Add more things
This commit is contained in:
Thomas Stromberg
parent
bceacd1572
commit
caa6bb43ed
|
|
@ -54,6 +54,8 @@ WHERE (
|
|||
AND PATH NOT LIKE '%/.dwz/'
|
||||
AND PATH NOT LIKE '%/.updated'
|
||||
AND PATH NOT LIKE '/%bin/bootstrapping/.default_components'
|
||||
AND PATH NOT LIKE '%/google-cloud-sdk/.install/'
|
||||
|
||||
AND (
|
||||
type != 'regular'
|
||||
OR size > 1
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ WHERE port != 0
|
|||
AND lp.address NOT LIKE "172.1%"
|
||||
AND lp.address NOT LIKE "fe80::%"
|
||||
AND lp.address NOT LIKE "::ffff:127.0.0.%"
|
||||
AND NOT (lp.port > 1024 AND lp.protocol = 17)
|
||||
-- Linux --
|
||||
AND NOT (p.name IN ('spotify','Spotify') AND lp.port IN (1900,5353) AND lp.protocol=17)
|
||||
AND NOT (p.name IN ('spotify','Spotify') AND lp.port>32000 AND lp.protocol IN (6,17))
|
||||
|
|
@ -27,10 +28,8 @@ WHERE port != 0
|
|||
AND NOT (p.name='dleyna-renderer' AND lp.port>1024 AND lp.protocol IN (6,17))
|
||||
AND NOT (p.name='dockerd' AND p.cwd='/' AND lp.port=2376 AND lp.protocol=6)
|
||||
AND NOT (p.name='etcd' AND p.cwd='/' AND lp.port IN (2379,2380) AND lp.protocol=6)
|
||||
AND NOT (p.name='firefox' AND lp.port=5353 AND lp.protocol=17)
|
||||
AND NOT (p.name='firefox' AND lp.port>32000 AND lp.protocol IN (6,17))
|
||||
AND NOT (p.name='.firefox-wrappe' AND lp.port>32000 AND lp.protocol IN (6,17))
|
||||
AND NOT (p.name='idea' AND p.cwd='/' AND lp.port>32000 AND lp.protocol=17)
|
||||
AND NOT (p.name='kdeconnectd' AND lp.port=1716 AND lp.protocol IN (6,17))
|
||||
AND NOT (p.name='kube-apiserver' AND p.cwd='/' AND lp.port IN (6443,8443) AND lp.protocol=6)
|
||||
AND NOT (p.name='kube-proxy' AND p.cwd='/' AND lp.port>10000 AND lp.protocol=6)
|
||||
|
|
@ -44,47 +43,32 @@ WHERE port != 0
|
|||
AND NOT (p.name='sshd' AND p.cwd='/' AND lp.port=22 AND lp.protocol=6)
|
||||
AND NOT (p.name='tailscaled' AND p.cwd='/' AND lp.port=4161 AND lp.protocol=6)
|
||||
AND NOT (p.name='tailscaled' AND p.cwd='/' AND lp.port=41641 AND lp.protocol=17)
|
||||
AND NOT (p.name='Socket Process' and p.cwd LIKE '/proc/%/fdinfo%' AND lp.port>32000 AND lp.protocol=17)
|
||||
-- macOS --
|
||||
AND NOT (p.name IN ('launchd','netbiosd') AND p.cwd='/' AND lp.port IN (137,138) AND lp.protocol=17)
|
||||
AND NOT (p.name='Arc Helper' AND p.cwd='/' AND lp.port=5353 AND lp.protocol=17)
|
||||
AND NOT (p.name='Arc Helper' AND p.cwd='/' AND lp.port>5000 AND lp.protocol=17)
|
||||
AND NOT (p.name='Arc' AND p.cwd='/' AND lp.port>5000 AND lp.protocol=17)
|
||||
AND NOT (p.name='Brave Browser Helper' AND p.cwd='/' AND lp.port=5353 AND lp.protocol=17)
|
||||
AND NOT (p.name='Brave Browser Helper' AND p.cwd='/' AND lp.port>32000 AND lp.protocol=17)
|
||||
AND NOT (p.name='Code Helper' AND lp.port > 5000 AND lp.protocol=6)
|
||||
AND NOT (p.name='com.docker.backend' AND p.cwd LIKE '/Users/%/Library/Containers/com.docker.docker/Data' AND lp.port > 1024 AND lp.protocol=6)
|
||||
AND NOT (p.name='CommCenter' AND p.cwd='/' AND lp.port=5060 AND lp.protocol IN (6,17))
|
||||
AND NOT (p.name='configd' AND p.cwd='/' AND lp.port IN (68,546) AND lp.protocol=17)
|
||||
AND NOT (p.name='ControlCenter' AND p.cwd='/' AND lp.port IN (5000,7000) AND lp.protocol=6)
|
||||
AND NOT (p.name='cupsd' AND p.cwd='/' AND lp.port=631 AND lp.protocol=6)
