",
        "list": null
      },
      {
        "type": "simple",
        "operand": "process.path",
        "sensitive": false,
        "data": "/usr/lib/librewolf/librewolf",
        "list": null
      },
      {
        "type": "regexp",
        "operand": "dest.port",
        "sensitive": false,
        "data": "^(80|443)$",
        "list": null
      }
    ]
  }
 }
--- a/root/etc/opensnitchd/rules/6
+++ b/root/etc/opensnitchd/rules/6
@ -0,0 +1,16 @@
 {
  "created": "2021-04-02T23:52:36.689049623+02:00",
  "updated": "2021-04-02T23:52:36.689121835+02:00",
  "name": "6 - mpv",
  "enabled": true,
  "precedence": false,
  "action": "allow",
  "duration": "always",
  "operator": {
    "type": "simple",
    "operand": "process.path",
    "sensitive": false,
    "data": "/usr/bin/mpv",
    "list": []
  }
 }
--- a/root/etc/opensnitchd/rules/7
+++ b/root/etc/opensnitchd/rules/7
@ -0,0 +1,16 @@
 {
  "created": "2021-04-02T23:27:40.492145563+02:00",
  "updated": "2021-04-02T23:27:40.492220477+02:00",
  "name": "7 - DirMngr (Accessing OpenPGP Keyservers)",
  "enabled": true,
  "precedence": false,
  "action": "allow",
  "duration": "always",
  "operator": {
    "type": "simple",
    "operand": "process.path",
    "sensitive": false,
    "data": "/usr/bin/dirmngr",
    "list": []
  }
 }
--- a/root/etc/opensnitchd/rules/7
+++ b/root/etc/opensnitchd/rules/7
@ -0,0 +1,16 @@
 {
  "created": "2021-04-01T02:54:28.868922664+02:00",
  "updated": "2021-04-01T02:54:28.868997421+02:00",
  "name": "7 - GImageReader",
  "enabled": true,
  "precedence": false,
  "action": "allow",
  "duration": "always",
  "operator": {
    "type": "simple",
    "operand": "process.path",
    "sensitive": false,
    "data": "/usr/bin/gimagereader-qt5",
    "list": []
  }
 }
--- a/root/etc/opensnitchd/rules/7
+++ b/root/etc/opensnitchd/rules/7
@ -0,0 +1,16 @@
 {
  "created": "2021-04-02T23:29:38.186802771+02:00",
  "updated": "2021-04-02T23:29:38.186899772+02:00",
  "name": "7 - MailSpring 2: mailsync",
  "enabled": true,
  "precedence": false,
  "action": "allow",
  "duration": "always",
  "operator": {
    "type": "simple",
    "operand": "process.path",
    "sensitive": false,
    "data": "/usr/share/mailspring/resources/app.asar.unpacked/mailsync.bin",
    "list": []
  }
 }
--- a/root/etc/opensnitchd/rules/7
+++ b/root/etc/opensnitchd/rules/7
@ -0,0 +1,16 @@
 {
  "created": "2021-04-02T23:29:09.554510897+02:00",
  "updated": "2021-04-02T23:29:09.554599422+02:00",
  "name": "7 - MailSpring",
  "enabled": true,
  "precedence": false,
  "action": "allow",
  "duration": "always",
  "operator": {
    "type": "simple",
    "operand": "process.path",
    "sensitive": false,
    "data": "/usr/share/mailspring/mailspring",
    "list": []
  }
 }
--- a/root/etc/opensnitchd/rules/7
+++ b/root/etc/opensnitchd/rules/7
@ -0,0 +1,16 @@
 {
  "created": "2021-03-27T22:17:47.411966515+01:00",
  "updated": "2021-03-27T22:17:47.412029252+01:00",
  "name": "7 - NMap",
  "enabled": true,
  "precedence": false,
  "action": "allow",
  "duration": "always",
  "operator": {
    "type": "simple",
    "operand": "process.path",
    "sensitive": false,
    "data": "/usr/bin/nmap",
    "list": []
  }
 }
--- a/root/etc/opensnitchd/rules/7
+++ b/root/etc/opensnitchd/rules/7
@ -0,0 +1,31 @@
 {
  "created": "2021-04-07T07:53:12.922862432+02:00",
  "updated": "2021-04-07T07:53:12.922993954+02:00",
  "name": "7 - SSH 22",
  "enabled": true,
  "precedence": false,
  "action": "allow",
  "duration": "always",
  "operator": {
    "type": "list",
    "operand": "list",
    "sensitive": false,
    "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"22\", \"sensitive\": false}]",
    "list": [
      {
        "type": "simple",
        "operand": "protocol",
        "sensitive": false,
        "data": "tcp",
        "list": null
      },
      {
        "type": "simple",
        "operand": "dest.port",
        "sensitive": false,
        "data": "22",
        "list": null
      }
    ]
  }
 }