mirror of
https://github.com/0xdeadbeefnetwork/Copy_Fail2-Electric_Boogaloo.git
synced 2026-05-16 10:50:09 +00:00
Add auditd rules
This commit is contained in:
Mikel Olasagasti Uranga
parent
49626cb1c2
commit
f4dc8aa2c8
1 changed files with 10 additions and 0 deletions
10
README.md
10
README.md
|
|
@ -41,6 +41,16 @@ path.
|
||||||
*MSG_SPLICE_PAGES UDP support was added in 6.5, so 5.15 is below the
|
*MSG_SPLICE_PAGES UDP support was added in 6.5, so 5.15 is below the
|
||||||
bug's reach.
|
bug's reach.
|
||||||
|
|
||||||
|
## Auditd rule
|
||||||
|
|
||||||
|
~~~
|
||||||
|
sudo tee /etc/audit/rules.d/xfrm_netlink.rules >/dev/null <<'EOF'
|
||||||
|
-a always,exit -F arch=b64 -S socket -F a0=16 -F a2=6 -k xfrm_netlink_socket
|
||||||
|
-a always,exit -F arch=b32 -S socket -F a0=16 -F a2=6 -k xfrm_netlink_socket
|
||||||
|
EOF
|
||||||
|
sudo augenrules --load
|
||||||
|
~~~
|
||||||
|
|
||||||
## Credits
|
## Credits
|
||||||
|
|
||||||
Hyunwoo Kim (imv4bel) and Kuan-Ting Chen reported, tested,
|
Hyunwoo Kim (imv4bel) and Kuan-Ting Chen reported, tested,
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue