bogdan/zira-etc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

saving uncommitted changes in /etc prior to dnf run

Browse Source
This commit is contained in:
Bogdan Stoica
2023-09-04 09:15:26 +03:00
parent b9d544b9c6
commit dac424ac1f
30 changed files with 766 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
crowdsec/hub/.index.json
View File

@@ -30,7 +30,7 @@
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbQWRHdWFyZEhvbWVdKGh0dHBzOi8vZ2l0aHViLmNvbS9BZGd1YXJkVGVhbS9BZEd1YXJkSG9tZSkgaW5zdGFuY2UgYWdhaW5zdCBjb21tb24gYXR0YWNrcyA6CiAtIEFkR3VhcmRIb21lIHBhcnNlcgogLSBBZEd1YXJkSG9tZSBicnV0ZWZvcmNlIGRldGVjdGlvbgoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCkV4YW1wbGUgYWNxdWlzaXRpb24gZm9yIHRoaXMgY29sbGVjdGlvbiA6CgpJZiB1c2luZyBMT0dfRklMRSBlbnZpcm9ubWVudCB2YXJpYWJsZToKYGBgeWFtbAotLS0KZmlsZW5hbWVzOgogLSAvdmFyL2xvZy9BZEd1YXJkSG9tZS5sb2cKbGFiZWxzOgogIHR5cGU6IGFkZ3VhcmRob21lCmBgYAoKRGlyZWN0bHkgbW9uaXRvcmluZyBEb2NrZXIKYGBgeWFtbAotLS0Kc291cmNlOiBkb2NrZXIKY29udGFpbmVyX25hbWU6CiAtIEFkR3VhcmRIb21lCiNjb250YWluZXJfaWQ6CiMgLSA4NDNlZTkyZDIzMWIKbGFiZWxzOgogIHR5cGU6IGFkZ3VhcmRob21lCmBgYAoKCgoK",
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbQWRHdWFyZEhvbWVdKGh0dHBzOi8vZ2l0aHViLmNvbS9BZGd1YXJkVGVhbS9BZEd1YXJkSG9tZSkgaW5zdGFuY2UgYWdhaW5zdCBjb21tb24gYXR0YWNrcyA6CiAtIEFkR3VhcmRIb21lIHBhcnNlcgogLSBBZEd1YXJkSG9tZSBicnV0ZWZvcmNlIGRldGVjdGlvbgoKIyMgQWRHdWFyZCBIb21lIC0gQ29uZmlndXJhdGlvbgpBZGQgaW50byBBZEd1YXJkSG9tZS55YW1sIHRoZSBmb2xsb3cgYXJndW1lbnRzIChwZXIgZGVmYXVsdCBBZGd1YXJkIHdyaXRlIGludG8gc3Rkb3V0IG9yIHN5c2xvZyBbRG9rdSBBZEd1YXJkIEhvbWVdKGh0dHBzOi8vZ2l0aHViLmNvbS9BZGd1YXJkVGVhbS9BZEd1YXJkSG9tZS93aWtpL0NvbmZpZ3VyYXRpb24jY29tbWFuZC1saW5lKQoKYGBgCmxvZzoKICBmaWxlOiAvdmFyL2xvZy9BZEd1YXJkSG9tZS5sb2cKICB2ZXJib3NlOiBmYWxzZQpgYGAKCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKSWYgdXNpbmcgTE9HX0ZJTEUgZW52aXJvbm1lbnQgdmFyaWFibGU6CmBgYHlhbWwKLS0tCmZpbGVuYW1lczoKIC0gL3Zhci9sb2cvQWRHdWFyZEhvbWUubG9nCmxhYmVsczoKICB0eXBlOiBhZGd1YXJkaG9tZQpgYGAKCkRpcmVjdGx5IG1vbml0b3JpbmcgRG9ja2VyCmBgYHlhbWwKLS0tCnNvdXJjZTogZG9ja2VyCmNvbnRhaW5lcl9uYW1lOgogLSBBZEd1YXJkSG9tZQojY29udGFpbmVyX2lkOgojIC0gODQzZWU5MmQyMzFiCmxhYmVsczoKICB0eXBlOiBhZGd1YXJkaG9tZQpgYGAKCgoKCg==",
"content": "cGFyc2VyczoKICAtIExlUHJlc2lkZW50ZS9hZGd1YXJkaG9tZS1sb2dzCnNjZW5hcmlvczoKICAtIExlUHJlc2lkZW50ZS9hZGd1YXJkaG9tZS1iZgpkZXNjcmlwdGlvbjogIkFkR3VhcmRIb21lIFN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlLWZvcmNlIGRldGVjdGlvbiIKYXV0aG9yOiBMZVByZXNpZGVudGUKdGFnczoKICAtIGxpbnV4CiAgLSBicnV0ZS1mb3JjZQogIC0gQWRHdWFyZEhvbWU=",
"description": "AdGuardHome Support : parser and brute-force detection",
"author": "LePresidente",
@@ -1988,6 +1988,28 @@
"crowdsecurity/iptables-scan-multi_ports"
]
},
"crowdsecurity/wireguard": {
"path": "collections/crowdsecurity/wireguard.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "0fa6e103d2206ee8037012e4c580323fde5bca957e4b8a70eb39e045c01a7d50",
"deprecated": false
}
},
"long_description": "V2hpbHN0IENyb3dkU2VjdXJpdHkgZGVzaWduZWQgdGhpcyBjb2xsZWN0aW9uLCB3ZSBoaWdobHkgZGlzY291cmFnZSB0aGUgdXNlIG9mIGl0IChZZXMgd2Uga25vdyB2ZXJ5IG9kZCkuIFdpcmVndWFyZCBpcyBkZXNpZ25lZCB0byBiZSBoaWdoIHBlcmZvcm1hbnQgYW5kIHNlY3VyZSBieSBkZWZhdWx0IHByb3RvY29sIHVzaW5nIGtleSBwYWlycy4gVGhlIGxvZ3Mgd2VyZSBvbmx5IGRlc2lnbmVkIHRvIGJlIGZvciBkZWJ1Z2dpbmcgcHVycG9zZXMgdGhlbiB0dXJuZWQgYmFjayBvZmYuIElmIGEgdXNlciB3aXNoZXMgdG8gdXNlIHRoaXMgY29sbGVjdGlvbiBnbyBhaGVhZCBidXQgbm8gc3VwcG9ydCB3aWxsIGJlIG9mZmVyZWQgZnJvbSB0aGUgdGVhbSBpZiB5b3UgcnVuIGludG8gaXNzdWVzIHdpdGggd2lyZWd1YXJkIG9yIHRoZSBjb2xsZWN0aW9uLgoKSW4gb3JkZXIgZm9yIENyb3dkU2VjIHRvIGRldGVjdCBhdHRhY2tzIG9uIFdpcmVndWFyZCBpdCBuZWVkcyBsb2dzIGFuZCBzaW5jZSBXaXJlZ3VhcmQgYnkgZGVmYXVsdCBsb2dzIGNsb3NlIHRvIG5vdGhpbmcgd2UgbmVlZCB0byBlbmFibGUgV2lyZWd1YXJkJ3MgZHluZGJnIGxvZ2dpbmcgd2hpY2ggc2VuZHMgbG9nIG1lc3NhZ2VzIHRvIHRoZSBMaW51eCBrZXJuZWwgbWVzc2FnZSBidWZmZXIsIGBrbXNnYC4gClRoZXNlIHdpbGwgYmUgcGlja2VkIHVwIGJ5IHlvdXIgTGludXggZGlzdHJvJ3Mgc3lzbG9nIHNlcnZpY2UgKGF0IGxlYXN0IG9uIERlYmlhbiwgcHJvYmFibHkgYWxzbyBvbiBtb3N0IG90aGVycykgYW5kIGxvZ2dlZCBpbiBgL3Zhci9rZXJuLmxvZ2AuIE9uIG90aGVyIGRpc3Ryb3MgdGhleSB3aWxsIGJlIGxvZ2dlZCB0byBgL3Zhci9sb2cvbWVzc2FnZXNgLgoKVG8gZW5hYmxlIFdpcmVndWFyZCdzIGR5bmRiZyBsb2dnaW5nOgpgYGBjb25zb2xlCiQgc3VkbyBtb2Rwcm9iZSB3aXJlZ3VhcmQKJCBlY2hvIG1vZHVsZSB3aXJlZ3VhcmQgK3AgfCBzdWRvIHRlZSAvc3lzL2tlcm5lbC9kZWJ1Zy9keW5hbWljX2RlYnVnL2NvbnRyb2wKYGBgCgpNb3JlIGRldGFpbHMgb24gd2hhdCB3ZSdyZSBsb29raW5nIGZvciwgd2h5IGFuZCBvdGhlciB3YXlzIHRvIGRvIGxvZ2dpbmcgb24gV2lyZWd1YXJkLCBwbGVhc2UgZ28gdG86Cmh0dHBzOi8vd3d3LnByb2N1c3RvZGlidXMuY29tL2Jsb2cvMjAyMS8wMy93aXJlZ3VhcmQtbG9ncy8K",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvd2lyZWd1YXJkLWxvZ3MKICAtIGNyb3dkc2VjdXJpdHkvc3lzbG9nLWxvZ3MKc2NlbmFyaW9zOgogIC0gY3Jvd2RzZWN1cml0eS93aXJlZ3VhcmQtYXV0aApkZXNjcmlwdGlvbjogIndpcmVndWFyZCBhdXRoIGRldGVjdGlvbiIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSBsaW51eAogIC0gd2lyZWd1YXJkCiAgLSB2cG4K",
"description": "wireguard auth detection",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/wireguard-logs",
"crowdsecurity/syslog-logs"
],
"scenarios": [
"crowdsecurity/wireguard-auth"
]
},
"crowdsecurity/wordpress": {
"path": "collections/crowdsecurity/wordpress.yaml",
"version": "0.4",
@@ -2804,7 +2826,7 @@
"andreasbrett/paperless-ngx-logs": {
"path": "parsers/s01-parse/andreasbrett/paperless-ngx-logs.yaml",
"stage": "s01-parse",
"version": "0.3",
"version": "0.4",
"versions": {
"0.1": {
"digest": "9e0192bcc89e1050c982852c611d23f4ca781c4c201a094f11a5a2f4055f47f6",
@@ -2817,10 +2839,14 @@
"0.3": {
"digest": "85ecad2a725e827e4d340f312cf8419203264bf2092c7eaa5c78dac618d10cbd",
"deprecated": false
},
"0.4": {
"digest": "21d1dff2e2d42b5aa2c24e30f7d761d141afcc64706b3a24efbe5ddd528b605f",
"deprecated": false
}
},
"long_description": "UGFyc2VyIGZvciBbUGFwZXJsZXNzLW5neF0oaHR0cHM6Ly9naXRodWIuY29tL3BhcGVybGVzcy1uZ3gvcGFwZXJsZXNzLW5neCkgTG9ncy4KCmBgYHlhbWwKLS0tCmZpbGVuYW1lczoKICAgIC0gL3Zhci9sb2cvcGFwZXJsZXNzLmxvZwpsYWJlbHM6CiAgICB0eXBlOiBQYXBlcmxlc3Mtbmd4CmBgYAo=",
"content": "b25zdWNjZXNzOiBuZXh0X3N0YWdlCmZpbHRlcjogIlVwcGVyKGV2dC5QYXJzZWQucHJvZ3JhbSkgPT0gJ1BBUEVSTEVTUy1OR1gnIgpuYW1lOiBhbmRyZWFzYnJldHQvcGFwZXJsZXNzLW5neC1sb2dzCmRlc2NyaXB0aW9uOiAiUGFyc2UgcGFwZXJsZXNzLW5neCBsb2dzIgpwYXR0ZXJuX3N5bnRheDoKICAgIERBVEVfWU1EOiAiJXtZRUFSOnllYXJ9LSV7TU9OVEhOVU06bW9udGh9LSV7TU9OVEhEQVk6ZGF5fSIKbm9kZXM6CiAgICAtIGdyb2s6CiAgICAgICAgICAjIFBhcGVybGVzcy1uZ3ggdjEuMTQuMCB0byB2MS4xNi41CiAgICAgICAgICBwYXR0ZXJuOiAnXlxbJXtEQVRFX1lNRDpkYXRlfSAle1RJTUU6dGltZX1cXSBcW0lORk9cXSBcW3BhcGVybGVzc1wuYXV0aFxdIExvZ2luIGZhaWxlZCBmb3IgdXNlciBgJXtVU0VSTkFNRTp1c2VybmFtZX1gIGZyb20gKHByaXZhdGUgKT9JUCBgJXtJUDpzb3VyY2VfaXB9XC5gJCcKICAgICAgICAgIGFwcGx5X29uOiBtZXNzYWdlCiAgICAgICAgICBzdGF0aWNzOgogICAgICAgICAgICAgIC0gbWV0YTogbG9nX3R5cGUKICAgICAgICAgICAgICAgIHZhbHVlOiBwYXBlcmxlc3Nfbmd4X2ZhaWxlZF9hdXRoCiAgICAgICAgICAgICAgLSBtZXRhOiB1c2VybmFtZQogICAgICAgICAgICAgICAgZXhwcmVzc2lvbjogZXZ0LlBhcnNlZC51c2VybmFtZQogICAgLSBncm9rOgogICAgICAgICAgIyBQYXBlcmxlc3Mtbmd4IHYxLjE2LjYrCiAgICAgICAgICBwYXR0ZXJuOiAnXlxbJXtEQVRFX1lNRDpkYXRlfSAle1RJTUU6dGltZX1cXSBcW0lORk9cXSBcW3BhcGVybGVzc1wuYXV0aFxdIExvZ2luIGZhaWxlZCBmb3IgdXNlciBgJXtVU0VSTkFNRTp1c2VybmFtZX1gIGZyb20gKHByaXZhdGUgKT9JUCBgJXtJUDpzb3VyY2VfaXB9YFwuJCcKICAgICAgICAgIGFwcGx5X29uOiBtZXNzYWdlCiAgICAgICAgICBzdGF0aWNzOgogICAgICAgICAgICAgIC0gbWV0YTogbG9nX3R5cGUKICAgICAgICAgICAgICAgIHZhbHVlOiBwYXBlcmxlc3Nfbmd4X2ZhaWxlZF9hdXRoCiAgICAgICAgICAgICAgLSBtZXRhOiB1c2VybmFtZQogICAgICAgICAgICAgICAgZXhwcmVzc2lvbjogZXZ0LlBhcnNlZC51c2VybmFtZQoKc3RhdGljczoKICAgIC0gbWV0YTogc2VydmljZQogICAgICB2YWx1ZTogcGFwZXJsZXNzLW5neAogICAgLSBtZXRhOiBzb3VyY2VfaXAKICAgICAgZXhwcmVzc2lvbjogImV2dC5QYXJzZWQuc291cmNlX2lwIgogICAgLSB0YXJnZXQ6IGV2dC5TdHJUaW1lCiAgICAgIGV4cHJlc3Npb246ICJldnQuUGFyc2VkLmRhdGUgKyAnICcgKyBldnQuUGFyc2VkLnRpbWUiCg==",
