new upstream release (3.3.0); modify package compatibility for Stretch

[ossec-hids.git] / etc / rules / firewalld_rules.xml

diff --git a/etc/rules/firewalld_rules.xml b/etc/rules/firewalld_rules.xml
new file mode 100644 (file)
index 0000000..f60b1ed
--- /dev/null
+++ b/etc/rules/firewalld_rules.xml
@@ -0,0 +1,25 @@
+<group name="local,firewalld,">
+  <rule id="40900" level="0">
+    <program_name>^firewalld</program_name>
+    <description>firewalld grouping</description>
+  </rule>
+
+  <rule id="40901" level="1">
+    <if_sid>40900</if_sid>
+    <match> ERROR: </match>
+    <description>firewalld error</description>
+  </rule>
+
+  <rule id="40902" level="3">
+    <if_sid>40901</if_sid>
+    <match> No chain/target/match by that name.$</match>
+    <description>Incorrect chain/target/match.</description>
+  </rule>
+
+  <rule id="40903" level="2">
+    <if_sid>40901</if_sid>
+    <match> ZONE_ALREADY_SET$</match>
+    <description>firewalld: zone already set.</description>
+  </rule>
+</group>
+