brandon/oam
1
0
Fork 0
mirror of https://gitea.com/mcereda/oam.git synced 2026-02-09 05:44:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Made little snitch's ruleset more manageable

Browse Source
This commit is contained in:
Michele Cereda
2023-02-15 18:07:41 +01:00
parent 8def13d096
commit 76b0298db2
20 changed files with 607 additions and 259 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.pre-commit-config.yaml
View File

@@ -10,6 +10,7 @@ repos:
args: args:
- --markdown-linebreak-ext=md # ignore markdown's line break - --markdown-linebreak-ext=md # ignore markdown's line break
- id: end-of-file-fixer - id: end-of-file-fixer
- id: check-json
- id: check-yaml - id: check-yaml
- id: check-added-large-files - id: check-added-large-files
- repo: https://github.com/markdownlint/markdownlint - repo: https://github.com/markdownlint/markdownlint

1
.vscode/settings.json vendored
View File

@@ -25,6 +25,7 @@
"gpgtools", "gpgtools",
"growpart", "growpart",
"hadolint", "hadolint",
"imager",
"jdupes", "jdupes",
"kbfs", "kbfs",
"keepass", "keepass",

8
knowledge base/jq.md
View File

@@ -33,13 +33,19 @@ jq '.extensionsGallery + {
itemUrl: "https://marketplace.visualstudio.com/items" itemUrl: "https://marketplace.visualstudio.com/items"
}' /usr/lib/code/product.json }' /usr/lib/code/product.json
# Add elements from an array from another file.
jq '.rules=([input.rules]|flatten)' starting-rule-set.json ending-rule-set.json
# Add elements from an array from multiple files.
jq '.rules=([inputs.rules]|flatten)' starting-rule-set.json parts/*.json
# Put specific keys on top. # Put specific keys on top.
jq '.objects = [(.objects[] as $in | {type,name,id} + $in)]' prod/dataPipeline_deviceLocationConversion_prod.json jq '.objects = [(.objects[] as $in | {type,name,id} + $in)]' prod/dataPipeline_deviceLocationConversion_prod.json
# Convert Enpass' JSON export to a YAML file # Convert Enpass' JSON export to a YAML file
jq '.items[] | {title, fields} | .title + ":", (.fields[] | select(.value != "") | " " + .label + ": " + .value)' test.json -cr jq '.items[] | {title, fields} | .title + ":", (.fields[] | select(.value != "") | " " + .label + ": " + .value)' test.json -cr
# Refactor a datapipeline definition. # Refactor an AWS DataPipeline definition.
jq --sort-keys '.' datapipeline.json > /tmp/sorted.json \ jq --sort-keys '.' datapipeline.json > /tmp/sorted.json \
&& jq '.objects = [(.objects[] as $in | {type,name,id} + $in | with_entries(select(.value != null)))]' \ && jq '.objects = [(.objects[] as $in | {type,name,id} + $in | with_entries(select(.value != null)))]' \
/tmp/sorted.json > /tmp/reordered.json \ /tmp/sorted.json > /tmp/reordered.json \

22
knowledge base/visual studio code.md
View File

@@ -1,5 +1,15 @@
# Visual Studio Code # Visual Studio Code
1. [Network connections](#network-connections)
2. [Troubleshooting](#troubleshooting)
1. [_No extensions found_ when running from source](#no-extensions-found-when-running-from-source)
3. [Further readings](#further-readings)
4. [Sources](#sources)
## Network connections
See [Network connections in Visual Studio Code].
## Troubleshooting ## Troubleshooting
### _No extensions found_ when running from source ### _No extensions found_ when running from source
@@ -20,10 +30,18 @@ jq '.extensionsGallery' /usr/lib/code/product.json
and if not, change them. and if not, change them.
## Further readings
- [Network connections in Visual Studio Code]
## Sources ## Sources
- [using extensions in compiled vscode] - [using extensions in compiled vscode]
[using extensions in compiled vscode]: https://stackoverflow.com/questions/44057402/using-extensions-in-compiled-vscode#45291490 <!-- product's references -->
[network connections in visual studio code]: https://code.visualstudio.com/docs/setup/network
[official product.json]: https://github.com/Microsoft/vscode/blob/master/product.json [official product.json]: https://github.com/Microsoft/vscode/blob/master/product.json
<!-- internal references -->
<!-- external references -->
[using extensions in compiled vscode]: https://stackoverflow.com/questions/44057402/using-extensions-in-compiled-vscode#45291490

0
little snitch/README.md Normal file
View File

28
little snitch/build-full-ruleset.sh Executable file
View File

@@ -0,0 +1,28 @@
#!/usr/bin/env bash
WORKDIR=$(dirname "$0")
# Pre-flight checks
# -----------------
# Check files are readable JSON files.
PRE_FLIGHT_CHECKS_RESULT=0
for FILE in "${WORKDIR}/parts/"*.lsrules
do
if ! jq '.' "$FILE" > /dev/null
then
echo "$FILE"
PRE_FLIGHT_CHECKS_RESULT=1
fi
done
[[ "$PRE_FLIGHT_CHECKS_RESULT" -ne 0 ]] && exit "$PRE_FLIGHT_CHECKS_RESULT"
# Actual work
# -----------
jq --indent 4 -M \
'.rules=([inputs.rules]|flatten)' \
"${WORKDIR}/ruleset.lsrules" \
"${WORKDIR}/parts/"*.lsrules \
| sponge "${WORKDIR}/ruleset.lsrules"

37
little snitch/parts/bitwarden.lsrules Normal file
View File

@@ -0,0 +1,37 @@
{
"description": "",
"name": "Bitwarden",
"rules": [
{
"action": "allow",
"notes": "Allow Bitwarden to connect to its servers.",
"ports": "443",
"process": "/Applications/Bitwarden.app/Contents/MacOS/Bitwarden",
"protocol": "tcp",
"remote-hosts": "api.bitwarden.com"
},
{
"action": "allow",
"notes": "Allow Bitwarden's Helper to connect to its servers.",
"ports": "443",
"process": "/Applications/Bitwarden.app/Contents/MacOS/Bitwarden",
"protocol": "tcp",
"remote-hosts": [
"identity.bitwarden.com",
"notifications.bitwarden.com"
],
"via": "/Applications/Bitwarden.app/Contents/Frameworks/Bitwarden Helper.app/Contents/MacOS/Bitwarden Helper"
},
{
"action": "allow",
"notes": "Allow Bitwarden's Helper to gather icons for its entries.",
"ports": "443",
"process": "/Applications/Bitwarden.app/Contents/MacOS/Bitwarden",
"protocol": "tcp",
"remote-hosts": "icons.bitwarden.net",
"via": "/Applications/Bitwarden.app/Contents/Frameworks/Bitwarden Helper.app/Contents/MacOS/Bitwarden Helper"
}
]
}

68
little snitch/parts/firefox.lsrules Normal file
View File

@@ -0,0 +1,68 @@
{
"description": "",
"name": "Firefox",
"rules": [
{
"action": "allow",
"notes": "Allow Firefox to check for captive portals.",
"ports": "80",
"process": "/Applications/Firefox.app/Contents/MacOS/firefox",
"protocol": "tcp",
"remote-hosts": "detectportal.firefox.com"
},
{
"action": "allow",
"notes": "Allow Firefox to gather information about certificates.",
"ports": "80",
"process": "/Applications/Firefox.app/Contents/MacOS/firefox",
"protocol": "tcp",
"remote-hosts": [
"o.lencr.org",
"ocsp.digicert.com",
"ocsp.entrust.net",
"ocsp.globalsign.com",
"ocsp.pki.goog",
"ocsp.r2m01.amazontrust.com",
"ocsp.sca1b.amazontrust.com",
"ocsp.sectigo.com"
]
},
{
"action": "deny",
"notes": "Stop Firefox from connecting to Google's Interactive Media Ads SDK, which allows developers and publishers to show interactive and video ads on their websites and mobile apps.",
"process": "/Applications/Firefox.app/Contents/MacOS/firefox",
"remote-domains": "imasdk.googleapis.com"
},
{
"action": "deny",
"notes": "Stop Firefox from connecting to google-analytics.com.",
"process": "/Applications/Firefox.app/Contents/MacOS/firefox",
"remote-domains": "google-analytics.com"
},
{
"action": "deny",
"notes": "Stop Firefox from tracking content from third-party sites.",
"process": "/Applications/Firefox.app/Contents/MacOS/firefox",
"remote-domains": "googletagservices.com"
},
{
"action": "allow",
"notes": "Allow Firefox to securely connect to websites.",
"ports": "443",
"process": "/Applications/Firefox.app/Contents/MacOS/firefox",
"protocol": "tcp",
"remote": "any"
},
{
"action": "allow",
"notes": "Allow Firefox to securely connect to websites.",
"ports": "443",
"process": "/Applications/Firefox.app/Contents/MacOS/firefox",
"protocol": "udp",
"remote": "any"
}
]
}