|
||||
AND NOT (p.name='identityservicesd' AND p.cwd='/' AND lp.port>49000 AND lp.protocol=17)
|
||||
AND NOT (p.name='Dropbox' AND p.cwd='/' AND lp.port=17500 AND lp.protocol IN (6,17))
|
||||
AND NOT (p.name='EEventManager' AND p.cwd='/' AND lp.port=2968 AND lp.protocol IN (6,17))
|
||||
AND NOT (p.name='fake' AND p.cwd LIKE '/Users/%/api-impl' AND lp.port IN (2112,8080) AND lp.protocol=6)
|
||||
AND NOT (p.name='Google Chrome Helper' AND p.cwd='/' AND lp.port=5353 AND lp.protocol=17)
|
||||
AND NOT (p.name='Google Chrome Helper' AND p.cwd='/' AND lp.port>49000 AND lp.protocol=17)
|
||||
AND NOT (p.name='Google Chrome' AND p.cwd='/' AND lp.port>49000 AND lp.protocol=17)
|
||||
AND NOT (p.name='hugo' AND lp.port>1024 AND lp.protocol=6)
|
||||
AND NOT (p.name='IPNExtension' AND p.cwd LIKE '/Users/%/Library/Containers/io.tailscale.ipn.macos.network-extension/Data' AND lp.port>32000 AND lp.protocol IN (6,17))
|
||||
AND NOT (p.name='launchd' AND p.cwd='/' AND lp.port=22 AND lp.protocol=6)
|
||||
AND NOT (p.name='LogiMgrDaemon' AND p.cwd='/' AND lp.port>49000 AND lp.protocol IN (6,17))
|
||||
AND NOT (p.name='mariadbd' AND p.cwd='/opt/homebrew/var/mysql' AND lp.port=3306 AND lp.protocol=6)
|
||||
AND NOT (p.name='mDNSResponder' AND p.cwd='/' AND lp.port=5353 AND lp.protocol=17)
|
||||
AND NOT (p.name='mDNSResponder' AND p.cwd='/' AND lp.port>49000 AND lp.protocol=17)
|
||||
AND NOT (p.name='node' AND p.cwd LIKE '/Users/%/app' AND lp.port>5000 AND lp.protocol=6)
|
||||
AND NOT (p.name='OpalCameraDeviceService' AND p.cwd='/' AND lp.port>49000 AND lp.protocol=17)
|
||||
AND NOT (p.name='rapportd' AND p.cwd='/' AND lp.port=3722 AND lp.protocol=17)
|
||||
AND NOT (p.name='rapportd' AND p.cwd='/' AND lp.port>49000 AND lp.protocol=6)
|
||||
AND NOT (p.name='rapportd' AND p.cwd='/' AND lp.port=3722 AND lp.protocol=17)
|
||||
AND NOT (p.name='remoted' AND p.cwd='/' AND lp.port>49000 AND lp.protocol IN (6,17))
|
||||
AND NOT (p.name='RescueTime' AND p.cwd='/' AND lp.port=16587 AND lp.protocol=6)
|
||||
AND NOT (p.name='sharingd' AND p.cwd='/' AND lp.port=8770 AND lp.protocol=6)
|
||||
AND NOT (p.name='syncthing' AND lp.port > 20000 AND lp.protocol IN (6,17))
|
||||
AND NOT (p.name='syslogd' AND p.cwd='/' AND lp.port>49000 AND lp.protocol=17)
|
||||
AND NOT (p.name='systemd-resolve' AND p.cwd='/' AND lp.port=5355 AND lp.protocol IN (6,17))
|
||||
AND NOT (p.name='Slack Helper' AND lp.port>49000 AND lp.protocol=17)
|
||||
AND NOT (p.name='com.apple.WebKit.Networking' AND lp.port>49000 AND lp.protocol=17)
|
||||
AND NOT (p.name='TIDAL Helper (Renderer)' AND p.cwd='/' AND lp.port=5353 AND lp.protocol=17)
|
||||
AND NOT (p.name='vpnkit-bridge' AND p.cwd LIKE '/Users/%/Library/Containers/com.docker.docker/Data' AND lp.port>49000 AND lp.protocol=6)
|
||||
AND NOT (p.name='WireGuardNetworkExtension' AND p.cwd LIKE '/Users/%/Library/Containers/com.wireguard.macos.network-extension/Data' AND lp.port>49000 AND lp.protocol=17)
|
||||
AND NOT (p.name='com.docker.vpnkit' AND lp.port>49000 AND lp.protocol=6)
|
||||
AND NOT (p.name='X11.bin' AND lp.port=6000 AND lp.protocol=6)
|
||||
|
|
|
|||
|
|
@ -23,60 +23,113 @@ WHERE active_state != "inactive"
|
|||
'acpid.path',
|
||||
'acpid.service',
|
||||
'acpid.socket',
|
||||
'adsl.service',
|
||||
