discord attachments and osu openmsnitch rules

This commit is contained in:
Grimmauld 2024-10-08 11:58:36 +02:00
parent 48cb9f9e7c
commit 96d240c517
Signed by: Grimmauld
GPG key ID: C2946668769F91FB
2 changed files with 52 additions and 6 deletions

View file

@ -132,6 +132,51 @@ in
};
};
osu_deny = mkIf (config.grimmShared.gaming && graphical) {
name = "osu-deny";
enabled = true;
action = "deny";
precedence = false;
duration = "always";
operator = {
type ="regexp";
sensitive = false;
operand = "process.path";
data = "/nix/store/[a-z0-9]{32}-osu-lazer-bin-${escapeRegex (getVersion pkgs.osu-lazer-bin)}-extracted/usr/bin/osu!";
};
};
osu_allow = mkIf (config.grimmShared.gaming && graphical) {
name = "osu-allow";
enabled = true;
action = "allow";
precedence = true;
duration = "always";
operator = {
type = "list";
operand = "list";
list = [
{
type = "simple";
operand = "dest.port";
data = "443";
}
{
type ="regexp";
sensitive = false;
operand = "process.path";
data = "/nix/store/[a-z0-9]{32}-osu-lazer-bin-${escapeRegex (getVersion pkgs.osu-lazer-bin)}-extracted/usr/bin/osu!";
}
{
type = "regexp";
sensitive = false;
operand = "dest.host";
data = "(api\.github\.com)|((.+\.)?ppy\.sh)";
}
];
};
};
ncspot = mkIf (config.grimmShared.spotify.enable) {
name = "ncspot";
enabled = true;
@ -375,13 +420,13 @@ in
operand = "dest.port";
data = "123|37|53";
}
# {
# type = "regexp";
# sensitive = false;
# operand = "dest.host";
# data = ".*\.nixos\.pool\.ntp\.org";
# }
{
type = "regexp";
sensitive = false;
operand = "dest.host";
data = ".*\.nixos\.pool\.ntp\.org";
}
{
type = "simple";
operand = "user.id";
data = "154";

View file

@ -4,6 +4,7 @@ discordapp.net
discord.gg
discord.com
vencord.dev
discord-attachments-uploads-prd.storage.googleapis.com
github.com
githubusercontent.com