14
little snitch/parts/gpg-suite.lsrules Normal file
View File

@@ -0,0 +1,14 @@
{
"description": "",
"name": "GPG Suite",
"rules": [
{
"action": "allow",
"notes": "Allow the GPG Suite's updater to download updates.",
"ports": "443",
"process": "/Library/Application Support/GPGTools/GPGSuite_Updater.app/Contents/MacOS/GPGSuite_Updater",
"protocol": "tcp",
"remote-hosts": "gpgtools.com"
}
]
}

5
little snitch/parts/iterm2.lsrules Normal file
View File

@@ -0,0 +1,5 @@
{
"description": "",
"name": "iTerm2",
"rules": []
}

32
little snitch/parts/keybase.lsrules Normal file
View File

@@ -0,0 +1,32 @@
{
"description": "",
"name": "Keybase",
"rules": [
{
"action": "allow",
"notes": "Allow Keybase to connect to its servers.",
"ports": "443",
"process": "/Applications/Keybase.app/Contents/SharedSupport/bin/keybase",
"protocol": "tcp",
"remote-domains": "core.keybaseapi.com"
},
{
"action": "allow",
"notes": "Allow Keybase's updater to download software updates.",
"ports": "443",
"process": "/Applications/Keybase.app/Contents/SharedSupport/bin/updater",
"protocol": "tcp",
"remote-domains": "core.keybaseapi.com"
},
{
"action": "allow",
"notes": "Allow the KBFS functionality of Keybase.",
"ports": "443",
"process": "/Applications/Keybase.app/Contents/SharedSupport/bin/kbfs",
"protocol": "tcp",
"remote-domains": "kbfs.keybaseapi.com"
}
]
}

23
little snitch/parts/little-snitch.lsrules Normal file
View File

@@ -0,0 +1,23 @@
{
"description": "",
"name": "Little Snitch",
"rules": [
{
"action": "allow",
"notes": "Allow Little Snitch to download software updates.",
"ports": "443",
"process": "/Applications/Little Snitch.app/Contents/Components/Little Snitch Software Update.app/Contents/MacOS/Little Snitch Software Update",
"protocol": "tcp",
"remote-hosts": "sw-update.obdev.at"
},
{
"action": "allow",
"notes": "Allow Little Snitch to subscribe to rules groups.",
"ports": "443",
"process": "/Library/Application Support/Objective Development/Little Snitch/Components/at.obdev.littlesnitch.daemon.bundle/Contents/XPCServices/at.obdev.littlesnitch.urldownloader.xpc/Contents/MacOS/at.obdev.littlesnitch.urldownloader",
"protocol": "tcp",
"remote-hosts": "pgl.yoyo.org"
}
]
}

32
little snitch/parts/logi-options-plus.lsrules Normal file
View File

@@ -0,0 +1,32 @@
{
"description": "",
"name": "Logi Options Plus",
"rules": [
{
"action": "allow",
"notes": "Allow the Logi Options+'s updater to download the application's updates.",
"ports": "443",
"process": "/Library/Application Support/Logitech.localized/LogiOptionsPlus/logioptionsplus_agent.app/Contents/Frameworks/logioptionsplus_updater.app/Contents/MacOS/logioptionsplus_updater",
"protocol": "tcp",
"remote-hosts": "updates.optionsplus.logitechg.com"
},
{
"action": "allow",
"notes": "Allow Logi Options+ to connect to Logitech's account.",
"ports": "443",
"process": "/Library/Application Support/Logitech.localized/LogiOptionsPlus/logioptionsplus_agent.app/Contents/MacOS/logioptionsplus_agent",
"protocol": "tcp",
"remote-hosts": "accounts.logi.com"
},
{
"action": "allow",
"notes": "Allow the Flow functionality of Logi Options+.",
"ports": "443",
"process": "/Library/Application Support/Logitech.localized/LogiOptionsPlus/logioptionsplus_agent.app/Contents/MacOS/logioptionsplus_agent",
"protocol": "tcp",
"remote-hosts": "flow.logitech.io"
}
]
}

14
little snitch/parts/raspberrypi-imager.lsrules Normal file
View File

@@ -0,0 +1,14 @@
{
"description": "",
"name": "RaspberryPi Imager",
"rules": [
{
"action": "allow",
"notes": "Allow RaspberryPi Imager to securely connect to websites to download images and their metadata.",
"ports": "443",
"process": "/Applications/Raspberry Pi Imager.app/Contents/MacOS/rpi-imager",
"protocol": "tcp",
"remote": "any"
}
]
}

