Open bfcns opened 1 year ago
Thank you for the report, do you have an example for this specific configuration?
Have you tried configuring like this? Took it from here but don't know how it works https://github.com/evilsocket/opensnitch/wiki/Rules
services.opensnitch = {
enable = true;
rules = {
systemd-timesyncd = {
name = "systemd-timesyncd";
enabled = true;
action = "allow";
duration = "always";
operator = {
type = "list";
operand = "list";
data = "[{\"type\": \"simple\", \"operand\": \"dest.ip\", \"data\": \"1.1.0.1\"}, {\"type\": \"simple\", \"operand\": \"dest.port\", \"data\": \"23\"}, {\"type\": \"simple\", \"operand\": \"user.id\", \"data\": \"1000\"}, {\"type\": \"simple\", \"operand\": \"process.path\", \"data\": \"/usr/bin/telnet.netkit\"}]";
list = [
{
type = "simple";
operand = "dest.ip";
sensitive = false;
data = "1.1.0.1";
list = null;
}
];
};
};
};
};
At which point does it fail?
Isn't the data field a duplication of list field? It would be tedious to manage lots of rules.
Describe the bug
This is not precisely a bug afaik, but seems like missing a very important feature. Cannot create rules with "list" types, as it needs to create "data" field from the definitions for it to be able to work, if I am not missing something.
Thanks for getting this beautiful software to nix.
Notify maintainers
@onny