'akmods-keygen.target',
|
||||
'akmods-shutdown.service',
|
||||
'flatpak-system-helper.service',
|
||||
'zfs-snapshot-hourly.service',
|
||||
'zfs-snapshot-frequent.service',
|
||||
'akmods.service',
|
||||
'alsa-restore.service',
|
||||
'alsa-state.service',
|
||||
'alsa-store.service',
|
||||
'anacron.timer',
|
||||
'anacron.service',
|
||||
'anacron.timer',
|
||||
'apcupsd.service',
|
||||
'apparmor.service',
|
||||
'apport.service',
|
||||
'apt-daily-upgrade.timer',
|
||||
'apt-daily.timer',
|
||||
'archlinux-keyring-wkd-sync.service',
|
||||
'archlinux-keyring-wkd-sync.timer',
|
||||
'audit.service',
|
||||
'auditd.service',
|
||||
'auth-rpcgss-module.service',
|
||||
'autovt@.service',
|
||||
'avahi-daemon.service',
|
||||
'avahi-daemon.socket',
|
||||
'avahi-dnsconfd.service',
|
||||
'basic.target',
|
||||
'blk-availability.service',
|
||||
'blockdev@.target',
|
||||
'blockdev@dev-mapper-cryptoswap.target',
|
||||
'bluetooth-mesh.service',
|
||||
'bluetooth.service',
|
||||
'bluetooth.target',
|
||||
'bolt.service',
|
||||
'boot-complete.target',
|
||||
'brltty-device@.service',
|
||||
'brltty@.service',
|
||||
'btrfs-scrub@.service',
|
||||
'btrfs-scrub@.timer',
|
||||
'canberra-system-bootup.service',
|
||||
'canberra-system-shutdown-reboot.service',
|
||||
'canberra-system-shutdown.service',
|
||||
'chronyd.service',
|
||||
'clamav-clamonacc.service',
|
||||
'clamav-daemon.service',
|
||||
'clamav-daemon.socket',
|
||||
'clamav-freshclam.service',
|
||||
'colord.service',
|
||||
'console-getty.service',
|
||||
'console-setup.service',
|
||||
'container-getty@.service',
|
||||
'containerd.service',
|
||||
'cron.service',
|
||||
'cronie.service',
|
||||
'cryptsetup-pre.target',
|
||||
'cryptsetup.target',
|
||||
'ctrl-alt-del.target',
|
||||
'cups-browsed.service',
|
||||
'cups.path',
|
||||
'cups.service',
|
||||
'cups.socket',
|
||||
'daxdev-reconfigure@.service',
|
||||
'dbus-broker.service',
|
||||
'dbus-org.freedesktop.hostname1.service',
|
||||
'dbus-org.freedesktop.import1.service',
|
||||
'dbus-org.freedesktop.locale1.service',
|
||||
'dbus-org.freedesktop.login1.service',
|
||||
'dbus-org.freedesktop.machine1.service',
|
||||
'dbus-org.freedesktop.portable1.service',
|
||||
'dbus-org.freedesktop.timedate1.service',
|
||||
'dbus.service',
|
||||
'dbus.socket',
|
||||
'debug-shell.service',
|
||||
'default.target',
|
||||
'dev-mapper-cryptoswap.swap',
|
||||
'dhclient@.service',
|
||||
'dhcpcd.service',
|
||||
'display-manager.service',
|
||||
'dkms.service',
|
||||
'dm-event.service',
|
||||
'dm-event.socket',
|
||||
'dmraid.service',
|
||||
'dnf-makecache.timer',
|
||||
'dnsmasq.service',
|
||||
'docker.service',
|
||||
'docker.socket',
|
||||
'dpkg-db-backup.timer',
|
||||
'dracut-shutdown.service',
|
||||
'drkonqi-coredump-processor@.service',
|
||||
'e2scrub_all.service',
|
||||
'e2scrub_all.timer',
|
||||
'e2scrub_fail@.service',
|
||||
'e2scrub_reap.service',
|
||||
'e2scrub@.service',
|
||||
'ead.service',
|
||||
'emergency.service',
|
||||
'emergency.target',
|
||||
'exit.target',
|
||||
'factory-reset.target',
|
||||
'fancontrol.service',
|
||||
'final.target',
|
||||
'firewall.service',
|
||||
'firewalld.service',
|
||||
'first-boot-complete.target',
|
||||
'flatpak-system-helper.service',
|
||||
'fprintd.service',