5
little snitch/parts/template.lsrules Normal file
View File

@@ -0,0 +1,5 @@
{
"description": "",
"name": "",
"rules": []
}

48
little snitch/parts/vivaldi.lsrules Normal file
View File

@@ -0,0 +1,48 @@
{
"description": "See https://vivaldi.com/blog/decoding-network-activity-in-vivaldi/ for details.",
"name": "Vivaldi",
"rules": [
{
"action": "allow",
"notes": "Allow Vivaldi to securely sync with its servers.",
"ports": "443",
"process": "/Applications/Vivaldi.app/Contents/MacOS/Vivaldi",
"protocol": "tcp",
"remote-hosts": "bifrost.vivaldi.com"
},
{
"action": "allow",
"notes": "Allow Vivaldi to sync with its servers.",
"ports": "15674",
"process": "/Applications/Vivaldi.app/Contents/MacOS/Vivaldi",
"protocol": "tcp",
"remote-hosts": "bifrost.vivaldi.com"
},
{
"action": "allow",
"notes": "Allow Vivaldi to securely login into the user's account.",
"ports": "443",
"process": "/Applications/Vivaldi.app/Contents/MacOS/Vivaldi",
"protocol": "tcp",
"remote-hosts": "login.vivaldi.com"
},
{
"action": "allow",
"notes": "Allow Vivaldi to securely connect to websites.",
"ports": "443",
"process": "/Applications/Vivaldi.app/Contents/MacOS/Vivaldi",
"protocol": "tcp",
"remote": "any"
},
{
"action": "allow",
"notes": "Allow Vivaldi to securely connect to websites.",
"ports": "443",
"process": "/Applications/Vivaldi.app/Contents/MacOS/Vivaldi",
"protocol": "udp",
"remote": "any"
}
]
}

83
little snitch/parts/vscode.lsrules Normal file
View File

@@ -0,0 +1,83 @@
{
"description": "See https://code.visualstudio.com/docs/setup/network for details.",
"name": "Visual Studio Code",
"rules": [
{
"action": "allow",
"notes": "Allow VS Code to access its documentation.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": "code.visualstudio.com"
},
{
"action": "allow",
"notes": "Allow VS Code to update itself.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": "update.code.visualstudio.com"
},
{
"action": "allow",
"notes": "Allow VS Code's Helper to access the marketplace and download extensions.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": [
"az764295.vo.msecnd.net",
"download.visualstudio.microsoft.com",
"marketplace.visualstudio.com",
"vsmarketplacebadges.dev"
],
"via": "/Applications/Visual Studio Code.app/Contents/Frameworks/Code Helper.app/Contents/MacOS/Code Helper"
},
{
"action": "allow",
"notes": "Allow VS Code to download extensions from the marketplace.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-domains": [
"gallery.vsassets.io",
"gallerycdn.vsassets.io"
]
},
{
"action": "allow",
"notes": "Allow VS Code to sync the user's settings.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": [
"vscode-sync-insiders.trafficmanager.net",
"vscode-sync.trafficmanager.net",
"vscode.dev"
]
},
{
"action": "allow",
"notes": "Allow VS Code's Helper to download schemas.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": [
"json.schemastore.org",
"www.schemastore.org"
],
"via": "/Applications/Visual Studio Code.app/Contents/Frameworks/Code Helper.app/Contents/MacOS/Code Helper"
},
{
"action": "deny",
"notes": "Stop VS Code's Helper from connecting to dc.services.visualstudio.com.\nUsed by the Application Insights SDK or Application Insights Agent to send data to the vendor's services in Azure.\nSee https://learn.microsoft.com/en-us/azure/azure-monitor/app/ip-addresses for details.",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"remote-hosts": "dc.services.visualstudio.com",
"via": "/Applications/Visual Studio Code.app/Contents/Frameworks/Code Helper.app/Contents/MacOS/Code Helper"
}
]
}

40
little snitch/parts/whatsapp.lsrules Normal file
View File

@@ -0,0 +1,40 @@
{
"description": "",
"name": "WhatsApp",
"rules": [
{
"action": "allow",
"notes": "Allow WhatsApp to authenticate to its servers.",
"ports": "443",
"process": "/Applications/WhatsApp.app/Contents/MacOS/WhatsApp",
"protocol": "tcp",
"remote-hosts": "web.whatsapp.com"
},
{
"action": "allow",
"notes": "Allow WhatsApp to securely download media.",
"ports": "443",
"process": "/Applications/WhatsApp.app/Contents/MacOS/WhatsApp",
"protocol": "tcp",
"remote-hosts": "cdn.whatsapp.net"
},
{
"action": "allow",
"notes": "Allow WhatsApp to securely connect to websites to get links' previews.",
"ports": "443",
"process": "/Applications/WhatsApp.app/Contents/MacOS/WhatsApp",
"protocol": "tcp",
"remote": "any"
},
{
"action": "allow",
"notes": "Allow WhatsApp to securely connect to websites to get links' previews.",
"ports": "443",
"process": "/Applications/WhatsApp.app/Contents/MacOS/WhatsApp",
"protocol": "udp",
"remote": "any"
}
]
}

