/
deny-list.json
76 lines (76 loc) · 2.07 KB
/
deny-list.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
{
"RuleVariables": {
"IPSets": {
"HOME_NET": {
"Definition": [
"<SPOKE VPC CIDR RANGE>",
"<HUB VPC CIDR RANGE>"
]
}
}
},
"RulesSource": {
"StatefulRules": [
{
"Action": "DROP",
"Header": {
"Protocol": "FTP",
"Source": "ANY",
"SourcePort": "ANY",
"Direction": "ANY",
"Destination": "ANY",
"DestinationPort": "ANY"
},
"RuleOptions": [
{
"Keyword": "sid",
"Settings": [
"1"
]
}
]
},
{
"Action": "DROP",
"Header": {
"Protocol": "SSH",
"Source": "ANY",
"SourcePort": "ANY",
"Direction": "ANY",
"Destination": "ANY",
"DestinationPort": "ANY"
},
"RuleOptions": [
{
"Keyword": "sid",
"Settings": [
"2"
]
}
]
},
{
"Action": "DROP",
"Header": {
"Protocol": "ICMP",
"Source": "ANY",
"SourcePort": "ANY",
"Direction": "ANY",
"Destination": "ANY",
"DestinationPort": "ANY"
},
"RuleOptions": [
{
"Keyword": "sid",
"Settings": [
"3"
]
}
]
}
]
},
"StatefulRuleOptions": {
"RuleOrder": "STRICT_ORDER"
}
}