|
||||
'fstrim.service',
|
||||
'fstrim.timer',
|
||||
'ftpd.service',
|
||||
'fwupd-offline-update.service',
|
||||
'fwupd-refresh.service',
|
||||
'fwupd-refresh.timer',
|
||||
'fwupd.service',
|
||||
|
|
@ -84,21 +137,59 @@ WHERE active_state != "inactive"
|
|||
'geoclue.service',
|
||||
'getty-pre.target',
|
||||
'getty.target',
|
||||
'getty@.service',
|
||||
'git-daemon.socket',
|
||||
'git-daemon@.service',
|
||||
'glances.service',
|
||||
'gpm.service',
|
||||
'graphical.target',
|
||||
'gssproxy.service',
|
||||
'halt.target',
|
||||
'haveged-once.service',
|
||||
'haveged.service',
|
||||
'healthd.service',
|
||||
'hibernate.target',
|
||||
'httpd.service',
|
||||
'hybrid-sleep.target',
|
||||
'iio-sensor-proxy.service',
|
||||
'import-state.service',
|
||||
'initrd-cleanup.service',
|
||||
'initrd-fs.target',
|
||||
'initrd-parse-etc.service',
|
||||
'initrd-root-device.target',
|
||||
'initrd-root-fs.target',
|
||||
'initrd-switch-root.service',
|
||||
'initrd-switch-root.target',
|
||||
'initrd-udevadm-cleanup-db.service',
|
||||
'initrd-usr-fs.target',
|
||||
'initrd.target',
|
||||
'integritysetup-pre.target',
|
||||
'integritysetup.target',
|
||||
'ip6tables.service',
|
||||
'iptables.service',
|
||||
'irqbalance.service',
|
||||
'iscsid.socket',
|
||||
'iscsiuio.socket',
|
||||
'iwd.service',
|
||||
'kerneloops.service',
|
||||
'kexec.target',
|
||||
'keyboard-setup.service',
|
||||
'kmod-static-nodes.service',
|
||||
'kolide-launcher.service',
|
||||
'krb5-kadmind.service',
|
||||
'krb5-kdc.service',
|
||||
'krb5-kpropd.service',
|
||||
'krb5-kpropd.socket',
|
||||
'krb5-kpropd@.service',
|
||||
'launcher.kolide-k2.service',
|
||||
'ldconfig.service',
|
||||
'libvirt-guests.service',
|
||||
'libvirtd-admin.socket',
|
||||
'libvirtd-ro.socket',
|
||||
'libvirtd-tcp.socket',
|
||||
'libvirtd-tls.socket',
|
||||
'libvirtd.service',
|
||||
'libvirtd.socket',
|
||||
'lightdm.service',
|
||||
'livesys-late.service',
|
||||
'livesys.service',
|
||||
|
|
@ -106,16 +197,38 @@ WHERE active_state != "inactive"
|
|||
'local-fs-pre.target',
|
||||
'local-fs.target',
|
||||
'logrotate-checkconf.service',
|
||||
'logrotate.service',
|
||||
'logrotate.timer',
|
||||
'low-memory-monitor.service',
|
||||
'lvm2-lvmpolld.service',
|
||||
'lvm2-lvmpolld.socket',
|
||||
'lvm2-monitor.service',
|
||||
'lvm2.service',
|
||||
'machine.slice',
|
||||
'machines.target',
|
||||
'man-db.service',
|
||||
'man-db.timer',
|
||||
'mariadb-extra.socket',
|
||||
'mariadb-extra@.socket',
|
||||
'mariadb.service',
|
||||
'mariadb.socket',
|
||||
'mariadb@.service',
|
||||
'mariadb@.socket',
|
||||
'mcelog.service',
|
||||
'mdadm-grow-continue@.service',
|
||||
'mdadm-last-resort@.service',
|
||||
'mdadm-last-resort@.timer',
|
||||
'mdcheck_continue.service',
|
||||
'mdcheck_continue.timer',
|
||||
'mdcheck_start.service',
|
||||
'mdcheck_start.timer',
|
||||
'mdmon@.service',
|
||||
'mdmonitor-oneshot.service',
|
||||
'mdmonitor-oneshot.timer',
|
||||
'mdmonitor.service',
|
||||
'mkinitcpio-generate-shutdown-ramfs.service',
|
||||
'ModemManager.service',
|
||||
'modprobe@.service',
|
||||
'modprobe@chromeos_pstore.service',
|
||||
'modprobe@efi_pstore.service',
|
||||
'modprobe@mtdpstore.service',
|
||||
|
|
@ -125,6 +238,20 @@ WHERE active_state != "inactive"