397
rules.lsrules → little snitch/ruleset.lsrules
View File

@@ -1,38 +1,14 @@
{ {
"description": "Michele Cereda's collection of common Little Snitch rules.", "description": "Michele Cereda's collection of common Little Snitch rules.\nAssumes a deny-all default policy.",
"name": "Michele Cereda's Rules List", "name": "Michele Cereda's Rules List",
"rules": [ "rules": [
{ {
"action": "allow", "action": "allow",
"notes": "Allow Little Snitch to download rules groups.", "notes": "Allow Bitwarden to connect to its servers.",
"ports": "443", "ports": "443",
"process": "/Library/Application Support/Objective Development/Little Snitch/Components/at.obdev.littlesnitch.daemon.bundle/Contents/XPCServices/at.obdev.littlesnitch.urldownloader.xpc/Contents/MacOS/at.obdev.littlesnitch.urldownloader", "process": "/Applications/Bitwarden.app/Contents/MacOS/Bitwarden",
"protocol": "tcp", "protocol": "tcp",
"remote-hosts": "github.com" "remote-hosts": "api.bitwarden.com"
},
{
"action": "allow",
"notes": "Allow Little Snitch to download rules groups.",
"ports": "443",
"process": "/Library/Application Support/Objective Development/Little Snitch/Components/at.obdev.littlesnitch.daemon.bundle/Contents/XPCServices/at.obdev.littlesnitch.urldownloader.xpc/Contents/MacOS/at.obdev.littlesnitch.urldownloader",
"protocol": "tcp",
"remote-hosts": "gitlab.com"
},
{
"action": "allow",
"notes": "Allow Little Snitch to download rules groups.",
"ports": "443",
"process": "/Library/Application Support/Objective Development/Little Snitch/Components/at.obdev.littlesnitch.daemon.bundle/Contents/XPCServices/at.obdev.littlesnitch.urldownloader.xpc/Contents/MacOS/at.obdev.littlesnitch.urldownloader",
"protocol": "tcp",
"remote-hosts": "mek.keybase.pub"
},
{
"action": "allow",
"notes": "Allow Little Snitch to download rules groups.",
"ports": "443",
"process": "/Library/Application Support/Objective Development/Little Snitch/Components/at.obdev.littlesnitch.daemon.bundle/Contents/XPCServices/at.obdev.littlesnitch.urldownloader.xpc/Contents/MacOS/at.obdev.littlesnitch.urldownloader",
"protocol": "tcp",
"remote-hosts": "pgl.yoyo.org"
}, },
{ {
"action": "allow", "action": "allow",
@@ -40,24 +16,10 @@
"ports": "443", "ports": "443",
"process": "/Applications/Bitwarden.app/Contents/MacOS/Bitwarden", "process": "/Applications/Bitwarden.app/Contents/MacOS/Bitwarden",
"protocol": "tcp", "protocol": "tcp",
"remote-hosts": "api.bitwarden.com", "remote-hosts": [
}, "identity.bitwarden.com",
{ "notifications.bitwarden.com"
"action": "allow", ],
"notes": "Allow Bitwarden's Helper to connect to its servers.",
"ports": "443",
"process": "/Applications/Bitwarden.app/Contents/MacOS/Bitwarden",
"protocol": "tcp",
"remote-hosts": "identity.bitwarden.com",
"via": "/Applications/Bitwarden.app/Contents/Frameworks/Bitwarden Helper.app/Contents/MacOS/Bitwarden Helper"
},
{
"action": "allow",
"notes": "Allow Bitwarden's Helper to connect to its servers.",
"ports": "443",
"process": "/Applications/Bitwarden.app/Contents/MacOS/Bitwarden",
"protocol": "tcp",
"remote-hosts": "notifications.bitwarden.com",
"via": "/Applications/Bitwarden.app/Contents/Frameworks/Bitwarden Helper.app/Contents/MacOS/Bitwarden Helper" "via": "/Applications/Bitwarden.app/Contents/Frameworks/Bitwarden Helper.app/Contents/MacOS/Bitwarden Helper"
}, },
{ {
@@ -69,22 +31,6 @@
"remote-hosts": "icons.bitwarden.net", "remote-hosts": "icons.bitwarden.net",
"via": "/Applications/Bitwarden.app/Contents/Frameworks/Bitwarden Helper.app/Contents/MacOS/Bitwarden Helper" "via": "/Applications/Bitwarden.app/Contents/Frameworks/Bitwarden Helper.app/Contents/MacOS/Bitwarden Helper"
}, },
{
"action": "allow",
"notes": "Allow Firefox to gather information about certificates.",
"ports": "80",
"process": "/Applications/Firefox.app/Contents/MacOS/firefox",
"protocol": "tcp",
"remote-hosts": "ocsp.sca1b.amazontrust.com"
},
{
"action": "allow",
"notes": "Allow Firefox to gather information about certificates.",
"ports": "80",
"process": "/Applications/Firefox.app/Contents/MacOS/firefox",