"content": "b25zdWNjZXNzOiBuZXh0X3N0YWdlCmZpbHRlcjogIlVwcGVyKGV2dC5QYXJzZWQucHJvZ3JhbSkgPT0gJ1BBUEVSTEVTUy1OR1gnIgpuYW1lOiBhbmRyZWFzYnJldHQvcGFwZXJsZXNzLW5neC1sb2dzCmRlc2NyaXB0aW9uOiAiUGFyc2UgcGFwZXJsZXNzLW5neCBsb2dzIgpwYXR0ZXJuX3N5bnRheDoKICAgIERBVEVfWU1EOiAiJXtZRUFSOnllYXJ9LSV7TU9OVEhOVU06bW9udGh9LSV7TU9OVEhEQVk6ZGF5fSIKbm9kZXM6CiAgICAtIGdyb2s6CiAgICAgICAgICAjIFBhcGVybGVzcy1uZ3ggdjEuMTQuMCB0byB2MS4xNi41CiAgICAgICAgICBwYXR0ZXJuOiAnXFsle0RBVEVfWU1EOmRhdGV9ICV7VElNRTp0aW1lfVxdIFxbSU5GT1xdIFxbcGFwZXJsZXNzXC5hdXRoXF0gTG9naW4gZmFpbGVkIGZvciB1c2VyIGAle1VTRVJOQU1FOnVzZXJuYW1lfWAgZnJvbSAocHJpdmF0ZSApP0lQIGAle0lQOnNvdXJjZV9pcH1cLmAnCiAgICAgICAgICBhcHBseV9vbjogbWVzc2FnZQogICAgICAgICAgc3RhdGljczoKICAgICAgICAgICAgICAtIG1ldGE6IGxvZ190eXBlCiAgICAgICAgICAgICAgICB2YWx1ZTogcGFwZXJsZXNzX25neF9mYWlsZWRfYXV0aAogICAgICAgICAgICAgIC0gbWV0YTogdXNlcm5hbWUKICAgICAgICAgICAgICAgIGV4cHJlc3Npb246IGV2dC5QYXJzZWQudXNlcm5hbWUKICAgIC0gZ3JvazoKICAgICAgICAgICMgUGFwZXJsZXNzLW5neCB2MS4xNi42KwogICAgICAgICAgcGF0dGVybjogJ1xbJXtEQVRFX1lNRDpkYXRlfSAle1RJTUU6dGltZX1cXSBcW0lORk9cXSBcW3BhcGVybGVzc1wuYXV0aFxdIExvZ2luIGZhaWxlZCBmb3IgdXNlciBgJXtVU0VSTkFNRTp1c2VybmFtZX1gIGZyb20gKHByaXZhdGUgKT9JUCBgJXtJUDpzb3VyY2VfaXB9YFwuJwogICAgICAgICAgYXBwbHlfb246IG1lc3NhZ2UKICAgICAgICAgIHN0YXRpY3M6CiAgICAgICAgICAgICAgLSBtZXRhOiBsb2dfdHlwZQogICAgICAgICAgICAgICAgdmFsdWU6IHBhcGVybGVzc19uZ3hfZmFpbGVkX2F1dGgKICAgICAgICAgICAgICAtIG1ldGE6IHVzZXJuYW1lCiAgICAgICAgICAgICAgICBleHByZXNzaW9uOiBldnQuUGFyc2VkLnVzZXJuYW1lCgpzdGF0aWNzOgogICAgLSBtZXRhOiBzZXJ2aWNlCiAgICAgIHZhbHVlOiBwYXBlcmxlc3Mtbmd4CiAgICAtIG1ldGE6IHNvdXJjZV9pcAogICAgICBleHByZXNzaW9uOiAiZXZ0LlBhcnNlZC5zb3VyY2VfaXAiCiAgICAtIHRhcmdldDogZXZ0LlN0clRpbWUKICAgICAgZXhwcmVzc2lvbjogImV2dC5QYXJzZWQuZGF0ZSArICcgJyArIGV2dC5QYXJzZWQudGltZSIK",
"description": "Parse paperless-ngx logs",
"author": "andreasbrett",
"labels": null
@@ -3240,7 +3266,7 @@
"crowdsecurity/endlessh-logs": {
"path": "parsers/s01-parse/crowdsecurity/endlessh-logs.yaml",
"stage": "s01-parse",
"version": "0.2",
"version": "0.3",
"versions": {
"0.1": {
"digest": "dc1affad319badddf95ad1a16bf633b6fd70ed02db0e490dc0540eef47576f2a",
@@ -3249,9 +3275,13 @@
"0.2": {
"digest": "ca022caa2de3a13101bea25006686a4d92ffb0e7bd558e44d215f481526632f1",
"deprecated": false
},
"0.3": {
"digest": "ebb816832a32b98dca8e15f402c30c1010cf5ad1ebc2b1f910f74f40fd115902",
"deprecated": false
}
},
"content": "b25zdWNjZXNzOiBuZXh0X3N0YWdlCmZpbHRlcjogImV2dC5MaW5lLkxhYmVscy50eXBlID09ICdlbmRsZXNzaCciCm5hbWU6IGNyb3dkc2VjdXJpdHkvZW5kbGVzc2gtbG9ncwpkZXNjcmlwdGlvbjogIlBhcnNlIEVuZGxlc3NoIGxvZ3MiCnBhdHRlcm5fc3ludGF4OgogIEVORExFU1NIX0FDQ0VQVF9WNDogIiV7VElNRVNUQU1QX0lTTzg2MDE6dGltZXN0YW1wfSBBQ0NFUFQgaG9zdD0oOjpmZmZmOik/JXtJUFY0OnNvdXJjZV9pcH0gIgogIEVORExFU1NIX0FDQ0VQVF9WNjogIiV7VElNRVNUQU1QX0lTTzg2MDE6dGltZXN0YW1wfSBBQ0NFUFQgaG9zdD0le0lQVjY6c291cmNlX2lwfSAiCm5vZGVzOgogIC0gZ3JvazoKICAgICAgbmFtZTogIkVORExFU1NIX0FDQ0VQVF9WNCIKICAgICAgYXBwbHlfb246IExpbmUuUmF3CiAgICAgIHN0YXRpY3M6CiAgICAgICAgLSBtZXRhOiBsb2dfdHlwZQogICAgICAgICAgdmFsdWU6IGVuZGxlc3NoX2FjY2VwdAogIC0gZ3JvazoKICAgICAgbmFtZTogIkVORExFU1NIX0FDQ0VQVF9WNiIKICAgICAgYXBwbHlfb246IExpbmUuUmF3CiAgICAgIHN0YXRpY3M6CiAgICAgICAgLSBtZXRhOiBsb2dfdHlwZQogICAgICAgICAgdmFsdWU6IGVuZGxlc3NoX2FjY2VwdApzdGF0aWNzOgogIC0gbWV0YTogc2VydmljZQogICAgdmFsdWU6IGVuZGxlc3NoCiAgLSB0YXJnZXQ6IGV2dC5TdHJUaW1lCiAgICBleHByZXNzaW9uOiBldnQuUGFyc2VkLnRpbWVzdGFtcAogIC0gbWV0YTogc291cmNlX2lwCiAgICBleHByZXNzaW9uOiAiZXZ0LlBhcnNlZC5zb3VyY2VfaXAiCg==",