|
|||
'motd-news.timer',
|
||||
'mount-pstore.service',
|
||||
'multi-user.target',
|
||||
'multipathd.service',
|
||||
'multipathd.socket',
|
||||
'mysql.service',
|
||||
'mysqld.service',
|
||||
'named.service',
|
||||
'nbd.service',
|
||||
'nbd@.service',
|
||||
'ndctl-monitor.service',
|
||||
'netctl-auto@.service',
|
||||
'netctl-ifplugd@.service',
|
||||
'netctl-sleep.service',
|
||||
'netctl-wait-online.service',
|
||||
'netctl.service',
|
||||
'netctl@.service',
|
||||
'network-interfaces.target',
|
||||
'network-local-commands.service',
|
||||
'network-online.target',
|
||||
|
|
@ -132,95 +259,227 @@ WHERE active_state != "inactive"
|
|||
'network-setup.service',
|
||||
'network.target',
|
||||
'networkd-dispatcher.service',
|
||||
'NetworkManager-dispatcher.service',
|
||||
'NetworkManager-wait-online.service',
|
||||
'NetworkManager.service',
|
||||
'nfs-blkmap.service',
|
||||
'nfs-client.target',
|
||||
'nfs-idmapd.service',
|
||||
'nfs-mountd.service',
|
||||
'nfs-server.service',
|
||||
'nfs-utils.service',
|
||||
'nfsdcld.service',
|
||||
'nfsv4-exportd.service',
|
||||
'nfsv4-server.service',
|
||||
'nginx.service',
|
||||
'ninfod.service',
|
||||
'nix-daemon.service',
|
||||
'nix-daemon.socket',
|
||||
'nix-gc.timer',
|
||||
'nm-priv-helper.service',
|
||||
'nmb.service',
|
||||
'nscd.service',
|
||||
'nss-lookup.target',
|
||||
'nss-user-lookup.target',
|
||||
'ntpd.service',
|
||||
'ntpdate.service',
|
||||
'nvidia-persistenced.service',
|
||||
'openvpn-client@.service',
|
||||
'openvpn-server@.service',
|
||||
'openvpn.service',
|
||||
'ostree-boot-complete.service',
|
||||
'ostree-finalize-staged.service',
|
||||
'ostree-prepare-root.service',
|
||||
'ostree-remount.service',
|
||||
'paccache.service',
|
||||
'paccache.timer',
|
||||
'packagekit.service',
|
||||
'pacman-filesdb-refresh.service',
|
||||
'pacman-filesdb-refresh.timer',
|
||||
'pam_namespace.service',
|
||||
'paths.target',
|
||||
'pcscd.service',
|
||||
'pcscd.socket',
|
||||
'phpsessionclean.timer',
|
||||
'pkgfile-update.service',
|
||||
'pkgfile-update.timer',
|
||||
'plocate-updatedb.timer',
|
||||
'plymouth-quit-wait.service',
|
||||
'plymouth-read-write.service',
|
||||
'plymouth-start.service',
|
||||
'polkit.service',
|
||||
'power-profiles-daemon.service',
|
||||
'poweroff.target',
|
||||
'ppp@.service',
|
||||
'printer.target',
|
||||
'proc-sys-fs-binfmt_misc.automount',
|
||||
'qemu-pr-helper.service',
|
||||
'qemu-pr-helper.socket',
|
||||
'quotaon.service',
|
||||
'raid-check.timer',
|
||||
'rarpd@.service',
|
||||
'rdisc.service',
|
||||
'rdnssd@.service',
|
||||
'reboot.target',
|
||||
'reflector.service',
|
||||
'reflector.timer',
|
||||
'reload-systemd-vconsole-setup.service',
|
||||
'remote-cryptsetup.target',
|
||||
'remote-fs-pre.target',
|
||||
'remote-fs.target',
|
||||
'remote-veritysetup.target',
|
||||
'rescue.service',
|
||||
'rescue.target',
|
||||
'resolvconf.service',
|
||||
'rfkill-block@.service',
|
||||
'rfkill-unblock@.service',
|
||||
'rlogin.socket',
|
||||
'rlogin@.service',
|
||||
'rpc_pipefs.target',
|
||||
'rpc-gssd.service',
|
||||
'rpc-statd-notify.service',
|
||||
'rpc-statd.service',
|
||||
'rpcbind.service',
|
||||
'rpcbind.socket',
|
||||
'rpcbind.target',
|
||||
'rsh.socket',
|
||||