"protocol": "tcp",
"remote-hosts": "ocsp.digicert.com"
},
{ {
"action": "allow", "action": "allow",
"notes": "Allow Firefox to check for captive portals.", "notes": "Allow Firefox to check for captive portals.",
@@ -99,15 +45,16 @@
"ports": "80", "ports": "80",
"process": "/Applications/Firefox.app/Contents/MacOS/firefox", "process": "/Applications/Firefox.app/Contents/MacOS/firefox",
"protocol": "tcp", "protocol": "tcp",
"remote-hosts": "ocsp.pki.goog" "remote-hosts": [
}, "o.lencr.org",
{ "ocsp.digicert.com",
"action": "allow", "ocsp.entrust.net",
"notes": "Allow Firefox to gather information about certificates.", "ocsp.globalsign.com",
"ports": "80", "ocsp.pki.goog",
"process": "/Applications/Firefox.app/Contents/MacOS/firefox", "ocsp.r2m01.amazontrust.com",
"protocol": "tcp", "ocsp.sca1b.amazontrust.com",
"remote-domains": "o.lencr.org" "ocsp.sectigo.com"
]
}, },
{ {
"action": "deny", "action": "deny",
@@ -145,53 +92,12 @@
}, },
{ {
"action": "allow", "action": "allow",
"notes": "Allow the GPG Suite updater to download updates.", "notes": "Allow the GPG Suite's updater to download updates.",
"ports": "443", "ports": "443",
"process": "/Library/Application Support/GPGTools/GPGSuite_Updater.app/Contents/MacOS/GPGSuite_Updater", "process": "/Library/Application Support/GPGTools/GPGSuite_Updater.app/Contents/MacOS/GPGSuite_Updater",
"protocol": "tcp", "protocol": "tcp",
"remote-hosts": "gpgtools.com" "remote-hosts": "gpgtools.com"
}, },
{
"action": "allow",
"notes": "Allow Homebrew to download updates.",
"ports": "443",
"process": "/Applications/iTerm.app/Contents/MacOS/iTerm2",
"protocol": "tcp",
"remote-hosts": "ghcr.io"
},
{
"action": "allow",
"notes": "Allow Macports to download updates.",
"ports": "873",
"process": "/Applications/iTerm.app/Contents/MacOS/iTerm2",
"protocol": "tcp",
"remote-hosts": "rsync.macports.org"
},
{
"action": "allow",
"notes": "Allow Macports to download updates.",
"ports": "80",
"process": "/Applications/iTerm.app/Contents/MacOS/iTerm2",
"protocol": "tcp",
"remote-domains": "packages.macports.org",
"via": "/opt/local/libexec/macports/bin/tclsh8.6"
},
{
"action": "allow",
"notes": "Allow iTerm2 to securely connect to websites.",
"ports": "443",
"process": "/Applications/iTerm.app/Contents/MacOS/iTerm2",
"protocol": "tcp",
"remote": "any"
},
{
"action": "allow",
"notes": "Allow the KBFS functionality of Keybase.",
"ports": "443",
"process": "/Applications/Keybase.app/Contents/SharedSupport/bin/kbfs",
"protocol": "tcp",
"remote-domains": "kbfs.keybaseapi.com"
},
{ {
"action": "allow", "action": "allow",
"notes": "Allow Keybase to connect to its servers.", "notes": "Allow Keybase to connect to its servers.",
@@ -202,12 +108,44 @@
}, },
{ {
"action": "allow", "action": "allow",
"notes": "Allow Little Snitch to get software updates.", "notes": "Allow Keybase's updater to download software updates.",
"ports": "443",
"process": "/Applications/Keybase.app/Contents/SharedSupport/bin/updater",
"protocol": "tcp",
"remote-domains": "core.keybaseapi.com"
},
{
"action": "allow",
"notes": "Allow the KBFS functionality of Keybase.",
"ports": "443",
"process": "/Applications/Keybase.app/Contents/SharedSupport/bin/kbfs",
"protocol": "tcp",
"remote-domains": "kbfs.keybaseapi.com"
},
{
"action": "allow",
"notes": "Allow Little Snitch to download software updates.",
"ports": "443", "ports": "443",
"process": "/Applications/Little Snitch.app/Contents/Components/Little Snitch Software Update.app/Contents/MacOS/Little Snitch Software Update", "process": "/Applications/Little Snitch.app/Contents/Components/Little Snitch Software Update.app/Contents/MacOS/Little Snitch Software Update",
"protocol": "tcp", "protocol": "tcp",
"remote-hosts": "sw-update.obdev.at" "remote-hosts": "sw-update.obdev.at"
}, },
{
"action": "allow",
"notes": "Allow Little Snitch to subscribe to rules groups.",
"ports": "443",
"process": "/Library/Application Support/Objective Development/Little Snitch/Components/at.obdev.littlesnitch.daemon.bundle/Contents/XPCServices/at.obdev.littlesnitch.urldownloader.xpc/Contents/MacOS/at.obdev.littlesnitch.urldownloader",
