__ __ __ __ _____ _ _ _____ _ _ _ | \/ | \ \ / / | __ \ (_) | | / ____| | | | | | \ / |_ __\ V / | |__) | __ ___ ____ _| |_ ___ | (___ | |__ ___| | | | |\/| | '__|> < | ___/ '__| \ \ / / _` | __/ _ \ \___ \| '_ \ / _ \ | | | | | | |_ / . \ | | | | | |\ V / (_| | || __/ ____) | | | | __/ | | |_| |_|_(_)_/ \_\ |_| |_| |_| \_/ \__,_|\__\___| |_____/|_| |_|\___V 2.1 if you need WebShell for Seo everyday contact me on Telegram Telegram Address : @jackleetFor_More_Tools:
# vim:syntax=apparmor
#include <tunables/global>
profile tcpdump /usr/bin/tcpdump {
#include <abstractions/base>
#include <abstractions/nameservice>
#include <abstractions/user-tmp>
capability net_raw,
capability setuid,
capability setgid,
capability dac_override,
capability chown,
network raw,
network packet,
# for -D
@{PROC}/bus/usb/ r,
@{PROC}/bus/usb/** r,
# for finding an interface
/dev/ r,
@{PROC}/[0-9]*/net/dev r,
/sys/bus/usb/devices/ r,
/sys/class/net/ r,
/sys/devices/**/net/** r,
# for -j
capability net_admin,
# for tracing USB bus, which libpcap supports
/dev/usbmon* r,
/dev/bus/usb/ r,
/dev/bus/usb/** r,
# for init_etherarray(), with -e
/etc/ethers r,
# for USB probing (see libpcap-1.1.x/pcap-usb-linux.c:probe_devices())
/dev/bus/usb/**/[0-9]* w,
# for -z
/{usr/,}bin/gzip ixr,
/{usr/,}bin/bzip2 ixr,
# for -F and -w
audit deny @{HOME}/.* mrwkl,
audit deny @{HOME}/.*/ rw,
audit deny @{HOME}/.*/** mrwkl,
audit deny @{HOME}/bin/ rw,
audit deny @{HOME}/bin/** mrwkl,
owner @{HOME}/ r,
owner @{HOME}/** rw,
# for -r, -F and -w
/**.[pP][cC][aA][pP] rw,
/**.[pP][cC][aA][pP][nN][gG] rw,
/**.[cC][aA][pP] rw,
# -W adds a numerical suffix
/**.[pP][cC][aA][pP][0-9]* rw,
/**.[pP][cC][aA][pP][nN][gG][0-9]* rw,
/**.[cC][aA][pP][0-9]* rw,
# for convenience with -r (ie, read pcap files from other sources)
/var/log/snort/*log* r,
/usr/bin/tcpdump mr,
# allow printing to stdout/stderr when inside a container
# (LP: #1667016)
/dev/pts/* rw,
# Site-specific additions and overrides. See local/README for details.
#include <local/usr.bin.tcpdump>
}
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| abi | Folder | 0755 |
|
|
| abstractions | Folder | 0755 |
|
|
| disable | Folder | 0755 |
|
|
| force-complain | Folder | 0755 |
|
|
| local | Folder | 0755 |
|
|
| tunables | Folder | 0755 |
|
|
| lsb_release | File | 1.31 KB | 0644 |
|
| nvidia_modprobe | File | 1.16 KB | 0644 |
|
| sbin.dhclient | File | 3.42 KB | 0644 |
|
| ubuntu_pro_apt_news | File | 2.02 KB | 0644 |
|
| ubuntu_pro_esm_cache | File | 6.88 KB | 0644 |
|
| usr.bin.man | File | 3.37 KB | 0644 |
|
| usr.bin.tcpdump | File | 1.65 KB | 0644 |
|
| usr.lib.snapd.snap-confine.real | File | 31.96 KB | 0644 |
|
| usr.sbin.mariadbd | File | 730 B | 0644 |
|
| usr.sbin.rsyslogd | File | 1.55 KB | 0644 |
|