'rsh@.service',
|
||||
'rsyncd.service',
|
||||
'rsyncd.socket',
|
||||
'rsyncd@.service',
|
||||
'rsyslog.service',
|
||||
'rtkit-daemon.service',
|
||||
'samba.service',
|
||||
'saned.socket',
|
||||
'saned@.service',
|
||||
'sddm.service',
|
||||
'sensord.service',
|
||||
'sentinelone.service',
|
||||
'serial-getty@.service',
|
||||
'setvtrgb.service',
|
||||
'shadow.service',
|
||||
'shadow.timer',
|
||||
'shutdown.target',
|
||||
'sigpwr.target',
|
||||
'sleep.target',
|
||||
'slices.target',
|
||||
'smartcard.target',
|
||||
'smartd.service',
|
||||
'smb.service',
|
||||
'snapd.apparmor.service',
|
||||
'snapd.seeded.service',
|
||||
'snapd.service',
|
||||
'snapd.socket',
|
||||
'snmpd.service',
|
||||
'snmptrapd.service',
|
||||
'sockets.target',
|
||||
'sound.target',
|
||||
'speech-dispatcherd.service',
|
||||
'spice-vdagentd.service',
|
||||
'spice-vdagentd.socket',
|
||||
'spice-webdavd.service',
|
||||
'sshd.service',
|
||||
'sshdgenkeys.service',
|
||||
'sssd-kcm.service',
|
||||
'sssd-kcm.socket',
|
||||
'suspend-then-hibernate.target',
|
||||
'suspend.target',
|
||||
'swap.target',
|
||||
'switcheroo-control.service',
|
||||
'sysinit.target',
|
||||
'syslog.socket',
|
||||
'sysprof2.service',
|
||||
'sysprof3.service',
|
||||
'sysstat-collect.timer',
|
||||
'sysstat-summary.timer',
|
||||
'sysstat.service',
|
||||
'system-update-cleanup.service',
|
||||
'system-update-pre.target',
|
||||
'system-update.target',
|
||||
'systemd-ask-password-console.path',
|
||||
'systemd-ask-password-console.service',
|
||||
'systemd-ask-password-plymouth.path',
|
||||
'systemd-ask-password-wall.path',
|
||||
'systemd-ask-password-wall.service',
|
||||
'systemd-backlight@.service',
|
||||
'systemd-backlight@backlight:intel_backlight.service',
|
||||
'systemd-backlight@leds:dell::kbd_backlight.service',
|
||||
'systemd-backlight@leds:tpacpi::kbd_backlight.service',
|
||||
'systemd-binfmt.service',
|
||||
'systemd-bless-boot.service',
|
||||
'systemd-boot-check-no-failures.service',
|
||||
'systemd-boot-system-token.service',
|
||||
'systemd-boot-update.service',
|
||||
'systemd-coredump.socket',
|
||||
'systemd-coredump@.service',
|
||||
'systemd-cryptsetup@cryptoswap.service',
|
||||
'systemd-exit.service',
|
||||
'systemd-firstboot.service',
|
||||
'systemd-fsck-root.service',
|
||||
'systemd-fsck@.service',
|
||||
'systemd-fsckd.socket',
|
||||
'systemd-halt.service',
|
||||
'systemd-hibernate-resume@.service',
|
||||
'systemd-hibernate.service',
|
||||
'systemd-homed-activate.service',
|
||||
'systemd-homed.service',
|
||||
'systemd-hostnamed.service',
|
||||
'systemd-hwdb-update.service',
|
||||
'systemd-hybrid-sleep.service',
|
||||
'systemd-importd.service',
|
||||
'systemd-initctl.socket',
|
||||
'systemd-journal-catalog-update.service',
|
||||
'systemd-journal-flush.service',
|
||||
'systemd-journal-gatewayd.service',
|
||||
'systemd-journal-gatewayd.socket',
|
||||
'systemd-journal-remote.service',
|
||||
'systemd-journal-remote.socket',
|
||||
'systemd-journal-upload.service',
|
||||
'systemd-journald-audit.socket',
|
||||
'systemd-journald-dev-log.socket',
|
||||
'systemd-journald-varlink@.socket',
|
||||
'systemd-journald.service',
|
||||
'systemd-journald.socket',
|
||||
'systemd-journald@.service',
|
||||
'systemd-journald@.socket',