"content": "b25zdWNjZXNzOiBuZXh0X3N0YWdlCmZpbHRlcjogImV2dC5QYXJzZWQucHJvZ3JhbSA9PSAnZW5kbGVzc2gnIgpuYW1lOiBjcm93ZHNlY3VyaXR5L2VuZGxlc3NoLWxvZ3MKZGVzY3JpcHRpb246ICJQYXJzZSBFbmRsZXNzaCBsb2dzIgpwYXR0ZXJuX3N5bnRheDoKICBFTkRMRVNTSF9BQ0NFUFRfVjQ6ICIle1RJTUVTVEFNUF9JU084NjAxOnRpbWVzdGFtcH0/IEFDQ0VQVCBob3N0PSg6OmZmZmY6KT8le0lQVjQ6c291cmNlX2lwfSAiCiAgRU5ETEVTU0hfQUNDRVBUX1Y2OiAiJXtUSU1FU1RBTVBfSVNPODYwMTp0aW1lc3RhbXB9PyBBQ0NFUFQgaG9zdD0le0lQVjY6c291cmNlX2lwfSAiCm5vZGVzOgogIC0gZ3JvazoKICAgICAgbmFtZTogIkVORExFU1NIX0FDQ0VQVF9WNCIKICAgICAgYXBwbHlfb246IExpbmUuUmF3CiAgICAgIHN0YXRpY3M6CiAgICAgICAgLSBtZXRhOiBsb2dfdHlwZQogICAgICAgICAgdmFsdWU6IGVuZGxlc3NoX2FjY2VwdAogIC0gZ3JvazoKICAgICAgbmFtZTogIkVORExFU1NIX0FDQ0VQVF9WNiIKICAgICAgYXBwbHlfb246IExpbmUuUmF3CiAgICAgIHN0YXRpY3M6CiAgICAgICAgLSBtZXRhOiBsb2dfdHlwZQogICAgICAgICAgdmFsdWU6IGVuZGxlc3NoX2FjY2VwdApzdGF0aWNzOgogIC0gbWV0YTogc2VydmljZQogICAgdmFsdWU6IGVuZGxlc3NoCiAgLSB0YXJnZXQ6IGV2dC5TdHJUaW1lCiAgICBleHByZXNzaW9uOiBldnQuUGFyc2VkLnRpbWVzdGFtcAogIC0gbWV0YTogc291cmNlX2lwCiAgICBleHByZXNzaW9uOiAiZXZ0LlBhcnNlZC5zb3VyY2VfaXAiCg==",
"description": "Parse Endlessh logs",
"author": "crowdsecurity",
"labels": null
@@ -3556,7 +3586,7 @@
"crowdsecurity/iptables-logs": {
"path": "parsers/s01-parse/crowdsecurity/iptables-logs.yaml",
"stage": "s01-parse",
"version": "0.4",
"version": "0.5",
"versions": {
"0.1": {
"digest": "00076ea5d8fa862aeb6bb48890d84d9e2763bfc332a635eab884c0a3069fcccd",
@@ -3573,10 +3603,14 @@
"0.4": {
"digest": "da4ae251f648770b336f709fbae8bcbaae86963cb3d4ff2a6f7545f098c4f65d",
"deprecated": false
},
"0.5": {
"digest": "398c9029f54160a021e2a65ce649ed4c9673549321f9b2b72aca9cc548a7706f",
"deprecated": false
}
},
"long_description": "QSBwYXJzZXIgZm9yIGlwdGFibGVzIGAtaiBMT0dgIGxvZ3MgOgoKIC0gT25seSBwYXJzZSBrZXJuZWwgbWVzc2FnZXMgY29udGFpbmluZyBgSU49YAogLSBTa2lwIGxpbmVzIGlmIGRlY2lzaW9ucyBpcyBgQUNDRVBUYAogLSBBbGwgcGFyc2VkIGBUQ1BgIGFuZCBgVURQYCBwYWNrZXRzIGFyZSBjb25zaWRlcmVkIGFzIERST1BzLgogLSBJQ01QIHBhY2tldHMgYXJlIHBhcnNlZCBhbmQgc2V0cyB0aGUgZm9sbG93aW5nIG1ldGEgYXR0cmlidXRlczogKE5vdGUgd2UgZG8gbm90IGhhdmUgc2NlbmFyaW9zIGFyb3VuZCBJQ01QIGFzIHRoZXkgYXJlIEZQcyBwcm9uZSkKICAgLSBgaWNtcF90eXBlYAogICAtIGBpY21wX2NvZGVgCi0gSWYgeW91IHdpc2ggdG8gY29kZSB5b3VyIG93biBzY2VuYXJpb3MgYXJvdW5kIElDTVAsIHlvdSBjYW4gdXNlIHRoZSBmb2xsb3dpbmcgW2xpbmsgYXMgYSByZWZlcmVuY2VdKGh0dHBzOi8vd3d3LmlhbmEub3JnL2Fzc2lnbm1lbnRzL2ljbXAtcGFyYW1ldGVycy9pY21wLXBhcmFtZXRlcnMueGh0bWwpLiBQbGVhc2Ugbm90ZSB5b3UgYXJlIHNvbGVseSByZXNwb25zaWJsZSBmb3IgdGhlIHNjZW5hcmlvcyB5b3Ugd3JpdGUuCgoKVG8gbWFrZSB0aGlzIHBhcnNlciByZWxldmFudCwgeW91IHNob3VsZCBoYXZlIGEgYGlwdGFibGVzIC1BIElOUFVUICAtbSBzdGF0ZSAtLXN0YXRlIE5FVyAtaiBMT0dgIG9yIHNpbWlsYXIgaW50byB5b3VyIGNvbmZpZ3VyYXRpb24uIFRoaXMgb25lIHdpbGwgbG9nIGFsbCBuZXcgY29ubmVjdGlvbnMsIHN1Y2Nlc3NmdWwgb3Igbm90LgoK",
"content": "b25zdWNjZXNzOiBuZXh0X3N0YWdlCiNkZWJ1ZzogdHJ1ZQpmaWx0ZXI6ICJldnQuUGFyc2VkLnByb2dyYW0gPT0gJ2tlcm5lbCcgYW5kIGV2dC5QYXJzZWQubWVzc2FnZSBjb250YWlucyAnSU49JyBhbmQgbm90IChldnQuUGFyc2VkLm1lc3NhZ2UgY29udGFpbnMgJ0FDQ0VQVCcpIgpuYW1lOiBjcm93ZHNlY3VyaXR5L2lwdGFibGVzLWxvZ3MKZGVzY3JpcHRpb246ICJQYXJzZSBpcHRhYmxlcyBkcm9wIGxvZ3MiCnN0YXRpY3M6CiAgLSBwYXJzZWQ6IHVudXNlZCAjdGhpcyBpcyBuZXZlciB1c2VkIHNldHRpbmcgdG8gcmFuZG9tIHZhcgogICAgZXhwcmVzc2lvbjogUGFyc2VLVihldnQuUGFyc2VkLm1lc3NhZ2UsIGV2dC5Vbm1hcnNoYWxlZCwgImlwdGFibGVzIikKICAtIG1ldGE6IHNlcnZpY2UKICAgIGV4cHJlc3Npb246IExvd2VyKGV2dC5Vbm1hcnNoYWxlZC5pcHRhYmxlcy5QUk9UTykKICAtIG1ldGE6IGxvZ190eXBlCiAgICBleHByZXNzaW9uOiAnZXZ0Lk1ldGEuc2VydmljZSBpbiBbInRjcCIsICJ1ZHAiXSA/ICJpcHRhYmxlc19kcm9wIiA6ICIiJwogIC0gbWV0YTogaWNtcF90eXBlCiAgICBleHByZXNzaW9uOiBldnQuVW5tYXJzaGFsZWQuaXB0YWJsZXMuVFlQRQogIC0gbWV0YTogaWNtcF9jb2RlCiAgICBleHByZXNzaW9uOiBldnQuVW5tYXJzaGFsZWQuaXB0YWJsZXMuQ09ERQogIC0gbWV0YTogc291cmNlX2lwCiAgICBleHByZXNzaW9uOiAiZXZ0LlVubWFyc2hhbGVkLmlwdGFibGVzLlNSQyIKIyMgRm9yIGJhY2twb3J0aW5nIHJlYXNvbiBhbGwgcHJldmlvdXMgdmFyaWFibGVzIHdpbGwgYmUgcmVwYXJzZWQgb3V0IHRvIHRoZSBwYXJzZWQgb2JqZWN0CiAgLSBwYXJzZWQ6IGRzdF9wb3J0CiAgICBleHByZXNzaW9uOiBldnQuVW5tYXJzaGFsZWQuaXB0YWJsZXMuRFBUCiAgLSBwYXJzZWQ6IGludF9ldGgKICAgIGV4cHJlc3Npb246IGV2dC5Vbm1hcnNoYWxlZC5pcHRhYmxlcy5JTgogIC0gcGFyc2VkOiBzcmNfaXAKICAgIGV4cHJlc3Npb246IGV2dC5Vbm1hcnNoYWxlZC5pcHRhYmxlcy5TUkMKICAtIHBhcnNlZDogZHN0X2lwCiAgICBleHByZXNzaW9uOiBldnQuVW5tYXJzaGFsZWQuaXB0YWJsZXMuRFNUCiAgLSBwYXJzZWQ6IGxlbmd0aAogICAgZXhwcmVzc2lvbjogZXZ0LlVubWFyc2hhbGVkLmlwdGFibGVzLkxFTgogIC0gcGFyc2VkOiBwcm90bwogICAgZXhwcmVzc2lvbjogZXZ0LlVubWFyc2hhbGVkLmlwdGFibGVzLlBST1RPCiAgLSBwYXJzZWQ6IHNyY19wb3J0CiAgICBleHByZXNzaW9uOiBldnQuVW5tYXJzaGFsZWQuaXB0YWJsZXMuU1BU",
