mirror of
				https://github.com/telekom-security/tpotce.git
				synced 2025-10-22 08:14:43 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			33 lines
		
	
	
	
		
			818 B
		
	
	
	
		
			YAML
		
	
	
	
	
	
			
		
		
	
	
			33 lines
		
	
	
	
		
			818 B
		
	
	
	
		
			YAML
		
	
	
	
	
	
| # Put passthrough rules on top, drop rules on bottom, rules are applied in order (top down)
 | |
| rules:
 | |
|   - match: udp dst port 53
 | |
|     type: passthrough
 | |
|   - match: tcp dst port 21
 | |
|     type: conn_handler
 | |
|     target: ftp
 | |
|   - match: tcp dst port 23 or port 2323 or port 23231
 | |
|     type: conn_handler
 | |
|     target: telnet
 | |
|   - match: tcp dst port 25
 | |
|     type: conn_handler
 | |
|     target: smtp
 | |
|   - match: tcp dst port 445
 | |
|     type: conn_handler
 | |
|     target: smb
 | |
|   - match: tcp dst port 1883
 | |
|     type: conn_handler
 | |
|     target: mqtt
 | |
|   - match: tcp dst port 3389
 | |
|     type: conn_handler
 | |
|     target: rdp
 | |
|   - match: tcp dst port 5060
 | |
|     type: conn_handler
 | |
|     target: sip
 | |
|   - match: tcp dst port 5222 or port 5223
 | |
|     type: conn_handler
 | |
|     target: jabber
 | |
|   - match: tcp
 | |
|     type: conn_handler
 | |
|     target: default
 | |
|   - match: 
 | |
|     type: drop
 | 