"protocol": "tcp",
"remote-hosts": "pgl.yoyo.org"
},
{
"action": "allow",
"notes": "Allow the Logi Options+'s updater to download the application's updates.",
"ports": "443",
"process": "/Library/Application Support/Logitech.localized/LogiOptionsPlus/logioptionsplus_agent.app/Contents/Frameworks/logioptionsplus_updater.app/Contents/MacOS/logioptionsplus_updater",
"protocol": "tcp",
"remote-hosts": "updates.optionsplus.logitechg.com"
},
{ {
"action": "allow", "action": "allow",
"notes": "Allow Logi Options+ to connect to Logitech's account.", "notes": "Allow Logi Options+ to connect to Logitech's account.",
@@ -226,144 +164,11 @@
}, },
{ {
"action": "allow", "action": "allow",
"notes": "Allow the Logi Options+'s updater to get updates.", "notes": "Allow RaspberryPi Imager to securely connect to websites to download images and their metadata.",
"ports": "443", "ports": "443",
"process": "/Library/Application Support/Logitech.localized/LogiOptionsPlus/logioptionsplus_agent.app/Contents/Frameworks/logioptionsplus_updater.app/Contents/MacOS/logioptionsplus_updater", "process": "/Applications/Raspberry Pi Imager.app/Contents/MacOS/rpi-imager",
"protocol": "tcp", "protocol": "tcp",
"remote-hosts": "updates.optionsplus.logitechg.com" "remote": "any"
},
{
"action": "allow",
"notes": "Allow Keybase to get software updates.",
"ports": "443",
"process": "/Applications/Keybase.app/Contents/SharedSupport/bin/updater",
"protocol": "tcp",
"remote-domains": "core.keybaseapi.com"
},
{
"action": "allow",
"notes": "Allow VS Code's Helper to download repositories from Github.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": "github.com",
"via": "/Applications/Visual Studio Code.app/Contents/Frameworks/Code Helper.app/Contents/MacOS/Code Helper"
},
{
"action": "allow",
"notes": "Allow VS Code's Helper to download repositories from Gitlab.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": "gitlab.com",
"via": "/Applications/Visual Studio Code.app/Contents/Frameworks/Code Helper.app/Contents/MacOS/Code Helper"
},
{
"action": "allow",
"notes": "Allow VS Code's Helper to get the user's information from Gravatar.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": "www.gravatar.com",
"via": "/Applications/Visual Studio Code.app/Contents/Frameworks/Code Helper.app/Contents/MacOS/Code Helper"
},
{
"action": "allow",
"notes": "Allow VS Code's Helper to download schemas.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": "json.schemastore.org",
"via": "/Applications/Visual Studio Code.app/Contents/Frameworks/Code Helper.app/Contents/MacOS/Code Helper"
},
{
"action": "allow",
"notes": "Allow VS Code's Helper to download schemas.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": "www.schemastore.org",
"via": "/Applications/Visual Studio Code.app/Contents/Frameworks/Code Helper.app/Contents/MacOS/Code Helper"
},
{
"action": "allow",
"notes": "Allow VS Code's Helper to gather extensions.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": "marketplace.visualstudio.com",
"via": "/Applications/Visual Studio Code.app/Contents/Frameworks/Code Helper.app/Contents/MacOS/Code Helper"
},
{
"action": "allow",
"notes": "Allow VS Code to sync the user's settings.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": "vscode-sync.trafficmanager.net"
},
{
"action": "allow",
"notes": "Allow VS Code to look for updates.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": "update.code.visualstudio.com"
},
{
"action": "allow",
"notes": "Allow VS Code to download Terraform's extension.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": "checkpoint-api.hashicorp.com"
},
{
"action": "allow",
"notes": "Allow VS Code to download repositories from Github.",
"ports": "22",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": "github.com"
},
{
"action": "allow",
"notes": "Allow VS Code to sync with its servers.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": "api.github.com",