|
||||
'systemd-kexec.service',
|
||||
'systemd-localed.service',
|
||||
'systemd-logind.service',
|
||||
'systemd-machine-id-commit.service',
|
||||
'systemd-machined.service',
|
||||
'systemd-modules-load.service',
|
||||
'systemd-network-generator.service',
|
||||
'systemd-networkd-wait-online.service',
|
||||
'systemd-networkd-wait-online@.service',
|
||||
'systemd-networkd.service',
|
||||
'systemd-networkd.socket',
|
||||
'systemd-nspawn@.service',
|
||||
'systemd-oomd.service',
|
||||
'systemd-oomd.socket',
|
||||
'systemd-portabled.service',
|
||||
'systemd-poweroff.service',
|
||||
'systemd-pstore.service',
|
||||
'systemd-quotacheck.service',
|
||||
'systemd-random-seed.service',
|
||||
'systemd-reboot.service',
|
||||
'systemd-remount-fs.service',
|
||||
'systemd-repart.service',
|
||||
'systemd-resolved.service',
|
||||
'systemd-rfkill.service',
|
||||
'systemd-rfkill.socket',
|
||||
'systemd-suspend-then-hibernate.service',
|
||||
'systemd-suspend.service',
|
||||
'systemd-sysctl.service',
|
||||
'systemd-sysext.service',
|
||||
'systemd-sysupdate-reboot.service',
|
||||
'systemd-sysupdate-reboot.timer',
|
||||
'systemd-sysupdate.service',
|
||||
'systemd-sysupdate.timer',
|
||||
'systemd-sysusers.service',
|
||||
'systemd-time-wait-sync.service',
|
||||
'systemd-timedated.service',
|
||||
'systemd-timesyncd.service',
|
||||
'systemd-tmpfiles-clean.service',
|
||||
'systemd-tmpfiles-clean.timer',
|
||||
'systemd-tmpfiles-setup-dev.service',
|
||||
'systemd-tmpfiles-setup.service',
|
||||
|
|
@ -235,38 +494,107 @@ WHERE active_state != "inactive"
|
|||
'systemd-userdbd.service',
|
||||
'systemd-userdbd.socket',
|
||||
'systemd-vconsole-setup.service',
|
||||
'systemd-volatile-root.service',
|
||||
'tailscaled.service',
|
||||
'talk.service',
|
||||
'talk.socket',
|
||||
'teamd@.service',
|
||||
'telnet.socket',
|
||||
'telnet@.service',
|
||||
'thermald.service',
|
||||
'time-set.target',
|
||||
'time-sync.target',
|
||||
'timers.target',
|
||||
'tlp.service',
|
||||
'ua-timer.timer',
|
||||
'udisks2-zram-setup@.service',
|
||||
'udisks2.service',
|
||||
'ufw.service',
|
||||
'umount.target',
|
||||
'unattended-upgrades.service',
|
||||
'unbound-anchor.timer',
|
||||
'update-notifier-download.timer',
|
||||
'update-notifier-motd.timer',
|
||||
'updatedb.service',
|
||||
'updatedb.timer',
|
||||
'upower.service',
|
||||
'uresourced.service',
|
||||
'usb_modeswitch@.service',
|
||||
'usb-gadget.target',
|
||||
'usbmuxd.service',
|
||||
'user-runtime-dir@.service',
|
||||
'user.slice',
|
||||
'user@.service',
|
||||
'uuidd.service',
|
||||
'uuidd.socket',
|
||||
'veritysetup-pre.target',
|
||||
'veritysetup.target',
|
||||
'virt-guest-shutdown.target',
|
||||
'virtchd-admin.socket',
|
||||
'virtchd-ro.socket',
|
||||
'virtchd.service',
|
||||
'virtchd.socket',
|
||||
'virtinterfaced-admin.socket',
|
||||
'virtinterfaced-ro.socket',
|
||||
'virtinterfaced.service',
|
||||
'virtinterfaced.socket',
|
||||
'virtlockd-admin.socket',
|
||||
'virtlockd.service',
|
||||
'virtlockd.socket',
|
||||
'virtlogd-admin.socket',
|
||||
'virtlogd.service',
|
||||
'virtlogd.socket',
|
||||
'virtlxcd-admin.socket',
|
||||
'virtlxcd-ro.socket',
|
||||
'virtlxcd.service',
|
||||
'virtlxcd.socket',
|
||||
'virtnetworkd-admin.socket',
|