"content": "b25zdWNjZXNzOiBuZXh0X3N0YWdlCiNkZWJ1ZzogdHJ1ZQpmaWx0ZXI6ICJldnQuUGFyc2VkLnByb2dyYW0gPT0gJ2tlcm5lbCcgYW5kIGV2dC5QYXJzZWQubWVzc2FnZSBjb250YWlucyAnSU49JyBhbmQgbm90IChldnQuUGFyc2VkLm1lc3NhZ2UgY29udGFpbnMgJ0FDQ0VQVCcpIgpuYW1lOiBjcm93ZHNlY3VyaXR5L2lwdGFibGVzLWxvZ3MKZGVzY3JpcHRpb246ICJQYXJzZSBpcHRhYmxlcyBkcm9wIGxvZ3MiCnN0YXRpY3M6CiAgLSBwYXJzZWQ6IHVudXNlZCAjdGhpcyBpcyBuZXZlciB1c2VkIHNldHRpbmcgdG8gcmFuZG9tIHZhcgogICAgZXhwcmVzc2lvbjogUGFyc2VLVihldnQuUGFyc2VkLm1lc3NhZ2UsIGV2dC5Vbm1hcnNoYWxlZCwgImlwdGFibGVzIikKICAtIG1ldGE6IHNlcnZpY2UKICAgIGV4cHJlc3Npb246IExvd2VyKGV2dC5Vbm1hcnNoYWxlZC5pcHRhYmxlcy5QUk9UTykKICAtIG1ldGE6IGxvZ190eXBlCiAgICBleHByZXNzaW9uOiAnZXZ0Lk1ldGEuc2VydmljZSBpbiBbInRjcCIsICJ1ZHAiXSAmJiBldnQuVW5tYXJzaGFsZWQuaXB0YWJsZXMuT1VUID09ICIiID8gImlwdGFibGVzX2Ryb3AiIDogIiInCiAgLSBtZXRhOiBpY21wX3R5cGUKICAgIGV4cHJlc3Npb246IGV2dC5Vbm1hcnNoYWxlZC5pcHRhYmxlcy5UWVBFCiAgLSBtZXRhOiBpY21wX2NvZGUKICAgIGV4cHJlc3Npb246IGV2dC5Vbm1hcnNoYWxlZC5pcHRhYmxlcy5DT0RFCiAgLSBtZXRhOiBzb3VyY2VfaXAKICAgIGV4cHJlc3Npb246ICJldnQuVW5tYXJzaGFsZWQuaXB0YWJsZXMuU1JDIgojIyBGb3IgYmFja3BvcnRpbmcgcmVhc29uIGFsbCBwcmV2aW91cyB2YXJpYWJsZXMgd2lsbCBiZSByZXBhcnNlZCBvdXQgdG8gdGhlIHBhcnNlZCBvYmplY3QKICAtIHBhcnNlZDogZHN0X3BvcnQKICAgIGV4cHJlc3Npb246IGV2dC5Vbm1hcnNoYWxlZC5pcHRhYmxlcy5EUFQKICAtIHBhcnNlZDogaW50X2V0aAogICAgZXhwcmVzc2lvbjogZXZ0LlVubWFyc2hhbGVkLmlwdGFibGVzLklOCiAgLSBwYXJzZWQ6IHNyY19pcAogICAgZXhwcmVzc2lvbjogZXZ0LlVubWFyc2hhbGVkLmlwdGFibGVzLlNSQwogIC0gcGFyc2VkOiBkc3RfaXAKICAgIGV4cHJlc3Npb246IGV2dC5Vbm1hcnNoYWxlZC5pcHRhYmxlcy5EU1QKICAtIHBhcnNlZDogbGVuZ3RoCiAgICBleHByZXNzaW9uOiBldnQuVW5tYXJzaGFsZWQuaXB0YWJsZXMuTEVOCiAgLSBwYXJzZWQ6IHByb3RvCiAgICBleHByZXNzaW9uOiBldnQuVW5tYXJzaGFsZWQuaXB0YWJsZXMuUFJPVE8KICAtIHBhcnNlZDogc3JjX3BvcnQKICAgIGV4cHJlc3Npb246IGV2dC5Vbm1hcnNoYWxlZC5pcHRhYmxlcy5TUFQK",
"description": "Parse iptables drop logs",
"author": "crowdsecurity",
"labels": null
@@ -4646,6 +4680,22 @@
"author": "crowdsecurity",
"labels": null
},
"crowdsecurity/wireguard-logs": {
"path": "parsers/s01-parse/crowdsecurity/wireguard-logs.yaml",
"stage": "s01-parse",
"version": "0.1",
"versions": {
"0.1": {
"digest": "fa206b8f4bed11951bf44f85790c87c9eebd410c1ab623347cbe6ebf64274229",
"deprecated": false
}
},
"long_description": "SW4gb3JkZXIgZm9yIENyb3dkU2VjIHRvIGRldGVjdCBhdHRhY2tzIG9uIFdpcmVndWFyZCBpdCBuZWVkcyBsb2dzIGFuZCBzaW5jZSBXaXJlZ3VhcmQgYnkgZGVmYXVsdCBsb2dzIGNsb3NlIHRvIG5vdGhpbmcgd2UgbmVlZCB0byBlbmFibGUgV2lyZWd1YXJkJ3MgZHluZGJnIGxvZ2dpbmcgd2hpY2ggc2VuZHMgbG9nIG1lc3NhZ2VzIHRvIHRoZSBMaW51eCBrZXJuZWwgbWVzc2FnZSBidWZmZXIsIGBrbXNnYC4gClRoZXNlIHdpbGwgYmUgcGlja2VkIHVwIGJ5IHlvdXIgTGludXggZGlzdHJvJ3Mgc3lzbG9nIHNlcnZpY2UgKGF0IGxlYXN0IG9uIERlYmlhbiwgcHJvYmFibHkgYWxzbyBvbiBtb3N0IG90aGVycykgYW5kIGxvZ2dlZCBpbiBgL3Zhci9rZXJuLmxvZ2AuIE9uIG90aGVyIGRpc3Ryb3MgdGhleSB3aWxsIGJlIGxvZ2dlZCB0byBgL3Zhci9sb2cvbWVzc2FnZXNgLgoKVG8gZW5hYmxlIFdpcmVndWFyZCdzIGR5bmRiZyBsb2dnaW5nOgpgYGBjb25zb2xlCiQgc3VkbyBtb2Rwcm9iZSB3aXJlZ3VhcmQKJCBlY2hvIG1vZHVsZSB3aXJlZ3VhcmQgK3AgfCBzdWRvIHRlZSAvc3lzL2tlcm5lbC9kZWJ1Zy9keW5hbWljX2RlYnVnL2NvbnRyb2wKYGBgCgpNb3JlIGRldGFpbHMgb24gd2hhdCB3ZSdyZSBsb29raW5nIGZvciwgd2h5IGFuZCBvdGhlciB3YXlzIHRvIGRvIGxvZ2dpbmcgb24gV2lyZWd1YXJkLCBwbGVhc2UgZ28gdG86Cmh0dHBzOi8vd3d3LnByb2N1c3RvZGlidXMuY29tL2Jsb2cvMjAyMS8wMy93aXJlZ3VhcmQtbG9ncy8=",
