# usbauth(1) configuration — USB firewall against BadUSB attacks
#
# CAUTION: “Rules will checked top down.  A rule at top could be
#          overwritten by a rule at down.”  In other words, the last
#          rule which matched applies (not the first match found).

# Our local default is to deny access!
deny all

# LaCie Rugged USB3-FW
allow idVendor==0x059f idProduct==0x1061 serial=="0000000075686ff51019"
#WORKS - wrong serial, no access...
#allow idVendor==0x059f idProduct==0x1061 serial=="0999990075686ff51019"
#WORKS - rubbish syntax, no access (but no obvious error message in /var/log/syslog)...
#allow idVendor==0x059f idProduct==0x1061 foo=="bar"
#WORKS - no serial, access granted...
#allow idVendor==0x059f idProduct==0x1061

# example configuration file for usbauth
#allow all
#allow bDeviceClass==09 bInterfaceClass==09 # allow hubs
#deny bInterfaceClass==03 devcount > 2 #deny HIDs if more than 2 are connected