add iCloud storage

jlaundry · web-flow · commit 06e77a0ab4a9 · 2024-06-16T12:45:28.000+12:00
diff --git a/.github/workflows/little_snitch.yml b/.github/workflows/little_snitch.yml
@@ -1,5 +1,8 @@
 name: "Update Little Snitch rules"
 on:
+  push:
+    branches:
+      - main
   schedule:
     - cron: '42 1 * * 2'
   workflow_dispatch:
@@ -31,7 +34,11 @@ jobs:
           git config pull.rebase false
           branch=automated-lsrules-update-$GITHUB_RUN_ID
           git checkout -b $branch
-          cd macos/little_snitch && python3 update_microsoft.py && cd ../..
+          cd macos/little_snitch
+          python3 update_crl.py
+          python3 update_icloud.py
+          python3 update_microsoft.py
+          cd ../..
           message='Automated lsrules update'
           # Add / update and commit
           git add macos/little_snitch/rules/*.lsrules
diff --git a/macos/little_snitch/icloud-storage-hosts.txt b/macos/little_snitch/icloud-storage-hosts.txt
@@ -0,0 +1,7 @@
+gcs-asia-00002.content-storage-download.googleapis.com
+gcs-asia-00002.content-storage-upload.googleapis.com
+gcs-eu-00002.content-storage-upload.googleapis.com
+gcs-us-00002.content-storage-download.googleapis.com
+gcs-us-00003.content-storage-download.googleapis.com
+eu-irl-00001.s3.dualstack.eu-west-1.amazonaws.com
+us-ore-00001.s3.dualstack.us-west-2.amazonaws.com
diff --git a/macos/little_snitch/update_icloud.py b/macos/little_snitch/update_icloud.py
@@ -0,0 +1,32 @@
+
+import json
+
+from helpers import create_rule
+
+lsrules = {
+    "name": "iCloud Storage",
+    "description": "Storage accounts for iCloud services",
+    "rules": []
+}
+
+processes = [
+    "identifier.APPLE/com.apple.cloudd",
+    "identifier.APPLE/com.apple.imtransferservices.IMTransferAgent",
+    "identifier.APPLE/com.apple.nsurlsessiond",
+]
+
+with open('icloud-storage-hosts.txt', 'r') as crlf:
+    icloud_storage_host = crlf.read().splitlines()
+
+for process in processes:
+    for protocol in ["tcp", "udp"]:
+        rule = create_rule(
+            process,
+            443,
+            protocol=protocol,
+            dest_host=icloud_storage_host,
+        )
+        lsrules['rules'].append(rule)
+
+with open("rules/icloud_storage.lsrules", "w") as of:
+    of.write(json.dumps(lsrules, indent=4))
