diff --git a/root/etc/opensnitchd/rules/1-Local Network (v6).json b/root/etc/opensnitchd/rules/1-Local Network (v6).json new file mode 100644 index 0000000..6948600 --- /dev/null +++ b/root/etc/opensnitchd/rules/1-Local Network (v6).json @@ -0,0 +1,16 @@ +{ + "created": "2021-02-14T10:42:24.423641366+01:00", + "updated": "2021-02-14T10:42:24.423678672+01:00", + "name": "1-Local Network (v6)", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "network", + "operand": "dest.network", + "sensitive": false, + "data": "ff00::/8", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/1-Local Network.json b/root/etc/opensnitchd/rules/1-Local Network.json new file mode 100644 index 0000000..3b143dd --- /dev/null +++ b/root/etc/opensnitchd/rules/1-Local Network.json @@ -0,0 +1,16 @@ +{ + "created": "2021-02-14T10:42:12.050595111+01:00", + "updated": "2021-02-14T10:42:12.050628273+01:00", + "name": "1-Local Network", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "network", + "operand": "dest.network", + "sensitive": false, + "data": "192.168.0.0/16", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/1-Localhost (v6).json b/root/etc/opensnitchd/rules/1-Localhost (v6).json new file mode 100644 index 0000000..3f60358 --- /dev/null +++ b/root/etc/opensnitchd/rules/1-Localhost (v6).json @@ -0,0 +1,16 @@ +{ + "created": "2021-02-14T12:27:14.331641433+01:00", + "updated": "2021-02-14T12:27:14.331679703+01:00", + "name": "1-Localhost (v6)", + "enabled": true, + "precedence": false, + "action": "deny", + "duration": "always", + "operator": { + "type": "network", + "operand": "dest.network", + "sensitive": false, + "data": "::1/128", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/1-Localhost.json b/root/etc/opensnitchd/rules/1-Localhost.json new file mode 100644 index 0000000..e6c6585 --- /dev/null +++ b/root/etc/opensnitchd/rules/1-Localhost.json @@ -0,0 +1,16 @@ +{ + "created": "2021-02-14T10:43:07.677514842+01:00", + "updated": "2021-02-14T10:43:07.6775511+01:00", + "name": "1-Localhost", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "network", + "operand": "dest.network", + "sensitive": false, + "data": "127.0.0.0/8", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/1-Multicast.json b/root/etc/opensnitchd/rules/1-Multicast.json new file mode 100644 index 0000000..f8b818e --- /dev/null +++ b/root/etc/opensnitchd/rules/1-Multicast.json @@ -0,0 +1,16 @@ +{ + "created": "2021-02-14T12:20:49.99614146+01:00", + "updated": "2021-02-14T12:20:49.996191714+01:00", + "name": "1-Multicast", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "network", + "operand": "dest.network", + "sensitive": false, + "data": "224.0.0.0/8", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/2-Cloudflare DNS (Fallback).json b/root/etc/opensnitchd/rules/2-Cloudflare DNS (Fallback).json new file mode 100644 index 0000000..1557db6 --- /dev/null +++ b/root/etc/opensnitchd/rules/2-Cloudflare DNS (Fallback).json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T10:42:55.286542479+01:00", + "updated": "2021-02-14T10:42:55.2866656+01:00", + "name": "2-Cloudflare DNS (Fallback)", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"udp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"53\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.ip\", \"data\": \"1.0.0.1\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "udp", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "53", + "list": null + }, + { + "type": "simple", + "operand": "dest.ip", + "sensitive": false, + "data": "1.0.0.1", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/2-Cloudflare DNS.json b/root/etc/opensnitchd/rules/2-Cloudflare DNS.json new file mode 100644 index 0000000..afcabd6 --- /dev/null +++ b/root/etc/opensnitchd/rules/2-Cloudflare DNS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T10:42:40.336067077+01:00", + "updated": "2021-02-14T10:42:40.336185036+01:00", + "name": "2-Cloudflare DNS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"udp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"53\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.ip\", \"data\": \"1.1.1.1\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "udp", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "53", + "list": null + }, + { + "type": "simple", + "operand": "dest.ip", + "sensitive": false, + "data": "1.1.1.1", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/3-Systemd Resolved.json b/root/etc/opensnitchd/rules/3-Systemd Resolved.json new file mode 100644 index 0000000..19fae49 --- /dev/null +++ b/root/etc/opensnitchd/rules/3-Systemd Resolved.json @@ -0,0 +1,16 @@ +{ + "created": "2021-02-14T10:43:46.04607091+01:00", + "updated": "2021-02-14T10:43:46.046110281+01:00", + "name": "3-Systemd Resolved", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/systemd/systemd-resolved", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/4-Time Synchronization.json b/root/etc/opensnitchd/rules/4-Time Synchronization.json new file mode 100644 index 0000000..a2d8f9d --- /dev/null +++ b/root/etc/opensnitchd/rules/4-Time Synchronization.json @@ -0,0 +1,31 @@ +{ + "created": "2021-02-14T10:43:58.03246195+01:00", + "updated": "2021-02-14T10:43:58.032565951+01:00", + "name": "4-Time Synchronization", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"udp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/lib/systemd/systemd-timesyncd\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "udp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/systemd/systemd-timesyncd", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/5-Home IP.json b/root/etc/opensnitchd/rules/5-Home IP.json new file mode 100644 index 0000000..296fa32 --- /dev/null +++ b/root/etc/opensnitchd/rules/5-Home IP.json @@ -0,0 +1,16 @@ +{ + "created": "2021-02-14T10:44:15.520927419+01:00", + "updated": "2021-02-14T10:44:15.520969734+01:00", + "name": "5-Home IP", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "simple", + "operand": "dest.ip", + "sensitive": false, + "data": "62.197.216.3", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/6-NetworkManager HTTP.json b/root/etc/opensnitchd/rules/6-NetworkManager HTTP.json new file mode 100644 index 0000000..cb71cae --- /dev/null +++ b/root/etc/opensnitchd/rules/6-NetworkManager HTTP.