Grimmauld/grimm-nixos-laptop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix opensnitch logspam due to invalid creation time stamps

Browse Source
This commit is contained in:
Grimmauld 2024-10-12 12:27:32 +02:00
parent 76efedce92
commit b10ee3bf29
Signed by: Grimmauld
GPG Key ID: C2946668769F91FB
1 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
common/tooling/opensnitch/default.nix
View File

@ -26,6 +26,8 @@ let
local_network = [ "192.168.0.0/16" "10.0.0.0/8" "172.16.0.0/12" "fc00::/7" ];
local_ips = pkgs.writeTextDir "local_ips.list" (concatLines local_network);
created = "1970-01-01T00:00:00.0+00:00";
in
{
config = mkIf (enable && tooling.enable && network) {
@ -57,6 +59,7 @@ in
enabled = true;
action = "allow";
duration = "always";
inherit created;
operator = {
type ="simple";
sensitive = false;
@ -70,6 +73,7 @@ in
action = "deny";
enabled = true;
duration = "always";
inherit created;
operator = {
type = "lists";
operand = "lists.domains";
@ -82,6 +86,7 @@ in
enabled = true;
action = "allow";
duration = "always";
inherit created;
operator = {
type = "list";
operand = "list";
@ -117,6 +122,7 @@ in
action = "allow";
duration = "always";
precedence = true;
inherit created;
operator = {
type ="regexp";
sensitive = false;
@ -131,6 +137,7 @@ in
action = "deny";
precedence = false;
duration = "always";
inherit created;
operator = {
type ="simple";
sensitive = false;
@ -145,6 +152,7 @@ in
action = "deny";
precedence = false;
duration = "always";
inherit created;
operator = {
type ="regexp";
sensitive = false;
@ -159,6 +167,7 @@ in
action = "allow";
precedence = true;
duration = "always";
inherit created;
operator = {
type = "list";
operand = "list";
@ -189,6 +198,7 @@ in
enabled = true;
action = "allow";
duration = "always";
inherit created;
operator = {
type = "list";
operand = "list";
@ -219,6 +229,7 @@ in
action = "allow";
duration = "always";
precedence = true;
inherit created;
operator = {
type = "list";
operand = "list";
@ -250,6 +261,7 @@ in
action = "allow";
duration = "always";
precedence = true;
inherit created;
operator = {
type = "list";
operand = "list";
@ -275,6 +287,7 @@ in
action = "deny";
precedence = false;
duration = "always";
inherit created;
operator = {
type ="regexp";
sensitive = false;
@ -289,6 +302,7 @@ in
action = "allow";
precedence = true;
duration = "always";
inherit created;
operator = {
type = "list";
operand = "list";
@ -314,6 +328,7 @@ in
action = "deny";
precedence = false;
duration = "always";
inherit created;
operator = {
type ="regexp";
sensitive = false;
@ -329,6 +344,7 @@ in
action = "allow";
precedence = true;
duration = "always";
inherit created;
operator = {
type = "list";
operand = "list";
@ -355,6 +371,7 @@ in
enabled = true;
action = "allow";
duration = "always";
inherit created;
operator = {
type = "list";
operand = "list";
@ -384,6 +401,7 @@ in
enabled = true;
action = "allow";
duration = "always";
inherit created;
operator = {
type ="regexp";
operand = "protocol";
@ -397,6 +415,7 @@ in
enabled = true;
action = "allow";
duration = "always";
inherit created;
operator = {
type = "list";
operand = "list";
@ -426,6 +445,7 @@ in
enabled = true;
action = "allow";
duration = "always";
inherit created;
operator = {
type = "list";
operand = "list";
@ -439,7 +459,7 @@ in
{
type ="regexp";
operand = "dest.port";
data = "53|631";
data = "53|631|80";
}
{
type = "lists";
@ -455,6 +475,7 @@ in
enabled = true;
action = "allow";
duration = "always";
inherit created;
operator = {
type = "list";
operand = "list";
@ -489,6 +510,7 @@ in
enabled = true;
action = "allow";
duration = "always";
inherit created;
operator = {
type = "list";
operand = "list";