Multiple conditions rules

[tetraf]

I would like to specifically allow thunderbird to connect to port 143 on a specific host.

As of now I can allow:

• thunderbird to connect to everywhere
• all softwares to connect to port 143 on all hosts
• all softwares to connect to all ports on a host (or multiple hosts if I use regexp)

[evilsocket]

duplicate of #117

[jkozera]

@tetraf It's not custom JavasSript as per #117 but I needed something similar. So at my fork with https://github.com/jkozera/opensnitch/commit/25e85b05b782ff44de2b4a86d29e8e0d894be98e it is now possible to do what you've asked for, although only by editing .json rule files manually, for instance:

  "operator": {
    "type": "list",
    "operand": "list",
    "list": [
      {
        "type": "regexp",
        "operand": "dest.port",
        "data": "143"
      },
      {
        "type": "simple",
        "operand": "dest.host",
        "data": "somehost"
      },
      {
        "type": "simple",
        "operand": "process.path",
        "data": "path_to_thunderbird"
      }
    ]
  }

(Also note the fork adds support for catching UDP broadcasts with https://github.com/jkozera/opensnitch/commit/78b16fc11c006df4710e5ec6109a0b946a129aa8)