56 lines
1.6 KiB
YAML
56 lines
1.6 KiB
YAML
---
|
|
# TODO: This can likely be restricted even further, especially in regards to the ADD_ONION pattern
|
|
- apparmor-profiles:
|
|
- '/home/amnesia/.local/lib/cwtch/cwtch'
|
|
users:
|
|
- 'amnesia'
|
|
commands:
|
|
AUTHCHALLENGE:
|
|
- 'SAFECOOKIE .*'
|
|
SETEVENTS:
|
|
- 'CIRC WARN ERR'
|
|
- 'CIRC ORCONN INFO NOTICE WARN ERR HS_DESC HS_DESC_CONTENT'
|
|
GETINFO:
|
|
- 'net/listeners/socks'
|
|
- '.*'
|
|
GETCONF:
|
|
- 'DisableNetwork'
|
|
SETCONF:
|
|
- 'DisableNetwork.*'
|
|
ADD_ONION:
|
|
- '.*'
|
|
DEL_ONION:
|
|
- '.+'
|
|
HSFETCH:
|
|
- '.+'
|
|
events:
|
|
CIRC:
|
|
suppress: true
|
|
ORCONN:
|
|
suppress: true
|
|
INFO:
|
|
suppress: true
|
|
NOTICE:
|
|
suppress: true
|
|
WARN:
|
|
suppress: true
|
|
ERR:
|
|
suppress: true
|
|
HS_DESC:
|
|
response:
|
|
- pattern: '650 HS_DESC CREATED (\S+) (\S+) (\S+) \S+ (.+)'
|
|
replacement: '650 HS_DESC CREATED {} {} {} redacted {}'
|
|
- pattern: '650 HS_DESC UPLOAD (\S+) (\S+) .*'
|
|
replacement: '650 HS_DESC UPLOAD {} {} redacted redacted'
|
|
- pattern: '650 HS_DESC UPLOADED (\S+) (\S+) .+'
|
|
replacement: '650 HS_DESC UPLOADED {} {} redacted'
|
|
- pattern: '650 HS_DESC REQUESTED (\S+) NO_AUTH'
|
|
replacement: '650 HS_DESC REQUESTED {} NO_AUTH'
|
|
- pattern: '650 HS_DESC REQUESTED (\S+) NO_AUTH \S+ \S+'
|
|
replacement: '650 HS_DESC REQUESTED {} NO_AUTH redacted redacted'
|
|
- pattern: '650 HS_DESC RECEIVED (\S+) NO_AUTH \S+ \S+'
|
|
replacement: '650 HS_DESC RECEIVED {} NO_AUTH redacted redacted'
|
|
- pattern: '.*'
|
|
replacement: ''
|
|
HS_DESC_CONTENT:
|
|
suppress: true |