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T10:45:11.468167232+01:00", + "updated": "2021-02-14T10:45:11.468282083+01:00", + "name": "6-NetworkManager HTTP", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/NetworkManager\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"80\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/NetworkManager", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "80", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/6-NetworkManager HTTPS.json b/root/etc/opensnitchd/rules/6-NetworkManager HTTPS.json new file mode 100644 index 0000000..409e64e --- /dev/null +++ b/root/etc/opensnitchd/rules/6-NetworkManager HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T10:45:22.230494605+01:00", + "updated": "2021-02-14T10:45:22.230663913+01:00", + "name": "6-NetworkManager HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/NetworkManager\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/NetworkManager", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/AUR yay HTTPS.json b/root/etc/opensnitchd/rules/AUR yay HTTPS.json new file mode 100644 index 0000000..537f453 --- /dev/null +++ b/root/etc/opensnitchd/rules/AUR yay HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T12:44:47.143960761+01:00", + "updated": "2021-02-14T12:44:47.144048989+01:00", + "name": "AUR yay HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/yay\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/yay", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Chromium HTTP.json b/root/etc/opensnitchd/rules/Chromium HTTP.json new file mode 100644 index 0000000..0469dc5 --- /dev/null +++ b/root/etc/opensnitchd/rules/Chromium HTTP.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T00:17:50.974703609+01:00", + "updated": "2021-02-14T00:17:50.974816247+01:00", + "name": "Chromium HTTP", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/lib/chromium/chromium\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"80\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/chromium/chromium", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "80", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Chromium HTTPS.json b/root/etc/opensnitchd/rules/Chromium HTTPS.json new file mode 100644 index 0000000..54a920c --- /dev/null +++ b/root/etc/opensnitchd/rules/Chromium HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T00:18:20.623018681+01:00", + "updated": "2021-02-14T00:18:20.62324739+01:00", + "name": "Chromium HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/lib/chromium/chromium\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/chromium/chromium", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Chromium UDP.json b/root/etc/opensnitchd/rules/Chromium UDP.json new file mode 100644 index 0000000..6f7df2d --- /dev/null +++ b/root/etc/opensnitchd/rules/Chromium UDP.json @@ -0,0 +1,31 @@ +{ + "created": "2021-02-14T00:18:54.11686162+01:00", + "updated": "2021-02-14T00:18:54.116932705+01:00", + "name": "Chromium UDP", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"udp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/lib/chromium/chromium\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "udp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/chromium/chromium", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Discord HTTPS.json b/root/etc/opensnitchd/rules/Discord HTTPS.json new file mode 100644 index 0000000..5aaa6c7 --- /dev/null +++ b/root/etc/opensnitchd/rules/Discord HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-13T23:36:38.062313553+01:00", + "updated": "2021-02-13T23:36:38.062390238+01:00", + "name": "Discord HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/opt/discord/Discord\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/opt/discord/Discord", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Exodus HTTPS.json b/root/etc/opensnitchd/rules/Exodus HTTPS.json new file mode 100644 index 0000000..5026a1c --- /dev/null +++ b/root/etc/opensnitchd/rules/Exodus HTTPS.json @@ -0,0 +1,31 @@ +{ + "created": "2021-02-14T11:54:55.161311241+01:00", + "updated": "2021-02-14T11:54:55.161438905+01:00", + "name": "Exodus HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/opt/exodus/Exodus\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/opt/exodus/Exodus", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Firefox HTTP.json b/root/etc/opensnitchd/rules/Firefox HTTP.json new file mode 100644 index 0000000..369d4e6 --- /dev/null +++ b/root/etc/opensnitchd/rules/Firefox HTTP.