"content": "ZmlsdGVyOiAiZXZ0LlBhcnNlZC5wcm9ncmFtID09ICdrZXJuZWwnIGFuZCBldnQuUGFyc2VkLm1lc3NhZ2UgY29udGFpbnMgJ3dpcmVndWFyZDonIgojZGVidWc6IHRydWUKb25zdWNjZXNzOiBuZXh0X3N0YWdlCm5hbWU6IGNyb3dkc2VjdXJpdHkvd2lyZWd1YXJkLWxvZ3MKZGVzY3JpcHRpb246ICJQYXJzZXMgd2lyZWd1YXJkIGxvZyB2aWEgZHluZGJnIgpwYXR0ZXJuX3N5bnRheDoKICBXSVJFR1VBUkRfSU5WQUxJRF9IQU5EU0hBS0U6ICd3aXJlZ3VhcmQ6IHdnJXtJTlR9OiBQYWNrZXQgaGFzIHVuYWxsb3dlZCBzcmMgSVAgXCgle0lQfVwpIGZyb20gcGVlciAle0lOVH0gXCgle0lQOnNvdXJjZV9pcH06JXtJTlR9XCknCiAgV0lSRUdVQVJEX1VOQVVUSE9SSVpFRF9QQUNLRVQ6ICd3aXJlZ3VhcmQ6IHdnJXtJTlR9OiBJbnZhbGlkIGhhbmRzaGFrZSBpbml0aWF0aW9uIGZyb20gJXtJUDpzb3VyY2VfaXB9OiV7SU5UfScKbm9kZXM6CiAtIGdyb2s6CiAgICAgbmFtZTogIldJUkVHVUFSRF9JTlZBTElEX0hBTkRTSEFLRSIKICAgICBhcHBseV9vbjogbWVzc2FnZQogICAgIHN0YXRpY3M6CiAgICAgICAtIG1ldGE6IGxvZ190eXBlCiAgICAgICAgIHZhbHVlOiB3aXJlZ3VhcmRfZmFpbGVkX2F1dGgKICAgICAgIC0gbWV0YTogbG9nX3N1YnR5cGUKICAgICAgICAgdmFsdWU6IHdpcmVndWFyZF9pbnZhbGlkX2hhbmRzaGFrZQogLSBncm9rOgogICAgIG5hbWU6ICJXSVJFR1VBUkRfVU5BVVRIT1JJWkVEX1BBQ0tFVCIKICAgICBhcHBseV9vbjogbWVzc2FnZQogICAgIHN0YXRpY3M6CiAgICAgICAtIG1ldGE6IGxvZ190eXBlCiAgICAgICAgIHZhbHVlOiB3aXJlZ3VhcmRfZmFpbGVkX2F1dGgKICAgICAgIC0gbWV0YTogbG9nX3N1YnR5cGUKICAgICAgICAgdmFsdWU6IHdpcmVndWFyZF91bmF1dGhvcml6ZWRfcGFja2V0CgpzdGF0aWNzOgogLSBtZXRhOiBzZXJ2aWNlCiAgIHZhbHVlOiB3aXJlZ3VhcmQKIC0gbWV0YTogc291cmNlX2lwCiAgIGV4cHJlc3Npb246ICJldnQuUGFyc2VkLnNvdXJjZV9pcCI=",
"description": "Parses wireguard log via dyndbg",
"author": "crowdsecurity",
"labels": null
},
"firewallservices/lemonldap-ng": {
"path": "parsers/s01-parse/firewallservices/lemonldap-ng.yaml",
"stage": "s01-parse",
@@ -4665,7 +4715,7 @@
"firewallservices/pf-logs": {
"path": "parsers/s01-parse/firewallservices/pf-logs.yaml",
"stage": "s01-parse",
"version": "0.4",
"version": "0.5",
"versions": {
"0.1": {
"digest": "2c0bd0180b9e018fea93d65782840ddd6927c1992072734b68cd03b9877d6529",
@@ -4682,10 +4732,14 @@
"0.4": {
"digest": "13257da36d5003ab8f212c94fa8fc7f5249ef95341602a25d324a4a1416843e1",
"deprecated": false
},
"0.5": {
"digest": "934d874b2811c83374a3555cbeefcb7f60d43a64e30c990f2c26c2b368d9e044",
"deprecated": false
}
},
"long_description": "UGFyc2VzIHRoZSBwYWNrZXQgZmlsdGVyIGxvZ3Mgd2hpY2ggYXJlIGdlbmVyYXRlZCBieSBwZlNlbnNlIGFuZCBPUE5zZW5zZSBhbmQgb3RoZXIgRnJlZUJTRCBhbmQgT3BlbkJTRCBzeXN0ZW1zLgo=",
"content": "IyBGb3IgbW9yZSBpbmZvcm1hdGlvbiBzZWUKIyBodHRwczovL2dpdGh1Yi5jb20vb3Buc2Vuc2UvcG9ydHMvYmxvYi9tYXN0ZXIvb3Buc2Vuc2UvZmlsdGVybG9nL2ZpbGVzL2Rlc2NyaXB0aW9uLnR4dAojIGFuZAojIGh0dHBzOi8vZG9jcy5uZXRnYXRlLmNvbS9wZnNlbnNlL2VuL2xhdGVzdC9tb25pdG9yaW5nL2xvZ3MvcmF3LWZpbHRlci1mb3JtYXQuaHRtbApmaWx0ZXI6ICJldnQuUGFyc2VkLnByb2dyYW0gPT0gJ2ZpbHRlcmxvZycgb3IgZXZ0LlBhcnNlZC5tZXNzYWdlIG1hdGNoZXMgJ15maWx0ZXJsb2c6JyIKbmFtZTogZmlyZXdhbGxzZXJ2aWNlcy9wZi1sb2dzCmRlc2NyaXB0aW9uOiAiUGFyc2UgcGFja2V0IGZpbHRlciBsb2dzIgpmb3JtYXQ6IDIuMApwYXR0ZXJuX3N5bnRheDoKICAjIFdPUkQgaW5jbHVkaW5nIHNwZWNpYWwgY2hhcmFjdGVycwogIFBGX1dPUkQ6ICcle1VTRVJOQU1FfScKICAKICAjIHJ1bGVuciwgc3VicnVsZW5yLCBhbmNob3JuYW1lLCBsYWJlbCB8ICIwIiwgaW50ZXJmYWNlLCByZWFzb24sIGFjdGlvbiwgZGlyCiAgUEZfQkFTRTogJyV7SU5UOnJ1bGV9LCgle0lOVDpzdWJfcnVsZX0pPywoJXtXT1JEOmFuY2hvcm5hbWV9KT8sKCV7V09SRDp0cmFja2VyfXwgMCksJXtQRl9XT1JEOmlmYWNlfSwle1dPUkQ6cmVhc29ufSwle1dPUkQ6YWN0aW9ufSwle1dPUkQ6ZGlyZWN0aW9ufScKCiAgIyB0b3MsIGVjbiwgdHRsLCBpZCwgb2Zmc2V0LCBmbGFncywgcHJvdG9udW0sIHByb3RvbmFtZSwgbGVuZ3RoLCBzcmMsIGRzdAogIFBGX0lQVjRfREFUQTogJyV7QkFTRTE2TlVNOmlwNF90b3N9LCgle0lOVDppcDRfZWNufSk/LCV7SU5UOmlwNF90dGx9LCV7SU5UOmlwNF9pZH0sJXtJTlQ6aXA0X29mZnNldH0sJXtXT1JEOmlwNF9mbGFnc30sJXtJTlQ6aXA0X3Byb3RvX2lkfSwle1dPUkQ6aXA0X3Byb3RvfScKICAjIGNsYXNzLCBmbG93LCBob3BsaW1pdCwgcHJvdG9uYW1lLCBwcm90b251bQogIFBGX0lQVjZfREFUQTogJyV7QkFTRTE2TlVNOmlwNl9jbGFzc30sJXtCQVNFMTZOVU06aXA2X2Zsb3dfbGFiZWx9LCV7SU5UOmlwNl9ob3BfbGltaXR9LCV7V09SRDppcDZfcHJvdG99LCV7SU5UOmlwNl9wcm90b19pZH0nCiAgIyBpcHZlcnNpb24sIC4uLiwgbGVuZ3RoLCBzcmMsIGRzdAogIFBGX0lQOiAnJXtJTlQ6aXBfdmVyfSwoJXtQRl9JUFY0X0RBVEF9fCV7UEZfSVBWNl9EQVRBfSksJXtJTlQ6bGVuZ3RofSwle0lQOnNyY19pcH0sJXtJUDpkc3RfaXB9JwoKICAjIHNyY3BvcnQsIGRzdHBvcnQsIGRhdGFsZW4KICBQRl9VRFBfREFUQTogJyV7UE9TSU5UOnNyY19wb3J0fSwle1BPU0lOVDpkc3RfcG9ydH0sJXtJTlQ6ZGF0YV9sZW5ndGh9JwogICMgc3JjcG9ydCwgZHN0cG9ydCwgZGF0YWxlbiwgZmxhZ3MsIHNlcSwgYWNrLCB3aW5kb3csIHVyZywgb3B0aW9ucwogIFBGX1RDUF9EQVRBOiAnJXtXT1JEOnRjcF9mbGFnc30sJXtJTlQ6c2VxdWVuY2VfbnVtYmVyfSwoPzole0lOVDphY2tfbnVtYmVyfSk/LCV7SU5UOnRjcF93aW5kb3d9LCgle0RBVEE6dXJnX2RhdGF9KT8sJXtHUkVFRFlEQVRBOnRjcF9vcHRpb25zfScKICAjIGJvdGggcHJvdG9jb2xzIHN0YXJ0IHdpdGggdGhlIHNhbWUgdGhyZWUgdmFsdWVzCiAgUEZfUFJPVE9DT0w6ICcle1BGX1VEUF9EQVRBfSgsJXtQRl9UQ1BfREFUQX0pPycKZ3JvazoKICBwYXR0ZXJuOiAiJXtQRl9CQVNFfSwle1BGX0lQfSwle1BGX1BST1RPQ09MfSIKICBhcHBseV9vbjogbWVzc2FnZQpzdGF0aWNzOgogIC0gbWV0YTogbG9nX3R5cGUKICAgIHZhbHVlOiBwZgotLS0KZmlsdGVyOiAiZXZ0Lk1ldGEubG9nX3R5cGUgPT0gJ3BmJyBhbmQgZXZ0LlBhcnNlZC5hY3Rpb24gPT0gJ2Jsb2NrJyIKbmFtZTogZmlyZXdhbGxzZXJ2aWNlcy9wZi1sb2dzLWRyb3AKZGVzY3JpcHRpb246ICJJZGVudGlmeSBkcm9wcGVkIHBhY2tldHMiCm9uc3VjY2VzczogbmV4dF9zdGFnZQpzdGF0aWNzOgogIC0gbWV0YTogc2VydmljZQogICAgdmFsdWU6IHRjcF91ZHAKICAtIG1ldGE6IGxvZ190eXBlCiAgICB2YWx1ZTogcGZfZHJvcAogIC0gbWV0YTogc291cmNlX2lwCiAgICBleHByZXNzaW9uOiAiZXZ0LlBhcnNlZC5zcmNfaXAiCg==",
"content": "IyBGb3IgbW9yZSBpbmZvcm1hdGlvbiBzZWUKIyBodHRwczovL2dpdGh1Yi5jb20vb3Buc2Vuc2UvcG9ydHMvYmxvYi9tYXN0ZXIvb3Buc2Vuc2UvZmlsdGVybG9nL2ZpbGVzL2Rlc2NyaXB0aW9uLnR4dAojIGFuZAojIGh0dHBzOi8vZG9jcy5uZXRnYXRlLmNvbS9wZnNlbnNlL2VuL2xhdGVzdC9tb25pdG9yaW5nL2xvZ3MvcmF3LWZpbHRlci1mb3JtYXQuaHRtbApmaWx0ZXI6ICJldnQuUGFyc2VkLnByb2dyYW0gPT0gJ2ZpbHRlcmxvZycgb3IgZXZ0LlBhcnNlZC5tZXNzYWdlIG1hdGNoZXMgJ15maWx0ZXJsb2c6JyIKbmFtZTogZmlyZXdhbGxzZXJ2aWNlcy9wZi1sb2dzCmRlc2NyaXB0aW9uOiAiUGFyc2UgcGFja2V0IGZpbHRlciBsb2dzIgpmb3JtYXQ6IDIuMApwYXR0ZXJuX3N5bnRheDoKICAjIFdPUkQgaW5jbHVkaW5nIHNwZWNpYWwgY2hhcmFjdGVycwogIFBGX1dPUkQ6ICcle1VTRVJOQU1FfScKICAKICAjIHJ1bGVuciwgc3VicnVsZW5yLCBhbmNob3JuYW1lLCBsYWJlbCB8ICIwIiwgaW50ZXJmYWNlLCByZWFzb24sIGFjdGlvbiwgZGlyCiAgUEZfQkFTRTogJyV7SU5UOnJ1bGV9LCgle0lOVDpzdWJfcnVsZX0pPywoJXtXT1JEOmFuY2hvcm5hbWV9KT8sKCV7V09SRDp0cmFja2VyfXwgMCksJXtQRl9XT1JEOmlmYWNlfSwle1dPUkQ6cmVhc29ufSwle1dPUkQ6YWN0aW9ufSwle1dPUkQ6ZGlyZWN0aW9ufScKCiAgIyB0b3MsIGVjbiwgdHRsLCBpZCwgb2Zmc2V0LCBmbGFncywgcHJvdG9udW0sIHByb3RvbmFtZSwgbGVuZ3RoLCBzcmMsIGRzdAogIFBGX0lQVjRfREFUQTogJyV7QkFTRTE2TlVNOmlwNF90b3N9LCgle0lOVDppcDRfZWNufSk/LCV7SU5UOmlwNF90dGx9LCV7SU5UOmlwNF9pZH0sJXtJTlQ6aXA0X29mZnNldH0sJXtXT1JEOmlwNF9mbGFnc30sJXtJTlQ6aXA0X3Byb3RvX2lkfSwle1dPUkQ6aXA0X3Byb3RvfScKICAjIGNsYXNzLCBmbG93LCBob3BsaW1pdCwgcHJvdG9uYW1lLCBwcm90b251bQogIFBGX0lQVjZfREFUQTogJyV7QkFTRTE2TlVNOmlwNl9jbGFzc30sJXtCQVNFMTZOVU06aXA2X2Zsb3dfbGFiZWx9LCV7SU5UOmlwNl9ob3BfbGltaXR9LCV7V09SRDppcDZfcHJvdG99LCV7SU5UOmlwNl9wcm90b19pZH0nCiAgIyBpcHZlcnNpb24sIC4uLiwgbGVuZ3RoLCBzcmMsIGRzdAogIFBGX0lQOiAnJXtJTlQ6aXBfdmVyfSwoJXtQRl9JUFY0X0RBVEF9fCV7UEZfSVBWNl9EQVRBfSksJXtJTlQ6bGVuZ3RofSwle0lQOnNyY19pcH0sJXtJUDpkc3RfaXB9JwoKICAjIHNyY3BvcnQsIGRzdHBvcnQsIGRhdGFsZW4KICBQRl9VRFBfREFUQTogJyV7UE9TSU5UOnNyY19wb3J0fSwle1BPU0lOVDpkc3RfcG9ydH0sJXtJTlQ6ZGF0YV9sZW5ndGh9JwogICMgc3JjcG9ydCwgZHN0cG9ydCwgZGF0YWxlbiwgZmxhZ3MsIHNlcSwgYWNrLCB3aW5kb3csIHVyZywgb3B0aW9ucwogIFBGX1RDUF9EQVRBOiAnJXtXT1JEOnRjcF9mbGFnc30sJXtJTlQ6c2VxdWVuY2VfbnVtYmVyfSwoPzole0lOVDphY2tfbnVtYmVyfSk/LCV7SU5UOnRjcF93aW5kb3d9LCgle0RBVEE6dXJnX2RhdGF9KT8sJXtHUkVFRFlEQVRBOnRjcF9vcHRpb25zfScKICAjIGJvdGggcHJvdG9jb2xzIHN0YXJ0IHdpdGggdGhlIHNhbWUgdGhyZWUgdmFsdWVzCiAgUEZfUFJPVE9DT0w6ICcle1BGX1VEUF9EQVRBfSgsJXtQRl9UQ1BfREFUQX0pPycKZ3JvazoKICBwYXR0ZXJuOiAiJXtQRl9CQVNFfSwle1BGX0lQfSwle1BGX1BST1RPQ09MfSIKICBhcHBseV9vbjogbWVzc2FnZQpzdGF0aWNzOgogIC0gbWV0YTogbG9nX3R5cGUKICAgIHZhbHVlOiBwZgotLS0KZmlsdGVyOiAiZXZ0Lk1ldGEubG9nX3R5cGUgPT0gJ3BmJyBhbmQgZXZ0LlBhcnNlZC5hY3Rpb24gPT0gJ2Jsb2NrJyIKbmFtZTogZmlyZXdhbGxzZXJ2aWNlcy9wZi1sb2dzLWRyb3AKZGVzY3JpcHRpb246ICJJZGVudGlmeSBkcm9wcGVkIHBhY2tldHMiCm9uc3VjY2VzczogbmV4dF9zdGFnZQpzdGF0aWNzOgogIC0gbWV0YTogc2VydmljZQogICAgZXhwcmVzc2lvbjogImV2dC5QYXJzZWQuaXA0X3Byb3RvICE9IG5pbCA/IGV2dC5QYXJzZWQuaXA0X3Byb3RvIDogZXZ0LlBhcnNlZC5pcDZfcHJvdG8iCiAgLSBtZXRhOiBsb2dfdHlwZQogICAgdmFsdWU6IHBmX2Ryb3AKICAtIG1ldGE6IHNvdXJjZV9pcAogICAgZXhwcmVzc2lvbjogImV2dC5QYXJzZWQuc3JjX2lwIgo=",