||||
'virtnetworkd-ro.socket',
|
||||
'virtnetworkd.service',
|
||||
'virtnetworkd.socket',
|
||||
'virtnodedevd-admin.socket',
|
||||
'virtnodedevd-ro.socket',
|
||||
'virtnodedevd.service',
|
||||
'virtnodedevd.socket',
|
||||
'virtnwfilterd-admin.socket',
|
||||
'virtnwfilterd-ro.socket',
|
||||
'virtnwfilterd.service',
|
||||
'virtnwfilterd.socket',
|
||||
'virtproxyd-admin.socket',
|
||||
'virtproxyd-ro.socket',
|
||||
'virtproxyd-tcp.socket',
|
||||
'virtproxyd-tls.socket',
|
||||
'virtproxyd.service',
|
||||
'virtproxyd.socket',
|
||||
'virtqemud-admin.socket',
|
||||
'virtqemud-ro.socket',
|
||||
'virtqemud.service',
|
||||
'virtqemud.socket',
|
||||
'virtsecretd-admin.socket',
|
||||
'virtsecretd-ro.socket',
|
||||
'virtsecretd.service',
|
||||
'virtsecretd.socket',
|
||||
'virtstoraged-admin.socket',
|
||||
'virtstoraged-ro.socket',
|
||||
'virtstoraged.service',
|
||||
'virtstoraged.socket',
|
||||
'virtvboxd-admin.socket',
|
||||
'virtvboxd-ro.socket',
|
||||
'virtvboxd.service',
|
||||
'virtvboxd.socket',
|
||||
'vpnc@.service',
|
||||
'wazuh-agent.service',
|
||||
'whoopsie.path',
|
||||
'winbind.service',
|
||||
'wpa_supplicant-nl80211@.service',
|
||||
'wpa_supplicant-wired@.service',
|
||||
'wpa_supplicant.service',
|
||||
'wpa_supplicant@.service',
|
||||
'xfs_scrub_all.service',
|
||||
'xfs_scrub_all.timer',
|
||||
'xfs_scrub_fail@.service',
|
||||
'xfs_scrub@.service',
|
||||
'xl2tpd.service',
|
||||
'zfs-import-cache.service',
|
||||
'zfs-import.target',
|
||||
'zfs-load-key-rpool.service',
|
||||
|
|
@ -275,7 +603,9 @@ WHERE active_state != "inactive"
|
|||
'zfs-scrub.timer',
|
||||
'zfs-share.service',
|
||||
'zfs-snapshot-daily.timer',
|
||||
'zfs-snapshot-frequent.service',
|
||||
'zfs-snapshot-frequent.timer',
|
||||
'zfs-snapshot-hourly.service',
|
||||
'zfs-snapshot-hourly.timer',
|
||||
'zfs-snapshot-monthly.timer',
|
||||
'zfs-snapshot-weekly.timer',
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ WHERE protocol > 0
|
|||
AND s.remote_port > 0
|
||||
AND s.remote_address NOT IN ('127.0.0.1', '::ffff:127.0.0.1', '::1')
|
||||
AND s.remote_address NOT LIKE 'fe80:%'
|
||||
AND s.remote_address NOT LIKE '127.%'
|
||||
AND s.remote_address NOT LIKE '192.168.%'
|
||||
AND s.remote_address NOT LIKE '172.1%'
|
||||
AND s.remote_address NOT LIKE '172.2%'
|
||||
|
|
@ -23,7 +24,7 @@ AND NOT (p.name = 'syncthing' AND remote_port IN (22067,443,22000))
|
|||
AND NOT (p.name = 'zoom.us' AND remote_port IN (443,8801))
|
||||
AND NOT (p.name IN ('chrome', 'Google Chrome Helper', 'Chromium Helper') AND remote_port IN (8080,8000,8008,8443,8888) AND remote_address LIKE '192.168.%')
|
||||
AND NOT (p.name IN ('chrome', 'Google Chrome Helper','Brave Browser Helper', 'Chromium Helper') AND remote_port IN (443,80,8009,8443,5228,32211,53,10001,3478))
|
||||
AND NOT (p.name IN ('Mail','thunderbird','Spark') AND remote_port IN (443,993))
|
||||
AND NOT (p.name IN ('Mail','thunderbird','Spark') AND remote_port IN (443,587,993))
|
||||
AND NOT (p.name IN ('spotify', 'Spotify Helper', 'Spotify') AND remote_port IN (443,8009,4070,32211))
|
||||
AND NOT (p.name='coredns' AND remote_port=53 AND protocol=17)
|
||||
AND NOT (p.name='systemd-resolve' AND remote_port=53 AND protocol=17)
|
||||
|
|
|
|||
Loading…
Reference in New Issue