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-13T23:43:52.316119041+01:00", + "updated": "2021-02-13T23:43:52.316217252+01:00", + "name": "Firefox HTTP", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/lib/firefox/firefox\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"80\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/firefox/firefox", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "80", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Firefox HTTPS.json b/root/etc/opensnitchd/rules/Firefox HTTPS.json new file mode 100644 index 0000000..c8ff1ab --- /dev/null +++ b/root/etc/opensnitchd/rules/Firefox HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-13T23:00:13.231290903+01:00", + "updated": "2021-02-13T23:00:13.231364715+01:00", + "name": "Firefox HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/lib/firefox/firefox\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/firefox/firefox", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Firefox Telemetry.json b/root/etc/opensnitchd/rules/Firefox Telemetry.json new file mode 100644 index 0000000..7fd5654 --- /dev/null +++ b/root/etc/opensnitchd/rules/Firefox Telemetry.json @@ -0,0 +1,16 @@ +{ + "created": "2021-02-14T10:47:26.440467737+01:00", + "updated": "2021-02-14T10:47:26.440519824+01:00", + "name": "Firefox Telemetry", + "enabled": true, + "precedence": false, + "action": "deny", + "duration": "always", + "operator": { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/firefox/pingsender", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Firefox UDP.json b/root/etc/opensnitchd/rules/Firefox UDP.json new file mode 100644 index 0000000..493df46 --- /dev/null +++ b/root/etc/opensnitchd/rules/Firefox UDP.json @@ -0,0 +1,31 @@ +{ + "created": "2021-02-13T23:47:47.99371662+01:00", + "updated": "2021-02-13T23:47:47.993816348+01:00", + "name": "Firefox UDP", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"udp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/lib/firefox/firefox\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "udp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/firefox/firefox", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Git HTTPS.json b/root/etc/opensnitchd/rules/Git HTTPS.json new file mode 100644 index 0000000..782b329 --- /dev/null +++ b/root/etc/opensnitchd/rules/Git HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T00:13:41.961199834+01:00", + "updated": "2021-02-14T00:13:41.961289962+01:00", + "name": "Git HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/git\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/git", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Git Remote HTTP.json b/root/etc/opensnitchd/rules/Git Remote HTTP.json new file mode 100644 index 0000000..4df1613 --- /dev/null +++ b/root/etc/opensnitchd/rules/Git Remote HTTP.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T12:04:29.819374748+01:00", + "updated": "2021-02-14T12:04:29.819497235+01:00", + "name": "Git Remote HTTP", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/lib/git-core/git-remote-http\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/git-core/git-remote-http", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Git Remote HTTPS.json b/root/etc/opensnitchd/rules/Git Remote HTTPS.json new file mode 100644 index 0000000..be594ce --- /dev/null +++ b/root/etc/opensnitchd/rules/Git Remote HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T00:09:22.43748312+01:00", + "updated": "2021-02-14T00:09:22.437567119+01:00", + "name": "Git Remote HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/lib/git-core/git-remote-https\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/git-core/git-remote-https", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/KDE Init (Widgets) HTTPS.json b/root/etc/opensnitchd/rules/KDE Init (Widgets) HTTPS.json new file mode 100644 index 0000000..58877e8 --- /dev/null +++ b/root/etc/opensnitchd/rules/KDE Init (Widgets) HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T00:22:26.791308073+01:00", + "updated": "2021-02-14T00:22:26.791423294+01:00", + "name": "KDE Init (Widgets) HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/kdeinit5\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/kdeinit5", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/KScreenLocker Greet HTTPS.json b/root/etc/opensnitchd/rules/KScreenLocker Greet HTTPS.json new file mode 100644 index 0000000..28979cd --- /dev/null +++ b/root/etc/opensnitchd/rules/KScreenLocker Greet HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T10:41:51.119263965+01:00", + "updated": "2021-02-14T10:41:51.119369128+01:00", + "name": "KScreenLocker Greet HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/lib/kscreenlocker_greet\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/lib/kscreenlocker_greet", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Pacman HTTPS.json b/root/etc/opensnitchd/rules/Pacman HTTPS.json new file mode 100644 index 0000000..f2ec0eb --- /dev/null +++ b/root/etc/opensnitchd/rules/Pacman HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T11:34:12.603291381+01:00", + "updated": "2021-02-14T11:34:12.603387758+01:00", + "name": "Pacman HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/pacman\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/pacman", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Postgres UDP.json b/root/etc/opensnitchd/rules/Postgres UDP.json new file mode 100644 index 0000000..258ba2d --- /dev/null +++ b/root/etc/opensnitchd/rules/Postgres UDP.json @@ -0,0 +1,31 @@ +{ + "created": "2021-02-14T11:01:10.596780435+01:00", + "updated": "2021-02-14T11:01:10.596842776+01:00", + "name": "Postgres UDP", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"udp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/postgres\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "udp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/postgres", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Postman.json b/root/etc/opensnitchd/rules/Postman.json new file mode 100644 index 0000000..0f5844a --- /dev/null +++ b/root/etc/opensnitchd/rules/Postman.json @@ -0,0 +1,16 @@ +{ + "created": "2021-02-14T12:14:10.502846179+01:00", + "updated": "2021-02-14T12:14:10.502884251+01:00", + "name": "Postman", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/opt/postman/app/_Postman", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Python HTTP.json b/root/etc/opensnitchd/rules/Python HTTP.json new file mode 100644 index 0000000..79a1bcb --- /dev/null +++ b/root/etc/opensnitchd/rules/Python HTTP.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T11:06:10.341476457+01:00", + "updated": "2021-02-14T11:06:10.341615213+01:00", + "name": "Python HTTP", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"regexp\", \"operand\": \"process.path\", \"data\": \"/usr/bin/python*\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"80\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "regexp", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/python*", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "80", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Python HTTPS.json b/root/etc/opensnitchd/rules/Python HTTPS.json new file mode 100644 index 0000000..659d250 --- /dev/null +++ b/root/etc/opensnitchd/rules/Python HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T11:07:14.893922125+01:00", + "updated": "2021-02-14T11:07:14.89400606+01:00", + "name": "Python HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"regexp\", \"operand\": \"process.path\", \"data\": \"/usr/bin/python*\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "regexp", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/python*", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Qalculate HTTPS.json b/root/etc/opensnitchd/rules/Qalculate HTTPS.json new file mode 100644 index 0000000..0e4fc91 --- /dev/null +++ b/root/etc/opensnitchd/rules/Qalculate HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T00:52:11.884513258+01:00", + "updated": "2021-02-14T00:52:11.884605842+01:00", + "name": "Qalculate HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/qalculate-gtk\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/qalculate-gtk", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Spotify.json b/root/etc/opensnitchd/rules/Spotify.json new file mode 100644 index 0000000..92ce4d0 --- /dev/null +++ b/root/etc/opensnitchd/rules/Spotify.json @@ -0,0 +1,16 @@ +{ + "created": "2021-02-13T23:56:57.320167106+01:00", + "updated": "2021-02-13T23:56:57.320204749+01:00", + "name": "Spotify", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/opt/spotify/spotify", + "list": [] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/VSCode HTTPS.json b/root/etc/opensnitchd/rules/VSCode HTTPS.json new file mode 100644 index 0000000..f7257cc --- /dev/null +++ b/root/etc/opensnitchd/rules/VSCode HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-14T00:00:26.151773147+01:00", + "updated": "2021-02-14T00:00:26.151968278+01:00", + "name": "VSCode HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/opt/visual-studio-code/code\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/opt/visual-studio-code/code", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Wget HTTP.json b/root/etc/opensnitchd/rules/Wget HTTP.json new file mode 100644 index 0000000..7caf185 --- /dev/null +++ b/root/etc/opensnitchd/rules/Wget HTTP.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-13T23:30:34.914828627+01:00", + "updated": "2021-02-13T23:30:34.914954116+01:00", + "name": "Wget HTTP", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/wget\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"80\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/wget", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "80", + "list": null + } + ] + } +} \ No newline at end of file diff --git a/root/etc/opensnitchd/rules/Wget HTTPS.json b/root/etc/opensnitchd/rules/Wget HTTPS.json new file mode 100644 index 0000000..fcb4b5c --- /dev/null +++ b/root/etc/opensnitchd/rules/Wget HTTPS.json @@ -0,0 +1,38 @@ +{ + "created": "2021-02-13T23:29:59.975141428+01:00", + "updated": "2021-02-13T23:29:59.975219689+01:00", + "name": "Wget HTTPS", + "enabled": true, + "precedence": false, + "action": "allow", + "duration": "always", + "operator": { + "type": "list", + "operand": "list", + "sensitive": false, + "data": "[{\"type\": \"simple\", \"operand\": \"protocol\", \"data\": \"tcp\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/wget\", \"sensitive\": false}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"443\", \"sensitive\": false}]", + "list": [ + { + "type": "simple", + "operand": "protocol", + "sensitive": false, + "data": "tcp", + "list": null + }, + { + "type": "simple", + "operand": "process.path", + "sensitive": false, + "data": "/usr/bin/wget", + "list": null + }, + { + "type": "simple", + "operand": "dest.port", + "sensitive": false, + "data": "443", + "list": null + } + ] + } +} \ No newline at end of file