"description": "Parse packet filter logs",
"author": "firewallservices",
"labels": null
@@ -8243,6 +8297,23 @@
"type": "bruteforce"
}
},
"crowdsecurity/wireguard-auth": {
"path": "scenarios/crowdsecurity/wireguard-auth.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "63d0813873be54c7fe419127eae9981713dadfca5e3514583d1ade1f20633d04",
"deprecated": false
}
},
"long_description": "RGV0ZWN0cyBicnV0ZWZvcmNlIGF0dGVtcHRzIGFnYWluc3QgYSB3aXJlZ3VhcmQgc2VydmVyLiBJdCB3aWxsIHBhcnNlIHRoZSB3aXJlZ3VhcmQgbG9nIGZpbGUgYW5kIGNvdW50IHRoZSBudW1iZXIgb2YgZmFpbGVkIGxvZ2luIGF0dGVtcHRzIHBlciBJUCBhZGRyZXNzLiBJZiB0aGUgbnVtYmVyIG9mIGZhaWxlZCBsb2dpbiBhdHRlbXB0cyBleGNlZWRzIHRoZSB0aHJlc2hvbGQsIHRoZSBJUCBhZGRyZXNzIHdpbGwgdHJpZ2dlciBhbiBhbGVydC4=",
"content": "dHlwZTogbGVha3kKbmFtZTogY3Jvd2RzZWN1cml0eS93aXJlZ3VhcmQtYXV0aApkZXNjcmlwdGlvbjogIkRldGVjdHMgcmVqZWN0ZWQgY29ubmVjdGlvbnMgYXR0ZW1wdHMgYW5kIHVuYXV0aG9yaXplZCBwYWNrZXRzIHRocm91Z2ggd2lyZWd1YXJkIHR1bm5lbHMiCmZpbHRlcjogImV2dC5NZXRhLmxvZ190eXBlID09ICd3aXJlZ3VhcmRfZmFpbGVkX2F1dGgnIgpncm91cGJ5OiBldnQuTWV0YS5zb3VyY2VfaXAKbGVha3NwZWVkOiAiMzBzIgpjYXBhY2l0eTogMwpibGFja2hvbGU6IDFtCmxhYmVsczoKICByZW1lZGlhdGlvbjogdHJ1ZQo=",
"description": "Detects rejected connections attempts and unauthorized packets through wireguard tunnels",
"author": "crowdsecurity",
"labels": {
"remediation": "true"
}
},
"firewallservices/lemonldap-ng-bf": {
"path": "scenarios/firewallservices/lemonldap-ng-bf.yaml",
"version": "0.1",
@@ -8264,7 +8335,7 @@
},
"firewallservices/pf-scan-multi_ports": {
"path": "scenarios/firewallservices/pf-scan-multi_ports.yaml",
"version": "0.2",
"version": "0.3",
"versions": {
"0.1": {
"digest": "d650a9e64532d14a46dcf5bfc952b0a0eb1825efdb07a179069d9c7f8f185d78",
@@ -8273,15 +8344,19 @@
"0.2": {
"digest": "42359d53fdf4b78cf2600d81c5a893bb0306589190447cde88f5c0e788706136",
"deprecated": false
},
"0.3": {
"digest": "d650a9e64532d14a46dcf5bfc952b0a0eb1825efdb07a179069d9c7f8f185d78",
"deprecated": false
}
},
"long_description": "RGV0ZWN0cyBhIHBvcnQgc2NhbiA6IGRldGVjdHMgaWYgYSBzaW5nbGUgSVAgYXR0ZW1wdHMgY29ubmVjdGlvbiB0byBtYW55IGRpZmZlcmVudCBwb3J0cy4KCkxlYWtzcGVlZCBvZiA1cywgY2FwYWNpdHkgb2YgMTUuCg==",
"content": "dHlwZTogbGVha3kKbmFtZTogZmlyZXdhbGxzZXJ2aWNlcy9wZi1zY2FuLW11bHRpX3BvcnRzCmRlc2NyaXB0aW9uOiAiYmFuIElQcyB0aGF0IGFyZSBzY2FubmluZyB1cyIKZmlsdGVyOiAiZXZ0Lk1ldGEubG9nX3R5cGUgPT0gJ3BmX2Ryb3AnICYmIGV2dC5NZXRhLnNlcnZpY2UgPT0gJ3RjcF91ZHAnIgpncm91cGJ5OiBldnQuTWV0YS5zb3VyY2VfaXAKZGlzdGluY3Q6IGV2dC5QYXJzZWQuZHN0X3BvcnQKY2FwYWNpdHk6IDE1CmxlYWtzcGVlZDogNXMKYmxhY2tob2xlOiAxbQpsYWJlbHM6CiAgc2VydmljZTogdGNwX3VkcAogIHR5cGU6IHNjYW4KICByZW1lZGlhdGlvbjogdHJ1ZQo=",
"long_description": "RGV0ZWN0cyBUQ1AgcG9ydCBzY2FuIDogZGV0ZWN0cyBpZiBhIHNpbmdsZSBJUCBhdHRlbXB0cyBjb25uZWN0aW9uIHRvIG1hbnkgZGlmZmVyZW50IHBvcnRzLgoKTGVha3NwZWVkIG9mIDVzLCBjYXBhY2l0eSBvZiAxNS4K",
"content": "dHlwZTogbGVha3kKbmFtZTogZmlyZXdhbGxzZXJ2aWNlcy9wZi1zY2FuLW11bHRpX3BvcnRzCmRlc2NyaXB0aW9uOiAiYmFuIElQcyB0aGF0IGFyZSBzY2FubmluZyB1cyIKZmlsdGVyOiAiZXZ0Lk1ldGEubG9nX3R5cGUgPT0gJ3BmX2Ryb3AnICYmIGV2dC5NZXRhLnNlcnZpY2UgPT0gJ3RjcCciCmdyb3VwYnk6IGV2dC5NZXRhLnNvdXJjZV9pcApkaXN0aW5jdDogZXZ0LlBhcnNlZC5kc3RfcG9ydApjYXBhY2l0eTogMTUKbGVha3NwZWVkOiA1cwpibGFja2hvbGU6IDFtCmxhYmVsczoKICBzZXJ2aWNlOiB0Y3AKICB0eXBlOiBzY2FuCiAgcmVtZWRpYXRpb246IHRydWUK",
"description": "ban IPs that are scanning us",
"author": "firewallservices",
"labels": {
"remediation": "true",
"service": "tcp_udp",
"service": "tcp",
"type": "scan"
}
},