},
{
"action": "allow",
"notes": "Allow VS Code to download repositories from Gitlab.",
"ports": "22",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": "gitlab.com"
},
{
"action": "deny",
"notes": "Stop VS Code's Helper from connecting to dc.services.visualstudio.com.",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"remote-hosts": "dc.services.visualstudio.com",
"via": "/Applications/Visual Studio Code.app/Contents/Frameworks/Code Helper.app/Contents/MacOS/Code Helper"
},
{
"action": "allow",
"notes": "Allow VS Code to download extensions.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-domains": "gallery.vsassets.io"
},
{
"action": "allow",
"notes": "Allow VS Code to download extensions.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-domains": "gallerycdn.vsassets.io"
}, },
{ {
"action": "allow", "action": "allow",
@@ -407,7 +212,79 @@
}, },
{ {
"action": "allow", "action": "allow",
"notes": "Allow WhatsApp to authenticate.", "notes": "Allow VS Code to access its documentation.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": "code.visualstudio.com"
},
{
"action": "allow",
"notes": "Allow VS Code to update itself.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": "update.code.visualstudio.com"
},
{
"action": "allow",
"notes": "Allow VS Code's Helper to access the marketplace and download extensions.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": [
"az764295.vo.msecnd.net",
"download.visualstudio.microsoft.com",
"marketplace.visualstudio.com",
"vsmarketplacebadges.dev"
],
"via": "/Applications/Visual Studio Code.app/Contents/Frameworks/Code Helper.app/Contents/MacOS/Code Helper"
},
{
"action": "allow",
"notes": "Allow VS Code to download extensions from the marketplace.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-domains": [
"gallery.vsassets.io",
"gallerycdn.vsassets.io"
]
},
{
"action": "allow",
"notes": "Allow VS Code to sync the user's settings.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": [
"vscode-sync-insiders.trafficmanager.net",
"vscode-sync.trafficmanager.net",
"vscode.dev"
]
},
{
"action": "allow",
"notes": "Allow VS Code's Helper to download schemas.",
"ports": "443",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"protocol": "tcp",
"remote-hosts": [
"json.schemastore.org",
"www.schemastore.org"
],
"via": "/Applications/Visual Studio Code.app/Contents/Frameworks/Code Helper.app/Contents/MacOS/Code Helper"
},
{
"action": "deny",
"notes": "Stop VS Code's Helper from connecting to dc.services.visualstudio.com.\nUsed by the Application Insights SDK or Application Insights Agent to send data to the vendor's services in Azure.\nSee https://learn.microsoft.com/en-us/azure/azure-monitor/app/ip-addresses for details.",
"process": "/Applications/Visual Studio Code.app/Contents/MacOS/Electron",
"remote-hosts": "dc.services.visualstudio.com",
"via": "/Applications/Visual Studio Code.app/Contents/Frameworks/Code Helper.app/Contents/MacOS/Code Helper"
},
{
"action": "allow",
"notes": "Allow WhatsApp to authenticate to its servers.",
"ports": "443", "ports": "443",
"process": "/Applications/WhatsApp.app/Contents/MacOS/WhatsApp", "process": "/Applications/WhatsApp.app/Contents/MacOS/WhatsApp",
"protocol": "tcp", "protocol": "tcp",
@@ -419,7 +296,23 @@
"ports": "443", "ports": "443",
"process": "/Applications/WhatsApp.app/Contents/MacOS/WhatsApp", "process": "/Applications/WhatsApp.app/Contents/MacOS/WhatsApp",
"protocol": "tcp", "protocol": "tcp",
"remote-domains": "cdn.whatsapp.net" "remote-hosts": "cdn.whatsapp.net"
},
{
"action": "allow",
"notes": "Allow WhatsApp to securely connect to websites to get links' previews.",
"ports": "443",
"process": "/Applications/WhatsApp.app/Contents/MacOS/WhatsApp",
"protocol": "tcp",
"remote": "any"
},
{
"action": "allow",
"notes": "Allow WhatsApp to securely connect to websites to get links' previews.",
"ports": "443",
"process": "/Applications/WhatsApp.app/Contents/MacOS/WhatsApp",
"protocol": "udp",
"remote": "any"
} }
] ]
} }